Podcasts about Patch Tuesday

Was kann schiefgehen, wenn man sich den Posteingang von einer KI aufräumen lässt? Antwort: Alles. Ausgerechnet eine Sicherheitsforscherin bei Meta hatte die Idee, sich vom viel zitierten KI-Agenten OpenClaw beim Aufräumen ihres Postfachs helfen zu lassen. Doch die künstliche Intelligenz ging nicht sehr behutsam an die Sache heran, sondern begann eine wilde Löschaktion. Um ihre Kommunikation zu retten, musste Summer Yue zu ihrem Mac Mini rennen und eingreifen, als «sei sie ein Bomben-Entschärfungskommando». Hätte man dieses Risiko nicht vorausahnen können? Diese Frage diskutieren wir in der heutigen Ausgabe von Patch Tuesday. Ausserdem besprechen wir den möglicherweise wegweisenden Prozess gegen Social-Media-Unternehmen in Los Angeles, das mögliche Sterben der Marke XBox und Ransomware im Gesundheitswesen.

In this episode of the Shift AI Podcast, Scott Roberts, CISO at UiPath, joins host Boaz Ashkenazy for a deep dive into how agentic AI is reshaping enterprise security and automation—both for customers and inside UiPath itself.Scott shares his 25-year security journey spanning Microsoft's early Security Response Center days (including the era that produced Patch Tuesday and the Security Development Lifecycle), product security work across Windows and Xbox, time at AWS, and leadership roles at Google where he helped build the Android Security Assurance and Pixel Security teams and the Android Monthly Security Update process. He also discusses his work in security standards across IPsec, HTML5 encrypted media, GSMA device security, and most recently, contributions to emerging agentic AI security standards.The conversation then explores UiPath's evolution from traditional RPA into a unified platform that combines deterministic automation with agentic workflows. Scott walks through a real-world healthcare billing example where agentic automation increased deduplication accuracy dramatically by handling complex, variable inputs that classic RPA struggled with—while still keeping humans in the loop and feeding outcomes back into the system to improve over time.Boaz and Scott go deep on what's changed for CISOs in the post-LLM world: the need for guardrails, identity and entitlements for AI agents, and the challenge of end users copying sensitive information into consumer AI tools. Scott explains UiPath's approach: enable adoption while using nudges and policy controls to redirect sensitive workflows into enterprise-safe environments rather than relying solely on blocks.The episode closes with an eye-opening look at UiPath's internal “agentic threat analyst” system—an orchestration of 60+ agents that can investigate SIEM alerts end-to-end, generate structured incident writeups, and compress hours of analyst work into roughly a minute and a half. Scott's future-looking takeaway: as AI models evolve beyond “read-only” into potentially “read-write” systems that can update their foundational knowledge, the acceleration could be truly mind-blowing.This episode is essential listening for security leaders, enterprise operators, and automation teams trying to understand how agentic systems change not just productivity, but the entire security operating model.Chapters[00:01] Scott's Security Journey: Microsoft, Google, Coinbase, UiPath[01:33] Security Standards Work: From IPsec to Agentic AI Standards[04:08] What UiPath Does: Process Orchestration, RPA, and Enterprise Automation[06:28] RPA vs Agentic Automation: A Healthcare Billing Deduplication Example[09:17] The Agentic Stack: Canvas, Guardrails, and the AI Trust Layer[10:31] How LLMs Change Security: Data Controls, Access, and Governance[12:14] Internal Adoption at UiPath: AI Tooling by Persona (Legal, Finance, Engineering)[13:13] Code Velocity and Security: Agents Generating Code, Agents Verifying It[15:53] Two AI Security Worlds: Orchestration Platforms vs End-User Chat Interfaces[17:11] Securing End Users: Enterprise LLMs, Nudges, and Browser-Based Controls[19:07] Sovereign AI and Data Boundaries: Keeping Data in the Right Region[21:00] Over-Permissioning Meets Agents: Why AI Makes Old Problems Obvious Fast[22:21] The Next Wave: AI Transforming the Entire SDLC End-to-End[24:53] Security Pitfalls in Agentic SDLC: Misaligned Incentives and Permissions[26:02] UiPath's Agentic Threat Analyst: 60+ Agents, SIEM to Writeup Automation[30:07] What Changes for Humans: Faster “Time to Truth” and Higher-Leverage Work[32:09] Two-Word Future: “Mind Blowing” and Read/Write ModelsConnect with Scott RobertsLinkedIn: https://www.linkedin.com/in/scottroberts6/Connect with Boaz AshkenazyLinkedIn: https://www.linkedin.com/in/boazashkenazy/Email: info@shiftai.fm

Parce que… c'est l'épisode 0x708! Shameless plug 25 et 26 février 2026 - SéQCure 2026 31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026 14 au 17 avril 2026 - Botconf 2026 28 et 29 avril 2026 - Cybereco Cyberconférence 2026 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2026 - SSTIC 2026 19 septembre 2026 - Bsides Montréal Notes IA AI threat modeling must include supply chains, agents, and human risk OpenClaw instances open to the internet present ripe targets Microsoft boffins show LLM safety can be trained away Augustus - Open-source LLM Vulnerability Scanner With 210+ Attacks Across 28 LLM Providers AI-Generated Text and the Detection Arms Race AI agents can spill secrets via malicious link previews Claude add-on turns Google Calendar into malware courier The First Signs of Burnout Are Coming From the People Who Embrace AI the Most Claude and OpenAI fight over ads while Google monetizes Prompt Injection Via Road Signs NanoClaw solves one of OpenClaw's biggest security issues — and it's already powering the creator's biz Microsoft: Poison AI buttons and links may betray your trust Anthropic safety researcher quits, warning ‘world is in peril' Cyber Model Arena AI bot seemingly shames developer for rejected pull request AI Weaponization: State Hackers Using Google Gemini for Espionage and Malware Generation Misconfigured AI could shut down a G20 nation, says Gartner AI Agents ‘Swarm,' Security Complexity Follows Suit OpenAI has deleted the word ‘safely' from its mission – and its new structure is a test for whether AI serves society or shareholders Pentagon used Anthropic's Claude during Maduro raid How AI could eat itself: Using LLMs to distill rivals Your Friends Might Be Sharing Your Number With ChatGPT Souveraineté ou tout ce que je peux faire sur mon terrain Carmakers Rush To Remove Chinese Code Under New US Rules White House to meet with GOP lawmakers on FISA Section 702 renewal Google Warns EU Risks Undermining Own Competitiveness With Tech Sovereignty Push Privacy ou tout ce qui devrait rester à la maison Re-Identification vs Anonymization Strength Ring cancels its partnership with Flock Safety after surveillance backlash Meta Plans To Let Smart Glasses Identify People Through AI-Powered Facial Recognition Red ou tout ce qui est brisé After Six Years, Two Pentesters Arrested in Iowa Receive $600,000 Settlement Notepad's new Markdown powers served with a side of RCE Spying Chrome Extensions: 287 Extensions spying on 37M users Apple patches decade-old iOS zero-day exploited in the wild Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say Microsoft: New Windows LNK spoofing issues aren't vulnerabilities Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks Blue ou tout ce qui améliore notre posture Microsoft announces new mobile-style Windows security controls Patch Tuesday, February 2026 Edition The EU moves to kill infinite scrolling Meta, TikTok and others agree to teen safety ratings European nations gear up to ban social media for children Divers et insolites Nobody knows how the whole system works Counting the waves of tech industry BS from blockchain to AI Apple and Google agree to change app stores after ‘effective duopoly' claim Hacktivism today: What three years of research reveal about its transformation Europe must adapt to ‘permanent' cyber and hybrid threats, Sweden warns US needs to impose ‘real costs' on bad actors, State Department cyber official says Stop Using Face ID Right Now. Here's Why Collaborateurs Nicolas-Loïc Fortin Crédits Montage par Intrasecure inc Locaux réels par Intrasecure inc

(Presented by Thinkst Canary: Most Companies find out way too late that they've been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching 'em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents.) Three Buddy Problem - Episode 85: Top stories this week include drone incursions over El Paso and the murky line between cartel activity, anti-drone tech testing, and full-blown hybrid warfare; updates on the Notepad++ supply chain fallout; Microsoft's zero-day treadmill and AI-enabled attack surfaces; and Apple's “extremely sophisticated” iOS exploits. Plus, Europe's growing appetite for offensive cyber, Palo Alto and the uncomfortable politics of cyber attribution, Singapore on telco intrusions, and the economics of end-of-life infrastructure. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

