IT SPARC Cast

John Barger
  • 5.0 (2)
  • TECH NEWS
  • UPDATED WEEKLY

IT SPARC Cast is a digest of the Enterprise IT news over the last week, with insights, opinions, and a little sarcasm from 2 experts each with over 20 years of experience working in IT or for IT vendors. Hosted on Acast. See acast.com/privacy for more information.

  1. Windows Notepad RCE?! CVE-2026-2841 Exposes Windows 11 Users

    10H AGO

    Windows Notepad RCE?! CVE-2026-2841 Exposes Windows 11 Users

    In this episode of IT SPARC Cast – CVE of the Week, John Barger and Lou Schmidt break down a shocking vulnerability: CVE-2026-2841, a Remote Code Execution (RCE) flaw in the modern Windows 11 Notepad application distributed via the Microsoft Store. Yes — even Notepad isn’t safe anymore. This vulnerability stems from a command injection flaw in the modern Windows 11 Store version of Notepad (11.x prior to patch). The issue allows malicious .md (Markdown) files containing crafted links or interactive content to execute arbitrary code when opened and clicked by a user. With a CVSS score of 8.8, this vulnerability becomes especially dangerous when chained with other exploits. ⸻ 🔎 What You Need to Know CVE-2026-2841 – Windows Notepad RCE •Affects: Windows 11 modern Notepad (Microsoft Store version 11.x prior to Patch Tuesday update) •Does NOT affect: Legacy Notepad on Windows 10, Windows 7, or classic versions •Attack Vector: Malicious .md file delivered via phishing •Trigger: User opens file and clicks embedded link •Impact: Remote Code Execution with user-level permissions •Severity: CVSS 8.8 (High) ⸻ ⚠ Why This Matters •Perfect phishing vehicle: malicious Markdown attachment •Executes arbitrary code under the user’s permissions •Ideal for lateral movement in enterprise environments •Dangerous when combined with other exploits •Many organizations delay Patch Tuesday updates — this one should NOT wait ⸻ 🛠 Mitigation & Recommendations •Immediately update Notepad via Microsoft Store •Audit Windows 11 endpoints for modern Notepad version •Train users to avoid opening unknown .md attachments •Consider simpler text editors for baseline editing tasks •Evaluate enterprise endpoint protection against command injection vectors ⸻ 💻 Alternative Editors (With Security Awareness) John and Lou discuss safer editing alternatives including: •Notepad++ •Visual Studio Code / Codeium •Sublime Text •Atom •Vim / NeoVim / Emacs •JetBrains IDEs Reminder: More features = more attack surface. ⸻ 💬 Wrap Up John and Lou also respond to listener feedback from Andrew regarding their recent OpenClaw security discussion. They clarify their stance: •They are not anti-AI. •They are pro-security. •Bleeding-edge tech requires controlled rollout and sandboxing. •Enterprises must protect privileged data access. Security-first thinking is not fear — it’s responsible IT leadership. ⸻ 🔗 Connect With Us IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    11 min
  2. Quantum Breakthroughs, AI Cloud Billions, and Apple’s Margin Squeeze

