Podcasts about Attackers

A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Steam comments. Researchers spot AI-assisted malware development. Attackers compromise Red Hat's npm namespace. DriveSurge spreads malware through ClickFix and fake updates. FreePBX patches a critical flaw. And Dashlane responds to a brute-force attack. Our guest is ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on digital health platforms. Meta's AI support bot proves a bit too eager to help. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Maria Varmazis speaks with ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on privacy, security, and trust in digital health platforms, especially in sensitive areas like women's health. This interview is part of our partnership with Infosecurity Europe. Selected Reading Inspector general finds NIST mistakes have made vulnerability database ineffective (The Record) Google fixes one actively exploited Android zero-day, 124 flaws (Bleeping Computer) Uncovering Webloc: An Analysis of Penlink's Ad-based Geolocation Surveillance Tech (The Citizen Lab) GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure (Security Affairs) Threat Actor Uses AI to Build EDR Evasion Tools (Infosecurity Magazine) Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets (Infosecurity Magazine) Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks (Bleeping Computer) Critical Hard-Coded Credentials Vulnerability in FreePBX User Control Panel (Beyond Machines) Dashlane password manager users locked out by brute force attacks (Bleeping Computer) Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The FBI warns attackers are abusing Microsoft OAuth authentication. India pushes faster patching as AI speeds up cyberattacks. Iranian hackers blend phishing with SEO poisoning. Anthropic's AI finds thousands of open source flaws, while AI also reshapes bug bounties and fuels supply-chain attacks hitting thousands of GitHub repos. Plus, a new LMS zero-day, bulletproof hosting arrests in the Netherlands, FTC action over bogus “active listening” claims, and another busy week for cyber funding and M&A. Our guest is Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation.” Please disregard all searches for disregard. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation." Selected Reading FBI warns of Kali365 phishing service targeting Microsoft 365 accounts (Bleeping Computer) India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws (Infosecurity Magazine) Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign (Infosecurity Magazine) Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects (SecurityWeek)  HackerOne takes an axe to its bug bounty rewards (The Register) Automated 'Megalodon' Campaign Spreads GitHub Repo Backdoors (GovInfo Security) Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment (SecurityWeek) Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands (SecurityWeek) FTC to Require Cox Media Group, Two Other Firms to Pay Nearly $1 Million to Settle Charges They Deceived Customers About “Active Listening” AI-Powered Marketing Service (Federal Trade Commission) Socket raises $60 million in Series C funding. (N2K Pro Business Briefing) You can no longer Google the word 'disregard' (TechCrunch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome back Attackers! For this month's Bear Attack Radio Panda Bear and El Chupacabra tackle some Deathcore.You can listen to the playlist on Spotify: https://open.spotify.com/playlist/0YVaIbfs7O4BOwHeqwbvzf?si=SYhKybtXRWmiVg946uwEdQAs always, spread the word and subscribe!

A bi-weekly news show informing you on the latest in Bitcoin, privacy and open source tech hosted by Ungovernables, Max and Q. AOBAll aboard the vibe trainFTF with Max TQ got some holidays coming upKeonne appealNEWSBisq v1 trade protocol exploit: 11.59 BTC drained, fully reimbursed, hardening shipped in 1.10.0 (bisq.community PSA, Bisq on X, reimbursement plan on GitHub)Disclosed: 2026-05-01Bisq's v1 trade protocol had a missing validation check on taker-side input. Because maker and taker were supposed to use the same miner fee, a malicious taker could push a bad fee value through the transaction math and shrink the multisig output to 0.001 BTC while sweeping the rest into the taker's change. Attacker drained 11.59 BTC from 10 users, all on altcoin trades. Maintainer Henrik Jannsen filed a reimbursement plan on GitHub on May 3, payouts in BTC (with BSQ as optional), DAO vote scheduled around May 25. The hotfix landed as Bisq 1.10.0 on 2026-05-16 with broader hardening: trade protocol checks, network message validation, release verification, supply-chain hardening. The Bisq team explicitly flagged the incident as a likely AI-assisted exploit, though they did not detail how AI was used.Sterlingov Appeal: The Criminalization of Privacy (therage.co)Published: 2026-05-12The appellate court reviewing Roman Sterlingov's Bitcoin Fog conviction openly suggested that mixers remain "legal in theory but not practice" once criminals use them. Judges questioned whether running an internationally accessible service forces compliance with every jurisdiction's licensing regime.Pro-law-enforcement CLARITY Act advances out of Senate Banking (therage.co)Published: 2026-05-15The Digital Asset Market Clarity Act passed committee with expanded surveillance provisions: Bank Secrecy Act integration sixteen times over, new PATRIOT Act special measures. Privacy advocates flagged the breadth of data collection on Americans who haven't done anything.CVE-2024-52911 disclosed in Bitcoin Optech #405, fix has been in Bitcoin Core 29.0+ since release (https://bitcoinops.org/en/newsletters/2026/05/15/)Published: 2026-05-05Use-after-free in parallel script validation between Bitcoin Core 0.14.0 and 28.x. Required attacker-supplied proof-of-work, so practical attack window was narrow, but the bug sat unannounced across many versions.Bitcoin Knots 29.3 enables BIP-110, fork-off countdown started (release notes) + Lopp's countdownPublished: 2026-05-09 (release)Knots 29.3 ships RDTS soft-fork enforcement on by default. Nodes running Knots with this flag set will fork off the network in August unless they change behaviour. Lopp set up a countdown.Bybit exploit post-mortem (Blockstream): enterprise multisig + hardware wallets did not save them (blog.blockstream.com)Published: 2026-05 (week of 5-12)$1.5B drained despite multisig and hardware. Failure was process, not key custody, a UI / signing-flow compromise.Poland passes EU MiCA-aligned crypto bill while Zondacrypto fraud probe deepens (bitcoinmagazine.com)Published: 2026-05-15Polish lawmakers ratified the MiCA framework ahead of the July EU deadline. The vote landed alongside an investigation into Zondacrypto's collapse, roughly $96M of user losses, with Prime Minister Tusk floating possible foreign-influence angles.Claude helps retrieve lost 5BTCX user 'CPRKRN' has Claude check over whole file system and match a wallet file to an old passwordSpiral and Block ship Loupe, an AI-powered vulnerability scanner for open-source Bitcoin (spiralbtc.substack.com)Published: 2026-05-12Uses LLMS to surface security weaknesses in code repositories and requires demonstrable test cases for any vulnerability report so false positives are minimised. Spiral and Block are funding scans themselves; reports go to maintainers confidentially before any public disclosure.RELEASESBitcoin Core 31.0 (release index entry) — 2026-05-12Operator review required before production rollout. Major version landing.Bitcoin Knots v29.3.knots20260508 — 2026-05-09RDTS soft-fork enforcement on by default, fork-off risk in August. New configuration changes, bug fixes.Core Lightning v26.06rc1 — 2026-05-12Adds graceful command for clean shutdown, new sendamount RPC, BOLT12 payer-proof support, plus 211 commits since v26.04.Bitkey App 2026.9.1 — 2026-05-15Security patch from Block.Trezor Suite v26.5.1 — 2026-05-15Legacy labeling migration, WalletConnect insufficient-balance warnings, side-by-side trade comparisons, new DeFi Tokens section.BitBoxApp v4.51.0 — 2026-05-12Bundles BitBox02 firmware v9.26.1, address formatting in 4-char groups, iOS haptic feedback on charts, account-summary perf.Ledger Live Desktop 4.4.0 — 2026-05-13Hardens Live App handling of external-protocol URLs (itms-apps:, ms-word:, file:, etc.) across Chromium navigation vectors.Ledger Live Mobile 4.4.0 — 2026-05-13Adds an addresses section to asset detail screens, device-card management menus with removal confirmations.Bull Bitcoin Mobile v6.10.1 — 2026-05-18Onboarding redirect fix on wallet creation failure.Bull Bitcoin Mobile v6.10.0 — 2026-05-11Major release: Ledger hardware-wallet integration, FSS hybrid storage strategy, real-time WebSocket notifications, new onboarding wizard, Payjoin privacy enhancements, 11 new translations.Bull Bitcoin Mobile v6.9.101-Internal-Release (display name v6.9.108-Internal) — 2026-05-09Pre-6.10.0 testing build, Android migration / startup wizard / secure storage fixes.Bitcoin Safe 2.0.0rc0 — 2026-05-17Comprehensive redesign of the wallet setup wizard, added support for Coldcard mk5 and Trezor 7, plugin architecture via external repos, fiat-balance category column.Sparrow Frigate 1.5.0 — 2026-05-14Low-latency mempool ingestion via Bitcoin Core's ZMQ sequence publisher, auto-discovers the bitcoind ZMQ endpoint when unconfigured. Useful for operators running Sparrow Frigate alongside Core.Blockstream Green iOS release_5.4.0 — 2026-05-11Aggregate fiat balance across all wallet assets, updated Send flow for Lightning, migrates Lightning backend from Breez to Greenlight (Blockstream's own LSP).Blockstream Green Android release_5.4.0 — 2026-05-08Same redesign as iOS: aggregate fiat balance, redesigned Send flow (recipient → asset → account), transaction pagination, also the Breez-to-Greenlight migration.Blockstream Green Desktop 3.3.0 — 2026-05-06Total fiat balance in wallet header, AMP ID exposed in settings, GDK 0.77.3, Qt 6.11.0, Wayland fixes.Peach Bitcoin 0.69.0 (build 346) — 2026-05-06Signature validation for backed-up payment details, encrypts custom refund addresses, removes invalid backed-up data.Peach Bitcoin 0.69.0 (build 345) — 2026-05-05Percentage filtering on offers, encrypted server backup syncing for payment methods, advanced offer-creation options, GrapheneOS camera-permission fix, Buy Offer creation restricted to experienced users.ZEUS v13.0.2-rc3 — 2026-05-18Third RC for 13.0.2. New RGS server at rgs.zeusln.com providing graph updates every 15 minutes instead of every three hours. Clipboard and NFC UX improvements.ZEUS v13.0.1 — 2026-05-07Stable release: fixes recovering Embedded LND wallets from seed (was stalling out), payment retry logic, false-positive offline detection. Cashu token sweeping to self-custody continues to land.Alby Hub v1.22.2 "Marc Horowitz" — 2026-05-11Adds Core Lightning support (their most-requested feature), new AI & Agents page, integrated on-chain wallet mode, custom transaction labels, redesigned settings, improved budget selection for app connections.Boltz Backend 3.13.0 — 2026-05-08Full Arkade swap support, EVM commitment-swap lockup flow, multi-LND support in backend and sidecar.Boltz Client 2.12.0 — 2026-05-12Final removal of the GDK wallet library.Arkade arkd v0.9.5 — 2026-05-11Client-lib wallet interface updates, breaking-changes documentation, single-key wallet signing fixes.Arkade TS SDK v0.4.25 — 2026-05-07Maintenance bump for the Arkade JavaScript SDK.NodeGuard 0.24.2 — 2026-05-14Fixes invoice-expiry calculation in rebalance flows. Check logs if rebalance operations have been timing out.ThunderHub v0.18.3 — 2026-05-15Bug-fix release in the 0.18.x line. (Subsequent 0.18.1-0.18.3 are CI/docker polish after the headline 0.18.0.)ThunderHub v0.18.0 — 2026-05-05Adds Taproot Assets support to the dashboard. The actual show story for ThunderHub this fortnight.Blink Mobile 2.4.44 — 2026-05-06Upgrades protobufjs (CVE-2026-41242 mitigation). Security patch.Fedimint SDK canary release — 2026-05-14React Native transport fix, persistent callback, RPC payload flattening. Canary channel.umbrelOS 1.7.3 — 2026-05-12DirtyFrag security patches: CVE-2026-43284 + CVE-2026-43500 in the Linux kernel. Mandatory.umbrelOS 1.7.2 — 2026-05-05CopyFail patch: CVE-2026-31431 in the Linux kernel. Mandatory.Tails 7.7.3 — 2026-05-12Emergency release: critical Linux kernel CVE fix (kernel 6.12.86 ships the Dirty Frag fix), plus Tor Browser and Tor client security fixes.Whirlpool Observer…

