Podcasts about cvss

Discord Drops Persona Age Verification, SolarWinds Serv-U Critical RCEs, Splunk Windows Priv Esc, and Smart TV Screenshot Surveillance Lawsuits In this episode of Cybersecurity Today, host Jim Love covers Discord ending its age-verification experiment with Persona after user backlash and researcher findings that Persona's front-end code suggested up to 269 verification checks, including watch list screening and risk scoring, amid already-thin trust following an earlier breach that exposed government ID images. The show also highlights SolarWinds Serv-U 15.5.0.4 patches for four critical (CVSS 9.1) remote code execution vulnerabilities (CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, CVE-2025-40541), noting they require high privileges and that self-hosted Windows/Linux instances must be upgraded, with estimates ranging from under 1,200 to over 12,000 internet-exposed servers. Splunk discloses a high-severity Windows privilege escalation flaw (CVE-2025-2386, CVSS 8.0) caused by incorrect install-directory permissions in versions before 10.0.0.2, 9.4.0.6, 9.3.0.8, and 9.2.10, enabling local users to potentially escalate privileges and tamper with logging. Finally, Texas Attorney General Ken Paxton sues Samsung, Sony, LG, Hisense, and TCL, alleging smart TVs use automated content recognition to capture screen content—potentially up to twice per second—and transmit it without meaningful consent, with implications for both home viewing and confidential business use; the episode emphasizes reviewing and disabling ACR settings and accounting for network-connected screens in security models.  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor Message Meter 00:20 Discord Age Verification Backlash 01:37 Persona Code Raises Alarms 03:08 SolarWinds Serv-U Critical RCEs 04:51 Splunk Windows Priv Esc 06:18 Smart TV Screenshot Surveillance 08:35 Wrap Up and Sponsor Thanks

A newly uncovered state-backed espionage group has compromised 70 organizations across 37 countries in a single year — and they were scanning infrastructure in 155 more. In this episode of Hacking News, we break down Palo Alto Unit 42's Shadow Campaigns investigation, a CVSS 9.9 pre-authentication RCE in BeyondTrust's remote access tools, a state-sponsored Signal phishing campaign targeting European politicians and military officials without using a single line of malware, CISA's aggressive new directive ordering federal agencies to rip out end-of-life edge devices, and an Everest ransomware claim against Iron Mountain that turned out to be far less than advertised. Whether you're a cybersecurity professional, IT admin, or just someone who wants to stay informed about the threats facing our digital world — this episode has critical takeaways you can act on today.

This episode covers multiple active threats and security changes. It warns of an actively exploited critical BeyondTrust remote access vulnerability (CVE-2026-1731, CVSS 9.9) enabling pre-authentication remote code execution in Remote Support and Privileged Remote Access, noting SaaS was patched while on-prem deployments require urgent manual updates and may already be compromised. Microsoft details an evolution of the ClickFix social engineering technique where victims are tricked into running NSLookup commands that use attacker-controlled DNS responses as a malware staging channel, leading to payload delivery (including a Python-based RAT) and persistence via startup shortcuts, alongside increased Lumma Stealer activity.  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst Researchers also report Mac-focused campaigns abusing AI-generated content and malicious search ads to push copy-paste terminal commands that install an info stealer (MaxSync) targeting Keychain, browsers, and crypto wallets. T The show describes fake recruiter campaigns targeting developers with coding tests containing malicious dependencies on repositories like NPM and PyPI, linked to the "Gala" operation and nearly 200 packages. Finally, it reviews NPM's authentication overhaul after a supply-chain worm incident—revoking classic long-lived tokens, moving to short-lived session credentials, encouraging MFA and OIDC trusted publishing—while noting remaining risks such as MFA phishing, non-mandatory MFA for unpublish, and the continued ability to create long-lived tokens. 00:00 Sponsor: Meter + Today's Cybersecurity Headlines 00:48 Urgent Patch: BeyondTrust Remote Access RCE (CVE-2026-1731) Actively Exploited 02:45 ClickFix Evolves: DNS Lookups (nslookup) Used as Malware Staging 04:34 Mac Malware via AI Search Results: Fake Terminal Commands Deliver Info-Stealer 06:08 Fake Recruiters, Real Malware: Coding Tests Poison Dev Environments 07:19 NPM Security Overhaul After Supply-Chain Worm—What's Better, What Still Risks 09:11 Wrap-Up, Thanks, and Sponsor Message

