In the security news:

• Hacking washing machines, good clean fun!
• Hacking cars via Bluetooth
• More Bluetooth hacking with Breaktooth
• Making old vulnerabilities great again: exploiting abandoned hardware
• Clorox and Cognizant point fingers
• AI generated Linux malware
• Attacking Russian airports
• When user verification data leaks
• Turns out you CAN steal cars with a Flipper Zero, so we're told
• The UEFI vulnerabilities - the hits keep coming
• Hijacking Discord invites
• The Raspberry PI laptop
• The new Hack RF One Pro
• Security appliances still fail to be secure
• Person Re-Identification via Wi-Fi

Show Notes: https://securityweekly.com/psw-885

In the leadership and communications section, The CISO code of conduct: Ditch the ego, lead for real, The books shaping today’s cybersecurity leaders, How to Succeed in Your Career When Change Is a Constant, and more!

Show Notes: https://securityweekly.com/bsw-406

Popup Porn, LoveSense, Tea, Fire Ant, Scatterede Spider, AI Pricing, Josh Marpet, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-498

A successful strategy in appsec is to build platforms with defaults and designs that ease the burden of security choices for developers. But there's an important difference between expecting (or requiring!) developers to use a platform and building a platform that developers embrace. Julia Knecht shares her experience in building platforms with an attention to developer needs, developer experience, and security requirements. She brings attention to the product management skills and feedback loops that make paved roads successful -- as well as the areas where developers may still need or choose their own alternatives. After all, the impact of a paved road isn't in its creation, it's in its adoption.

Show Notes: https://securityweekly.com/asw-341

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis

Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.

Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.

Topic Segment - Should the US Go on the Cyber Offensive?

Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.

News Segment

Finally, in the enterprise security news,

1. We discuss the latest fundings
2. a few acquisitions
3. a vibe coding campfire story
4. how to hack AI agents
5. zero-days in AI coding apps
6. more AI zero days
7. why Ivanti vulns are still alive and well in Japan
8. how wiper commands made their way into Amazon’s AI coding agent
9. it seems like vulnerabilities and AI are pairing up in this week’s news stories!

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-417

Total Recall, Steam, Storm-2063, Unmarker, Altair, Josh Marpet, and More on this episode of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-497

We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications?

In the security news:

• Google Sues Badbox operators
• Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me
• Ring cameras that were not hacked
• Malicous AURs
• Killing solar farms
• Weak passwords are all it takes
• Microsoft's UEFI keys are expiring
• Kali Linux and Raspberry PI Wifi updates
• Use lots of electricity, get a visit from law enforcement
• Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud
• The time to next exploit is short
• Sonicwall devices are getting exploited
• How not to vibe code
• SMS blasters

This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to see purpose-built Google Workspace and Office 365 security in action!

Show Notes: https://securityweekly.com/psw-884

How do we get security right? The answer varies by many factors, including industry, what you're trying to protect, and what the C Suite and Board care about.

Khaja Ahmed, Advisor at CISO Forum, joins Business Security Weekly to discuss how to get consensus on your security program. CISOs, executives, and the Board need to be aligned on the risks and how best to address them. And it's not technical risks, it's business risks measured by legal or financial impact. Khaja will help guide new and existing CISOs on how to:

• Work across the business to build consensus
• Identify and quantify risks in financial and legal terms
• Design security from the start
• Be effective as a security leader

In the leadership and communications section, Is the C-Suite Right for You?, What Fortune 100s are getting wrong about cybersecurity hiring, Why Communication Is Exhausting in Chaotic Workplaces, and more!

Show Notes: https://securityweekly.com/bsw-405

Donatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more on the Security Weekly News.

Segment Resources: https://www.darkreading.com/threat-intelligence/matanbuchus-loader-ransomware-infections

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/swn-496

AI is more than LLMs. Machine learning algorithms have been part of infosec solutions for a long time. For appsec practitioners, a key concern is always going to be how to evaluate the security of software or a system. In some cases, it doesn't matter if a human or an LLM generated code -- the code needs to be reviewed for common flaws and design problems. But the creation of MCP servers and LLM-based agents is also adding a concern about what an unattended or autonomous piece of software is doing.

Sohrob Kazerounian gives us context on how LLMs are designed, what to expect from them, and where they pose risk and reward to modern software engineering.

