Security Now (Audio)

In this special holiday episode, Steve Gibson and Leo Laporte revisit their classic conversation about vitamin D—diving into the science, surprising updates, and practical tips for your health. Whether you've heard it before or are tuning in for the first time, this "blast from the past" is the perfect way to kick off 2026 with wisdom, laughs, and a little bit of eggnog recovery.

Read more at https://www.grc.com/health

Hosts: St...

What if your smart TV and Firefox extensions were secretly hijacking your security and privacy? This episode reveals the jaw-dropping discovery of a massive TV botnet and the surprisingly clever malware lurking behind innocent browser icons.

• North Korea's profitable fixation on cryptocurrency.
• Amazon uncovers a cryptomining sneaking into customer clouds.
• Insecure Docker API servers are also hosting cryptominers.
• A new and ...

Australia's nationwide social media ban has put tech's age verification tools under the spotlight, exposing the flaws and privacy risks in today's facial detection systems and sparking worldwide debate about what's coming for the rest of us.

• Home Depot's puzzling reluctance to close a bad hole.
• GNOME's shell extension manager is unhappy with AI.
• How attacks on open source repositories compares in 2025.
• China's researchers ...

A devastating new React vulnerability earned a "perfect 10" for risk, letting attackers remotely run code on a million-plus servers with a single HTTP request. Find out what happened, how fast attackers moved in, and why this bug changes everything for web security.

• France's VanityFair face a stiff fine over cookies.
• GrapheneOS pulls out of France over coercion worries.
• The EU adds to the pile-on over underage social media.
...

Cisco has finally admitted it's time for real change and is vowing to build "secure by default" gear after decades of criticism. Steve Gibson reacts to a rare moment when a tech giant actually gets security right—and what it means for everyone running critical infrastructure.

• Scattered Lapsus$ Hunters strikes (Salesforce) again.
• Cisco actually (no kidding) sees the light.
• Next week, Australia bans all underage social medi...

Could banning VPNs really become law in the US? This episode breaks down the jaw-dropping legislation in Wisconsin and Michigan that targets VPN access for everyone, not just kids—and what it means for your digital privacy.

• The EU finally comes to its "Chat Control" senses.
• Windows 11 to include SysInternals Sysmon natively.
• Chrome's tabs (optionally) go vertical.
• The Pentagon begins its investment in warfare AI.
• Members ...

Think your cell phone is safe from tracking? Steve reveals how global networks let anyone pinpoint your location—no hacking required and no malware involved.

• Apple introduces a new Digital ID inside Wallet.
• Checkout.com refuses to pay a ransom demand.
• Google announces "Private AI Compute" in the cloud.
• Google backpedals on their "devs must register" demand.
• Win11 added a Passkeys API which 1Password & Bitwarden suppor...

Amazon is taking Perplexity AI to court over its agentic browser that shops on your behalf, raising urgent questions about who controls your online buying experience when bots do the heavy lifting.

• FFmpeg teaching assembly language for performance.
• The state of Nevada recovers after not paying ransom.
• A "rounding error" nets a clever attacker $128 million.
• Why would Chrome decide to start form-filling driver's licenses.
• T...

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking.

• Secret radios discovered in Chinese-made busses.
• Edge & Chrome introduce LLM-based "scareware" blocking.
• A perfect example of what scareware blockin...