The Cybersecurity Defenders Podcast

LimaCharlie
  • 5.0 (25)
  • Technology
  • Updated Weekly

An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.

  1. Building practical blue team skills using AI-assisted SOC training with Bobby Ford/ Defender Fridays [#329]

    4h ago

    Building practical blue team skills using AI-assisted SOC training with Bobby Ford/ Defender Fridays [#329]

    Join us for this week's Defender Fridays as Bobby Ford, Chief Strategy and Experience Officer at Doppel, talks about open-source labs, MITRE ATT&CK, and real-world defender workflows. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. About Our Guest Bobby is a globally recognized cybersecurity “geek” with almost three decades of experience, including the last 14 years as a CISO, protecting some of the world’s most complex and operationally intensive enterprises. His career began in the military as a founding member of the Pentagon Computer Incident Response Team. Bobby built and led cybersecurity programs in the Aerospace and Defense industry. He was the first CISO at Exelis Inc. and was the architect of ITT’s global cybersecurity audit function under DOJ oversight. Transitioning from public to private sector, Bobby served as the first CISO at Abbott Labs, was CISO for Unilever, and most recently was SVP and Chief Security Officer at Hewlett Packard Enterprise (HPE). Known for his collaborative style and empathetic leadership, Bobby fosters an inclusive culture that empowers entire security organizations to excel. Register for Live Sessions Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience. Register here: https://limacharlie.io/defender-fridays Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website! Sponsored by LimaCharlie This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable. Why LimaCharlie? Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.io Learn more: https://docs.limacharlie.io Follow LimaCharlie Sign up for free: https://limacharlie.io LinkedIn: / limacharlieio X: https://x.com/limacharlieio Community Discourse: https://community.limacharlie.com/ Host: Maxime Lamothe-Brassard - Founder at LimaCharlie Guest: Charles Grandjean - CTO and Co-founder at Hexiagon AI

    31 min
  2. "Megalodon" Malware in GitHub, Malware-Slop steals from Claude AI, 7-Eleven breach & CISA cPanel vulnerability / Intel Chat [#328]

    4d ago

    "Megalodon" Malware in GitHub, Malware-Slop steals from Claude AI, 7-Eleven breach & CISA cPanel vulnerability / Intel Chat [#328]

    Originally recorded: Friday May 29, 2026 In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. A large-scale software supply chain attack dubbed “Megalodon” infected thousands of GitHub repositories with credential-stealing malware in a highly automated campaign that unfolded over a six-hour period on May 18, 2026.Researchers from OX Security have identified a malicious npm package named “mouse5212-super-formatter” that was designed to steal files from Anthropic Claude AI environments by targeting the “/mnt/user-data” directory.Convenience store giant 7-Eleven disclosed a data breach tied to an attack that occurred on April 8, 2026, involving systems that contained franchise-related documents. SecurityWeek article Matt references.CISA has issued an urgent warning about a critical vulnerability in the LiteSpeed cPanel Plugin, tracked as CVE-2026-48172, which is already being actively exploited in the wild.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

    29 min
  3. From PentestGPT to production: The state of AI-assisted offensive security with Charles Grandjean / Defender Fridays [#327]

    6d ago

    From PentestGPT to production: The state of AI-assisted offensive security with Charles Grandjean / Defender Fridays [#327]

