A newly uncovered state-backed espionage group has compromised 70 organizations across 37 countries in a single year β€” and they were scanning infrastructure in 155 more. In this episode of Hacking News, we break down Palo Alto Unit 42's Shadow Campaigns investigation, a CVSS 9.9 pre-authentication RCE in BeyondTrust's remote access tools, a state-sponsored Signal phishing campaign targeting European politicians and military officials without using a single line of malware, CISA's aggressive new directive ordering federal agencies to rip out end-of-life edge devices, and an Everest ransomware claim against Iron Mountain that turned out to be far less than advertised.

Whether you're a cybersecurity professional, IT admin, or just someone who wants to stay informed about the threats facing our digital world β€” this episode has critical takeaways you can act on today.

πŸ”’ Key Topics Covered:
β€’ TGR-STA-1030 "Shadow Campaigns" β€” state-backed espionage across 37 countries
β€’ BeyondTrust CVE-2026-1731 β€” CVSS 9.9 pre-auth RCE in remote access tools
β€’ Signal Phishing Campaign β€” German BfV/BSI advisory on account hijacking
β€’ CISA BOD 26-02 β€” Binding directive to eliminate end-of-support edge devices
β€’ Iron Mountain / Everest Ransomware β€” 1.4TB breach claims vs. reality

⏱️ Timestamps:
0:00 β€” Cold Open: One group, 37 countries breached
1:10 β€” Forge OS Intro
1:14 β€” Welcome & CTA
1:38 β€” Shadow Campaigns: State-Backed Espionage at Unprecedented Scale
7:04 β€” BeyondTrust CVE-2026-1731: CVSS 9.9 Pre-Auth RCE
11:07 β€” Signal Phishing: Hijacking Accounts Without Malware
14:10 β€” CISA BOD 26-02: Rip Out Your End-of-Life Edge Devices
16:55 β€” Iron Mountain vs. Everest Ransomware: Claims vs. Reality
19:38 β€” Recap & Key Takeaways
21:40 β€” Outro

πŸ“Œ Resources & Sources:
β€’ Unit 42 Shadow Campaigns Report: https://unit42.paloaltonetworks.com/shadow-campaigns-uncovering-global-espionage/
β€’ BeyondTrust Security Advisory BT26-02: https://www.beyondtrust.com/trust-center/security-advisories/bt26-02
β€’ German BfV/BSI Signal Phishing Advisory: https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html
β€’ CISA BOD 26-02 Directive: https://www.cisa.gov/news-events/directives/bod-26-02-mitigating-risk-end-support-edge-devices
β€’ Iron Mountain / Everest Coverage: https://cybernews.com/security/iron-mountain-data-breach-claims/

🎧 Listen on Spotify & Apple Podcasts β€” search "Exploit Brokers by Forgebound Research" and hit follow!

πŸ’¬ Found this valuable? Share it with a coworker or friend who touches a computer.

β€”
Exploit Brokers by Forgebound Research
Host: Cipherceval
"Learn more about the threats we face and gain a bit more knowledge than yesterday."

Podden och tillhΓΆrande omslagsbild pΓ₯ den hΓ€r sidan tillhΓΆr Cipherceval. InnehΓ₯llet i podden Γ€r skapat av Cipherceval och inte av, eller tillsammans med, Poddtoppen.