461 episódios
AI Is Supercharging Cyberattacks | Cybersecurity Today On The Weekend | July 18, 2026
18/07/2026 | 33minArtificial intelligence is changing cybersecurity on both sides of the battle. While defenders are adopting AI to improve detection and response, attackers are using it to discover vulnerabilities, automate exploitation, and dramatically accelerate the pace of attacks.
In this episode of Cybersecurity Today On The Weekend, host David Shipley speaks with Lionel Liddy, Chief Information Security Officer at Menlo Security, about why today's security strategies must evolve as AI reshapes the threat landscape.
The conversation explores how AI is speeding up vulnerability discovery, why browser security has become a critical layer of defence, the emerging risks of AI agents operating inside browsers, and why recent NIST research suggests perfect AI guardrails may be mathematically impossible. Lionel also explains why organizations should prepare for future attacks that could spread even faster than Log4j.
In this episode:
How AI is accelerating cyberattacks
Why browser isolation can reduce risk
The security challenges created by AI agents
Prompt injection and browser extension threats
Why AI guardrails have fundamental limits
Lessons from Log4j and preparing for the next major exploit
Practical advice for CISOs and security leaders
Chapters
00:00 Sponsor – NordLayer
00:39 Weekend Show Intro
01:48 Lionel Liddy Background
04:44 What Menlo Security Does
06:43 AI Speeds Up Exploits
10:09 CISO Whiplash With AI
12:01 Agents And Browser Risks
15:59 Guardrails And NIST Proof
19:40 Mythos Hype And New Normal
23:19 Hazmat Suit For Servers
27:22 Log4j Times Four Scenario
31:44 Wrap Up And Links
32:54 Sponsor – NordLayer Outro
Subscribe for weekly cybersecurity news, expert interviews, and practical insights for CISOs, IT professionals, and security leaders.Scattered Spiders sentenced, OpenAI builds an AI that breaks AIs, and Iran leans on ChatGPT
17/07/2026 | 12minTwo leading Scattered Spider members, Thaila Jubar and Owen Flowers, were sentenced to five years and six months for the 2024 Transport for London hack that knocked 148 systems offline, forced 27,000 password resets, stole customer data, and cost TfL £29 million, with wider losses estimated far higher; U.S. charges against Dubar remain unproven.
Investigators also believe Russian hackers were behind last year's crippling Jaguar Land Rover attack that halted production for months and contributed to a £1.5 billion bailout, with Microsoft and multiple agencies assisting.
OpenAI unveiled GPT-Red, an automated red-teaming AI for prompt injection, alongside a NIST-backed argument that finite guardrails can't be universally robust.
The episode also covers ClickLock, a macOS stealer that kills apps until a password is entered, and Recorded Future's report on Iran-linked groups using ChatGPT for malware, phishing, and reconnaissance.
00:00 Headlines Kickoff
01:08 Scattered Spider Sentencing
02:57 US Charges Loom
03:29 Jaguar Land Rover Hack
04:35 GPT-Red AI Red Team
05:40 Why Guardrails Fail
06:36 ClickLock Mac Stealer
06:53 How ClickLock Spreads
07:59 Defense and Cleanup Tips
08:37 Iran Uses AI for Ops
10:30 Wrap Up and Next ShowShareFile explained, healthcare in critical cyber condition and click fix tops malware charts
15/07/2026 | 13minShareFile emergency explained, a year of Salesforce breaches examined, healthcare cybersecurity in critical condition and click fix goes number one for malware.
David Shipley covers Progress Software's emergency ShareFile shutdown, now tied to a previously unknown high-severity path traversal flaw in Storage Zone Controller 5.x/6.x with patches available (5.12.5 and 6.0.2) and no evidence of prior exploitation.
Microsoft's analysis of a year of ShinyHunters activity compromising corporate Salesforce environments by abusing trust via OAuth (IT-support phone cons, vendor token theft such as Salesloft/Drift, and misconfigured guest access), prompting new monitoring tooling.
A Fortified Health Security report finding healthcare fixed only 6% of identified risks in H1 2026 amid surging vulnerabilities, third-party risk, and weak identity hygiene.
ReversingLabs and ReliaQuest research showing ClickFix social-engineering is now a leading malware delivery method; and Telstra's nationwide outage traced to an obsolete time server hit by a GPS rollover bug, disrupting Triple Zero calls and prompting Senate scrutiny.
00:00 Sponsor NordLayer
00:37 Headlines Overview
01:06 ShareFile Patch Explained
03:25 Salesforce OAuth Break Ins
06:01 Hospitals Drowning in Risks
08:24 ClickFix Malware Surge
11:13 Telstra Time Server Outage
12:32 Wrap Up and Sign OffShareFile shutdown, double-agent ransomware negotiator sentenced, Helix uses vishing
13/07/2026 | 10minShareFile shutdown order, a double-agent ransomware negotiator sentenced, and vishing crews raid SharePoint
Progress Software ordered customers running ShareFile Storage Zone Controllers to shut down the Windows servers immediately amid a credible external threat, offering no CVE, threat details, or restoration timeline while noting cloud-only customers aren't affected.
