Please enjoy our latest podcast, the weekly Security Sprint, on Spotify, Apple, as well as other locations accessible via the Spotify for Podcasters link or wherever you listen to your favorite podcasts.
This week’s Security Sprint, Dave and Andy discussed:
Opening:
- 27th Annual TribalNet Conference & Tradeshow, 20 – 24 Sep, Dallas, TX
- 02 Jun! WaterISAC H2OSecCon (Virtual Conference)
Main Topics:
Exploitation! and the KEV!
- CISA Adds One Known Exploited Vulnerability to Catalog – CVE-2026-9082 Drupal Core SQL Injection Vulnerability
- Drupal security advisory (AV26-492) – Update 2 – Canadian Centre for Cyber Security
- CISA orders feds to patch actively exploited Drupal vulnerability – BleepingComputer
- CISA Adds One Known Exploited Vulnerability to Catalog – CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
- CISA gives feds 4 days to patch actively exploited cPanel plugin flaw – BleepingComputer
- CISA Adds One Known Exploited Vulnerability to Catalog – CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
- Palo Alto Networks Security Advisory AV26-462 — Canadian Centre for Cyber Security
- ETR: Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability CVE-2026-0257 — Rapid7
Ransomware & Data Breaches:
- The Cyber Extortion Economy – Palo Alto Networks Unit 42 – 28 May 2026 “As recently noted by our Chief Security Intelligence Officer, Wendi Whitmore, it only took 39 seconds for threat actors to move from initial access to data exfiltration in one case.”
- Stay Ahead of Ransomware: What 2026 Threat Reports Are Telling Us — SANS Institute — 01 Jun 2026
- Charter Communications Data Breach Could Impact Nearly 5 Million
- How St. Paul, Minn., Recovered From a Ransomware Attack
- FBI FLASH – Silent Ransom Group Impersonating IT Personnel through Social Engineering – FBI IC3 & FBI warns of in-person data theft attacks from extortion gang
- Charter confirms data breach after ShinyHunters extortion threat
- The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
- The Gentlemen Ransomware Group Is Scaling Faster Than Any Other Group on Record
- The Gentlemen (Ransomware) in Disguise: Defense Evasion and other TTPs
World Cup:
- FBI PSA – Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup – FBI IC3
- FAA Establishes No Drone Zones for FIFA World Cup 2026 Stadiums, Fan Events and Base Camps — FAA
- Column: Empower Emergency Managers for Major Events
- Ebola concerns grow ahead of World Cup — The Hill
Quick Hits:
- The Future of AI Risk: Predictions for 2027 and Beyond – Gate 15 – 26 May 2026
- Top 10 Artificial Intelligence Security Actions Primer — Canadian Centre for Cyber Security
- Mythos Exposes a Bigger Problem in Critical Infrastructure Cyber Defense – HSToday
- NSA Launches Zero Trust Implementation Guidelines Resource Webpage — National Security Agency
- Designing secure access with ZTNA – National Cyber Security Centre
- The 2026 U.S. Midterms Have a Cyber Problem, But It’s Not at the Ballot Box — Check Point & Hackers are already laying groundwork to disrupt 2026 midterms, research says — Nextgov
- ‘Holding our breath’: Hurricane season is here, and FEMA is shorthanded — Politico
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
- Venue Security, The IAVM Podcast Series was a 2024 limited series podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosted a series of short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
- The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Bluesky, LinkedIn, via email at Gate15@gate15.global.