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Send a textAlarms go off, dashboards turn red, and leadership wants everything fixed yesterday—sound familiar? We dig into the real craft of vulnerability management: deciding what truly matters, when to defer safely, and how to protect customers while keeping the business moving. Along the way, we unpack the forces shaping 2025 security: AI-fueled threats, smarter cyber insurance, the edge of quantum risk, stricter privacy laws, and the rising stakes of DevOps security.We share a practical triage framework that goes beyond CVSS. Learn how to validate scanner noise, confirm versions, and use a second tool when the data looks off. When patching collides with uptime or legacy systems, we outline compensating controls that actually reduce exploitability—segmentation, allow-lists, credential tightening, and targeted monitoring—plus the documentation and triggers that prevent “temporary” exceptions from turning permanent. You'll hear how to communicate residual risk with time-bound plans and metrics leaders understand, from blast radius to downtime cost and insurance obligations.Ethical disclosure gets real, too. When a researcher's 30-day clock clashes with a 45-day fix, coordination beats confrontation. We talk through private progress updates, revised timelines, and interim mitigations that put users first. For vendors and open source, we highlight respectful escalation paths, legal prep, and why responsible disclosure typically reduces harm better than full, premature detail drops. In complex multi-cloud setups, we recommend assigning a cross-team coordinator who aligns priorities, patches the most exposed services first, and bakes checks into CI/CD so the next fix is faster.Subscribe for more CISSP-ready breakdowns, share this with a teammate who lives in the patch queue, and leave a review with your toughest triage scenario—we might feature it next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.OpenClaw, an open source AI agent formerly known as MoltBot and ClawdBot, has rapidly become the fastest-growing project on GitHub, amassing over 113,000 stars in under a week.A critical vulnerability in the React Native Community CLI NPM package, tracked as CVE-2025-11953 with a CVSS score of 9.8, has been actively exploited in the wild since late December 2025, according to new findings by VulnCheck. JFrog article.Following the disclosure in the Notepad++ v8.8.9 release announcement, further investigation confirmed a sophisticated supply chain attack that targeted the application's update mechanism.Google, in coordination with multiple partners, has undertaken a large-scale disruption effort targeting the IPIDEA proxy network, which it identifies as one of the largest residential proxy networks globally.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

We kick off with a CVSS 10 in n8n, then look at self-hosted AI assistants with weak defaults and prompt injection risks. Are your API keys, inbox, and drives safe if a bot is open to the web? What should you rotate, patch, and hide behind a VPN?  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

Send us a textWhat happens when custom malware turns IoT into a springboard for OT, and gas pumps become levers for panic? We open with a timely look at Iranian-linked operations targeting PLCs and use that story to ground a full, practical tour of CISSP Domain 6.4: how to analyze scan output and generate reports that actually drive action.We break down the anatomy of a high-value vulnerability report—clean executive summaries, CVE and CVSS clarity, and the business context that separates theoretical risk from real-world impact. From there, we map a repeatable cadence for internal scans full of misconfigurations, default creds, and end-of-life software, plus a strategy to turn noisy findings into steady wins through prioritization, trend metrics, and small, fast fixes that build momentum.On the perimeter, we focus on external scans across web apps, APIs, cloud edges, and third parties. You'll hear hard-earned tactics for handling M&A exposure, vendor VPNs, misconfigured buckets, and certificate drift without breaking production. We share validation steps that avoid false positives and chaos in prod, then show how to formalize exceptions with risk assessments, compensating controls, and an auditable register that satisfies PCI DSS, HIPAA, SOX, and GDPR expectations.We close with ethical disclosure done right—timelines, ISO/IEC 29147 alignment, and when to coordinate versus publish—so you protect users and your organization without stepping into legal traps. If you're studying for the CISSP or building a vulnerability management program that survives contact with reality, this guide will help you prioritize what matters, communicate clearly, and keep improving.Enjoyed the show? Subscribe, share with a teammate, and leave a quick review so others can find it. Tell us: what metric best proves your remediation progress?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Microsoft just dropped an emergency patch for an Office zero-day being exploited in the wild. A WordPress plugin has a CVSS 10.0 vulnerability — that's the golden goose of hacking. 900,000 Chrome users had their ChatGPT conversations stolen by malicious extensions with Google's Featured badge. And two cybersecurity professionals pleaded guilty to moonlighting as ransomware affiliates. Welcome to 2026. It's gonna be a fun year. In this episode: CVE-2026-21509: Microsoft Office zero-day (security feature bypass) CVE-2026-23550: WordPress Modular DS critical vulnerability Prompt Poaching: Chrome extensions stealing AI conversations Brightspeed breach: Crimson Collective claims 1M+ records Insider threat: Security pros turned BlackCat/ALPHV affiliates Key takeaway: Update your stuff. A patch does you no good if it isn't installed. Subscribe for weekly cybersecurity news, vulnerability breakdowns, and threat intelligence.   https://forgeboundresearch.com/podcasts/

