Podcasts about cybersecurity

TeamPCP Update https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20008%20-%2026-Day%20Pause%20Ends%20with%20Three%20Concurrent%20Compromises%20%28Checkmarx%20KICS%2C%20Bitwarden%20CLI%20Cascade%2C%20xinference%20PyPI%29%2C%20CanisterSprawl%20npm%20Worm%20Identified%2C%20and%20Tier%201%20Coverage%20Returns/32926 https://socket.dev/blog/73-open-vsx-sleeper-extensions-glassworm https://checkmarx.com/blog/checkmarx-security-update-april-26/ 89 vulnerabilities in XAPI / Citrix XenServer https://shittrix.moksha.dk/#rationale Phantom RPC https://securelist.com/phantomrpc-rpc-vulnerability/119428/ Pi-Hole Vulnerability CVE-2026-41489 https://github.com/pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4 Linux Kernel Problem CVE-2026-41651 https://nvd.nist.gov/vuln/detail/CVE-2026-41651

Apple Patches Exploited Notification Flaw https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Notification%20Flaw/32922 Bitwarden CLI Compromised https://socket.dev/blog/bitwarden-cli-compromised https://community.bitwarden.com/t/bitwarden-statement-on-checkmarx-supply-chain-incident/96127 Microsoft Security Advisory CVE-2026-40372 ASP.NET Core Elevation of Privilege https://github.com/dotnet/announcements/issues/395

Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Beyond%20Cryptojacking%3A%20Telegram%20tdata%20as%20a%20Credential%20Harvesting%20Vector%2C%20Lessons%20from%20a%20Honeypot%20Incident/32888 Checkmarx Compromise https://socket.dev/blog/checkmarx-supply-chain-compromise Oracle Quarterly Critical Patch Update https://www.oracle.com/security-alerts/cpuapr2026.html Firefox 150 - Mythos AI https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/

Game designer and Atlantic writer Ian Bogost joins to argue that the true joy of technology is not frictionlessness, but the small sensory pleasures and constraints that keep us tethered to real life. Discover how AI could push us back into the world, not just behind our screens. CSA and Security Experts on Mythos Planning Scoop: NSA using Anthropic's Mythos despite Defense Department blacklist Mozilla Used Anthropic's Mythos to Find and Fix 271 Bugs in Firefox Anthropic's most dangerous AI model just fell into the wrong hands News: Anthropic Removes Claude Code From $20-A-Month "Pro" Subscription Plan For New Users (Developing) Anthropic Changes Pricing to Bill Firms Based on AI Use Amid Compute Crunch Microsoft's GitHub grounds Copilot account sign-ups amid capacity crunch Token demand makes an AI bubble unlikely, says Michael Dell Anthropic bites back in the compute wars with Amazon partnership SpaceX Strikes Deal With Cursor for $60 Billion Google Cloud Releases New TPU Chip Lineup in Bid to Speed Up AI Qwen3.6-35B-A3B: Agentic coding power, now open to all Kimi K2.6 Tech Blog: Advancing Open-Source Coding Sam Altman's "proof of human" company pushes into mainstream services Humanoid robots race past humans in Beijing half-marathon, showing rapid advances This Beanie Is Designed to Read Your Thoughts Next Time You Order a Dairy Queen Blizzard, You May Be Talking to AI Chip Maker TSMC Is More Bullish Than Ever on AI, Despite Iran War AI traffic to US retailers rose 393% in Q1, and it's boosting their revenue too Stanford's AI Index finds China has nearly closed the performance gap with the US despite spending 23 times less New Movie Trailer Shows First AI-Generated Performance By a Major Star: the Late Val Kilmer We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs This pasta sauce wants to record your family LeWorldModel: Stable End-to-End Joint-Embedding Predictive Architecture from Pixels Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Tokyo court rules movie and anime 'spoiler articles' are copyright infringement in landmark criminal case — detailed, monetized plot summaries land man in Japanese prison Meta to start capturing employee mouse movements, keystrokes for AI training data AI's New Training Data: Your Old Work Slacks And Emails Depths of Wikipedia GitHub - google-labs-code/design.md: A format specification for describing a visual identity to coding agents. DESIGN.md gives agents a persistent, structured understanding of a design system. Is Your Site Agent-Ready? Jeff's Gemini happy ending The Must-Have Item in Silicon Valley Is a $178 Sweater With a CEO's Face Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guests: Lucas and Ian Bogost Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: webroot.com/twit monarch.com with code IM outsystems.com/twit

Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

A .WAV With A Payload https://isc.sans.edu/diary/A%20.WAV%20With%20A%20Payload/32910 The Phishy GitHub Issue Case https://blog.atsika.ninja/posts/the-phishy-github-issue-case/ P4WNED: How Insecure Defaults in Perforce Expose Source Code Across the Internet https://morganrobertson.net/p4wned/