After years of ignoring and maligning Windows, Microsoft has finally woken up and is making some happy noises. Last week, we discussed how Microsoft plans to improve the quality of Windows and that there are already many signs of that work in various security features and new OneDrive Folder Backup changes - plus those two new direct reports to Nadella. Then, Microsoft announced its Windows Baseline Security Mode and User Transparency and Consent initiatives with questions about the timing. And now, Microsoft just explained Windows 11 version 26H1, and it's not like 24H2 at all despite being tied to Snapdragon X2 silicon.Something happened ... and that something is tied to 26H1 26H1: Only for Snapdragon X2, a "scoped release," based on a "different core" from 24H2 and 25H2 You cannot upgrade 24H2 or 25H2 to 26H1 You cannot upgrade 26H1 to 26H2 (!) - instead, those on 26H1 "will have a path to update in a future Windows release." - Is that future Windows release Windows 12? Probably 24H2, 25H2, and 26H1 will all have the same user-facing features, this has been the case with all support Windows (11) versions for 2+ years (Remember, this is not what happened with 24H2. Shipped early on Snapdragon X1, but was made available to all Windows 11 PCs later that year) So why is this happening now? Fortune 500/corporate customer pushback on AI is one guess This is GOOD news, however it all unfolds More Windows 11 Yesterday was Patch Tuesday, so get to work. Updates this month include: Agent in Settings (Copilot+ PCs only) improvements. Settings improvements, cross-device Resume improvements, Windows MIDI Services improvements, Narrator improvements, Smart App Control improvements, Windows Hello New ESS improvements, and File Explorer improvements Somewhat related to the quality/security push noted above, Microsoft is rolling out new Secure Boot certificates this year for older (pre-2024/25) PCs Microsoft announces a Store CLI that does (almost) nothing new compared to winget New Dev and Beta builds with minor changes: Emoji 16.0, camera improvements, various fixes More earnings Amazon hits $213.4 billion in revenues, will spend $200 billion CAPEX/AI infrastructure this fiscal year, more than Google ($175/$185 billion) or Microsoft (estimated $150+ billion) Qualcomm $12.25 billion in revenues, up 5 percent Alphabet/Google - Up 18 percent (!) to $113.8 billion - 750 million MAUs on Gemini, 74 percent of revenues come from advertising Spotify - somehow has over 750 million MAUs now AI and dev OpenAI and Anthropic release dueling agentic AI coding models that do more than agentic AI coding within minutes of each other Ads appear in ChatGPT Free and Go as threatened Duck.ai adds private, anonymous real-time AI voice chat NET 11 Preview 1 arrives, but there's nothing major here Xbox & games Microsoft announces the 2025 Xbox Excellence Awards Celebrate 35 years of Id Software - Castle Wolfenstein 3D was a wake-up call for PC gaming, but DOOM was a miracle, and Quake was a real WTF moment Sony sold 8 million PlayStation 5s (down 16 percent YOY) in the holiday quarter, 92 million (!) overall Valve predictably delays the vaporware Steam Machine Epic Games is having a winter sale - for example, Silent Hill 2, GTA V Enhanced are 50 percentR These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/970 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: threatlocker.com/twit helixsleep.com/windows trustedtech.team/windowsweekly365 cachefly.com/twit

After years of ignoring and maligning Windows, Microsoft has finally woken up and is making some happy noises. Last week, we discussed how Microsoft plans to improve the quality of Windows and that there are already many signs of that work in various security features and new OneDrive Folder Backup changes - plus those two new direct reports to Nadella. Then, Microsoft announced its Windows Baseline Security Mode and User Transparency and Consent initiatives with questions about the timing. And now, Microsoft just explained Windows 11 version 26H1, and it's not like 24H2 at all despite being tied to Snapdragon X2 silicon.Something happened ... and that something is tied to 26H1 26H1: Only for Snapdragon X2, a "scoped release," based on a "different core" from 24H2 and 25H2 You cannot upgrade 24H2 or 25H2 to 26H1 You cannot upgrade 26H1 to 26H2 (!) - instead, those on 26H1 "will have a path to update in a future Windows release." - Is that future Windows release Windows 12? Probably 24H2, 25H2, and 26H1 will all have the same user-facing features, this has been the case with all support Windows (11) versions for 2+ years (Remember, this is not what happened with 24H2. Shipped early on Snapdragon X1, but was made available to all Windows 11 PCs later that year) So why is this happening now? Fortune 500/corporate customer pushback on AI is one guess This is GOOD news, however it all unfolds More Windows 11 Yesterday was Patch Tuesday, so get to work. Updates this month include: Agent in Settings (Copilot+ PCs only) improvements. Settings improvements, cross-device Resume improvements, Windows MIDI Services improvements, Narrator improvements, Smart App Control improvements, Windows Hello New ESS improvements, and File Explorer improvements Somewhat related to the quality/security push noted above, Microsoft is rolling out new Secure Boot certificates this year for older (pre-2024/25) PCs Microsoft announces a Store CLI that does (almost) nothing new compared to winget New Dev and Beta builds with minor changes: Emoji 16.0, camera improvements, various fixes More earnings Amazon hits $213.4 billion in revenues, will spend $200 billion CAPEX/AI infrastructure this fiscal year, more than Google ($175/$185 billion) or Microsoft (estimated $150+ billion) Qualcomm $12.25 billion in revenues, up 5 percent Alphabet/Google - Up 18 percent (!) to $113.8 billion - 750 million MAUs on Gemini, 74 percent of revenues come from advertising Spotify - somehow has over 750 million MAUs now AI and dev OpenAI and Anthropic release dueling agentic AI coding models that do more than agentic AI coding within minutes of each other Ads appear in ChatGPT Free and Go as threatened Duck.ai adds private, anonymous real-time AI voice chat NET 11 Preview 1 arrives, but there's nothing major here Xbox & games Microsoft announces the 2025 Xbox Excellence Awards Celebrate 35 years of Id Software - Castle Wolfenstein 3D was a wake-up call for PC gaming, but DOOM was a miracle, and Quake was a real WTF moment Sony sold 8 million PlayStation 5s (down 16 percent YOY) in the holiday quarter, 92 million (!) overall Valve predictably delays the vaporware Steam Machine Epic Games is having a winter sale - for example, Silent Hill 2, GTA V Enhanced are 50 percentR These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/970 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: threatlocker.com/twit helixsleep.com/windows trustedtech.team/windowsweekly365 cachefly.com/twit

After years of ignoring and maligning Windows, Microsoft has finally woken up and is making some happy noises. Last week, we discussed how Microsoft plans to improve the quality of Windows and that there are already many signs of that work in various security features and new OneDrive Folder Backup changes - plus those two new direct reports to Nadella. Then, Microsoft announced its Windows Baseline Security Mode and User Transparency and Consent initiatives with questions about the timing. And now, Microsoft just explained Windows 11 version 26H1, and it's not like 24H2 at all despite being tied to Snapdragon X2 silicon.Something happened ... and that something is tied to 26H1 26H1: Only for Snapdragon X2, a "scoped release," based on a "different core" from 24H2 and 25H2 You cannot upgrade 24H2 or 25H2 to 26H1 You cannot upgrade 26H1 to 26H2 (!) - instead, those on 26H1 "will have a path to update in a future Windows release." - Is that future Windows release Windows 12? Probably 24H2, 25H2, and 26H1 will all have the same user-facing features, this has been the case with all support Windows (11) versions for 2+ years (Remember, this is not what happened with 24H2. Shipped early on Snapdragon X1, but was made available to all Windows 11 PCs later that year) So why is this happening now? Fortune 500/corporate customer pushback on AI is one guess This is GOOD news, however it all unfolds More Windows 11 Yesterday was Patch Tuesday, so get to work. Updates this month include: Agent in Settings (Copilot+ PCs only) improvements. Settings improvements, cross-device Resume improvements, Windows MIDI Services improvements, Narrator improvements, Smart App Control improvements, Windows Hello New ESS improvements, and File Explorer improvements Somewhat related to the quality/security push noted above, Microsoft is rolling out new Secure Boot certificates this year for older (pre-2024/25) PCs Microsoft announces a Store CLI that does (almost) nothing new compared to winget New Dev and Beta builds with minor changes: Emoji 16.0, camera improvements, various fixes More earnings Amazon hits $213.4 billion in revenues, will spend $200 billion CAPEX/AI infrastructure this fiscal year, more than Google ($175/$185 billion) or Microsoft (estimated $150+ billion) Qualcomm $12.25 billion in revenues, up 5 percent Alphabet/Google - Up 18 percent (!) to $113.8 billion - 750 million MAUs on Gemini, 74 percent of revenues come from advertising Spotify - somehow has over 750 million MAUs now AI and dev OpenAI and Anthropic release dueling agentic AI coding models that do more than agentic AI coding within minutes of each other Ads appear in ChatGPT Free and Go as threatened Duck.ai adds private, anonymous real-time AI voice chat NET 11 Preview 1 arrives, but there's nothing major here Xbox & games Microsoft announces the 2025 Xbox Excellence Awards Celebrate 35 years of Id Software - Castle Wolfenstein 3D was a wake-up call for PC gaming, but DOOM was a miracle, and Quake was a real WTF moment Sony sold 8 million PlayStation 5s (down 16 percent YOY) in the holiday quarter, 92 million (!) overall Valve predictably delays the vaporware Steam Machine Epic Games is having a winter sale - for example, Silent Hill 2, GTA V Enhanced are 50 percentR These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/970 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: threatlocker.com/twit helixsleep.com/windows trustedtech.team/windowsweekly365 cachefly.com/twit

After years of ignoring and maligning Windows, Microsoft has finally woken up and is making some happy noises. Last week, we discussed how Microsoft plans to improve the quality of Windows and that there are already many signs of that work in various security features and new OneDrive Folder Backup changes - plus those two new direct reports to Nadella. Then, Microsoft announced its Windows Baseline Security Mode and User Transparency and Consent initiatives with questions about the timing. And now, Microsoft just explained Windows 11 version 26H1, and it's not like 24H2 at all despite being tied to Snapdragon X2 silicon.Something happened ... and that something is tied to 26H1 26H1: Only for Snapdragon X2, a "scoped release," based on a "different core" from 24H2 and 25H2 You cannot upgrade 24H2 or 25H2 to 26H1 You cannot upgrade 26H1 to 26H2 (!) - instead, those on 26H1 "will have a path to update in a future Windows release." - Is that future Windows release Windows 12? Probably 24H2, 25H2, and 26H1 will all have the same user-facing features, this has been the case with all support Windows (11) versions for 2+ years (Remember, this is not what happened with 24H2. Shipped early on Snapdragon X1, but was made available to all Windows 11 PCs later that year) So why is this happening now? Fortune 500/corporate customer pushback on AI is one guess This is GOOD news, however it all unfolds More Windows 11 Yesterday was Patch Tuesday, so get to work. Updates this month include: Agent in Settings (Copilot+ PCs only) improvements. Settings improvements, cross-device Resume improvements, Windows MIDI Services improvements, Narrator improvements, Smart App Control improvements, Windows Hello New ESS improvements, and File Explorer improvements Somewhat related to the quality/security push noted above, Microsoft is rolling out new Secure Boot certificates this year for older (pre-2024/25) PCs Microsoft announces a Store CLI that does (almost) nothing new compared to winget New Dev and Beta builds with minor changes: Emoji 16.0, camera improvements, various fixes More earnings Amazon hits $213.4 billion in revenues, will spend $200 billion CAPEX/AI infrastructure this fiscal year, more than Google ($175/$185 billion) or Microsoft (estimated $150+ billion) Qualcomm $12.25 billion in revenues, up 5 percent Alphabet/Google - Up 18 percent (!) to $113.8 billion - 750 million MAUs on Gemini, 74 percent of revenues come from advertising Spotify - somehow has over 750 million MAUs now AI and dev OpenAI and Anthropic release dueling agentic AI coding models that do more than agentic AI coding within minutes of each other Ads appear in ChatGPT Free and Go as threatened Duck.ai adds private, anonymous real-time AI voice chat NET 11 Preview 1 arrives, but there's nothing major here Xbox & games Microsoft announces the 2025 Xbox Excellence Awards Celebrate 35 years of Id Software - Castle Wolfenstein 3D was a wake-up call for PC gaming, but DOOM was a miracle, and Quake was a real WTF moment Sony sold 8 million PlayStation 5s (down 16 percent YOY) in the holiday quarter, 92 million (!) overall Valve predictably delays the vaporware Steam Machine Epic Games is having a winter sale - for example, Silent Hill 2, GTA V Enhanced are 50 percentR These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/970 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: threatlocker.com/twit helixsleep.com/windows trustedtech.team/windowsweekly365 cachefly.com/twit