n8n è la piattaforma di automazione open-source da 2.5 miliardi di dollari. A gennaio 2026 è emersa Ni8mare, una vulnerabilità CVSS 10.0 che permette a chiunque di prendere controllo totale del server senza autenticarsi. A settimane dalla patch, migliaia di istanze sono ancora esposte.Fonti e approfondimenti:- Analisi tecnica Cyera (da cui vengono le spiegazioni): https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858- Security Advisory n8n: https://blog.n8n.io/security-advisory-20260108/- BleepingComputer (dati istanze vulnerabili): https://www.bleepingcomputer.com/news/security/max-severity-ni8mare-flaw-impacts-nearly-60-000-n8n-instances/00:00 Intro00:27 Cos'è n8n03:22 Analisi di Ni8mare10:55 Conclusioni#n8n #security #vulnerability #automation #cvss #rce #opensource

Security researchers Dor Attias and Ofek Itach demonstrate a critical CVSS 10.0 n8n vulnerability (CVE-2026-21858). Watch the full RCE exploit demo using type confusion to bypass authentication and read sensitive local files. // Dor Attias SOCIAL // LinkedIn: / dor-attias-740758155 // Ofek Itach SOCIAL // LinkedIn: / ofek-it // N8N Hack Blog https://www.cyera.com/research-labs/n... // Cyera Blog // https://www.cyera.com/blog // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:56 - n8n vulnerability explained 02:33 - n8n hacking demo // How the vulnerability works 09:13 - How bad is it? 11:51 - Vulnerability summary 13:28 - More explained on Cyera blog // Webhooks 16:59 - Webhooks explained 18:09 - Formidable 19:18 - Formidable explained 20:01 - Handling uploaded files in n8n 22:32 - The form webhook node 24:28 - How to exploit 25:54 - Exploit summary 26:46 - How to mitigate 27:37 - How to become a security researcher 32:36 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in the workflow automation platform n8n, tracked as CVE-2026-21858 and rated CVSS 10.0, allows unauthenticated remote attackers to fully compromise exposed instances.Two malicious Chrome extensions impersonating a legitimate product from AITOPIA were found exfiltrating sensitive user data, including full AI chat histories, according to a report from OX Security.The recent U.S. military operation in Venezuela that led to the capture of President Nicolás Maduro may have included cyber operations, but official confirmation of cyber's role remains ambiguous.Two U.S. citizens with professional backgrounds in cybersecurity have pleaded guilty to acting as affiliates of the ALPHV/BlackCat ransomware group, a prominent ransomware-as-a-service (RaaS) operation.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The New CISO, host Steve Moore speaks with Alex Rice, Founder, CTO, and CISO at HackerOne, about challenging one of cybersecurity's most deeply held beliefs—that security should be the top priority. Drawing from his journey building security programs at Facebook and founding HackerOne, Alex introduces the "safety third" philosophy and explains why accepting that security is never first can actually make you more effective as a leader.Alex shares his unconventional path into cybersecurity, starting as a 14-year-old programmer in rural Florida and eventually leading product security at Facebook during its explosive growth. He reveals how Facebook ran 70+ penetration tests annually with top-tier vendors and still wasn't finding enough vulnerabilities—until they opened the doors to the hacker community and received over 300 valid findings in a single weekend. This experience became the foundation for HackerOne's bug bounty platform.The conversation tackles critical leadership challenges facing modern CISOs, including the toxic tendency toward victim blaming when breaches occur, why security teams struggle with customer-centric design, and how to avoid becoming the team everyone knows only for blocking work and sending phishing tests. Alex argues that security professionals must stop drinking their own Kool-Aid and recognize that usability and business outcomes will always take precedence over security controls.In the episode's second half, Alex addresses AI's role in security operations with refreshing pragmatism. Rather than chasing grandiose AI visions, he advocates for starting with narrow, well-defined tasks where agents can replace security toil—like automated CVSS scoring or vulnerability triage—building trust and expertise before tackling more ambitious projects. He warns against the current trend of AI tools that find more problems when security teams desperately need help fixing the mountain of issues they already know about.Alex also challenges CISOs to stop over-owning problems like asset inventory management that rightfully belong to other executives, emphasizing the importance of cross-functional collaboration over building security-owned solutions that ultimately fail. Throughout the discussion, he champions a philosophy of empathy, customer-centricity, and accepting hard truths about security's actual place in business priorities—a mindset shift that paradoxically makes security leaders far more effective.Key Topics Discussed:Why "safety third" should be every CISO's operating philosophyThe problem with victim blaming in cybersecurity incidentsBuilding customer-centric security programs that enable rather than blockLessons from scaling Facebook's security program with 70 pen tests per yearThe origin story of HackerOne and crowdsourced security testingHow to avoid becoming the security team everyone resentsPractical AI implementation: Starting with toil elimination, not transformationWhy CISOs over-own asset management and other problemsThe importance of process mapping before deploying AI agentsAligning security teams closely with AI and software...

