In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• OpenClaw, an open source AI agent formerly known as MoltBot and ClawdBot, has rapidly become the fastest-growing project on GitHub, amassing over 113,000 stars in under a week.
• A critical vulnerability in the React Native Community CLI NPM package, tracked as CVE-2025-11953 with a CVSS score of 9.8, has been actively exploited in the wild since late December 2025, according to new findings by VulnCheck. JFrog article.
• Following the disclosure in the Notepad++ v8.8.9 release announcement, further investigation confirmed a sophisticated supply chain attack that targeted the application's update mechanism.
• Google, in coordination with multiple partners, has undertaken a large-scale disruption effort targeting the IPIDEA proxy network, which it identifies as one of the largest residential proxy networks globally.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Most orgs have a major blind spot: the browser.

This week on Defender Fridays, we're joined by Cody Pierce, Co-Founder and CEO at Neon Cyber, to discuss why browser security remains a critical gap, from sophisticated phishing campaigns that bypass traditional controls to shadow AI tools operating outside your security perimeter.

Cody began his career in the computer security industry twenty-five years ago. The first half of his journey was rooted in deep R&D for offensive security, and he had the privilege of leading great teams working on elite problems. Over the last decade, Cody have moved into product and leadership roles that allowed him to focus on developing and delivering innovative and differentiated capabilities through product incubation, development, and GTM activities. Cody says he gets the most joy from building and delivering products that bring order to the chaos of cyber security while giving defenders the upper hand.

About This Session

This office hours format brings together the LimaCharlie team to share practical experiences with AI-powered security operations. Rather than theoretical discussions, we demonstrate working tools and invite the community to share their own AI security experiments. The session highlights the rapid evolution of AI capabilities in cybersecurity and explores the changing relationship between security practitioners and automation.

Register for Live Sessions

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.

Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!

Sponsored by LimaCharlie

This episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.

Why LimaCharlie?

• Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.
• Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.
• Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.
• Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.
• Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.

Try the Agentic SecOps Workspace free: https://limacharlie.io

Learn more: https://docs.limacharlie.io

Follow LimaCharlie

Sign up for free: https://limacharlie.io

LinkedIn: / limacharlieio

X: https://x.com/limacharlieio

Community Discourse: https://community.limacharlie.com/

Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• Researchers at Trend Micro have uncovered continued activity from China-aligned threat actors leveraging a cross-platform JavaScript-based command-and-control framework known as "PeckBirdy".
• Silent Push has identified an extensive phishing campaign targeting over 100 organizations, attributed to the threat actor group ShinyHunters.
• A malicious Visual Studio Code extension impersonating an AI coding assistant for OpenClaw (former Moltbot) has been discovered distributing malware via the official VS Code Extension Marketplace.
• Dragos has attributed the December 2025 cyberattack on the Polish power grid to the Russian state-sponsored group known as ELECTRUM, with medium confidence.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us for a special Defender Fridays Office Hours session where the LimaCharlie team demonstrates the new Agentic SecOps Workspace (ASW) and explores what's possible when AI agents operate security infrastructure directly.

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

What We'll Discuss

In this hands-on session, we showcase real working implementations of AI in cybersecurity operations. From reverse engineering malware to automated rule tuning and infrastructure management, we demonstrate how AI agents are transforming security workflows from concept to production-ready tools in hours instead of days.

Key Topics

• Automated malware analysis and decompilation without traditional manual reverse engineering workflows
• Rule tuning at scale: Investigating noisy detections, writing false positive rules, and deploying them autonomously
• Infrastructure automation: Setting up data sources, configuring tenants, and managing security operations through AI agents
• The permission model: Balancing AI capability with human oversight and approval workflows
• Real-world applications: Custom reporting, detection coverage analysis, and operational time savings

About This Session

This office hours format brings together the LimaCharlie team to share practical experiences with AI-powered security operations. Rather than theoretical discussions, we demonstrate working tools and invite the community to share their own AI security experiments. The session highlights the rapid evolution of AI capabilities in cybersecurity and explores the changing relationship between security practitioners and automation.

Register for Live Sessions

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.

Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!

Sponsored by LimaCharlie

This episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.

Why LimaCharlie?

• Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.
• Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.
• Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.
• Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.
• Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.

