[00:00] Aaron Cole: Welcome to Prime Cyber Insights.
[00:02] Aaron Cole: We're starting with a brutal reality check today.
[00:06] Aaron Cole: The patch or perish window is now measured in hours, not weeks.
[00:11] Aaron Cole: The attack surface is exploding and our defenses are being tested like never before.
[00:16] Chad Thompson: Joining us today is Chad Thompson, who brings a systems-level perspective on AI, automation, and security, blending technical depth and creative insight from both engineering and music production.
[00:30] Chad Thompson: Chad, it is great to have you back.
[00:32] Lauren Mitchell: Thanks.
[00:34] Lauren Mitchell: Looking at the landscape right now, it feels like we're in a high-speed feedback loop.
[00:39] Lauren Mitchell: I mean, security analysts are forecasting over 50,000 CVEs for 2026.
[00:45] Lauren Mitchell: That's a 25% jump from last year, driven largely by the sheer volume of IoT and AI-powered applications hitting the market.
[00:55] Aaron Cole: It's not just the volume, the speed is terrifying.
[01:00] Aaron Cole: New research shows the average time between disclosure and exploitation has dropped to 4.2 days.
[01:06] Aaron Cole: In 2024, we had 22 days.
[01:09] Aaron Cole: Now look at Apple.
[01:10] Aaron Cole: They just pushed an emergency patch for CVE 2026, their third zero day in as many weeks.
[01:16] Aaron Cole: This was an extremely sophisticated attack, allowing arbitrary code execution.
[01:22] Chad Thompson: Exactly, Aaron.
[01:23] Chad Thompson: Apple is warning that high-value targets were already being exploited.
[01:28] Chad Thompson: But individual users aren't the only ones in the crosshairs.
[01:32] Chad Thompson: The Bridge Pay ransomware attack in Florida disrupted payment portals for retailers and even the city of Palm Bay.
[01:40] Chad Thompson: While card data stayed encrypted, the system-wide service disruption shows how a single point of failure in the payment stack can ripple through the real economy.
[01:50] Lauren Mitchell: It's a complex ecosystem.
[01:54] Lauren Mitchell: That's why the coordinated disclosure event we saw this week was so critical.
[01:58] Lauren Mitchell: Over 60 vendors, including Cisco, Oracle, and S-AP, released patches simultaneously through the CERT Coordination Center.
[02:07] Lauren Mitchell: From a systems perspective, this is the industry trying to harmonize its response to vulnerabilities that were actually shared months ago.
[02:16] Aaron Cole: While industry is coordinating, the government side is struggling.
[02:20] Aaron Cole: CISA Director Jen Easterly just testified that budget uncertainty is actively hampering their ability to protect critical infrastructure.
[02:29] Aaron Cole: During the recent shutdown, threat intelligence sharing delayed in monitoring capabilities were reduced.
[02:35] Aaron Cole: You can't defend a nation's network on a month-to-month budget, Lauren.
[02:39] Chad Thompson: That gap in monitoring is dangerous, especially with what Google is reporting.
[02:45] Chad Thompson: State-sponsored groups from Russia, North Korea, and Iran are now targeting defense sector employees directly through hiring processes.
[02:55] Chad Thompson: They are using AI to profile roles and salaries, even creating spoof job portals to steal credentials from aerospace and drone companies.
[03:06] Chad Thompson: It's becoming deeply personal.
[03:08] Lauren Mitchell: It really is.
[03:10] Lauren Mitchell: A personnel piece is the new perimeter.
[03:13] Lauren Mitchell: Look at that Scottsdale case where two teenagers were allegedly extorted via signal by figures known as Red and Eight to carry out a $66 million crypto theft.
[03:24] Lauren Mitchell: They even used a 3D printed gun.
[03:27] Lauren Mitchell: It's like a black mirror episode where digital extortion forces real-world criminal acts.
[03:34] Lauren Mitchell: We're seeing more of these $5 wrench attacks as digital cash becomes harder to steal remotely.
[03:39] Aaron Cole: Bottom line, the volume of threats is outpacing manual remediation.
[03:44] Aaron Cole: If you aren't looking at automated patch management and risk-based prioritization today,
[03:49] Aaron Cole: you're already behind the four-day exploit curve.
[03:52] Aaron Cole: Chad, thank you for the systems level view.
[03:55] Chad Thompson: And thank you for listening. We will continue to track these evolving threats to keep your digital
[04:01] Aaron Cole: resilience high. I'm your host, signing off for now. This has been Prime Cyber Insights.
[04:08] Aaron Cole: For the latest updates and resources, visit pci.neurlnewscast.com. Stay secure.
[04:15] Aaron Cole: Neurl Newscast is AI-assisted, human-reviewed. View our AI transparency policy at neuralnewscast.com.