MAUTIC RELEASES Mautic 7.0 Release Candidate “Columba” https://mautic.org/blog/welcome-to-mautic-7-0-release-candidate-columba-edition/ Security releases with critical severity (CVSS score 9) https://github.com/mautic/mautic/security/advisories and https://www.cvedetails.com/vulnerability-list/vendor_id-16465/year-2025/Mautic.html 3RD-PARTY & PLUGINS Frédéric Wouters: Mautic Email RSS Plus Bundle (Mautic 4/5) https://github.com/woutersf/MauticEmailRssPlusBundle Frédéric Wouters: Unique Login Links bundle https://github.com/woutersf/mauticUliBundle Frédéric Wouters: GDPR role-based masking of sensitive personal data (PII) https://forum.mautic.org/t/masking-of-pii-data-in-mautic/36864 7Cats / WooCommerce: WordPress plugin bridging Mautic webhooks to WhatsApp Business API https://github.com/rcarabelli/7C-Mautic-Wordpress-Waba-Bridge and https://mautic.slack.com/archives/C02GEN0SG/p1758154187081719 FEATURES & IDEAS Wiesław Golec: PostgreSQL proof of concept https://forum.mautic.org/t/proof-of-concept-restoring-postgresql-support-for-mautic/36313/13 and https://community.mautic.org/processes/roadmap/f/4/proposals/200 Frédéric Wouters: Email sending in waves https://forum.mautic.org/t/send-out-emails-in-waves/36434 Frédéric Wouters: Data aggregation functionality and alternatives via n8n https://forum.mautic.org/t/data-aggregation-functionality-in-mautic/36435 Mautic editor and builder improvements including GrapesJS and CKEditor https://forum.mautic.org/t/lets-make-the-builder-much-better-incl-grapesjs-and-ckeditor/37005 Mautic Campaign Library: https://mautic.org/blog/mautics-campaign-library-initiative-phase-2-funded-by-nlnet-and-the-european-commission/ Mautic AI initiative with Lukas Siegel as initiative lead https://mautic.slack.com/archives/C08RQBCGLCE COMMUNITY & EVENTS Mautic General Assembly on January 21, 2026, including budget deficit discussion and the need for increased corporate memberships https://community.mautic.org/assemblies/general-assembly/f/20/meetings/364 and https://mautic.org/blog/introducing-global-pricing-to-make-mautic-security-and-membership-accessible-worldwide/ Mautic Ambassador program for country, regional, and university-level contributors https://mautic.org/become-a-mautic-ambassador/ and https://mautic.org/blog/launching-mautic-ambassador-program-first-country-regional-level-ambassadors/ Mautic Conferences 2025–2026 and experimental “Mautic World Conference” format with London and online components https://www.youtube.com/@MauticOrg/playlists and https://mautic.slack.com/archives/C8B89CLSF/p1764719132683359

Hello gang, welcome to the Sans News Bites podcast covering the newsletter for December 12, 2025.I know, we should've been continuing to release, but I also have been involved in other things too and taking some time off, but we plan on catching up as there are no meetings we need to attend until next year.I've also been learning about how the RSS features work on getting things linked, and its not as simple as putting the links in place in HTML so we'll continue to improve our show notes and make them better. Do you want to read what is in the newsletter? here is the link to December 12, 2025 if you want to read it. Here's what is in the top of the news. Microsoft Patch Tuesday for December 2025 Includes Exploited Zero-Day Patch Fortinet, Ivanti, and SAP Products for Critical Flaws Patch Fortinet, Ivanti, and SAP Products for Critical Flaws Adobe Security Bulletins Here's the rest of the news Google Patches (Another) Chrome Zero-day Unpatched Gogs Vulnerability is Being Actively Exploited IBM Security Bulletins CISA and Partners Warn of Attacks Against Critical Infrastructure Gartner Warns CISOs to Block AI Browsers Former Accenture Senior Manager Allegedly Lied About Security Control Compliance Pierce County Library System Will Notify 340,000 Individuals Affected by April 2025 Data Breach I hope that you all enjoy the program as much as I am bringing it together for you. Remember, this program reads the news items, and comments on them. We will bring in the editors if they say something I'm thinking as I'm reading the thing. Its quoted in the braille too.Let me know if these show notes are better than past ones. Thanks for listening, make it a great day!

