In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and embedded systems expert Elecia White, host of Embedded.fm and author of Making Embedded Systems, to discuss the trade-offs of using open source in embedded development.

The conversation goes beyond debates about “open vs. proprietary” to explore how a single library can quietly introduce sprawling dependency chains, unclear maintenance responsibilities, licensing obligations, and long-term security exposure, especially in devices expected to operate for years or decades.

Elecia and Joe share guidance for using open source intentionally, including how to set guardrails early, limit dependency blast radius, and design systems that can respond when vulnerabilities emerge, even when patching isn’t easy.

Together, they cover:

• Why embedded teams don’t get burned by open source, they get burned by unexamined dependencies
• How transitive dependencies and “helpful” packages quietly expand attack surface
• Why professionalism, documentation, and disclosure practices signal trustworthy projects
• Why build-time SBOMs matter more than after-the-fact analysis
• How Secure by Design thinking reduces reliance on emergency patching

For embedded engineers, product leaders, and security teams balancing delivery pressure with long-lived risk, this episode offers advice for using open source without inheriting future incidents.

Autonomous and connected vehicles are reshaping transportation, but increased software complexity and connectivity introduce serious security and safety challenges that can’t be solved with traditional perimeter defenses.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and Hemanth Tadepalli, Senior Cybersecurity & Compliance SME at May Mobility, for a practical discussion on what cyber resilience looks like inside real-world autonomous vehicle programs.

Hemanth draws on his experience securing mobility systems at May Mobility, as well as prior work with Mandiant, Google, and AlixPartners, to explain how automotive organizations are adapting to software-defined vehicle architectures, regulatory pressure, and expanding attack surfaces. Joe shares his perspective on why mobility companies increasingly resemble software companies and what that means for engineering, governance, and operational security.

Together, they explore:

• How connected and autonomous vehicle architectures expand the attack surface
• What cyber resilience means in day-to-day engineering and fleet operations
• How governance, threat intelligence, and software validation reduce risk
• Regulatory pressures shaping automotive security decisions
• How teams balance detection, response, and safety in autonomous systems

Whether you’re building autonomous platforms, managing connected fleets, or securing safety-critical software, this episode offers a grounded look at what it takes to keep modern mobility systems trustworthy and safe.

As industrial control systems become more connected, more Linux-based, and more exposed to IT-style threats, 2026 is shaping up to be a turning point for ICS security.

In this end-of-year predictions episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder & CEO Joseph M. Saunders and CTO Shane Fry to discuss what will define ICS and critical infrastructure security in 2026.

The episode explores a bold prediction: We will see a major ICS breach originating from a web application vulnerability running directly on an embedded control device. As full Linux operating systems, Node.js apps, and web servers increasingly appear inside OT equipment, long-standing IT vulnerabilities are colliding with systems that are difficult—or impossible—to patch.

Joe and Shane dig into why detection-only strategies fall short in constrained, long-lived devices, and why secure by design engineering, memory safety, and runtime protections are becoming essential. They also discuss the importance of accurate, build-time Software Bills of Materials, especially as regulations like the EU Cyber Resilience Act push manufacturers toward transparency, accountability, and provable supply-chain visibility.

Together, they cover:

• Why ICS exploitation is shifting from theoretical to operational
• How web app and RCE vulnerabilities are creeping into OT devices
• The limits of detection-only security strategies
• Why memory safety and runtime protections reduce exploitable risk
• How build-time SBOMs improve vulnerability tracking and trust