Podcasts about security risks

In this episode of Alexa's Input (AI) Podcast, host Alexa Griffith sits down with Liana Tomescu, founder of Sonny Labs and host of the AI Hacks podcast. Dive into the world of AI security and compliance as Liana shares her journey from Microsoft to founding her own company. Discover the challenges and opportunities in making AI applications secure and compliant, and learn about the latest in AI regulations, including the EU AI Act. Whether you're an AI enthusiast or a tech professional, this episode offers valuable insights into the evolving landscape of AI technology.LinksSonnyLabs Website: https://sonnylabs.ai/SonnyLabs LinkedIn: https://www.linkedin.com/company/sonnylabs-ai/Liana's LinkedIn: https://www.linkedin.com/in/liana-anca-tomescu/Alexa's LinksLinkTree: https://linktr.ee/alexagriffithAlexa's Input YouTube Channel: https://www.youtube.com/@alexa_griffithWebsite: https://alexagriffith.com/LinkedIn: https://www.linkedin.com/in/alexa-griffith/Substack: https://alexasinput.substack.com/KeywordsAI security, compliance, female founder, Sunny Labs, EU AI Act, cybersecurity, prompt injection, AI agents, technology innovation, startup journeyChapters00:00 Introduction to Liana Tomescu and Sunny Labs02:53 The Journey of a Female Founder in Tech05:49 From Microsoft to Startup: The Transition09:04 Exploring AI Security and Compliance11:41 The Role of Curiosity in Entrepreneurship14:52 Understanding Sunny Labs and Its Mission17:52 The Importance of Community and Networking20:42 MCP: Model Context Protocol Explained23:54 Security Risks in AI and MCP Servers27:03 The Future of AI Security and Compliance38:25 Understanding Prompt Injection Risks45:34 The Shadow AI Phenomenon45:48 Navigating the EU AI Act52:28 Banned and High-Risk AI Practices01:00:43 Implementing AI Security Measures01:17:28 Exploring AI Security Training

PREVIEW. The DeepSeek AI Model: Low Cost, Open Source, and Security Risks. John Batchelor and Jack Burnham discuss the US-China AI contest and microchips, noting China's ban on the best chips. DeepSeek, an open-source, low-cost model, is appealing but may not perform as well as American models. Concerns persist about its true costs, potential use of Nvidia chips, and security flaws like providing CCP talking points. 1954

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

Send us a textSecurity gets sharper when we stop treating AI like magic and start treating it like an untrusted user. We sit down with Eric Galinkin to unpack the real-world ways red teams and defenders are using language models today, where they fall apart, and how to build guardrails that hold up under pressure. From MCP servers that look a lot like ordinary APIs to the messy truths of model hallucination, this conversation trades buzzwords for practical patterns you can apply right now.Eric shares takeaways from Offensive AI Con: how models help triage code and surface likely bug classes, why decomposed workflows beat “find all vulns” prompts, and what happens when toy benchmarks meet stubborn, real binaries. We explore reinforcement learning environments as a scalable way to train security behaviors without leaking sensitive data, and we grapple with the uncomfortable reality that jailbreaks aren't going away—so output validation, sandboxing, and principled boundaries must do the heavy lifting.We also dig into Garak, the open-source system security scanner that targets LLM-integrated apps where it hurts: prompted cross-site scripting, template injection in Jinja, and OS command execution. By mapping findings to CWE, Garak turns vague model “misbehavior” into concrete fixes tied to known controls. Along the way, we compare GPT, Claude, and Grok, talk through verification habits to counter confident nonsense, and zoom out on careers: cultivate niche depth, stay broadly literate, and keep your skepticism calibrated. If you've ever wondered how to harness AI without handing it the keys to prod, this one's for you.Enjoyed the episode? Follow, share with a teammate, and leave a quick review so more builders and defenders can find the show.Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast Affiliates➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh➡️ OffGrid Coupon Code: JOE➡️ Unplugged Phone: https://unplugged.com/Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

On this episode of the Tudor Dixon Podcast, Nebraska Attorney General Mike Hilgers exposes the growing threats posed by foreign surveillance technology—especially from Chinese companies—and what it means for American privacy and national security. From everyday devices like baby monitors to popular apps such as TikTok, Hilgers warns how consumer technology can be weaponized for espionage, data harvesting, and misinformation campaigns. He underscores the urgent need for federal action and stronger safeguards while urging individuals to stay vigilant about the products and platforms they trust. The Tudor Dixon Podcast is part of the Clay Travis & Buck Sexton Podcast Network. For more visit TudorDixonPodcast.comSee omnystudio.com/listener for privacy information.

In this conversation, Aidan Larkin sits down with Alison Jimenez, President of Dynamic Securities Analytics and AML expert witness, to unpack the realities of crypto crime, the challenges it poses for asset recovery, and the risks surrounding strategic Bitcoin reserves. They explore how digital assets are used for illicit purposes, why a common industry definition matters, the critical role of the asset recovery ecosystem, and how geopolitical tensions can expose vulnerabilities in decentralized systems. Timestamps 00:00 – Introduction and Background 00:30 – Defining Crypto Crime 00:59 – Asset Recovery Ecosystem 01:12 – Strategic Reserves and Security Risks 18:26 – Crypto's Role in Illicit Activities 28:58 – Analysing Crypto Crime Metrics About our Guest Alison Jimenez is the President of Dynamic Securities Analytics and an AML expert witness. As a former securities regulator and economist, she advises on financial crime cases, including fraud, corruption, and cryptocurrency scams. Alison has helped define crypto crime, exploring how digital assets enable illicit activity and highlighting the national security risks of Bitcoin strategic reserves. Key TakeawaysDefining Crypto Crime: Establishing a common industry definition for crypto crime is essential for effectively addressing and understanding the misuse of cryptocurrency in illegal activities. Asset Recovery Ecosystem: Asset recovery is crucial for reducing the financial incentives for crime, emphasizing its role in combating illicit finance. Cross-Border Illicit Activities: Cryptocurrency facilitates cross-border illicit activities, posing challenges for law enforcement and necessitating international cooperation to address these issues effectively. Decentralisation Challenges: Centralised chip production undermines crypto's decentralisation, highlighting vulnerabilities in strategic reserves and the need for robust security measures. National Security Risks: Strategic Bitcoin reserves pose national security risks due to geopolitical tensions, which can impact the security and stability of these reserves. Resources Mentioned Alison's Securities Analytics blog Alison's op-ed on Strategic Bitcoin Reserves and National SecurityAmazon | There's No Such Thing as Crypto Crime by Nick Furneaux Nick Furneaux on Seize & Desist Miles Johnson on Seize & Desist Stay Connected Dive deeper into the world of asset recovery with Seize & Desist. Subscribe for exclusive insights into the stories that are redefining asset recovery: https://link.cohostpodcasting.com/b36b929c-6ca3-4e49-8258-44c310d012c9?d=sG5Qi2MdL DisclaimerOur podcasts are for informational purposes only. They are not intended to provide legal, tax, financial, and/or investment advice. Listeners must consult their own advisors before making decisions on the topics discussed. Asset Reality has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Asset Reality employees are those of the employees and do not necessarily reflect the views of the company. Asset Reality does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material. Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Asset Reality.