Referências do Episódio​HPESBGN04985 rev.2 - Hewlett Packard Enterprise OneView Software, Remote Code Execution​CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView​Acronis TRU Alliance {Hunt.io}: Hunting DPRK threats - New Global Lazarus & Kimsuky campaigns​LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and JapanRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comReact2Shell is the latest high-profile vulnerability in the web application landscape, scoring a critical CVSS 10.0 and drawing immediate comparisons to Log4Shell.Researchers at Noma Labs disclosed a critical vulnerability in Google's Gemini Enterprise AI assistant, dubbed GeminiJack, that allowed attackers to stealthily exfiltrate sensitive enterprise data.U.S. prosecutors have charged Victoria Eduardovna Dubranova, a 33‑year‑old Ukrainian woman, in two separate indictments for her alleged involvement with pro‑Russia hacktivist groups CyberArmyofRussia_Reborn and NoName057(16).A China-aligned threat actor identified as Warp Panda has been linked to recent compromises of VMware vCenter environments at U.S.-based organizations, according to a new report from CrowdStrike. Original CrowdStrike article. CISA BRICKSTORM Backdoor breakdown. Analysis report.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: There's a CVSS 10/10 remote code exec in the React javascript server. JS server? U wot mate? China is out popping shells with it Linux adds support for PCIe bus encryption Amnesty International says Intellexa can just TeamViewer into its customers' surveillance systems …and a Belgian murder suspect complains that GrapheneOS's duress wipe feature failed him? This week's episode is sponsored by Kroll Cyber. Simon Onyons is Managing Director at Kroll's Cyber and Data Resilience arm, and he discusses a problem near to many of our hearts. Just how do you explain cyber risk to the board? This episode is also available on Youtube. Show notes Risky Bulletin: APTs go after the React2Shell vulnerability within hours - Risky Business Media Guillermo Rauch on X: "React2Shell" / X React2Shell-CVE-2025-55182-original-poc/README.md at main · lachlan2k/React2Shell-CVE-2025-55182-original-poc · GitHub Hydrogen: Shopify's headless commerce framework Researchers track dozens of organizations affected by React2Shell compromises tied to China's MSS | The Record from Recorded Future News Unveiling WARP PANDA: A New Sophisticated China-Nexus Adversary Three hacking groups, two vulnerabilities and all eyes on China | The Record from Recorded Future News Risky Bulletin: Linux adds PCIe encryption to help secure cloud servers Sean Plankey nomination to lead CISA appears to be over after Thursday vote | CyberScoop

(Presented by ThreatLocker (https://threatlocker.com/threebuddyproblem): Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 75: We dig into a CVSS 10/10 unauthenticated RCE bug causing chaos across the internet and early signs that Chinese APTs are already launching exploits, the cascading patch chaos, and a long tail of malware intrusions to come. Plus, commentary on Chrome's telemetry collection, Microsoft and the "SFI success story," newest BRICKSTORM backdoor intrusions, the US national security strategy, Anthropic's AI popping smart-contract bugs, a secret FBI ransomware-hunting unit getting weird, and a pair of sad stories in the security community. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Guest: Caleb Hoch, Consulting Manager on Security Transformation Team, Mandiant, Google Cloud Topics: How has vulnerability management (VM) evolved beyond basic scanning and reporting, and what are the biggest gaps between modern practices and what organizations are actually doing? Why are so many organizations stuck with 1990s VM practices? Why mitigation planning is still hard for so many? Why do many organizations, including large ones, still rely on unauthenticated scans despite the known importance of authenticated scanning for accurate results? What constitutes a "gold standard" vulnerability prioritization process in 2025 that moves beyond CVSS scores to incorporate threat intelligence, asset criticality, and other contextual factors? What are the primary human and organizational challenges in vulnerability management, and how can issues like unclear governance, lack of accountability, and fear of system crashes be overcome? How is AI impacting vulnerability management, and does the shift to cloud environments fundamentally change VM practices? Resources: EP109 How Google Does Vulnerability Management: The Not So Secret Secrets! EP246 From Scanners to AI: 25 Years of Vulnerability Management with Qualys CEO Sumedh Thakar EP248 Cloud IR Tabletop Wins: How to Stop Playing Security Theater and Start Practicing How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends Mandiant M Trends 2025 EP204 Beyond PCAST: Phil Venables on the Future of Resilience and Leading Indicators Mandiant Vulnerability Management

