Initial Access

This episode explores how attackers live in the gap between what a system can verify and what it settles for from forged GlobalProtect VPN sessions to an autonomous AI worm, a social-engineered Meta support bot, voice-phished Salesforce access, and hotel reservation hijacking.

This episode goes inside the Bishop Fox Red Team — exploring how AI accelerates custom payload evasion and social engineering at scale, what a chained network-to-physical breach looks like in practice, and why satellites and gas pumps are reachable from the public internet right now.

This episode explores how attackers exploit infrastructure that became load-bearing before anyone secured it from a malicious VS Code extension that compromised thousands of GitHub repositories and an actively exploited Exchange zero-day, to Cisco SD-WAN auth bypasses, AI chaining low-severity bugs into real attack paths, and AWS GovCloud credentials left exposed in a public repo. 

This episode explores how modern development's trust assumptions keep failing in attackers' favor, from the first confirmed AI-written zero-day to a coordinated supply chain attack poisoning 518 million download paths, developer credential harvesting via rootkit, AWS SES abuse for phishing at scale, and thousands of vibe-coded apps leaking sensitive data in the open web.

This episode explores how every layer of the stack has become an attack surface — from a privilege-escalating Linux kernel flaw and a GitHub infrastructure RCE to a poisoned RubyGems supply chain, a trojanized vendor installer, and a ransomware hit on centralized education infrastructure. 

This episode explores how access is being created, scaled, and kept with less friction, from a critical cPanel authentication bypass to AI-generated vulnerable code, AI-assisted attacks, persistent footholds in trusted systems, and stealthier data exfiltration.

This episode explores how access control is breaking down across AI systems, consumer apps, and vulnerability management, from leaked AI tooling and bypassed EU verification apps to actively exploited Windows zero-days and growing strain on the NVD. 

In this Initial Access episode, we look at how attackers are reusing trust that is already in place, from hijacked sessions and malicious browser extensions to overlooked industrial systems infrastructure and tightly controlled AI capabilities.

In this Initial Access podcast episode, we examine how trust, speed, and automation are reshaping initial access across software supply chains, network infrastructure, and AI systems. 

In this Initial Access podcast episode, we examine how attackers are inheriting access through trusted systems, default permissions, and unpatchable infrastructure.

In this Initial Access podcast episode, we examine how attackers are turning normal workflows and trusted systems into reliable paths for initial access as exploitation timelines continue to shrink. 

In this Initial Access podcast episode, the team looks at several recent examples of that compression in action, from a supply chain compromise that led to AWS admin access, to malware spreading through GitHub, npm, and VS Code, to ClickFix lures that convince technical users to run malicious commands themselves.

In this Initial Access episode, we examine how attackers are gaining initial access through social engineering, identity abuse, and vulnerable edge infrastructure. The team also discusses the rise of phishing-as-a-service platforms, leaked mobile exploit chains entering the criminal ecosystem, and how AI is accelerating reconnaissance and offensive tooling for both attackers and defenders.

In this Initial Access podcast episode, we cover AI coding agents operating inside developer environments, automated attack platforms accelerating exploitation cycles, long-lived connected devices exposing unexpected telemetry risks, and why identity systems remain the primary entry point for attackers.

In this Initial Access podcast episode, we cover autonomous vulnerability discovery, AI agents that ignore instructions, and why models are becoming strategic national assets.

In this Initial Access podcast episode, we cover SSO phishing, patching failures, exposed APIs, and zombie infrastructure remind us that basic security hygiene still decides the outcome.

In this Initial Access podcast episode, we cover prompt injection, a hijacked Outlook add-in, commoditized mobile spyware, AI executive deepfake scams, IT-to-OT pivoting, and nation-state use of commercial LLMs to accelerate exploitation.

In this Initial Access podcast episode, we cover the rollback of federal software security guidance, insider-driven access risks, ongoing state-sponsored espionage, and the security implications of giving AI tools deep control over infrastructure.