    Join us for this week's Defender Fridays as Charles Grandjean, CTO and Co-founder at Hexiagon AI, breaks down where AI-assisted pen testing actually stands today and what it means for both red teams and defenders. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. What We'll Discuss In this episode, Charles Grandjean draws on his experience building an AI-powered continuous pen testing platform to trace how LLM capabilities have evolved for offensive security, and what the rise of autonomous attack tooling means for defenders. Key Topics: How AI pen testing has progressed from unreliable single commands to chaining complex attack sequencesWhy the last six months marked a turning point in LLM planning and long-context reasoningWhen to use in-context learning and RAG versus fine-tuning, and why most teams should start with the formerWhy privacy considerations push serious pen testing operations toward self-hosted modelsHow the balance between model control and code control has shifted as models have improvedWhy unrestricted and fine-tuned open-weights models are lowering the barrier for malicious actorsWhat automated offense means for defense teams and why the response needs to match the scale of the threatAbout Our Guest Charles Grandjean is the CTO and Co-founder of Hexiagon AI, a company focused on automating penetration testing through AI to enable continuous, around-the-clock security validation. He has been building and iterating on AI-assisted offensive tooling for the past two years, tracking the evolution of LLM capabilities firsthand from early prototype to production system. Register for Live Sessions Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience. Register here: https://limacharlie.io/defender-fridays Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website! Sponsored by LimaCharlie This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable. Why LimaCharlie? Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.io Learn more: https://docs.limacharlie.io Follow LimaCharlie Sign up for free: https://limacharlie.io LinkedIn: / limacharlieio X: https://x.com/limacharlieio Community Discourse: https://community.limacharlie.com/ Host: Maxime Lamothe-Brassard - Founder at LimaCharlie Guest: Charles Grandjean - CTO and Co-founder at Hexiagon AI

    30 min
  4. GitHub repositories compromised, Webworm targets Europe, fake Outlook & cybercriminal VPN / Intel Chat [#326]

    May 29

    GitHub repositories compromised, Webworm targets Europe, fake Outlook & cybercriminal VPN / Intel Chat [#326]

    Originally recorded: Friday May 22, 2026 In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. GitHub has confirmed that roughly 3,800 internal repositories were accessed in a supply chain compromise tied to the hacking group TeamPCP.China-aligned threat actor Webworm has shifted its targeting focus from Asia to Europe, according to new research published by ESET.Researchers uncovered a previously undocumented Microsoft 365 account takeover panel that integrates directly with Evilginx Pro infrastructure to streamline token theft and post-compromise operations.European and North American law enforcement agencies announced the dismantling of “First VPN,” a VPN service allegedly built to support cybercriminal activity including ransomware operations, data theft, scanning, and denial-of-service attacks.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

    24 min
  5. How analysts use cognitive reasoning in investigations with Chris Sanders / Defender Fridays [#325]

    May 22

    How analysts use cognitive reasoning in investigations with Chris Sanders / Defender Fridays [#325]

    Join us for this week's Defender Fridays as Chris Sanders, Founder at Applied Network Defense and the Rural Technology Fund, breaks down how analysts actually think through investigations and what separates high performers from the rest. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. What We'll Discuss In this episode, Chris Sanders draws on his background in security operations and cognitive psychology to explore how metacognition shapes investigative performance, and why understanding how you think is one of the most underleveraged skills in the SOC. Key Topics: Why high-performing analysts ask better questions instead of starting with large chunks of dataHow diagnostic inquiry (DINQ) was developed by studying senior analysts in actionWhat separates one year of experience repeated twenty times from genuinely diverse experienceWhy tacit knowledge makes it hard to train new analysts and what to do about itHow AI fits into the investigative process and where humans still need to be in the loopWhy cybersecurity education has a transfer problem and what other fields like medicine get rightWhat good SOCs have in common and why it comes down to metacognitive awarenessAbout Our Guest Chris Sanders is the Founder of Applied Network Defense, a training company focused on analyst and investigative roles, and the Rural Technology Fund, an organization that supports technology education in rural and underserved communities. He holds a doctorate in education and has spent his career at the intersection of cybersecurity and cognitive psychology, including time at school districts, the federal government, and Mandiant. Register for Live Sessions Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience. Register here: https://limacharlie.io/defender-fridays Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website! Sponsored by LimaCharlie This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable. Why LimaCharlie? Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.io Learn more: https://docs.limacharlie.io Follow LimaCharlie Sign up for free: https://limacharlie.io LinkedIn: / limacharlieio X: https://x.com/limacharlieio Community Discourse: https://community.limacharlie.com/ Host: Maxime Lamothe-Brassard - Founder at LimaCharlie Guest: Chris Sanders - Founder at Applied Network Defense & Rural Technology Fund

    33 min
  6. "Dirty Frag", Canvas ransomware attack, “Mini Shai-Hulud” malware campaign & AI-developed zero-day exploit / Intel Chat [#324]