Just like in Buffalo, the deadly shooting at a mosque in San Diego was streamed by the attackers. What can be done to stop this from happening again? Rich Frankel, former Special Agent in Charge of FBI in New York gives his thoughts.

Greg Murphy of Vectra AI explains why no single security tool is enough in 2026, and how AI is transforming overwhelmed security teams into lean, highly responsive defense operations.Topics Include:Vectra AI helps enterprises detect and respond to cyberattacks before they become breaches.CISOs face millions of alerts monthly with dangerously understaffed security teams.Vectra pioneered AI-driven triage to prioritize only the most critical threats.The result: analysts act on two or three alerts, not thousands.Generative AI is now actively being weaponized by sophisticated bad actors.The first fully AI-orchestrated cyberattack by a nation state has already happened.Vectra and AWS Bedrock are building autonomous agents to fight back.Agentic AI can investigate thousands of incidents and surface only what matters.Over-reliance on single tools like EDR leaves dangerous gaps in defense.Modern attacks move fluidly across identity, network, and cloud environments simultaneously.AI stitches cross-surface signals together, revealing attacks hidden in isolated events.Best practice: assume breach, expand your network definition, and layer best-of-breed solutions.Participants:Greg Murphy – Chief Business Officer, Vectra AISee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Help Persecuted Christians TODAY: https://csi-usa.org/quickstart/ Christian Solidarity International On today's Quick Start podcast: NEWS: Two teens attack a San Diego mosque in what authorities are calling a possible anti-Muslim hate crime — and questions are already emerging about motive, media framing, and whether the response differs from past attacks on Christian schools. FOCUS STORY: Shannon Bream shares powerful lessons from biblical heroes, explains the role prayer plays in her daily life, and discusses why Scripture still resonates so deeply today. MAIN THING: An ancient coin older than Jesus — possibly featuring the oldest known image of the Jewish menorah — is fueling a modern debate over Israel's biblical and historical connection to the land. LAST THING: James 5 reminds believers of the power of confession and prayer: “The prayer of a righteous person has great power as it is working.” SHOW LINKS Radical Revelations with Raj Nair https://podcasts.apple.com/us/podcast/radical-revelations/id1888511250 Faith in Culture: https://cbn.com/news/faith-culture Heaven Meets Earth PODCAST: https://cbn.com/lp/heaven-meets-earth NEWSMAKERS POD: https://podcasts.apple.com/us/podcast/newsmakers/id1724061454

In this episode of Unspoken Security, host AJ Nash sits down with Dan O'Day, Senior Consulting Director at Unit 42 by Palo Alto Networks. Dan shares key findings from the 2026 Global Incident Response Report, built from over 750 real-world cyber incidents, covering four major threat trends reshaping the security landscape.Dan breaks down how AI is compressing attack timelines at a dramatic rate. The fastest incidents now move from access to full impact in just 72 minutes, down from 285 minutes the year prior. Attackers are no longer breaking in. They are logging in, using stolen credentials, tokens, and API keys to move laterally and avoid detection. Identity is now the dominant attack surface, playing a material role in nearly 90% of Unit 42's investigations.The conversation closes on a note of cautious optimism. Dan argues that over 90% of breaches stem from preventable gaps, meaning security is solvable. He outlines three priorities for defenders: empowering the SOC to act at machine speed, treating identity as the new perimeter, and securing the entire software supply chain from the first line of code to cloud runtime.Download the Unit 42 Global Incident Response Report 2026 here: https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?utm_source=linkedin&utm_medium=social&utm_campaign=na&utm_content=pa001134 Send us Fan MailSupport the show

Chris & Joe work their way through Albion's squad list and identify which players they would like to see stay, and which they think should move on.For more from Albion Analysis, follow us on X (@AlbionAnalysis). Hosted on Acast. See acast.com/privacy for more information.

