Insights from recent episode analysis
Audience Interest
Podcast Focus
Publishing Consistency
Platform Reach
Insights are generated by CastFox AI using publicly available data, episode content, and proprietary models.
Most discussed topics
Brands & references
Est. Listeners
Insufficient chart data. Estimates will improve as the show charts.
- Per-Episode Audience
Est. listeners per new episode within ~30 days
N/A🎙 ~2x weekly·208 episodes·Last published 2w ago - Monthly Reach
Unique listeners across all episodes (30 days)
N/A - Active Followers
Loyal subscribers who consistently listen
N/A
Market Insights
Platform Distribution
Reach across major podcast platforms, updated hourly
Total Followers
—
Total Plays
—
Total Reviews
—
* Data sourced directly from platform APIs and aggregated hourly across all major podcast directories.
On the show
From 10 epsHosts
Recent guests
Recent episodes
Megalodon Poisons Github
Jun 12, 2026
Unknown duration
The Canvas Breach
May 19, 2026
29m 31s
The Axios Supply Chain Attack
Apr 10, 2026
43m 11s
Salesforce Aura Data Theft
Mar 20, 2026
29m 55s
OpenClaw & Moltbook (w/ Moriah Hara!)
Feb 14, 2026
43m 17s
Social Links & Contact
Official channels & resources
Official Website
Login
RSS Feed
Login
| Date | Episode | Topics | Guests | Brands | Places | Keywords | Sponsor | Length | |
|---|---|---|---|---|---|---|---|---|---|
| 6/12/26 | Megalodon Poisons Github | The supply chain remains the weakest link. A new automated malware campaign dubbed “Megalodon” poisoned more than 5,500 GitHub repos in just six hours, quietly harvesting cloud credentials, tokens, and sensitive code from environments that implicitly trust what they pull. On this episode of State of Cybercrime, Matt and David break down how the attack scaled, the risks tied to compromised repositories, and what it means for downstream users. They will also examine the widely exploited PAN-OS GlobalProtect VPN bypass and a new AI-driven worm that dynamically selects its exploits. | — | ||||||
| 5/19/26 | The Canvas Breach✨ | cybersecuritydata breach+4 | — | InstructureCanvas LMS | — | Canvas breachShinyHunters+5 | — | 29m 31s | |
| 4/10/26 | The Axios Supply Chain Attack✨ | supply chain attackcybersecurity+4 | — | AxiosGoogle | North Korea | Axiossupply chain attack+5 | — | 43m 11s | |
| 3/20/26 | Salesforce Aura Data Theft✨ | data theftcybersecurity+4 | — | AuraInspectorSalesforce+3 | — | Salesforcedata theft+5 | — | 29m 55s | |
| 2/14/26 | OpenClaw & Moltbook (w/ Moriah Hara!)✨ | AI adoptionshadow IT+4 | Moriah Hara | OpenClawMoltbook+1 | — | OpenClawMoltbook+6 | — | 43m 17s | |
| 12/15/25 | The React2Shell Crisis✨ | cybersecurityzero-click RCE exploit+3 | — | CloudflareChina+1 | — | React2Shellzero-click exploit+6 | — | 22m 55s | |
| 11/24/25 | AI-Powered Espionage✨ | AI-driven espionagecybersecurity+4 | — | AnthropicCitrix+1 | China | AI espionagecybercrime+5 | — | 23m 54s | |
| 10/31/25 | Black Hat Cartels✨ | cybercrimecartels+4 | — | Lapsus$Scattered Spider+8 | — | cybercrimecartels+5 | — | 23m 12s | |
| 9/20/25 | Supply Chain Attacks✨ | Supply Chain AttacksNPM Compromise+3 | — | NPMcrypto | — | Supply Chain AttacksNPM+5 | — | 24m 16s | |
| 8/18/25 | ShinyHunters' CRM Heist✨ | cybercrimeSaaS vulnerabilities+3 | — | ShinyHuntersSalesforce+2 | — | ShinyHuntersSalesforce+5 | — | 26m 01s | |
Want analysis for the episodes below?Free for Pro Submit a request, we'll have your selected episodes analyzed within an hour. Free, at no cost to you, for Pro users. | |||||||||
| 7/25/25 | Salt Typhoon Returns✨ | cybercrimedata breaches+3 | — | National GuardVisat | — | Salt Typhooncybercrime+3 | — | 19m 14s | |
| 6/18/25 | Copilot's Zero-Click Vulnerability | In this episode, Matt and David explore a recently patched Copilot vulnerability that allowed attackers to craft emails that prompted Copilot to send sensitive information to an attacker's server. This prompt injection attack begs the question: What other vulnerabilities will AI bring to data? They also follow up with Scattered Spider & Dragonforce's continued assault on UK Retail and how their tactics are beginning to spread to insurance organizations. | — | ||||||
