In the security news:

• Viral AI prompts
• Things to do in your home security lab
• I can open your garage door
• They call me DKnife
• Beyondtrust RCE
• Cool AI device
• Robots need your body
• Meta is just full of scams, phishing, and malware
• Claude Opus 4.6 found more than 500 high-severity vulnerabilities
• Arista next gen firewalls and command injection
• Secure Boot updates
• The RCE AMD won't fix and why the article went away
• End of support means get it off the network
• Accidentally giving away $44 billion of Bitcoin

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-913

In the security news this week:

• Residential proxy abuse is everywhere this week: from Google’s takedown of IPIDEA to massive Citrix NetScaler scanning and the Badbox 2.0 botnet
• Supply chain fun time: Notepad++ updates were hijacked
• Attackers set their sights on: Ivanti EPMM, Dell Unity storage, Fortinet VPNs/firewalls, and ASUSTOR NAS devices
• Russian state hackers went after Poland’s grid
• Is ICE on a surveillance shopping spree and into hacking anti-ICE apps?
• Ukraine’s war-time Starlink problem is turning into a policy and controls experiment
• The AI security theme is alive and well with exposed LLM endpoints, OpenClaw/Moltbot/Moltbook fiasco, and letting anyone hijack agents
• Signed forensic driver for Windows is still an EDR killer
• The Trump administration’s rollback of software security attestation
• National Cyber Director Sean Cairncross says: “less regulation, more cooperation.”
• Finally, there are some “only in infosec” human stories: * pen testers arrested in Iowa now getting a settlement, * a Google engineer convicted over stolen AI IP, * Booz Allen losing Treasury work over intentional insider leaks, * and an “AI psychosis” saga at an adult-content platform.

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-912

This week, we get un-curmudgeoned by Mandy, spending a bunch of time talking about regulations, compliance, and even the US federal government's commitment to cybersecurity internally and with the community at large. We even dive into some Microsoft patches, hacking defunct eScooters, and a lively discussion on ADS-B spoofing!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-911

In the security news:

• Rainbow tables for everyone
• Lilygo releases a new T-Display that looks awesome
• AI generated malware for real
• Detecting BadUSB when its not a dongle
• A telnetd vulnerability
• Google Fast Pair and how I took control of your headset
• Should we make CVE noise?
• Exploiting the Fortinet patch
• DIY data diode
• Bambu NFC reader for your Flipper
• Payloads in PNG files
• Don't leave the lab door open - amazing research and new tool release
• Fixing your breadboards
• Finding vulnerabilities in AI using AI

Then, Rob Allen from ThreatLocker joins us to discuss default allow, and why that is still a really bad idea.

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-910

In the security news:

• KVMs are a hacker's dream
• Hacking an e-scooter
• Flipper Zero alternatives
• The best authentication bypass
• Pwning Claude Code
• ForiSIEM, vulnerabilities, and exploits
• Microsoft patches and Secure Boot fun
• Making Windows great, again?
• Breaching the Breach Forum
• Congressional Emails
• unsolicited Instagram password reset requests - Is Meta doing enough to secure the platform?
• LLMs are HIPAA compliant?
• Threat actors target LLM honeypots

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-909

This week in the security news:

• Supply chain attacks and XSS
• PS5 leaked keys
• Claude tips for security pros
• No Flipper Zeros allowed, or Raspberry PIs for that matter
• Kimwolf and your local network
• Linux is good now
• Removing unremovable apps without root
• Detecting lag catches infiltrators
• Defending your KVM
• Fixing some of the oldest code
• Deleting websites live on stage in costume
• It was a honeypot
• FCC is letting telecoms off easy
• Don't buy a Haribo power bank
• Ransomeware scum
• Fortinet vulns
• CISA warns about NVRs
• Patching MongoDB

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-908

Our field is booming! Cybersecurity jobs are projected to grow 33 percent through 2033, far outpacing the average 4 percent growth across all jobs. (And yes, those stats could be made up, but they sound nice, eh?) Yet newcomers often feel paralyzed by where to start. The truth? There's no single "right path," but there are proven strategies that work. The field needs people at all levels, and you don't need a four-year degree to break in. We'll discuss all the details, including a list of projects for beginners in Cybersecurity, plus plenty of non-technical suggestions!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-907

The crew makes suggestions for building a hacking lab today! We will tackle:

• What is recommended today to build a lab, given the latest advancements in tech
• Hardware hacking devices and gadgets that are a must-have
• Which operating systems should you learn
• Virtualization technology that works well for a lab build
• Using AI to help build your lab

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-906