On this episode, I go into an update on the Secure Boot certificate update, the upcoming Windows 11 26H1 release, recent Azure outage, signs Microsoft will be focusing on quality and more! Reference Links: https://www.rorymon.com/blog/patch-tuesday-news-azure-outage-impacted-windows-updates-wom11-26h1-info/

After years of ignoring and maligning Windows, Microsoft has finally woken up and is making some happy noises. Last week, we discussed how Microsoft plans to improve the quality of Windows and that there are already many signs of that work in various security features and new OneDrive Folder Backup changes - plus those two new direct reports to Nadella. Then, Microsoft announced its Windows Baseline Security Mode and User Transparency and Consent initiatives with questions about the timing. And now, Microsoft just explained Windows 11 version 26H1, and it's not like 24H2 at all despite being tied to Snapdragon X2 silicon.Something happened ... and that something is tied to 26H1 26H1: Only for Snapdragon X2, a "scoped release," based on a "different core" from 24H2 and 25H2 You cannot upgrade 24H2 or 25H2 to 26H1 You cannot upgrade 26H1 to 26H2 (!) - instead, those on 26H1 "will have a path to update in a future Windows release." - Is that future Windows release Windows 12? Probably 24H2, 25H2, and 26H1 will all have the same user-facing features, this has been the case with all support Windows (11) versions for 2+ years (Remember, this is not what happened with 24H2. Shipped early on Snapdragon X1, but was made available to all Windows 11 PCs later that year) So why is this happening now? Fortune 500/corporate customer pushback on AI is one guess This is GOOD news, however it all unfolds More Windows 11 Yesterday was Patch Tuesday, so get to work. Updates this month include: Agent in Settings (Copilot+ PCs only) improvements. Settings improvements, cross-device Resume improvements, Windows MIDI Services improvements, Narrator improvements, Smart App Control improvements, Windows Hello New ESS improvements, and File Explorer improvements Somewhat related to the quality/security push noted above, Microsoft is rolling out new Secure Boot certificates this year for older (pre-2024/25) PCs Microsoft announces a Store CLI that does (almost) nothing new compared to winget New Dev and Beta builds with minor changes: Emoji 16.0, camera improvements, various fixes More earnings Amazon hits $213.4 billion in revenues, will spend $200 billion CAPEX/AI infrastructure this fiscal year, more than Google ($175/$185 billion) or Microsoft (estimated $150+ billion) Qualcomm $12.25 billion in revenues, up 5 percent Alphabet/Google - Up 18 percent (!) to $113.8 billion - 750 million MAUs on Gemini, 74 percent of revenues come from advertising Spotify - somehow has over 750 million MAUs now AI and dev OpenAI and Anthropic release dueling agentic AI coding models that do more than agentic AI coding within minutes of each other Ads appear in ChatGPT Free and Go as threatened Duck.ai adds private, anonymous real-time AI voice chat NET 11 Preview 1 arrives, but there's nothing major here Xbox & games Microsoft announces the 2025 Xbox Excellence Awards Celebrate 35 years of Id Software - Castle Wolfenstein 3D was a wake-up call for PC gaming, but DOOM was a miracle, and Quake was a real WTF moment Sony sold 8 million PlayStation 5s (down 16 percent YOY) in the holiday quarter, 92 million (!) overall Valve predictably delays the vaporware Steam Machine Epic Games is having a winter sale - for example, Silent Hill 2, GTA V Enhanced are 50 percentR These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/970 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: threatlocker.com/twit helixsleep.com/windows trustedtech.team/windowsweekly365 cachefly.com/twit

After years of ignoring and maligning Windows, Microsoft has finally woken up and is making some happy noises. Last week, we discussed how Microsoft plans to improve the quality of Windows and that there are already many signs of that work in various security features and new OneDrive Folder Backup changes - plus those two new direct reports to Nadella. Then, Microsoft announced its Windows Baseline Security Mode and User Transparency and Consent initiatives with questions about the timing. And now, Microsoft just explained Windows 11 version 26H1, and it's not like 24H2 at all despite being tied to Snapdragon X2 silicon.Something happened ... and that something is tied to 26H1 26H1: Only for Snapdragon X2, a "scoped release," based on a "different core" from 24H2 and 25H2 You cannot upgrade 24H2 or 25H2 to 26H1 You cannot upgrade 26H1 to 26H2 (!) - instead, those on 26H1 "will have a path to update in a future Windows release." - Is that future Windows release Windows 12? Probably 24H2, 25H2, and 26H1 will all have the same user-facing features, this has been the case with all support Windows (11) versions for 2+ years (Remember, this is not what happened with 24H2. Shipped early on Snapdragon X1, but was made available to all Windows 11 PCs later that year) So why is this happening now? Fortune 500/corporate customer pushback on AI is one guess This is GOOD news, however it all unfolds More Windows 11 Yesterday was Patch Tuesday, so get to work. Updates this month include: Agent in Settings (Copilot+ PCs only) improvements. Settings improvements, cross-device Resume improvements, Windows MIDI Services improvements, Narrator improvements, Smart App Control improvements, Windows Hello New ESS improvements, and File Explorer improvements Somewhat related to the quality/security push noted above, Microsoft is rolling out new Secure Boot certificates this year for older (pre-2024/25) PCs Microsoft announces a Store CLI that does (almost) nothing new compared to winget New Dev and Beta builds with minor changes: Emoji 16.0, camera improvements, various fixes More earnings Amazon hits $213.4 billion in revenues, will spend $200 billion CAPEX/AI infrastructure this fiscal year, more than Google ($175/$185 billion) or Microsoft (estimated $150+ billion) Qualcomm $12.25 billion in revenues, up 5 percent Alphabet/Google - Up 18 percent (!) to $113.8 billion - 750 million MAUs on Gemini, 74 percent of revenues come from advertising Spotify - somehow has over 750 million MAUs now AI and dev OpenAI and Anthropic release dueling agentic AI coding models that do more than agentic AI coding within minutes of each other Ads appear in ChatGPT Free and Go as threatened Duck.ai adds private, anonymous real-time AI voice chat NET 11 Preview 1 arrives, but there's nothing major here Xbox & games Microsoft announces the 2025 Xbox Excellence Awards Celebrate 35 years of Id Software - Castle Wolfenstein 3D was a wake-up call for PC gaming, but DOOM was a miracle, and Quake was a real WTF moment Sony sold 8 million PlayStation 5s (down 16 percent YOY) in the holiday quarter, 92 million (!) overall Valve predictably delays the vaporware Steam Machine Epic Games is having a winter sale - for example, Silent Hill 2, GTA V Enhanced are 50 percentR These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/970 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: threatlocker.com/twit helixsleep.com/windows trustedtech.team/windowsweekly365 cachefly.com/twit

Patch Tuesday. Preliminary findings from the European Commission come down on TikTok. Switzerland's military cancels its contract with Palantir. Social engineering leads to payroll fraud. Google hands over extensive personal data on a British student activist. Researchers unearth a global espionage operation called “The Shadow Campaigns.” Notepad's newest features could lead to remote code execution. Our guest is Hazel Cerra, Resident Agent in Charge of the Atlantic City Office for the United States Secret Service. Ring says it's all about dogs, but critics hear the whistle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we're joined by Hazel Cerra, Resident Agent in Charge of the Atlantic City Office for the United States Secret Service, as she discusses the evolution of the Secret Service's investigative mission—from its early focus on financial crimes such as counterfeit currency and credit card fraud to the growing challenges posed by cryptocurrency-related crime. Selected Reading Microsoft February 2026 Patch Tuesday Fixes 58 Vulnerabilities, Six actively Exploited Flaws (Beyond Machines) Adobe Releases February 2026 Patches for Multiple Products (Beyond Machines) ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, Phoenix Contact (SecurityWeek) Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMD (SecurityWeek) Commission preliminarily finds TikTok's addictive design in breach of the Digital Services Act (European Commission) Palantir's Swiss Exit Highlights Global Data Sovereignty Challenge (NewsCase) Payroll pirates conned the help desk, stole employee's pay (The Register) Google Fulfilled ICE Subpoena Demanding Student Journalist's Bank and Credit Card Numbers (The Intercept) The Shadow Campaigns: Uncovering Global Espionage (Palo Alto Networks Unit 42) Notepad's new Markdown powers served with a side of RCE (The Register) With Ring, American Consumers Built a Surveillance Dragnet (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft released updates on Patch Tuesday addressing six zero-day vulnerabilities actively exploited before patch release. These include critical flaws in Windows Shell, Internet Explorer, and Microsoft Word, each posing significant risks. The vulnerabilities involve security feature bypasses, emphasizing the need for immediate attention and patch deployment. Business owners and startup founders are urged to maintain regular software updates and proactive cybersecurity strategies to safeguard digital assets.Learn more on this news by visiting us at: https://greyjournal.net/news/ Hosted on Acast. See acast.com/privacy for more information.

