Infosec.Watch
InfoSec.Watch
The InfoSec. Watch Podcast delivers the week’s most important cybersecurity news in a fast, clear, and actionable format. Each episode breaks down major incidents, vulnerabilities, threat-actor activity, and security trends affecting modern organizations — without the noise or hype. The show translates complex cyber topics into practical insights you can use immediately in your job, whether you work in security engineering, cloud security, threat detection, governance, or IT. If you want to stay ahead of emerging threats, sharpen your defensive mindset, and get a reliable summary of what actua...
Author
Infosec.Watch
Category
Podcast website
Latest episode
May 18, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
138 - Security Leverage Points 18.05.2026 10:50
Send us Fan Mail We track the security stories that give attackers the most leverage, from AI-assisted exploit development to SaaS platform compromise, manufacturing ransomware, and high-impact vulnerabilities. We end with a practical defensive check: a short control plane exposure register that shows exactly which systems could change trust, access, routing, revenue, or production at scale. • AI...
130 - When Trusted Tools Turn On You 26.03.2026 17:42
Send us Fan Mail We track how trust boundaries fail across the modern stack, from CI/CD supply chain compromise to phishing-driven account takeover and remote assistance abuse. We also break down actively exploited vulnerabilities and a practical tier 0 validation loop that treats patching like incident response, not routine maintenance. • supply chain compromise risk when trusted CI/CD tooling is...
129 - Quick Assist, Slow Panic 20.03.2026 8:56
Send us Fan Mail We track how attackers keep turning trusted channels into reliable intrusion paths, from extension marketplaces to chat platforms and developer dependencies. We also lay out what defenders should patch first and how to validate fixes so security work actually reduces risk. • Glasswarm escalation against Open VSX using a modular loader for stealthier propagation • Why defenders nee...
128 - AI Malware Floods And Patch Tsunamis 12.03.2026 8:52
Send us Fan Mail We track a clear theme across this week’s security headlines: everything is getting bigger, faster, and harder to manage, from AI-generated malware to massive patch waves. We focus on cutting blast radius with risk-based patching, resilience-first strategy, and automation that can keep up with machine-scale attacks. • AI-assisted malware as a volume play that strains signature-ba...
127 - From Cisco To EV Chargers: Active Exploits And Urgent Patches 06.03.2026 10:00
Send us Fan Mail A wave of edge and control‑plane threats drives urgent patching and smarter validation across Cisco SD‑WAN, EV charging, FileZen, and Serve‑U. We map real exploits, spotlight APT28 tradecraft, unpack Google risk shifts, and share a post‑patch playbook that assumes breach. • Cisco SD‑WAN 10.0 authentication bypass and active exploitation • CISA KEV update for FileZen and patch prio...
126: Click The CAPTCHA, Adopt Malware, Regret Everything 23.02.2026 13:42
Send us Fan Mail We track a wave of high-impact vulnerabilities and social engineering campaigns that target management planes and edge devices, then lay out a concrete four-step validation playbook. The theme is simple: initial access is cheap, but control plane compromise multiplies damage. • Windows Admin Center privilege escalation and urgent patching • IceWarp critical flaws enabling total ta...
InfoSec.Watch Podcast — Episode 125: Vendor choke points, BridgePay fallout, and the KEV patch race 16.02.2026 8:30
Send us Fan Mail This week on the InfoSec. Watch Podcast, we examine a growing risk that many organizations still underestimate: operational choke points . The episode opens with the BridgePay ransomware attack , which forced the payment gateway offline and disrupted credit card processing for multiple municipalities and utilities. The incident highlights a harsh reality—third-party processors are...
InfoSec.Watch Podcast — Episode 124: Edge Devices Under Fire 10.02.2026 8:53
Send us Fan Mail Edges are where attackers thrive—and where many teams see the least. We dive into how identity-adjacent features, single sign-on, and device management planes have become high-impact targets, and why routers, VPNs, and firewalls now sit at the center of modern intrusion campaigns. From unsupported hardware to multi-terabit DDoS events, we break down what matters most and the steps...
InfoSec.Watch Podcast — Episode 123: Fortinet SSO abuse, Ivanti MDM zero-days, and validating trust after patching 05.02.2026 16:56
Send us Fan Mail This week on the InfoSec. Watch Podcast, we break down a series of actively exploited vulnerabilities targeting some of the most trusted control planes in enterprise environments—firewalls, identity integrations, and mobile device management platforms. The episode opens with active exploitation of Fortinet’s FortiCloud SSO authentication bypass (CVE-2026-24858) , impacting FortiMa...
InfoSec.Watch Podcast — Episode 122: Cisco UC zero-days, Oracle patch overload, and the new Tier-Zero reality 26.01.2026 10:06
Send us Fan Mail This week on the InfoSec. Watch Podcast, we break down a wave of high-impact security events underscoring a hard truth for defenders: management planes and dependencies are now primary intrusion paths. The episode opens with active exploitation of a Cisco Unified Communications zero-day (CVE-2026-20045) , an unauthenticated web-management RCE capable of delivering full root-level...
