Palo Alto network edge device backdoor, Cyberhaven browser extension hack, 2024 research highlights

Three Buddy Problem - Episode 27: We discuss the discovery of a Palo Alto network firewall attack and a stealthy network ed ge device backdoor (LITTLELAMB.WOOLTEA), the Cyberhaven hack and the shady world of browser extensions, and a look back at the top research projects that caught our attention in 2025. Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)LITTLELAMB.WOOLTEA: Stealthy Network Edge Device Backdoor Palo Alto: Operation Lunar PeekInvestigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts“A Digital Prison”: Surveillance and the suppression of civil society in SerbiaCyberhaven breach reported. Employee phished and pushed malicious chrome extensionGRU 29155 doing cyber operationsHow a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-DaysOperation MiddleFloor: Unmasking the Disinformation Campaign Targeting Moldova's National ElectionsNSPX30: A sophisticated AitM-enabled implant evolving since 2005backdoor in upstream xz/liblzma leading to ssh server compromisePKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI EcosystemThe Tech Coup - How to Save Democracy from Silicon Valley

Om Podcasten

The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).