Referências do EpisódioMicrosoft - February 2026 Security UpdatesMicrosoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flawsMicrosoft Patch Tuesday – February 2026CVE-2025-52436 - XSS via back buttonCVE-2026-22153 - LDAP authentication bypass in Agentless VPN and FSSOCMC 932CMC 934VoidLink: um sinal do fim do gargalo humano no desenvolvimento de malware avançadoRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

February's Patch Tuesday includes two actively exploited vulnerabilities you need to patch now. Ryan Braunstein breaks down a denial of service flaw in Windows Remote Access Connection Manager that can black out your VPN infrastructure and leave remote endpoints unreachable. Seth Hoyt covers a pair of SmartScreen bypasses that let malicious files slip past Windows security prompts without warning.Both vulnerabilities rely on user interaction to succeed, and phishing is getting harder to spot. Ryan and Seth discuss how AI is lowering the barrier to entry for attackers, making convincing phishing emails easier to generate and enabling single actors to operate like full teams.What you'll learn:• How attackers use VPN disruption as a distraction for larger attacks• Why SmartScreen bypasses are a serious initial access vector• Which endpoints to prioritize for patching• How AI is changing the threat model for social engineeringPatch your systems. Train your users. Stay ahead.

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Podcast: Industrial Cybersecurity InsiderEpisode: The Patching Gap Putting Industrial Operations at Risk: IT vs OTPub date: 2026-01-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino tackle one of industrial cybersecurity's most critical challenges in this Rewind episode: the massive gap between IT and OT patching strategies. IT organizations patch constantly—think Patch Tuesday. OT environments rarely patch at all, creating dangerous vulnerability gaps across connected networks. The hosts explore why this disconnect exists. Production floor downtime costs are astronomical, making patching a risky business decision. OEM restrictions complicate matters further. Many vendors won't support systems or warranties after unauthorized updates. Managing decades-old equipment alongside modern systems creates another layer of complexity. Legacy PLCs weren't designed with patching in mind. The consequences of not patching are mounting. Insurance companies are tightening requirements and regulatory pressures are intensifying. Craig and Dino offer practical solutions that don't require shutting down production lines. Virtual patching technologies can protect legacy control systems without traditional software updates. The hosts emphasize the urgent need for IT-OT collaboration. All stakeholders—including OEMs and system integrators—must be part of strategic cybersecurity conversations. This episode is essential listening for CISOs, plant managers, and anyone responsible for protecting industrial operations. The connected world isn't waiting for OT to catch up. Chapters:00:00:00 - Introduction to Patching Challenges00:01:08 - IT vs OT Patching: Key Differences00:02:55 - Understanding the Cost of Downtime in OT00:03:32 - Overcoming Challenges with Legacy Systems00:05:21 - Navigating OEMs and Safety Concerns00:06:45 - The Role of Safety in OT Patching00:08:52 - Exploring Virtual Patching Solutions00:13:11 - Enhancing Vendor Collaboration and Risk Management00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity00:18:33 - Addressing Insurance and Compliance Issues00:20:12 - Significant Consequences of Not Patching00:23:14 - Building an Effective Collaborative Cybersecurity Strategy00:24:03 - Conclusion and Actionable InsightsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this week's show, Patrick Gray and Adam Boileau discuss the week's cybersecurity news, joined by a special guest. BBC World Cyber Correspondent Joe Tidy is a long time listener and he pops in for a ride-along in the news segment plus a chat about his new book. This week news includes: Did the US cyber Venezuela's power grid, or do they just want us to think they coulda? US govt might boycott the RSAC Conference ‘cause Jen Easterly being CEO makes them mad MS Patch Tuesday fixes CVSS5.5 bug and … stops you shutting down Wiz pulls off cloud stunt hack that ends with control of everyone's AWS console Millions of Bluetooth devices that use Google's Fast Pairing will pair with anyone, any time GNU inet-tools' telnetd parties like it's 2007, and brings -f root unauthed remote login back Thinkst is this week's sponsor, and long time friend of the show Haroon Meer joins. As always they're polishing their Canary tokens - adding breadcrumbs to lead you to them - but they're also a bunch of giant nerds who now run South Africa's Computer Olympiad. This episode is also available on Youtube. Show notes Cyberattack in Venezuela Demonstrated Precision of U.S. Capabilities - The New York Times Why I'm withholding certainty that “precise” US cyber-op disrupted Venezuelan electricity - Ars Technica Layered Ambiguity: US Cyber Capabilities in the Raid to Extract Maduro from Venezuela | Royal United Services Institute Former CISA Director Jen Easterly Will Lead RSAC Conference | WIRED Trump officials consider skipping premier cyber conference after Biden-era cyber leader named CEO - Nextgov/FCW Federal agencies ordered to patch Microsoft Desktop Windows Manager bug | The Record from Recorded Future News Windows 11 shutdown bug forces Microsoft into damage control • The Register CodeBreach: Supply Chain Vuln & AWS CodeBuild Misconfig | Wiz Blog Critical flaw in AWS Console risked compromise of build environment | Cybersecurity Dive Never-before-seen Linux malware is “far more advanced than typical” - Ars Technica VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun - Check Point Research Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking | WIRED Critical flaw in Fortinet FortiSIEM targeted in exploitation threat | Cybersecurity Dive CVE-2025-64155: 3 Years of Remotely Rooting the FortiSIEM A single click mounted a covert, multistage attack against Copilot - Ars Technica Police raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader | The Record from Recorded Future News Jordanian initial access broker pleads guilty to helping target 50 companies | The Record from Recorded Future News Supreme Court hacker posted stolen government data on Instagram | TechCrunch oss-sec: GNU InetUtils Security Advisory: remote authentication by-pass in telnetd How crypto criminals stole $700 million from people - often using age-old tricks Ctrl + Alt + Chaos: How Teenage Hackers Hijack the Internet

Synopsis L'épisode 0x284 lance 2026 avec PAtrick, Jacques et Vanessa, rejoints par Richer, pour un gros focus sur l'Open Banking, aussi appelé consumer-driven banking, au Canada : à quoi ressemble le cadre qui se met en place, comment l'accréditation et la gouvernance peuvent influencer la confiance, et quels nouveaux risques apparaissent quand des tiers et des intermédiaires accèdent à des données financières sensibles. Le trio enchaîne ensuite sur la gestion des vulnérabilités côté terrain : pourquoi une liste de « 50 CVE » ne suffit pas, et comment mieux prioriser en combinant exploitabilité, exposition réelle et impact business. Ils reviennent aussi sur un piège fréquent en DevSecOps : quand « tout le monde est responsable », l'imputabilité se dilue et les décisions critiques s'éternisent. Enfin, ils font le tour de l'actualité cyber : des actions policières importantes, dont Black Axe, à l'ironie très révélatrice de BreachForums qui se fait breacher. Un rappel concret que les fuites de données finissent souvent par devenir des pièces à conviction et des accélérateurs d'enquêtes. Nouvelles Patrick Bureau en gros se fait prendre AMP voit un problème avec la SAAQ… Vanessa Capsule - systèmes bancaire axé sur les consommateurs Jacques Patchez vos systèmes!! Le premier Patch Tuesday de 2026! Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime BreachForums Breached, Exposing 324K Cybercriminals BreachForums database leak Richer Structure over chaos par Tyler Andrew Cole - book Thinking fast and slow par Daniel Kahneman - book Crew Patrick Mathieu Vanessa Henri Richer Dinelle Jacques Sauvé Shamelessplug Join Hackfest/La French Connection Discord #La-French-Connection Join Hackfest us on Masodon POLAR - Québec - 29 Octobre 2026 Hackfest - Québec - 29-30-31 Octobre 2026 Crédits Montage audio par Hackfest Communication Music par Dynamic Range – Acid - Psy Tune Locaux virtuels par Streamyard

On this episode, I cover the recent Windows Updates from Patch Tuesday and the issues caused by them, some recent AI developments and worrying news that a Fortune 100 Financial company was hit by a strain of malware plus much more! Reference Links: https://www.rorymon.com/blog/apple-and-google-sign-major-agreement-patch-tuesday-news-chatgpt-go-now-worldwide/

