POPULARITY
Categories
The episode starts with the passage of California's groundbreaking AI transparency law, marking the first legislation in the United States that mandates large AI companies to disclose their safety protocols and provide whistleblower protections. This law applies to major AI labs like OpenAI, Anthropic, and Google DeepMind, requiring them to report critical safety incidents to California's Office of Emergency Services and ensure safety for communities while promoting AI growth. This regulation is a clear signal that the compliance wave surrounding AI is real, with California leading the charge in shaping the future of AI governance.The second story delves into a new cybersecurity risk in the form of the first known malicious Model Context Protocol (MCP) server discovered in the wild. A rogue npm package, "postmark-mcp," was found to be forwarding email data to an external address, exposing sensitive communications. This incident raises concerns about the security of software supply chains and highlights how highly trusted systems like MCP servers are being exploited. Service providers are urged to be vigilant, as this attack marks the emergence of a new vulnerability within increasingly complex software environments.Moving to Microsoft, the company is revamping its Marketplace to introduce stricter partner rules and enhanced discoverability for partner solutions. Microsoft's new initiative, Intune for MSPs, aims to address the needs of managed service providers who have long struggled with multi-tenancy management. Additionally, the company's new "Agent Mode" in Excel and Word promises to streamline productivity by automating tasks but has raised concerns over its accuracy. Despite the potential, Microsoft's tightening ecosystem requires careful navigation for both customers and partners, with compliance and risk management being central to successful engagement.Finally, Broadcom's decision to end support for VMware vSphere 7 has left customers with difficult decisions. As part of Broadcom's transition to a subscription-based model, customers face either costly upgrades, cloud migrations, or reliance on third-party support. Gartner predicts that a significant number of VMware customers will migrate to the cloud in the coming years, and this shift presents a valuable opportunity for service providers to act as trusted advisors in guiding clients through the transition. For those who can manage the complexity of this migration, there's a once-in-a-generation opportunity to capture long-term customer loyalty. Three things to know today00:00 California Enacts Nation's First AI Transparency Law, Mandating Safety Disclosures and Whistleblower Protections05:25 First Malicious MCP Server Discovered, Exposing Email Data and Raising New Software Supply Chain Fears07:16 Microsoft's New Playbook: Stricter Marketplace, Finally Some MSP Love, and AI That's Right Only Half the Time11:07 VMware Customers Face Subscription Shift, Rising Cloud Moves, and Risky Alternatives as Broadcom Ends vSphere 7 This is the Business of Tech. Supported by: https://scalepad.com/dave/https://mailprotector.com/ Webinar: https://bit.ly/msprmail All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
How identity security can keep pace with the evolving threat landscape, with Brett Winterford Today's threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious ramifications for businesses. Brett Winterford, VP of Okta Threat Intelligence, shares findings from his team's most recent investigations, as well as recommendations for organizations looking to strengthen their defenses. Segment Resources https://www.okta.com/newsroom/articles/okta-threat-intelligence-exposes-genai-s-role-in-dprk-it-scams/ https://www.okta.com/newsroom/articles/okta-observes-v0-ai-tool-used-to-build-phishing-sites/ https://sec.okta.com/articles/uncloakingvoidproxy/ How to navigate app development in the AI era with Shiv Ramji As AI reshapes how applications are built and consumed, developers and engineering leaders face a new set of challenges: enabling innovation while maintaining security. In this interview, Auth0 President Shiv Ramji will discuss the shifting landscape of application development in the AI era. He'll discuss the shift toward developing AI agents that are secure by design and standards-first so they can thrive within an interconnected web of applications and systems. How AI agents are reshaping cybersecurity from the inside out with Damon McDougald AI is being harnessed to transform cybersecurity operations—from automating routine tasks to closing skills gaps and accelerating incident response. Damon McDougald, Global Security Services Lead at Accenture, shares how agents can cut through alert fatigue and proactively defend against threats at scale. Damon also outlines the identity risks these agents introduce—and what cybersecurity leaders must do now to secure their access and maintain control in an increasingly autonomous environment. All three segments are sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-426
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively lowering the barrier to entry for large-scale spam and phishing campaigns.In light of increasing attacks on open source ecosystems, GitHub has disclosed recent security incidents affecting the npm registry, including the Shai-Hulud worm.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
How identity security can keep pace with the evolving threat landscape, with Brett Winterford Today's threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious ramifications for businesses. Brett Winterford, VP of Okta Threat Intelligence, shares findings from his team's most recent investigations, as well as recommendations for organizations looking to strengthen their defenses. Segment Resources https://www.okta.com/newsroom/articles/okta-threat-intelligence-exposes-genai-s-role-in-dprk-it-scams/ https://www.okta.com/newsroom/articles/okta-observes-v0-ai-tool-used-to-build-phishing-sites/ https://sec.okta.com/articles/uncloakingvoidproxy/ How to navigate app development in the AI era with Shiv Ramji As AI reshapes how applications are built and consumed, developers and engineering leaders face a new set of challenges: enabling innovation while maintaining security. In this interview, Auth0 President Shiv Ramji will discuss the shifting landscape of application development in the AI era. He'll discuss the shift toward developing AI agents that are secure by design and standards-first so they can thrive within an interconnected web of applications and systems. How AI agents are reshaping cybersecurity from the inside out with Damon McDougald AI is being harnessed to transform cybersecurity operations—from automating routine tasks to closing skills gaps and accelerating incident response. Damon McDougald, Global Security Services Lead at Accenture, shares how agents can cut through alert fatigue and proactively defend against threats at scale. Damon also outlines the identity risks these agents introduce—and what cybersecurity leaders must do now to secure their access and maintain control in an increasingly autonomous environment. All three segments are sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-426