    4D AGO

    Quantum Breakthroughs, AI Cloud Billions, and Apple’s Margin Squeeze

    In this episode of IT SPARC Cast – News Bytes, John Barger and Lou Schmidt explore three stories reshaping enterprise IT strategy. From a quantum cooling breakthrough that could accelerate real-world quantum computing, to Oracle’s plan to raise $50 billion for AI cloud infrastructure, the episode highlights how fast the AI arms race is escalating. They also break down why the AI boom is starting to squeeze Apple’s famously strong profit margins—and what that means for device pricing, silicon supply, and enterprise IT budgets. If you care about where compute, power, and economics collide, this episode connects the dots. 📌 Show Notes 00:00 – Intro John and Lou kick off the episode with a look at why quantum cooling breakthroughs, massive AI cloud investments, and chip supply pressure on Apple all point to accelerating change across enterprise IT. ⸻ 📰 News Bytes 00:55 – Chalmers University Makes Quantum Cool Researchers at Chalmers University of Technology unveil a breakthrough quantum refrigeration method that uses controlled noise to improve cooling near absolute zero. The discussion explores why advances like this could rapidly reduce the cost and complexity of quantum computing and push it closer to real enterprise use cases. https://www.sciencedaily.com/releases/2026/01/260129080418.htm  ⸻ 06:10 – Oracle Raising Up to $50B for AI Cloud Oracle plans to raise up to $50 billion to expand AI-focused cloud data centers as part of Project Stargate. John and Lou unpack why Oracle’s existing enterprise relationships give it a unique advantage—and why power and compute, not demand, may become the real limiting factors for AI growth. https://www.techrepublic.com/article/news-oracle-50b-ai-cloud/  ⸻ 10:28 – The AI Boom Is Coming for Apple’s Profit Margins The surge in AI-driven chip demand is putting pressure on Apple’s historically strong margins. As TSMC capacity is increasingly consumed by Nvidia, OpenAI, and hyperscalers, the hosts break down why Apple may face higher silicon costs—and what that means for device pricing, IT refresh cycles, and enterprise procurement. https://www.msn.com/en-us/money/technology/the-ai-boom-is-coming-for-apple-s-profit-margins/ar-AA1VpgpA  ⸻ 🔁 Wrap Up 17:11 – Mail Bag Listener feedback sparks a nuanced discussion on hybrid work, mandatory office policies, and why management capability—not location—is often the real issue. 21:24 – Wrap Up Final thoughts on quantum acceleration, AI infrastructure economics, and why IT leaders need to prepare for rising hardware costs and longer planning horizons. ⸻ 🔗 Connect With Us IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ Hosted on Acast. See acast.com/privacy for more information.

    22 min
  3. Why OpenClaw on Work PCs Puts Enterprise Data at Risk

    FEB 6

    Why OpenClaw on Work PCs Puts Enterprise Data at Risk

    Agentic AI systems like OpenClaw represent the future of automation, productivity, and intelligent workflows — but today, they also represent a serious and underappreciated enterprise security risk. In this episode of IT SPARC Cast – CVE of the Week, John and Lou break down why running OpenClaw (and related platforms like MoltBook) on corporate hardware or with access to enterprise data is dangerous right now, even if the long-term vision is compelling. The discussion centers on three types of OpenClaw users: 1.Sandbox Experimenters – Users running OpenClaw in isolated labs or test environments with no access to corporate data. 2.Dedicated VM / Hardware Users – Users running OpenClaw separately, but still granting it access to cloud services, email, or internal APIs. 3.Daily Driver Users – Users installing OpenClaw directly on work PCs and giving it full access to files, email, chat, and automation tools. John and Lou argue that only the first group is safe today. Groups #2 and #3 dramatically expand the attack surface, introducing risks such as credential exfiltration, indirect prompt injection, data leakage, and supply-chain style compromises via third-party “skills.” The episode uses a “bio hotcell” analogy: OpenClaw can be used safely only when isolated, constrained, monitored, and treated as potentially hazardous. Without those controls, it becomes a silent data-exfiltration engine operating entirely inside allowed enterprise workflows. The takeaway for IT leaders is clear: HR and IT must act together now to define policies that prohibit OpenClaw and MoltBook from running on corporate devices or accessing corporate data until proper governance, tooling, and security controls exist. ⸻ 🔚 Wrap Up & Links Follow and connect with us: IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    23 min
  4. Work-From-Office Fallout, Rocket-Powered Data Center Cooling & Microsoft’s New AI Chip

    FEB 2

    Work-From-Office Fallout, Rocket-Powered Data Center Cooling & Microsoft’s New AI Chip

