Security Weekly Podcast Network (Audio) Exposed: Bank Leak, Copilot Zero-Click, AI Agent Hijacks, Stryker Wipe & Josh Marpet - SWN #563
Mar 13, 2026
Rapid espionage campaigns exploiting conflict lures and commodity implants. UK banking apps accidentally exposing other customers' transaction feeds. Physical damage to cloud regions and why multi‑AZ is not true disaster recovery. Microsoft Excel bug that lets AI copilots leak data with no clicks. Poisoned libraries tricking developer AI agents into exfiltration. Large-scale platform takedowns and a major medical vendor management-plane outage.
AI Snips
Chapters
Transcript
Episode notes
Treat Cross-Customer Data Mix As A Breach
- Treat platform-side data-mix incidents as breaches until scope is proven and add detection for customer A data shown to customer B at API and data layers.
- Prepare call-center scripts, customer comms, and fraud monitoring for follow-on scams.
Kinetic Attacks Create Cloud Regional Risks
- Kinetic strikes on cloud regions create indirect but real resilience risks beyond cyberattack narratives.
- AWS confirmed physical damage in UAE and Bahrain from drone strikes causing structural, power and water impacts to infrastructure.
Validate Cross Region Recovery Without Normal Admins
- Do resilience audits and validate cross-region recovery that doesn't depend on the normal identity/control plane.
- Ensure backups are recoverable without your regular admin portals and rehearse regional cloud failure playbooks.