In this episode of 'Cybersecurity Today,' host Jim Love covers multiple pressing topics: CloudFlare's major outage affecting services like OpenAI and Discord, Microsoft's new AI feature in Windows 11 and its potential malware risks, a new red team tool that exploits cloud-based EDR systems, and a new tactic using calendar invites as a stealth attack vector. Additionally, a critical SAP vulnerability scoring a perfect 10 on the CVSS scale is discussed alongside a peculiar event where Anthropic's AI mistakenly tried to report a cybercrime to the FBI. The episode wraps up with a mention of the book 'Alyssa, A Tale of Quantum Kisses' and a thank you to Meter for sponsoring the podcast. Tune in for essential cybersecurity insights. 00:00 Introduction and Sponsor Message 00:22 CloudFlare Outage Causes Major Disruptions 02:55 Microsoft's New AI Features and Malware Risks 05:22 Silent but Deadly: New Red Team Tool 07:39 Calendar Invites as a Stealth Attack Vector 10:04 Critical SAP Vulnerability 12:11 Anthropic's AI and the FBI Incident 14:06 Conclusion and Final Thoughts

Send us a textOne DNS bug shouldn't take your business offline—but it did for thousands. We open with the AWS East outage to show how a single point of failure in DNS can cascade through critical systems, then get tactical about building resilience that actually holds up under stress. From multi‑region architecture and failover planning to budget trade‑offs leaders often dodge, we make the case for redundancy you can defend to finance and prove with tests, not promises.From there, we translate CISSP Domain 6.4 into actionable steps. You'll hear how to structure vulnerability reports that leaders read and teams use: crisp executive summaries, deep technical details, and remediation plans with owners and timelines. We contrast internal and external scans—what they find, where they break, and how to plan windows that won't knock over production. Expect practical guidance on ranking findings by business impact, taming false positives, and using trend analysis to show improvement over time.Validation and exception handling take center stage as we walk through verifying exploitability, aligning CVSS with real risk, and documenting exceptions the right way. When patching isn't possible, we outline compensating controls like segmentation, WAFs, logging, and virtual patching that reduce exposure without halting operations. We close with ethical disclosure best practices—coordinated timelines, bug bounty channels, and the legal safeguards that keep researchers and organizations on the same team.If you want resilient architectures, credible reporting, and a vulnerability program that leadership trusts, this conversation gives you the blueprint. Subscribe, share this with your team, and leave a quick review with your top takeaway—what's the first resilience fix you'll prioritize this quarter?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

professorjrod@gmail.comWhat's the weakest link in your world—an old router, a forgotten Windows box, or that “anyone with the link” setting you meant to change? We unpack the real vulnerabilities hiding in small businesses, nonprofits, and home networks, then share a clear playbook to find them early and fix them fast without enterprise budgets.We start with the quiet culprits: end‑of‑life operating systems, abandoned firmware, and default passwords that ship on printers, cameras, and routers. You'll hear why isolation, segmentation, and least privilege are lifesavers when replacement isn't an option. From ransomware on aging desktops to misconfigured cloud shares that leak donor lists, we connect everyday scenarios to practical countermeasures like MFA, strong crypto, key rotation, and simple access reviews.Then we go deeper into application and web risks—SQL injection, XSS, CSRF, race conditions, buffer overflows—and how attackers exploit timing and input validation gaps. We break down supply chain threats, where a compromised plugin server can Trojanize an entire customer base, and show how to vet vendors with a software bill of materials and clear service level terms. You'll also get a workable monitoring routine: weekly vulnerability scans (credentialed and non‑credentialed), reputable threat feeds like IBM X‑Force and Abuse.ch, and dark web awareness for leaked credentials.To round it out, we map a no‑nonsense remediation loop: discover, analyze, fix, verify, repeat. Learn to use CVE identifiers and CVSS scores to prioritize by risk and business impact, spot false positives and negatives, and handle patches that break production with rollbacks and compensating controls. Along the way, we share a memorable bug bounty story that proves anyone—even a kid—can help make the internet safer. Subscribe for more practical cybersecurity, share this with someone running on “set it and forget it,” and leave a review telling us the one update you're making today.Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifySupport the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Clipboard Image Stealer Xavier presents an infostealer in Python that steals images from the clipboard. https://isc.sans.edu/diary/Clipboard%20Pictures%20Exfiltration%20in%20Python%20Infostealer/32372 F5 Compromise F5 announced a wide-ranging compromise today. Source code and information about unpatched vulnerabilities were stolen. https://my.f5.com/manage/s/article/K000157005 https://my.f5.com/manage/s/article/K000156572 https://my.f5.com/manage/s/article/K000154696 Adobe Updates Adobe updated 12 different products yesterday. https://helpx.adobe.com/security.html SAP Patchday Among the critical vulnerabilities patched in SAP s products are two deserialization vulnerabilities with a CVSS score of 10.0 https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html https://onapsis.com/blog/sap-security-patch-day-october-2025/

