The crew makes suggestions for building a hacking lab today! We will tackle:

• What is recommended today to build a lab, given the latest advancements in tech
• Hardware hacking devices and gadgets that are a must-have
• Which operating systems should you learn
• Virtualization technology that works well for a lab build
• Using AI to help build your lab

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-906

This week in the security news:

• Linux process injection
• Threat actors need training too
• A Linux device "capable of practically anything"
• The Internet of webcams
• Hacking cheap devices
• Automating exploitation with local AI models
• Lame C2
• Smallest SSH backdoor
• Your RDP is on the Internet
• These are not the high severity bugs you were looking for
• Low hanging fruit
• Your TV is spying on you, again
• no such thing as "offensive security"
• MCPs and RCEs
• Browser extensions collecting your AI chats
• And flooding TikTok with AI influencers

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-905

This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news:

• Hacking Smart BBQ Probes
• China uses us as a proxy
• LOLPROX and living off the Hypervisor
• Are we overreating to React4Shell?
• Prolific Spyware vendors
• EDR evaluations and tin foil hats
• Compiling to Bash!
• How e-waste became a conference badge
• Overflows via underflows and reporting to CERT
• Users are using AI to complete mandatory infosec training!
• AI in your IDE is not a good idea
• Cybercrime is on the rise, and its the kids
• AI can replace humans in power plants
• Will AI prompt injection ever go away?
• To use a VPN or to not use a VPN, that is the question

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-904

This week we welcome Ed Skoudis to talk about the holiday hack challenge (https://sans.org/HolidayHack). In the security news:

• Oh Asus
• Dashcam botnets
• Weird CVEs being issued
• CodeRED, but not the worm
• Free IP checking
• Internet space junk and IoT
• Decade old Linux kernel vulnerabilities
• Breaking out of Claude code
• Malicious LLMs
• Hacker on a plan gets 7 years
• Putting passwords into random websites
• NPM supply chains strike again
• LLMs will never be intelligent

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-903

Tune in for some hands-on tips on how to use Claude code to create some amazing and not-so-amazing software. Paul will walk you through what worked and what didn't as he 100% vibe-coded a Python Flask application. The discussion continues with the crew discussing the future of vibe coding and how AI may better help in creating and securing software.

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-902

In the security news:

• Cloudflare was down, it was not good
• Logitech breached
• The largest data breach in history?
• Fortinet Fortiweb - the saga continues
• Hacking Linux through your malware scanner, oh the irony
• I never stopped hating systemd
• The ASUS exploit that never existed
• If iRobot fails, can we deploy our own hacker bot army?
• Firmware encryption is a bitch
• Threat actors deply Claude Code
• Remembering the Viasat hack and why we can't have nice things
• Hacking re-entry sensors
• Sending signals in the wrong direction
• A File Format Uncracked for 20 Years
• And 2026 is the year of the Linux desktop!

Then, high school junior Bryce Owen joins us to discuss how he created the "Space Badge"!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-901

This week:

• Minecraft on your lightbulb
• Sonicwall breached, who's next?
• Ditch Android, install Linux
• Hacking your face
• Thermostat freedom
• Pen test fails
• HackRF hacking times 2
• Going around EDR
• Hackers in your printer
• Chinese data breach
• NFC relays and PCI
• Constructive construction hacks
• FlipperZero firmware update
• ICS, PLCs, and attacks
• Bayesian Swiss Cheese, taste good?
• Do you want to hack back?
• Keeping secrets
• Enforcing CMMC
• OWASP top ten gets a make over
• Android Spyware makes a LANDFALL
• Gemini's deep research into your documents
• Slopguard
• and AI datacenters in space!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-900

This week:

• Reversing keyboard firmware
• Ghost networks
• Invasion of the face changers
• Ghost tapping and whole lot of FUD
• AI doesn't code securely, but Aardvark can secure code
• De-Googling Thermostats
• Dodgy Android TV boxes can run Debian
• HackRF vs. Honda
• Cyberslop AI paper
• Turning to the darkside
• Poisoning the watering hole
• Nagios vulnerabilities
• VPNs are a target

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-899