AI models like Anthropic's Mythos are finding software bugs at an unprecedented rate, kicking off a cybersecurity scramble to prevent what experts are calling “bugmageddon.” Thanks to these new models, hackers will be able to exploit those bugs more quickly than ever before. WSJ's Robert McMillan explains why major corporations and the White House are scrambling to patch their systems. Jessica Mendoza hosts. Further Listening: - The Battle Over AI in Warfare - AI Is Coming for Entry-Level JobsSign up for WSJ's free What's News newsletter. Learn more about your ad choices. Visit megaphone.fm/adchoices

Handling the CVE Flood With EPSS https://isc.sans.edu/diary/Handling%20the%20CVE%20Flood%20With%20EPSS/32914 Windows Server 2025 Out of Band Patch https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#4835 QEMU abused to evade detection and enable ransomware delivery https://www.sophos.com/en-us/blog/qemu-abused-to-evade-detection-and-enable-ransomware-delivery

In this episode of Timeout with Leaders, hosts Kevyn and Tyler sit down with Andrew Wilder, the Chief Security Officer at Vetcor. With over 18 years of experience at a global giant like Nestlé, Andrew shares his journey of transitioning from a high-pressure corporate environment to a leadership role that prioritizes family and human connection. The conversation dives deep into: Modern Leadership: Why Andrew shifted from being a "technical manager" to an empowering leader who embraces failure and "crazy ideas." The Human Element in Tech: A candid discussion on the impact of AI, the importance of "presence" in a digital world, and why the next generation should consider both high-tech and skilled trades. Life Lessons: Andrew shares the powerful impact of the poem "A Father's Lament" and how it reshaped his relationship with his children. Cybersecurity & Boards: Practical advice for new CSOs on how to present effectively to boards using the "noses in, fingers out" philosophy.

Check out host Bidemi Ologunde's new show: The Work Ethic Podcast, available on Spotify and Apple Podcasts.Email: bidemiologunde@gmail.comIn this episode, host Bidemi Ologunde examines the key global signals from April 13 to April 19, 2026: resignations and instability in the U.S. Congress, the political scramble over the looming FISA 702 expiration, and the growing sense that AI is becoming harder to control. What does it mean when political institutions look weaker just as surveillance systems and frontier AI models become more powerful? Why are governments and regulators sounding the alarm about AI-driven cyber risks while also racing to adopt the same tools? And are this week's headlines, from Washington to the battlefield to public robot spectacles, pointing to a more fragile and more frightening world order?Sponsors and partners:Promeed: 100% mulberry silk pillowcases and bedding that feel incredibly soft, stay breathable, and are naturally gentle on hair and skin.SurviveX: professional-grade FSA/HSA eligible first aid and preparedness kits designed in Virginia, USA and produced in an FDA-registered facility.Alison US CA: Alison is the world's largest free online learning and skills-training platform, helping more than 50 million learners in 193+ countries build career-ready skills with 6,000+ free courses, certificates, and diplomas.eSign (iOS only): eSign is a clean, privacy-first document-signing app that works entirely on your device, letting you sign PDFs, DOCX files, images, and scans, edit and assemble pages, and export crisp 300 DPI PDFs in seconds, without accounts, cloud uploads, or compromising sensitive documents.Support the show

The San Francisco AI firm Anthropic has developed a new model that it says is too powerful to be released to the public. Called Mythos, Anthropic says it's in a “different league” when it comes to identifying and exploiting cybersecurity vulnerabilities, and in the wrong hands could enable bad actors to unleash powerful cyberattacks. Anthropic is alerting governments and releasing a limited version called Claude Mythos Preview to about 40 tech companies (including some of its AI competitors) to find and fix their own security vulnerabilities. We look at how this next generation of AI could reshape digital security and policy. Guests: Alex Stamos, chief product officer, Corridor; computer science lecturer, Stanford University Learn more about your ad choices. Visit megaphone.fm/adchoices

For decades, network and security professionals have adapted to technology change in a piecemeal fashion: a new rule here, an upgrade there, a new product deployment over yonder. On today’s Packet Protector, co-host Jennifer ‘JJ’ Jabbusch makes the case for why several emerging technologies require IT pros to think about security at an architectural level.... Read more »

All links and images can be found on CISO Series This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining is Paul Drapeau, head of global information security, New Balance. In this episode: The logo trap Immunity through exposure The synthesis edge The cost of holding tight A huge thanks to our sponsor, Doppel This episode is sponsored by Doppel, the AI-native social engineering defense platform. Doppel strengthens human risk management by training employees to recognize deception, while our digital risk protection detects and disrupts attacks across every channel. Learn more at doppel.com

