Talkin' Bout [Infosec] News

By Black Hills Information Security

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.

Join us live on YouTube, Monday's at 4:30PM ET... more

4.8

9292 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Talkin' Bout [Infosec] News:

How many episodes does Talkin' Bout [Infosec] News have?

The podcast currently has 338 episodes available.

Talkin' Bout [Infosec] News episodes:

March 17, 2026Iranian Hackers Claim Responsibility for Stryker Attack - 2026-03-16
This episode covers multiple cybersecurity news stories, including Iranian hackers claiming responsibility for a cyberattack on Stryker, ongoing challenges in attributing nation-state cyber operations, and broader trends in global cyber conflict. The hosts also discuss the reliability of public breach claims, emerging threats targeting critical industries, and how organizations are responding to an increasingly complex threat landscape.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

Chapters
(00:00) - PreShow Banter™ — Organizing Family Beets
(04:02) - Iranian Hackers Claim Responsibility for Stryker Attack - 2026-06-16
(08:56) - Story # 1: Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
(23:38) - Story # 2: How We Hacked McKinsey's AI Platform
(32:30) - Story # 3: Amazon holds engineering meeting following AI-related outages
(39:11) - Story # 4: Meta gets into social networks for AI agents with acquisition of viral Moltbook platform
(45:24) - Story # 5: Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
(50:45) - Story # 6: Michelin Confirms Data Breach Linked to Oracle EBS Attack
(51:08) - Story # 7: New Dohdoor malware campaign targets education and health care
(58:10) - Story # 8: Man's dog was riddled with tumors and dying. He used ChatGPT to design a custom cancer vaccine, stunning researchers

Links
Story # 1: Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
Story # 2: How We Hacked McKinsey’s AI Platform
Story # 3: Amazon holds engineering meeting following AI-related outages
Story # 4: Meta gets into social networks for AI agents with acquisition of viral Moltbook platform
Story # 5: Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
Story # 6: Michelin Confirms Data Breach Linked to Oracle EBS Attack
Story # 7: New Dohdoor malware campaign targets education and health care
Story # 8: Man’s dog was riddled with tumors and dying. He used ChatGPT to design a custom cancer vaccine, stunning researchers
Creators & Guests
Dan Rearden (Haircutfish) - Guest

Bronwen Aker - Host

Ralph May - Host

John Strand - Host

Troy Wojewoda - Guest

Corey Ham - Host

Hayden Covington - Host

Wade Wells - Host

Meagan Bentley - Producer

Click here to watch this episode on YouTube.
Click here to view the episode transcript.

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 2min
March 10, 2026A Nightmare of Vibeware - 2026-03-09
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

Chapters
(00:00) - PreShow Banter™ — That's Not How It Works
(03:40) - A Nightmare of Vibeware – 2026-03-09
(04:54) - Story # 1: APT36: A Nightmare of Vibeware
(13:56) - Story # 2: Oracle Layoffs: Tech giant to slash 30,000 jobs as banks pull out from financing AI data centres
(16:28) - Story # 3: Iran-linked hacktivist groups target US infrastructure after Feb 28 strikes, cyber activity surges: Report
(24:28) - Story # 4: Introducing the First Frontier Suite built on Intelligence + Trust
(28:59) - Story # 5: Motorola partners with GrapheneOS for future phones
(29:13) - Story # 5b: GrapheneOS: Microsoft Authenticator does not support secure Android OS
(29:53) - Story # 6: Western allies form 6G security coalition amid tech rivalry with China
(34:01) - Story # 7: ShinyHunters claims ongoing Salesforce Aura data theft attacks
(35:47) - Story # 8: Doppelgänger / RRN Disinformation Infrastructure Ecosystem 2026
(44:33) - Story # 9: LexisNexis confirms data breach as hackers leak stolen files
(49:10) - Story # 10: Google urges Supreme Court to strike down geofence warrants as unconstitutional
(55:59) - ANTI-CAST : How to Detect Malicious Remote Workers w/ James McQuiggan
(56:47) - SOC Summit 2026