| 5/21/25 | UK Retail Under Siege | Several high-profile UK retailers have suffered serious cyberattacks that have disrupted operations for weeks and, in some cases, exposed sensitive customer data. The social engineering techniques used in the attack align with the notorious Scattered Spider group, but a new ransomware group named Dragonforce has claimed responsibility. Matt and David delve into the details of these attacks, what we know about these cybercriminal groups, and whether they are affiliated. They also cover the Coinbase breach — a calculated, high-stakes extortion scheme where hackers bribed overseas contractors to steal sensitive user data and demand a $20 million ransom. Watch now! | — | ||||||
| 4/19/25 | The Oracle Breach Debate | 📌 We apologize for the technical issues experienced while filming this episode. Now onto the episode details: Oracle recently faced a major security scare after a hacker claimed to have stolen 6 million data records — a breach that has everyone talking. After initially denying the breach, Oracle is now saying their Oracle Cloud Infrastructure has not been compromised, but the exposed data came from old legacy servers. Join Matt and David, along with special guest Joseph Avanzato from Varonis Threat Labs, as they explore the hacker's claims, Oracle's response, and the broader lessons about cloud security and incident management.As always, our hosts will update you on the latest cybersecurity news and share tips on protecting your digital assets. | — | ||||||
| 3/14/25 | $1.5B ByBit Crypto Heist | The Bybit crypto exchange was hacked for a record-breaking $1.5 billion theft of Ether cryptocurrency – perhaps the largest scale theft of all time. The FBI has linked the attack to TraderTraitor, a sub-cluster of the Lazarus Group, who leveraged a compromised machine of Safe{Wallet} to execute a supply chain attack on the Bybit platform. Matt and David review how this attack unfolded, and share updates on DeepSeek AI and Salt Typhoon. Listen now! | — | ||||||
| 2/4/25 | DeepSeek Disruption | DeepSeek, the Chinese AI startup dominating news feeds, has experienced exponential growth while wiping almost $1 trillion off the U.S. stock market. However, the model's rise has now been overshadowed by a surge of malicious attacks. On this special episode of State of Cybercrime, Matt and David explore the rise of this innovative AI tool, the subsequent attacks, and the potential vulnerabilities of the AI model. DeepSeek won’t be the last shadow AI app you have to worry about. So what steps can you take to ensure you can discover and stop shadow AI apps from inhaling your corporate secrets? Read our latest blog for more insights and immediate actions you can take to protect your organization from shadow AI. 📌 DeepSeek Discovery: How to Find and Stop Shadow AI: https://www.varonis.com/blog/deepseek | — | ||||||
| 1/15/25 | U.S. Treasury Breach | On this episode of State of Cybercrime, Matt and David cover the most recent Chinese state-sponsored APT attack by Silk Typhoon on the U.S. Treasury Department. They discuss how the attackers used a remote support tool to enable unauthorized access to Treasury workstations and unclassified documents. They also dive into some of the most pressing cybersecurity news and recent breaches you should know about. | — | ||||||
| 12/14/24 | Salt Typhoon Telecom Attack | In this episode, Matt and David delve into the evolving story of Salt Typhoon, a Chinese state-sponsored group, and their use of the innovative 'GhostSpider' backdoor to infiltrate telecommunication service providers. This sophisticated and far-reaching cyberattack, which is much larger than previously understood, has compromised sensitive cellular logs and data from government entities, telecom providers, and millions of Americans. Don’t miss this opportunity to stay informed and keep your organization safe! More from Varonis ⬇️ Visit our website: https://www.varonis.com LinkedIn: https://www.linkedin.com/company/varonis X/Twitter: https://twitter.com/varonis Instagram: https://www.instagram.com/varonislife/ #Cybercrime #Podcast #Cybersecurity | — | ||||||