For decades, network and security professionals have adapted to technology change in a piecemeal fashion: a new rule here, an upgrade there, a new product deployment over yonder. On today’s Packet Protector, co-host Jennifer ‘JJ’ Jabbusch makes the case for why several emerging technologies require IT pros to think about security at an architectural level.... Read more »

Cloud platform Vercel confirms a data breach. Microsoft releases emergency updates to fix Windows Server restart loops. Bluesky gets DDoSed. Insurers keep close watch on an AI hiring discrimination suit. Cybersecurity workforce turnover rises. Scammers abuse Apple's email notification system. A Scattered Spider member pleads guilty to SMS phishing and cryptocurrency theft. Monday business brief. Our guest is Melissa K. Smith, SVP, Global Strategic Partnerships and Initiatives at SentinelOne, discussing building a unified defense through strategic partnerships. A budget beacon briefly betrays a boat's bearing.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices segment, we are joined by Melissa K. Smith, SVP, Global Strategic Partnerships and Initiatives at SentinelOne discussing building a unified defense through strategic partnerships. If you enjoyed this conversation, be sure to check out the full interview here. Selected Reading Vercel confirms breach as hackers claim to be selling stolen data (Bleeping Computer) Microsoft releases emergency updates to fix Windows Server issues (Bleeping Computer) Bluesky Disrupted by Sophisticated DDoS Attack (SecurityWeek) Who is liable when artificial intelligence makes mistakes? (Financial Times) Insurance carriers quietly back away from covering AI outputs (CSO Online) Compensation vs. Burnout: The New Retention Calculus for Cybersecurity Leaders (Security Boulevard) Watch out, hackers are abusing Apple account notifications to distribute malware, steal money and data (TechRadar) British Scattered Spider Hacker Pleads Guilty in the US (SecurityWeek) Business Briefing for 04.15.26 (CyberWire Pro) Dutch navy frigate tracked by mailing it a Bluetooth tracker (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Lumma Stealer infection with Sectop RAT (ArechClient2) https://isc.sans.edu/diary/Lumma%20Stealer%20infection%20with%20Sectop%20RAT%20%28ArechClient2%29/32904 Three Recent Windows Defender Vulnerabilities Exploited (one 0-day) https://x.com/HuntressLabs/status/2044882115574091960 FortiSandbox PoC Exploit CVE-2026-39808 https://github.com/samu-delucas/CVE-2026-39808?tab=readme-ov-file NIST Updates NVD Operations to Address Record CVE Growth https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn  Join SC Discord: https://SimplyCyber.io/Discord  News: https://cisoseries.com  Follow SC: https://simplycyber.io/socials

Cybersecurity expert Anders Push (Andrew Pish) returns to build a bridge of understanding on the future of A.I. Learn more about your ad choices. Visit megaphone.fm/adchoices