In this week's Security Sprint, Dave and Andy covered the following topics: Warm Open:• Nerd Out EP 61. The 2/3 of the Year Awards!Main Topics:FBI PSA - Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure. The Federal Bureau of Investigation (FBI) is warning the public, private sector, and international community of the threat posed to computer networks and critical infrastructure by cyber actors attributed to the Russian Federal Security Service's (FSB) Center 16. The FBI detected Russian FSB cyber actors exploiting Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to broadly target entities in the United States and globally. Info Ops: • Most Adults in 25 Countries Say Spread of False Information Is a Top National Threat. The findings come from Pew's seventh iteration of its Global Attitudes Survey: International Opinion on Global Threats, which was last published in 2022. • Foreign disinformation enters AI-powered era. At least one China-based technology company, GoLaxy, seems to be using generative AI to build influence operations in Taiwan and Hong Kong… Documents also show that GoLaxy has created profiles for at least 117 members of Congress and over 2,000 American political figures and thought leaders.• Toxic politics and TikTok engagement in the 2024 U.S. election• Why wind farms attract so much misinformation and conspiracy theory UN - Terror threat posed by ISIL ‘remains volatile and complex,' Security Council hears. The threat posed by the terrorist group ISIL – known more widely in the Middle East as Da'esh – remains dynamic and diverse, with Africa currently experiencing the highest level of activity worldwide.• PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General for Counter-Terrorism, United Nations Office of Counter-Terrorism. • PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General, United Nations Office of Counter-Terrorism.• UN Report: ISIS Fighters' Migration to Afghanistan and the Taliban's Failure• ISIS-K poses major threat with 2,000 fighters in Afghanistan, UN saysFEMA Employees Warn That Trump Is Gutting Disaster Response. After Hurricane Katrina, Congress passed a law to strengthen the nation's disaster response. FEMA employees say the Trump administration has reversed that progress. Employees at the Federal Emergency Management Agency wrote to Congress on Monday warning that the Trump administration had reversed much of the progress made in disaster response and recovery since Hurricane Katrina pummeled the Gulf Coast two decades ago. The letter to Congress, titled the “Katrina Declaration,” rebuked President Trump's plan to drastically scale down FEMA and shift more responsibility for disaster response — and more costs — to the states. It came days before the 20th anniversary of Hurricane Katrina, one of the deadliest and costliest storms to ever strike the United States.Quick Hits:• 25% of security leaders replaced after ransomware attack• Gate 15: Hack Yourself First: Pen Testing for Prevention • FB-ISAO: Ransomware Incident Review January to June 2025• Dissecting PipeMagic: Inside the architecture of a modular backdoor framework• Maryland Transit Administration says cybersecurity incident is affecting some of its servicesNevada state government offices closed after network security incident• Audit of Antisemitic Incidents 2024• MIT report: 95% of generative AI pilots at companies are failing• Report: Russian Sabotage Operations In Europe Have Quadrupled Since 2023• CISA Requests Public Comment for Updated Guidance on Software Bill of Materials• Risky Bulletin: NIST releases face-morphing detection guideline• CVE-2025–41688: Bypassing Restrictions in an OT Remote Access Device• Think before you Click(Fix): Analyzing the ClickFix social engineering technique

Anthropic's Model Context Protocol (MCP) has become the standard for connecting AI agents to tools and data, but its security has lagged behind. In The New Stack Agents podcast, Tzvika Shneider, CEO of API security startup Pynt, discussed the growing risks MCP introduces. Shneider sees MCP as a natural evolution from traditional APIs to LLMs and now to AI agents. However, MCP adds complexity and vulnerability, especially as agents interact across multiple servers. Pynt's research found that 72% of MCP plugins expose high-risk operations, like code execution or accessing privileged APIs, often without proper approval or validation. The danger compounds when untrusted inputs from one agent influence another with elevated permissions. Unlike traditional APIs, MCP calls are made by non-deterministic agents, making it harder to enforce security guardrails. While MCP exploits remain rare for now, most companies lack mature security strategies for it. Shneider believes MCP merely highlights existing API vulnerabilities, and organizations are only beginning to address these risks. Learn more from The New Stack about the latest in Model Context Protocol: Model Context Protocol: A Primer for the Developers Building With MCP? Mind the Security Gaps MCP-UI Creators on Why AI Agents Need Rich User InterfacesJoin our community of newsletter subscribers to stay on top of the news and at the top of your game. 

The United States and China are locked in a race for dominance in artificial intelligence, including its applications and diffusion. American and Chinese AI firms like OpenAI and DeepSeek respectively have captured global attention and major companies like Google and Microsoft have been actively investing in AI development. While the US currently boasts world-leading AI models, China is ahead in some areas of AI research and application. With the release of US and Chinese AI action plans in July, we may be on the cusp of a new phase in US-China AI competition.Why is AI so important for a country's global influence? What are the strengths of China's AI strategy? And what does China's new AI action plan tell us about its AI ambitions? To discuss these questions, we are joined by Owen Daniels. Owen is the Associate Director of Analysis at Georgetown's Center for Security and Emerging Technology and a Non-Resident Fellow at the Atlantic Council. His recently published article in Foreign Affairs co-authored with Hanna Dohmen -- titled China's Overlooked AI Strategy -- provides insights into how Beijing is utilizing AI to gain global dominance and what the US can and should do to sustain and bolster its lead.Timestamps[00:00] Start [02:05] US Policy Risks to Chinese AI Leadership [05:28] Deepseek and Kimi's Newest Models  [07:54] US vs. China's Approach to AI [10:42] Limitations to China's AI Strategy  [13:08] Using AI as a Soft Power Tool  [16:10] AI Action Plans  [19:34] Trump's Approach to AI Competition [22:30] Can China Lead Global AI Governance?  [25:10] Evolving US Policy for Open Models

As the U.S. faces rising global threats, a new warning from national security leaders is raising alarms at home. The National Security Leaders for America (NSL4A) say recent layoffs at the State Department, impacting over 2,000 positions—could do “lasting harm” to U.S. foreign policy and national security. The group says rebuilding the diplomatic corps will require more than just hiring, it will take a generational investment in talent, training, and trust. Here with the details behind this position is former Ambassador Gordon Gray.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

China's cyberspace regulator has summoned Nvidia over alleged security risks concerning its H20 AI chip sold to China.