Resources

• https://www.vectra.ai/research

Show Notes: https://securityweekly.com/asw-340

Existential Dread and Seawater, MCP, Cloudflare, ESxi, QR Codes, Salt Typhoon, Aaran Leyland, and More on this episode of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-495

In the security news:

• The train is leaving the station, or is it?
• The hypervisor will protect you, maybe
• The best thing about Flippers are the clones
• Also, the Flipper Zero as an interrogation tool
• Threats are commercial and open-source
• Who is still down with FTP?
• AI bug hunters
• Firmware for Russian drones
• Merging Android and ChromOS
• Protecting your assets with CVSS?
• Patch Citrixbleed 2
• Rowhammer comes to NVIDIA GPUs
• I hear Microsoft hires Chinese spies
• Gigabyte motherboards and UEFI vulnerabilities
• McDonald's AI hiring bot: you want some PII with that?

Show Notes: https://securityweekly.com/psw-883

Are you running SAP? The clock is ticking... Standard maintenance end-of-life is set for the end of 2027. Migration to S/4HANA must be completed by then (or 2030 if you buy into SAP’s special three-year reprieve). While that may appear to be enough time, companies currently working toward an S/4HANA transition are finding the journey challenging, and that's not including the security challenges.

Chris Carter, CEO at Approyo, joins Business Security Weekly to discuss your SAP options, including:

• ERP Strategy: Stay with SAP or migrate to other solutions?
• S/4HANA Architecture: All cloud or cloud/on-premise?
• Security Challenges: Cloud vs. on-premise
• SAP Migration: Recommendations for success

In the leadership and communications section, Where cybersecurity maturity meets confidence in C-suite and board leadership, Has CISO become the least desirable role in business?, How Radical Transparency Is Revolutionizing Leadership, and more!

Show Notes: https://securityweekly.com/bsw-404

AI meltdowns, Gigabyte, NCSC, Rowhammer, Gravity Form, Grok, AsyncRat, Josh Marpet and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-494

What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.

The better question is, "What do you want to secure?"

We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.

Resources:

• https://cybersecurityframework.io
• https://owasp.org/www-project-cheat-sheets/
• https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
• https://aflplus.plus/
• https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/

Show Notes: https://securityweekly.com/asw-339

Segment 1: Interview with Monzy Merza - There is a Right and Wrong Way to use AI in the SOC

In the rush to score AI funding dollars, a lot of startups build a basic wrapper around existing generative AI services like those offered by OpenAI and Anthropic. As a result, these services are expensive, and don't satisfy many security operations teams' privacy requirements.

This is just the tip of the iceberg when discussing the challenges of using AI to aid the SOC. In this interview, we'll dive into the challenge of finding security vendors that care about security, the need for transparency in products, the evolving shared responsibility model, and other topics related to solving security operations challenges.

Segment 2: Topic Segment - How much AI is too much AI?

In the past few weeks, I've talked to several startup founders who are running into buyers that aren’t allowed to purchase their products, even though they want them and prefer them over the competition. Why? No AI and they’re not allowed to buy.

Segment 3: News Segment

Finally, in the enterprise security news,

1. We cover the latest funding
2. The Trustwave saga comes to a positive end
3. Android 16 could help you evade law enforcement
4. Microsoft is kicking 3rd party AV out of the kernel
5. Giving AI some personality (and honesty)
6. Log4shell canaries reveal password weirdness
7. Denmark gives citizens copyright to their own faces to fight AI
8. McDonald’s has an AI whoopsie
9. Ingram Micro has a ransomware whoopsie
10. Drama in the trailer lock industry

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-415

Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet, and More on this episode of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-493

This week in the security news:

• Citrixbleed 2 and so many failures
• Ruckus leads the way on how not to handle vulnerabilities
• When you have no egress
• Applocker bypass
• So you bought earbuds from TikTok
• More gadgets and the crazy radio
• Cheap drones and android apps
• Best Mario Kart controller ever
• VSCode: You're forked
• Bluetooth earbuds and vulnerabilities
• Do you remember Sound blaster cards?
• NFC passport chips
• Whack-a-disk

Show Notes: https://securityweekly.com/psw-882

SEC settles with SolarWinds. We react!

In the leadership and communications section, The Skills and Habits Aspiring CEOs Need to Build, Why People Really Quit — And How Great Managers Make Them Want to Stay, The Small Actions That Become Your Legacy, and more!