This was my twelfth RSA Conference. I know that because I remember the first one, 2012, and I've been counting ever since — not out of habit, but because each year feels like a chapter in a longer story I'm trying to read in real time. Twelve years of standing in that same building in San Francisco, watching an industry evolve, stumble, reinvent itself, and occasionally look in the mirror. In the early years it was pure technology. Cryptography, protocols, threat vectors, the architecture of defense. The conversations were technical, the energy was almost academic, the suits were slightly more formal. Then something shifted — gradually, then all at once, the way things usually do. The industry started talking about people. About culture. About the human beings sitting behind the keyboards and the very human mistakes they were making. The themes started reflecting it: community, togetherness, collective defense. Stronger Together. The Human Element. The Power of Community. Year after year, the message from the main stage was some variation of: we are more than our tools. People are what matter. Connection is the point. And then you'd walk the expo floor and see the booths. I'm not being cynical. The community is real — I've felt it, in the hallway conversations, in the side events, in the faces of people I've been running into for a decade who are genuinely trying to make the digital world safer. That part is true and it matters. But there's a growing gap between what the theme says and what the stage performs. And at RSAC 2026, that gap became impossible to ignore. Because this year, while the badge said The Power of Community, the keynotes were almost entirely about agents. Non-human ones. I wrote about this from a different angle in my first piece from RSAC — the Blade Runner angle, the NPC angle, the question of identity and intent when you can no longer tell the difference between a human action and an autonomous one. But there's another layer underneath that deserves its own space. It's the pattern. The twelve-year arc. An industry spends years — genuinely, sincerely — rediscovering the human element. Putting people at the center. Building a vocabulary around community, ethics, shared responsibility. And then, in what feels like a single conference cycle, it pivots to deploying a parallel workforce of non-human identities that outnumber us in our own systems, operate at speeds no human can follow, take actions no human directly authorized, and — here's the part that should make everyone pause — that a significant portion of organizations deploying them cannot monitor, cannot fully distinguish from human activity, and in many cases cannot stop once they're running. We built the community. Then we populated it with agents and handed them the keys. I kept thinking, walking those corridors, about the resistance. Not as a metaphor — or not only as a metaphor. In every story we've ever told about machines that gained too much autonomy, there's always a moment before the crisis where someone in the room knew. Where the warning existed. Where the design decision was made anyway because the pressure to ship, to scale, to compete was stronger than the instinct to pause. The difference between those stories and this moment is that we're not watching it happen to fictional characters. We're the ones making the design decisions. And unlike software — which you can patch, roll back, update at 3am while everyone is asleep — agents with autonomy and access are a different category of thing entirely. The old mantra of move fast and break things made a certain kind of sense when what you were breaking was a feature. It makes no sense at all when what you're deploying can act, chain consequences, and escalate — faster than any human response team can follow. This is where Asimov becomes relevant again. Not as nostalgia, not as science fiction trivia, but as a genuine design philosophy that the industry would do well to remember. His Three Laws of Robotics weren't invented as a plot device. They were a thought experiment in ethics-by-architecture — what does it look like to build the values into the system before the system runs, rather than hoping to correct the values after something goes wrong? He spent decades of stories showing that even the most carefully designed ethical constraints produce edge cases, contradictions, unintended consequences. But the point was never that ethics-by-design is perfect. The point was that without it, you don't have a fighting chance. We are, right now, at the moment before the laws get written. Some people at RSAC were saying this clearly — not from the main stage, but in the rooms and conversations where the more honest thinking tends to happen. The guardrails exist. The frameworks are being built. But they're being built while the deployment is already running, while the agents are already in the systems, while the governance structures are catching up to a reality that moved faster than the institutional response. That gap is the real story of RSAC 2026. Not the products. Not the keynote soundbites. The gap between the speed of deployment and the maturity of the thinking around what we're actually deploying. The community theme was right, actually — just not in the way the branding intended. The most important community at RSAC 2026 wasn't on the main stage. It was the quieter one: the engineers, researchers, practitioners, and security leaders who understand that we are at an inflection point, and that the decisions made in the next few years about how to design, govern, and constrain autonomous systems will matter far beyond the conference floor in San Francisco. Utopia and dystopia are not predetermined destinations. They're design outcomes. We still get to choose the architecture. But the window for making that choice thoughtfully — rather than reactively, in the middle of a crisis that moved faster than our guardrails — is not as wide as we might like to think. Asimov knew that. He wrote the laws before the robots ran. Maybe it's time we did the same. Stay imperfect, stay human. — Marco Let's keep exploring what it means to be human in this Hybrid Analog Digital Age. End of transmission. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Anthropic launches Claude Design, Mac mini gets harder to buy, TCL expands its Mini LED TV lineup. MP3 Please SUBSCRIBE HERE for free or get DTNS Live ad-free. A special thanks to all our supporters–without you, none of this would be possible. If you enjoy what you see you can support the show on Patreon,Continue reading "Cybersecurity Experts Find Major Flaws in European Commission's Age-Verification App – DTH"

S3E3: Healthcare Hacktivism-How the Iran War Has Expanded CyberSecurity Attack Surfaces Host: Frank Cutitta Guest: Denise Anderson, President, Health-ISAC To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

Cybersecurity Today Month-in-Review: RSAC AI Hype, Agentic Risks, Mythos Claims, and Real-World Resilience Jim Love hosts a delayed March month-in-review with panelists David Shipley and Laura Payne, starting with RSAC takeaways: agentic AI everywhere, heightened marketing spectacle, and industry tension as AI becomes the new "cool kid." They discuss the surge of autonomous agents, including OpenClaw-style experimentation leading to stolen tokens and the ease of social-engineering LLMs, plus legal and brand risks of chatbots after the Air Canada precedent. The panel debates Anthropic's source-code leak and "Mythos" messaging, while acknowledging AI tools are finding real zero-days amid massive technical debt and rising exploit speed, raising questions about liability and EU accountability. They highlight a positive case: Stryker Medical's rapid recovery after 80,000 devices were wiped via Intune settings, and note additional incidents targeting healthcare, critical infrastructure PLCs, supply-chain attacks, and longer-term impacts from major source-code thefts. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst   00:00 Show Intro Sponsor 00:22 Panel Welcome Setup 01:56 RSAC Vibes Agentic AI 03:19 Conference Hype Booths 06:32 AI Free Fridays Skills 08:12 Marketing Hype Filters 11:38 Agent Networks Gone Wild 16:00 Social Engineering LLMs 19:45 Chatbots Liability Law 23:13 Anthropic Leak Mythos 25:17 AI Code Quality Debate 29:28 Technical Debt Bug Mining 30:40 AI Hacking Era 32:09 Paying Down Tech Debt 32:54 Software Liability Shift 34:24 AI Pen Testing Scale 37:53 Token Costs and Proof 40:08 Canary Traps and Ethics 41:26 Blast Radius Resilience 44:17 Stryker Wipe Recovery 46:52 More Attacks Recap 50:07 Fast Cheap Code Debate 53:26 War Rules and Agents 56:32 Back to Basics Close 01:00:18 Final Thanks Sponsor

