Send us a text

We unpack how AI shifts the security game, from state-backed use of agentic tools to prompt injections that hijack functions and bypass access. We also show how to control Gemini’s training access to your data and outline practical steps to harden AI stacks.

• Anthropic’s disclosure of state actor abuse of agentic AI
• MITRE ATT&CK at machine speed via spawned agents
• When hallucinations blunt attacks and when they don’t
• Prompt injection and second-order function hijacking
• ServiceNow agent exploitation and lessons for guardrails
• Supply chain risk in Ray and distributed AI frameworks
• Practical defenses for data, context, and tool scopes
• How to opt out of Gemini training via myactivity.google.com
• Why ethical AI and transparency build user trust

If you learn something new, share this episode, share it with your friends, share it with a friend. Always please give us a like, a follow

Support the show

Send us a text

We break down urgent patches, a remote‑execution risk on tens of thousands of firewalls, and an AI browser flaw that leaks context. We also flag weaker federal support, a major airline breach, and leave you with a simple checklist to reduce risk now.

• Oracle E‑Business CVE and why fast patching matters
• Cisco firewall remote code execution and CISA’s directive
• Red team vs blue team across physical, social, and cyber
• Apple’s $2M bug bounty and device update urgency
• Government shutdown impact on CISA and data sharing
• AI browser comet jacking and prompt injection risks
• Qantas Salesforce breach and phishing fallout
• A practical weekly security checklist and backups

follow us, hit that like, subscribe, follow, comment, share, do all that

Support the show

Send us a text

Salah and Vivek tackle major ransomware attacks on aviation infrastructure, critical Android security updates, and new California privacy regulations affecting how companies use AI to make decisions about you. They provide practical security advice for protecting yourself in an increasingly complex digital landscape.

• Collins Airspace hit with ransomware causing flight delays and baggage issues across European airports
• Android pushes critical September update fixing 84 vulnerabilities including two actively exploited zero-days
• "Cancel the Hate" app designed to doxx critics ironically exposed its own users' data
• California approves new rules requiring companies to disclose how they use automated decision-making technologies
• Two-factor authentication is essential for securing all your accounts
• Use a password manager to create and store strong, unique passwords
• Regularly audit your apps and revoke unnecessary permissions

Next week we'll dive into whether your private messaging is truly private, examining who might be listening - from companies to nation states. Stay caffeinated, stay private, and keep your silent mode on.

Support the show