In this episode, I sit down with Daniel Bardenstein, CTO & Co-Founder of Manifest Cyber.We discussed the AI supply chain security, including open source risks, AIBOMs, best practices for CISOs, and regulatory approaches in the U.S. and EU.We dove into:What is the same and different between the risks AI introduces across the enterprise compared to open source software, and where and how the two converge.The rise of an “AIBOM” and why it is becoming a critical part of enterprise risk management in the AI EraThe work Daniel and others are doing as part of a Tiger Team defining “SBOM-for-AI-Use Cases”.Why is it so difficult for organizations to gain visibility into their AI models' internals, especially training data, model provenance, and pipeline dependencies?Where CISOs and security teams can get started when it comes to understanding where and how AI is being used and avoiding some mistakes.Gaps among the current waves of AI security startups and how they contrast with the approach Manifest is taking when managing AI supply chain risks.Real-world insights and examples of how organizations operationalize SBOM for risk reduction.Key differences between the U.S. and EU regarding regulatory approaches to AI and supply chain security risks.

In this episode of Energy Newsbeat – Conversations in Energy, Stuart Turley, along with industry experts Doomberg, Mike Umbro, and David Blackmon, discusses the ongoing energy and political crisis in California, particularly focusing on the state's energy policies, oil production, and refinery shutdowns. They highlight the mismanagement of California's resources, the decline in domestic oil production, and the state's reliance on imported oil, including sources such as Russia and Iran that are controversial. The discussion highlights the national security risks associated with California's energy policies and their broader implications for the U.S. economy and energy independence, with a call for federal intervention to address the crisis and support sustainable energy solutions.Highlights of the Podcast 00:00 - Intro00:28 - Doomberg's Insights on California's Energy Crisis05:10 - Mike Umbro on California's Energy Decline08:30 - David Blackmon Talks Refinery Shutdowns09:20 - California's Imports and National Security13:08 - The EV Mandate and Its Impact on California's Economy16:49 - The Lack of Infrastructure in California19:25 - The Political Situation in California25:58 - How the Federal Government Can Help30:12 - Chevron's Role in California's Energy Future34:19 - Closing Thoughts and Final RemarksCheck out the Energy News Beat Substack for the full article and a list of California National Security issues we've covered in the last two weeks. https://theenergynewsbeat.substack.com/And Check out Doomberg at https://doomberg.com/and David Blackmon at https://blackmon.substack.com/And Mike Umbro on X https://x.com/MikeUmbro

A recent report by Auvik reveals significant challenges faced by managed service providers (MSPs), highlighting issues such as tool sprawl, burnout among IT professionals, and the increasing reliance on IT generalists. The report indicates that 50% of MSPs use over ten tools to manage client networks, with many professionals experiencing high levels of stress and burnout. The ongoing retirement of baby boomers in the IT sector exacerbates these issues, leading to a demand for specialists who can assist generalists in navigating the complexities of technology. Key areas of interest for IT professionals include cybersecurity planning and cloud computing, as they seek to enhance productivity and user experience.In addition to the challenges faced by MSPs, two significant cybersecurity incidents have come to light. Kaseya's Network Detective tool was found to have critical vulnerabilities that could expose sensitive data across managed environments. Similarly, a flaw in McDonald's chatbot job application platform compromised the personal information of over 64 million applicants due to weak security measures. These incidents underscore the importance of robust vendor security practices, as clients often hold their MSPs accountable for data breaches, regardless of the source.The podcast also discusses the ongoing struggle for right-to-repair legislation, which has seen limited enforcement despite public support. A report indicates that many products lack accessible repair materials, and manufacturers continue to resist changes that would facilitate repairs. This situation presents an opportunity for service firms to incorporate repairability into their procurement strategies and asset management services, aligning with client values around sustainability and cost control.Finally, Sonomi has launched new tools aimed at enhancing business impact analysis and continuity planning for cybersecurity professionals. These tools are designed to help MSPs communicate the business value of cybersecurity to leadership, shifting the perception of security from a cost center to a value driver. The success of these initiatives will depend on MSPs' ability to integrate these features into their service delivery, ultimately positioning them as strategic partners who understand both technology and business needs. Four things to know today 00:00 Auvik Report Warns MSPs of Tool Sprawl, Talent Drain, and Rising Burnout04:10 Kaseya and McDonald's Incidents Reveal Fragile Trust in Vendor Security Practices07:01 Manufacturers Withhold Parts, Manuals Despite State-Level Repair Rights Legislation08:40 Cynomi Adds Business Impact and Continuity Planning Tools to Help MSPs Drive Strategic Outcomes This is the Business of Tech.    Supported by: https://getflexpoint.com/msp-radio/ ThreatDown Webinar:  https://bit.ly/threatdown  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

In this episode of 'Cybersecurity Today,' hosted by David Shipley from the Exchange Security 2025 conference, urgent updates are provided on critical cybersecurity vulnerabilities and threats. CISA mandates a 24-hour patch for Citrix NetScaler due to a severe vulnerability actively being exploited, dubbed 'Citrix Bleed.' Fortinet's FortiWeb also faces a critical pre-auth remote code execution flaw that demands immediate patching. Additionally, significant vulnerabilities in AI-driven developments are highlighted, including shortcomings in Jack Dorsey's BitChat app and a method to extract Windows keys from ChatGPT-4. The episode emphasizes the importance of timely updates, robust security measures, and the potential risks involved with AI-generated code. 00:00 Introduction and Overview 00:35 Urgent Citrix Vulnerability Alert 03:26 Fortinet FortiWeb Exploit Details 06:23 Ingram Micro Ransomware Recovery 09:26 AI Coding and Security Risks 14:03 ChatGPT Security Flaw Exposed 17:20 Conclusion and Contact Information