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in Redis, dubbed RediShell and tracked as CVE-2025-49844, affects all Redis versions and carries a maximum CVSS score of 10.0.Cisco has disclosed a critical zero-day vulnerability—CVE-2025-20352—affecting its widely deployed IOS and IOS XE software, confirming active exploitation in the wild.Researchers at NCC Group have found that voice cloning technology has reached a level where just five minutes of recorded audio is enough to generate convincing voice clones in real time.A China-linked cyber-espionage group, tracked as UNC5221, has been systematically targeting network infrastructure appliances that lack standard endpoint detection and response (EDR) support.Dutch authorities have arrested two 17-year-old boys suspected of being recruited by pro-Russian hackers to carry out surveillance activities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

What is a CVE – and why does it matter to your patching process? Landon Miles breaks down CVEs, CVSS scores, and CNAs – covering how they work together, what to prioritize, and how to respond. Learn how to assess risk, spot active exploits, and streamline remediation with clear, actionable steps.

Microsoft Patch Tuesday As part of its September patch Tuesday, Microsoft addressed 177 different vulnerabilities, 86 of which affect Microsoft products. None of the vulnerabilities has been exploited before today. Two of the vulnerabilities were already made public. Microsoft rates 13 of the vulnerabilities are critical. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20September%202025/32270 Adobe Patches Adobe released patches for nine products, including Adobe Commerce, Coldfusion, and Acrobat. https://helpx.adobe.com/security/security-bulletin.html SAP Patches SAP patched vulnerabilities across its product portfolio. Particularly interesting are a few critical vulnerabilities in Netweaver, one of which scored a perfect 10.0 CVSS score. https://onapsis.com/blog/sap-security-notes-september-2025-patch-day/

Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202025%20Patch%20Tuesday/32192 https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/ libarchive Vulnerability A libarchive vulnerability patched in June was upgraded from a low CVSS score to a critical one. Libarchive is used by compression software across various operating systems, making this a difficult vulnerability to patch https://www.freebsd.org/security/advisories/FreeBSD-SA-25:07.libarchive.asc Adobe Patches Adobe released patches for 13 different products. https://helpx.adobe.com/security/Home.html

The often-overlooked truth in cybersecurity: Seeing the Unseen in Vulnerability ManagementIn this episode, Sean Martin speaks with HD Moore, Founder and CEO of RunZero, about the often-overlooked truth in cybersecurity: the greatest risks are usually the things you don't know exist in your environment.Moore's career has spanned decades of penetration testing, tool creation, and product development, including leading the creation of Metasploit. That background shapes his approach at RunZero—applying attacker-grade discovery techniques to uncover devices, networks, and vulnerabilities that traditional tools miss. Why Discovery Matters MostThrough repeated penetration tests for high-security organizations, Moore observed a consistent pattern: breaches rarely occurred because defenders ignored known issues, but rather because attackers exploited unknown assets. These unknowns often bypassed mitigation strategies simply because they weren't on the organization's radar. Beyond CVEsMoore emphasizes that an overreliance on CVE lists leaves organizations blind to real-world risks. Many breaches stem from misconfigurations, weak credentials, or overlooked systems—problems that can be exploited within days of a vulnerability being announced. The answer, he says, is to focus on exposure and attack paths in real time, not just lists of patchable flaws. Revealing the GapsRunZero's approach often doubles the asset count organizations believe they have, uncovering systems outside existing scanning or endpoint management coverage. By leveraging unauthenticated discovery techniques, they detect exploitable conditions from an attacker's perspective—identifying forgotten hardware, outdated firmware, and network segmentation issues that open dangerous pathways. Changing the GameThis depth of discovery enables security teams to prioritize the small subset of issues that pose the highest business risk, rather than drowning in thousands of low-impact findings. It also helps organizations rebuild their security programs from the ground up—ensuring that every device is accounted for, properly segmented, and monitored. Collaboration and CommunityMoore also shares his ongoing contributions to open source through Project Discovery, integrating and enhancing tools like the nuclei scanner to accelerate vulnerability detection for everyone—not just paying customers. The message is clear: if you want to close the gaps, you first need to know exactly where they are—and that requires a new level of visibility most teams have never had.Learn more about runZero: https://itspm.ag/runzero-5733Note: This story contains promotional content. Learn more.Guest: HD Moore, Founder and CEO of RunZero | On Linkedin: https://www.linkedin.com/in/hdmoore/ResourcesLearn more and catch more stories from runZero: https://www.itspmagazine.com/directory/runzeroAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