Links
Story # 1: APT36: A Nightmare of Vibeware
Story # 2: Oracle Layoffs: Tech giant to slash 30,000 jobs as banks pull out from financing AI data centres
Story # 3: Iran-linked hacktivist groups target US infrastructure after Feb 28 strikes, cyber activity surges: Report
Story # 4: Introducing the First Frontier Suite built on Intelligence + Trust
Story # 5: Motorola partners with GrapheneOS for future phones
Story # 5b: GrapheneOS: Microsoft Authenticator does not support secure Android OS
Story # 6: Western allies form 6G security coalition amid tech rivalry with China
Story # 7: ShinyHunters claims ongoing Salesforce Aura data theft attacks
Story # 8: Doppelgänger / RRN Disinformation Infrastructure Ecosystem 2026
Story # 9: LexisNexis confirms data breach as hackers leak stolen files
Story # 10: Google urges Supreme Court to strike down geofence warrants as unconstitutional
ANTI-CAST : How to Detect Malicious Remote Workers w/ James McQuiggan
Troy & Wade’s Upcoming Things:
– Antisyphon Training SOC Summit 2026
– Breach Assessment - The Curious Case of the Comburglar w/ Troy Wojewoda
– Network Forensics and Incident Response with Troy Wojewoda

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 1min
March 06, 2026Pentagon Declares Anthropic a Supply Chain Risk — 2026-03-02
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

Chapters
(00:00) - PreShow Banter™ — Kerberoasting Too Hard
(05:05) - Pentagon Declares Anthropic a Supply Chain Risk — Talkin’ Bout [infosec] News 2026-03-02
(08:40) - Story # 1: Pentagon Designates Anthropic Supply Chain Risk
(17:27) - Story # 2: European Parliament blocks AI on lawmakers’ devices, citing security risks
(21:23) - Story # 3: Mexican Government Breach and the Rise of Agentic Cyber Threats
(22:58) - Story # 4: 2026 CrowdStrike Global Threat Report: AI Accelerates Adversaries and Reshapes the Attack Surface
(33:04) - Story # 5: Leak confirms GrapheneOS & Motorola partnership for non-Pixel hardware
(38:24) - Story # 5b: Motorola announces a partnership with GrapheneOS Foundation, marking a new chapter in smartphone security and expanding its enterprise portfolio
(39:21) - Story # 6: Immediate Action Required: CISA Issues Emergency Directive to Secure Cisco SD-WAN Systems
(43:12) - Story # 7: Cops back Dutch telco Odido after second wave of ShinyHunters leaks
(45:40) - Story # 8: Discord puts global age verification policy on hold after backlash
(46:30) - Story # 9: A new California law says all operating systems, including Linux, need to have some form of age verification at account setup
(51:51) - Story # 10: User accidentally gains control of over 6,700 robot vacuums
(53:35) - Story # 11: App Warns You if Someone Is Wearing Smart Glasses Nearby
(57:32) - Weekly CTF Winners
(58:28) - Story # 12: Microsoft is blocking 'Microslop' comments in Copilot's official Discord server
(59:01) - Story # 13: New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises

Links
Story # 1: Pentagon Designates Anthropic Supply Chain Risk
Story # 2: European Parliament blocks AI on lawmakers’ devices, citing security risks
Story # 3: Mexican Government Breach and the Rise of Agentic Cyber Threats
Story # 4: 2026 CrowdStrike Global Threat Report: AI Accelerates Adversaries and Reshapes the Attack Surface
Story # 5: Leak confirms GrapheneOS & Motorola partnership for non-Pixel hardware
Story # 5b: Motorola announces a partnership with GrapheneOS Foundation, marking a new chapter in smartphone security and expanding its enterprise portfolio
Story # 6: Immediate Action Required: CISA Issues Emergency Directive to Secure Cisco SD-WAN Systems
Story # 7: Cops back Dutch telco Odido after second wave of ShinyHunters leaks
Story # 8: Discord puts global age verification policy on hold after backlash
Story # 9: A new California law says all operating systems, including Linux, need to have some form of age verification at account setup
Story # 10: User accidentally gains control of over 6,700 robot vacuums
Story # 11: App Warns You if Someone Is Wearing Smart Glasses Nearby
Story # 12: Microsoft is blocking ‘Microslop’ comments in Copilot’s official Discord server
Story # 13: New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 5min
February 25, 2026The Coming SAAS Apocalypse - 2026-02-23
In this episode:
Agentic AI tools that can autonomously perform tasks like researching and booking flights, raising concerns about automated purchases, fraud, guardrails, and over-trust in AI systems.
The idea of a coming “SaaS apocalypse,” where AI tools could replicate or replace many small- and mid-tier SaaS products by crawling and recreating their functionality—potentially disrupting payroll, accounting, and other service platforms.
Android’s shift away from its open-platform roots, including concerns about reduced openness, developer anonymity in app stores, and the broader implications for privacy-focused users and alternative operating systems.
Ongoing tensions in the tech ecosystem around platform control, openness, and general-purpose computing, particularly involving large vendors like Google, Apple, Oracle, and major cloud providers.
Broader security implications of AI adoption, including hallucinations, accountability, and how organizations are integrating AI to cut costs versus innovate.
The discussion centers strictly on these current tech news developments and their security, privacy, and market impact.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

Chapters
(00:00) - PreShow Banter™ — Take the interstate to Dubai
(04:53) - The Coming SAAS Apocalypse - 2026-02-23
(07:39) - Story # 1: Keep Android Open
(15:34) - Story # 2: Meta patents AI that takes over a dead person’s account to keep posting and chatting
(21:13) - Story # 3: The Coming SaaS Apocalypse...
(28:52) - Story # 4: Firm Data on AI
(29:43) - Story # 4b: Thousands of CEOs just admitted AI had no impact on employment or productivity—and it has economists resurrecting a paradox from 40 years ago
(36:15) - Story # 5: US Defense Secretary Hegseth summons Anthropic CEO for tough talks over military use of Claude, Axios reports
(40:41) - Story # 6: Conduent data breach could be largest in U.S. history
(43:13) - Story # 6: The Erosion of Agency and the New Burden on Leaders
(46:02) - Story # 7: DSA-2026-079: Security Update for RecoverPoint for Virtual Machines Hardcoded Credential Vulnerability
(48:30) - Story # 8: AI-augmented threat actor accesses FortiGate devices at scale
(51:42) - Story # 9: I hacked ChatGPT and Google's AI - and it only took 20 minutes
(01:03:07) - Antisyphon Training SOC Summit, March 25, 2026
(01:03:40) - Antisyphon Training: Attacking, Defending, and Leveraging AI-LLM Systems
(01:03:58) - Antisyphon Workshop: Hacking AI-LLM Applications
(01:04:27) - Antisyphon Anti-Cast: RED TEAMING AI: OWASP LLM TOP 10 WITH BRIAN AND DEREK
(01:04:53) - PODCAST : A.I. Security Ops

Links
Story # 1: Keep Android Open
Story # 2: Meta patents AI that takes over a dead person’s account to keep posting and chatting
Story # 3: The Coming SaaS Apocalypse…
Story # 4: Firm Data on AI
Story # 4b: Thousands of CEOs just admitted AI had no impact on employment or productivity—and it has economists resurrecting a paradox from 40 years ago
Story # 5: US Defense Secretary Hegseth summons Anthropic CEO for tough talks over military use of Claude, Axios reports
Story # 6: Conduent data breach could be largest in U.S. history
Story # 6: The Erosion of Agency and the New Burden on Leaders
Story # 7: DSA-2026-079: Security Update for RecoverPoint for Virtual Machines Hardcoded Credential Vulnerability
Story # 8: AI-augmented threat actor accesses FortiGate devices at scale
Story # 9: I hacked ChatGPT and Google’s AI - and it only took 20 minutes
Antisyphon Training SOC Summit, March 25, 2026
Antisyphon Training: Attacking, Defending, and Leveraging AI-LLM Systems
Antisyphon Workshop: Hacking AI-LLM Applications
Antisyphon Anti-Cast: RED TEAMING AI: OWASP LLM TOP 10 WITH BRIAN AND DEREK
PODCAST : A.I. Security Ops

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
Click here to watch this episode on YouTube.