Artificial intelligence (AI) is evolving beyond a mere tool to become the foundational operating system for modern businesses, particularly in the SMB and mid-market sectors. Anurag Agarwal, founder and chief global analyst at TechIsle, discusses the transformative potential of AI as an operating system (AIOS), which would integrate intelligent capabilities at the core of computing. This concept envisions a system that learns user behavior, anticipates needs, and automates tasks, blurring the lines between user intent and system action. However, Agarwal emphasizes that we are still in the early stages of this evolution, with AIOS being more of an aspirational goal than a current reality.The conversation also delves into the concept of agentic AI, which represents a shift from traditional robotic process automation (RPA) to more autonomous, judgment-driven automation. While many SMBs are exploring agentic AI for applications like customer service and IT operations, the adoption remains nascent. The research indicates that businesses are looking for solutions that can handle complex processes without human intervention, highlighting the need for operational autonomy. Agarwal points out that the challenges of integrating AI into existing workflows and ensuring accountability for AI-driven decisions are significant hurdles that need to be addressed.Security is another critical theme discussed, as AI presents both opportunities and risks. The podcast highlights the dual nature of AI as a "sword and a shield," where it can be used to enhance security measures but also introduces new attack vectors. Threats such as social engineering, data poisoning, and automated exploitation are becoming more prevalent, necessitating advanced security solutions. Agarwal mentions that while some vendors are making strides in AI-powered security, there is still a gap in readiness for SMBs and mid-market firms to effectively implement these solutions.Finally, the discussion touches on the importance of unified experience platforms (UXPs) that integrate customer and employee experiences. Agarwal explains that these platforms aim to streamline communication and enhance interactions across various touchpoints, ultimately driving operational efficiency and customer satisfaction. However, there is a notable gap in the readiness of the partner channel to implement these solutions effectively. The conversation concludes with a call for MSPs to focus on understanding customer needs and building their capabilities to bridge this gap, ensuring they can deliver the integrated solutions that businesses are increasingly seeking. All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

National security expert Frank Gaffney joins Kevin Freeman to reveal urgent threats facing America — from Iranian sleeper cells to Chinese bio-warfare targeting our food supply. Discover the shocking realities of open borders, extremist enclaves, and how adversaries exploit our vulnerabilities. Gaffney shares insider details on coalitions fighting back and what every American must do to be prepared. Don't miss these eye-opening insights and practical tips to protect your family and nation.

This week on Blurry Hysteria, we dive into two stories that are equal parts science, sweat, and straight-up strange.First up: What if your next computer wasn't silicon but flesh? That's right—British scientists have created a "living" brain chip made of human neurons, and now you can rent it like it's a haunted Airbnb. Is it the future of computing or the first step toward Skynet with skin?Then, we travel from the uncanny valley to the swampy undercarriage of airport security. The TSA is sounding the alarm—literally—thanks to a little-known phenomenon known as “swamp crotch.” Turns out excessive groin sweat might be your ticket to a full pat-down. Moisture and metal detectors don't mix, folks.From meat-based microchips to moisture-based misfires, join us for a perfectly weird cocktail of cutting-edge tech and humid horror stories.Listen now before your pants set off national security protocols.Links & Resources

In back-to-back episodes, Tara covers the full fallout from Operation Midnight Hammer, the largest B-2 bomber mission in U.S. history targeting Iran's nuclear facilities. With unmatched coordination and zero U.S. casualties, the mission showcases American military dominance—but also exposes deep fractures at home. Tara explores how Democrat leaders, sheriffs, and media allies appear to side with Iran, even mourning the destruction of nuclear sites. She highlights growing fears of Iranian sleeper cells, border failures under Biden, and the bizarre way a pizza delivery app may have leaked signs of war before any official news broke. A powerful exposé on military strength, political betrayal, and what it takes to keep America safe.

National security concerns have been the invisible hand guiding governance throughout recorded history. In the 20th century, it was defined by a country versus country dynamic: whichever nation was the strongest and most strategic was also the safest. But today, our biggest national security threats don't come from opposing nations – they are “actorless threats” that emerge from the breakdown of the complex systems we all depend on – from the stability of our planetary systems to our intricately complex and fragile global supply chains. In this unprecedented landscape, what is required of us in order to keep our citizens safe?  In this episode, Nate is joined by Rod Schoonover, an expert at the intersection of Earth systems stress and national security, where they discuss the need for the evolution of national defense to address the systemic (and diffuse) threats of the 21st century. Rod emphasizes the need for a reformed security sector that addresses contemporary challenges, like global heating that leads to extreme climatic events, urging immediate action to mitigate risks and enhance stability. Importantly, they also delve into the need for political leadership to embrace complexity and local resilience when tackling these pressing issues. How do we unite against ‘actorless' threats, even when we don't have someone to blame for their damages? Where have leadership and governance already begun to adapt to address these existential concerns, and where are we seeing failures? Finally, how could incorporating more cooperative principles at every level of society transform our ability to bend – not break – under the weight of our human predicament?  (Conversation recorded on May 6th, 2025)   About Rod Schoonover: Rod Schoonover is the CEO and Founder of the Ecological Futures Group, Adjunct Professor at Georgetown University, Senior Associate Fellow at the Stockholm International Peace Research Institute (SIPRI), and Senior Associate at the Center for Strategic and International Studies.  Rod served a decade in the U.S. intelligence community as the Director of Environment and Natural Resources at the National Intelligence Council in the Office of the Director of National Intelligence and as Senior Scientist and Senior Analyst in the State Department's Bureau of Intelligence and Research. Before joining the government as a AAAS Diplomacy Fellow in 2009, Rod was a tenured Professor in the Department of Chemistry and Biochemistry at Cal Poly, San Luis Obispo. Dr. Schoonover earned his PhD in theoretical chemical physics at the University of Michigan, where he studied complex systems.   Show Notes and More Watch this video episode on YouTube   Want to learn the broad overview of The Great Simplification in 30 minutes? Watch our Animated Movie.   --- Support The Institute for the Study of Energy and Our Future Join our Substack newsletter Join our Discord channel and connect with other listeners

