Paul's Security Weekly (Audio)

This week:
Larry's in the host seat and chaos ensues. We dig into:
A very questionable story about tracking a warship with a $5 Bluetooth tracker
Serial-to-IP devices quietly sitting in critical infrastructure… and full of holes
New York regulators mandating MFA and asset inventory—aka CIS Control #1 is now breaking news
A ransomware negotiator who decided to double-dip (and landed in prison)
"Brand new" hard drives that come preloaded… with someone else's data
The Vercel breach: no zero-day, just shadow IT, stolen tokens, and bad decisions
AI-driven vulnerability discovery and the looming "vulnpocalypse"
Quantum crypto debates: real threat or just another security boogeyman?
Mirai is STILL alive—because apparently we still don't patch routers
And yes… Flipper Zero makes an appearance (no, you're not hacking airplanes… calm down)
Then, we rebroadcast an interview from RSAC.
Breach Readiness for Measurable Risk Reduction in the Age of AI Cyber leaders no longer debate whether a breach will occur. What has changed is the speed and scale at which AI now enables those breaches. The real question is how far an attacker can move once inside. In this conversation, Rajesh Khazanchi explores why breach readiness, including AI-assisted containment, measurable blast radius reduction, and pervasive microsegmentation, has become mission-critical for business continuity in 2026.
This segment is sponsored by ColorTokens. Visit https://securityweekly.com/colortokensrsac to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-923

This week:
CSA issues guidance to CISOs on Mythos
Vuln management woes
Windows tells you about Secure Boot
AI-assisted firmware vuln hunting
The dumbest hack
Edge decay and the failing perimeter
Mac OS X on a Wii
Little snitch comes to Linux
CPUID served malware
Buying plugins to backdoor them
Addicted to hacking
Is Mythos just a sales pitch?
We are still talking about Adobe Acrobat vulns
A single line AI jailbreak
Hacking Apple Intelligence
Don't leave your ICS device or RDP exposed to the Internet!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-922

This week:
Rage dropping 0-Day
Claude Mythos, things are different now
From UART to root, on a device made in China, where's the FCC?
More CUPS vulnerabilities
Russians are hacking routers, FCC ban doesn't stop them
Mongoose vulnerabilities, and FCC still does nothing
Renting virtual phones
Iran's cyber attacks
SHA-256 almost broken?
Catching Axios
New Rowhammer, dubbed GPUBreach, gives you root
Windows 11 has sudo! (And SSH...)
And Inside a Kubernetes Scanning Fleet
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-921

In the Security News:
Claude leaks source code and new models
Two really smart people say AI is finding vulnerabilities better than ever
Windows is using your internet to send updates to strangers
BIG-IP APM vulnerability - all you need to know
Linux KVM for the win
The bus factor and open source
Axios supply chain breach
Trimming Grub
Depotting and hacking e-Motorcycles
Trivy and Cisco source code leaks
The FCC ban and What is a router?
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-920

In this segment, we will explore some pretty awesome tools for scanning the Internet, with a focus on network edge devices. We'll bring it all together with Claude Code and look at some sample results. Tools include:
Shodan | Passive recon — query existing scan data for exposed devices, services, and vulns | Passive (API) | Instant (no packets sent)
ZMap | Host discovery — find live hosts with open ports | L4 (TCP SYN, UDP, ICMP) | Millions of packets/sec
ZGrab2 | Application-layer handshakes — grab banners, certs, headers | L7 (30+ protocol modules) | Thousands of hosts/sec
Nerva | Service fingerprinting — identify 140+ protocols with metadata, CPEs, technology stacks | L7 (TCP, UDP, SCTP) | Fast, concurrent
Nuclei | Template-based vulnerability scanning — default creds, exposed panels, known CVEs | L7 (HTTP, network) | Hundreds of targets/min
Shannon | Vulnerability exploitation — AI-powered whitebox pentesting of web apps | Application | ~1-1.5 hrs per target
edgescan.py | Automated pipeline — orchestrates all tools above into a single command | Orchestration | End-to-end
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-919