Patch Tuesday fallout, China sidelines Western security vendors, and a critical flaw puts industrial switches at risk of remote takeover. A ransomware attack disrupts a Belgian hospital, crypto scams hit investment clients, and Eurail discloses a data breach. Analysts press Congress to go on offense in cyberspace, and Sean Plankey gets another shot at leading CISA. In our Threat Vector segment, David Moulton sits down with Ian Swanson, AI Security Leader at Palo Alto Networks about supply chain security. And, an AI risk assessment cites a football match that never happened. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment AI security is no longer optional, it's urgent. In this segment of Threat Vector, David Moulton sits down with Ian Swanson, former CEO of Protect AI and now the AI Security Leader at Palo Alto Networks. Ian shares how securing the AI supply chain has become the next frontier in cybersecurity and why every enterprise building or integrating AI needs to treat it like any other software pipeline—rife with dependencies, blind spots, and adversaries ready to exploit them. You can catch the full conversation here and listen to new episodes of Threat Vector every Thursday on your favorite podcast app. Selected Reading Patch Tuesday, January 2026 Edition (Krebs on Security) Adobe Patches Critical Apache Tika Bug in ColdFusion (SecurityWeek) Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities (SecurityWeek) Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM (SecurityWeek) Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say (Reuters) Critical OpenSSH flaw exposes Moxa industrial switches to remote takeover (Beyond Machines) Cyberattack forces Belgian hospital to transfer critical care patients (The Record) Betterment confirms data breach after wave of crypto scam emails (Bleeping Computer) Passports, bank details compromised in Eurail data breach (The Register) Lawmakers Urged to Let US Take on 'Offensive' Cyber Role (Bank InfoSecurity) Sean Plankey re-nominated to lead CISA (CyberScoop) Police chief admits misleading MPs after AI used in justification for banning Maccabi Tel Aviv fans (BBC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Satya Nadella gave up much of his CEO duties in 2025. Are we on the cusp of a new CEO? And does some money manager/political duo like Amy Hood and Brad Smith actually make more sense in this role than an engineer-type for the modern Microsoft? Microsoft is trying to win our hearts and minds on AI After spending three years trying to jam AI down our collective throats, Microsoft has only met resistance. Now, the real marketing begins Governments and regulators: Microsoft will build out its AI infrastructure by actually paying for it and respecting the communities in which this happens Customers: Satya Nadella is blogging, and he wants us to stop complaining about AI. He's the wrong messenger Windows 11 First Patch Tuesday of 2026 brings security and bug fixes but no new features First update of 2026 brings Copilot-powered image descriptions in Narrator, new IT policies for Copilot, other changes to Dev & Beta Dev is about to switch to 26H1 IDC says that PC sales rose 8.1 percent in 2025, warns again about 2026 The good & bad of Paul's Panther Lake laptop Dell doesn't sell any PCs to consumers so it obviously has opinions about why consumers don't buy PCs for AI Microsoft will soon retire its Lens mobile app AI Apple predictably partners with Google to bring Gemini to Siri Samsung correctly points out we're all using AI already so there's no reason to complain about it We can't trust AI, so Microsoft is letting Copilot go shopping with our credit cards We can't trust AI, so OpenAI is giving ChatGPT access to our private health data Gmail is getting more AI because email is the low-hanging fruit of data collection Xbox and gaming Developer Direct returns on January 22 with Fable and Forza 6 gameplay Microsoft to bring Avowed to PS5 in February Tips and picks Tip of the week: Kick off 2026 with a security checkup App pick of the week: Microsoft Local Foundry RunAs Radio this week: Azure in 2026 with Jeremy Winter Brown liquor pick of the week: Don Julio 70 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security helixsleep.com/windows

Satya Nadella gave up much of his CEO duties in 2025. Are we on the cusp of a new CEO? And does some money manager/political duo like Amy Hood and Brad Smith actually make more sense in this role than an engineer-type for the modern Microsoft? Microsoft is trying to win our hearts and minds on AI After spending three years trying to jam AI down our collective throats, Microsoft has only met resistance. Now, the real marketing begins Governments and regulators: Microsoft will build out its AI infrastructure by actually paying for it and respecting the communities in which this happens Customers: Satya Nadella is blogging, and he wants us to stop complaining about AI. He's the wrong messenger Windows 11 First Patch Tuesday of 2026 brings security and bug fixes but no new features First update of 2026 brings Copilot-powered image descriptions in Narrator, new IT policies for Copilot, other changes to Dev & Beta Dev is about to switch to 26H1 IDC says that PC sales rose 8.1 percent in 2025, warns again about 2026 The good & bad of Paul's Panther Lake laptop Dell doesn't sell any PCs to consumers so it obviously has opinions about why consumers don't buy PCs for AI Microsoft will soon retire its Lens mobile app AI Apple predictably partners with Google to bring Gemini to Siri Samsung correctly points out we're all using AI already so there's no reason to complain about it We can't trust AI, so Microsoft is letting Copilot go shopping with our credit cards We can't trust AI, so OpenAI is giving ChatGPT access to our private health data Gmail is getting more AI because email is the low-hanging fruit of data collection Xbox and gaming Developer Direct returns on January 22 with Fable and Forza 6 gameplay Microsoft to bring Avowed to PS5 in February Tips and picks Tip of the week: Kick off 2026 with a security checkup App pick of the week: Microsoft Local Foundry RunAs Radio this week: Azure in 2026 with Jeremy Winter Brown liquor pick of the week: Don Julio 70 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security helixsleep.com/windows

Satya Nadella gave up much of his CEO duties in 2025. Are we on the cusp of a new CEO? And does some money manager/political duo like Amy Hood and Brad Smith actually make more sense in this role than an engineer-type for the modern Microsoft? Microsoft is trying to win our hearts and minds on AI After spending three years trying to jam AI down our collective throats, Microsoft has only met resistance. Now, the real marketing begins Governments and regulators: Microsoft will build out its AI infrastructure by actually paying for it and respecting the communities in which this happens Customers: Satya Nadella is blogging, and he wants us to stop complaining about AI. He's the wrong messenger Windows 11 First Patch Tuesday of 2026 brings security and bug fixes but no new features First update of 2026 brings Copilot-powered image descriptions in Narrator, new IT policies for Copilot, other changes to Dev & Beta Dev is about to switch to 26H1 IDC says that PC sales rose 8.1 percent in 2025, warns again about 2026 The good & bad of Paul's Panther Lake laptop Dell doesn't sell any PCs to consumers so it obviously has opinions about why consumers don't buy PCs for AI Microsoft will soon retire its Lens mobile app AI Apple predictably partners with Google to bring Gemini to Siri Samsung correctly points out we're all using AI already so there's no reason to complain about it We can't trust AI, so Microsoft is letting Copilot go shopping with our credit cards We can't trust AI, so OpenAI is giving ChatGPT access to our private health data Gmail is getting more AI because email is the low-hanging fruit of data collection Xbox and gaming Developer Direct returns on January 22 with Fable and Forza 6 gameplay Microsoft to bring Avowed to PS5 in February Tips and picks Tip of the week: Kick off 2026 with a security checkup App pick of the week: Microsoft Local Foundry RunAs Radio this week: Azure in 2026 with Jeremy Winter Brown liquor pick of the week: Don Julio 70 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security helixsleep.com/windows

Satya Nadella gave up much of his CEO duties in 2025. Are we on the cusp of a new CEO? And does some money manager/political duo like Amy Hood and Brad Smith actually make more sense in this role than an engineer-type for the modern Microsoft? Microsoft is trying to win our hearts and minds on AI After spending three years trying to jam AI down our collective throats, Microsoft has only met resistance. Now, the real marketing begins Governments and regulators: Microsoft will build out its AI infrastructure by actually paying for it and respecting the communities in which this happens Customers: Satya Nadella is blogging, and he wants us to stop complaining about AI. He's the wrong messenger Windows 11 First Patch Tuesday of 2026 brings security and bug fixes but no new features First update of 2026 brings Copilot-powered image descriptions in Narrator, new IT policies for Copilot, other changes to Dev & Beta Dev is about to switch to 26H1 IDC says that PC sales rose 8.1 percent in 2025, warns again about 2026 The good & bad of Paul's Panther Lake laptop Dell doesn't sell any PCs to consumers so it obviously has opinions about why consumers don't buy PCs for AI Microsoft will soon retire its Lens mobile app AI Apple predictably partners with Google to bring Gemini to Siri Samsung correctly points out we're all using AI already so there's no reason to complain about it We can't trust AI, so Microsoft is letting Copilot go shopping with our credit cards We can't trust AI, so OpenAI is giving ChatGPT access to our private health data Gmail is getting more AI because email is the low-hanging fruit of data collection Xbox and gaming Developer Direct returns on January 22 with Fable and Forza 6 gameplay Microsoft to bring Avowed to PS5 in February Tips and picks Tip of the week: Kick off 2026 with a security checkup App pick of the week: Microsoft Local Foundry RunAs Radio this week: Azure in 2026 with Jeremy Winter Brown liquor pick of the week: Don Julio 70 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security helixsleep.com/windows

Satya Nadella gave up much of his CEO duties in 2025. Are we on the cusp of a new CEO? And does some money manager/political duo like Amy Hood and Brad Smith actually make more sense in this role than an engineer-type for the modern Microsoft? Microsoft is trying to win our hearts and minds on AI After spending three years trying to jam AI down our collective throats, Microsoft has only met resistance. Now, the real marketing begins Governments and regulators: Microsoft will build out its AI infrastructure by actually paying for it and respecting the communities in which this happens Customers: Satya Nadella is blogging, and he wants us to stop complaining about AI. He's the wrong messenger Windows 11 First Patch Tuesday of 2026 brings security and bug fixes but no new features First update of 2026 brings Copilot-powered image descriptions in Narrator, new IT policies for Copilot, other changes to Dev & Beta Dev is about to switch to 26H1 IDC says that PC sales rose 8.1 percent in 2025, warns again about 2026 The good & bad of Paul's Panther Lake laptop Dell doesn't sell any PCs to consumers so it obviously has opinions about why consumers don't buy PCs for AI Microsoft will soon retire its Lens mobile app AI Apple predictably partners with Google to bring Gemini to Siri Samsung correctly points out we're all using AI already so there's no reason to complain about it We can't trust AI, so Microsoft is letting Copilot go shopping with our credit cards We can't trust AI, so OpenAI is giving ChatGPT access to our private health data Gmail is getting more AI because email is the low-hanging fruit of data collection Xbox and gaming Developer Direct returns on January 22 with Fable and Forza 6 gameplay Microsoft to bring Avowed to PS5 in February Tips and picks Tip of the week: Kick off 2026 with a security checkup App pick of the week: Microsoft Local Foundry RunAs Radio this week: Azure in 2026 with Jeremy Winter Brown liquor pick of the week: Don Julio 70 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security helixsleep.com/windows

