Security Weekly Podcast Network (Audio)

Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Aaran Leyland - SWN #562

Mar 10, 2026
Guest
Aaron Leyland
Aaron Leyland, cybersecurity commentator known for technical threat analysis, unpacks active threats and attacker playbooks. He discusses install-fix scams delivering info-stealers. He outlines CLUNK-1068 tradecraft like web shells, credential theft, and Python DLL sideloading. He also highlights detection tactics for web servers, tunneling, and suspicious process behavior.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Verify Command Line Installs Before Running Them

  • Avoid running installation commands from cloned or ad links without verification.
  • Doug White describes 'install fix' scams using curl/bash or mshta to deliver Amatera info stealer from cloned Claude install pages.
INSIGHT

CISA Confirms Active Exploitation For Three Enterprise Flaws

  • CISA added three flaws to the Known Exploited Vulnerabilities catalog indicating active exploitation.
  • The issues include VMware Workspace ONE UEM unauthenticated data extraction, SolarWinds help desk deserialization RCE, and Avanti endpoint manager auth-bypass credential leaks.
INSIGHT

AI Can Rapidly Discover And Patch Real Vulnerabilities

  • AI like Anthropic's Claude can find real vulnerabilities and propose patches quickly.
  • Claude found 22 Firefox issues and produced minimal test cases which let Mozilla verify and accept bulk submissions.
Get the Snipd Podcast app to discover more snips from this episode
Get the app