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Miranda Nazzaro, senior technology reporter for The Hill, talks about her reporting on Anthropic's Mythos model, which is unnerving some big businesses over cybersecurity concerns. Photo: Dario Amodei, CEO of Anthropic, delivers remarks at TechCrunch Disrupt 2023. (Credit: TechCrunch via Wikimedia Commons CC 2.0)

Compromised DVRs and Finding Them in the Wild https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Compromised%20DVRs%20and%20Finding%20Them%20in%20the%20Wild/32886 Cisco ISE RCE Vulnerability and WebEx Auth Bypass CVE-2026-20184 CVE-2026-20180 CVE-2026-20186 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL Windows Defender 0-Day (RedSun) https://github.com/Nightmare-Eclipse/RedSun Sonatype Vulnerability CVE-2026-5189 https://support.sonatype.com/hc/en-us/articles/50817138825491-CVE-2026-5189-Nexus-Repository-3-Hardcoded-Credential-in-Internal-Database-Component-2026-04-15

For episode 712 of the BlockHash Podcast, host Brandon Zemp is joined by Jacob Krell, Senior Director of Secure AI Solutions and Cybersecurity for Suzu Labs.Suzu Labs is an innovative cybersecurity and AI solutions provider, launched in 2025. The firm specializes in bridging the gap between artificial intelligence and security, offering tailored AI development, AI security assessments, and traditional cybersecurity services.

Do Androids Dream of Security Patches? Reflections from RSAC 2026 — Walking the Floor of the Agentic World   Marco Ciappelli Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly |

 What happens to the middle class when AI eats the job market faster than policy can respond? This episode unpacks the Tensor Economy — a working framework for routing AI-generated wealth back to the people instead of letting it concentrate in a handful of corporate hands. We walk through the three core mechanisms (Compute Dividend, Shared AI Equity, Automatic Stabilizers), the Market Access Lock that stops capital flight, and the Public Trust AI layer that disciplines private providers the same way municipal water keeps bottled water honest. Not socialism. Not communism. Capitalist infrastructure built for a post-labor era. If you want to understand what's coming and what stops it from going sideways, start here.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode, we host Robert Siciliano to examine why the biggest vulnerability in cybersecurity is so often not the technology, but the people using it. Drawing on decades of work in fraud prevention, identity protection, and security awareness, Robert argues that most organisations still treat cyber risk as a compliance issue rather than a human one. He explains why trust, routine, distraction, and fatigue continue to make employees the easiest route into organisations, even as firms invest heavily in technical controls.We discuss why awareness alone does not change behaviour, why phishing simulations and annual training often fail, and why security needs to be taught as a decision-making discipline grounded in empathy and personal relevance. From the “human blind spot” and the “shame barrier” to password habits, two-factor authentication, business email compromise, and the idea of employees as a strategic human firewall, this conversation offers a practical guide to the human side of cyber risk.We also explore how artificial intelligence is accelerating old threats and enabling new ones. From voice cloning and deepfakes to highly personalised scams, pig butchering, and the exploitation of loneliness and emotional vulnerability, Robert explains how criminals are learning to bypass not only technical systems, but human psychology itself.Robert Siciliano is a security expert, private investigator, and public speaker. He is the CEO of Safr.Me and Head Trainer at Protect Now. His work focuses on fraud prevention, identity protection, personal security, and the human side of cyber risk. For more than three decades, he has helped organisations and individuals understand how deception works and how to become tougher targets in an increasingly complex threat environment.The International Risk Podcast brings you conversations with global experts, frontline practitioners, and senior decision-makers who are shaping how we understand and respond to international risk. From geopolitical instability and organised crime to cybersecurity threats and hybrid warfare, each episode explores the forces transforming our world and what smart leaders must do to navigate them. Whether you're a board member, policymaker, or risk professional, The International Risk Podcast delivers actionable insights, sharp analysis, and real-world stories that matter.The International Risk Podcast is sponsored by Conducttr, a realistic crisis exercise platform. Conducttr offers crisis exercising software for corporates, consultants, humanitarian, and defence & security clients. Visit Conducttr to learn more.Dominic Bowen is the host of The International Risk Podcast and Europe's leading expert on international risk and crisis management. As Head of Strategic Advisory and Partner at one of Europe's leading risk management consulting firms, Dominic advises CEOs, boards, and senior executives across the continent on how to prepare for uncertainty and act with intent. He has spent decades working in war zones, advising multinational companies, and supporting Europe's business leaders. Dominic is the go-to business advisor for leaders navigating risk, crisis, and strategy; trusted for his clarity, calmness under pressure, and ability to turn volatility into competitive advantage. Dominic equips today's business leaders with the insight and confidence to lead through disruption and deliver sustained strategic advantage.Subscribe for all our updates!Tell us what you liked!Tell us what you liked!

