The 443 - Security Simplified

This week on the podcast, we cover the accidental Claude Code source code leak and what it means for users and the wider ecosystem. After that, we discuss the Axios supply chain compromise impacting users of a JavaScript library with over 100 million weekly downloads. We end with our thoughts on Browser Gate, the name given to allegations that Microsoft is illegally harvesting LinkedIn customer data for a competitive advantage.

This week on the podcast, we discuss the US government's ban on foreign-manufactured consumer routers and its likely impact. After that, we cover a research post from Huntress on a recent phishing campaign leveraging OAuth Device Authentication flows to retain long-term access to compromised accounts. We end with a review of key takeaways from Google's Cloud Threat Horizons report for H1 2026.

In this episode, Corey Nachreiner interviews WatchGuard Cybersecurity Analyst and Threat Emulation & Investigations Lead, Kristen Yang, about the path into cybersecurity, the evolution from threat hunting to leading investigations, and the realities of defending against modern attacks. They explore today’s threat landscape, incident response mistakes, red teaming lessons, MITRE ATT&CK, AI in security, and the skills analysts need most, plus a rapid-fire round to close things out.

This week on the podcast, we cover the cyber attack that managed to wipe more than 200,000 resources off of the medical technology giant Syryker's network. After that, we review a research post on a good chrome extension gone bad. We end by discussing a recent Microsoft threat intelligence post on how North Korean-backed threat actors have operationalize AI for job scams.

This week on the podcast, we chat about an OpenClaw bot that moved beyond vulnerability research and into malicious activity. Before that, we cover an AI-discovered vulnerability in the pac4j-jwt authentication library before ending with a discussion on an upcoming California law designed to help make age verification in the digital age easier, but with massive consequences.

This week on the podcast, we discuss the recently disclosed and patched 0-Day vulnerability in Cisco's Catalyst SD-WAN Controller which has been under active exploit for 3 years. After that, we cover the latest open source supply chain attack involving a self-propagating worm targeting AI tools. We end with a discussion about another social engineering campaign targeting job hunters in the software development world.

This week on the podcast, we cover the WatchGuard Threat Lab's Internet Security Report for the second half of 2025. In this episode, we cover the latest trends for malware at both the network perimeter and endpoint, network attacks, and the top malicious domains from the period before ending with some tips everyone can use to defend their networks.

This week on the podcast, we discuss OpenClaw, the open source chatbot that has exploded in popularity since launching late last year, and some of the risk it introduces to organizations. Before that, we chat about Ring's Super Bowl advertisement that caused a stir before ending with a Google Threat Intelligence Group report on advanced threat actor AI usage.

This week on the podcast, we cover a recent supply chain compromise involving the popular text editor Notepad++. After that, we discuss a recent vulnerability report in the Moltbook AI social network before ending with a deep-dive review of a recent remote code execution vulnerability in the N8N automation platform.

This week on the podcast, we cover a Politico report detailing a security lapse at CISA in the United States involving sensitive data and a public version of ChatGPT. Following that, we dive into a couple of vulnerabilities recently resolved in the SolarWinds Web Help Desk application. Finally, we end with some closure on a story about two Coalfire penetration testers who were arrested several years ago for completing a penetration test in Iowa.

This week on the podcast, we cover some first-hand research from the WatchGuard Threat Lab on a phishing campaign targeting users of nearly every major VPN vendor. After that, we discuss two recently resolved vulnerabilities in the Fortinet FortiSIEM application, then end with research from Varonis on a new attack flow against Copilot called RePrompt.

This week on the podcast, we discuss the recently disclosed React2Shell vulnerability affecting a wide array of web applications. Before that, we review a new phishing campaign that uses a newly coined ConsentFix technique before discussing a security misstep from Home Depot.

This week on the podcast, we cover the Kimwolf botnet, a collection of compromised IOT devices that at one point grew so large that it's command and control domain beat out Google.com as the most popular domain on the internet. After that, we discuss yet another devious take on ClickFix style phishing before ending with coverage from Cisco TALOS on another threat actor targeting edge networking equipment.

This week on the podcast, we cover a wave of attacks against network edge equipment and internet-exposed systems including an update on the recently patched Firebox 0-Day. After that, we cover two stories on browser extensions siphoning off data and making unwanted modifications to victim’s web browsing activity.

This week on the podcast, we go through all six of our cybersecurity predictions for 2026. For each prediction, we'll discuss the trends behind them, why we think they'll hit next year, and some takeaways for people and organizations on how to react to them in the coming year.

This week on the podcast, we cover OWASP’s update to the top 10 web application security weaknesses and its changes from the 2021 list. We also cover a recently uncovered adversary-in-the-middle campaign that’s pushing malicious software updates to targeted systems. We conclude with our opinions on Microsoft’s latest AI features, which are coming to Windows.