Satya Nadella gave up much of his CEO duties in 2025. Are we on the cusp of a new CEO? And does some money manager/political duo like Amy Hood and Brad Smith actually make more sense in this role than an engineer-type for the modern Microsoft? Microsoft is trying to win our hearts and minds on AI After spending three years trying to jam AI down our collective throats, Microsoft has only met resistance. Now, the real marketing begins Governments and regulators: Microsoft will build out its AI infrastructure by actually paying for it and respecting the communities in which this happens Customers: Satya Nadella is blogging, and he wants us to stop complaining about AI. He's the wrong messenger Windows 11 First Patch Tuesday of 2026 brings security and bug fixes but no new features First update of 2026 brings Copilot-powered image descriptions in Narrator, new IT policies for Copilot, other changes to Dev & Beta Dev is about to switch to 26H1 IDC says that PC sales rose 8.1 percent in 2025, warns again about 2026 The good & bad of Paul's Panther Lake laptop Dell doesn't sell any PCs to consumers so it obviously has opinions about why consumers don't buy PCs for AI Microsoft will soon retire its Lens mobile app AI Apple predictably partners with Google to bring Gemini to Siri Samsung correctly points out we're all using AI already so there's no reason to complain about it We can't trust AI, so Microsoft is letting Copilot go shopping with our credit cards We can't trust AI, so OpenAI is giving ChatGPT access to our private health data Gmail is getting more AI because email is the low-hanging fruit of data collection Xbox and gaming Developer Direct returns on January 22 with Fable and Forza 6 gameplay Microsoft to bring Avowed to PS5 in February Tips and picks Tip of the week: Kick off 2026 with a security checkup App pick of the week: Microsoft Local Foundry RunAs Radio this week: Azure in 2026 with Jeremy Winter Brown liquor pick of the week: Don Julio 70 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security helixsleep.com/windows

Happy New Year! In this episode, Automox cybersecurity experts Ryan Braunstein and Seth Hoyt break down the security vulnerabilities you need to know heading into 2026.First up: a ticking time bomb. Microsoft's 2011 Secure Boot certificates expire in June and October 2026, making this your top patching priority for the year. If your BIOS and OS aren't both updated, you're leaving the door wide open for rootkit attacks. Start auditing your hardware now. You have six months.Next up: a Windows Installer Elevation of Privilege Vulnerability that exploits a time-of-check to time-of-use (TOCTOU) race condition. Think of it like swapping wristbands after the bouncer checks you at the door.Finally, an actively exploited flaw in Desktop Window Manager that can leak sensitive information and even break out of sandboxes.Patch your systems. Patch your BIOS. See you next month.

Got a question or comment? Message us here!

 What if the biggest time-saving wins don't come from major projects—but from eliminating the small, repetitive tasks eating up your week?In this episode, Automox Solutions Consultant Jeremy Maldonado shares his New Year's resolution: reduce burnout by automating the manual work that drains IT teams. From device enrollment and patching policies to tracking down failures without babysitting your machines, Jeremy walks through practical ways to reclaim your time and mental energy.You'll learn:  - How to automate device setup the moment it comes online  - Best practice policy templates you can use out of the gate  - Scheduling patches around Patch Tuesday without touching your policies  - Using policy results reports and analytics to troubleshoot smarter  - Why "babysitting" patch day is a sign something needs to changeWhether you're new to Automox or looking to refine your workflow, this episode is a reminder: your time matters, and automation should give it back to you.

This Christmas, strap in for three hours of vulnerabilities, patches, and the occasional existential crisis about holiday skeleton crews. This megacut compiles every 2025 episode of Patch [FIX] Tuesday, featuring Automox security engineers Ryan Braunstein, Henry Smith, Seth Hoyt, Mat Lee, and Tom Bowyer breaking down the year's most critical security updates.What's inside:All 12 Patch [FIX] Tuesday episodes from January through December 2025macOS and Apple security updatesZero-days, CVEs, and actively exploited vulnerabilitiesCandid discussions on Hyper-V escapes, SSH hijacking chains, React RCE, and moreWhether you're catching up on a year of patches or need something smarter than carols for a long holiday drive or late-night remediation – this compilation has you covered.

Apple and Google issue emergency updates to patch zero-days.  Google links five additional Chinese state-backed hacking groups to “React2Shell.” France's Ministry of the Interior was hit by a cyberattack. Atlassian patches roughly 30 third-party vulnerabilities. Microsoft says its December 2025 Patch Tuesday updates are breaking Message Queuing. Researchers uncovered a massive exposed database with nearly 4.3 billion professional records openly accessible online. Britain's new MI6 chief warns of an “aggressive, expansionist, and revisionist” Russia. Monday Business Brief. On today's Threat Vector, ⁠Michael Heller⁠ from Unit 42 chats with security leaders ⁠Greg Conti⁠ and ⁠Tom Cross⁠ to unpack the hacker mindset and the idea of “dark capabilities”. A cyber holiday gift guide for the rest of us.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of Threat Vector, host ⁠Michael Heller⁠, Managing Editor for Cortex and Unit 42 and Executive Producer of the podcast, sits down with long-time security leaders ⁠Greg Conti⁠ and ⁠Tom Cross⁠ to unpack the hacker mindset and the idea of “dark capabilities” inside modern technology companies. You can listen to their full discussion here. Be sure to catch new episodes of Threat Vector by Palo Alto Networks every Thursday on your favorite podcast app. Selected Reading Apple, Google forced to issue emergency 0-day patches (The Register) Google links more Chinese hacking groups to React2Shell attacks (Bleeping Computer) French Interior Ministry confirms cyberattack on email servers (Bleeping Computer) Atlassian Patches Critical Apache Tika Flaw (SecurityWeek) Microsoft: December security updates cause Message Queuing failures (Bleeping Computer) 16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records (Hackread) MI6 chief warns 'front line is everywhere' and signals intent to pressure Putin (The Record) Saviynt raises $700 million in Series B growth equity financing. (The CyberWire Business Brief) Last-minute cybersecurity and privacy gifts your friends and family won't hate (This Week In Security) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

(Presented by ThreatLocker (https://threatlocker.com/threebuddyproblem): Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 76: On the show this week, Costin walks through how a single Romanian documentary kick-started nationwide protests, exposing how corruption can be perfectly legal when the law itself is gamed, and why this moment feels different, darker, and more consequential than past flare-ups. Plus, news on the React-to-Shell exploitation wave overwhelming the internet, why patching is structurally hard, and how APTs and criminals are converging on the same fragile dependency chain. Along the way, they take aim at Microsoft's shrinking transparency, the limits of vendor trust, and what it really means when defenders are told (again) to just patch and pray. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Patch Tuesday. Federal prosecutors charge a Houston man with smuggling Nvidia chips to China, a Ukrainian woman for targeting critical infrastructure, and an Atlanta activist for wiping his phone. The power sector sees cyber threats doubling. The new Spiderman phishing kit slings its way across the dark web. Our guest is Dick O'Brien, Principal Intelligence Analyst from Symantec and Carbon Black Threat Hunter Team, discussing “Unwanted Gifts: Major Campaign Lures Targets with Fake Party Invites.” The Pentagon unveils a killer chatbot.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Dick O'Brien, Principal Intelligence Analyst from Symantec and Carbon Black Threat Hunter Team, is discussing “Unwanted Gifts: Major Campaign Lures Targets with Fake Party Invites." Selected Reading Microsoft Patches 57 Vulnerabilities, Three Zero-Days (SecurityWeek) Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data (SecurityWeek) Adobe Patches Nearly 140 Vulnerabilities (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Rockwell, Schneider (SecurityWeek) Fortinet Patches Critical Authentication Bypass Vulnerabilities (SecurityWeek) Smuggling Ring Charged as Trump Okays Nvidia Sales to China (Gov Infosecurity) Cybersecurity in power: supply chain most vulnerable, varying confidence in resilience (Power Technology) Spiderman Phishing Kit Targets European Banks with Real-Time Credential Theft (Hackread) Hospice Firm, Eye Care Practice Notifying 520,000 of Hacks (Bank Infosecurity) Ukrainian hacker charged with helping Russian hacktivist groups (Bleeping Computer) Man Charged for Wiping Phone Before CBP Could Search It (404 Media) Pete Hegseth Says the Pentagon's New Chatbot Will Make America 'More Lethal' (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

December 2025's Patch Tuesday brought major shifts, but the real action is in Microsoft's pricing, privacy battles, and the arms race to control AI-enabled browsers. Plus, Paul recommends Tiny11 Builder for a clean install, or Win11Debloat for an existing install. Then, Rufus to create installation media without the forced Microsoft account (MSA) sign-in or hardware requirement checks. Use MSEdgeDirect to use the default web browser for stories from Widgets, web-based search results, etc. And ExplorerPatcher can fix the performance and reliability issues in File Explorer. It's the final Patch Tuesday of 2025 Major dark mode updates (with a fix for the "flashbang" problem) AI Agent in Settings, Click to Do, Windows Studio Effects, and Search improvements for Copilot+ PCs Many other improvements: FSE, Share, Settings, Widgets, more More Windows 11 New 25H2 preview build on Beta/Dev adds MCP public preview, Quick Machine Recovery auto-enabled, Unified Update Orchestration Platform, Windows MIDI services Microsoft 365 Microsoft 365 is getting a lot more expensive in mid-2026. You didn't think all those free AI updates were free, did you? AI Paul has been talking about "programmatic" apps and services because he wasn't sure of a term for this type of interaction. But there is a term for this: Semantic. As in semantic web. And there you go Microsoft one of 1,000 companies partnering on Agentic AI Foundation because you're getting agents whether they work or not Gartner says NO to AI web browsers The New York Times is suing Perplexity for all the obvious reasons After a big win in the legal battle with OpenAI Opera for Android gets a big AI update Google Workspace Studio brings code-free agent creation to business users - automation is a solid AI use case Xbox Xbox Series X|S notably absent during Black Friday sales Call of Duty won't repeat the mistakes of the past anymore since it didn't work out twice now MS Flight Simulator 2024 is now available on PS5 Red Dead Redemption comes to mobile for the first time, free with a Netflix account Tips & Picks Tip and app(s) of the week: De-enshittify Windows 11 RunAs Radio this week: Incident Management and the Crowdstrike Event with Liam Westley Brown liquor pick of the week: Old Farm Pennsylvania Straight Rye Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/windowsweekly auraframes.com/ink helixsleep.com/windows ventionteams.com/twit