Cyclist Dave joined Jacqui Felgate.See omnystudio.com/listener for privacy information.

AI is shifting the ground beneath us in many fields. When the ground shifts in the world of cyber security, Laura Galante is a great person to have on your side. Galante served as the U.S. government's Director of the Cyber Threat Intelligence Integration Center from 2022 to 2025. She has represented the cyber intelligence community in dozens of White House Situation Room meetings. I reached out to her soon after Anthropic announced that it had created a powerful new AI model, or bot – too powerful to release to the public – called Claude Mythos Preview. Anthropic says that its new bot discovered  vulnerabilities in every major computer operating system and web browser – vulnerabilities it was able to exploit. Which makes this an important time to speak with Laura Galante.

Oli and Nick rate each player from 1-10 for their performances across the full 25/26 season. The video has been split into two halves with this one being the second episode being midfielders, attackers and the manager, Chris Wilder. Hosted on Acast. See acast.com/privacy for more information.

Parliament in Israel passes a law to set up special military trials for Palestinians accused of taking part in the deadly Hamas-led attack in October 2023. The tribunal will be able to sentence those convicted to death. Also in this podcast: the European Union approves new sanctions against Israeli settlers accused of “supporting the extremist and violent colonisation of the West Bank". Ministers start to resign from Keir Starmer's government, as the embattled British prime minister fights to stay in office. The UN says more than 400 civilians have been killed in Afghanistan since a cross-border conflict with Pakistan broke out in October last year. A senator in the Philippines takes refuge inside parliament to avoid arrest over his alleged role in former President Rodrigo Duterte's war on drugs. President Emmanuel Macron co-hosts the "Africa Forward Summit" in Kenya, to try to reset France's relationship with the continent. And new research suggests participating in the arts slows the ageing process. The Global News Podcast brings you the breaking news you need to hear, as it happens. Listen for the latest headlines and current affairs from around the world. Politics, economics, climate, business, technology, health – we cover it all with expert analysis and insight.Get the news that matters, delivered twice a day on weekdays and daily at weekends, plus special bonus episodes reacting to urgent breaking stories. Follow or subscribe now and never miss a moment.Get in touch: globalpodcast@bbc.co.uk

The recent announcement of the capabilities of the Mythos AI model have raised many concerns about the cybersecurity implications of ever more powerful AI tools. Scott Crawford and Daniel Kennedy return to the podcast to debate the impact with host Eric Hanselman. Is this more marketing than real attack potential? It seems like the pace and scale of the discovery of new vulnerabilities could overwhelm traditional remediation and patching practices. Is this a reason to hold back the release of new AI models? If nothing else, these developments should serve as a wakeup call for enterprises to revamp the way in which they approach both their software supply chains and operational procedures. Increased speed and scale are necessary, but it's also critical to secure the source of patches and updates to counter attacker efforts to compromise them. Attackers have always been good at taking well intentioned improvements and weaponizing them. More S&P Global Content: Next in Tech | Ep. 259: The RSAC Conference – Agents on The Loose AI in action: unleashing agentic potential 2026 Trends in Information Security   For S&P Global subscribers: RSAC Conference 2026: Record turnout confronts both the promise and threat of agentic AI Information security budgets rise, but must address cloud security, AI governance – Highlights from… AI's impact in security and its application are not always aligned – Highlights from VotE: Informat…   Credits: Host/Author: Eric Hanselman Guests: Scott Crawford, Dan Kennedy Producer/Editor: Feranmi Adeoshun Published With Assistance From: Sophie Carr, Kyra Smith, Dylan Scheible  

The mastermind behind the pirate attacks in Lhou Mans has been named. According to Mira Bukowski of Vox Galactica, sources in the crime underworld have named the owner of the crossed axe symbol as "Lady Zi", a pirate admiral commanding a coalition fleet of many pirate factions all under a single command.

Honeypots and canary files are two of the most underused tools in cybersecurity — and in this episode, Dr. Mike Saylor and I break down exactly how they work and why you should be using them. The short version: they're tripwires. They tell you a bad guy is poking around your network before anything gets encrypted.Mike walks through his layered security analogy, explains the three different ways organizations use honeypots — learning attacker tactics, distraction, and testing — and then we get into canary files: what makes them different from a honeypot, how they beacon home when stolen, and why clock synchronization matters more than most people think if you ever want that evidence to hold up.We also cover how to stand one up without a big budget, what tools are available, and why something is absolutely better than nothing. Plus, Mike and I have news about our new O'Reilly book, Learning Ransomware Response and Recovery.0:00 - Intro and book news1:09 - Meet the crew3:45 - Security is all about layers9:22 - What are honeypots and canary files?11:00 - Three ways honeypots work for you13:17 - Real-world examples: bait cars and glitter bombs15:20 - Making your honeypot convincing19:11 - Honeypot tools and options21:13 - Something is better than nothing24:10 - Monitoring and notifications25:05 - Canary files explained27:03 - How canary files beacon and track attackers28:03 - Don't forget to sync your clocks29:05 - Final thoughts

World Password Day was on May 7th—but are we actually getting better at password security? In this episode, we discuss why compromised credentials are still behind the majority of breaches in 2026. From password reuse and phishing to infostealer malware and MFA bypass techniques, attackers are finding it easier than ever to log in instead of hack in. We also talk about whether passkeys can finally shift the landscape—and what organizations should be doing right now to reduce risk. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** Password Statistics 2026 – Trends, Facts & Data Insights https://www.privateproxyguide.com/password-statistics/ World Password Day 2026: Attackers simply log in https://www.organisator.ch/en/operational-excellence/2026-04-30/world-password-day-2026-angreifer-loggen-sich-einfach-ein/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel's membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT's amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Passwords Are Still Failing Us (World Password Day 2026) appeared first on Shared Security Podcast.

A little over two years ago, on April 15, 2024, David Sachs of Ottawa's Jewish Federation was leaving an interfaith iftar event near Parliament Hill. He was wearing a kippah. Outside the government building, anti-Israel protesters were waiting. In his victim impact statement earlier this week, Sachs told the court he feared for his life during those “absolutely horrific” moments when he was swarmed, hit on the head, screamed at with anti-Israel insults, then followed for four blocks as he tried to escape, all while a dangerously loud electronic whistle was blasted near his ears. Everyone in the crowd wore masks except well-known Ottawa protester Deana Sherif, who wore a keffiyeh and brandished the whistle. Ottawa police later arrested Sherif and charged her with eight offences, including resisting a police officer and two hate-motivated charges. Some stemmed from another confrontation that same day involving Conservative MP Brad Vis of British Columbia, who was trying to go the gym. Her trial ended in February. Sherif was convicted on two of the original charges. The Crown did not concentrate on the hate-motivated allegations at trial, even though the judge agreed some of the shouted insults were antisemitic, but found Sherif herself was not the person making them. On May 6, the judge sentenced her to the 17 months she had already spent in custody, plus one year probation, a peace bond, and a decade-long ban on using the loud whistle or possessing other weapons. On this episode of The CJN's “North Star” podcast, David Sachs explains why he believes the convictions were significant — but also why he feels the outcome fell short without hate-related findings. We also hear from University of Ottawa antisemitism adviser Jonathan Calof, who warns anti-Jewish hatred in Canada is no longer confined to street protests, but is becoming institutionalized. Related links How twice-convicted Ottawa protester Deana Sherif played a role in organizing and promoting the 2026 Al-Quds Day parade and rally in Toronto, in The CJN . Learn more about Prof. Jonathan Calof, the special advisor on antisemitism appointed by Ottawa University in early 2025, Read David Sachs' comments after an Ottawa man pleaded guilty in Feb. 2025 to sending hateful messages to local physician Dr. Nili Kaplan-Myrth in Feb. 2025, in The CJN. **** Credits Host and writer: Ellin Bessner ( @ebessner ) Production team: Zachary Kauffman (senior producer), Izzie Helenchilde (producer), Michael Fraiman (executive producer), Alicia Richler (editorial director) Music: Bret Higgins Support our show Subscribe to The CJN newsletter Donate to The CJN (+ get a charitable tax receipt) Subscribe to North Star (Not sure how? Click here ) Watch our podcasts on YouTube. Help others find this podcast by leaving us a review for “North Star” on Apple Podcasts via your iPhone or iPad device, or with your Android. (Spotify allows only starred ratings but you can do that, too!)

