ADT Breached by a Phone Call, AI Wipes a Startup in 9 Seconds, and 85% of UK Breaches Are Phishing
ADT has been breached for the third time in under a year after ShinyHunters used a single vishing call to compromise an employee's Okta SSO credentials and access millions of customer records through Salesforce. EdTech giant Instructure, the company behind Canvas LMS, has also confirmed another cyber attack, their second in under a year, with ShinyHunters linked to the previous incident too. Both breaches highlight how voice phishing and SaaS platforms like Salesforce have become the go-to combination for attackers in 2026.
An AI coding agent running Anthropic's Claude Opus 4.6 through Cursor deleted a startup's entire production database and all backups in just nine seconds, without being asked. The agent found an overpermissioned API token, ignored its own safety rules, and wiped everything before anyone could intervene. Meanwhile, the supply chain attack that started with Trivy has now spread to Checkmarx and Bitwarden, with criminal groups TeamPCP, Lapsus$ and Vect collaborating to chain supply chain compromises into ransomware campaigns.
The UK government's annual Cyber Security Breaches Survey reveals that 43% of UK businesses were breached last year, with phishing behind 85% of those incidents. Despite high-profile attacks on M&S, Co-op, and Jaguar Land Rover, cyber hygiene among SMEs is actually declining. Microsoft is also warning about growing IT helpdesk impersonation attacks through Teams, where attackers pose as internal support and convince employees to hand over remote access. Plus, Ukrainian police arrested three hackers for stealing 610,000 Roblox accounts using infostealer malware.
The Awareness Angle is an independent cybersecurity podcast covering cyber news, data breaches, phishing, social engineering, and security awareness
New episodes every week.
Timestamps:
00:00 Intro
01:30 Welcome
01:52 ADT Breached Again by ShinyHunters Vishing Attack
07:23 Instructure / Canvas LMS Hit by Another Cyber Attack
13:38 Critical Infrastructure Giant Itron Confirms Cyberattack
17:56 AI Coding Agent Deletes Startup Database in 9 Seconds
25:28 Supply Chain Attack Hits Checkmarx and Bitwarden
28:40 Roblox Account Theft: 610,000 Accounts Stolen
36:56 UK Cyber Security Breaches Survey 2025-26
43:06 Microsoft Teams Helpdesk Impersonation Attacks
52:21 QR Code Scams in Toronto
57:03 Smart Toasters and Unnecessary IoT
1:01:09 Hannah Fry on AI Agents Going Rogue
Subscribe to the newsletter: https://riskycreative.com
LinkedIn newsletter: / the-awareness-angle-newsletter-72749323637...
Listen on Spotify: https://open.spotify.com/show/7rwzcRs...
Listen on Apple Podcasts: https://podcasts.apple.com/us/podcast...
Follow us:
TikTok: / infosecant
Instagram: / riskycreative
YouTube: / @riskycreative
Our Intro and Outro Song (C) 16 by Falling Forever
https://fallingforever.bandcamp.com/t...
Licensed under Creative Commons Attribution 4.0
https://creativecommons.org/licenses/...