Three Buddy Problem - Episode 38: On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS 18.3.2 fixing an exploited WebKit bug, a mysterious Unpatched.ai being credited with Microsoft Access RCE flaws, and OpenAI lobbying for the US to ban China's DeepSeek.
Plus, discussion on a Binarly technical paper with new approach to finding UEFI bootkits, Mandiant flagging custom backdoors on Juniper routers, and MEV 'sandwich attacks' front-running cryptocurrency transactions.
Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.
Links:
- Transcript (unedited, AI-generated)
- Microsoft Flags Six Active Zero-Days, Patches 57 Flaws
- Unpatched.ai discoveries
- Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw
- Apple iOS 18.3.2 and iPadOS 18.3.2 documentation
- Citizen Lab: Predator in the wires
- FreeType Zero-Day Being Exploited in the Wild
- CVE-2020-15999: FreeType Heap Buffer Overflow
- Mandiant : Ghost in the Juniper router
- Jun OS out-of-cycle security bulletin (CVE-2025-21590)
- Juniper Malware Removal Tool
- Binarly: UEFI Bootkit Hunting -- In-Depth Search for Unique Code Behavior
- Crypto Trader Loses $215,000 in MEV Sandwich Attack on Uniswap
- The Secretive World Of MEV, Where Bots Front-Run Crypto Investors For Big Profits
- Reuters journalist Raphael Satter loses overseas citizenship
- Yanis Varoufakis: Trump’s tariff chaos explained
- Technofeudalism: What Killed Capitalism (Yanis Varoufakis)
Fler avsnitt av Three Buddy Problem
Visa alla avsnitt av Three Buddy ProblemThree Buddy Problem med Security Conversations finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.