Security Weekly Podcast Network (Audio)

Ahab and Peewee Herman, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet - SWN #565

14 snips
Mar 20, 2026
A fast rundown of AI-assisted scams and music-streaming fraud that fooled platforms and regulators. Coverage of a fake Zoom call that installs malicious software and a patched SharePoint RCE now on CISA's list. Discussion of vibe hacking tactics, legacy Telnet vulnerabilities, and the risks of AgeID facial‑recognition plans and privacy leaks.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

AI Music Fraud Case And Consequences

  • Doug White described a musician who bought AI-generated short songs and used bots to stream them billions of times to collect ~$13M in royalties.
  • The musician pleaded out, must repay ~$8M, and faces up to five years in jail, illustrating streaming-fraud risks.
ADVICE

Prepare Rollback And Recovery For Risky Updates

  • When an update breaks sign-ins or apps, follow vendor guidance but also have rollback and recovery steps ready such as rebooting and local retrieval of files.
  • Doug White experienced Microsoft's March 11 update blocking Teams/OneDrive and had to manually recover files before interviews.
INSIGHT

Fake Zoom Meeting Used As Click-Fix RMM Implant

  • Attackers used an interactive fake Zoom webpage that mimics a meeting and prompts a forced 'update' to deliver RMM/ScreenConnect for full device control.
  • The lure arrives via AI-generated invitation and fake waiting room, then a popup blocks actions until the malicious update is installed.
Get the Snipd Podcast app to discover more snips from this episode
Get the app