InfoSec.Watch Podcast — Episode 121: Cisco email gateway RCEs, Windows zero-days, and control-plane failure 19.01.2026 8:59
Send us Fan Mail This week on the InfoSec. Watch Podcast, we break down a series of high-impact threats targeting the systems organizations rely on most—email gateways, Windows endpoints, and operational infrastructure that does not fail gracefully. The episode opens with an urgent look at Cisco AsyncOS (CVE-2025-20393) , an actively exploited, unauthenticated remote-code-execution flaw affecting...
InfoSec.Watch Podcast — Episode 120: Control planes are attack planes 13.01.2026 10:17
Send us Fan Mail Welcome back to the InfoSec. Watch Podcast , your weekly briefing on the security threats that matter. In Episode 120 , we break down a clear and recurring theme across this week’s incidents: control planes have become prime attack planes . We start with active exploitation of a critical flaw in HPE OneView , underscoring why management-plane software must be treated as Tier Zero...
InfoSec.Watch Podcast — Episode 119: WatchGuard VPN RCE, MongoDB MongoBleed, and WebRAT GitHub traps 05.01.2026 10:52
Send us Fan Mail In this week’s episode of the InfoSec. Watch Podcast , hosts Grant Lawson and Sloane Parker break down the security stories that defenders can’t afford to ignore. The episode opens with urgent patching guidance for an actively exploited WatchGuard IKEv2 VPN remote code execution flaw , followed by analysis of “MongoBleed” (CVE-2025-14847) —a memory disclosure vulnerability in Mong...
InfoSec.Watch Podcast — Episode 118: Perimeter zero-days, email gateway attacks, and weaponized GitHub PoCs 30.12.2025 8:03
Send us Fan Mail In this week’s InfoSec. Watch Podcast, we break down a series of critical security developments shaping the threat landscape. The episode opens with urgent guidance on two actively exploited, unauthenticated remote-code-execution vulnerabilities—one affecting WatchGuard Firebox appliances and the other impacting HPE OneView across multiple versions. The hosts outline the immediate...
InfoSec.Watch Podcast — Episode 117: Choke Points Under Fire: Email Gateways, WebKit Zero-Days, and DPRK's $2B Crypto Heist 22.12.2025 9:56
Send us Fan Mail In this week's InfoSec. Watch Podcast, we dive into the latest high-impact threats targeting enterprise security choke points. Key stories include: A sophisticated campaign against Cisco Secure Email appliances, with essential guidance on hardening management interfaces and proactive threat hunting. Chainalysis' alarming report on North Korea-linked actors stealing a rec...
InfoSec.Watch Podcast — Episode 116: React2Shell mass exploitation, Apple & Microsoft zero-days, and the BRICKSTORM hypervisor breach 18.12.2025 8:25
Send us Fan Mail This week’s episode dives into a packed slate of high-impact cybersecurity threats shaking the industry. We break down React2Shell (CVE-2025-55182) — a rapidly evolving remote code execution flaw driving mass scanning across the internet and prompting CISA to issue an urgent KEV directive. They also unpack Apple’s emergency WebKit zero-day patches and Microsoft’s latest actively e...
InfoSec.Watch Podcast — React2Shell Supply Chain Risk, Android Zero-Days, and BRICKSTORM Hardware Sabotage 09.12.2025 8:35
Send us Fan Mail In this week’s episode of InfoSec. Watch Weekly , Grant Lawson and Sloane Parker take listeners on a guided tour of the entire modern attack surface — from developer laptops to mobile devices to the physical circuit boards inside IoT hardware. Three major security stories illustrate how deeply interconnected and exposed the stack has become. We begin with React2Shell , a newly sur...
InfoSec.Watch Podcast — Episode 114: Identity zero-days, analytics leaks, and emergency-alert outages expose your weakest vendor links 01.12.2025 7:33
Send us Fan Mail In this week’s InfoSec. Watch episode, hosts Grant Lawson and Sloane Parker analyze the top cybersecurity stories: an actively exploited Oracle IdM zero-day added to CISA’s Known Exploited Vulnerabilities catalog, OpenAI cutting off Mixpanel after a data breach, and ransomware disrupting the CodeRED emergency alert system. Additional coverage includes FortiWeb WAF vulnerabilities,...
InfoSec.Watch Podcast — Episode 113: China-linked AI agents, logistics ransomware, and Germany’s NIS2 law are reshaping your 2025 risk map. 25.11.2025 8:49
Send us Fan Mail In this episode of the InfoSec. Watch Podcast , we unpack one of the most consequential weeks of cybersecurity developments in 2025. This episode covers a rare convergence of AI-augmented state-backed espionage , logistics and retail supply-chain ransomware , and Europe’s accelerating drive toward digital sovereignty —and this episode takes you step-by-step through every story, ev...
InfoSec.Watch Podcast — Episode 112: Windows Kernel 0-Day, FortiWeb RCE, Akira Targets Nutanix 18.11.2025 8:58
Send us Fan Mail Here’s what we cover in Episode 112: Actively Exploited Windows Kernel 0-Day: A privilege-escalation flaw in the Windows kernel is now being abused in real attacks. We cover what’s known, how attackers are chaining it, and the immediate mitigations security teams should prioritize. FortiWeb Critical Vulnerability Added to CISA’s KEV Catalog: A newly disclosed remote code execution...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.