How identity security can keep pace with the evolving threat landscape, with Brett Winterford Today's threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious ramifications for businesses. Brett Winterford, VP of Okta Threat Intelligence, shares findings from his team's most recent investigations, as well as recommendations for organizations looking to strengthen their defenses. Segment Resources https://www.okta.com/newsroom/articles/okta-threat-intelligence-exposes-genai-s-role-in-dprk-it-scams/ https://www.okta.com/newsroom/articles/okta-observes-v0-ai-tool-used-to-build-phishing-sites/ https://sec.okta.com/articles/uncloakingvoidproxy/ How to navigate app development in the AI era with Shiv Ramji As AI reshapes how applications are built and consumed, developers and engineering leaders face a new set of challenges: enabling innovation while maintaining security. In this interview, Auth0 President Shiv Ramji will discuss the shifting landscape of application development in the AI era. He'll discuss the shift toward developing AI agents that are secure by design and standards-first so they can thrive within an interconnected web of applications and systems. How AI agents are reshaping cybersecurity from the inside out with Damon McDougald AI is being harnessed to transform cybersecurity operations—from automating routine tasks to closing skills gaps and accelerating incident response. Damon McDougald, Global Security Services Lead at Accenture, shares how agents can cut through alert fatigue and proactively defend against threats at scale. Damon also outlines the identity risks these agents introduce—and what cybersecurity leaders must do now to secure their access and maintain control in an increasingly autonomous environment. All three segments are sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more! Show Notes: https://securityweekly.com/esw-426
How identity security can keep pace with the evolving threat landscape, with Brett Winterford Today's threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious ramifications for businesses. Brett Winterford, VP of Okta Threat Intelligence, shares findings from his team's most recent investigations, as well as recommendations for organizations looking to strengthen their defenses. Segment Resources https://www.okta.com/newsroom/articles/okta-threat-intelligence-exposes-genai-s-role-in-dprk-it-scams/ https://www.okta.com/newsroom/articles/okta-observes-v0-ai-tool-used-to-build-phishing-sites/ https://sec.okta.com/articles/uncloakingvoidproxy/ How to navigate app development in the AI era with Shiv Ramji As AI reshapes how applications are built and consumed, developers and engineering leaders face a new set of challenges: enabling innovation while maintaining security. In this interview, Auth0 President Shiv Ramji will discuss the shifting landscape of application development in the AI era. He'll discuss the shift toward developing AI agents that are secure by design and standards-first so they can thrive within an interconnected web of applications and systems. How AI agents are reshaping cybersecurity from the inside out with Damon McDougald AI is being harnessed to transform cybersecurity operations—from automating routine tasks to closing skills gaps and accelerating incident response. Damon McDougald, Global Security Services Lead at Accenture, shares how agents can cut through alert fatigue and proactively defend against threats at scale. Damon also outlines the identity risks these agents introduce—and what cybersecurity leaders must do now to secure their access and maintain control in an increasingly autonomous environment. All three segments are sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more! Show Notes: https://securityweekly.com/esw-426
Wikipedia isn't just an online encyclopedia—it's the backbone of the internet. From Google search results to AI training models, it shapes the information billions of people see every single day. But what if the platform has been hijacked by hidden agendas, activist editors, and dark networks working behind the scenes? SPONSORS: Grab your free seat to the 2-Day AI Mastermind: https://link.outskill.com/ANDREWS2 Cut your wireless bill to 15 bucks a month at https://mintmobile.com/heretics Start your MyHeritage journey now with a 14-day free trial using my link: https://bit.ly/AndrewGoldMyHeritage Go to https://TryFum.com/HERETICS and use code HERETICS to get your free FÜM Topper when you order your Journey Pack today! In this explosive interview, journalist and author Ashley Rindsberg exposes the shocking truth about how Wikipedia really works—and why it's far more dangerous than you think. We discuss how powerful figures can manipulate narratives, how controversial topics from grooming gangs to Kyle Rittenhouse get rewritten, why certain murders are buried, and how anyone who challenges the system—whether it's Charlie Kirk, Elon Musk, or even independent journalists—gets targeted. Ashley reveals how Wikipedia editors attack reputations, censor stories that don't fit the narrative, and even transform encyclopedic entries into propaganda tools. We dig into the billion-dollar industry of paid Wikipedia editing, the war against outlets like the Daily Mail, and the frightening way this information monopoly is now feeding artificial intelligence systems that will shape the future. If you've ever trusted Wikipedia—or relied on Google—you need to hear this conversation. #Wikipedia #FreeSpeech #Heretics Join the 30k heretics on my mailing list: https://andrewgoldheretics.com Check out my new documentary channel: https://youtube.com/@andrewgoldinvestigates Andrew on X: https://twitter.com/andrewgold_ok Insta: https://www.instagram.com/andrewgold_ok Heretics YouTube channel: https://www.youtube.com/@andrewgoldheretics Chapters: 0:00 Ashley Rindsberg Highlights 1:10 Wikipedia Can Ruin Our Lives 3:10 The Clintons Did THIS 6:10 Charlie Kirk's Wikipedia 8:10 George Floyd, Iryna Zarutska & Charlie Kirk 11:10 Andrew Can't Get A Wikipedia Page 12:10 The Truth About The Dark Agencies! 