bug bounty

Microsoft’s Zero-Day Disclosure Backlash: Did Legal Threats Go Too Far?

Microsoft Threatens Legal Action Over Exploit Disclosure

| | BitLocker, bug bounty, Cybersecurity, cybersecurity law, Digital Privacy, Episodes, full disclosure, GitHub, Microsoft security, MSRC, Podcast, Privacy, Proof-Of-Concept Exploit, responsible disclosure, Security Community, security researchers, surveillance, Vendor Accountability, Vulnerability Disclosure, Weekly Edition, zero-day vulnerabilities
Microsoft’s response to a researcher publicly disclosing proof-of-concept exploit code has reignited an old debate in security: where does responsible disclosure end and reckless disclosure begin? Tom and Scott discuss the Nightmare ...
Shared Security Podcast
Instructure “Reached an Agreement” With Hackers — What That Really Means

Cybersecurity Lessons from the Canvas Data Breach

| | bug bounty, Business Continuity, canvas, Cyber Crime, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Disaster Recovery, education-technology, Episodes, Incident Response, Instructure, Penetration Testing, Podcast, Privacy, ransom payment, Ransomware, ShinyHunters, surveillance, Weekly Edition
In this episode we discuss the recent cyber attack targeting Instructure’s widely used learning platform, Canvas, and the major late-breaking development that Instructure reached an “agreement” with the ShinyHunters cybercriminal group after ...
Shared Security Podcast
AI Vulnerability Chaining - Why Your Security Stack Cannot Detect What Comes Next

AI Vulnerability Chaining – Why Your Security Stack Cannot Detect What Comes Next

| | AI (Artificial Intelligence), bug bounty, claude-mythos, CVE, Cybersecurity, security, TechExplained, Vulnerabilities
Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate vulnerabilities in isolation. That assumption is now broken ...
Deepak Gupta | AI & Cybersecurity Innovation Leader | Founder's Journey from Code to Scale

AI Vulnerability Chaining – Why Your Security Stack Cannot Detect What Comes Next

| | AI (Artificial Intelligence), bug bounty, claude-mythos, CVE, Cybersecurity, security, TechExplained, Vulnerabilities
Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate vulnerabilities in isolation ...
Deepak Gupta's notebook
Anthropic’s Project Glasswing: Finds Zero‑Days (Claude Mythos) — Cybersecurity Wake‑Up Call?

Project Glasswing: When AI Becomes the Ultimate Hacker—and Defender

| | AI Hacking, Anthropic, Artificial Intelligence, bug bounty, claude-mythos, Compliance, cyber defense, Cybersecurity, Digital Privacy, Episodes, HIPAA, nation state threats, Offensive Security, Open Source Security, Penetration Testing, Podcast, Privacy, Project Glasswing, Secure Coding, software-vulnerabilities, surveillance, Vulnerability Disclosure, Weekly Edition, zero-day vulnerabilities
Anthropic has introduced Project Glasswing, a cybersecurity initiative powered by an unreleased AI model called Claude Mythos. This system can identify zero-day vulnerabilities, generate exploits, and even help fix them—often without human ...
Shared Security Podcast
OWASP Top 10 for 2025: What's New and Why It Matters #podcast

OWASP Top 10 for 2025: What’s New and Why It Matters

| | Application Security, bug bounty, Compliance, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, Industry Impact, Information Security, Infosec, Logging And Alerting, owasp, OWASP Top 10, pen testing, Podcast, Podcasts, Privacy, Release Candidate, secure design, security, Security Community, security standards, software-vulnerabilities, Supply chain failures, technology, Vulnerability Categories, Weekly Edition
In this episode, we discuss the newly released OWASP Top 10 for 2025. Join hosts Tom Eston, Scott Wright, and Kevin Johnson as they explore the changes, the continuity, and the significance ...
Shared Security Podcast
Some dolphins, saying goodbye

US Defense Contractor Boss Sold Zero Days to Russia — Cops a Plea

| | Apple Bug Bounty, Belgium, bounty, bug bounty, bug bounty program, bug bounty trends, bugbounty, dolphins, Doogie, five eyes, Five Eyes alliance, Five Eyes Intelligence Alliance, L3Harris, LHX, mice, national security, national security risk, Peter Williams, Russia, So Long and Thanks for All the Fish, Trenchant
So long and thanks for all the fish: Peter Williams admits to selling unpatched iPhone bugs to a shady Russian broker ...
Security Boulevard
Autonomous Hacking? This Startup May Have Just Changed Penetration Testing Forever #podcast

Autonomous Hacking? This Startup May Have Just Changed Penetration Testing Forever

| | AI, AI agent, AI in Cybersecurity, Autonomous Agents, Autonomous Hacking, bug bounty, Business Logic Vulnerabilities, Cyber Security, cyber threat, Cybersecurity, Cybersecurity Startup, Data Privacy, Digital Privacy, Episodes, Future of Pen Testing, hackerone, Information Security, Infosec, Low-Hanging Fruit, Marketing in Security, Offensive Security, Pen Testing Technology, Penetration Testing, Podcast, Podcasts, Privacy, Risk Severity, security, Security Research, Security Teams, technical details, technology, web app security, Weekly Edition, XBOW
In this episode, we explore the revolutionary concept of autonomous penetration testing with a discussion into Cybersecurity startup XBOW’s recent breakthrough. XBOW claims to have topped HackerOne’s leaderboard using a fully autonomous ...
Shared Security Podcast
ptaas and bug bounty

PTaaS vs. Bug Bounty Programs: Complementary or Competing Approaches?

| | bug bounty, Penetration Testing, pentesting
Introduction Imagine you’re the CISO of a rapidly growing tech company. Your infrastructure is expanding daily, and with each new line of code, the potential attack surface grows. How do... The post ...
Strobes Security
Shocking SQL Injection in TSA App & Bitcoin ATM Scams Targeting Seniors

Shocking SQL Injection in TSA App, Bitcoin ATM Scams Targeting Seniors

| | atm, Bitcoin, Bitcoin ATM, bug bounty, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Elderly, Episodes, Exploit, Hacking, Information Security, Infosec, Podcast, Podcasts, Privacy, scam, Scams, security, Security Research, Security Researcher, Senior Citizens, Seniors, sql injection, sqli, technology, tsa, vulnerability, Weekly Edition
This week, we discuss a critical SQL injection vulnerability discovered in an app used by the TSA, raising ethical questions about responsible disclosure. Plus, we shed light on the alarming rise of ...
Shared Security Podcast
Load more