    In this episode of IT SPARC Cast – News Bytes, John Barger & Lou Schmidt break down three stories that reveal how enterprise IT is being reshaped by workforce realities, infrastructure constraints, and custom silicon. From mounting evidence that work-from-office mandates are driving top talent out the door, to a Los Angeles startup using SpaceX rocket technology to cool data centers without water, to Microsoft unveiling a massive new AI inference chip designed to scale efficiently. The discussion connects culture, power, cooling, and compute—showing why AI growth isn’t just about models and GPUs, but about solving the physical and human constraints that come with them. If you’re responsible for enterprise IT strategy, infrastructure planning, or talent retention, this episode delivers context you won’t get from headlines alone. ⸻ ⏱️ Show Notes 00:00 – Intro John and Lou preview a packed episode covering remote-work backlash, radical new data-center cooling approaches, and Microsoft’s latest move to control its AI destiny with custom silicon. ⸻ 📰 News Bytes 01:00 – Work-From-Office Mandate? Expect Top Talent Turnover and Culture Rot New research highlighted by CIO Magazine shows that strict return-to-office mandates are driving increased attrition among top performers, longer hiring cycles, and declining trust. John and Lou unpack why “butts-in-seats” metrics fail modern organizations and how poor remote-management skills—not productivity—are often the real problem. https://www.cio.com/article/4119562/work-from-office-mandate-expect-top-talent-turnover-culture-rot.html  ⸻ 08:14 – L.A. Startup Uses SpaceX Tech to Cool Data Centers With Less Power and No Water An LA-based startup is applying SpaceX rocket turbopump technology and supercritical CO₂ to dramatically reduce data-center cooling power, footprint, and water usage. The hosts explain why cooling—not chips—is becoming one of the biggest bottlenecks in AI expansion and how innovations like this could unlock sustainable growth. https://finance.yahoo.com/news/l-startup-uses-spacex-tech-175628363.html ⸻ 14:11 – Microsoft Announces a Powerful New Chip for AI Inference Microsoft unveils the Maia 200, a custom AI inference accelerator built on TSMC’s 3-nm process with 100 billion transistors. John and Lou break down why inference-optimized chips matter, how this fits into a broader trend of hyperscalers building custom silicon, and why efficiency per watt is becoming the defining metric for AI at scale. https://techcrunch.com/2026/01/26/microsoft-announces-powerful-new-chip-for-ai-inference/ ⸻ 🔁 Wrap Up 19:49 – Mail Bag Listener feedback revisits classic operating systems, early AI roots, and why distributed computing concepts from decades ago are suddenly relevant again. 22:47 – Wrap Up John and Lou close by emphasizing that AI’s future depends on solving power, cooling, and organizational challenges—not just shipping faster chips. ⸻ 🔗 Connect With Us IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    24 min
  5. WhatsApp Encryption on Trial & AI Chat App Data Exposure: Enterprise Messaging Risks

    JAN 30

    WhatsApp Encryption on Trial & AI Chat App Data Exposure: Enterprise Messaging Risks

    In this episode of IT SPARC Cast – CVE of the Week, John Barger and Lou Schmidt break format to examine two high-impact security and privacy stories that every enterprise IT and security leader should be paying attention to. First, we dive into a new lawsuit alleging that Meta can access or infer WhatsApp message contents, despite years of public claims that WhatsApp is fully end-to-end encrypted. We unpack what “access” really means in modern encrypted messaging systems, including metadata, client-side processing, backups, and enterprise risk implications—especially for organizations using WhatsApp for daily business communications. https://www.bloomberg.com/news/articles/2026-01-25/lawsuit-claims-meta-can-see-whatsapp-chats-in-breach-of-privacy Next, we examine a major data exposure involving Chat & Ask AI, a popular AI chatbot aggregator with tens of millions of users. Due to a backend Firebase misconfiguration, hundreds of millions of private conversations—including highly sensitive topics—were left publicly accessible. This incident highlights the growing risk of Shadow AI inside enterprises and the dangers of third-party AI wrappers that lack enterprise-grade security controls. https://www.404media.co/massive-ai-chat-app-leaked-millions-of-users-private-conversations/ The episode closes with listener feedback on a previously covered UniFi Access vulnerability and a broader discussion on how organizations should educate, monitor, and protect users without resorting to blunt enforcement. Hosted on Acast. See acast.com/privacy for more information.

    14 min
  6. ERP’s Inevitable Reinvention, UniFi Fabric, and Why OpenAI Isn’t the AI Bubble to Fear

    JAN 26

    ERP’s Inevitable Reinvention, UniFi Fabric, and Why OpenAI Isn’t the AI Bubble to Fear

    In this episode of IT SPARC Cast – News Bytes, John Barger & Lou Schmidt dig into three stories that highlight how enterprise IT is quietly—but fundamentally—restructuring itself. From executives questioning the long-term future of traditional ERP systems, to Ubiquiti introducing a new orchestration-driven take on network fabrics, to a grounded discussion on whether the AI bubble is real and why OpenAI may be far less fragile than critics assume. The conversation connects enterprise software evolution, network architecture at scale, and the hard economic realities of AI infrastructure—especially power and compute. If you’re responsible for enterprise platforms, networking strategy, or long-term IT planning, this episode provides context that goes beyond the headlines. ⸻ ⏱️ Show Notes 00:00 – Intro John and Lou preview the episode, touching on ERP’s looming transformation, UniFi’s new Fabric approach, and why AI demand—especially at OpenAI—is driven by hard infrastructure realities, not hype. ⸻ 📰 News Bytes 00:48 – ERP Isn’t Dead Yet – But Most Execs Are Planning the Wake A survey of more than 4,300 executives shows growing skepticism about ERP’s long-term dominance, even as most organizations remain satisfied with current systems. John and Lou explain why AI-driven, modular, and agentic ERP models are likely evolutions—not rip-and-replace events—and what enterprise IT teams should be doing now to prepare. https://www.theregister.com/2026/01/19/erp_survey_rimini_street/  ⸻ 06:28 – Ubiquiti Introduces UniFi Fabric Ubiquiti unveils UniFi Fabric, a centralized orchestration layer designed to manage policies, identity-based networking, Zero Trust, and multi-site environments without cloud licensing. The discussion compares UniFi’s approach to traditional network fabrics like VXLAN and SPBM, highlighting why this controller-first model could appeal to MSPs and mid-sized enterprises. https://blog.ui.com/article/introducing-unifi-fabrics  ⸻ 14:14 – AI Bubble? Maybe. OpenAI Risk? Not Anytime Soon. John breaks down why OpenAI’s revenue growth is directly tied to available compute capacity, not speculative demand. Using concrete megawatt, gigawatt, and ARR figures, the hosts explain why AI may see valuation corrections—but why companies like OpenAI, NVIDIA, and Anthropic are unlikely to disappear. https://openai.com/index/a-business-that-scales-with-the-value-of-intelligence/  ⸻ 🔁 Wrap Up 24:16 – Mail Bag Listener feedback reinforces the growing link between AI growth and power infrastructure, with discussion around electrical safety, regulation, and why energy expertise may be one of the most valuable skills in the coming decade. 27:39 – Wrap Up John and Lou close with a reminder that enterprise IT leaders will increasingly be asked to validate power, nuclear, and infrastructure decisions at the executive level—and that staying informed now is critical. ⸻ 🔗 Connect With Us IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    29 min
  7. VoidLink: The AI-Built Linux Malware Framework That Could Change Cyber Attacks Forever

    JAN 23

    VoidLink: The AI-Built Linux Malware Framework That Could Change Cyber Attacks Forever

    In this episode of IT SPARC Cast – CVE of the Week, John Barger and Lou Schmidt break from the traditional single-CVE format to examine VoidLink, a newly discovered Linux malware framework that represents a major shift in how cyberattacks may be built and executed going forward. Rather than focusing on one vulnerability, VoidLink is designed to chain together many smaller flaws across Linux, containers, and cloud platforms like AWS, Azure, GCP, Docker, and Kubernetes—creating a stealthy, long-term access platform. Researchers believe VoidLink was developed rapidly using AI assistants, offering a rare look at how next-generation malware may be authored, iterated, and deployed. This episode explains why VoidLink matters, how defenders should think about chained exploits, and why this may be an early warning sign for the future of cloud and container security. ⸻ Show Notes (Podcast) Episode Overview This week’s CVE of the Week focuses on VoidLink, a newly identified Linux malware framework designed for persistence, stealth, and modular exploitation across cloud and container environments. While not a single CVE, VoidLink highlights how attackers are moving toward framework-driven, AI-assisted exploit chaining rather than isolated vulnerabilities. Key Topics Covered •What VoidLink is and why it’s different from traditional malware •How chaining low-severity vulnerabilities can result in full compromise •Targeted environments: Linux, Docker, Kubernetes, AWS, Azure, and GCP •Use of loaders, implants, evasion techniques, and modular plugins •Evidence suggesting AI-assisted development with rapid iteration •Why this gives defenders a rare opportunity to observe a threat early in its lifecycle •The implications for cloud security, container hardening, and future CVEs Why This Matters VoidLink represents a shift from one-off exploits to malware platforms—essentially an “IDE for hacking.” Understanding how these frameworks are built and how they operate is critical for anticipating future attacks and improving detection strategies before they become widespread. ⸻ Listener Feedback Highlight We’d like to give a shout-out to Nihal for his thoughtful LinkedIn comment on our earlier Top 10 Operating System Failures episode—specifically his hot take defending Windows ME and critiquing Windows XP’s compatibility break. We love informed debate like this and appreciate listeners who challenge conventional wisdom. ⸻ Wrap-Up & Social Links That wraps up this episode of IT SPARC Cast – CVE of the Week. We couldn’t do this without listeners like you. Did we miss something? Do you have a topic you want us to cover? Send feedback to feedback@itsparccast.com or reach out on social. IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    10 min
  8. Apple Taps Google for AI, Copilot Pushback, AI Commerce & Nuclear Power for Data Centers

