Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

This episode breaks down recent reports of sensitive information being shared with AI tools and what that means for security and operations. The discussion covers OPSEC failures, common misuse of ChatGPT in professional environments, how data actually flows through AI systems, and what organizations should (and shouldn’t) worry about. The hosts focus on practical risk, realistic threat models, and actionable lessons for security teams navigating AI adoption.

Chapters

• (00:00) - PreShow Banter™ — Robot Drivers
• (06:29) - US Defense Chief Uploads Secret Into to ChatGTP - 2026-02-02
• (09:54) - Story # 1: US cyber defense chief accidentally uploaded secret government info to ChatGPT
• (19:03) - Story # 2: Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
• (23:01) - Story # 3: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
• (26:30) - Story # 4: Millions of Gmail, Facebook and other account credentials exposed
• (30:55) - Story # 5: Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site
• (36:13) - Story # 6: County pays $600,000 to pentesters it arrested for assessing courthouse security
• (39:12) - Story # 7: Costco reportedly removes RAM from its display PCs to prevent tech-savvy shoplifters, customers claim — GPUs also absent across stores as PC parts become a hot commodity
• (41:13) - Story # 8: Claude Sonnet 5 Is Imminent — And It Could Be a Generation Ahead of Google
• (45:09) - Story # 9: Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
• (48:49) - Story # 10: Match, Hinge, OkCupid, and Panera Bread breached by ransomware group
• (52:05) - Story # 11: Hunterbrook says Ubiquiti powering Russian battlefield communications in Ukraine
• (54:28) - Story # 12: Attack on Renewable Energy Plants
• (56:26) - Story # 13: Disrupting the World's Largest Residential Proxy Network | Google Cloud Blog

Wade & Hayden on Simply Cyber -
https://www.youtube.com/live/c_lUP5gR15I

Hayden’s Class -
https://www.antisyphontraining.com/product/foundations-of-security-operations-with-hayden-covington/

Mishaal’s Class -
https://www.antisyphontraining.com/product/next-level-osint-with-mishaal-khan/

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits 

https://poweredbybhis.com

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

In this episode, the hosts break down TikTok’s latest privacy policy and why it’s raising serious red flags. They discuss how the app expands data collection and tracking, what that means for user privacy, and the broader security implications—especially concerns around data access and China. Along the way, the conversation connects these changes to ongoing TikTok ban discussions, real-world risk for individuals and organizations, and what users should consider if they continue using the platform. The episode mixes technical insight with practical takeaways, making the privacy risks easy to understand without losing nuance.

Chapters:

• (00:00) - PreShow Banter™ — Electroshock Therapy
• (02:28) - 2026-01-26
• (07:33) - Story # 1: Fortinet confirms critical FortiCloud auth bypass not fully patched
• (14:27) - Story # 2: Hackers exploit critical telnetd auth bypass flaw to get root
• (17:37) - Story # 3: Clara Hawking’s Post on TikTok's Pivacy Policy
• (24:05) - Story # 4: Supreme Court to hear Facebook pixel tracking case
• (31:02) - Story # 5: Google accused of grooming kids after child receives this email
• (34:38) - Story # 6: House of Lords backs legislation to ban social media for children under 16
• (35:47) - Story # 6b: Australia has banned social media for kids under 16. How does it work?
• (42:20) - Story # 7: Why Software Blocks Won’t Stop Illegally 3D Printed Guns (And What Actually Might)
• (48:29) - Story # 8: 1Password adds pop-up warnings for suspected phishing sites
• (52:09) - ClawdBot / Moltbot

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits 

https://poweredbybhis.com

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

This episode is a rapid-fire cybersecurity news roundup covering multiple headlines and what they mean for defenders. The crew debates reports that Chinese firms are dropping U.S. and Israeli security vendors, then pivots into breach fallout, malware activity, and real-world attacker behavior. Along the way, they unpack how geopolitics affects procurement, why supply-chain dependencies make “bans” messy, and what happens when organizations swap tools fast. 

