In April 2026, the cybersecurity landscape experienced a seismic shift as geopolitical tensions and industrialized fraud collided to create unprecedented enterprise risks. This episode dives into the most critical incidents of the month, including TeamPCP's cascading supply chain compromises, Iran-backed wiper attacks on corporate infrastructure, and the exploitation of third-party platforms by groups like ShinyHunters.

Join us as we unpack how these sophisticated threats are redefining the "new normal" for defenders and explore the massive global law enforcement operations fighting back.

Sponsors:

www.cisomarketplace.com

www.breached.company

Anthropic recently unveiled Claude Mythos, an unreleased frontier AI model with unprecedented cybersecurity capabilities that led the company to restrict its access exclusively to defensive partners via Project Glasswing. This revelation coincided with a chaotic week of accidental source code leaks and an unprecedented legal battle against the Pentagon, which blacklisted Anthropic as a "supply chain risk" over the company's refusal to drop safety guardrails. Together, these dramatic events have fueled a massive hype narrative ahead of Anthropic's planned October 2026 IPO, where the company is targeting a valuation of up to $500 billion.

https://podcast.cisomarketplace.com/e/the-mythos-dilemma-ai-zero-days-and-project-glasswing

https://cisomarketplace.com/blog/project-glasswing-claude-mythos-cybersecurity

https://cisomarketplace.com/blog/claude-mythos-leak-cybersecurity-stocks-crash-2026

Sponsors:

www.breached.company

www.compliancehub.wiki

In March 2026, a 40-minute supply chain attack on the open-source library LiteLLM allowed hackers to steal four terabytes of highly sensitive data from Mercor, a $10 billion AI training startup. The breach exposed a fragile trust infrastructure across the tech industry, revealing that LiteLLM's security certifications were fabricated by Delve Technologies, a compliance vendor that systematically rubber-stamped fake audits. As major AI labs like Meta indefinitely pause their contracts, Mercor now faces a wave of class-action lawsuits alleging that its mandatory, invasive contractor surveillance practices funneled unauthorized third-party trade secrets and personal data straight to cybercriminals.

https://compliancehub.wiki/mercor-litellm-delve-class-action-supply-chain-compliance-fraud/

https://compliancehub.wiki/five-lawsuits-mercor-data-breach-litigation-breakdown/

Sponsors

www.breached.company

www.compliancehub.wiki

Anthropic's latest frontier model, Claude Mythos Preview, has demonstrated an unprecedented ability to autonomously discover and exploit zero-day vulnerabilities in critical software. Recognizing the extreme dual-use risks of these capabilities falling into the wrong hands, Anthropic has made the unprecedented decision to withhold the model from general public release. Instead, the model is being deployed through Project Glasswing, a collaborative initiative with major tech industry partners aimed at using this powerful AI exclusively to secure the world's digital infrastructure.

https://cisomarketplace.com/blog/project-glasswing-claude-mythos-cybersecurity

https://cisomarketplace.com/blog/claude-mythos-leak-cybersecurity-stocks-crash-2026

https://www.anthropic.com/glasswing

Sponsors:

www.cisomarketplace.com

Dive into the nuances of California's new CCPA cybersecurity audit requirements and discover how they redefine the standard for "reasonable security". We explore how businesses can strategically leverage existing NIST, ISO, or CIS assessments as a foundation, while identifying the critical scope mismatches they must "top off" to ensure compliance. Tune in for a practical, four-step roadmap to navigate CalPrivacy's 18 evaluation components and prepare your organization's data protection strategy for the next wave of regulatory scrutiny.

Sponsors:

www.compliancehub.wiki

www.cisomarketplace.com

Explore the evolving landscape of youth digital protection across the European Union, where groundbreaking laws like the GDPR and the Digital Services Act (DSA) are being deployed to shield minors from data exploitation and harmful content. As emerging innovations like immersive virtual environments, neuromarketing, and AI-generated deepfakes introduce unprecedented risks to children's mental privacy and cognitive development, the battle for digital safety is becoming increasingly complex. Join us as we examine how local and regional authorities are stepping up to bridge the gap between high-level regulations and frontline realities, transforming overarching policies into tangible, community-based safeguards for families and schools.

Sponsors:

www.myprivacy.blog

www.compliancehub.wiki

This podcast dives into the current wave of Child Online Safety Legislation (COSL), such as the Kids Online Safety Act (KOSA), to unpack the political and societal forces driving these bipartisan bills. We critically examine the prevailing narrative that social media is the primary cause of the youth mental health crisis, exploring how "moral panics" over technology often ignore complex social realities. Furthermore, we discuss the potential unintended consequences of these legislative efforts, including severe threats to data privacy, free expression, and the well-being of marginalized youth through mandated age verification and expanded parental surveillance.

Sponsors:

www.myprivacy.blog

www.cisomarketplace.com