In this episode of Talos Takes, Amy Ciminnisi sits down with researcher Diana Brown to discuss the rise of "platform-as-a-proxy" (PAP) attacks. We explore how threat actors are weaponizing legitimate SaaS platforms like GitHub and Jira to deliver phishing campaigns that bypass traditional security filters. By leveraging the platforms' own infrastructure to send authenticated emails, attackers are exploiting the inherent trust employees place in these essential business tools. We break down the mechanics of these campaigns and provide actionable strategies for security teams to move beyond binary trust and implement contextual awareness to better protect their organizations.Blog: https://blog.talosintelligence.com/weaponizing-saas-notification-pipelines/

Aave liquidates attacker's rsETH positions. Centrifuge launches deSPXA on Base. And Ethereum validators consolidate 10 million ETH. Read more: https://ethdaily.io/941 ETH Daily sponsorships are now open. Reach over 10,000 Ethereum-native subscribers every weekday. Learn more at ethdaily.io/sponsor Disclaimer: Content is for informational purposes only, not endorsement or investment advice. The accuracy of information is not guaranteed.

CISA warns CopyFail is under active exploitation. Attackers compromise installers for a widely used disk imaging utility. MuddyWater masks cyberespionage as ransomware. Attackers spread malware through a fake OpenClaw plugin. Researchers ID a new Linux RAT. Vimeo blames a third party provider for a recent breach. Palo Alto's Captive Portal is under attack. The FTC settles with a data broker over location sharing. A former Conti gang member gets jail time. Our guest is Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI. Geotargeting turns creepy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI. Selected Reading Attackers are cashing in on fresh 'CopyFail' Linux flaw (The Register) Hackers compromise Daemon Tools in global supply-chain attack, researchers say (The Record) Iranian APT Intrusion Masquerades as Chaos Ransomware Attack (SecurityWeek) Malicious OpenClaw Skill Targets DeepSeek Agentic AI Workflows (Cyber Press) Sophisticated Quasar Linux RAT Targets Software Developers (SecurityWeek) ShinyHunters claims dump puts 119K Vimeo emails in the wild (The Register) Palo Alto Networks warns of firewall RCE zero-day exploited in attacks (Bleeping Computer) FTC bans data broker Kochava from selling sensitive location info (The Record) Conti, Akira Affiliate Sentenced to 102 Months in Prison for Ransomware and Extortion Operations Targeting over 50 Organizations (TechNadu) A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory (CyberScoop) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Got a question or comment? Message us here!Qilin ransomware is deploying a malicious DLL to disable EDR tools before encryption begins. In this #SOCBrief, we break down how the attack works, what to look for, and how defenders can respond. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Episode 290. This week, we assume nothing in our collection of stories...A flaw hiding in plain sight for nearly a decade has quietly turned every Linux system's most trusted layer into an open door.Attackers have discovered that the easiest way to install malware is to convince users the malware is the cure.A new phishing kit is lowering the barrier to industrial-scale credential theft to roughly the cost of a Netflix subscription. Ransomware didn't slow down in Q1 2026  it mutated, and the new strain doesn't even need encryption to extort you.Credit Union Loan Fraud The most methodical fraud playbook circulating underground right now doesn't involve a single line of malicious code.A teenager with a forum alias just handed a third of France's population an identity problem they didn't ask for.Six of the world's most serious cybersecurity agencies just issued a unified warning that most organizations deploying agentic AI are not ready for what they've built.A new paper argues that the discipline meant to stress-test AI safety has itself become the thing it was designed to find a vulnerability dressed up as a control.The arc runs from infrastructure to brand to process to institution to the security function itself. Each story is a different flavor of the same failure: someone trusted something they shouldn't have, or built a system that assumed others would.Let's go verify!Find the full transcript to this podcast here.

Ekots dagliga, längre sändningar med nyheter och fördjupning. Lyssna på alla avsnitt i Sveriges Radios app.

The Monday Microsegment for the week of May 4. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. Want access to the latest frontier AI models? Get on the invite list. Hackers are hijacking email accounts — I've got a bad feeling about this.  It's a trap! Attackers infiltrate popular software development environments. And John Kindervag joins us on Ask the Expert.  Head to The Zero Trust Hub: hub.illumio.com Get the Industry's First Vendor-Neutral Zero Trust Certification: https://www.illumio.com/zero-trust-certification 

Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malware and removed them from Windows systems, breaking trust chains and causing widespread application failures. The issue was traced to a faulty detection signature (Trojan:Win32/CertyAgent), now fixed in update version 1.449.430.0.  At the same time, DigiCert confirmed a separate security incident where attackers compromised support systems and used internal tools to issue valid code-signing certificates. At least 60 certificates were revoked, including 27 linked to the Zong Stealer malware campaign.  Meanwhile, a critical cPanel vulnerability (CVE-2026-41940) is being actively exploited. Attackers used the flaw as a zero-day since February, compromising at least 44,000 servers and deploying new SORI ransomware using ChaCha20 and RSA-2048 encryption.  Also in this episode: The Linux "Copyfail" privilege escalation bug is now confirmed exploited and added to CISA's Known Exploited Vulnerabilities list A 10/10 critical vulnerability (CVE-2026-37541) in Open Vehicle Monitoring System could allow remote code execution in connected car environments This episode breaks down how these attacks work, why patch timing matters, and where organizations are most exposed right now. Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security  Suggested Chapters (for retention and SEO) 00:00 Microsoft Defender deletes trusted certificates 02:20 DigiCert breach and stolen code-signing certificates 05:20 cPanel zero-day exploited, 44,000 servers compromised 08:40 Linux Copyfail vulnerability now actively exploited 10:40 Critical flaw in open-source car software  

Weer'd is back from vacation, so in light of the events of the past two weeks he decided to save the segments and have another ACP Round Table with Erin and David. The Gang  Discusses: The shooting at the White House Correspondents' dinner; the return of the firing squad as a method of capital punishment; how Jamea O'Keefe was subjected to Red Flag law abuse; a Maryland gun shop that was sued by the state for millions over selling "ghost guns"; a "mass shooting" in Mexico that took the life of a Canadian tourist; a "mass shooting" in a Louisiana mall that appears to be a teenage fight that went bad; an actual mass shooting in Louisiana that was domestic violence; Queensland, Australia recalling all of their Glocks for malfunctions; Tennessee trying to legalize lethal force in defense of property; and some teenagers who were planning a mass shooting on a synagogue in Texas. Did you know that we have a Patreon? Join now for the low, low cost of $4/month (that's $1/podcast) and you'll get to listen to our podcast on Friday instead of Mondays, as well as patron-only content like mag dump episodes, our hilarious blooper reels and film tracks. Show Notes: Gaki (folklore) Gaki (Erin's RPG version) Penanggallan 2026 White House Correspondents' Dinner shooting Attacker's Weapons UNBELIEVEABLE: CNN using assassination attempt to call for more gun control Justice Department advocates firing squads as a method of federal execution Government Overreach? O'Keefe Raided in Red Flag Law Drama Assorted Calibers Podcast Ep 122 Maryland Gun Dealer to Pay Baltimore $2 Million in 'Ghost Gun' Settlement Canadian tourist killed in mass shooting at Mexico's pyramids Teen arrested in shooting at Mall of Louisiana, police say; at least 1 killed, 5 injured Live updates: 8 children were killed in Louisiana mass shooting Queensland police recall 15,000 service-issued Glock handguns after discovery of fault causing multiple shots to fire Tennessee Legislation to Allow Deadly Force to Defend Property TN SB 1847 Two Arrested in Plot to Attack Houston Synagogue 18-Year-Old Plotted Mass-Casualty Synagogue Attack  

Attackers are now impersonating invitation services to trick people into clicking malicious links and sharing sensitive information. These phishing attempts look like legitimate event invites, making them especially effective. In this episode, we discuss how these scams work and what steps you can take to stay protected. Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com. ** Links mentioned on the show ** New Phishing Scam: Fake Invitations https://www.nytimes.com/2026/04/23/style/invitation-phishing-scam.html The ‘fake invite' scam that tricks you through people you trust https://www.consumeraffairs.com/news/the-fake-invite-scam-that-tricks-you-through-people-you-trust-042326.html BSides Jacksonville https://www.bsidesjax.org/ HackSpaceCon https://www.hackspacecon.com/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel's membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT's amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Fake Party Invites and the Rise of Social Phishing Attacks appeared first on Shared Security Podcast.

