< Back
Episode #
9

JWT Cracks, South American Telecom Breaches, and the Kinetic-Cyber Nexus in Iran

This week, the Dragon News Bytes team dives into a critical series of high-impact vulnerabilities and escalating geopolitical tensions. We start with a deep dive into the latest wave of JWT authentication bypasses before moving to the "Famous Sparrow" APT targeting South American telecommunications. The episode concludes with a sobering look at how Iranian cyber operations are morphing into kinetic strikes against regional infrastructure.

Topics & References:

  • Part 1: The JWT "Golden Key" Vulnerability
    • The team discusses a series of critical vulnerabilities in JSON Web Tokens (JWT) where public keys intended for encryption are being misused to gain full administrative access.
    • Will Baxter highlights the persistence of these flaws since early 2025, culminating in a CVSS 10.0 "open access" scenario.
  • Part 2: “Famous Sparrow” Operating in South America
    • Will Thomas breaks down a new Cisco Talos report on the likely China-nexus threat actor group "Famous Sparrow".
    • The group is targeting South American ISPs and telcos and is typically viewed as an initial access broker for China-nexus APTs.
  • Part 3: The Kinetic Reality of Iranian Cyber Ops
    • Eli Woodward discusses how Iran is launching purposeful kinetic strikes against AWS data centers in Bahrain and the UAE.
    • This shows Iran is considering commercial facilities as legitimate military targets, with a focus on key infrastructure across the region.

Events & Community:

Connect with Us:

Disclaimer: The views expressed in this podcast are those of the hosts and do not necessarily reflect the official policy or position of our employers.