In this special in-person episode, Sanne Grinovero shares the story of Java's evolution from his unique perspective as a long-time open-source contributor. He shares his 16-year career journey at Red Hat, highlighting his amazing work on key projects like Hibernate, Infinispan, and especially the creation of Quarkus. His career trajectory, from a student who initially disliked Java's complexity to a leading figure in its modernization, shows the transformative power of open source.A key part of the conversation focuses on how technical challenges spark innovation. Sanne explains how the task of making the popular Hibernate framework compatible with GraalVM's limitations led directly to the birth of Quarkus. This journey tells the bigger story of how Java adapted for cloud-native development, ensuring it continues to be a top choice for developers seeking high performance and a great developer experience.  Timestamps:(00:00:00) Trailer & Intro(00:02:16) Career Turning Points(00:04:52) Winning an Innovation Award(00:06:35) Java Heroes(00:08:04) Working as a Consultant(00:09:56) Taking a Massive Pay Cut to Work on Open Source(00:10:59) Contributing to Big Open Source as a Youngster(00:12:53) State of Hibernate Project(00:15:15) Spring Boot(00:16:54) Making Hibernate Work on GraalVM(00:21:05) GraalVM Limitations for Running Hibernate(00:26:09) Java for Cloud Native Application(00:28:04) Quarkus vs Spring Boot(00:33:21) JRebel & Quarkus(00:34:35) Java vs New Programming Languages(00:39:22) The ORM Dilemma(00:42:38) Some Hibernate Design Pattern Tips(00:46:40) Getting Paid Working on Open Source(00:48:41) Hibernate License Change(00:51:05) Intellectual Property & Meaningful Contributions(00:52:52) AI Usage & Copyright in Open Source(00:55:21) Biggest Challenge Working in a Big Open Source(00:56:08) Politics in Open Source(00:58:32) Security Risks in Open Source(01:02:25) Donating Hibernate to Commonhaus Foundation(01:04:49) The Future of Red Hat(01:06:39) 3 Tech Lead Wisdom_____Sanne Grinovero's BioSanne Grinovero has been a member of the Hibernate team for 10 years; today he leads this project in his role of Sr. Principal Software Engineer at Red Hat, while also working on Quarkus as a founding R&D engineer.Deeply interested in solving performance and concurrency challenges around data access, scalability, and exploring integration with new storage technologies, distributed systems and search engines.Working on Hibernate features led him to contribute to related open source technologies; most notably to Apache Lucene and Elasticsearch, Infinispan and JGroups, ANTLR, WildFly, various JDBC drivers, the OpenJDK and more recently getting interested in GraalVM.After being challenged to reduce memory consumption and improve bootstrap times of Hibernate, Sanne worked as part of a small R&D team at Red Hat on some ideas which have evolved into what is known today as Quarkus.Follow Sanne:LinkedIn – linkedin.com/in/sannegrinoveroTwitter – twitter.com/SanneGrinoveroGitHub – github.com/sanneLike this episode?Show notes & transcript: techleadjournal.dev/episodes/220.Follow @techleadjournal on LinkedIn, Twitter, and Instagram.Buy me a coffee or become a patron.

Welcome back to Impact Quantum, the podcast for the Quantum Curious! In this special recap episode, hosts Frank La Vigne and Candice Gillhoolley return from a brief, doctor-approved hiatus to take stock of the whirlwind developments in the quantum computing universe. From billion-dollar buyouts—like IONQ's acquisition of Oxford Ionics—to IBM's bold promise of a large-scale, fault-tolerant quantum computer by 2029, the quantum ecosystem has never been more electrifying.Frank and Candice reflect on just how much the show—and the quantum landscape—has evolved, touching on everything from the international race for quantum supremacy and the looming threat to RSA encryption, to the latest breakthroughs in quantum error correction and the rise of “quantum tweezers.” With Canadian pride, global perspectives, and a healthy dose of friendly banter, they remind listeners why quantum is no longer a far-off dream—it's knocking at our door.If you think quantum computing is decades away, this episode will convince you it's time to update your calendar (and maybe your encryption protocols). Tune in for insights, laughs, and a sneak peek at what's coming next from the #1 rated quantum computing podcast. Stay curious, stay entangled, and enjoy the ride!Show Notes00:00 Quantum Insights: Diverse Perspectives05:06 Cryptography's Urgent Career Relevance09:53 Exploring Quantum Computing Curiosity12:39 Quantum Computing: Early Stages Discussion13:59 Early Days of Quantum Computing17:54 "Quantum Tech Secret Timeline"20:34 "Quantum Season Preview"25:34 Canada's Quantum Ambitions27:55 Global Medicine Supply Chain Dependence32:33 "Stay Curious, Stay Entangled"33:17 "Bailey Signing Off"

A recent report from SailPoint reveals a significant contradiction in the IT sector: while 96% of IT professionals view artificial intelligence agents as a security risk, an overwhelming 98% still plan to expand their use within organizations over the next year. The study highlights that although 84% of respondents currently utilize AI agents, only 44% have established governance policies for their behavior. This lack of oversight is concerning, especially as 80% of respondents reported that these agents have acted in unexpected and potentially harmful ways. The need for stringent governance and security protocols for AI agents is becoming increasingly urgent.In the realm of cloud computing, dissatisfaction is on the rise among organizations, with Gartner estimating that up to 25% may face significant disappointment due to unexpected costs and management complexities. Many organizations lack coherent cloud strategies, leading to issues like vendor lock-in. A notable example is 37Signals, which faced a $3.2 million bill for cloud services, prompting a migration back to on-premises infrastructure. As organizations adopt multi-cloud strategies, Gartner warns that more than half may not achieve their expected outcomes, further complicating the landscape.The podcast also discusses a new Texas law requiring Apple and Google to verify the ages of users accessing their app stores, a move that shifts the liability of age enforcement onto these tech giants. This trend reflects a broader governmental push to redefine digital intermediaries as compliance gatekeepers, which could lead to increased regulatory burdens for tech companies. As data sovereignty becomes a priority, organizations are urged to adapt their strategies to align with new privacy and age verification mandates.Lastly, the episode touches on intriguing revelations, such as the CIA's covert use of a Star Wars fan site for secure communications and the persistence of outdated operating systems like Windows XP in various sectors. These stories underscore the complexities of digital infrastructure and the importance of understanding data privacy implications. As reliance on voice-activated technologies grows, the need for IT providers to educate clients about data retention and privacy policies becomes critical, especially in a landscape where everyday devices can act as silent data hoarders. Four things to know today 00:00 IT Leaders Expand AI Agent Use Despite Governance Gaps and Cloud Disillusionment06:08 Dell Surges on AI Server Demand While HP Struggles With Tariffs and Consumer Weakness09:17 Texas Law Forces Apple and Google to Enforce Age Verification, Marking Shift in Platform Liability10:50 CIA Spy Site, Smart Speaker Surveillance, and Legacy Software Reveal Overlooked Digital Threat Surfaces Supported by:  https://afi.ai/office-365-backup/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Connect with Early Riders // Connect with OnrampWhy MIC Is Winner Take All (Early Riders Research)Presented collaboratively by Early Riders & Onramp Media…Final Settlement is a weekly podcast covering the underlying mechanics of the bitcoin protocol, its ongoing development and funding, and real-world applications of the technology.00:00 - Introduction and Current Events in Bitcoin03:40 - Trump's Bitcoin Treasury Announcement06:33 - Market Reactions and Implications09:42 - The Role of Institutional Investors12:43 - Risks and Challenges in Bitcoin Investments15:53 - Government Debt and Economic Policies18:47 - Chamath's Insights on Spending Bills21:52 - The Future of Bitcoin and Hard Assets24:26 - Security Risks in the Crypto Space31:29 - Navigating Risks in Bitcoin Custody33:49 - Barriers to Bitcoin Adoption39:50 - The Debate on Proof of Reserves45:44 - The Importance of Multi-Institution Custody50:16 - The Future of Financial Services with Multi-Institution CustodyIf you found this valuable, please subscribe to Early Riders Insights for access to the best content in the ecosystem weekly.Links discussed:https://www.cnbc.com/2025/05/27/djt-trump-media-bitcoin.htmlhttps://cointelegraph.com/news/american-tourist-drugged-fake-uber-driver-robbed-123k-btchttps://www.washingtonpost.com/nation/2025/05/25/bitcoin-torture-new-york-crypto/Keep up with Michael: X and LinkedInKeep up with Brian: X and LinkedInKeep up with Liam: X and LinkedIn