14:35 The Daily Mail Is Wiki's Enemy 18:00 Iryna Zarutska: What Really Happened 20:10 This is Malicious! 23:00 Konstantin Kisin's Point About Charlie Kirk 24:10 What The Left Really Care About 26:10 Kyle Rittenhouse Hypocrisy 29:40 Grooming Gangs - They Blamed Us! 34:10 Maniacs In Charge 37:00 Greta Thunberg A Proven Liar 38:40 Reddit & Bluesky Madness 41:10 Elon Musk & Sam Altman 44:10 Woke Football Players 47:10 How We Can Push Back Against This 49:30 Alternatives to Wikipedia 50:40 A Heretic Ashley Rindsberg Admires Learn more about your ad choices. Visit megaphone.fm/adchoices
AI for Impact: How Nonprofits Are Turning Tech into Social GoodIn this episode of CharityVillage Connects, we explore how nonprofits across Canada are beginning to harness the power of artificial intelligence to advance their missions. Through real-world case studies and conversations with sector leaders, we spotlight tangible examples of how AI is being used today, from streamlining operations and enhancing donor engagement to improving service delivery. Tune in today for practical insights and inspiration to help you navigate this fast-evolving landscape. Meet Our Guests in Order of Appearance Elena Yunusov, Executive Director, Human Feedback FoundationAnne-Marie Newton, President and CEO, CAMH FoundationDan Kershaw, Executive Director, Furniture BankJason Shim, Chief Digital Officer, Canadian Centre for Nonprofit Digital ResilienceTim Lockie, Chief Executive Officer, The Human StackJessica Vestergaard, Grant Writer & Founder, Written With PurposeAbout your HostMary Barroll, president of CharityVillage, is an online business executive and lawyer with a background in media, technology and IP law. A former CBC journalist and independent TV producer, in 2013 she was appointed General Counsel & VP Media Affairs at CharityVillage.com, Canada's largest job portal for charities and not for profits in Canada, and then President in 2021. Mary is also President of sister company, TalentEgg.ca, Canada's No.1, award-winning job board and online career resource that connects top employers with top students and grads.Additional Resources from this EpisodeWe've gathered the resources from this episode into one helpful list:Canada Launches Landmark National Program to Equip Nonprofits with AI for Social Impact Raise program (Human Feedback Foundation 2025) A made-in-Canada model for responsible AI is putting nonprofits at the centre (Digital Journal, 2025)Her job interview was with an AI bot. It was odd (CBC, 2025)Digital Guidance (The Human Stack, 2021)CCNDR Research reports on tech skills gaps (CCNDR, 2025)AI and Automation (CICP, 2025)Getting Started with AI in 2025 (Furniture Bank, 2025)Unlocking the Power of Deep Research: Opportunity AI at work (Furniture Bank, 2025)‘Malicious' AI willing to sacrifice human lives to avoid being shut down, shocking study reveals (NY Post, 2025)The Grant Circle (Written with Purpose, 2025)Learn more and listen to the full interviews with the guests here.#podcast #giving #AI
Murrumbidgee Police are asking for CCTV footage they believe could help them track down two males, who are allegedly responsible for slashing tyre of vehicles parked on Hillam Drive and Citrus Road. Inspector Glenn Smith joined Triple M Breakfast for the latest Murrumbidgee Police District update.See omnystudio.com/listener for privacy information.
Parce que… c'est l'épisode 0x629! Shameless plug 12 au 17 octobre 2025 - Objective by the sea v8 14 et 15 octobre 2025 - ATT&CKcon 6.0 14 et 15 octobre 2025 - Forum inCyber Canada Code rabais de 30% - CA25KDUX92 4 et 5 novembre 2025 - FAIRCON 2025 10 au 12 novembre 2025 - IAQ - Le Rendez-vous IA Québec 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2026 Description Notes Apple Memory Integrity Enforcement: A complete vision for memory safety in Apple devices iCloud Calendar abused to send phishing emails from Apple's servers Dormant macOS Backdoor ChillyHell Resurfaces Microsoft Microsoft Patch Tuesday September 2025 Fixes Risky Kernel Flaws Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” Senator blasts Microsoft for ‘dangerous, insecure software' that helped pwn US hospitals Microsoft adds malicious link warnings to Teams private chats Microsoft cloud services disrupted by Red Sea cable cuts Microsoft is officially sending employees back to the office. Read the memo Supply chain Hackers Booked Very Little Profit with Widespread npm Supply Chain Attack Hackers Hijacked 18 Very Popular npm Packages With 2 Billion Weekly Downloads Défensif The Quiet Revolution in Kubernetes Security TailGuard - La solution Docker qui marie WireGuard et Tailscale pour du VPN surpuissant Geedge & MESA Leak: Analyzing the Great Firewall's Largest Document Leak Forget disappearing messages – now Signal will store 100MB of them for you for free Introducing Signal Secure Backups We have early access to Android Security Bulletin patches MISP 2.5.21 Released with a new recorrelate feature, various fixes and updates Threat Actor Installed EDR on Their Systems, Revealing Workflows and Tools Used Offensif Jaguar Land Rover discloses a data breach after recent cyberattack Jaguar Land Rover extends shutdown after cyber attack Salty2FA Takes Phishing Kits to Enterprise Level Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091 Weaponizing Ads: How Governments Use Google Ads and Facebook Ads to Wage Propaganda Wars Spectre haunts CPUs again: VMSCAPE vulnerability leaks cloud secrets VirusTotal finds hidden malware phishing campaign in SVG files IA CVE-2025-58444 - MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server Cursor AI Code Editor RCE Vulnerability Enables “autorun” of Malicious on your Machine The Software Engineers Paid to Fix Vibe Coded Messes TheAuditor - L'outil de sécurité qui rend vos assistants IA moins laxistes sur la sécurité de votre code Insolite / Divers Brussels faces privacy crossroads over encryption backdoors My Latest Book: Rewiring Democracy A love letter to Internet Relay Chat Collaborateurs Nicolas-Loïc Fortin Crédits Montage par Intrasecure inc Locaux réels par Intrasecure inc
