The Defensive Line Podcast

The Defensive Line Weekly Podcast 021


Listen Later

The Defensive Line Weekly podcast is the audio version of our weekly Defensive Line Substack intelligence summary — the same curated briefing for blue teamers and security leaders, in a format you can listen to on the move.

This week: A self-spreading supply chain worm hits npm, PyPI and GitHub; AI turns up as both an attacker’s tool and an attack surface; and a five-month email espionage campaign against a stock-exchange executive.

Supply chain worm (Miasma / Shai-Hulud)

* Microsoft

* Socket

* The Hacker News

* Dark Reading — IronWorm (further reading)

AI on both sides — Meta AI support bot & EDR evasion

* KrebsOnSecurity

* Check Point

* Sophos

* Dark Reading

Five-month email espionage

* Symantec Threat Hunter Team

* Dark Reading

Honourable mentions

* Google Gemini voice assistant — Dark Reading

* Claude Code GitHub Action — Microsoft

* FFmpeg — 21 vulnerabilities — The Hacker News

* Palo Alto Networks PAN-OS — Unit 42

* Palo Alto Networks advisory

* SolarWinds Serv-U — The Hacker News



This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit thedefensiveline.substack.com
...more
View all episodesView all episodes
Download on the App Store

The Defensive Line PodcastBy The Defensive Line