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyber Check out Flare.io at https://simplycyber.io/flare Check out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphon SC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66Qn  Join SC Discord: https://SimplyCyber.io/Discord  News: https://cisoseries.com  Follow SC: https://simplycyber.io/socials

Scanning for AI Models https://isc.sans.edu/diary/Scanning%20for%20AI%20Models/32896 Microsoft Update Problems https://support.microsoft.com/en-us/topic/april-14-2026-kb5082063-os-build-26100-32690-c57e289d-27c9-47cd-a183-72fabc62c5d7#:~:text=Known%20issues%20in%20this%20update Microsoft RDP File Warnings https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/remotepc/understanding-security-warnings AI GitHub Action Vulnerabilities https://oddguan.com/blog/comment-and-control-prompt-injection-credential-theft-claude-code-gemini-cli-github-copilot/ https://www.theregister.com/2026/04/15/claude_gemini_copilot_agents_hijacked/ Wireguard Update https://lists.zx2c4.com/pipermail/wireguard/2026-April/009561.html

Proud to have Gary Washington on today's show. He is a former Air Force member, longtime federal IT leader, and former USDA CIO (eight years), now Chief Strategy Officer at ACT-IAC. Washington recounts his career across agencies including Treasury, HHS, FDA, OMB, and USDA, and explains how military discipline shaped his emphasis on documented plans, accountability, and trust. He discusses common resistance to change in large organizations, USDA's shift from decentralization toward centralization, and implementing the White House-driven IT Modernization Centers of Excellence through inclusive, business-driven governance, performance measurement, workforce education, RPA training, and results such as deactivating 37 data centers and consolidating networks and end-user support.https://www.actiac.org/act-iac-event/fellows-friends-day-domaine-fortier  ACT-IAC Gives Back: Wreaths Across America 2026 | ACT-IAC Small Business Alliance | ACT-IACSubscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on LinkedIn or visit http://www.actiac.org.Learn more about membership at https://www.actiac.org/join.Donate to ACT-IAC at https://actiac.org/donate. Intro/Outro Music: See a Brighter Day/Gloria TellsCourtesy of Epidemic Sound(Episodes 1-159: Intro/Outro Music: Focal Point/Young CommunityCourtesy of Epidemic Sound)

Cybersecurity regulation in Europe has entered a period of rapid expansion and fragmentation, moving well beyond traditional data protection into a complex framework governing enterprise security, product security, sector specific obligations, and supply chain risk.  In this episode of The Data Chronicles, we examine how evolving regimes such as NIS2, the Cyber Resilience Act, DORA, and proposed reforms to the EU Cybersecurity Act are reshaping legal and operational expectations for organizations operating across borders.  The discussion explores why global “one size fits all” security programs and reliance on baseline standards like ISO and NIST are no longer sufficient on their own, how post Brexit divergence between the EU and U.K. is creating material compliance challenges, and why cybersecurity has shifted from a best practice exercise to enforceable law – requiring tighter integration between legal, IT, and information security teams to execute compliance at scale.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Routers, computers, web cameras — they all connect to the internet. And they can be infected with malicious software that lets someone else take over. The device becomes a bot, essentially.A group of these devices networked together then becomes a botnet. And these botnets can then be used for nefarious purposes, like distributed denial of service attacks, without the device owners even knowing about it.Cybersecurity journalist Brian Krebs recently wrote about several large botnets including one called Kimwolf that compromised more than three million devices.

Routers, computers, web cameras — they all connect to the internet. And they can be infected with malicious software that lets someone else take over. The device becomes a bot, essentially.A group of these devices networked together then becomes a botnet. And these botnets can then be used for nefarious purposes, like distributed denial of service attacks, without the device owners even knowing about it.Cybersecurity journalist Brian Krebs recently wrote about several large botnets including one called Kimwolf that compromised more than three million devices.

