InfoSec.Watch
The InfoSec.Watch Podcast delivers the week’s most important cybersecurity news in a fast, clear, and actionable format.
Each episode breaks down major incidents, vulnerabilities, threat-actor activity, and security trends affecting modern organizations — without the noise or hype.
The show translates complex cyber topics into practical insights you can use immediately in your job, whether you work in security engineering, cloud security, threat detection, governance, or IT.
If you want to stay ahead of emerging threats, sharpen your defensive mindset, and get a reliable summary of what actually matters each week, this is your new essential briefing.
Actionable Cybersecurity Insights — Every Week.
InfoSec.Watch
InfoSec.Watch Podcast — React2Shell Supply Chain Risk, Android Zero-Days, and BRICKSTORM Hardware Sabotage
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
In this week’s episode of InfoSec.Watch Weekly, Grant Lawson and Sloane Parker take listeners on a guided tour of the entire modern attack surface — from developer laptops to mobile devices to the physical circuit boards inside IoT hardware. Three major security stories illustrate how deeply interconnected and exposed the stack has become.
We begin with React2Shell, a newly surfaced command-injection vulnerability in the widely used react-dev-utils package. Grant and Sloane break down how an attacker can hijack a developer’s workstation simply by manipulating the BROWSER environment variable — turning a harmless npm start command into a reverse shell. The discussion dives into real-world implications: source code theft, credential compromise, CI/CD tampering, and supply chain subversion. The hosts outline the immediate fixes, and the long-term lessons around SCA tooling, EDR visibility on developer endpoints, and securing the build environment itself.
Next, the conversation shifts to two actively exploited Android zero-days uncovered in the latest Android Security Bulletin — one in the kernel and another in the Mali GPU driver. The hosts explain why GPU-level vulnerabilities are so dangerous, enabling screen capture, keystroke interception, and attack overlays at the hardware layer. The pair discuss BYOD risk, commercial spyware operators, and why MDM-powered patch gating and user education remain critical for corporate resilience.
Finally, Grant and Sloane descend to the bottom of the stack with BRICKSTORM, a new piece of destructive malware designed not to steal or encrypt data but to permanently kill hardware. By abusing exposed JTAG debug ports, BRICKSTORM halts the CPU and overwrites the device’s bootloader with garbage — bypassing Secure Boot entirely and rendering the device unrecoverable. The hosts dig into what this means for critical infrastructure, operational technology, IoT fleets, and why cybersecurity strategy must now include physical security, supply chain controls, and hardware tamper protections.
Throughout the episode, a recurring theme emerges: the corporate perimeter no longer exists.
React2Shell targets the dev environment, Android zero-days compromise personal devices tied into corporate systems, and BRICKSTORM attacks the hardware itself. Defense-in-depth isn’t optional — it’s the only workable model across modern organizations.
Tune in for practical insights, technical breakdowns, and the connective tissue between these headline stories.
Follow us on X, Facebook, and LinkedIn — and subscribe at infosec.watch to get every briefing first.
Thanks for listening to InfoSec.Watch! Subscribe to our newsletter for in-depth analysis: https://infosec.watch Follow us for daily updates: - X (Twitter) - LinkedIn - Facebook - Stay secure out there!