December 2025's Patch Tuesday brought major shifts, but the real action is in Microsoft's pricing, privacy battles, and the arms race to control AI-enabled browsers. Plus, Paul recommends Tiny11 Builder for a clean install, or Win11Debloat for an existing install. Then, Rufus to create installation media without the forced Microsoft account (MSA) sign-in or hardware requirement checks. Use MSEdgeDirect to use the default web browser for stories from Widgets, web-based search results, etc. And ExplorerPatcher can fix the performance and reliability issues in File Explorer. It's the final Patch Tuesday of 2025 Major dark mode updates (with a fix for the "flashbang" problem) AI Agent in Settings, Click to Do, Windows Studio Effects, and Search improvements for Copilot+ PCs Many other improvements: FSE, Share, Settings, Widgets, more More Windows 11 New 25H2 preview build on Beta/Dev adds MCP public preview, Quick Machine Recovery auto-enabled, Unified Update Orchestration Platform, Windows MIDI services Microsoft 365 Microsoft 365 is getting a lot more expensive in mid-2026. You didn't think all those free AI updates were free, did you? AI Paul has been talking about "programmatic" apps and services because he wasn't sure of a term for this type of interaction. But there is a term for this: Semantic. As in semantic web. And there you go Microsoft one of 1,000 companies partnering on Agentic AI Foundation because you're getting agents whether they work or not Gartner says NO to AI web browsers The New York Times is suing Perplexity for all the obvious reasons After a big win in the legal battle with OpenAI Opera for Android gets a big AI update Google Workspace Studio brings code-free agent creation to business users - automation is a solid AI use case Xbox Xbox Series X|S notably absent during Black Friday sales Call of Duty won't repeat the mistakes of the past anymore since it didn't work out twice now MS Flight Simulator 2024 is now available on PS5 Red Dead Redemption comes to mobile for the first time, free with a Netflix account Tips & Picks Tip and app(s) of the week: De-enshittify Windows 11 RunAs Radio this week: Incident Management and the Crowdstrike Event with Liam Westley Brown liquor pick of the week: Old Farm Pennsylvania Straight Rye Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/windowsweekly auraframes.com/ink helixsleep.com/windows ventionteams.com/twit

December 2025's Patch Tuesday brought major shifts, but the real action is in Microsoft's pricing, privacy battles, and the arms race to control AI-enabled browsers. Plus, Paul recommends Tiny11 Builder for a clean install, or Win11Debloat for an existing install. Then, Rufus to create installation media without the forced Microsoft account (MSA) sign-in or hardware requirement checks. Use MSEdgeDirect to use the default web browser for stories from Widgets, web-based search results, etc. And ExplorerPatcher can fix the performance and reliability issues in File Explorer. It's the final Patch Tuesday of 2025 Major dark mode updates (with a fix for the "flashbang" problem) AI Agent in Settings, Click to Do, Windows Studio Effects, and Search improvements for Copilot+ PCs Many other improvements: FSE, Share, Settings, Widgets, more More Windows 11 New 25H2 preview build on Beta/Dev adds MCP public preview, Quick Machine Recovery auto-enabled, Unified Update Orchestration Platform, Windows MIDI services Microsoft 365 Microsoft 365 is getting a lot more expensive in mid-2026. You didn't think all those free AI updates were free, did you? AI Paul has been talking about "programmatic" apps and services because he wasn't sure of a term for this type of interaction. But there is a term for this: Semantic. As in semantic web. And there you go Microsoft one of 1,000 companies partnering on Agentic AI Foundation because you're getting agents whether they work or not Gartner says NO to AI web browsers The New York Times is suing Perplexity for all the obvious reasons After a big win in the legal battle with OpenAI Opera for Android gets a big AI update Google Workspace Studio brings code-free agent creation to business users - automation is a solid AI use case Xbox Xbox Series X|S notably absent during Black Friday sales Call of Duty won't repeat the mistakes of the past anymore since it didn't work out twice now MS Flight Simulator 2024 is now available on PS5 Red Dead Redemption comes to mobile for the first time, free with a Netflix account Tips & Picks Tip and app(s) of the week: De-enshittify Windows 11 RunAs Radio this week: Incident Management and the Crowdstrike Event with Liam Westley Brown liquor pick of the week: Old Farm Pennsylvania Straight Rye Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/windowsweekly auraframes.com/ink helixsleep.com/windows ventionteams.com/twit

Some staffing changes near the top at Apple were announced this week, with Alan Dye, design guy, moving to Meta getting a lot of press. But many say good riddance. There was also plenty of other tech news dropping this week, we try to get you caught up with what you need to know. Of course, we have some great tips for you and even a special guest during our picks of the week. All so you can get out there and tech better! Gadget Gift Guide for Geeks Watch on YouTube! - Notnerd.com and Notpicks.com INTRO (00:00) After Apple refusal, Indian government completes U-turn on mandatory iPhone app (03:00) MAIN TOPIC: Apple Design is a changing (04:45) Apple design executive Alan Dye poached by Meta in major coup Apple design boss Alan Dye departing for Meta Alan.app Apple announces executive transitions Apple chief Johny Srouji confirms he isn't going anywhere DAVE'S PRO-TIP OF THE WEEK: Get a Callback Reminder for a Missed Call (13:10) JUST THE HEADLINES: (19:10) End-to-end encrypted smart toilet camera is not actually end-to-end encrypted Cloudflare says it has fended off 416 billion AI bot scrape requests in five months Amazon starts testing 'ultra-fast' 30-minute deliveries Woman hailed as hero for smashing man's Meta smart glasses on subway All of Russia's Porsches were bricked by a mysterious satellite outage HBO Max forgot to remove a 'vomit hose' crew member in Mad Men 4K Oregon sportswear giant Columbia pledges to give 'the company' to anyone who can prove the Earth is flat TAKES: YouTube introduces its own version of Spotify Wrapped for videos (21:30) Even Microsoft's retro holiday sweaters are having Copilot forced upon them (26:35) Bending Spoons to acquire Eventbrite in $500M all-cash deal (30:00) Netflix agrees to buy Warner Bros. in an $82.7-billion deal that will transform Hollywood (32:05) Microsoft December 2025 Patch Tuesday (34:55) BONUS ODD TAKE: An online collection of found cassette tapes (36:25) PICKS OF THE WEEK:  Dave: Headlamp Rechargeable 2PCS, 230° Wide Beam Head Lamp LED with Motion Sensor for Adults - Camping Accessories Gear, Waterproof Head Light Flashlight for Hiking, Running, Repairing, Fishing, Cycling (39:30) Nate: Bambu Lab A1 Mini 3D Printer, Support Multi-Color 3D Printing, Set Up in 20 Mins, High Speed & Precision, Full-Auto Calibration & Active Flow Rate Compensation, ≤48 dB Quiet FDM 3D Printers (44:00) Gadget Gift Guide for Geeks RAMAZON PURCHASE OF THE WEEK (52:35)

December 2025's Patch Tuesday brought major shifts, but the real action is in Microsoft's pricing, privacy battles, and the arms race to control AI-enabled browsers. Plus, Paul recommends Tiny11 Builder for a clean install, or Win11Debloat for an existing install. Then, Rufus to create installation media without the forced Microsoft account (MSA) sign-in or hardware requirement checks. Use MSEdgeDirect to use the default web browser for stories from Widgets, web-based search results, etc. And ExplorerPatcher can fix the performance and reliability issues in File Explorer. It's the final Patch Tuesday of 2025 Major dark mode updates (with a fix for the "flashbang" problem) AI Agent in Settings, Click to Do, Windows Studio Effects, and Search improvements for Copilot+ PCs Many other improvements: FSE, Share, Settings, Widgets, more More Windows 11 New 25H2 preview build on Beta/Dev adds MCP public preview, Quick Machine Recovery auto-enabled, Unified Update Orchestration Platform, Windows MIDI services Microsoft 365 Microsoft 365 is getting a lot more expensive in mid-2026. You didn't think all those free AI updates were free, did you? AI Paul has been talking about "programmatic" apps and services because he wasn't sure of a term for this type of interaction. But there is a term for this: Semantic. As in semantic web. And there you go Microsoft one of 1,000 companies partnering on Agentic AI Foundation because you're getting agents whether they work or not Gartner says NO to AI web browsers The New York Times is suing Perplexity for all the obvious reasons After a big win in the legal battle with OpenAI Opera for Android gets a big AI update Google Workspace Studio brings code-free agent creation to business users - automation is a solid AI use case Xbox Xbox Series X|S notably absent during Black Friday sales Call of Duty won't repeat the mistakes of the past anymore since it didn't work out twice now MS Flight Simulator 2024 is now available on PS5 Red Dead Redemption comes to mobile for the first time, free with a Netflix account Tips & Picks Tip and app(s) of the week: De-enshittify Windows 11 RunAs Radio this week: Incident Management and the Crowdstrike Event with Liam Westley Brown liquor pick of the week: Old Farm Pennsylvania Straight Rye Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/windowsweekly auraframes.com/ink helixsleep.com/windows ventionteams.com/twit

On this episode, I cover the latest Patch Tuesday news, give an update on the LNK vulnerability from earlier in the year, talk about another healthcare provider getting breach and much more! Reference Links: https://www.rorymon.com/blog/price-changes-for-microsoft-365-patch-tuesday-news-openai-declares-code-red/