The Left is trying to distance themselves from Cole Tomas Allen, the failed White House Correspondents Dinner attacker, despite his manifesto echoing the same rhetoric that the mainstream Left has been promoting since Trump was elected. Kira Davis breaks down the Left's horseshoe into the conspiracy theorists they previously claimed to despise, analyzes the radicalization of Tinfoil Burrito Allen despite being a highly educated Caltech graduate, and exposes chilling new polling data that shows why “elite” graduates are increasingly supporting political violence. DOJ Civil Rights Coordinator Julie Hamill discusses the intense legal battles over Title IX and the Left's push to erase female athletics and spaces. CA State Controller candidate Herb Morgan explains why California's financial collapse is a warning sign for the rest of the country. Kira Davis is filling in for Dr. Drew. Kira is a conservative commentator and media personality. She is the host of the Just Kira Davis podcast. Follow at https://x.com/kiradavis Julie Hamill is an Assistant United States Attorney with the U.S. Attorney's Office for the Central District of California, where she serves as Civil Rights Coordinator. Prior to joining the Department of Justice, she founded the California Justice Center, a public interest law firm under the California Policy Center, where she defended the constitutional rights of Californians and worked on Title IX enforcement in athletics. Learn more at https://www.justice.gov/usao-cdca Herb Morgan is a candidate for California State Controller and a seasoned investment professional with nearly four decades of experience in financial markets. He founded Efficient Market Advisors (EMA), one of the nation's earliest ETF-based investment firms, which grew to manage $1.5 billion in assets before being acquired in 2017, where he now serves as Chief Investment Officer. He previously served on the San Diego City Employees' Retirement System (SDCERS) Board, elected Board Chair twice. Follow at https://x.com/Herb4Controller 「 SUPPORT OUR SPONSORS 」 • STRONG CELL – If you want to feel more like your younger self, go to https://strongcell.com/ and use code DREW for 20% off. ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠• FATTY15 – The future of essential fatty acids is here! Strengthen your cells against age-related breakdown with Fatty15. Get 15% off a 90-day Starter Kit Subscription at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://drdrew.com/fatty15⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ • PALEOVALLEY - "Paleovalley has a wide variety of extraordinary products that are both healthful and delicious,” says Dr. Drew. "I am a huge fan of this brand and know you'll love it too!” Get 15% off your first order at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://drdrew.com/paleovalley⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ • THE WELLNESS COMPANY - Counteract harmful spike proteins with TWC's Signature Series Spike Support Formula containing nattokinase and selenium. Learn more about TWC's supplements at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twc.health/drew⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ 「 ABOUT THE SHOW 」 This show is for entertainment and/or informational purposes only, and is not a substitute for medical advice, diagnosis, or treatment. Executive Producers • Kaleb Nation - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://kalebnation.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ • Susan Pinsky - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://x.com/firstladyoflove⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Content Producer • Emily Barsh - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://x.com/emilytvproducer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Hosted By • Dr. Drew Pinsky - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://x.com/drdrew⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

The Ethics of AI and the Catholic Church: Silicon Valley is increasingly consulting the Catholic Church to address complex AI ethics through the "Minerva Dialogues," a partnership that has lasted for over a decade. While tech companies seek to rehabilitate their reputations, the Church aims to insert theological and ethical considerations into a field often dominated by transhumanist views. The Rise of "Microlooting": A new trend reveals that some individuals feel morally justified in stealing small items from large corporations, viewing it as a form of "theft as justice". This mindset often stems from the belief that corporations are inherently oppressive and that the cost of stolen goods is already factored into their bottom lines.High IQ Political Attackers: Scott and Sean discuss a concerning emergence of highly intelligent individuals who use their intellectual capabilities to orchestrate sophisticated political attacks. Increasing Belief in the Afterlife: Recent data suggests that belief in the afterlife is on the rise in the United States, sparking a conversation on how this trend impacts modern culture and spirituality. Audience Question: Writing and Time Management: The hosts offer practical advice on how to balance creative pursuits like writing with the demands of a busy schedule, emphasizing discipline and priority-setting.Audience Question: Follow-up on Catholic Schools and LGBTQ Parents: Building on a previous episode's article, the hosts address a listener's follow-up question regarding the Colorado case where a Catholic school denied re-enrollment to children of a same-sex couple, the hosts discuss the importance of schools being clear about their mission and religious convictions while acknowledging the difficulty of the situation for the child.Humanization and Rights for AI: In a speculative look at the future, a listener asked whether AI models might eventually be "humanized" to the point of being granted legal or moral rights—a concept the hosts analyze through the lens of intrinsic human dignity and embodiment. ==========Think Biblically: Conversations on Faith and Culture is a podcast from Talbot School of Theology at Biola University, which offers degrees both online and on campus in Southern California.   Find all episodes of Think Biblically at: https://www.biola.edu/think-biblically.   To submit comments, ask questions, or make suggestions on issues you'd like us to cover or guests you'd like us to have on the podcast, email us at thinkbiblically@biola.edu.  

A Wall Street Journal analysis explores the rise of the “high‑IQ political attacker” critics who use intelligence, data, and rhetorical skill to aggressively target opponents. The piece argues this new style of attack is reshaping political debate, making conflicts sharper, more personal, and harder to deflect in the modern media environment. Roger Sweet, the toy designer best known as the creator of He‑Man and the Masters of the Universe, has died at 91, according to TMZ. Sweet’s work helped launch one of the most iconic franchises of the 1980s, shaping a generation of action figures, cartoons, and pop culture. Please Like, Comment and Follow 'Philip Teresi on KMJ' on all platforms: --- Philip Teresi on KMJ is available on the KMJNOW app, Apple Podcasts, Spotify, YouTube or wherever else you listen to podcasts. -- Philip Teresi on KMJ Weekdays 2-6 PM Pacific on News/Talk 580 AM & 105.9 FM KMJ | Website | Facebook | Instagram | X | Podcast | Amazon | - Everything KMJ KMJNOW App | Podcasts | Facebook | X | Instagram See omnystudio.com/listener for privacy information.

