FFmpeg's 21 zero-days, Ruby cooldown feature, Microsoft disrupted by Shai-Hulud worm & Meta AI tool compromise / Intel Chat [#331]

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• DepthFirst reported that it's autonomous security agent discovered 21 previously unknown vulnerabilities in FFmpeg, a widely deployed multimedia framework used across browsers, streaming infrastructure, and other systems that process media.
• Bundler, 4.0.13 introduces a new security feature called cooldown, aimed at reducing the impact of software supply chain attacks in the Ruby ecosystem.
• A new variant of the Shai-Hulud supply chain worm, known as Miasma, briefly disrupted Microsoft's software development ecosystem after compromising dozens of GitHub repositories.
• Meta says approximately 20,000 Instagram accounts may have been compromised through the abuse of an AI powered account recovery support system.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.