This week on Defender Fridays, Tom Cross, Head of Threat Research at GetReal Security, joins us to talk hiring fraud and deepfakes on our first Defender Fridays session of 2026!

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.

• Eliminate vendor sprawl and tool complexity
• Deploy and scale effortlessly on native multi-tenant architecture
• Reduce costs with intelligent data routing and free 1-year retention
• Build custom solutions with 100+ security capabilities on-demand
• Improve response times with automation and real-time capabilities

Try the SecOps Cloud Platform free: https://limacharlie.io

Host: Maxime Lamothe-Brassard - Founder at LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• A newly disclosed vulnerability in the workflow automation platform n8n, tracked as CVE-2026-21858 and rated CVSS 10.0, allows unauthenticated remote attackers to fully compromise exposed instances.
• Two malicious Chrome extensions impersonating a legitimate product from AITOPIA were found exfiltrating sensitive user data, including full AI chat histories, according to a report from OX Security.
• The recent U.S. military operation in Venezuela that led to the capture of President Nicolás Maduro may have included cyber operations, but official confirmation of cyber’s role remains ambiguous.
• Two U.S. citizens with professional backgrounds in cybersecurity have pleaded guilty to acting as affiliates of the ALPHV/BlackCat ransomware group, a prominent ransomware-as-a-service (RaaS) operation.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we're starting the new season off with the hottest topic of 2025: AI.

Sitting down with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, we discuss the ways AI has rapidly changed how companies are building security tools.

Join an in-depth discussion January 20, 2026 and witness LimaCharlie's fundamentally different approach to AI-powered security operations. Your security operations will never be the same: https://www.linkedin.com/events/7401665070889545728/

Maxime Lamothe-Brassard began his cybersecurity career at the Canadian Department of National Defense before providing direct assistance to organizations facing cyber defense challenges. His career includes key roles at CrowdStrike and Google, as well as being part of Chronicle Security’s founding team, ultimately leading him to establish LimaCharlie to revolutionize security operations infrastructure.

Support our show and share your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast, we revisit the 2025 predictions shared by our guests throughout the year.

From attackers and defenders to AI and the broader security industry, these forecasts capture what experts expected was coming next. Rather than judging accuracy - which is still too early to assess -we're examining the predictions themselves: where they aligned, how they clustered, and what those patterns reveal about the industry’s mindset as this year came to a close. Free from hindsight bias, this episode explores what remained uncertain as we entered 2026.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

This week on Defender Fridays, Bryan Brake, Senior Product Manager and Bug Bounty Team Lead at Amazon, joins us to discuss vulnerability remediation, bounty processes, and incident response workflows.

Bryan will share practical insights on managing disclosures and coordinating responses across security teams.

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.

• Eliminate vendor sprawl and tool complexity
• Deploy and scale effortlessly on native multi-tenant architecture
• Reduce costs with intelligent data routing and free 1-year retention
• Build custom solutions with 100+ security capabilities on-demand
• Improve response times with automation and real-time capabilities

Try the SecOps Cloud Platform free: https://limacharlie.io

Host: Maxime Lamothe-Brassard - Founder at LimaCharlie

On this episode of The Cybersecurity Defenders Podcast we speak with Rebekah Skeete, Executive Director and CEO of BlackGirlsHack Foundation. Rebekah dives into how BGH is helping to increase diversity in cybersecurity by bridging the gap between what is taught in educational institutions and what is necessary for careers in cybersecurity.

For more information visit: https://www.blackgirlshack.org/Home

Rebekah Skeete is a Security Engineer with Schellman based in Dallas, Texas. As a member of the Infrastructure and Security team, Rebekah is part of a collaborative group of technology professionals serving as the primary technical resource to safeguard the organization's computer networks and systems. In her role, she is responsible for planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.

