InfoSec.Watch
The InfoSec.Watch Podcast delivers the week’s most important cybersecurity news in a fast, clear, and actionable format.
Each episode breaks down major incidents, vulnerabilities, threat-actor activity, and security trends affecting modern organizations — without the noise or hype.
The show translates complex cyber topics into practical insights you can use immediately in your job, whether you work in security engineering, cloud security, threat detection, governance, or IT.
If you want to stay ahead of emerging threats, sharpen your defensive mindset, and get a reliable summary of what actually matters each week, this is your new essential briefing.
Actionable Cybersecurity Insights — Every Week.
Episodes
19 episodes
130 - When Trusted Tools Turn On You
We track how trust boundaries fail across the modern stack, from CI/CD supply chain compromise to phishing-driven account takeover and remote assistance abuse. We also break down actively exploited vulnerabilities and a practical tier 0 validat...
•
Season 2
•
Episode 130
•
17:42
129 - Quick Assist, Slow Panic
We track how attackers keep turning trusted channels into reliable intrusion paths, from extension marketplaces to chat platforms and developer dependencies. We also lay out what defenders should patch first and how to validate fixes so securit...
•
Season 2
•
Episode 129
•
8:56
128 - AI Malware Floods And Patch Tsunamis
We track a clear theme across this week’s security headlines: everything is getting bigger, faster, and harder to manage, from AI-generated malware to massive patch waves. We focus on cutting blast radius with risk-based patching, resilience-fi...
•
Season 2
•
Episode 128
•
8:52
127 - From Cisco To EV Chargers: Active Exploits And Urgent Patches
A wave of edge and control‑plane threats drives urgent patching and smarter validation across Cisco SD‑WAN, EV charging, FileZen, and Serve‑U. We map real exploits, spotlight APT28 tradecraft, unpack Google risk shifts, and share a post‑patch p...
•
Season 2
•
Episode 127
•
10:00
126: Click The CAPTCHA, Adopt Malware, Regret Everything
We track a wave of high-impact vulnerabilities and social engineering campaigns that target management planes and edge devices, then lay out a concrete four-step validation playbook. The theme is simple: initial access is cheap, but control pla...
•
Season 2
•
Episode 126
•
13:42
InfoSec.Watch Podcast — Episode 125: Vendor choke points, BridgePay fallout, and the KEV patch race
This week on the InfoSec.Watch Podcast, we examine a growing risk that many organizations still underestimate: operational choke points.The episode opens with the BridgePay ransomware attack, which forced the payment gatewa...
•
Season 2
•
Episode 125
•
8:30
InfoSec.Watch Podcast — Episode 124: Edge Devices Under Fire
Edges are where attackers thrive—and where many teams see the least. We dive into how identity-adjacent features, single sign-on, and device management planes have become high-impact targets, and why routers, VPNs, and firewalls now sit at the ...
•
Season 2
•
Episode 124
•
8:53
InfoSec.Watch Podcast — Episode 123: Fortinet SSO abuse, Ivanti MDM zero-days, and validating trust after patching
This week on the InfoSec.Watch Podcast, we break down a series of actively exploited vulnerabilities targeting some of the most trusted control planes in enterprise environments—firewalls, identity integrations, and mobile device managem...
•
Season 2
•
Episode 123
•
16:56
InfoSec.Watch Podcast — Episode 122: Cisco UC zero-days, Oracle patch overload, and the new Tier-Zero reality
This week on the InfoSec.Watch Podcast, we break down a wave of high-impact security events underscoring a hard truth for defenders: management planes and dependencies are now primary intrusion paths.The episode opens with active expl...
•
10:06
InfoSec.Watch Podcast — Episode 121: Cisco email gateway RCEs, Windows zero-days, and control-plane failure
This week on the InfoSec.Watch Podcast, we break down a series of high-impact threats targeting the systems organizations rely on most—email gateways, Windows endpoints, and operational infrastructure that does not fail gracefully.The ep...
•
Season 2
•
Episode 121
•
8:59
InfoSec.Watch Podcast — Episode 120: Control planes are attack planes
Welcome back to the InfoSec.Watch Podcast, your weekly briefing on the security threats that matter.In Episode 120, we break down a clear and recurring theme across this week’s incidents: control planes have become ...
•
Season 2
•
Episode 120
•
10:17
InfoSec.Watch Podcast — Episode 119: WatchGuard VPN RCE, MongoDB MongoBleed, and WebRAT GitHub traps
In this week’s episode of the InfoSec.Watch Podcast, hosts Grant Lawson and Sloane Parker break down the security stories that defenders can’t afford to ignore.The episode opens with urgent patching guidance for an <...
•
Season 2
•
Episode 119
•
10:52
InfoSec.Watch Podcast — Episode 118: Perimeter zero-days, email gateway attacks, and weaponized GitHub PoCs
In this week’s InfoSec.Watch Podcast, we break down a series of critical security developments shaping the threat landscape. The episode opens with urgent guidance on two actively exploited, unauthenticated remote-code-execution vulnerabilities...
•
Season 1
•
Episode 118
•
8:03
InfoSec.Watch Podcast — Episode 117: Choke Points Under Fire: Email Gateways, WebKit Zero-Days, and DPRK's $2B Crypto Heist
In this week's InfoSec.Watch Podcast, we dive into the latest high-impact threats targeting enterprise security choke points.Key stories include:A sophisticated campaign against Cisco Secure Email appliances, with essential g...
•
Season 1
•
Episode 117
•
9:56
InfoSec.Watch Podcast — Episode 116: React2Shell mass exploitation, Apple & Microsoft zero-days, and the BRICKSTORM hypervisor breach
This week’s episode dives into a packed slate of high-impact cybersecurity threats shaking the industry. We break down React2Shell (CVE-2025-55182) — a rapidly evolving remote code execution flaw driving mass scanning across the internet...
•
Season 1
•
Episode 116
•
8:25
InfoSec.Watch Podcast — React2Shell Supply Chain Risk, Android Zero-Days, and BRICKSTORM Hardware Sabotage
In this week’s episode of InfoSec.Watch Weekly, Grant Lawson and Sloane Parker take listeners on a guided tour of the entire modern attack surface — from developer laptops to mobile devices to the physical circuit boards inside ...
•
Season 1
•
Episode 115
•
8:35
InfoSec.Watch Podcast — Episode 114: Identity zero-days, analytics leaks, and emergency-alert outages expose your weakest vendor links
In this week’s InfoSec.Watch episode, hosts Grant Lawson and Sloane Parker analyze the top cybersecurity stories: an actively exploited Oracle IdM zero-day added to CISA’s Known Exploited Vulnerabilities catalog, OpenAI cutting off Mixpanel aft...
•
7:33
InfoSec.Watch Podcast — Episode 113: China-linked AI agents, logistics ransomware, and Germany’s NIS2 law are reshaping your 2025 risk map.
In this episode of the InfoSec.Watch Podcast, we unpack one of the most consequential weeks of cybersecurity developments in 2025. This episode covers a rare convergence of AI-augmented state-backed espionage, logistics and ret...
•
Season 1
•
Episode 113
•
8:49
InfoSec.Watch Podcast — Episode 112: Windows Kernel 0-Day, FortiWeb RCE, Akira Targets Nutanix
Here’s what we cover in Episode 112:Actively Exploited Windows Kernel 0-Day: A privilege-escalation flaw in the Windows kernel is now being abused in real attacks. We cover what’s known, how attackers are chaining it, and...
•
Season 1
•
Episode 112
•
8:58