Podcasts

This episode unpacks the jaw-dropping surge in vulnerabilities unearthed by AI, revealing how Microsoft shattered its own patch records while adversaries and defenders race to outpace each other. The conversation gets real about whether AI is fixing our broken software or just making attacks easier for everyone.

• Rootkits found in more than 400 ArchLinux User Repository packages.
• The US government requests Anthropic to remove Mythos and Fable.
• CISA responds to AI-driven attacks with new patching requirements.
• NPM to switch to more secure install defaults. Will it help.
• Our listeners react to last week's PHP commentary.
• June shows that AI has arrived for vulnerability discover

Show Notes - https://www.grc.com/sn/SN-1083-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• meter.com/securitynow
• canary.tools/twit - use code: TWIT
• joindeleteme.com/twit-biz
• zscaler.com/security
• adaptivesecurity.com

The US government abruptly forced Anthropic to pull its most advanced AI model offline after fears it was simply too powerful to be safe. Hear the real story behind the sudden shutdown that rocked the tech world—and what it reveals about the uneasy alliance between Washington and Silicon Valley.

• Anthropic's Fable 5 AI model release sparks cybersecurity and jailbreak concerns
• White House pressures Anthropic to withdraw Fable amid security fears
• Debate over government intervention, model regulation, and Anthropic's IPO timing
• SpaceX IPO rockets to record-breaking $1.77 trillion valuation
• Apple unveils revamped Siri and Apple Intelligence at WWDC
• Apple's new child safety and parental controls in iOS
• OpenAI and Anthropic plot IPOs, face economic realities of AI industry
• Supply chain attacks hit Arch Linux packages, security risks highlighted
• Spotify battles surge of fake podcasts promoting illegal drugs
• German court rules Google AI overviews legally liable for inaccuracies
• FCC pursues crackdown on anonymous burner phones, raising privacy alarms
• North Korean hackers' massive infiltration of US tech sector exposed
• iFixit teardown reveals Trump Phone is just a rebadged HTC U24 Pro
• Smartphone and internet access linked to declining US birth rates
• Skydance-Paramount merger approved as Warner Bros seeks next mega deal
• Roku seeks buyer, raising questions about future streaming platforms

Host: Leo Laporte

Guests: Christina Warren, Harry McCracken, and Richard Campbell

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• meter.com/twit
• threatlocker.com/twit
• bitwarden.com/twit
• NetSuite.com/TWIT
• cachefly.com/twit

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond.

• Was a U.S. law firm right to pay a $20 million ransom.
• Could Cisco have yet another SD-WAN 0-day in the wild.
• Why is it so difficult to author secure PHP code.
• Teens use "WeedHack" to spy and attack each other.
• Researchers create the first AI-enabled Internet worm.
• Google Chrome pops-up "Shop with confidence." What...
• The discovered and irresponsibly disclosed HTTP/2 Bomb.
• What Anthropic learns from their past year of Claude abuse: It's bad

Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• threatlocker.com for Security Now
• outsystems.com/twit
• guardsquare.com
• doppel.com
• cyberhoot.com/securitynow

An astronomical amount of money is being poured into AI and data centers as tech giants fight for dominance, but is this fueling the next big tech bubble or just the price of staying in the game? Get the panel's opinions on wild IPO valuations, global power grabs, Build 2026, NVIDIA GTC Taipei, and even successful YouTuber movies!

• SpaceX IPO to Be Largest Ever at $135 Share Price
• Utah residents sue officials over Kevin O'Leary data center plan
• When AI builds itself
• NVIDIA announces RTX Spark as 'the most efficient PC chip ever built'
• Major Homebuilder To Test Placing Mini Data Centers in Suburban Backyards
• Microsoft Build 2026: The 7 biggest announcements
• What to Expect at Apple's WWDC 2026: iOS 27, New Siri and AI
• Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones
• Trump Signs Executive Order Seeking Oversight of A.I. Models
• Trump: U.S. stake in AI giants "could be a beautiful thing"
• Cable lobby warns of chaos if FCC doesn't relax ban on foreign routers
• Google ordered to put clearer links in AI search and let UK publishers opt out
• AT&T and Verizon lose Supreme Court case over fines for selling location data
• YouTubers Win the Box Office, Goodbye Gatekeepers, The YouTube Bar
• YouTube overtakes Netflix in average daily viewing around the world

Host: Leo Laporte

Guests: Joey de Villa, Jeff Jarvis, and Fr. Robert Ballecer, SJ

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• expressvpn.com/twit
• ZipRecruiter.com/twit
• canary.tools/twit - use code: TWIT
• Melissa.com/twit
• helixsleep.com/twit

AI vulnerability discovery just upended the legendary Capture the Flag competitions, leaving top hackers sidelined while algorithms dominate the scoreboard. Hear why one seasoned researcher says the entire game is over for humans.