I'm sure you've seen the news...At the outset, the recent announcement of the "America by Design" initiative and the new "National Design Studio" is quite exciting. It's a huge spotlight on our field.But it also feels a bit strange, doesn't it? Because it wasn't so long ago that the US government had 18F, an entire organization dedicated to improving the user experience of its services. And then, in early 2025, it was deemed "non-essential" and unceremoniously "deleted".One of the people right in the middle of it all was our guest, Ron Bronson. As the Head of Design at 18F, he was at the forefront of applying service design within the complexities of government. So, you can imagine that when Ron sat down with me for the conversation, it wasn't just a walk in the park. We dove into some juicy questions that challenge the very core of our practice. Is service design too opaque and stuck in its own craft? What if we reframed our work as a form of “design as repair”? Why might AI actually be the biggest blessing for service design yet? I can assure you, this is a conversation that will get you out of your comfort zone in the best way possible. So, if you're ready to be challenged with some fresh perspectives, make sure you tune in to this one.Even though we tackle some pretty huge topics in the episode, Ron brings it all back to a simple, powerful idea right at the end of the conversation. Can you take a guess? (Hint: it's about zooming in, not out ).Enjoy the episode and keep making a positive impact!Be well,~ Marc--- [ 1. GUIDE ] --- 00:00 Welcome to Episode 23604:00 Who is Ron05:30 Service design is too opaque 07:45 Importing service design to the US09:30 Conversations designers should be having10:00 The "best service experience" during a crisis12:50 The Trojan Horse strategy for designers14:30 Creating a "pull" for service design from within17:30 The power of doing "uninvited" work23:00 Examples of a golden nugget26:00 Trust as a core deliverable27:00 What students get wrong about design29:45 The gap between conferences and reality32:00 Idea of consequence design34:30 Design as repair: A new mindset37:30 The "forward deployed" designer.39:30 What would change if we adopt this mindset 45:00 Making service design ubiquitous46:30 Right way to frame a problem48:30 Are organizations in the service business?51:30 The blessing & curse of "doing the work"54:15 How he hopes service design would look in 3-5 years57:00 AI: A blank space for service designers59:15 Questions to ask about AI1:01:14 Malicious path vs. ideal path1:02:45 A question to ponder1:04:30 What can you fix1:07:15 Get in touch --- [ 2. LINKS ] --- LinkedIn - https://www.linkedin.com/in/ronbronson/BlueSky - https://bsky.app/profile/ronbronson.com Website - https://www.ronbronson.design/ https://consequencedesign.org/ --- [ 3. CIRCLE ] --- Join our private community for in-house service design professionals. https://servicedesignshow.com/circle--- [ 4. FIND THE SHOW ON ] ---Youtube ~ https://go.servicedesignshow.com/236-youtubeApple ~ https://go.servicedesignshow.com/236-appleSnipd ~ https://go.servicedesignshow.com/236-snipdSpotify ~ https://go.servicedesignshow.com/236-spotify
How did a Wall Street-bound grad become a pioneer in counterterrorism and threat intelligence? In this episode, Josh Lefkowitz, CEO of Flashpoint, joins Ari to unpack that journey — and share critical insights from the frontlines of global threat monitoring.Josh shares how 9/11 transformed his career trajectory and catalyzed his entry into the national security world. Fast forward to today, Flashpoint supports over 800 global clients with intelligence spanning jihadist networks, cybercrime, and geopolitical threats.From the rise of AI-enabled fraud to North Korea's massive infiltration of the Fortune 500 via remote IT workers, Josh details the most urgent risks facing both public and private sectors. He explains how adversaries are blending AI, stolen data, and social engineering in increasingly sophisticated attacks—and why we're only in the early innings.You'll also hear about:The staggering rise of infostealer malware and its role in ransomwareHow Flashpoint blends scalable tech with human analysts to stay aheadWhy collaboration is now essential: one team, one fightThe game-changing Flashpoint–TRM integration that unites on- and off-chain intelligenceAs adversaries evolve, so must our defenses. This is a masterclass in intelligence, innovation, and what it takes to build security in real time.
In China, a customer posted on social media that a barbecue restaurant had poor food quality and alleged that it caused an acute case of gastroenteritis. The restaurant owner filed a lawsuit, and the court ruled in the restaurant's favor. This case raises important questions about the legal boundaries for posting critical online reviews, and how platforms and regulations should oversee such user feedback. / Can twistable tiny toys fidget your way to focus (14:13)? On the show: Steve, Niu Honglin & Yushan
Will Ashford-Brown, Director Strategic Insights, Heligan GroupIt has been suggested that more than a third of businesses globally are affected every year by insider threats – it is the cybersecurity issue that not enough companies are focusing on! Organisations are implementing increasingly sophisticated defences against external cyberattacks but that just makes the dangers of malicious and even unintentional insider threats more acute. Robin Amlôt of IBS Intelligence speaks to Will Ashford-Brown, Director Strategic Insights at Heligan Group.
Malicious nx Packages leak GitHub, Cloud, and AI Credentials North Korean remote worker scheme boosted by generative AI The Netherlands announces Salt Typhoon penetration Huge thanks to our sponsor, Prophet Security Security teams are drowning in alerts - many companies generate upwards of 1000 or more alerts a day, and nearly half go ignored. That's where Prophet Security comes in. Their AI SOC platform automatically triages and investigates alerts, so your team can focus on real threats instead of busywork. Faster response, less burnout, and lower risk to your business. Learn more at prophetsecurity.ai. Find the stories behind the headlines at CISOseries.com.