Expect candid takes on ransomware trends, enterprise security operations, and where hype collides with implementation. The hosts also riff on incident response realities, risk management, and what security teams should watch for next—plus plenty of side commentary and humor in between.

Chapters

• (00:00) - PreShow Banter™ — Podcast Banter
• (04:13) - Chinese firms to stop using US and Israeli cybersecurity software - 2026-01-19
• (08:56) - Story # 1: Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say
• (13:42) - Story # 2: Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system
• (16:25) - Story # 3: Hacker gets seven years for breaching Rotterdam and Antwerp ports
• (18:20) - Story # 4: 33-year-old Dutchman arrested for enableing criminals to test malware for antivirus programs.
• (20:02) - Story # 5: Army to ‘kill NIPR’ at multiple locations in commercial internet experiment
• (27:41) - Story # 6: Hungary grants asylum to former Polish minister implicated in spyware probe
• (29:12) - Story # 7: California orders Elon Musk’s AI company to immediately stop sharing sexual deepfakes
• (41:47) - Story # 8: ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations
• (49:30) - Story # 8b: BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
• (55:29) - CTF Winners
• (59:19) - ChickenSec: KFC app 'more secure' than Manage My Health, expert claims

ChickenSec: KFC app ‘more secure’ than Manage My Health, expert claims

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com

In this episode, we break down the “Doomsday” incident: a major breach forum gets breached, reminding everyone that even cybercriminal communities suffer constant OPSEC failures. We cover what leaked, why these underground markets keep imploding, and how infighting, reused infrastructure, weak authentication, and sloppy identity hygiene turn “elite hackers” into easy targets. Then we connect the dots to law enforcement’s latest crypto actions—how DOJ seizures and mixer investigations work, why blockchain tracing matters, and what criminals try (and fail) to do to hide money flows. Finally, we translate the news into practical defense: validate breach intel, monitor for credential stuffing, enable MFA, use unique passwords, and tighten access logs. Whether you’re a defender, creator, or online, this is the real-world cybercrime story behind the headlines.

Chapters

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest - Join us for our Hybrid Conference and Pre-Conference Training
https://wildwesthackinfest.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com

In this episode, we break down the growing debate around U.S. cyber operations against Venezuela—and what it means for modern cyber warfare, critical infrastructure security, and geopolitics. The conversation explores how nation-state attacks can target a country’s power grid, the challenges of attributing cyberattacks, and why industrial control systems (ICS/SCADA) remain a high-impact battleground. We also discuss the strategic value (and risks) of disrupting energy infrastructure, how these campaigns compare to other real-world incidents, and what defenders can learn to better protect utilities and national systems.

Chapters

• (00:00) - PreShow Banter™ — Undisclosed Closets
• (09:07) - US Cyberattacks on Venezuela - 2026-01-05
• (10:16) - Story # 1:Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes
• (11:14) - Story # 1b: There Were BGP Anomalies During The Venezuela Blackout
• (21:06) - Story # 1c: Pizza index of war: Late-night traffic near Pentagon surges again as US strikes Venezuela
• (32:40) - Story # 2: Finland seizes ship suspected of damaging subsea cable in Baltic Sea
• (35:11) - Story # 3: US cybersecurity experts plead guilty to BlackCat ransomware attacks
• (35:46) - Story # 4: MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
• (39:06) - Story # 5: Hackers claim to hack Resecurity, firm says it was a honeypot
• (42:06) - Story # 6: NordVPN denies breach claims, says attackers have "dummy data"
• (42:35) - Story # 7: Hackers say they have stolen 40 million Condé Nast Records - here's how to stay safe
• (43:43) - Story # 8: Hacker Dressed As Pink Power Ranger Dismantles Racist Websites Live on Stage
• (47:13) - Story # 9: NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices
• (52:18) - Story # 10: Manufacturer issues remote kill command to disable smart vacuum after engineer blocks it from collecting data — user revives it with custom hardware and Python scripts to run offline
• (55:15) - Story # 11: Ben Jordan Exposes Severe Security Vulnerabilities in Flock Surveillance Cameras
• (57:26) - Story # 11b: We Tracked Ourselves with Exposed Flock Cameras