Microsoft Patch Tuesday April 2026 https://isc.sans.edu/forums/diary/Microsoft%20Patch%20Tuesday%20April%202026./32898/ Adobe Patches https://helpx.adobe.com/security/Home.html Fortinet Patches https://fortiguard.fortinet.com/psirt

Send us Fan MailCybercrime is evolving faster than most people realize — and AI is accelerating the threat. In this eye-opening episode of Joey Pinz Conversations, Joey Pinz sits down with cybersecurity expert and entrepreneur Catherine Karow to explore how artificial intelligence is transforming scams, fraud, and digital security.From deepfake voice calls to identity theft targeting children and retirees, Catherine shares the real dangers facing families today and what people can do right now to protect themselves. Drawing from her experience in enterprise cybersecurity and her work building the family-focused protection platform Zora Safe, she reveals why everyday users are the most vulnerable and how awareness is the first line of defense.Beyond cybersecurity, Catherine also shares her personal journey — from theater and programming to working on major tech projects and even contributing to initiatives connected with the White House. She opens up about overcoming health challenges, navigating the tech industry as a female entrepreneur, and building technology with purpose.This conversation is packed with practical cybersecurity tips, real-world stories, and powerful insights about resilience, innovation, and protecting the people we love. ⭐ Top 3 Highlights

April 15, 2027: A failed sneaker brand rebrands as an AI compute company and its stock jumps 600% in a day — and that tells us something important about the race for AI infrastructure. Then, OpenAI releases GPT-5.4-Cyber, a specialized cybersecurity model, and quietly rewrites the rules for how dangerous AI gets deployed. The shift from restricting what models can do to verifying who can access them has direct implications for every business leader thinking about AI governance.

You know or you should know that nothing is private anymore. Whatever you load into your desktop, your laptop or your phone can be accessed by someone else or so is the warning tech experts give all the time. One of our End Bits today deals with your email messages and who can access them. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Roundtable Panel: a daily open discussion of issues in the news and beyond. Today's panelists are Stuart Rice Honorary Chair at the University of Massachusetts Amherst's College of Information and Computer Sciences (CICS) and Faculty Associate at the Berkman Klein Center for Internet and Society at Harvard University Fran Berman, public policy and communications expert Theresa Bourgeois, Dean of the College of Emergency Preparedness, Homeland Security and Cybersecurity at the University at Albany Robert Griffin, and Vice President for Editorial Development at the New York Press Association Judy Patrick.

Scans for EncystPHP Webshell https://isc.sans.edu/diary/Scans%20for%20EncystPHP%20Webshell/32892 CPUID Compromise https://securelist.com/tr/cpu-z/119365/ https://x.com/d0cTB/status/2042520961824559150 OpenAI Mac Application Update due to Axios Compromise https://openai.com/index/axios-developer-tool-compromise/ Axios Vulnerability CVE-2026-40175 https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx

Threat actors are behaving more like professional organizations in an effort to launch more effective and profitable attacks. We explore this and other themes from the latest Threat Labs report from HPE, our sponsor for today's Packet Protector episode. We also look at how older vulnerabilities are still contributing to today's exploits, why security organizations... Read more »

Threat actors are behaving more like professional organizations in an effort to launch more effective and profitable attacks. We explore this and other themes from the latest Threat Labs report from HPE, our sponsor for today's Packet Protector episode. We also look at how older vulnerabilities are still contributing to today's exploits, why security organizations... Read more »

Anthropic has built an AI model so sharp it's being withheld from the public, sparking debate over who gets access to world-changing tech and who's left behind. Hear how this "too dangerous" AI could tip the balance for the world's most powerful players. This episode unpacks the fresh moral minefields created when cutting-edge tech collides with politics, security, and human lives. Anthropic says its most powerful AI cyber model is too dangerous to release publicly — so it built Project Glasswing Sam Altman Fire Bombing Response OpenAI Backs Bill That Would Limit Liability for AI-Enabled Mass Deaths or Financial Disasters Samsung flags eightfold jump in quarterly profit as AI chip demand pumps prices SpaceX Posted Nearly $5 Billion Loss Last Year from AI Spending Trump administration plans to cut cybersecurity agency's budget by $700 million CPUID hijacked to serve malware as HWMonitor downloads GTA 6 Developer Rockstar Reportedly Hacked, Data Being Ransomed FBI used iPhone notification data to retrieve deleted Signal messages - 9to5Mac ICE acknowledges it is using powerful spyware Helium Is Hard to Replace John Deere to Pay $99 Million in Monumental Right-to-Repair Settlement France's government is ditching Windows for Linux, calling US tech dependence a strategic risk The disturbing white paper Red Hat is trying to erase from the internet DOJ Top Antitrust Litigators Exit After Ticketmaster Settlement My Quest to Solve Bitcoin's Great Mystery Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% 'Abhorrent': the inside story of the Polymarket gamblers betting millions on war Host: Leo Laporte Guests: Doc Rock, Jason Hiner, and Mike Elgan Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit ZipRecruiter.com/twit threatlocker.com/twit joindeleteme.com/twit promo code TWIT meter.com/twit