    May 18

    "Dirty Frag", Canvas ransomware attack, “Mini Shai-Hulud” malware campaign & AI-developed zero-day exploit / Intel Chat [#324]

    In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Researchers have disclosed a new Linux local privilege escalation technique called “Dirty Frag,” which chains together two kernel vulnerabilities: CVE-2026-43284 in xfrm-ESP handling and CVE-2026-43500 in RxRPC.The breach affecting educational technology provider Instructure has raised broader concerns about the security dependencies schools have on third-party cloud platforms.Security researchers at Aikido are tracking a major expansion of the “Mini Shai-Hulud” malware campaign targeting the npm ecosystem.Google Threat Intelligence Group says threat actors are moving from experimental AI usage toward large-scale operational integration of generative models across the cyberattack lifecycle.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

    29 min
  7. How to handle increasing vulnerabilities with AI-assistants? With Shane Warden from ActiveState / Defender Fridays [#323]]

    May 15

    How to handle increasing vulnerabilities with AI-assistants? With Shane Warden from ActiveState / Defender Fridays [#323]]

    Join us for this week's Defender Fridays as Shane Warden, Principal Architect at ActiveState, shares what it's actually like to be on the receiving end of AI-assisted vulnerability reporting and what open source maintainers are already dealing with that the rest of the industry will face soon. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. What We'll Discuss In this episode, Shane Warden draws on his experience supporting security for well-known open source projects to explore how AI-assisted vulnerability reporting is changing the threat landscape, and why what's happening in open source today is a preview of what every organization will face. Key Topics: Why open source projects are the early warning system for what's coming to enterprise securityHow a flood of 95 AI-generated vulnerability reports turned into a six-figure extortion attemptWhy even a three percent legitimate hit rate still creates a real and unignorable workload for maintainersHow teams are using AI to respond to AI-generated reports, and where humans still need to be in the loopWhat projects like curl, the Linux kernel, and Zig are doing differently in response to AI contributionsWhy understanding your open source dependencies and their versions is more urgent than everThe reputational risk of AI-generated vulnerability claims, even when those claims are falseAbout Our Guest Shane Warden is Principal Architect at ActiveState and has been involved in open source since the late 1990s. Behind the scenes, he supports security for several well-known free software projects and has been navigating the growing wave of AI-assisted vulnerability submissions firsthand. Register for Live Sessions Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience. Register here: https://limacharlie.io/defender-fridays Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website! Sponsored by LimaCharlie This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable. Why LimaCharlie? Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.io Learn more: https://docs.limacharlie.io Follow LimaCharlie Sign up for free: https://limacharlie.io LinkedIn: / limacharlieio X: https://x.com/limacharlieio Community Discourse: https://community.limacharlie.com/ Host: Maxime Lamothe-Brassard - Founder at LimaCharlie Guest: Shane Warden - Principal Architect at ActiveState

    31 min

  8. May 13

    Does the rise of AI mean human-led SOCs are obsolete? With Dr. Adeel Shaikh Muhammad [#322]

    Dr. Adeel Shaikh Muhammad, a cybersecurity strategist and global speaker with over 16 years of experience across information security, networks, and systems. Adeel brings a practical perspective on how organizations can adapt to evolving cyber threats and the growing role of AI in cybersecurity. Adeel, with an extraordinary portfolio of 40+ industry certifications, including CISSP, CISM, CISA, CCISO, PMP, CEH, ISO 27001 Lead Implementer & Auditor, and a robust suite of advanced Cisco, Microsoft, Fortinet, Barracuda, ITIL, PRINCE2, and AI-related credentials, he is a benchmark of technical mastery and visionary execution. His academic excellence includes a Master’s in Cybersecurity and a current Doctorate in Business Administration (DBA) focused on the impact of AI in Security Operations Centers (SOCs) in the Gulf region. Adeel is the author of two acclaimed books—“AI-Driven Transformation of Security Operations Center (SOC)” and “AI and Us: The Ethical Choices”—bridging the critical intersection of AI innovation and ethical leadership. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

    25 min
See All (330)

Trailer

5
out of 5
25 Ratings

About

An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.

Information

You Might Also Like