Attackers are increasingly weaponizing frontier models to accelerate the entire attack lifecycle, with current and emerging models reducing the time and expertise needed to start disruptive attacks. As offensive capabilities become more automated and agentic, organizations will need security programs that are equally autonomous, coordinated and continuous. But where do you start? Mark Hughes, Global Managing Partner, Cybersecurity Services at IBM, joins Business Security Weekly to discuss autonomous security, the next frontier of cybersecurity services. IBM recently announced IBM Autonomous Security, a separate service that uses AI agents to analyze software exposures and runtime environments. Mark will discuss the fears and hype of AI and how agentic AI agents can identify paths in an enterprise security environment that can be exploited, improve cyber hygiene, and enforce security policies. As frontier models, like Mythos, accelerate attacks, security programs need to respond with speed, at scale, to drive the right business outcomes. AI Agents for Vulnerability Management Introducing Quantro Security, Inc., a new agentic AI solution bringing AI agents to vulnerability management. The company is focused on applying agentic AI to help address modern security challenges. In this interview, we'll learn more about Quantro Security, Inc., its approach, and what this new solution means for the future of vulnerability management. This segment is sponsored by Quantro Security. Visit https://securityweekly.com/quantrorsac to learn more about them! The Guardrails are Gone: The Onus for AI Security Is On the Enterprise AI model providers are increasingly stepping back from enforcing guardrails, putting the responsibility for AI security squarely on enterprises. But most organizations don't yet have the visibility to meet that responsibility, facing a blind spot across the broader ecosystem of AI systems already operating in their environments. Closing that gap requires unified visibility across both AI systems and the cryptographic infrastructure they touch, so security teams can assess risk and act on it in one place. Visit https://securityweekly.com/sandboxaqrsac to discover how enterprises are taking control of their AI security with AQtive Guard AI-SPM by SandboxAQ. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-445

Cybersecurity is no longer just about keeping attackers out. It is about what happens when they get in.Andrew Rubin, CEO and founder of Illumio, joins The Tech Trek to talk about the speed of modern attacks, why AI changes the security equation, and how companies should think about breach containment, micro segmentation, and guardrails for agentic AI.This conversation gets into a practical shift every technology leader needs to understand. As companies move faster with AI, security teams are being asked to protect more systems, more users, more tools, and eventually more agents. The old idea of perfect prevention is not enough. The better question is how quickly teams can detect, contain, and reduce the impact when something goes wrong.Key Takeaways• Cybersecurity is moving at the speed of technology. As AI accelerates product, engineering, and operations, attackers and defenders are both moving faster.• Prevention alone is not a complete strategy. Andrew makes the case for breach containment, where the goal is to stop a bad event from becoming a catastrophic one.• AI gives both sides more leverage. Attackers can move faster with fewer constraints, while defenders can use AI to automate routine security work and improve response time.• Agentic AI will create a new security challenge. Companies need guardrails that let teams use AI at scale without creating uncontrolled risk.• Cyber budgets need to map to risk. The conversation should start with what risk is being reduced, not what a tool can do.Timestamped Highlights00:30 Andrew explains what Illumio does and why micro segmentation is really about breach containment.02:36 Why cyber attacks are accelerating because the rest of the technology world is accelerating too.04:35 Andrew challenges the idea that any security company can promise perfect protection.09:46 How agentic AI could help security teams automate mundane work and monitor continuously.13:28 Why cyber spending often gets misaligned when teams focus on tools instead of risk reduction.16:55 Where human judgment still matters in cybersecurity, especially during moments of crisis.20:10 Why large organizations are struggling to let employees use AI aggressively while still putting meaningful guardrails in place.23:46 The parallel between cloud adoption and AI adoption, and why retrofitting legacy systems is harder than building for AI from the start.A Line That Stuck“Cyber is a math problem. The attackers are going after us, the defenders are trying to prevent it or stop it once it happens, and it becomes a math equation at many levels.”Practical Moves For Tech Leaders• Treat AI as a security and operating model shift, not just another tool rollout.• Start security conversations with risk reduction before product capability.• Look for areas where AI can automate repetitive monitoring and analysis without removing human judgment from high stakes decisions.• Build guardrails early, especially as AI becomes embedded into daily workflows for users and developers.Stay ConnectedFollow The Tech Trek for more conversations with founders, operators, and technology leaders building the next generation of AI, data, infrastructure, and security systems.Subscribe, follow, and share this episode with someone thinking about how AI changes the way modern technology teams build and protect systems.

Attackers are increasingly weaponizing frontier models to accelerate the entire attack lifecycle, with current and emerging models reducing the time and expertise needed to start disruptive attacks. As offensive capabilities become more automated and agentic, organizations will need security programs that are equally autonomous, coordinated and continuous. But where do you start? Mark Hughes, Global Managing Partner, Cybersecurity Services at IBM, joins Business Security Weekly to discuss autonomous security, the next frontier of cybersecurity services. IBM recently announced IBM Autonomous Security, a separate service that uses AI agents to analyze software exposures and runtime environments. Mark will discuss the fears and hype of AI and how agentic AI agents can identify paths in an enterprise security environment that can be exploited, improve cyber hygiene, and enforce security policies. As frontier models, like Mythos, accelerate attacks, security programs need to respond with speed, at scale, to drive the right business outcomes. AI Agents for Vulnerability Management Introducing Quantro Security, Inc., a new agentic AI solution bringing AI agents to vulnerability management. The company is focused on applying agentic AI to help address modern security challenges. In this interview, we'll learn more about Quantro Security, Inc., its approach, and what this new solution means for the future of vulnerability management. This segment is sponsored by Quantro Security. Visit https://securityweekly.com/quantrorsac to learn more about them! The Guardrails are Gone: The Onus for AI Security Is On the Enterprise AI model providers are increasingly stepping back from enforcing guardrails, putting the responsibility for AI security squarely on enterprises. But most organizations don't yet have the visibility to meet that responsibility, facing a blind spot across the broader ecosystem of AI systems already operating in their environments. Closing that gap requires unified visibility across both AI systems and the cryptographic infrastructure they touch, so security teams can assess risk and act on it in one place. Visit https://securityweekly.com/sandboxaqrsac to discover how enterprises are taking control of their AI security with AQtive Guard AI-SPM by SandboxAQ. Show Notes: https://securityweekly.com/bsw-445

Attackers are increasingly weaponizing frontier models to accelerate the entire attack lifecycle, with current and emerging models reducing the time and expertise needed to start disruptive attacks. As offensive capabilities become more automated and agentic, organizations will need security programs that are equally autonomous, coordinated and continuous. But where do you start? Mark Hughes, Global Managing Partner, Cybersecurity Services at IBM, joins Business Security Weekly to discuss autonomous security, the next frontier of cybersecurity services. IBM recently announced IBM Autonomous Security, a separate service that uses AI agents to analyze software exposures and runtime environments. Mark will discuss the fears and hype of AI and how agentic AI agents can identify paths in an enterprise security environment that can be exploited, improve cyber hygiene, and enforce security policies. As frontier models, like Mythos, accelerate attacks, security programs need to respond with speed, at scale, to drive the right business outcomes. AI Agents for Vulnerability Management Introducing Quantro Security, Inc., a new agentic AI solution bringing AI agents to vulnerability management. The company is focused on applying agentic AI to help address modern security challenges. In this interview, we'll learn more about Quantro Security, Inc., its approach, and what this new solution means for the future of vulnerability management. This segment is sponsored by Quantro Security. Visit https://securityweekly.com/quantrorsac to learn more about them! The Guardrails are Gone: The Onus for AI Security Is On the Enterprise AI model providers are increasingly stepping back from enforcing guardrails, putting the responsibility for AI security squarely on enterprises. But most organizations don't yet have the visibility to meet that responsibility, facing a blind spot across the broader ecosystem of AI systems already operating in their environments. Closing that gap requires unified visibility across both AI systems and the cryptographic infrastructure they touch, so security teams can assess risk and act on it in one place. Visit https://securityweekly.com/sandboxaqrsac to discover how enterprises are taking control of their AI security with AQtive Guard AI-SPM by SandboxAQ. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-445

Cole Thomas Allen, who made an assassination attempt on President Donald Trump at the White House Correspondents' Dinner, will be arraigned in federal court today. The Sekulow team discusses the third attempt on Trump's life, the press briefing afterward (involving Vice President JD Vance, Acting Attorney General Todd Blanche, FBI Director Kash Patel, DHS Secretary Markwayne Mullin, Secretary of Defense Pete Hegseth), the ACLJ's legal work – and much more.