| 11/25/24 | Midnight Blizzard | Russia's APT29, a.k.a "Midnight Blizzard," is arguably one of the world's most notorious threat actors. You might recall their involvement in the 2019 SolarWinds attack where they operated under the alias "Cozy Bear." The group is back with more relentless attacks—breaching cloud credentials and targeting over 100 organizations worldwide. In this episode of State of Cybercrime, Matt and David dive into some of the hottest cybersecurity news and recent breaches, including Midnight Blizzard. Discover how these sophisticated attacks are happening and what you can do to stay a step ahead. | — | ||||||
| 10/16/24 | ChatGPT Memory Manipulation + Salt Typhoon | Hosts Matt Radolec and David Gibson explain how cybercriminals are manipulating AI models like ChatGPT to plant false memories and steal data, along with other cybercrime-related stories like Salt Typhoon. Salt Typhoon is a Chinese hacking group that has reportedly breached multiple key U.S. broadband providers, raising significant concerns about the security of sensitive communications data. The hackers may have had access to these networks for months, raising significant concerns about the security of sensitive communications data. More from Varonis ⬇️ Visit our website: https://www.varonis.com LinkedIn: https://www.linkedin.com/company/varonis X/Twitter: https://twitter.com/varonis Instagram: https://www.instagram.com/varonislife/ #Cybercrime #Podcast #DataSecurity | — | ||||||
| 9/17/24 | The Return of Lazarus | The North Korean Lazarus group is running multiple high-risk campaigns: one exploiting Windows and another installing malware through fraudulent blockchain job offers. State of Cybercrime hosts Matt Radolec and David Gibson discuss the various APT groups, including a prolific ransomware-as-a-service operation and a Chinese cyber espionage gang known as Volt Typhoon, and other vulnerable vulnerabilities in this episode, including: + Lazarus FudModule rootkit attacks and the concurrent Eager Crypto Beavers campaign + RansomHub attacks on Halliburton, Change Healthcare, and hundreds more + Large-scale extortion of AWS environments through exposed ENV files + Hundreds of exposed servers from Volt Typhoon’s ISP targeting + Payment gateway breach of over 1.7 million credit card owners | — | ||||||
| 8/16/24 | Proofpoint Spoofing | Matt Radolec and David Gibson discuss how an unknown attacker recently exploited a vulnerability in Proofpoint’s email routing system, allowing them to bypass security measures and send millions of spoofed emails on behalf of major companies. The co-hosts also cover: + The North Korean threat actor hired using AI + The biggest ransomware payment ever made + How X is training its Grok AI LLM with your posts + The EU’s groundbreaking AI act + How anyone can access deleted and private repositories on GitHub + Updates on AMD's silicon-level "SinkClose" processor flaw | — | ||||||
| 7/19/24 | The Lockbit Bluff | The LockBit ransomware group claimed to have attacked the U.S. Federal Reserve, stating they would leak 33 terabytes of its data. However, analysis revealed that the data released on their website actually came from a financial services company in Arkansas, not the Federal Reserve. | — | ||||||
| 6/14/24 | Snowflake Security Check | Snowflake, a cloud storage platform used by some of the largest companies in the world, is investigating a targeted attack on its users who lack multifactor authentication. Join Matt Radolec and David Gibson for an episode of State of Cybercrime in which we will discuss the increased attacks on Snowflake customers and share our five-point checklist for ensuring your cloud databases are properly configured and monitored. | — | ||||||
| 3/1/24 | Inside China's APT Network | A new data leak of more than 500 documents published to GitHub reveals the big business behind China’s state-sponsored hacking groups — from top-secret surveillance tools to details of offensive cyber ops carried out on behalf of the Chinese government. | — | ||||||
Showing 25 of 210
Pitch Fit is a Pro feature
See how bookable this show is for guests, which brands already advertise, the per-episode ad value, and the best-fit guest and sponsor profile. The numbers are blurred on the free plan.
How readily this show books outside guests like you.
How proven this show is for host-read sponsorships.
For Guests
ProFor Advertisers
ProUpgrade to Pro to unlock guest cadence, sponsor categories, fit scores, and per-episode ad value for this show.