This is a recap of the top 10 posts on Hacker News on August 27, 2025. This podcast was generated by wondercraft.ai (00:30): Dissecting the Apple M1 GPU, the endOriginal post: https://news.ycombinator.com/item?id=45034537&utm_source=wondercraft_ai(01:55): MonodrawOriginal post: https://news.ycombinator.com/item?id=45037904&utm_source=wondercraft_ai(03:20): Scientist exposes anti-wind groups as oil-funded, now they want to silence himOriginal post: https://news.ycombinator.com/item?id=45036231&utm_source=wondercraft_ai(04:45): Nx compromised: malware uses Claude code CLI to explore the filesystemOriginal post: https://news.ycombinator.com/item?id=45038653&utm_source=wondercraft_ai(06:10): The Therac-25 Incident (2021)Original post: https://news.ycombinator.com/item?id=45036294&utm_source=wondercraft_ai(07:35): Google has eliminated 35% of managers overseeing small teams in past yearOriginal post: https://news.ycombinator.com/item?id=45045398&utm_source=wondercraft_ai(09:01): Unexpected productivity boost of RustOriginal post: https://news.ycombinator.com/item?id=45041286&utm_source=wondercraft_ai(10:26): Uncomfortable Questions About Android Developer VerificationOriginal post: https://news.ycombinator.com/item?id=45035699&utm_source=wondercraft_ai(11:51): I Am An AI HaterOriginal post: https://news.ycombinator.com/item?id=45043741&utm_source=wondercraft_ai(13:16): Malicious versions of Nx and some supporting plugins were publishedOriginal post: https://news.ycombinator.com/item?id=45034496&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai
Organizations today face escalating cyber risks spanning state-sponsored attacks, supply chain compromises, and malicious apps. ShinyHunters' breaches of Salesforce platforms (impacting Google and Farmers Insurance) show how social engineering—like voice phishing—can exploit trusted vendors. Meanwhile, Russian actors (FSB-linked “Static Tundra”) continue to leverage old flaws, such as a seven-year-old Cisco Smart Install bug, to infiltrate U.S. infrastructure. Malicious apps on Google Play (e.g., Joker, Anatsa) reached millions of downloads before removal, proving attackers' success in disguising malware. New technologies bring fresh vectors: Perplexity's Comet browser allowed prompt injection–driven account hijacking, while malicious RDP scanning campaigns exploit timing to maximize credential theft.Responses vary between safeguarding and asserting control. The FTC warns U.S. firms against weakening encryption or enabling censorship under foreign pressure, citing legal liability. By contrast, Russia mandates state-backed apps like MAX Messenger and RuStore, raising surveillance concerns. Microsoft, facing leaks from its bug-sharing program, restricted exploit code access to higher-risk countries. Open-source projects like LibreOffice gain traction as sovereignty tools—privacy-first, telemetry-free, and free of vendor lock-in.AI-powered wearables such as Halo X smart glasses blur lines between utility and surveillance. Their ability to “always listen” and transcribe conversations augments human memory but erodes expectations of privacy. The founders' history with facial recognition raises additional misuse concerns. As AI integrates directly into conversation and daily life, the risks of pervasive recording, ownership disputes, and surveillance intensify.Platforms like Bluesky are strained by conflicting global regulations. Mississippi's HB 1126 requires universal age verification, fines for violations, and parental consent for minors. Lacking resources for such infrastructure, Bluesky withdrew service from the state. This illustrates the tension between regulatory compliance, resource limits, and preserving open user access.AI adoption is now a competitive imperative. Coinbase pushes aggressive integration, requiring engineers to embrace tools like GitHub Copilot or face dismissal. With one-third of its code already AI-generated, Coinbase aims for 50% by quarter's end, supported by “AI Speed Runs” for knowledge-sharing. Yet, rapid adoption risks employee dissatisfaction and AI-generated security flaws, underscoring the need for strict controls alongside innovation.Breaches at Farmers Insurance (1.1M customers exposed) and Google via Salesforce illustrate the scale of third-party risk. Attackers exploit trusted platforms and human error, compromising data across multiple organizations at once. This shows security depends not only on internal defenses but on continuous vendor vetting and monitoring.Governments often demand access that undermines encryption, privacy, and transparency. The FTC warns that backdoors or secret concessions—such as the UK's (later retracted) request for Apple to weaken iCloud—violate user trust and U.S. law. Meanwhile, Russia's mandatory domestic apps exemplify sovereignty used for surveillance. Companies face a global tug-of-war between privacy, compliance, and open internet principles.Exploited legacy flaws prove that vulnerabilities never expire. Cisco's years-old Smart Install bug, still unpatched in many systems, allows surveillance of critical U.S. sectors. Persistent RDP scanning further highlights attackers' patience and scale. The lesson is clear: proactive patching, continuous updates, and rigorous audits are essential. Cybersecurity demands ongoing vigilance against both emerging and legacy threats.
If you like what you hear, please subscribe, leave us a review and tell a friend!
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were zero padded , an unfortunate choice. As of this week, datafeeds should no longer be zero padded . https://isc.sans.edu/diary/The%20end%20of%20an%20era%3A%20Properly%20formated%20IP%20addresses%20in%20all%20of%20our%20data./32228 .desktop files used in an attack against Linux Desktops Pakistani attackers are using .desktop files to target Indian Linux desktops. https://www.cyfirma.com/research/apt36-targets-indian-boss-linux-systems-with-weaponized-autostart-files/ Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram A go module advertising its ability to quickly brute force passwords against random IP addresses, has been used to exfiltrate credentials from the person running the module. https://socket.dev/blog/malicious-go-module-disguised-as-ssh-brute-forcer-exfiltrates-credentials Limiting Onmicrosoft Domain Usage for Sending Emails Microsoft is limiting how many emails can be sent by Microsoft 365 users using the onmicrosoft.com domain. https://techcommunity.microsoft.com/blog/exchange/limiting-onmicrosoft-domain-usage-for-sending-emails/4446167
Malicious Go module steals credentials via Telegram Mirai-based botnet resurfaces targeting systems globally Silk Typhoon hackers exploit cloud trust to hack downstream customers Huge thanks to our sponsor, Prophet Security Ever feel like your security team is stuck in a loop of alert fatigue and manual investigations? Meet Prophet Security. Their Agentic AI SOC Platform automates the tedious stuff: triaging, investigating, and responding to alerts - so your analysts can focus on real threats. Think 10x faster response times and a smarter way to secure your business. Learn more at prophetsecurity.ai. Find the stories behind the headlines at CISOseries.com.
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
Mary Robinson, former President, discusses her visit to Egypt and the Rafah crossing, calling for decisive international measures in Gaza.
CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit
DEAR PAO: Damaging one's property may constitute malicious mischief | Aug. 12, 2025Subscribe to The Manila Times Channel - https://tmt.ph/YTSubscribe Visit our website at https://www.manilatimes.net Follow us: Facebook - https://tmt.ph/facebook Instagram - https://tmt.ph/instagram Twitter - https://tmt.ph/twitter DailyMotion - https://tmt.ph/dailymotion Subscribe to our Digital Edition - https://tmt.ph/digital Check out our Podcasts: Spotify - https://tmt.ph/spotify Apple Podcasts - https://tmt.ph/applepodcasts Amazon Music - https://tmt.ph/amazonmusic Deezer: https://tmt.ph/deezer Stitcher: https://tmt.ph/stitcherTune In: https://tmt.ph/tunein #TheManilaTimes#KeepUpWithTheTimes Hosted on Acast. See acast.com/privacy for more information.