What happens when AI starts moving faster than the people meant to control it? In this episode, I'm joined by Bernard Montel, Field CTO EMEA at Tenable, for a timely conversation about the AI risks many organizations may be underestimating. Bernard believes we are heading toward a defining AI accident and that the first major incident may come through speed, scale, and unintended consequences rather than a malicious attack. We talk about why so many companies feel pressure to adopt AI at pace, while visibility, governance, and control struggle to keep up. Bernard describes this moment as "driving faster than we can steer," and explains why shadow AI, overprivileged identities, cloud misconfigurations, and exposed AI projects are already creating real business risk. The conversation also looks at agentic AI and why giving systems the ability to take action changes the security equation. A chatbot giving a wrong answer is one problem. An AI agent making flawed decisions, leaking data, or interacting with industrial systems is something very different. Bernard also shares why AI can become a distraction from the security basics that still matter, including cloud security, identity, exposure management, and vulnerability remediation. Attackers may be using AI to move faster, but many of the weaknesses they exploit remain painfully familiar. We also discuss Tenable's new agentic AI framework, announced during RSA, and how the company is using AI to help security teams respond at machine speed while reducing exposure across IT, cloud, OT, identity, and AI environments. For business and security leaders, this episode offers a clear warning and a practical takeaway. AI adoption is no longer a future conversation, but control, governance, and exposure management need to move with it. How prepared is your organization for an AI incident caused by accident rather than attack? Share your thoughts. Useful Links Connect with Bernard Montel, Field CTO EMEA at Tenable Learn More About Tenable Visit the Sponsors of Tech Talks Network and learn more about the NordLayer Browser.

Attackers! Welcome to another Bear Attack Radio, this one is a doozy, from Ska to hymns to classic rock to our favorite emo band! It's got alot going on and oh yeah Rough Houser adds there flavors of choice!Share with everyone and make Podcasts Great Again!

AP correspondent Luke Garratt reports on the suspect in the shooting at the White House Correspondents' Association dinner.

By Doug Green “AI is ready to enforce decisions at scale—but it's not ready to make them.” In a recent Telecom Reseller podcast, I spoke with Chris Bonavita, Vice President of Strategy and Technology Adoption at GTT Communications, about one of the most important—and often misunderstood—shifts happening in AI-driven cybersecurity. As enterprises move aggressively toward autonomous AI inside the Security Operations Center (SOC), Bonavita argues the industry is getting ahead of itself. The problem isn't whether AI is powerful—it clearly is. The problem is where that power is being applied. Today's AI is exceptionally good at ingesting massive volumes of data, identifying patterns, detecting anomalies, and executing defined tasks at machine speed. In the SOC, that translates into real, measurable value. AI is already improving threat detection, accelerating response times, and reducing the burden of repetitive operational work. But there is a line—and according to Bonavita, the industry is starting to cross it too quickly. AI, he explains, does not understand intent. It does not understand business context. And it cannot reliably distinguish between what is technically possible and what is operationally appropriate. That distinction matters in cybersecurity, where decisions carry financial, operational, and reputational consequences. This is where the concept of “AI should enforce, not decide” becomes critical. In this model, humans define policy, intent, and acceptable risk. AI then executes—consistently, continuously, and at scale. It becomes the enforcement engine, not the decision-maker. When that boundary is ignored, new risks begin to emerge. Bonavita points to issues like policy drift, where AI systems begin to deviate from original intent over time, and agent conflict, where multiple automated systems act on overlapping or contradictory instructions. In a dynamic environment without clear human control, these issues can compound quickly, creating unintended disruptions or even new vulnerabilities. At the same time, the threat landscape is evolving just as rapidly. Attackers are now using AI to develop threats faster, automate reconnaissance, and adapt in real time. Defenders are responding with AI-driven detection and remediation. The result is an environment where both sides are operating at machine speed—forcing organizations to rethink how security decisions are made and executed. Compounding the challenge is the disappearance of the traditional network perimeter. Data, users, and applications now exist everywhere, and access is no longer confined to a controlled environment. In this perimeter-less world, both threats and defenses are distributed—and AI is embedded across both. For enterprises, the takeaway is not to slow down AI adoption—but to rethink how it is deployed. The goal is not autonomy. The goal is scale with control. That means building architectures where human intent remains central, and AI is used to enforce that intent across increasingly complex environments. It also aligns closely with GTT's broader strategy, including its Envision platform and SASE-based approach to networking and security, where orchestration and policy consistency are foundational. Looking ahead, the question is not whether AI will play a central role in cybersecurity—it already does. The real question is whether organizations can maintain control as AI capabilities continue to expand. As this conversation makes clear, the most effective model may not be AI replacing human decision-making—but human-directed AI operating at a speed and scale no human team could match. Learn more: https://www.gtt.net/

Help Persecuted Christians TODAY: https://csi-usa.org/quickstart/ Christian Solidarity International On today's Quick Start podcast: NEWS: Gunfire erupts at the White House Correspondents' Dinner as a heavily armed suspect is stopped by Secret Service — what we know about the attacker, his manifesto, and how close he got FOCUS STORY: Inside the suspect's writings — his claimed motives, references to faith, and what investigators are uncovering about his mindset MAIN THING: The DOJ levels criminal charges against the Southern Poverty Law Center — a major legal development that could reshape the group's future LAST THING: Psalm 51:6 — “Behold, you delight in truth in the inward being, and you teach me wisdom in the secret heart.” SHOW LINKS Radical Revelations with Raj Nair https://podcasts.apple.com/us/podcast/radical-revelations/id1888511250 Faith in Culture: https://cbn.com/news/faith-culture Heaven Meets Earth PODCAST: https://cbn.com/lp/heaven-meets-earth NEWSMAKERS POD: https://podcasts.apple.com/us/podcast/newsmakers/id1724061454

AP correspondent Julie Walker reports, gunfire and blasts rock Mali as residents say attackers hit the capital and other cities.

Attackerna mot Irans och Qatars energiproduktion har utlöst en global energikris. Konflikt följer i dess spår från Persiska viken till Asien och Europa. Lyssna på alla avsnitt i Sveriges Radios app. USA:s och Israels krig mot Iran har slagit hårt mot världens energiförsörjning. Attacker mot Irans gasfält i Asaluyeh och Qatars LNG-anläggningar i Ras Laffan skapar chockvågor som nu når vanliga människor, från restaurangägare i gamla Delhi till bönder på Sri Lanka och europeiska hushåll. Konflikt kartlägger krisens konsekvenser med reportrar på plats i Qatar, Indien och Europa.Medverkande:Abdullah Abdulaziz al -Khater, qatarisk ekonom och affärsman, Kulasingham Preethapan, jordbrukare på Sri Lanka, Dilip Singh, indisk restaurangägare, Jigyasa Raina, indisk textilföretagare, Chris Rosslowe, senior analytiker på tankesmedjan Ember, Anne-Sophie Corbeau, energianalytiker och forskare vid Columbia UniversityReporter: Babak Parham, Samar Hadrous, Naila Saleem, Andreas LiljehedenProgramledare: Kajsa Boglindkajsa.boglind@sr.seProducent: Anja Sahlberganja.sahlberg@sr.seTekniker: Maria Stillberg