December 2025's Patch Tuesday brought major shifts, but the real action is in Microsoft's pricing, privacy battles, and the arms race to control AI-enabled browsers. Plus, Paul recommends Tiny11 Builder for a clean install, or Win11Debloat for an existing install. Then, Rufus to create installation media without the forced Microsoft account (MSA) sign-in or hardware requirement checks. Use MSEdgeDirect to use the default web browser for stories from Widgets, web-based search results, etc. And ExplorerPatcher can fix the performance and reliability issues in File Explorer. It's the final Patch Tuesday of 2025 Major dark mode updates (with a fix for the "flashbang" problem) AI Agent in Settings, Click to Do, Windows Studio Effects, and Search improvements for Copilot+ PCs Many other improvements: FSE, Share, Settings, Widgets, more More Windows 11 New 25H2 preview build on Beta/Dev adds MCP public preview, Quick Machine Recovery auto-enabled, Unified Update Orchestration Platform, Windows MIDI services Microsoft 365 Microsoft 365 is getting a lot more expensive in mid-2026. You didn't think all those free AI updates were free, did you? AI Paul has been talking about "programmatic" apps and services because he wasn't sure of a term for this type of interaction. But there is a term for this: Semantic. As in semantic web. And there you go Microsoft one of 1,000 companies partnering on Agentic AI Foundation because you're getting agents whether they work or not Gartner says NO to AI web browsers The New York Times is suing Perplexity for all the obvious reasons After a big win in the legal battle with OpenAI Opera for Android gets a big AI update Google Workspace Studio brings code-free agent creation to business users - automation is a solid AI use case Xbox Xbox Series X|S notably absent during Black Friday sales Call of Duty won't repeat the mistakes of the past anymore since it didn't work out twice now MS Flight Simulator 2024 is now available on PS5 Red Dead Redemption comes to mobile for the first time, free with a Netflix account Tips & Picks Tip and app(s) of the week: De-enshittify Windows 11 RunAs Radio this week: Incident Management and the Crowdstrike Event with Liam Westley Brown liquor pick of the week: Old Farm Pennsylvania Straight Rye Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/windowsweekly auraframes.com/ink helixsleep.com/windows ventionteams.com/twit

Ahead of Microsoft Ignite 2025, Windows boss Pavan Davuluri tweeted an innocuous post about nothing, and all hell broke loose. We are broken as a community and it's time to cull the herd. Ignite 2025 Fun aside: Google could have announced Gemini 3 at any time, but they chose the opening day of Ignite. Who's dancing now? No Satya and suddenly the keynote is watchable again Microsoft brings Anthropic models to Foundry along with Nvidia architecture MCP comes to Windows 11 in public preview for developers New Microsoft 365 Copilot agents for Word, Excel, and PowerPoint Agent 365 is the obvious name of an AI agent management service Windows 11 is getting agents on the Taskbar because it isn't annoying enough already Windows 11 Two new Release Preview builds, a new Canary build, and the first release of Copilot Actions The RP builds are a preview of Patch Tuesday in December, it's bigger than expected Dev/Beta build with experimental AI agent capabilities, more AI OpenAI released ChatGPT 5.1 and it's like no one noticed Mozilla announces AI window for Firefox, with immediate backlash Xbox and gaming Qualcomm JUST announced a new control panel for Snapdragon X gaming Hands-on with the Xbox Full Screen Experience (FSE) for Windows 11 FSE Transforms a gaming handheld PC into a device-like experience Frame rates see a dramatic jump in FSE Call of Duty, which was surprising Fortnite is coming to the Xbox app in Windows, adding Xbox Play Anywhere support Xbox announces a new set of titles coming to Game Pass across platforms Xbox Partner Preview event is set for November 20 As predicted, Steam Machine is the "Xbox Microsoft wanted to make." Yes, it's a good idea now that someone else is doing it Tips and picks Tip of the week: Tiny11 Builder, again Hardware pick of the week: Lenovo Legion Go 2 RunAs Radio this week: Azure SRE Agents with Deepthi Chelupati Brown liquor pick of the week: Jameson Rarest Vintage Reserve 2007 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit helixsleep.com/windows framer.com/design promo code WW

Ahead of Microsoft Ignite 2025, Windows boss Pavan Davuluri tweeted an innocuous post about nothing, and all hell broke loose. We are broken as a community and it's time to cull the herd. Ignite 2025 Fun aside: Google could have announced Gemini 3 at any time, but they chose the opening day of Ignite. Who's dancing now? No Satya and suddenly the keynote is watchable again Microsoft brings Anthropic models to Foundry along with Nvidia architecture MCP comes to Windows 11 in public preview for developers New Microsoft 365 Copilot agents for Word, Excel, and PowerPoint Agent 365 is the obvious name of an AI agent management service Windows 11 is getting agents on the Taskbar because it isn't annoying enough already Windows 11 Two new Release Preview builds, a new Canary build, and the first release of Copilot Actions The RP builds are a preview of Patch Tuesday in December, it's bigger than expected Dev/Beta build with experimental AI agent capabilities, more AI OpenAI released ChatGPT 5.1 and it's like no one noticed Mozilla announces AI window for Firefox, with immediate backlash Xbox and gaming Qualcomm JUST announced a new control panel for Snapdragon X gaming Hands-on with the Xbox Full Screen Experience (FSE) for Windows 11 FSE Transforms a gaming handheld PC into a device-like experience Frame rates see a dramatic jump in FSE Call of Duty, which was surprising Fortnite is coming to the Xbox app in Windows, adding Xbox Play Anywhere support Xbox announces a new set of titles coming to Game Pass across platforms Xbox Partner Preview event is set for November 20 As predicted, Steam Machine is the "Xbox Microsoft wanted to make." Yes, it's a good idea now that someone else is doing it Tips and picks Tip of the week: Tiny11 Builder, again Hardware pick of the week: Lenovo Legion Go 2 RunAs Radio this week: Azure SRE Agents with Deepthi Chelupati Brown liquor pick of the week: Jameson Rarest Vintage Reserve 2007 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit helixsleep.com/windows framer.com/design promo code WW

Patch Tuesday. Google sues a “phishing-as-a-service” network linked to global SMS scams, and launches “private ai compute.” Hyundai notifies vehicle owners of a data breach.  Amazon launches a bug bounty program for its AI models. The Rhadamanthys infostealer operation has been disrupted. An initial access broker is set to plead guilty in U.S. federal court. Our guest is Bob Maley, CSO from Black Kite, discussing a new AI assessment framework. “Bitcoin Queen's” $7.3 billion crypto laundering empire collapses. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Bob Maley, CSO from Black Kite, discussing a new AI assessment framework. You can hear Bob's full conversation here. Selected Reading Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday (Infosecurity Magazine) Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Rockwell, Aveva, Schneider (SecurityWeek) Adobe Patches 29 Vulnerabilities (SecurityWeek) High-Severity Vulnerabilities Patched by Ivanti and Zoom (SecurityWeek) Google launches a lawsuit targeting text message scammers (NPR) Private AI Compute: our next step in building private and helpful AI (Google) Hyundai confirms security breach after hackers access sensitive data (CBT News) Amazon rolls out AI bug bounty program (CyberScoop) Rhadamanthys infostealer disrupted as cybercriminals lose server access (Bleeping Computer) Russian hacker admits helping Yanluowang ransomware infect companies (Bitdefender) $7.3B crypto laundering: ‘Bitcoin Queen' sentenced to 11 Years in UK (Security Affairs) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Windows 11 just got its most noticeable Start menu revamp in a while, but is it a productivity boost or just more Microsoft meddling? The team digs into Patch Tuesday's big surprises and whether generative tools are transformative essentials or just a passing fad. Windows 11 Patch Tuesday was yesterday, your new Start menu is right where Microsoft left it Copilot+ PCs: Improvements to Click to Do, File Explorer, Voice access, and Windows Search All PCs, eventually: Taskbar improvements, Administrator Protection (off by default), Quality updates Heading into Ignite next week, Microsoft cites recent security wins in Windows 11 and Surface First 26H1 build comes to Canary to prove that there will be nothing new in it, ever Qualcomm takes a one-time $5.7 billion hit thanks to Big Stupid Bill but still nails it in quarterly earnings Microsoft WSJ continues its Microsoft financial accountability criticisms Also reports that internal documents state OpenAI expects to lose $74 billion in 2028, the year Anthropic will break even If Paul starts a business and it loses money for three years in a row, it becomes a hobby. So WTF is OpenAI exactly? AI Microsoft AI creates a Superintelligence team as a sort-of alternative to AGI Microsoft launched .NET 10 at .NET Conf on Tuesday - Plus, Visual Studio 2026 with a new monthly release schedule and Insider versions going forward Double-digit performance improvements again, somehow Uno announced Uno Platform Studio 2.0 with a fun surprise for Paul: They upgraded the original WPF version of .NETpad into a cross platform app in 3 minutes! There will be a demo on Thursday .NETpad is transitioning to WinUIpad with the Windows App SDK rewrite. It is going poorly because Windows App SDK is terrible, cannot be open sourced quickly enough Xbox Steam announces a new videogame console, the Steam Machine! Backbone Pro Xbox Edition is now available Fallout 4 Anniversary Edition is here with with Xbox Play Anywhere support, Creations Halo: Campaign Evolved is coming, so Halo: Infinite becomes a lot more finite Call of Duty Black Ops 6 player on PC? Hope you enjoyed that 180 GB "update" you had to install before playing a year-old game (also got a 6.7 GB update Wednesday. For the love of God) GTA VI has been delayed yet again as it edges into Duke Nukem Forever territory Sony has now sold over 84 million PS5 consoles, meaning it has outsold every Xbox generation ever made Sony is selling a 27-inch gaming display in the U.S. and Japan Tips & picks Tip of the week: Solving the problem over identifying the problem App pick of the week: Tiny11 Builder RunAs Radio this week: Azure Resiliency with Chris Ayers Brown liquor pick of the week: Kyoto Whisky Kuro-Obi Black Belt Blended Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit outsystems.com/twit auraframes.com/ink zapier.com/windows