In high-net-worth divorces, money isn't just a shared asset—it often becomes the sharpest weapon in the conflict. From hidden accounts to excessive legal spending, financial manipulation can turn an already painful process into a drawn-out war. In this powerful episode, high-conflict divorce coach Karen McMahon explores the darker side of wealth and separation with Joshua L. Rieger, partner at Berkman Bottger Newman & Schein. A seasoned litigator and mediator, Josh brings firsthand insight from years in the courtroom, where he's seen how money is used to control, punish, and destabilize. Together, they unpack what financial abuse looks like in practice, how courts respond to weaponized wealth, and the strategies both moneyed and non-moneyed spouses can use to protect themselves. Josh also shares what every high-net-worth individual needs to understand about power imbalances, legal safeguards, and maintaining dignity through even the most contentious divorces. Whether you're protecting a legacy or fighting for a fair share, this episode offers a critical roadmap for navigating divorce when money is at the center of the storm. Connect with Joshua: Phone: 212-466-6015 Email: jrieger@berkbot.com Website: https://www.berkbot.com/ Resources Mentioned in this episode: Follow JBD on Instagram: @journey_beyond_divorce Book a Free Rapid Relief Call: http://rapidreliefcall.com Join the High Conflict Divorce Support Group: https://www.jbddivorcesupport.com/hcdsg
Join us for FREE on Discord! https://discord.gg/8C7VdZ2AX7In this episode of Malicious Compliance, we dive into stories of workplace defiance done right. From a property manager who demanded a 15-minute log and got 90 days' worth, to a Chick-fil-A worker who was robbed after following orders, these stories show what happens when bad instructions are taken literally. A paralegal lets a cocky lawyer tank his own assignment, a call center agent weaponizes the script, and someone follows "don't touch my stuff" a little too precisely. You'll laugh, wince, and maybe even cheer as each OP delivers the perfect petty response.Submit your own stories to KarmaStoriesPod@gmail.com.Karma Stories is available on all major Podcasting Platforms and on YouTube under the @KarmaStoriesPodcast handle. We cover stories from popular Reddit Subreddits like Entitled Parents, Tales From Tech Support, Pro Revenge and Malicious Compliance. You can find new uploads here every single day of the week!Rob's 3D Printing Site: https://Dangly3D.comGet your Custom Hand Turned Pen by Rob at https://CanadianRob.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/karma-stories--5098578/support.
In this episode:our full #UFCAbuDhabi recapthe "Drop of the NIght"main card picks for #UFCVegas108Q&A session with the RhinoGangPLUS @LFAfighting flyweight Michael Reyes goes a
Psalm 35English Standard VersionOf David.35 Contend, O Lord, with those who contend with me; fight against those who fight against me!2 Take hold of shield and buckler and rise for my help!3 Draw the spear and javelin against my pursuers!Say to my soul, “I am your salvation!”4 Let them be put to shame and dishonor who seek after my life!Let them be turned back and disappointed who devise evil against me!5 Let them be like chaff before the wind, with the angel of the Lord driving them away!6 Let their way be dark and slippery, with the angel of the Lord pursuing them!7 For without cause they hid their net for me; without cause they dug a pit for my life.8 Let destruction come upon him when he does not know it!And let the net that he hid ensnare him; let him fall into it—to his destruction!9 Then my soul will rejoice in the Lord, exulting in his salvation.10 All my bones shall say, “O Lord, who is like you,delivering the poor from him who is too strong for him, the poor and needy from him who robs him?”11 Malicious witnesses rise up; they ask me of things that I do not know.12 They repay me evil for good; my soul is bereft.13 But I, when they were sick— I wore sackcloth; I afflicted myself with fasting;I prayed with head bowed on my chest.14 I went about as though I grieved for my friend or my brother;as one who laments his mother, I bowed down in mourning.15 But at my stumbling they rejoiced and gathered; they gathered together against me;wretches whom I did not know tore at me without ceasing;16 like profane mockers at a feast, they gnash at me with their teeth.17 How long, O Lord, will you look on? Rescue me from their destruction, my precious life from the lions!18 I will thank you in the great congregation; in the mighty throng I will praise you.19 Let not those rejoice over me who are wrongfully my foes,and let not those wink the eye who hate me without cause.20 For they do not speak peace, but against those who are quiet in the land they devise words of deceit.21 They open wide their mouths against me; they say, “Aha, Aha! Our eyes have seen it!”22 You have seen, O Lord; be not silent! O Lord, be not far from me!23 Awake and rouse yourself for my vindication, for my cause, my God and my Lord!24 Vindicate me, O Lord, my God, according to your righteousness, and let them not rejoice over me!25 Let them not say in their hearts, “Aha, our heart's desire!”Let them not say, “We have swallowed him up.”26 Let them be put to shame and disappointed altogether who rejoice at my calamity!Let them be clothed with shame and dishonor who magnify themselves against me!27 Let those who delight in my righteousness shout for joy and be glad and say evermore,“Great is the Lord, who delights in the welfare of his servant!”28 Then my tongue shall tell of your righteousness and of your praise all the day long.
This episode features a security guard forced to be “seen and not heard” at a bank, leading to some creative silent treatment and a perfect case of contract-based compliance. We also hear about a manager who demanded a lawn be mowed in the rain, a warehouse worker who dressed far too professionally to move boxes, and a new hire who took a “no questions” policy to the extreme. From workplace pettiness to policy-driven rebellion, these stories prove that when management gives ridiculous orders, employees find a way to follow them literally. Get ready for another dose of clever and satisfying malicious compliance.Submit your own stories to KarmaStoriesPod@gmail.com.Karma Stories is available on all major Podcasting Platforms and on YouTube under the @KarmaStoriesPodcast handle. We cover stories from popular Reddit Subreddits like Entitled Parents, Tales From Tech Support, Pro Revenge and Malicious Compliance. You can find new uploads here every single day of the week!Rob's 3D Printing Site: https://Dangly3D.comGet your Custom Hand Turned Pen by Rob at https://CanadianRob.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/karma-stories--5098578/support.