Researchers expose covert telecom surveillance campaigns. Lawmakers push new national privacy rules. China-linked actors hide inside compromised device networks. A ransomware forum leak reveals a criminal marketplace. GopherWhisper blends into cloud services for espionage. Attackers poison AI with hidden web prompts. Apple patches lingering notification data. macOS admin tools become attacker pathways. CISA orders urgent fixes for a Microsoft Defender zero-day, and their Director nominee withdraws. Our guests today are Johnny Hand and Dustin Childs, hosts of TrendAI's AI Security Brief podcast. A meteorological mystery meets market manipulation. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Introducing the AI Security Brief podcast. Our guests today are Johnny Hand and Dustin Childs, hosts of TrendAI's AI Security Brief podcast. They join Dave to introduce their new show on the N2K CyberWire Network. You can find their first episode here and catch new episodes every other Thursday on your favorite podcast app. Selected Reading Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say (TechCrunch) Committees on Energy and Commerce and Financial Services Introduce Pair of Privacy Bills to Establish Comprehensive Data Protections for All Americans (Energy Commerce) International cyber agencies share fresh advice to defend against China-linked covert networks (NCSC) RAMP Uncovered: Anatomy of Russia's Ransomware Marketplace (Security Affairs) New GopherWhisper APT group abuses Outlook, Slack, Discord for comms (Bleeping Computer) Hackers Use Hidden Website Instructions in New Attacks on AI Assistants (Hackread) Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950) (Help Net Security) Bad Apples: Weaponizing native macOS primitives for movement and execution (Talos Intelligence) CISA orders feds to patch BlueHammer flaw exploited as zero-day (Bleeping Computer) Trump's pick to lead CISA withdraws nomination after months of political impasse (POLITICO) A Hair Dryer May Have Gamed a Paris Weather Sensor for $34,000 on Polymarket (Bitcoin News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Anthropic's Mythos proves irresistible despite claimed supply chain risks.Iran claims U.S. backdoors hit its networks. New Coast Guard rules target maritime OT security. A fresh NGate Android malware variant emerges. Thousands of ActiveMQ servers face active exploitation risk. CISA adds eight flaws to its KEV list. Progress patches MOVEit and LoadMaster bugs. Attackers impersonate IT staff over Microsoft Teams. A ransomware negotiator admits working with BlackCat. Google Gemini asks, “May we see your photos please?” Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices Elad Koren, Vice President, Product Management, Cortex Cloud at Palo Alto Networks, discusses building AI natively into platforms, managing complexity and trust, and taking a measured, experimental approach during the industry's “messy middle” phase. If you enjoyed this conversation, tune into the full interview here. Selected Reading The US NSA is using Anthropic's Claude Mythos despite supply chain risk (Security Affairs) Anthropic secretly installs spyware when you install Claude Desktop (That Privacy Guy) Iran claims US used backdoors in networking equipment (The Register) Maritime Cybersecurity Rules Make Waves (GovInfoSecurity) New NGate variant hides in a trojanized NFC payment app (We Live Security) Actively exploited Apache ActiveMQ flaw impacts 6,400 servers (Bleeping Computer) CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) (Help Net Security) Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster (SecurityWeek) Microsoft: Teams increasingly abused in helpdesk impersonation attacks (Bleeping Computer) Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims (United States Department of Justice) Google Starts Scanning All Your Photos As New Update Goes Live (Forbes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A police officer helps solve an 18-year-old murder case when he finds the prime suspect-his older brother. And a biker with a bloody finger is the clue that police need to put away a rapist who assaulted 31 women over six years.Apartments.com - To find whatever you're searching for and more visit apartments.com the place to find a place.IQBAR - Get 20% off all IQBAR products plus free shipping by texting COLD to 64000Shopify - Sign up for a one-dollar-per-month trial period at Shopify.com/coldcase and take your retail business to the next level today!Thrive Market: Go to ThriveMarket.com/coldcase for 30% off your first order, PLUS a free $60 gift!See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Is your EDR blinding you to insider threats? In this episode, Ashish is joined by Brandon Dixon (Co-Founder & CTO of Ent AI, and former Microsoft Security Copilot leader) to discuss why traditional endpoint security tools are failing in the AI era .Brandon talks about the reality of modern "Insider Risk." Attackers are no longer relying on malware; they are "living off the land" by using legitimate enterprise software (like Zoom or Microsoft Office) to look like everyday employees . Why EDR tools can see that Zoom is running, but are completely blind to a user granting remote control to an outsider .We also explore the explosion of Shadow AI, highlighting a real-world HIPAA violation where an HR employee tried to feed patient records into Meta AI via WhatsApp . If your SOC team is drowning in alerts from "dumb control points," this episode talks about how to move from reactive pattern matching (legacy DLP) to proactive behavioral intent modeling at the endpointGuest Socials -⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠Brandon's LinkedinPodcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Security, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠Questions asked:(00:00) Introduction(02:50) Who is Brandon Dixon? (RiskIQ, Microsoft Copilot, Ent AI) (04:00) Redefining Insider Risk: Malice vs. Mistakes (05:10) "Living Off the Land": Why Adversaries Use Legitimate Tools (06:30) The Zoom Example: Why EDR is Blind to Remote Control Hacks (09:30) The Failure of Security Training against "Click Fix" Attacks (11:50) Case Study: A HIPAA Violation via Meta AI in WhatsApp (13:50) Why Traditional DLP Fails at Semantic Context (16:50) Local AI Usage: Why Workloads Are Returning to the Endpoint (18:50) The Problem with UEBA: Putting Anomalies in Context (22:30) Why You Can't Build This With a Data Lake (26:30) Stopping the "Trophy SOC" and Dumb Alerts (27:40) Fun Questions: Kangaroo Jerky Tasting (28:40) Hobbies & Pride: Ultramarathons and Growing Up in Baltimore (29:20) Favorite Cuisine: Burmese Food (Tea Leaf Salad)

7. Al-Shabaab's Infiltration TacticsGuest: Caleb Weiss. Caleb Weiss details a recent Al-Shabaab prison raid in Somalia where attackers disguised themselves as intelligence operatives. The strategic strike demonstrated the government's persistent security weaknesses despite international support from various partners. (7)1870 OTTOMAN IRONCLAD

Iranian-linked hackers warn of possible “irreparable” attacks on U.S. water systems. CISA pushes urgent fixes for a critical Citrix flaw. The Dutch Finance Ministry takes systems offline after a breach. Space Force may scrap next-gen GPS control software. Attackers exploit a Fortinet server bug. Lloyds exposes customer transaction data. AI and regulation reshape cyber careers. The FTC settles with a dating app over data sharing. Sam Rubin, SVP, Palo Alto Networks Unit 42 Consulting and Threat Intelligence, discusses Iran's shift to identity weaponization. Wikipedia wrestles with a wayward writer. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We will be sharing a series of interviews we held at RSAC 2026 over the next few weeks. Sam Rubin, SVP, Palo Alto Networks Unit 42 Consulting and Threat Intelligence, discussing Iran's shift to identity weaponization. If you enjoyed this conversation, tune in here to listen to the full conversation. Selected Reading Iranian Cyberthreats Test US Infrastructure Defenses (BankInfo Security) CISA tells federal agencies to patch Citrix NetScaler bug by Thursday (The Record) Dutch Ministry of Finance takes treasury systems offline amid cyber incident investigation (Security Affairs) After 16 years and $8 billion, the military's new GPS software still doesn't work (Ars Technica) Exploitation of Critical Fortinet FortiClient EMS Flaw Begins (SecurityWeek) Lloyds IT Glitch Exposed Data of Nearly 500,000 Banking Customers (Infosecurity Magazine) SANS Research: The Cybersecurity Talent Shortage Narrative Is Wrong. The Real Crisis Is Skills, and AI Just Rewrote the List. (Yahoo Finance) FTC Takes Action Against Match and OkCupid for Deceiving Users by Sharing Personal Data with Third Party (FTC) Business Briefing (N2K Pro)  An AI Agent Was Banned From Creating Wikipedia Articles, Then Wrote Angry Blogs About Being Banned (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Glenn starts the show by bringing in his chief researcher, Jason Buttrill, to discuss the current situation in Iran. What is Trump's plan in dealing with Iran? Glenn also gives a small but promising update on the SAVE America Act — and he credits his audience for demanding that Majority Leader Sen. John Thune (R-S.D.) bring it to the floor. Glenn discusses the growing threat of political Islam in America. Mauro Institute Director Ryan Mauro joins to discuss Glenn's upcoming Torch special, which focuses on the Islamization of the West, and the research that went into it. Ryan and Glenn also discuss the growing anti-Semitism happening on both sides of the political spectrum. Glenn issues a warning to those who choose what's “almost right” instead of what's right, which can eventually lead down a dark road. An armed man was arrested after entering an elementary school. Glenn speaks about the job of a journalist during a time in which America is at war. Will the FCC begin revoking broadcast licenses if an outlet spreads misleading information? Learn more about your ad choices. Visit megaphone.fm/adchoices