The Trump administration's plan to accept the luxury jet from the Qatari government, to use as Air Force One,  is raising some security concerns. Ryan Vogel joins Dave and Debbie to explain some of the security risks involved with accepting this foreign gift.

keywordscybersecurity, leadership, startups, failure, vendor trust, HACKERverse, communication, investment, innovation, beginner's mindset, job search, LinkedIn, networking, AI, personal branding, cybersecurity, lifestyle polygraph, superheroes, career advice, mentorshipsummaryIn this episode of No Password Required, host Jack Clabby and co-host Kaylee Melton engage in a thought-provoking conversation with Mariana Padilla, co-founder and CEO of HACKERverse.AI. The discussion revolves around the importance of embracing failure as a learning opportunity, the role of leadership in fostering a positive work environment, and the challenges faced in the cybersecurity vendor landscape. Mariana shares her insights on the need for better communication in the industry and the importance of a beginner's mindset in driving innovation. The conversation also touches on the future of investment in cybersecurity and the necessity of rebuilding trust within the industry. In this engaging conversation, Mariana discusses the challenges of job searching in the current landscape dominated by AI and the importance of networking and personal branding. She emphasizes that building trust and connections is crucial in the cybersecurity field. The discussion transitions into a fun segment called the lifestyle polygraph, where Mariana shares her thoughts on superheroes and their relevance to personal and professional growth. The episode concludes with Mariana providing insights on how to connect with her and her work.takeawaysEmbracing failure is crucial for personal and professional growth.Leadership should focus on transparency and learning from mistakes.A beginner's mindset can lead to innovative solutions in cybersecurity.The cybersecurity industry struggles with communication and trust.Venture capital influences the direction of cybersecurity startups.Sustainable business practices are essential for long-term success.The sales process in cybersecurity needs to be more efficient.Understanding vendor interoperability is critical for security.Cybersecurity vendors must demonstrate product viability effectively.The industry must evolve to meet the rapid pace of technological change. You're competing against AI for some of these jobs.Networking is so, so, so important.The online application system has been dying for quite some time.Your personal brand matters and you have to have one.Conferences are a prime opportunity to peacock a little bit.Batman has real feelings and real demons.The correct answer is Star Trek.Margot Robbie, I really like her.You're on the fantasy cybersecurity squad.Come follow me on LinkedIn for lots of shenanigans.titlesEmbracing Failure in CybersecurityThe Importance of Leadership in StartupsInnovating with a Beginner's MindsetHACKERverse: Revolutionizing CybersecuritySound Bites"It's all about leadership and leading by example.""I think we have a gap here.""We should focus on sustainably built businesses.""It's just a bunch of nonsense.""Networking is so, so, so important.""Batman has real feelings and real demons.""The correct answer is Star Trek.""Margot Robbie, I really like her.""You're on the fantasy cybersecurity squad."Chapters 00:00 Introduction to Cybersecurity Conversations02:00 Embracing Failure as a Learning Opportunity06:02 The Role of Leadership in Startups09:00 The Value of a Beginner's Mindset11:58 Understanding HACKERverse's Mission13:59 Challenges in the Cybersecurity Vendor Landscape17:08 Shaking Up the Status Quo in Cybersecurity21:52 The Future of Investment in Cybersecurity24:36 Navigating Job Searches in the Age of AI29:35 The Importance of Personal Branding30:23 Lifestyle Polygraph: Fun and Games39:05 Superheroes and Their Lessons43:45 Connecting with Mariana: Final Thoughts

Tom and co-host Producer Drew take listeners deep into the high-stakes world of global economics, trade wars, and political theater with none other than special guest Donald Trump. As President Trump celebrates the announcement of a new, potentially game-changing trade deal with the UK, Tom and Drew rigorously break down what it really means for American exports, tariffs, and the unfolding chess match with China. The conversation doesn't pull punches, exploring not only the economic realities facing the US but also the psychological strategies behind deal-making on the world stage. Tom and Drew offer behind-the-scenes analysis of political spin, the art of negotiation, and the critical importance of international alliances in the context of escalating trade tensions. Get ready for an unvarnished exploration of geopolitics, leadership styles, and the strategies shaping the future of American business and security. SHOWNOTES00:00 – Trump's Announcement: US-UK Trade Deal Overview01:05 – Tariff Breakdown: Who Really Won?02:07 – Negotiation Psychology & Political Theater03:52 – The UK's Perspective and Global Positioning05:24 – Isolating China: The Bigger Strategic Game07:02 – Building Alliances: The Path to Outmaneuvering China09:02 – Switzerland Talks: US and China Meet, But Will Anything Change?10:13 – Economic Resilience: Comparing US and Chinese “Dry Powder”12:54 – Trade War Tactics: Currency Manipulation and Industrial Policy14:29 – Why US-China Competition is More Than Just Math16:28 – Critical Supply Chains: Chips, Drones, and Strategic Independence18:37 – Measuring Success: When Will We Know If These Deals Pay Off?20:47 – Partisan Spin and the Reality of Global Power Plays21:25 – Political Theater: Inside Congressional Testimonies and Bureaucracy23:23 – The Doge Debate: Audits, Efficiency, and Tech's Role in Government27:11 – Security Risks or Political Kabuki? The Doge Employees Controversy29:33 – Why Government Efficiency Matters & What's At Stake33:02 – Can Tech-Led Solutions Fix America's Fiscal Future? CHECK OUT OUR SPONSORS ButcherBox: Ready to level up your meals? Go to ⁠https://ButcherBox.com/impact⁠ to get $20 off your first box and FREE bacon for life with the Bilyeu Box! Vital Proteins: Get 20% off by going to ⁠https://www.vitalproteins.com⁠ and entering promo code IMPACT at check out Netsuite: Download the CFO's Guide to AI and Machine Learning at ⁠https://NetSuite.com/THEORY⁠ iTrust Capital: Use code IMPACTGO when you sign up and fund your account to get a $100 bonus at ⁠https://www.itrustcapital.com/tombilyeu⁠  Mint Mobile: If you like your money, Mint Mobile is for you. Shop plans at ⁠https://mintmobile.com/impact.⁠  DISCLAIMER: Upfront payment of $45 for 3-month 5 gigabyte plan required (equivalent to $15/mo.). New customer offer for first 3 months only, then full-price plan options available. Taxes & fees extra. See MINT MOBILE for details. What's up, everybody? It's Tom Bilyeu here: If you want my help... STARTING a business:⁠ join me here at ZERO TO FOUNDER⁠ SCALING a business:⁠ see if you qualify here.⁠ Get my battle-tested strategies and insights delivered weekly to your inbox:⁠ sign up here.⁠ ********************************************************************** If you're serious about leveling up your life, I urge you to check out my new podcast,⁠ Tom Bilyeu's Mindset Playbook⁠ —a goldmine of my most impactful episodes on mindset, business, and health. Trust me, your future self will thank you. ********************************************************************** LISTEN TO IMPACT THEORY AD FREE + BONUS EPISODES on APPLE PODCASTS:⁠ apple.co/impacttheory⁠ ********************************************************************** FOLLOW TOM: Instagram:⁠ https://www.instagram.com/tombilyeu/⁠ Tik Tok:⁠ https://www.tiktok.com/@tombilyeu?lang=en⁠ Twitter:⁠ https://twitter.com/tombilyeu⁠ YouTube:⁠ https://www.youtube.com/@TomBilyeu Learn more about your ad choices. Visit megaphone.fm/adchoices