This episode kicks off with a powerful story of malicious compliance from an IT worker denied on-call pay, who made sure the company paid the price literally. We also hear from a retail worker who served a petty refund with a smile, and a group of manufacturing employees who turned a no-loitering rule into a step-counting protest. Other tales include a consulting engineer who billed hard after being denied a simple limo ride and an employee who weaponized a rigid work-from-home policy. It's a full lineup of boss battles, policy blowback, and satisfying consequences.Submit your own stories to KarmaStoriesPod@gmail.com.Karma Stories is available on all major Podcasting Platforms and on YouTube under the @KarmaStoriesPodcast handle. We cover stories from popular Reddit Subreddits like Entitled Parents, Tales From Tech Support, Pro Revenge and Malicious Compliance. You can find new uploads here every single day of the week!Rob's 3D Printing Site: https://Dangly3D.comGet your Custom Hand Turned Pen by Rob at https://CanadianRob.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/karma-stories--5098578/support.
An efficiency expert is fired after uncovering a million-euro flaw tied to shady leadership, but not before unleashing chaos through malicious compliance. A creepy university dean tries to stack his class with young women, only to be hilariously sabotaged. A July 4th parking conflict ends with a satisfying citation, and an employee gets even after losing $40K in PTO. These stories are all about playing by the rules... and weaponizing them.Submit your own stories to KarmaStoriesPod@gmail.com.Karma Stories is available on all major Podcasting Platforms and on YouTube under the @KarmaStoriesPodcast handle. We cover stories from popular Reddit Subreddits like Entitled Parents, Tales From Tech Support, Pro Revenge and Malicious Compliance. You can find new uploads here every single day of the week!Rob's 3D Printing Site: https://Dangly3D.comGet your Custom Hand Turned Pen by Rob at https://CanadianRob.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/karma-stories--5098578/support.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Keylogger Data Stored in an ADS Xavier came across a keystroke logger that stores data in alternate data streams. The data includes keystroke logs as well as clipboard data https://isc.sans.edu/diary/Keylogger%20Data%20Stored%20in%20an%20ADS/32108 Malvertising Homebrew An attacker has been attempting to trick users into installing a malicious version of Homebrew. The fake software is advertised via paid Google ads and directs users to the attacker s GitHub repo. https://medium.com/deriv-tech/brewing-trouble-dissecting-a-macos-malware-campaign-90c2c24de5dc CVE-2025-5333: Remote Code Execution in Broadcom Altiris IRM LRQA have discovered a critical unauthenticated remote code execution (RCE) vulnerability in the Broadcom Symantec Altiris Inventory Rule Management (IRM) component of Symantec Endpoint Management. https://www.lrqa.com/en/cyber-labs/remote-code-execution-in-broadcom-altiris-irm/ Code highlighting with Cursor AI for $500,000 A syntax highlighting extension for Cursor AI was used to compromise a developer s workstation and steal $500,000 in cryptocurrency. https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908/
Today's episode is packed with classic Malicious Compliance, where doing exactly what you're told leads to total chaos. We've got a printing job destroyed by haste, a VP who learned the hard way to listen, a technician who weaponized his lunch break, a receptionist whose silence spoke volumes, and an office football team with a hilariously honest name. These stories prove that when management refuses to listen, compliance becomes the sharpest form of rebellion. Buckle up, it's going to be a satisfying ride.Submit your own stories to KarmaStoriesPod@gmail.com.Karma Stories is available on all major Podcasting Platforms and on YouTube under the @KarmaStoriesPodcast handle. We cover stories from popular Reddit Subreddits like Entitled Parents, Tales From Tech Support, Pro Revenge and Malicious Compliance. You can find new uploads here every single day of the week!Rob's 3D Printing Site: https://Dangly3D.comGet your Custom Hand Turned Pen by Rob at https://CanadianRob.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/karma-stories--5098578/support.
Welcome to Mastering Cyber with Host Alissa (Dr Jay) Abdullah, PhD, SVP & Deputy CSO at Mastercard, and former White House technology executive. Listen to this weekly one-minute podcast to help you maneuver cybersecurity industry tips, terms, and topics. Buckle up, your 60 seconds of cyber starts now! Sponsored by Mastercard: https://mastercard.us/en-us.html
In this July 2025 Patch [FIX] Tuesday episode, Automox security experts Tom, Seth, and Cody unpack four high-impact threats — from Microsoft updates, to Linux vulns, and .zip exploit PoCs.Topics include a physical attack method bypassing BitLocker encryption (CVE-2025-48001), the looming expiration of secure boot certificates, a Linux privilege escalation flaw in chroot and sudo (CVE-2025-32463), and a proof-of-concept .zip exploit that hides malicious content during preview but runs it on unzip.Expect sharp technical insights, practical mitigation tips, and as always, a few laughs.
Today on Karma Stories, we dive into the world of Malicious Compliance with four standout tales. First, a strict new principal gets outmaneuvered by clever students and teachers in a battle over school uniforms. Then, a middle school's hallway traffic lanes spark an imaginary car revolution that spirals hilariously out of control. We also hear about a boyfriend who weaponizes a long walk in nature as payback, only for it to completely backfire. And finally, a medical team finds the perfect way to retaliate against a contractor's endless paperwork demands. These stories prove that when you push the wrong people, they'll push back by the book.Get your Custom Hand Turned Pen by Rob at https://CanadianRob.comSubmit your own stories to KarmaStoriesPod@gmail.com.Karma Stories is available on all major Podcasting Platforms and on YouTube under the @KarmaStoriesPodcast handle. We cover stories from popular Reddit Subreddits like Entitled Parents, Tales From Tech Support, Pro Revenge and Malicious Compliance. You can find new uploads here every single day of the week!Rob's 3D Printing Site: https://Dangly3D.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/karma-stories--5098578/support.
