Daily Cyber Threat Brief 🔴 Mar 27’s Top Cyber News NOW! - Ep 1098
Mar 27, 2026
James McQuiggan, a security awareness pro known for engaging talks and Dad Joke Fridays; DJ BSEC, a former network engineer turned security exec focused on ops and defenses; and Robert of Bowtie Security, a practitioner advising on GRC and vuln management. They cover eBPF telecom espionage, LangFlow code-exec exploits, automotive attack surfaces, supply-chain risks, CI/CD security, career and interview tips, and home router firmware concerns.
AI Snips
Chapters
Transcript
Episode notes
Match Response To Actual Data Impact
- For breaches with low-impact data exposure, prioritize user notifications and phishing education rather than overblown remediation.
- Gerald uses Ajax ticket hijack to show limited email/DOB leaks need identity support and strengthened phishing defenses.
Patch LangFlow Now To Stop Remote Code Execution
- Patch or upgrade LangFlow immediately and remove exposed unauthenticated API endpoints to stop arbitrary code execution.
- Gerald shows the advisory contained executable details and recommends pip install --upgrade langflow to remediate.
Add SBOMs And CI/CD Scans For AI Tools
- Treat AI frameworks and agent platforms as production software: run S-BoMs, CI/CD scanning, and immediate patching when advisories appear.
- Panel recommends AI bill-of-materials and Defense Claw scanners to analyze skills and dependencies before deployment.