Try the Agentic SecOps Workspace free: https://limacharlie.io

Learn more: https://docs.limacharlie.io

Follow LimaCharlie

Sign up for free: https://limacharlie.io

LinkedIn: / limacharlieio

X: https://x.com/limacharlieio

Community Discourse: https://community.limacharlie.com/

Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

In this special episode of The Cybersecurity Defenders Podcast, a panel of cybersecurity experts discuss the irreversible changes AI has brought to the industry. This panel originally aired on January 20th, 2026.

The panel attendees include:

• Christopher Luft (host) - Co-Founder / CCO, LimaCharlie
• Maxime Lamothe-Brassard - Founder / CEO, LimaCharlie
• Eric Capuano - Co-Founder, Digital Defense Institute
• Joshua Neil - Co-Founder, Alpha Level
• Kris Merritt - Advisor
• Daniel Lees - Sr Staff Cloud Security Architect, Google

LimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.

Security vendors are racing to attach chatbots to legacy platforms and call it innovation. AI SOC startups have raised hundreds of millions to build better alert triage. Both approaches solve the same narrow problem: helping analysts click faster.

Service providers managing hundreds or thousands of tenants face a different reality. Alert triage matters, but so does deployment, configuration, detection engineering, reporting, and onboarding. The tedious work that eats margin and slows growth spans the entire operation.

What if AI could operate your entire security infrastructure with the same access as your best analyst?

We built LimaCharlie for complete programmatic access from day one. we were building for AI operators before AI operators existed. On January 20th, we'll show you what happens when AI agents can do everything in a security platform, across every tenant, through natural language.

No marketing theater. Just real conversations and a demonstration of AI-driven security operations where you stay in control.

Learn more at https://limacharlie.io/

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.
• Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.
• China’s pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.
• A critical zero-day vulnerability, CVE-2025-64155, has been discovered in Fortinet’s FortiSIEM platform by Horizon3.ai, allowing unauthenticated remote code execution and privilege escalation to root.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

This week on Defender Fridays, John Hubbard, SANS Institute Cyber Defense Curriculum Lead, discusses the future of security operations and what it means for SOC leaders today.

We'll be talking about:

• Building continuous improvement into SOC leadership
• Current vendor and product trends shaping security operations
• AI's real impact on SOC jobs and operations

Few instructors combine real-world security operations center (SOC) leadership, curriculum design, and frontline defense experience like John Hubbard. As a Senior Instructor at the SANS Institute, author of SANS SEC450: SOC Analyst Training – Applied Skills for Cyber Defense Operations, and co-author of SANS LDR551: Building and Leading Security Operations Centers, John translates years of frontline SOC leadership into practical lessons students can immediately apply. His courses give participants more than technical knowledge—they build the skills and judgment that ensure professionals thrive in modern security operations.

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.

• Eliminate vendor sprawl and tool complexity
• Deploy and scale effortlessly on native multi-tenant architecture
• Reduce costs with intelligent data routing and free 1-year retention
• Build custom solutions with 100+ security capabilities on-demand
• Improve response times with automation and real-time capabilities

Try the SecOps Cloud Platform free: https://limacharlie.io

Host: Maxime Lamothe-Brassard - Founder at LimaCharlie

In this special episode of The Cybersecurity Defenders Podcast, Mike Privette hosts a keynote discussion with LimaCharlie Founder and CEO, Maxime Lamothe-Brassard.

LimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.

Security vendors are racing to attach chatbots to legacy platforms and call it innovation. AI SOC startups have raised hundreds of millions to build better alert triage. Both approaches solve the same narrow problem: helping analysts click faster.

Service providers managing hundreds or thousands of tenants face a different reality. Alert triage matters, but so does deployment, configuration, detection engineering, reporting, and onboarding. The tedious work that eats margin and slows growth spans the entire operation.

What if AI could operate your entire security infrastructure with the same access as your best analyst?

We built LimaCharlie for complete programmatic access from day one. we were building for AI operators before AI operators existed. On January 20th, we'll show you what happens when AI agents can do everything in a security platform, across every tenant, through natural language.

No marketing theater. Just real conversations and a demonstration of AI-driven security operations where you stay in control.

Learn more at https://limacharlie.io/