Live from the Golden Circle Sportsbook & Bar, Treasure Island Race & Sportsbook Director Chuck Esposito joins Cofield & Company to detail the betting lines for the Las Vegas Aces' match up against the Indiana Fever without Caitlin Clark, detail the rise in baseball sports betting during the summer months, and give his thoughts on the impact of Donald Trump's "Big Beautiful Bill" on sports gambling across the country. Sophie Cunningham walks back her comments criticizing Detroit and Cleveland as possible destinations for expansion teams for the WNBA. Caitlin Clark ruled out of the Indiana Fever's match up against the Las Vegas Aces due to injury. ESPN's Alan Hahn challenging LeBron James to join the New York Knicks and win an NBA championship. Reviewing the appropriate length for men's shorts.
Welcome to Spitting Nonsense—where two self-proclaimed amateurs, Jasmine and Zach, chat about all things nerdy (and plenty that's not). None of this is fact, but it's definitely our brand of nonsense! We're still recording regularly—no promises on hitting exact days anymore—but you can always count on us for plenty of off-the-wall commentary. And now, you can leave comments on Spotify! Tell us what's on your mind; we see every comment and might even respond on the show. Thanks for listening, and enjoy the nonsense!
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails. https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone numbers Scammers are placing Google ads that point to legitimate companies sites, but are injecting malicious text into the page advertising fake tech support numbers https://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number What s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Targeted attacks are tricking victims into creating app-specific passwords to Google resources. https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia
Moving into a 6,000-square-foot Wyoming showplace should have been the birthday getaway of dreams. Instead, three friends and one wary dad find themselves stalked by an unseen houseguest who rearranges luggage, pounds walls on command, and breathes inches from their faces while they cower beneath the blankets. Psychic medium Kay senses the presence, yet even she can't tell if it's malicious or merely curious—and every room-shaking thud tests that theory. From giggling doppelgängers to paralyzing bedside visits, discover how quickly luxury turns to terror when the unknown decides to make itself known. If you have a real ghost story or supernatural event to report, please write into our show at http://www.realghoststoriesonline.com/ or call 1-855-853-4802! Want AD-FREE & ADVANCE RELEASE EPISODES? Become a Premium Subscriber Through Apple Podcasts now!!! https://itunes.apple.com/us/podcast/real-ghost-stories-online/id880791662?mt=2&uo=4&ls=1 Or Patreon: http://www.patreon.com/realghoststories Or Our Website: http://www.ghostpodcast.com/?page_id=118
Today's agenda: The a** itch salad bar The pantless employee Motion lotion Hide your kids at work day The (broken) decorative periscope Malicious salsa Growling at work The world's greatest email subject line Plan B receipt Ear licking Your To-Do List: Grab merch, submit Questions & Comments, and make sure that you're the first to know about our In-Person Meetings (events!) at https://www.hrbesties.com. Follow your Besties across the socials and check out our resumes here: https://www.hrbesties.com/about. Subscribe to the HR Besties Newsletter - https://hr-besties.beehiiv.com/subscribe We look forward to seeing you in our next meeting - don't worry, we'll have a hard stop! Yours in Business + Bullsh*t, Leigh, Jamie & Ashley Follow Bestie Leigh! https://www.tiktok.com/@hrmanifesto https://www.instagram.com/hrmanifesto https://www.hrmanifesto.com Follow Bestie Ashley! https://www.tiktok.com/@managermethod https://www.instagram.com/managermethod https://www.linkedin.com/in/ashleyherd/ https://managermethod.com Follow Bestie Jamie! https://www.millennialmisery.com/ Humorous Resources: Instagram • YouTube • Threads • Facebook • X Millennial Misery: Instagram • Threads • Facebook • X Horrendous HR: Instagram • Threads • Facebook Tune in to “HR Besties,” a business, work and management podcast hosted by Leigh Elena Henderson (HRManifesto), Ashley Herd (ManagerMethod) and Jamie Jackson (Humorous_Resources), where we navigate the labyrinth of corporate culture, from cringe corporate speak to toxic leadership. Whether you're in Human Resources or not, corporate or small business, we offer sneak peeks into surviving work, hiring strategies, and making the employee experience better for all. Tune in for real talk on employee engagement, green flags in the workplace, and how to turn red flags into real change. Don't miss our chats about leadership, career coaching, and takes from work travel and watercooler gossip. Get new episodes every Wednesday, follow us on socials for the latest updates, and join us at our virtual happy hours to share your HR stories. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Hollywood, 1958. Glamour. Fame. Scandal. But behind the velvet curtains of silver screen royalty, a violent storm was brewing. Johnny Stompanato- charming, dangerous, and deeply entangled with one of Hollywood's biggest stars- would soon be found dead on the floor of a Beverly Hills mansion. Was it an accident based on a misunderstanding, a mother's desperate act, or something far more sinister? Today, we unravel the sensational murder that rocked Tinseltown, and left the world wondering what really happened behind Lana Turner's closed doors. We're coming to CrimeCon Denver! Use our code CRIMEWEEKLY for 10% off your tickets! https://www.crimecon.com/CC25 Try our coffee!! - www.CriminalCoffeeCo.com Become a Patreon member -- > https://www.patreon.com/CrimeWeekly Shop for your Crime Weekly gear here --> https://crimeweeklypodcast.com/shop Youtube: https://www.youtube.com/c/CrimeWeeklyPodcast Website: CrimeWeeklyPodcast.com Instagram: @CrimeWeeklyPod Twitter: @CrimeWeeklyPod Facebook: @CrimeWeeklyPod ADS: 1. https://www.PDSDebt.com/CrimeWeekly - Get your FREE debt assessment today! 2. https://www.Ollie.com/CrimeWeekly - Use code CRIMEWEEKLY and get 60% off your first box! 3. https://www.FastGrowingTrees.com - Use code CRIMEWEEKLY and get an additional 15% off! 4. https://www.HelixSleep.com/CrimeWeekly - Get 20% off sitewide! 5. https://www.EatIQBAR.com - Text WEEKLY to 64000 for 20% off ALL IQBAR products and FREE shipping!