This episode is all about trust getting abused at scale.

We start with Chinese-nexus operators pivoting fast onto Qatar using conflict lures and familiar tradecraft.

Then we hit banking, because they deserve it: Lloyds, Halifax, and Bank of Scotland customers seeing other people’s transactions in-app, a straight confidentiality failure, not “someone hacked my phone”.

From there it’s the Middle East conflict exposing what “cloud resilience” really means when the problem isn’t cyber, it’s physical disruption and dependency chains. Then Meta’s takedown of 150,000 scam-linked accounts shows the fraud supply chain is still running hot, and the platforms are now part of the battleground whether they like it or not.

The Microsoft story is the one to watch: a critical Excel bug that turns Copilot Agent into a zero-click data leak path. And the AI agent theme keeps going with Context7: attackers slipping instructions into “helpful” context and getting agents to do dumb, destructive things on their behalf.

We finish with Stryker having the worst day with a major outage, disputed claims, and a reminder that if your management plane gets hit, you can lose the whole estate fast. Look at Intune.

No hype. Just the stuff that actually breaks systems, me talking too fast, which to be honest 'slow' is why I turn most podcasts off.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-563

Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Tube Stations, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-562

Iran vs Everyone: 2FA-Bypass Phish, APT41 Drive, iOS 0days, Josh Marpet, and More on the Security Weekly News

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-561

North Korea, DOJ, APT 28, Anthropic, OpenClaw, Supply Chain, Josh Marpet, and More on Security Weekly News

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-560

Brainstorm, SonicWall, Junos, Glienicke Brücke, Burger King, Claude, Josh Marpet, and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-559

Infinite AI Monkeys, Ploutus, Serv-U, Fortinet, Cyberwar, COBOL, NIST, Dr. Strangelove, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-558

The Code of Hammurabi, Rockyou, MimicRat, Google, Trustconnect, Introsort, AI, Josh Marpet, and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-557

Meatbags, AI Soul Harvest, DNS, LastPass, GS7, OpenClaw, MYSQL, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-556

Cams, Gelbwurst, Chrome, SCCM, CVES, SSHStalker, RAM, TikTok, Josh Marpet, and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-555

Idoru, Singapore, Gambling, Smartertools, Ivanti, ZeroDayRat, Twiki, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-554

The smell of victory, Bongo Fury, Sysmon, Antiques, Looker, Openclaw, Kimwolf, Josh Marpet, and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-553

DBII, Notepad++, Covenant, Fancy Bear, CTFs, Firefox, AI Slop, Josh Marpet, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-552

The AI Grief Counselor Sketch, Fortinet, BSODs, WINRAR, Montreaux, Big Iron, Memory Prices, Josh Marpet, and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-551

Doombuds, Office 1.0, Telnetd, Chrome, Vishing, Cursed Ralph, PeckBirdy, The Boss, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-550

AI Cage Match, Fortinet, Cisco, DVWA, Polonium, Small Town AIs, LastPass, Josh Marpet, and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-549

Carla the Ogre, extensions, Crashfix, Gemini, ChatGPT Health, Dark AI, MCP, Joshua Marpet, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-548

Miss Cleo, Whisperpair, Fortisiem, REDVDS, Google, Spying, Rob Allen from Threatlocker, and More on this episode of the Security Weekly News.

Segment Resources: https://www.cybersecuritydive.com/news/telecom-ransomware-spike-cyble/809224/

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-547

Are you dead? AI Hellscape, Copilot Uninstalled?, Blue Delta, 2026 predictions, Quishing, Confer, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-546

Grok Nudification, Spying, Ni8mare, Cisco, Chat-GPT, Chrome, SaaS, CES, Josh Marpet, and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-545

Pornhub Redux, Enki, Grok, BSODs, NORDVPN, Kimwolf, Privacy in Rhode Island, Aaran Leyland, and More, on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-544

Cloud breaches don’t always start in the cloud, but they do end there. To defeat an attacker you need to understand their mission target along with the access points available to them, regardless of whether they reside within or beyond the cloud. SentinelOne is purpose-built to stop attacks wherever they originate - from within and beyond the cloud. This year’s OneCon aims to showcase exactly how Singularity Cloud Security can be applied to each stage of a cloud attack - from buildtime to runtime. You’ll hear about the latest innovations for the Singularity Cloud Security product during our General Session. Immediately following, our packed Cloud Security Breakout session agenda will showcase how to put these capabilities into practice. You’ll also hear more about our partnership with AWS and how we are advancing cloud security with Purple AI Support for AWS CloudTrail and Singularity Hyperautomation for AWS Security Incident Response.

Live from SentinelOneCon 2025, join us for an in-depth conversation on today’s rapidly shifting threat landscape. We'll explore what SentinelOne is seeing across global attack surfaces, how geopolitical tensions are shaping cyber activity, and the latest trends in threat actor behavior. Don’t miss this opportunity to gain expert insight into the forces driving today’s most critical cybersecurity challenges.

This interview is sponsored by SentinelOne. Visit https://securityweekly.com/onecon to learn more about them!

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-543

SentinelOne announced a series of new innovative designations and integrations with Amazon Web Services (AWS), designed to bring the full benefits of AI security to AWS customers today. From securing GenAI usage in the workplace, to protecting AI infrastructure to leveraging agentic AI and automation to speed investigations and incident response, SentinelOne is empowering organizations to confidently build, operate, and secure the future of AI on AWS.

SentinelOne shares its vision for the future of AI-driven cybersecurity, defining two interlinked domains: Security for AI—protecting models, agents, and data pipelines—and AI for Security—using intelligent automation to strengthen enterprise defense. With its Human + AI approach, SentinelOne integrates generative and agentic AI into every layer of its platform. The team also unveils the next evolution of Purple AI, an agentic analyst delivering auto-investigations, hyperautomation, and instant rule creation—advancing toward truly autonomous security.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-542

You survived the click—but now the click has evolved. In Part 2, the crew follows phishing and ransomware down the rabbit hole into double extortion, initial access brokers, cyber insurance drama, and the unsettling rise of agentic AI that can click, run scripts, and make bad decisions for you. The conversation spans ransomware economics, why paying criminals is a terrible plan with no guarantees, and how AI is turning social engineering into a whole new wild west.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-541

It’s the holidays, your defenses are down, your inbox is lying to you, and yes—you’re gonna click the link. In Part 1 of our holiday special, Doug White and a panel of very smart people explain why social engineering still works decades later, why training alone won’t save you, and why the real job is surviving after the click. From phishing and smishing to click-fix attacks, access control disasters, and stories that prove humans remain the weakest—and most entertaining—link in security, this episode sets the stage for the attack we all know is coming.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-540

Auld Lang Syne, Ghostpairing, Centerstack, OneView, WAFS, React2Shell Redux, Crypto, Josh Marpet, and More, on the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-539