George Chen heads the Cloud and Application Security functions at Dyson. In this episode, he joins host Melissa O'Leary and Alina Tan, senior program manager at Dyson, to discuss recent findings regarding dashcam security risks, which Chen and Tan recently shared at Black Hat Asia, as well as sharing a breakdown of the vulnerabilities and their impact on drivers. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Jason Schwent, cybersecurity attorney at Clark Hill, addresses the growing cyber security risks facing the cannabis industry. The discussion highlights the unique vulnerabilities of cannabis businesses due to heavy regulation, reliance on third-party vendors, and challenges with payment processing. Clark Hill wrote an article on The Growing Cybersecurity Risks in the Cannabis IndustryAn attorney specializing in cyber security emphasizes the importance of due diligence when selecting vendors, particularly point-of-sale systems, and stresses the need for robust security protocols to protect sensitive customer data, including government IDs and medical information.We also explore the potential legal and financial repercussions of data breaches, including regulatory scrutiny, lawsuits, and damage to brand reputation. It concludes with recommendations for proactive measures, such as developing incident response plans, obtaining appropriate cyber security insurance, and treating cyber security compliance as an ongoing process integrated into regular business operations.Advertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

Navigating AI in IT Consulting: Insights from Michael Thomsen   In this episode of Command Control Power, hosts welcome Michael Thomsen of Origin 84, dialing in from Australia. Michael shares critical insights into the use of AI in IT consulting. Topics range from the pros and cons of binge-listening to tech podcasts to the practical uses of AI tools like ChatGPT and Google's Gemini. Michael emphasizes the importance of balancing automation with human interaction, sharing examples of how AI can enhance efficiency, such as generating meeting summaries, handling complex client requests, and improving ticketing systems. The discussion also touches on the risks of data leakage, the necessity of well-defined policies, and the future implications of AI in both enhancing productivity and posing security challenges.   00:00 Introduction and Guest Welcome 00:36 Listener Feedback and Follow-Up 02:41 AI Tools in Daily Work 05:51 AI Integration in Business 09:08 Real-World AI Use Cases 13:52 Challenges and Best Practices with AI 23:50 AI in Education and Policy 27:22 Understanding AI Policies and Data Leakage 28:28 Balancing AI Empowerment and Security Risks 29:21 Credential Stuffing and Security Examples 30:49 Implementing Effective AI Policies 32:10 Microsoft Tools for Data Security 35:03 Challenges in Modern Security Practices 39:14 Leveraging AI for Productivity 42:09 AI in Client Communication and Ticketing 47:48 The Human Element in AI Integration 51:32 Concluding Thoughts on AI and Security

In this episode of Command Control Power, the hosts discuss several interesting and challenging situations they've encountered. They start by encouraging listeners to support them on Patreon for additional content, including unedited YouTube broadcasts. The main discussions cover a range of topics: the idea of maintaining up-to-date hardware for clients, how to strategically manage old equipment, and the peculiar case of a client getting inundated with spam emails likely as a cover for fraudulent activities involving a Best Buy purchase. They explore possible solutions and share their experiences dealing with such disruptions. Additionally, Jerry shares a humorous story about helping a client with her TV and encountering an unexpected twist with a generous tip to a technician.   00:00 Introduction and Patreon Promotion 01:38 Unedited YouTube Broadcasts 02:52 Barcelona Travel Talk 04:00 Tech Truisms and Client Discussions 06:38 Client Hardware Upgrade Policies 12:31 Unsupported Hardware Fees and Security Risks 27:45 Apple Business Manager and iCloud Issues 34:40 The Mysterious Phone Issue 35:28 Joe's Story: The Spam Attack 37:07 Understanding the Hacker's Tactics 39:28 Dealing with the Spam Flood 46:44 A Disgruntled Employee? 47:59 The Best Buy Clue 49:15 The Police Involvement 50:20 The Amateur Hacker Theory 55:27 Jerry's Funny TV Repair Story 01:02:27 Conclusion and Next Steps

Former Head of the British Secret Intelligence Service Richard Dearlove discusses the security and intelligence risks China poses and how Britain and other nations should respond to the US-China trade war. He joined Stephen Carroll on Bloomberg Daybreak Europe.See omnystudio.com/listener for privacy information.