Story # 1:Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes
Story # 1b: There Were BGP Anomalies During The Venezuela Blackout
Story # 1c: Pizza index of war: Late-night traffic near Pentagon surges again as US strikes Venezuela
Story # 2: Finland seizes ship suspected of damaging subsea cable in Baltic Sea
Story # 3: US cybersecurity experts plead guilty to BlackCat ransomware attacks
Story # 4: MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
Story # 5: Hackers claim to hack Resecurity, firm says it was a honeypot
Story # 6: NordVPN denies breach claims, says attackers have “dummy data”
Story # 7: Hackers say they have stolen 40 million Condé Nast Records - here’s how to stay safe
Story # 8: Hacker Dressed As Pink Power Ranger Dismantles Racist Websites Live on Stage
Story # 9: NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices
Story # 10: Manufacturer issues remote kill command to disable smart vacuum after engineer blocks it from collecting data — user revives it with custom hardware and Python scripts to run offline
Story # 11: Ben Jordan Exposes Severe Security Vulnerabilities in Flock Surveillance Cameras
Story # 11b: We Tracked Ourselves with Exposed Flock Cameras

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com

Chapters

• (00:00) - PreShow Banter™ — testing testing
• (00:11) - Hot Take Predictions for Next Year – 2025-12-15
• (02:10) - Story # 1: Russian kids revolt as Kremlin bans Roblox, other popular apps
• (10:21) - Story # 2: Google's killing off its dark web report because users didn't know what to do with it
• (20:05) - Story # 3: Coupang data breach traced to ex-employee who retained system access
• (31:13) - Story # 4: Roomba maker iRobot bought by Chinese supplier after filing for bankruptcy
• (34:18) - Story # 5: February report from researcher found Chinese KVM had an unclearly documented microphone and communicated with China-based servers, but many of the security issues are now addressed [Updated]
• (36:48) - Story # 6: When adversaries bring their own virtual machine for persistence
• (41:57) - Story # 7: Oh no! Hackers snuck malware inside uber-popular Windows app Notepad++
• (44:20) - Hot Take Predictions for 2026

The team looks ahead to 2026 and shares practical, sometimes blunt predictions about where cybersecurity is heading. They discuss how AI will continue reshaping both offense and defense, with attackers using automation at scale while defenders struggle to operationalize AI beyond marketing hype.

The conversation highlights growing risk from identity abuse, cloud misconfigurations, and insecure SaaS sprawl, noting that many breaches will still come down to basic failures rather than advanced exploits. They also predict continued burnout in security teams, more consolidation among security vendors, and increasing pressure to prove real ROI from security tools.

On the positive side, the hosts see improved detection engineering, better security education, and more community-driven knowledge sharing. Overall, the message is clear: fundamentals still matter, hype won’t save you, and organizations that focus on people, process, and visibility will be better positioned for 2026.

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord!
https://discord.gg/bhis
🔴live-chat

A Live Stream From inside Lazarus Group – 2025-12-08
This BHIS episode blends cybersecurity humor, hacker culture, and livestream chaos as the team jokes about nation-state threats, leaked webcams, OPSEC mishaps, and technical glitches. With unscripted banter and light industry insights, it’s a fun, energetic listen for fans of ethical hacking, infosec podcasts, and behind-the-scenes security chatter.