Click here to view the episode transcript.
...more
1h 7min
February 22, 2026Palo Alto Fears China Retaliation – 2026-02-16
In this episode, the crew dives into reports that Palo Alto Networks allegedly avoided directly attributing a threat campaign to China over fears of retaliation—sparking a broader debate about corporate and government threat attribution, geopolitics, and whether attribution still matters in today’s cyber landscape.
They also explore the escalating AI arms race, including Meta’s aggressive (and expensive) talent poaching, the growing rivalry between OpenAI and Anthropic, and what it all means for the future of the industry.
Rounding out the episode, the team discusses the unintended consequences of the AI boom—like global hardware shortages stretching beyond GPUs to hard drives—and examines emerging prompt injection attack techniques, highlighting real-world examples and the growing security risks surrounding AI-powered tools.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

Chapters
(00:00) - PreShow Banter™ — Threat Actor Age Range
(05:37) - Palo Alto Fears China Retaliation – 2026-02-16
(11:28) - Story # 1: Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say
(16:01) - Story # 2: Rent a Human
(20:39) - Story # 3: OpenClaw creator Peter Steinberger joining OpenAI, Altman says
(24:31) - Story # 4: Western Digital runs out of HDD capacity: CEO says massive AI deals secured, price surges ahead
(28:30) - Story # 5: GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use
(30:32) - Story # 6: Data Exfil from Agents in Messaging Apps
(32:15) - Story # 7: AMOS infostealer targets macOS through a popular AI app
(39:25) - Story # 8: Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
(46:11) - Story # 9: Vietnam bans unskippable online video ads longer than 5 seconds from next month
(49:59) - Story # 10: SolarWinds Web Help Desk Exploitation - February 2026
(54:00) - Story # 11: Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
(58:13) - Story # 12: Snail mail letters target Trezor and Ledger users in crypto-theft attacks
(01:00:59) - Eric's Workshop
(01:01:31) - Jennifer's Workshop
(01:04:36) - SOC Summit 2026

Links
Story # 1: Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say
Story # 2: Rent a Human
Story # 3: OpenClaw creator Peter Steinberger joining OpenAI, Altman says
Story # 4: Western Digital runs out of HDD capacity: CEO says massive AI deals secured, price surges ahead
Story # 5: GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use
Story # 6: Data Exfil from Agents in Messaging Apps
Story # 7: AMOS infostealer targets macOS through a popular AI app
Story # 8: Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
Story # 9: Vietnam bans unskippable online video ads longer than 5 seconds from next month
Story # 10: SolarWinds Web Help Desk Exploitation - February 2026
Story # 11: Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
Story # 12: Snail mail letters target Trezor and Ledger users in crypto-theft attacks
01:01:00 - Eric’s Workshop
01:01:31 - Jennifer’s Workshop
01:04:37 - SOC Summit 2026

Creators & Guests
Corey Ham - Host

Wade Wells - Host

Bronwen Aker - Host

Ralph May - Host

Ched "cheddar" Wiggins - Guest

Jennifer Shannon - Guest

Eric Kuehn - Guest
Click here to watch a video of this episode.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
Click here to view the episode transcript.
...more
1h 8min
February 18, 2026Live From WWHF Mile High 2026 – 2026-02-11
Live from Wild West Hackin’ Fest Denver 2026, the Black Hills Information Security crew brings their signature mix of sharp security insight and off-the-cuff banter to a packed in-person audience.
This episode centers on a controversial Notepad update that introduced Markdown rendering—along with a potential remote code execution (RCE) issue. The hosts unpack what this says about modern software bloat, “vibe coding,” and the growing push to embed AI into everything—whether it belongs there or not. They also explore the implications of Discord's Age verification requirements, AI-generated code, including OpenAI’s latest Codex model, and debate whether we’re headed toward a wave of AI-assisted vulnerabilities.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

Chapters
(00:00) - PreShow Banter™ — Corey Olympics
(02:23) - Story # 1: Critical Notepad vulnerability reignites criticism of Microsoft’s forced AI features
(07:42) - Story # 2: Discord will require a face scan or ID for full access next month
(10:17) - Story # 3: 2026-01-14: The Day the telnet Died
(15:04) - Story # 5: BeyondTrust Remote Access Products 0-Day Vulnerability Allows Remote Code Execution
(16:32) - Story # GRITREP: 0APT and the Victims Who Weren’t
(20:54) - The advanced advancement of AI models

Click here to watch a video of this episode.
Creators & Guests
John Strand - Host

Corey Ham - Host

Derek Banks - Guest

Andrew Krug - Guest

Chadd Watson - Guest

Hayden Covington - Host

Click here to view the episode transcript.

