The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
Russian cyber operations have maintained a consistent focus on exploiting both tactical and strategic targets within the defense industrial base, particularly in the context of the war in Ukraine.
Sygnia has disclosed a large-scale, AI-driven scam operation involving over 150 cloned websites impersonating law firms.
A joint investigation by SentinelLabs and Censys has revealed a growing ecosystem of publicly exposed AI compute infrastructure, driven largely by deployments of Ollama - an open-source framework for running large language models locally.
Flare has identified a widespread, ongoing campaign attributed to a threat actor group known as TeamPCP -also operating under aliases such as PCPcat and ShellForce - which has compromised over 60,000 servers worldwide since late December.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

This week Brandon Min, Founder and CEO of Herd Security, joins Defender Fridays to discuss how human risk management needs to rebrand with empathy.
Brandon is the co-founder and CEO of Herd Security, where they help security teams drive employee engagement in security, making a more resilient organization. Humans have been the #1 target of organizational cyber attacks; however, security teams, organizations, vendors, and leaders have vilified them.
At Herd, they believe security should be led with empathy and care. Building trust amongst users that will drive their engagement in security. Building herd immunity from cyber attacks. Learn more at https://herdsecurity.io/
Register for Live Sessions
Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.
Register here: https://limacharlie.io/defender-fridays
Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!
Sponsored by LimaCharlie
This episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.
Why LimaCharlie?
Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.
Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.
Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.
Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.
Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.
Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io
Follow LimaCharlie
Sign up for free: https://limacharlie.io
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/
Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
OpenClaw, an open source AI agent formerly known as MoltBot and ClawdBot, has rapidly become the fastest-growing project on GitHub, amassing over 113,000 stars in under a week.
A critical vulnerability in the React Native Community CLI NPM package, tracked as CVE-2025-11953 with a CVSS score of 9.8, has been actively exploited in the wild since late December 2025, according to new findings by VulnCheck. JFrog article.
Following the disclosure in the Notepad++ v8.8.9 release announcement, further investigation confirmed a sophisticated supply chain attack that targeted the application's update mechanism.
Google, in coordination with multiple partners, has undertaken a large-scale disruption effort targeting the IPIDEA proxy network, which it identifies as one of the largest residential proxy networks globally.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Most orgs have a major blind spot: the browser.
This week on Defender Fridays, we're joined by Cody Pierce, Co-Founder and CEO at Neon Cyber, to discuss why browser security remains a critical gap, from sophisticated phishing campaigns that bypass traditional controls to shadow AI tools operating outside your security perimeter.
Cody began his career in the computer security industry twenty-five years ago. The first half of his journey was rooted in deep R&D for offensive security, and he had the privilege of leading great teams working on elite problems. Over the last decade, Cody have moved into product and leadership roles that allowed him to focus on developing and delivering innovative and differentiated capabilities through product incubation, development, and GTM activities. Cody says he gets the most joy from building and delivering products that bring order to the chaos of cyber security while giving defenders the upper hand.
About This Session
This office hours format brings together the LimaCharlie team to share practical experiences with AI-powered security operations. Rather than theoretical discussions, we demonstrate working tools and invite the community to share their own AI security experiments. The session highlights the rapid evolution of AI capabilities in cybersecurity and explores the changing relationship between security practitioners and automation.
Register for Live Sessions
Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.
Register here: https://limacharlie.io/defender-fridays
Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!
Sponsored by LimaCharlie
This episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.
Why LimaCharlie?
Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.
Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.
Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.
Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.
Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.
Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io
Follow LimaCharlie
Sign up for free: https://limacharlie.io
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/
Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
Researchers at Trend Micro have uncovered continued activity from China-aligned threat actors leveraging a cross-platform JavaScript-based command-and-control framework known as "PeckBirdy".
Silent Push has identified an extensive phishing campaign targeting over 100 organizations, attributed to the threat actor group ShinyHunters.
A malicious Visual Studio Code extension impersonating an AI coding assistant for OpenClaw (former Moltbot) has been discovered distributing malware via the official VS Code Extension Marketplace.
Dragos has attributed the December 2025 cyberattack on the Polish power grid to the Russian state-sponsored group known as ELECTRUM, with medium confidence.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.