Prior to joining Schellman in 2022, Rebekah worked for the Texas Rangers in a myriad of roles, including Cybersecurity Analyst and Manager of IT Applications and Operations. During the construction of the Rangers new state-of-the-art ballpark, Globe Life Field, Rebekah assisted the Rangers IT department’s efforts to transition over 200 front office employees to their new workspaces.

Outside baseball and IT, Rebekah is also interested in politics and started volunteering for campaigns in 2008. From 2013-2016, she served as a Campaign Manager in the Dallas-Fort Worth area. In 2015, she attended the Women’s Campaign School at Yale.

Rebekah is the COO of BlackGirlsHack, a nonprofit organization providing black women with resources, training, mentoring, and access to increase representation and diversity in the cybersecurity field. Committed to inclusion and belonging, she holds the firm belief that representation enhances the culture and community of an organization and seeks to amplify underserved voices at any table she has a seat.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

For for more information about Cybersecurity Cares, visit cybersecurity-cares.com

• React2Shell is the latest high-profile vulnerability in the web application landscape, scoring a critical CVSS 10.0 and drawing immediate comparisons to Log4Shell.
• Researchers at Noma Labs disclosed a critical vulnerability in Google's Gemini Enterprise AI assistant, dubbed GeminiJack, that allowed attackers to stealthily exfiltrate sensitive enterprise data.
• U.S. prosecutors have charged Victoria Eduardovna Dubranova, a 33‑year‑old Ukrainian woman, in two separate indictments for her alleged involvement with pro‑Russia hacktivist groups CyberArmyofRussia_Reborn and NoName057(16).
• A China-aligned threat actor identified as Warp Panda has been linked to recent compromises of VMware vCenter environments at U.S.-based organizations, according to a new report from CrowdStrike. Original CrowdStrike article. CISA BRICKSTORM Backdoor breakdown. Analysis report.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should focus on real-world threats rather than theoretical sophisticated attacks.

Key Topics:

• The gap between AI malware hype and practical reality
• Why threat actors prefer simple, effective methods over sophisticated techniques
• The prevalence of legitimate RMM tools in modern attacks
• Building practical detection strategies for actual threats
• Lessons from physical security that apply to cybersecurity defense

Randy Pargman is Senior Director of Threat Detection at Proofpoint, where he leads detection engineering, sandbox development, and threat actor tracking initiatives.

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.

• Eliminate vendor sprawl and tool complexity
• Deploy and scale effortlessly on native multi-tenant architecture
• Reduce costs with intelligent data routing and free 1-year retention
• Build custom solutions with 100+ security capabilities on-demand
• Improve response times with automation and real-time capabilities

Try the SecOps Cloud Platform free: https://limacharlie.io

Host: Maxime Lamothe-Brassard - Founder at LimaCharlie

On this episode of The Cybersecurity Defenders Podcast we speak with Alec Fenton, VP of Security Operations at Foresite Cybersecurity about his journey from SOC analyst to security leader.

Alec Fenton is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.

Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."

Alec's commitment to excellence and his unwavering dedication to staying ahead of the curve in the ever-evolving field of cybersecurity have earned him recognition as a trusted advisor and thought leader in the industry. When he's not immersed in the world of IT security, Alec enjoys spending time outdoors, and help coach his son's baseball/basketball teams.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

For for more information about Cybersecurity Cares, visit cybersecurity-cares.com

• The Tomiris cyber-espionage group, which has been under Kaspersky's watch since 2021, has evolved its tactics in a new wave of attacks observed in early 2025. Article #2.
• CISA has recently added CVE-2021-26829 to its known exploited vulnerabilities, or KEV catalog, marking it as a confirmed threat based on real world exploitation.
• Researchers at KOI Security have identified a malicious NPM package, which not only performs typical credential stealing behavior, but also includes a new, subtle tactic attempting to manipulate AI-driven security scanners via embedded prompt engineering. Article #2.
• Iranian state sponsored threat group MuddyWater has launched a new wave of cyber espionage attacks targeting Israeli organizations across sectors including academia, civil infrastructure, engineering, technology and utilities.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.