Links
Story # 1: Critical Notepad vulnerability reignites criticism of Microsoft’s forced AI features
Story # 2: Discord will require a face scan or ID for full access next month
Story # 3: 2026-01-14: The Day the telnet Died
Story # 5: BeyondTrust Remote Access Products 0-Day Vulnerability Allows Remote Code Execution
Story # GRITREP: 0APT and the Victims Who Weren’t
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
34min
February 05, 2026US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
This episode breaks down recent reports of sensitive information being shared with AI tools and what that means for security and operations. The discussion covers OPSEC failures, common misuse of ChatGPT in professional environments, how data actually flows through AI systems, and what organizations should (and shouldn’t) worry about. The hosts focus on practical risk, realistic threat models, and actionable lessons for security teams navigating AI adoption.
Chapters
(00:00) - PreShow Banter™ — Robot Drivers
(06:29) - US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02
(09:54) - Story # 1: US cyber defense chief accidentally uploaded secret government info to ChatGPT
(19:03) - Story # 2: Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
(23:01) - Story # 3: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
(26:30) - Story # 4: Millions of Gmail, Facebook and other account credentials exposed
(30:55) - Story # 5: Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site
(36:13) - Story # 6: County pays $600,000 to pentesters it arrested for assessing courthouse security
(39:12) - Story # 7: Costco reportedly removes RAM from its display PCs to prevent tech-savvy shoplifters, customers claim — GPUs also absent across stores as PC parts become a hot commodity
(41:13) - Story # 8: Claude Sonnet 5 Is Imminent — And It Could Be a Generation Ahead of Google
(45:09) - Story # 9: Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
(48:49) - Story # 10: Match, Hinge, OkCupid, and Panera Bread breached by ransomware group
(52:05) - Story # 11: Hunterbrook says Ubiquiti powering Russian battlefield communications in Ukraine
(54:28) - Story # 12: Attack on Renewable Energy Plants
(56:26) - Story # 13: Disrupting the World's Largest Residential Proxy Network | Google Cloud Blog

Links
Story # 1: US cyber defense chief accidentally uploaded secret government info to ChatGPT
Story # 2: Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
Story # 3: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
Story # 4: Millions of Gmail, Facebook and other account credentials exposed
Story # 5: Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site
Story # 6: County pays $600,000 to pentesters it arrested for assessing courthouse security
Story # 7: Costco reportedly removes RAM from its display PCs to prevent tech-savvy shoplifters, customers claim — GPUs also absent across stores as PC parts become a hot commodity
Story # 8: Claude Sonnet 5 Is Imminent — And It Could Be a Generation Ahead of Google
Story # 9: Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
Story # 10: Match, Hinge, OkCupid, and Panera Bread breached by ransomware group
Story # 11: Hunterbrook says Ubiquiti powering Russian battlefield communications in Ukraine
Story # 12: Attack on Renewable Energy Plants
Story # 13: Disrupting the World’s Largest Residential Proxy Network | Google Cloud Blog

Wade & Hayden on Simply Cyber -
https://www.youtube.com/live/c_lUP5gR15I
Hayden’s Class -
https://www.antisyphontraining.com/product/foundations-of-security-operations-with-hayden-covington/
Mishaal’s Class -
https://www.antisyphontraining.com/product/next-level-osint-with-mishaal-khan/

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 5min
January 28, 2026TikTok's invasive Privacy Policy - 2026-01-26
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

