Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week’s briefing covers: Dive deeper.

The silent killer in modern security programs? Garrett Hamilton and Todd Graham discuss how the real killer is settings quietly slipping out of alignment over time — even in environments packed with “best-in-class” tools and clean audit results. Misconfigurations don’t announce themselves. They accumulate. They age. They slowly pull your security posture away from original intent. What teams think is “turned on” often isn’t enforced consistently — or at all. Without continuous validation, drift becomes invisible risk.

LevelBlue and the PGA of America share a commitment to excellence under pressure. As the Official Cybersecurity Advisor of the PGA of America, LevelBlue brings championship standards of protection, continuity, and trust to the organizations that keep the game - and business - moving forward. From fairways to firewalls, LevelBlue safeguards mission-critical operations, member data, and high-profile events with always-on defense, accelerated response, and expert-led security operations powered by AI-driven threat intelligence.

On this episode of The Cybersecurity Defenders Podcast we're starting the new season off with the hottest topic of 2025: AI. Join an in-depth discussion January 20, 2026 and witness LimaCharlie's fundamentally different approach to AI-powered security operations. Sitting down with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, we discuss the ways AI has rapidly changed how companies are building security tools.

Transparency isn’t optional—it’s foundational to cyber resilience. In this clip from the Exposed: Cyber Risk in the Financial Sector and its Supply Chain webinar, Roland Cloutier, Global CSO and Digital Business Enablement Executive (TikTok, ADP, EMC), explains why visibility across the financial ecosystem is essential for managing third-party risk and preventing cascading cyber attacks.

Cyber warfare isn’t coming—it’s already here. This conversation on The Cyber Resilience Brief dives into the Fifth Domain of Warfare—and why nation-state cyber activity should matter to every organization. From Russia’s chaos-driven campaigns to China’s long-game persistence, Iran’s retaliatory attacks, and North Korea’s financial theft—your network isn’t a bystander.

Can OpenAI’s GPT 5.2 actually build a production-ready, secure application from a single prompt? In this video, we put the latest model to the test by asking it to build a full-stack Node.js note-taking app. We evaluate its dependency choices, dive into a surprising fix for a long-standing CSRF vulnerability, and run a full security audit using Snyk. Is this the new gold standard for AI coding models?

This week on the podcast, we discuss the recently disclosed React2Shell vulnerability affecting a wide array of web applications. Before that, we review a new phishing campaign that that uses a newly-coined ConsentFix technique before discussing a security misstep from HomeDepot.