Security Now 1072: LiteLLM
Click Fix Attacks Surge
All TWiT.tv Shows (Audio) · TWiT
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
An explosive supply chain hack in Light LLM nearly unleashed catastrophic malware across millions of AI systems, and it took a coder's quick thinking to catch it before it snowballed into disaster.
- Will California require Linux to verify its user's age.
- Apple's iOS 26.4 requires UK users to prove their age.
- Russia chooses to use home grown 5G mobile encryption.
- Ukraine knew the webcam was installed by Russian spies.
- Google moves quantum computing "Q Day" to 2029.
- At RSA, UK's NCSC CEO warns of vibe-coded SaaS replacements.
- More information about nasty ClickFix campaigns.
- More than one in seven Reddit postings are an AI-bot.
- The story behind the LiteLLM disaster that was averted.
Show Notes - https://www.grc.com/sn/SN-1072-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit
Sponsors: