Dec 9, 2025
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and...
Dec 8, 2025
Interview with Danny Jenkins: How badly configured are your endpoints?
Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits.
Meanwhile, security tools are misconfigured. Thousands of unused software packages...
Dec 5, 2025
Toilet Cams, North Korea, Brickstorm, MCP, India, React2Shell, Proxmox, Metaverse, Josh Marpet, and More, on the Security Weekly News.
Visit https://www.securityweekly.com/swn for all the latest episodes!
Dec 4, 2025
This week we welcome Ed Skoudis to talk about the holiday hack challenge (https://sans.org/HolidayHack). In the security news:
- Oh Asus
- Dashcam botnets
- Weird CVEs being issued
- CodeRED, but not the worm
- Free IP checking
- Internet space junk and IoT
- Decade old Linux kernel vulnerabilities
- Breaking out of Claude...
Dec 3, 2025
While many businesses rely on Microsoft 365, Salesforce and Google Workspace security features, critical blind spots remain—the recent series of high profile SaaS breaches demonstrate this. So what should you do?
Mike Puglia, General Manager of Kaseya Labs, joins Business Security Weekly to discuss the risks in SaaS...