• As expected, UnFiOS devices are under attack.
• CISA commands federal agencies to update Drupal.
• Can the largest botnet ever, be killed.
• Defender endpoint can cutoff a PC from the network.
• Charter Communications big account leak.
• Chrome moves device-bound session cookies from beta.
• Anthropic to release Mythos shortly.
• cURL and Daniel Stenberg.
• IBM & RedHat commit to fixing open source with AI.
• LOTS of terrific listener feedback this week.
• AI spells the end of a terrific source of training

Show Notes - https://www.grc.com/sn/SN-1081-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• bitwarden.com/twit
• hoxhunt.com/securitynow
• zscaler.com/security
• material.security
• meter.com/securitynow

Explore everything from explosive technology for space to electric technology for the road. Leo, Molly, Gary, and Sam have deep discussions on Magnifica Humanitas takeaways, Wikipedia drama, Peter Thiel's mvoe to Argentina, and more!

• US Space Force confirms SpaceX will build sensor-to-shooter targeting network
• The most spectacular rocket explosion since N1 just happened in Florida
• What Pope Leo XIV's First Encyclical Says About the Power of AI
• Google's search overhaul has social media users baiting the 'AI Overview' to prove a point
• Apple to Overhaul iOS 27 Siri, AI Features: Here's a First Peek
• Someone wrote a fake EULA into Bitcoin. Two hours later, they revoked it.
• Wikipedia editor is threatening to go on strike
• Ferrari reveals its first EV, with design help from Jony Ive
• In Argentina, U.S. Tech Billionaire Peter Thiel Finds An Escape
• Robotaxis Are Spreading Across the U.S.—and So Is the Backlash

Host: Leo Laporte

Guests: Gary Rivlin, Sam Abuelsamid, and Molly White

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• mill.com/TWIT
• box.com/AI
• zscaler.com/security
• ZipRecruiter.com/twit
• doppel.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage.

• Cisco meets Mythos
• Can the aging CVE system survive AI
• Patch deployment latency in the AI age
• MSFT's official YellowKey BitLocker bypass mitigation
• Ubiquiti patches 5 serious vulnerabilities
• Drupal attacked by a PostgreSQL injection
• Microsoft terminates SMS as a second factor
• GitHub hacked - all of its source code exfiltrated
• Russia is using very old Western software
• Why to get a no-charge AI chatbot account
• New Sci-Fi on Netflix
• What we learn from Mozilla's use of Mythos

Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• guardsquare.com
• doppel.com
• cyberhoot.com/securitynow
• trustedtech.team/securitynow365
• XBOW.com

Google is rewriting the rules of search, CBS News Radio just died after 99 years, and billionaires now own the newsrooms. This episode dives into what happens when technology giants tighten their grip on how we get information.

• Google's new Universal Cart wants to follow your entire shopping journey across the internet
• Hands-On With All of Google's New Upcoming Android XR Smart Glasses
• New York City Mayor Zohran Mamdani is launching a Twitch show
• U.S. Invests $2 Billion and Takes Stake in Quantum Firms
• Elon Musk lost his case against Sam Altman
• GM Driver Data Privacy Lawsuit: California Fines GM $12.75 Million
• A Bipartisan Amendment Would End Police License Plate Tracking Nationwide
• 'Creepy' Listening Tool for Targeted Ads Didn't Actually Work, FTC Says

Host: Leo Laporte

Guests: Larry Magid, Marshall Kirkpatrick, and Jacob Ward

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• outsystems.com/twit
• superhuman.com
• meter.com/twit
• box.com/AI
• doppel.com
• mill.com/TWIT