Chapters
00:00 - PreShow Banter™ — Industry Leaders
02:34 - A Live Stream From inside Lazarus Group – 2025-12-08
04:24 - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
08:58 - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
20:37 - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
26:44 - Story # 4: Apple refuses to pre-install government app on iPhones in India
37:42 - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
44:55 - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
57:53 - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

• (00:00) - 00:00 - PreShow Banter™ — Industry Leaders
• (02:34) - A Live Stream From inside Lazarus Group – 2025-12-08
• (04:24) - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
• (08:57) - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
• (20:37) - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
• (26:44) - Story # 4: Apple refuses to pre-install government app on iPhones in India
• (37:41) - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
• (44:55) - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
• (57:52) - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

Chapters

• (00:00) - PreShow Banter™ — The Problem With Extensions
• (03:10) - Lawmakers Want to Ban VPNs – BHIS - Talkin' Bout [infosec] News 2025-12-01
• (03:47) - Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
• (12:05) - Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
• (21:18) - Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
• (25:48) - Story # 4: 'Slop Evader' Lets You Surf the Web Like It’s 2022
• (37:07) - Story # 5: China’s Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says
• (39:10) - Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now
• (42:38) - Story # 7: Meta is earning a fortune on a deluge of fraudulent ads, documents show
• (50:22) - Story # 8: Meta had a 17-strike policy for sex trafficking, former safety leader claims
• (52:40) - Story # 9: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

Chapters

• (00:00) - PreShow Banter™ — Stressed about lithium batteries
• (04:59) - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin' Bout [infosec] News 2025-11-24
• (05:57) - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
• (11:18) - Story # 2: CrowdStrike catches insider feeding information to hackers
• (15:50) - Story # 3: Fidelity sues Broadcom over access to key software to avoid outages
• (22:17) - Story # 4: NetApp sues former CTO for alleged data breach
• (26:48) - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers
• (36:05) - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now
• (37:11) - Story # 6b: Cloudflare outage on November 18, 2025
• (41:43) - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
• (46:34) - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System
• (51:10) - Story # 9: Microsoft to integrate Sysmon directly into Windows 11, Server 2025
• (56:40) - Story # 10: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

00:00:00 - PreShow Banter™ — The Way the Community Rumbles

00:08:21 - A.I. Transcription Startup Was Just A Guy Taking Notes - BHIS - Talkin’ Bout [infosec] News 2025-11-17

00:09:01 - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations

00:18:06 - Eric & Whitney’s “Podcast” [webcast] on training your own LLM

00:22:12 - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand

00:26:20 - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

00:37:35 - Story # 4: Google is easing up on Android’s new sideloading restrictions!

00:43:44 - Story # 5: Google is collecting troves of data from downgraded Nest thermostats

00:44:58 - Story # 5b: Hackers are saving Google’s abandoned Nest thermostats with open-source firmware

00:51:34 - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs

01:00:40 - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead

01:05:55 - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign

01:14:58 - Discord CTF Winners

• (00:00) - PreShow Banter™ — The Way the Community Rumbles
• (08:21) - A.I. Transcription Starup Was Just A Guy Taking Notes - BHIS - Talkin' Bout [infosec] News 2025-11-17
• (09:01) - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations
• (18:05) - Eric & Whitney's "Podcast" [webcast] on training your own LLM
• (22:12) - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand
• (26:20) - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies
• (37:34) - Story # 4: Google is easing up on Android's new sideloading restrictions!
• (43:43) - Story # 5: Google is collecting troves of data from downgraded Nest thermostats
• (44:58) - Story # 5b: Hackers are saving Google's abandoned Nest thermostats with open-source firmware
• (51:33) - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs
• (01:00:39) - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead
• (01:05:55) - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign
• (01:14:58) - Discord CTF Winners

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 

Chapters

00:00 - PreShow Banter™ — Humans are Done

03:04 - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin’ Bout [infosec] News 2025-11-10

05:11 - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.

15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell

25:14 - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’

29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers

32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities

40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools

56:37 - BHIS Webcast – X-Typhoon - Not your Father’s China with John Strand

• (00:00) - PreShow Banter™ — Humans are Done
• (03:03) - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin' Bout [infosec] News 2025-11-10
• (05:10) - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.
• (15:14) - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell
• (25:13) - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’
• (29:03) - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers
• (32:58) - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities
• (40:00) - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools
• (56:37) - BHIS Webcast – X-Typhoon - Not your Father's China with John Strand