Obfuscated JavaScript or Nothing https://isc.sans.edu/diary/Obfuscated%20JavaScript%20or%20Nothing/32884 Numbers in Passwords https://isc.sans.edu/diary/Number%20Usage%20in%20Passwords%3A%20Take%20Two/32866 Adobe 0-Day Patch CVE-2026-34621 https://helpx.adobe.com/security/products/acrobat/apsb26-43.html ClickFix Bypass via ScriptEditor https://www.jamf.com/blog/clickfix-macos-script-editor-atomic-stealer/

In this bonus episode of 7 Minute Stories Presents: Storytelling University, Aaron Calafato sits down with David Moulton to explore the unexpected intersection of storytelling and cybersecurity. At first glance, cybersecurity feels purely technical. But underneath it? It is a story as old as time. As Senior Director of Content and Thought Leadership at Palo Alto Networks and host of the Threat Vector podcast, David works at the center of how complex cybersecurity ideas are translated into stories that leaders, teams, and organizations can actually understand and act on. He breaks down how storytelling transforms invisible threats into something tangible, helping influence decisions from the SOC to the C suite. From product strategy to executive communication, this conversation reveals how narrative becomes the bridge between technical reality and human behavior. You will hear: Why cybersecurity is fundamentally a human story, not just a technical one How storytelling helps organizations make better decisions under pressure The difference between facts that inform and stories that move people A powerful framework for telling effective stories in business Special Guest: David Moulton | https://www.davidrmoulton.com/ Team: *Audio Engineer: Ken Wendt *The Storytelling University is part of the 7 Minute Stories Universe Created, Produced and Edited by Aaron Calafato & Brooks Borden Love 7MS & TSU? Here's how to support: *Follow the pod wherever you're listening *Tap 5 Stars *Text one person you love a link to your favorite episode.

Anthropic has built an AI model so sharp it's being withheld from the public, sparking debate over who gets access to world-changing tech and who's left behind. Hear how this "too dangerous" AI could tip the balance for the world's most powerful players. This episode unpacks the fresh moral minefields created when cutting-edge tech collides with politics, security, and human lives. Anthropic says its most powerful AI cyber model is too dangerous to release publicly — so it built Project Glasswing Sam Altman Fire Bombing Response OpenAI Backs Bill That Would Limit Liability for AI-Enabled Mass Deaths or Financial Disasters Samsung flags eightfold jump in quarterly profit as AI chip demand pumps prices SpaceX Posted Nearly $5 Billion Loss Last Year from AI Spending Trump administration plans to cut cybersecurity agency's budget by $700 million CPUID hijacked to serve malware as HWMonitor downloads GTA 6 Developer Rockstar Reportedly Hacked, Data Being Ransomed FBI used iPhone notification data to retrieve deleted Signal messages - 9to5Mac ICE acknowledges it is using powerful spyware Helium Is Hard to Replace John Deere to Pay $99 Million in Monumental Right-to-Repair Settlement France's government is ditching Windows for Linux, calling US tech dependence a strategic risk The disturbing white paper Red Hat is trying to erase from the internet DOJ Top Antitrust Litigators Exit After Ticketmaster Settlement My Quest to Solve Bitcoin's Great Mystery Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% 'Abhorrent': the inside story of the Polymarket gamblers betting millions on war Host: Leo Laporte Guests: Doc Rock, Jason Hiner, and Mike Elgan Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit ZipRecruiter.com/twit threatlocker.com/twit joindeleteme.com/twit promo code TWIT meter.com/twit

This week, we look at the cybersecurity threats that a new unreleased model from Anthropic are posing to software everywhere. And we ask whether Project Glasswing, the company's bold new defense initiative, will give tech companies enough of a head start to secure the web. Then, we're joined by Ronan Farrow and Andrew Marantz of The New Yorker to discuss their blockbuster new profile of Sam Altman. And finally, we look to the skies for this edition of One Good Thing.    Guests: Ronan Farrow, investigative reporter and a contributing writer to The New Yorker. Andrew Marantz, staff writer at The New Yorker.   Additional Reading: Anthropic Claims Its New A.I. Model, Mythos, Is a Cybersecurity ‘Reckoning' Why Anthropic's New Model Has Cybersecurity Experts Rattled Sam Altman May Control Our Future — Can He Be Trusted? Artemis II Moon Launch We want to hear from you. Email us at hardfork@nytimes.com. Find “Hard Fork” on YouTube and TikTok. Subscribe today at nytimes.com/podcasts or on Apple Podcasts and Spotify. You can also subscribe via your favorite podcast app here https://www.nytimes.com/activate-access/audio?source=podcatcher. For more podcasts and narrated articles, download The New York Times app at nytimes.com/app. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.