Former ransomware negotiator Angelo Martino was sentenced to 70 months for feeding BlackCat operators victims' negotiating positions and insurance limits, taking a cut of payments, and helping deploy BlackCat against additional U.S. companies; $10 million has been seized and restitution is set for Sept. 17.
Dutch police say a phone call kickstarted the Odido breach affecting 6.2 million customers and may release the suspected hacker's recorded voice if he doesn't surrender.
ReliaQuest profiled "Helix," an extortion crew using vishing and Microsoft device-code logins to steal SharePoint data via session tokens; defenses include disabling device-code auth and restricting SharePoint.
Assurance America disclosed a breach impacting 6.99 million people, including leaked driver's license data.
00:00 NordLayer Sponsor Message
00:37 Today's Cyber Headlines
01:08 ShareFile Shutdown Alert
03:39 Ransomware Double Agent Sentenced
05:13 Odido Breach Voice Threat
06:24 Helix Vishing SharePoint Extortion
08:00 Assurance America License Leak
08:57 Wrap Up and Conference Note
09:25 NordLayer Sponsor ReminderAI Export Controls, FortiBleed, Third-Party Breaches & CISO Burnout | Cybersecurity Today Panel
11/07/2026 | 1h 1minCan governments decide who gets access to advanced AI models? Are third-party breaches becoming impossible to control? And why are so many CISOs reaching burnout?
In this special Cybersecurity Today Month in Review Panel, host Jim Love is joined by cybersecurity experts Laura Payne, David Shipley, and Mike Kim (Mycroft) to examine the biggest cybersecurity stories and trends from June 2026.
The panel explores the controversy over U.S. export controls on Anthropic's Mythos and Fable AI models, what they reveal about digital sovereignty, and whether governments should be able to restrict access to frontier AI. They also discuss the continuing wave of third-party breaches, including Salesforce ecosystem compromises and the Clue breach, and why organizations must move beyond compliance toward practical risk management.
The conversation examines FortiBleed, exposed administrator portals, credential reuse, and the difficult balance between software flaws, operational mistakes, and secure-by-default design. The panel also tackles one of cybersecurity's biggest human challenges: CISO burnout, executive accountability, organizational culture, and what separates successful security leaders from those set up to fail.
The episode concludes with encouraging developments in international cybercrime enforcement, including Operation Riptide, and why better intelligence sharing and improved operational security are making it harder for cybercriminals to hide.
Whether you're a CISO, security practitioner, IT leader, or simply interested in the rapidly changing cybersecurity landscape, this discussion offers practical insight into the trends shaping the industry.
Panel
Jim Love (Host)
Laura Payne
David Shipley
Mike Kim (Mycroft)
Topics covered
AI export controls and digital sovereignty
Anthropic Mythos and Fable
Third-party and supply chain risk
Salesforce ecosystem security
FortiBleed and Fortinet security
Secure-by-default strategies
CISO burnout and executive accountability
Operation Riptide
Cybercrime investigations
Security leadership and governance
Chapters
00:00 Sponsor NordLayer
00:38 Meet the Panel
02:40 Author Scam Warning
04:51 Emotion Is the Target
08:47 AI Model Export Controls
10:01 Hype vs Real AI Security
15:01 Sovereignty and Dependency
20:35 Governments Push Back
24:14 AI Internal Voice Risks
26:12 Third Party Breach Fatigue
30:05 Compliance Limits on Risk
32:15 Blame Game to Risk Focus
33:18 Standards and Priorities
33:39 When Security Vendors Fail
34:35 FortiBleed Numbers Explained
35:44 Process Failures vs Bugs
37:32 Why Fortinet Gets Heat
39:05 Secure by Default Basics
41:04 Budget Reality and Culture
44:36 CISO Burnout and AI Pressure
46:16 Liability and Shared Ownership
50:12 What Great CISOs Do
53:07 Operation Riptide Wins
56:10 Deterrence and Due Process
58:14 Sharing Intel for ROI
59:09 Hopium and Wrap Up
01:00:46 Sponsor NordLayer Message
Mais podcasts de Negócios
Podcasts em tendência em Negócios
Sobre Cybersecurity Today
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
Site de podcastOuça Cybersecurity Today, Como Você Fez Isso? e muitos outros podcasts de todo o mundo com o aplicativo o radio.net

Obtenha o aplicativo gratuito radio.net
- Guardar rádios e podcasts favoritos
- Transmissão via Wi-Fi ou Bluetooth
- Carplay & Android Audo compatìvel
- E ainda mais funções
Obtenha o aplicativo gratuito radio.net
- Guardar rádios e podcasts favoritos
- Transmissão via Wi-Fi ou Bluetooth
- Carplay & Android Audo compatìvel
- E ainda mais funções


Cybersecurity Today
Leia o código,
baixe o aplicativo,
ouça.
baixe o aplicativo,
ouça.
Cybersecurity Today: Podcast do grupo
































