You are tuned in to The Awareness Angle, the weekly show where we cut through the cyber noise and get straight to the scams, slip ups, and stories that actually matter.

In this episode, Ant and Luke dig into a fresh batch of breaches, some worrying policy decisions, and a few very human stories from inside the cyber world. From councils leaking resident data, to VPNs quietly opening the door to ransomware, to AI powered scams on your favourite apps, this one is packed.

In this episode

• Global breach round up
  Hyundai AutoEver America, Nikkei’s Slack compromise, and South Gloucestershire Council accidentally publishing residents’ personal data. What happened, what was exposed, and what it says about everyday cyber hygiene.
• The Louvre robbery and terrible passwords
  The reported CCTV password that matched the museum name, ignored audits, and what happens when reputation gives people a false sense of security.
• Australia’s social media ban for under 16s
  Reddit and others join the list. Safety, surveillance, and whether bans really help children, or just push them into darker corners of the internet.
• FCC rolls back telecom cyber rules
  Why stripping mandatory requirements after major hacks is a bad look, and what it tells us about politics and security.
• Apple’s monster patch day
  More than 100 vulnerabilities fixed across iOS, macOS, iPadOS and more, but very little clarity on severity. Patch fatigue, transparency, and WebKit as the quiet weak point.
• Firewalls, VPNs, and hidden complexity
  New data that links complex Cisco and Citrix VPN setups to a much higher ransomware risk, and why “do everything” security boxes often end up poorly maintained.
• Microsoft Teams message manipulation
  Flaws that allowed attackers to alter messages, spoof identities, and fake calls. What this means for trust in internal chat tools and executive impersonation.
• M&S profits almost wiped out by a cyber attack
  A single incident that slashed profits by 99 percent, disrupted shelves and click and collect, and showed just how fast cyber risk becomes business risk.
• When the good guys go bad
  Two former cyber professionals accused of running ALPHV ransomware attacks on the side. Insider knowledge, trust, and the reality of cyber crime as a business.
• HuFiCon trip and human risk in the wild
  Ant’s debrief from the Human Firewall Conference in Cologne, why SoSafe impressed, and a few live examples of herd mentality and social proof you can use in your own awareness work.
• ChatGPT’s “improve the model for everyone” setting
  Why you should check that toggle if you are using personal accounts for work data, and why business or enterprise plans matter.
• Meta, scam ads, and shameless profit
  A look at reports that Meta is earning serious money from obviously fraudulent adverts, and what that means for ordinary users trying to stay safe.
• AI image fraud and DoorDash style scams
  Using AI tools to fake photos for refund claims and how app design could shut some of this down.
• ClickFix in the wild
  A real world example of the copy and paste into the run box attack, why it works, and the simple message you need people to remember.
• Recruitment rants and candidate experience
  Ghosting, broken promises, and what sloppy hiring processes say about culture inside security teams.

Listen for

• Real stories you can reuse in your own awareness or training sessions.
• Plain language explanations of complex attacks, from VPN misuse to Teams abuse.
• Honest chat about what is and is not working in the world of human risk.

Stay connected

• Subscribe to The Awareness Angle Newsletter for story links and extra commentary.
• Watch full episodes and clips on YouTube, search for Risky Creative or The Awareness Angle.

New episodes every week. Views are our own, not our employers.