    JAN 19

    Apple Taps Google for AI, Copilot Pushback, AI Commerce & Nuclear Power for Data Centers

    In this episode of IT SPARC Cast – News Bytes, John Barger & Lou Schmidt break down a week of moves that signal where enterprise AI, cloud platforms, and data center infrastructure are really headed. From Apple officially leaning on Google to power its AI ambitions, to Microsoft giving IT admins the ability to remove Copilot, this episode highlights growing tension between vendor momentum and enterprise control. They also explore Google’s push to standardize AI-driven commerce through agent protocols and why Meta locking down more than 6 GW of nuclear power may be the clearest sign yet that energy—not silicon—is becoming the limiting factor for AI at scale. If you’re tracking AI strategy, platform lock-in, and the future of data centers, this episode connects the dots. 📌 Show Notes 00:00 – Intro This week on IT SPARC Cast, John Barger and Lou Schmidt break down a week dominated by AI power shifts, enterprise pushback, and the growing reality that energy—not compute—may be the biggest constraint on AI’s future. 📰 News Bytes 00:52 – It’s Official: Apple Going with Google for AI Apple confirms it will rely on Google’s Gemini models to power the next generation of Siri and Apple Intelligence. John and Lou discuss what this says about Apple’s AI strategy, the risks of deep vendor lock-in, and whether Apple can realistically switch models later without breaking workflows. https://techcrunch.com/2026/01/12/googles-gemini-to-power-apples-ai-features-like-siri/ 05:44 – Microsoft to Allow IT Admins to Uninstall Copilot Microsoft is testing new Windows policies that allow enterprise IT teams to remove the consumer Copilot app from managed devices. The conversation explores enterprise data governance, Intune controls, and why this signals a broader shift toward AI choice rather than forced adoption. https://www.bleepingcomputer.com/news/microsoft/microsoft-may-soon-allow-it-admins-to-uninstall-copilot-on-managed-devices/ 09:46 – Google Announces a New Protocol for AI-Driven Commerce Google introduces the Universal Commerce Protocol (UCP), an open standard designed to let AI agents handle shopping, payments, and transactions across retailers. With backing from major brands and payment networks, John and Lou unpack why agent-driven commerce may become one of AI’s first truly mainstream use cases. https://techcrunch.com/2026/01/11/google-announces-a-new-protocol-to-facilitate-commerce-using-ai-agents/ 12:47 – Meta Signs Nuclear Power Deals for AI Data Centers Meta secures long-term nuclear power contracts totaling more than 6 GW to fuel its AI infrastructure. The discussion focuses on why power—not chips—is becoming the true bottleneck for AI expansion and why nuclear energy is rapidly moving from “controversial” to “necessary.” https://techcrunch.com/2026/01/09/meta-signs-deals-with-three-nuclear-companies-for-6-plus-gw-of-power/ 🔚 Wrap Up 16:49 – Mail Bag Listener feedback revisits cross-platform AI agents, Apple’s closed ecosystem, and whether enterprises can afford to exclude Mac users as agentic AI becomes more central to daily workflows. 18:53 – Wrap Up John and Lou close the episode by reinforcing a key theme: AI’s future will be defined as much by energy, policy, and interoperability as by model performance. Hosted on Acast. See acast.com/privacy for more information.

    20 min
See All (133)

Ratings & Reviews

5
out of 5
2 Ratings

About

IT SPARC Cast is a digest of the Enterprise IT news over the last week, with insights, opinions, and a little sarcasm from 2 experts each with over 20 years of experience working in IT or for IT vendors. Hosted on Acast. See acast.com/privacy for more information.

Information

  • Creator
    John Barger
  • Years Active
    2024 - 2026
  • Episodes
    133
  • Rating
    Clean
  • Copyright
    © John Barger
  • Show Website
    IT SPARC Cast