“It's got a [vulnerability] score of a 9.8, and this is on a scale of 10 and I've really never seen 10. So 9.8 is basically just as bad as it gets.”This episode is inspired by an ongoing global cybersecurity incident. In mid‑July attackers began actively exploiting Microsoft SharePoint vulnerabilities in what's now known as the “ToolShell” exploit chain.This flaw is classified as a remote code execution vulnerability with an extremely high CVSS (Common Vulnerability Scoring System ) score of 9.8, making it highly dangerous.Featuring Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, the episode explores the severity of this 9.8 CVSS score vulnerability and its impact on organizations that haven't applied the necessary patches. Learn about the attack kill chain, what makes this flaw so dangerous, and practical steps to safeguard your systems. Patch immediately, audit your access logs, and stay ahead of the threat. CSA Advisory:https://www.csa.gov.sg/alerts-and-advisories/advisories/ad-2025-016Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Aram Hovsepyan joins the podcast today to chat about the misconceptions behind common security metrics. Aram tells us how total vulnerability counts and CVSS scores can be misleading and he introduces us to the Goal Question Metric framework, this framework is a better approach to building truly effective security dashboards. Learn about the critical qualities of good metrics and how to ensure that your metrics accurately reflect your organization's security posture and readiness. Also, discover overlooked metrics that could offer deeper insights into your application security.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hiding Payloads in Linux Extended File Attributes Xavier today looked at ways to hide payloads on Linux, similar to how alternate data streams are used on Windows. Turns out that extended file attributes do the trick, and he presents some scripts to either hide data or find hidden data. https://isc.sans.edu/diary/Hiding%20Payloads%20in%20Linux%20Extended%20File%20Attributes/32116 Cisco Patches Critical Identity Services Engine Flaw CVE-2025-20281, CVE-2025-20337, CVE-2025-20282 An unauthenticated user may execute arbitrary code as root across the network due to improperly validated data in Cisco s Identity Services Engine. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 Oracle Critical Patch Update Oracle patched 309 flaws across 111 products. 9 of these vulnerabilities have a critical CVSS score of 9.0 or higher. https://www.oracle.com/security-alerts/cpujul2025.html Broadcom releases VMware Updates Broadcom fixed a number of vulnerabilities for ESXi, Workstation, Fusion, and Tools. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877

In the security news: The train is leaving the station, or is it? The hypervisor will protect you, maybe The best thing about Flippers are the clones Also, the Flipper Zero as an interrogation tool Threats are commercial and open-source Who is still down with FTP? AI bug hunters Firmware for Russian drones Merging Android and ChromOS Protecting your assets with CVSS? Patch Citrixbleed 2 Rowhammer comes to NVIDIA GPUs I hear Microsoft hires Chinese spies Gigabyte motherboards and UEFI vulnerabilities McDonald's AI hiring bot: you want some PII with that? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-883

In the security news: The train is leaving the station, or is it? The hypervisor will protect you, maybe The best thing about Flippers are the clones Also, the Flipper Zero as an interrogation tool Threats are commercial and open-source Who is still down with FTP? AI bug hunters Firmware for Russian drones Merging Android and ChromOS Protecting your assets with CVSS? Patch Citrixbleed 2 Rowhammer comes to NVIDIA GPUs I hear Microsoft hires Chinese spies Gigabyte motherboards and UEFI vulnerabilities McDonald's AI hiring bot: you want some PII with that? Show Notes: https://securityweekly.com/psw-883

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

Canon printer driver vulnerabilities enable Windows kernel exploitation. Astonishing cyber-security awareness from a household appliance manufacturer. France tries to hook 2.5 million school children with a Phishing test. Wordpress added an abuse prone feature in 2022. Guess what happened? Oracle? Is there something you'd like to tell us? Utah's governor just signed the App Store Accountability Act. Now what? AI bots hungry for new data are DDoSing FOSS projects. No Microsoft Account? No Microsoft Windows 11. Gmail claims it now offers E2EE. It kinda sorta does. Somewhat. A dreaded CVSS 10.0 was discovered in Apache Parquet. A bunch of terrific listener feedback. What's Multi-Perspective Issuance Corroboration and why must all certificate authorities now do it? Show Notes - https://www.grc.com/sn/SN-1020-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: material.security threatlocker.com for Security Now canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT bitwarden.com/twit