Show Notes: https://securityweekly.com/bsw-403

Spying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-492

Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is expanding a new (but not very different) attack surface. We look at where orgs are investing in appsec, who appsec teams are collaborating with, and whether we need security awareness training for LLMs.

Resources:

• https://www.forrester.com/blogs/application-security-2025-yes-ai-just-made-it-harder-to-do-this-right/

Show Notes: https://securityweekly.com/asw-338

Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical tools are overpriced, overcomplicated, and reserved for companies that can afford to overpay and have full-time security teams. That’s broken. Cubeless is tearing down the barriers. With Cubeless Verify, we’re delivering SSO and MFA that anyone can use—no IT army required. No hidden fees. No contracts. No catch. Just enterprise-grade security made simple, and free forever. The gatekeepers had their turn. Now it’s yours. Go to https://securityweekly.com/cubelessidv to start using Cubeless Identity today.

As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. A lack of identity standards tailored specifically for AI agents, is creating a roadblock for developers. Existing infrastructure was not designed with autonomous agents in mind. How will identity standards need to evolve in order to meet the needs of an agent driven ecosystem? https://frontegg.com/product/frontegg-ai This segment is sponsored by Frontegg. Visit https://securityweekly.com/fronteggidv to learn more about them!

Traditional IGA tools struggle to deliver full observability—and stall when it’s time to take action. Axonius Identities is changing that—bringing actionability to identity governance by embedding it into the broader cyber asset platform. In this session, CEO of AxoniusX, Amir Ofek shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments. https://www.axonius.com/products/identities Axonius Blog: From Roles to Rules – An Access Paradigm Shift: https://www.axonius.com/blog/from-roles-to-rules Axonius Cybersecurity Asset Management Platform Overview: https://www.axonius.com/platform See how Axonius makes identity actionable. Visit https://securityweekly.com/axoniusidv.

As enterprises are looking to rapidly deploy AI agents to drive innovation, they face an urgent need to secure this new "digital workforce" without hindering speed. Traditional security models weren't built for the unique identity and access demands of autonomous AI. This session will cut through the hype, address the real security concerns head-on, and outline a modern, cloud-native framework for managing privileged access for AI agents, ensuring your organization can innovate fast and stay secure. https://www.britive.com/use-cases/agentic-ai-security https://www.britive.com/resource/events/zero-standing-privileges-human-ai-nhi https://www.britive.com/resource/blog/agentic-ai-redefining-identity-security-cloud https://www.britive.com/resource/blog/owasp-vulnerabilities-llm-goes-rogue-navigating-corporate-chaos https://www.britive.com/resource/blog/agent-to-agent-access-security https://www.britive.com/resource/blog/genai-data-privacy-ip-protection https://www.britive.com/resource/blog/rethinking-nhi-cloud-security-strategies This segment is sponsored by Britive. Visit https://securityweekly.com/britiveidv to learn more about Britive's agentless cloud-native Privileged Access Management platform.

As digital transformation accelerates and advanced threats evolve, industries of all kinds face rising pressure to secure identities, prevent fraud, and deliver seamless user experiences. Aware CEO Ajay Amlani shares how biometric technology is stepping up to meet these challenges—providing fast, accurate, and scalable solutions that strengthen security while reducing friction. Discover how biometrics is reshaping the identity landscape and enabling trust in an increasingly complex world. https://www.aware.com/blog/ This segment is sponsored by Aware. Visit https://securityweekly.com/awareidv to learn more about them!

As threat landscapes grow more complex and stakeholder expectations rise, organizations must reimagine their approach to cyber resilience and trust. This interview will explore how artificial intelligence is transforming cybersecurity—from identifying vulnerabilities in real time to automating response and aligning security initiatives with broader business goals. Join us for a forward-looking discussion on what it means to lead with AI, earn digital trust, and create a resilient enterprise that’s built to withstand tomorrow’s threats. This segment is sponsored by SDG. Visit https://securityweekly.com/sdgidv to learn more about them!

Show Notes: https://securityweekly.com/esw-414

North Korea, ransomware, social engineering, AI, Apple, Drugs & Iran on this edition of the Security Weekly News!

Show Notes: https://securityweekly.com/swn-491

This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. We break down the available hardware, walk you through firmware installation, and share real-world use cases of LoRa to create decentralized, encrypted networks. Whether you’re a hacker, a prepper, or just curious about the future of resilient communication, this episode is packed with insights and practical tips you won’t want to miss!

This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/psw-881