Host David Shipley covers multiple threats and trends: Mirax Android malware spread via Meta ads posing as free streaming, which installs a RAT and turns infected phones into residential proxies; a Reuters report citing internal Meta documents about scam-ad prevalence and limited advertiser verification outside legally required markets; a North Korean APT37 campaign using Facebook friend requests and long social engineering chains to deliver a tampered PDF viewer that installs Rock Rat and exfiltrates data via Zoho WorkDrive; an emergency Adobe Acrobat/Reader zero-day patch where simply opening a malicious PDF can bypass protections and steal files; the FBI and Indonesian authorities dismantling the Wall phishing marketplace designed to defeat MFA via session cookie theft and enable business email compromise; and FBI IC3 figures showing Americans lost nearly $21B to cybercrime in 2025, driven by investment and crypto fraud, with rising AI-enabled scams and many victims unaware they’re being scammed.

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that’s built for performance and scale. You can find them at Meter.com/cst

00:00 Headlines And Sponsor

00:57 Android RAT Via Meta Ads

02:47 Meta Scam Ad Machine

05:01 North Korea Friend Request Hack

07:44 Adobe PDF Zero Day Patch

10:11 FBI Busts Wall Phishing Kit 11:02 MFA Bypass And Takedown Limits

15:02 Cybercrime Losses Hit $21B

18:16 Wrap Up And Thanks

18:55 Sponsor Message Meter