AI Security in High-Risk Sectors In a recent conversation, Alec and I dove into the critical role of AI security, especially in high-risk sectors like healthcare and banking. Alec stressed that AI must be secure and aligned with business strategies while ensuring governance, risk management, regulatory compliance, and cybersecurity remain top priorities. I couldn't agree more—AI in the wrong hands or without proper safeguards is a ticking time bomb. Sensitive data needs protection, and businesses must stay ahead of evolving regulations. We also touched on the growing need for private AI solutions, given the rising threats of cyberattacks like prompt injections. Cybersecurity and AI in Organizations Our discussion expanded into cybersecurity and AI adoption within organizations. Unvetted AI solutions pose significant risks, making internal development and continuous monitoring essential. Alec's company, Artificial Intelligence Risk, Inc., deploys private AI within clients' firewalls, reinforcing security through governance and compliance measures. One key takeaway? Awareness is everything. Many organizations jump into AI without securing their systems first. I was particularly interested in the “aha moments” Alec's clients experience when they see AI-driven security solutions in action. AI Governance and Confidentiality Concerns Alec shared a governance issue where a company implemented Microsoft Copilot—only to discover it unintentionally exposed confidential employee data. This highlighted a major concern: AI needs strict guardrails. Alec advocated for a “belt and suspenders” approach—limiting system access, assigning AI agents to specific groups, and avoiding over-reliance on super users who could inadvertently misuse AI. The lesson? AI governance isn't optional; it's a necessity. AI Applications in Call Centers AI's potential spans across industries, and call centers are a prime example. Alec described a client who leveraged AI to analyze 150,000 call transcripts, leading to a 30% reduction in call length and an additional 30% drop in overall call volume—all thanks to AI-driven website improvements. Beyond customer service, AI is making waves in investment research, analyzing earnings calls and regulatory filings. I even shared a fun hypothetical—using AI to predict the Toronto Blue Jays' performance—proving that AI's applications go beyond business into fields like sports analytics. AI Adoption, Security, and Privacy Wrapping up, Alec and I discussed the double-edged sword of AI adoption. While AI presents massive opportunities, it also comes with security, ethical, and privacy risks. Alec emphasized the need for strong leadership in AI implementation, ensuring data quality remains a top priority. I pointed out that the fear of missing out (FOMO) on AI can lead companies to make reckless decisions—often at the cost of security. Alec's company specializes in AI security solutions that safeguard against data breaches and attacks on Large Language Models, reinforcing the importance of a strategic, security-first approach to AI adoption.   Alec Crawford is Founder & CEO of Artificial Intelligence Risk, Inc., a company that accelerates enterprise Gen AI adoption - safely. He has been working with AI since the 1980's when he built neutral networks from scratch for his Harvard senior thesis. He is a thought leader for Gen AI with a blog at aicrisk.com and podcast called AI Risk Reward. He has more than 30 years of experience on Wall Street with his last role being Partner and Chief Risk Officer for Investments at Lord Abbett. linkedin.com/in/aleccrawford Our Story Dedicated to shaping the future.   At AI Risk, Inc., we are dedicated to shaping the future of AI governance, risk management, and compliance. With AI poised to become a cornerstone of business operations, we recognize the need for software solutions that ensure its safety, reliability, and regulatory adherence. Learn more Our Journey ​ Founded in response to the burgeoning adoption of AI without proper safeguards, AI Risk, Inc. seeks to pioneer a new era of responsible AI usage. Our platform, AIR GRCC, empowers companies to manage AI effectively, mitigating risks and ensuring regulatory compliance across all AI models. ​ Why Choose AI Risk, Inc.? ​ Comprehensive Solutions: We offer an all-encompassing platform for AI governance, risk management, regulatory compliance, and cybersecurity. Expertise: With extensive experience across industries and global regulations, we provide tailored solutions to meet diverse business needs. Futureproofing: As AI regulations evolve, our platform remains updated and adaptable, ensuring businesses stay ahead of compliance requirements. Cybersecurity Focus: Recognizing the unique challenges of AI cybersecurity, we provide cutting-edge solutions to protect against threats and ensure data integrity. ​​ Get Started with AI Risk, Inc. ​ Whether you're a large corporation or a budding startup, AI Risk, Inc. is your partner in navigating the complexities of AI implementation securely and responsibly. Join us in shaping a future where AI drives innovation without compromising integrity or security.

Stewart Alsop sat down with Nick Ludwig, the creator of Kibitz and lead developer at Hyperware, to talk about the evolution of AI-powered coding, the rise of agentic software development, and the security challenges that come with giving AI more autonomy. They explored the power of Claude MCP servers, the potential for AI to manage entire development workflows, and what it means to have swarms of digital agents handling tasks across business and personal life. If you're curious to dive deeper, check out Nick's work on Kibitz and Hyperware, and follow him on Twitter at @Nick1udwig (with a ‘1' instead of an ‘L').Check out this GPT we trained on the conversation!Timestamps00:00 Introduction to the Crazy Wisdom Podcast00:52 Nick Ludwig's Journey with Cloud MCP Servers04:17 The Evolution of Coding with AI07:23 Challenges and Solutions in AI-Assisted Coding17:53 Security Implications of AI Agents27:34 Containerization for Safe Agent Operations29:07 Cold Wallets and Agent Security29:55 Agents and Financial Transactions33:29 Integrating APIs with Agents36:43 Discovering and Using Libraries43:19 Understanding MCP Servers47:41 Future of Agents in Business and Personal Life54:29 Educational and Medical Revolutions with AI56:36 Conclusion and Contact InformationKey InsightsAI is shifting software development from writing code to managing intelligent agents. Nick Ludwig emphasized how modern AI tools, particularly MCP servers, are enabling developers to transition from manually coding to overseeing AI-driven development. The ultimate goal is for AI to handle the bulk of programming while developers focus on high-level problem-solving and system design.Agentic software is the next frontier of automation. The discussion highlighted how AI agents, especially those using MCP servers, are moving beyond simple chatbots to autonomous digital workers capable of executing complex, multi-step tasks. These agents will soon be able to operate independently for extended periods, executing high-level commands rather than requiring constant human oversight.Security remains a major challenge with AI-driven tools. One of the biggest risks with AI-powered automation is security, particularly regarding prompt injection attacks and unintended system modifications. Ludwig pointed out that giving AI access to command-line functions, file systems, and financial accounts requires careful sandboxing and permissions to prevent catastrophic errors or exploitation.Containerization will be critical for safe AI execution. Ludwig proposed that solutions like Docker and other containerization technologies can provide a secure environment where AI agents can operate freely without endangering core systems. By restricting AI's ability to modify critical files and limiting its spending permissions, businesses can safely integrate autonomous agents into their workflows.The future of AI is deeply tied to education. AI has the potential to revolutionize learning by providing real-time, personalized tutoring. Ludwig noted that LLMs have already changed how people learn to code, making complex programming more accessible to beginners. This concept can be extended to broader education, where AI-powered tutors could replace traditional classroom models with highly adaptive learning experiences.AI-driven businesses will operate at unprecedented efficiency. The conversation explored how companies will soon leverage AI agents to handle research, automate customer service, generate content, and even manage finances. Businesses that successfully integrate AI-powered workflows will have a significant competitive edge in speed, cost reduction, and adaptability.We are on the verge of an "intelligence explosion" in both AI and human capabilities. While some fear AI advancements will outpace human control, Ludwig argued that AI will also dramatically enhance human intelligence. By offloading cognitive burdens, AI will allow people to focus on creativity, strategy, and high-level decision-making, potentially leading to an era of rapid innovation and problem-solving across all industries.