Security Conversations
164
Security Conversations
05.16.2025 | 2:23''34'
A Coinbase breach with bribes, rogue contractors and a $20M ransom demand
About the episode
Three Buddy Problem – Episode 46: We dig into a Coinbase breach headlined by bribes, rogue contractors and a $20 million ransom demand. Plus, (another!) batch of Ivanti and Microsoft zero-days being exploited in the wild, a new 'Intrusion Logging' feature coming to Android, Apple's iOS 18.5 patches, and the EU announcing its own vulnerability database and software vendor secure-coding pledge.
Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.
Links:
- Transcript (unedited, AI-generated)
- Coinbase on $20m ransom demand
- SEC filing on Coinbase breach
- Coinbase Rogue Contractors Bribed to Leak Customer Data
- Ivanti 0day exploit chain (CVE-2025-4427 and CVE-2025-4428)
- Watchtowr blog on new Ivanti 0days
- CISA Known Exploited Vulnerabilities (KEV)
- ‘Advanced Protection’ comes to Android 16
- Europe launches it own vulnerability database