Nov 19, 2025 | Speaking
Did a keynote presentation at the Sydney AI Security Summit where I spoke about Lessons from the software supply chain and what they teach us about securing AI. Just as we don’t assume that open source components are always safe, we shouldn’t also assume...
Nov 19, 2025 | Podcast
https://techcommunity.microsoft.com/blog/azureinfrastructureblog/defending-the-cloud-azure-neutralized-a-record-breaking-15-tbps-ddos-attack/4470422 Microsoft’s Azure cloud platform has been the target of a record-breaking distributed denial-of-service (DDoS)...
Nov 18, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/w3-total-cache-wordpress-plugin-vulnerable-to-php-command-injection A critical security flaw has been identified in the popular W3 Total Cache (W3TC) WordPress plugin, which could allow unauthenticated attackers to...
Nov 17, 2025 | Podcast
https://github.com/sbaresearch/whatsapp-census/blob/main/Hey_there_You_are_using_WhatsApp.pdf A recently disclosed vulnerability in the popular messaging app WhatsApp has raised significant security concerns, as it allows attackers to potentially access the phone...
Nov 14, 2025 | Podcast
https://aivss.owasp.org The Open Web Application Security Project (OWASP) has introduced the AI Vulnerability Scoring System (AIVSS), a framework designed to assess the security risks associated with artificial intelligence-powered technologies. The AIVSS aims to...
Nov 13, 2025 | Podcast
https://socket.dev/blog/9-malicious-nuget-packages-deliver-time-delayed-destructive-payloads Security researchers have uncovered a concerning series of malicious NuGet packages that contain harmful code designed to disrupt and sabotage various applications and...
Nov 12, 2025 | Podcast
https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2025/wochenrueckblick_44.html The Swiss National Cyber Security Centre (NCSC) is alerting iPhone users to a concerning phishing scam that aims to steal their Apple ID credentials by falsely claiming to have found...
Nov 11, 2025 | Podcast
https://www.wiz.io/vulnerability-database/cve/cve-2025-31133 Researchers have disclosed three critical vulnerabilities in the runC container runtime, a core component of Docker and Kubernetes, that could allow attackers to break out of the container environment and...
Nov 10, 2025 | Podcast
Firefox expands fingerprint protections: advancing towards a more private web In a major privacy upgrade, Mozilla has introduced new anti-fingerprinting measures in the latest version of its Firefox web browser, Firefox 145. These enhanced protections aim to...
Nov 7, 2025 | Podcast
https://abcnews.go.com/International/password-louvres-video-surveillance-system-louvre-employee/story?id=127236297 In a stunning revelation, a Louvre museum employee has disclosed that the password to the world-famous institution’s video surveillance system was...
