The 443 - Security Simplified Podcast

This week on the podcast we discuss RedSun, the latest researcher-disclosed zero-day in Microsoft Windows. After that, we chat about a Europol-lead takedown of DDoS-for-hire services before ending with our thoughts on Microsoft's latest RDP security updates.

This week on the podcast, we discuss Anthropic's Project Glasswing and what the Claude Mythos announcement means to cybersecurity. After that, we cover FrostArmada, a campaign from a Russian GRU-backed threat actor that has compromised tens of thousands of home networking routers. Finally we end with a chat about Google Chrome 146's new feature to protect against session hijacking.

This week on the podcast, we cover the accidental Claude Code source code leak and what it means for users and the wider ecosystem. After that, we discuss the Axios supply chain compromise impacting users of a JavaScript library with over 100 million weekly downloads. We end with our thoughts on Browser Gate, the name given to allegations that Microsoft is illegally harvesting LinkedIn customer data for a competitive advantage.

This week on the podcast, we discuss the US government's ban on foreign-manufactured consumer routers and its likely impact. After that, we cover a research post from Huntress on a recent phishing campaign leveraging OAuth Device Authentication flows to retain long-term access to compromised accounts. We end with a review of key takeaways from Google's Cloud Threat Horizons report for H1 2026.

In this episode, Corey Nachreiner interviews WatchGuard Cybersecurity Analyst and Threat Emulation & Investigations Lead, Kristen Yang, about the path into cybersecurity, the evolution from threat hunting to leading investigations, and the realities of defending against modern attacks. They explore today’s threat landscape, incident response mistakes, red teaming lessons, MITRE ATT&CK, AI in security, and the skills analysts need most, plus a rapid-fire round to close things out.