In this episode, the hosts break down TikTok’s latest privacy policy and why it’s raising serious red flags. They discuss how the app expands data collection and tracking, what that means for user privacy, and the broader security implications—especially concerns around data access and China. Along the way, the conversation connects these changes to ongoing TikTok ban discussions, real-world risk for individuals and organizations, and what users should consider if they continue using the platform. The episode mixes technical insight with practical takeaways, making the privacy risks easy to understand without losing nuance.
Chapters:
(00:00) - PreShow Banter™ — Electroshock Therapy
(02:28) - 2026-01-26
(07:33) - Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched
(14:27) - Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root
(17:37) - Story # 3: Clara Hawking’s Post on TikTok's Pivacy Policy
(24:05) - Story # 4: Supreme Court to hear Facebook pixel tracking case
(31:02) - Story # 5: Google accused of grooming kids after child receives this email
(34:38) - Story # 6: House of Lords backs legislation to ban social media for children under 16
(35:47) - Story # 6b: Australia has banned social media for kids under 16. How does it work?
(42:20) - Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)
(48:29) - Story # 8: 1Password adds pop-up warnings for suspected phishing sites
(52:09) - ClawdBot / Moltbot

Links:
Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched
Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root
Story # 3: Clara Hawking’s Post on TikTok’s Pivacy Policy
Story # 4: Supreme Court to hear Facebook pixel tracking case
Story # 5: Google accused of grooming kids after child receives this email
Story # 6: House of Lords backs legislation to ban social media for children under 16
Story # 6b: Australia has banned social media for kids under 16. How does it work?
Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)
Story # 8: 1Password adds pop-up warnings for suspected phishing sites
ClawdBot / Moltbot
Troy’s Workshop
ANTI-CAST: Effective AI for Practical SecOps Workflows w/ Hayden Covington
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 4min
January 20, 2026Chinese firms drop US and Israeli cybersecurity software - 2026-01-19
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com

This episode is a rapid-fire cybersecurity news roundup covering multiple headlines and what they mean for defenders. The crew debates reports that Chinese firms are dropping U.S. and Israeli security vendors, then pivots into breach fallout, malware activity, and real-world attacker behavior. Along the way, they unpack how geopolitics affects procurement, why supply-chain dependencies make “bans” messy, and what happens when organizations swap tools fast.
Expect candid takes on ransomware trends, enterprise security operations, and where hype collides with implementation. The hosts also riff on incident response realities, risk management, and what security teams should watch for next—plus plenty of side commentary and humor in between.
Chapters
(00:00) - PreShow Banter™ — Podcast Banter
(04:13) - Chinese firms to stop using US and Israeli cybersecurity software - 2026-01-19
(08:56) - Story # 1: Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say
(13:42) - Story # 2: Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system
(16:25) - Story # 3: Hacker gets seven years for breaching Rotterdam and Antwerp ports
(18:20) - Story # 4: 33-year-old Dutchman arrested for enableing criminals to test malware for antivirus programs.
(20:02) - Story # 5: Army to ‘kill NIPR’ at multiple locations in commercial internet experiment
(27:41) - Story # 6: Hungary grants asylum to former Polish minister implicated in spyware probe
(29:12) - Story # 7: California orders Elon Musk’s AI company to immediately stop sharing sexual deepfakes
(41:47) - Story # 8: ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations
(49:30) - Story # 8b: BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
(55:29) - CTF Winners
(59:19) - ChickenSec: KFC app 'more secure' than Manage My Health, expert claims

Links
Story # 1: Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say
Story # 2: Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system
Story # 3: Hacker gets seven years for breaching Rotterdam and Antwerp ports
Story # 4: 33-year-old Dutchman arrested for enableing criminals to test malware for antivirus programs.
Story # 5: Army to ‘kill NIPR’ at multiple locations in commercial internet experiment
Story # 6: Hungary grants asylum to former Polish minister implicated in spyware probe
Story # 7: California orders Elon Musk’s AI company to immediately stop sharing sexual deepfakes
Story # 8: ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations
Story # 8b: BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
ChickenSec: KFC app ‘more secure’ than Manage My Health, expert claims
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com
...more
1h 4min
January 14, 2026BreachForums Doomsday - 2026-01-12
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com

In this episode, we break down the “Doomsday” incident: a major breach forum gets breached, reminding everyone that even cybercriminal communities suffer constant OPSEC failures. We cover what leaked, why these underground markets keep imploding, and how infighting, reused infrastructure, weak authentication, and sloppy identity hygiene turn “elite hackers” into easy targets. Then we connect the dots to law enforcement’s latest crypto actions—how DOJ seizures and mixer investigations work, why blockchain tracing matters, and what criminals try (and fail) to do to hide money flows. Finally, we translate the news into practical defense: validate breach intel, monitor for credential stuffing, enable MFA, use unique passwords, and tighten access logs. Whether you’re a defender, creator, or online, this is the real-world cybercrime story behind the headlines.

Chapters
(00:00) - PreShow Banter™ — Task Overflow
(02:29) - BreachForums Doomsday - 2026-01-12
(05:09) - Story # 1; Did DOJ Prosecutors Violate Trump’s Executive Order by Selling the Forfeited Samourai Wallet Bitcoin?
(15:42) - Story # 2: Cloudflare defies Italy’s Piracy Shield, won’t block websites on 1.1.1.1 DNS
(23:04) - Story # 3: California bans data broker reselling health data of millions
(28:13) - Story # 4: Apple picks Google’s Gemini to run AI-powered Siri coming this year
(36:00) - Story # 5: Ragebait as a phishing tactic
(38:00) - Story # 6: Doomsday For Cybercriminals — Data Breach Of Major Dark Web Forum
(40:31) - Story # 7: The Great VM Escape: ESXi Exploitation in the Wild
(45:39) - Story # 8: OpenAI says ChatGPT won't use your health information to train its models
(46:23) - Story # 8b: Anthropic brings Claude to healthcare with HIPAA-ready Enterprise tools
(50:15) - Story # 9: Max severity Ni8mare flaw lets hackers hijack n8n servers
(53:05) - Story # 10: Instagram Denies Data Breach, Fixes Unsolicited Password Reset Requests
(56:49) - Reporter remembers saving animals a year after L.A. wildfires
(57:52) - CTF Winners

Links
Story # 1; Did DOJ Prosecutors Violate Trump’s Executive Order by Selling the Forfeited Samourai Wallet Bitcoin?
Story # 2: Cloudflare defies Italy’s Piracy Shield, won’t block websites on 1.1.1.1 DNS
Story # 3: California bans data broker reselling health data of millions
Story # 4: Apple picks Google’s Gemini to run AI-powered Siri coming this year
Story # 5: Ragebait as a phishing tactic
Story # 6: Doomsday For Cybercriminals — Data Breach Of Major Dark Web Forum
Story # 7: The Great VM Escape: ESXi Exploitation in the Wild
Story # 8: OpenAI says ChatGPT won’t use your health information to train its models
Story # 8b: Anthropic brings Claude to healthcare with HIPAA-ready Enterprise tools
Story # 9: Max severity Ni8mare flaw lets hackers hijack n8n servers
Story # 10: Instagram Denies Data Breach, Fixes Unsolicited Password Reset Requests
Reporter remembers saving animals a year after L.A. wildfires

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest - Join us for our Hybrid Conference and Pre-Conference Training
https://wildwesthackinfest.com
...more
1h 2min

FAQs about Talkin' Bout [Infosec] News:

How many episodes does Talkin' Bout [Infosec] News have?

The podcast currently has 338 episodes available.

More shows like Talkin' Bout [Infosec] News

Hacked by Hacked

Hacked

186 Listeners

This Week in Tech (Audio) by TWiT

This Week in Tech (Audio)

3,059 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,012 Listeners

Risky Business by Risky Business Media

Risky Business

372 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

583 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

653 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,026 Listeners

Smashing Security by Graham Cluley

Smashing Security

318 Listeners

Click Here by Recorded Future News

Click Here

419 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,079 Listeners

The Jordan Harbinger Show by Jordan Harbinger

The Jordan Harbinger Show

11,995 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

176 Listeners

Hacking Humans by N2K Networks

Hacking Humans

316 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

138 Listeners

The 404 Media Podcast by 404 Media

The 404 Media Podcast

397 Listeners