Dark Perimeter: True Cybersecurity Stories

Dark Perimeter: True Cybersecurity Stories Sat, 23 May 2026 04:40:28 -0400 https://cybersecuritystories.buzzsprout.com en-us © 2026 Dark Perimeter: True Cybersecurity Stories yes Support this Podcast 63e5fadc-8a15-5256-a28b-d6b2f01d6363 Cole Drayden episodic false Every major cyberattack has a story behind it. A vulnerability no one patched. A phishing email someone clicked. A nation-state with a motive. Dark Perimeter goes beyond the headlines to explore the true stories of the hacks, breaches, and cyber operations that shaped history - told in narrative form for security professionals and curious minds alike. No guests, no panels, no filler. Just the story.

]]> Buzzsprout (https://www.buzzsprout.com) Cole Drayden https://storage.buzzsprout.com/kye9d979acukygt22hp6xf1d3al5?.jpg Dark Perimeter: True Cybersecurity Stories Keys to the Kingdom, Part Two: Building the Vault the Right Way Keys to the Kingdom, Part Two: Building the Vault the Right Way Support the show

]]> Support the show

]]> Buzzsprout-19225928 Sat, 23 May 2026 01:00:00 -0700 1386 Azure Key Vault, secrets management, CISO, cloud security, managed identities, RBAC, private endpoints, infrastructure as code, secret rotation, AI credentials, security architecture full false Keys to the Kingdom, Part One: The CISO's Guide to Managing Your Azure Key Vault Deployment Keys to the Kingdom, Part One: The CISO's Guide to Managing Your Azure Key Vault Deployment Support the show

]]> Support the show

]]> Buzzsprout-19225926 Sat, 23 May 2026 01:00:00 -0700 1128 Azure Key Vault, secrets management, CISO, cloud security, AI credentials, managed identities, RBAC full false Dark Perimeter: "Leaving AirWatch Behind" — Part 2: The Migration Dark Perimeter: "Leaving AirWatch Behind" — Part 2: The Migration Support the show

]]> Support the show

]]> Buzzsprout-19216621 Thu, 21 May 2026 23:00:00 -0700 1003 MDM, MAM, Intune, AirWatch, migration, Conditional Access, Entra ID, BYOD, App Protection Policy, mobile security full false Dark Perimeter: "Finals Week" — The ShinyHunters Canvas Extortion Dark Perimeter: "Finals Week" — The ShinyHunters Canvas Extortion Support the show

]]> Support the show

]]> Buzzsprout-19219730 Thu, 21 May 2026 16:10:28 -0700 995 ShinyHunters, Canvas, Instructure, ransomware, extortion, cybercrime, data breach, education, FBI, cybersecurity full false Dark Perimeter: "Leaving AirWatch Behind" — Part 1: The Architecture Dark Perimeter: "Leaving AirWatch Behind" — Part 1: The Architecture Support the show

]]> Support the show

]]> Buzzsprout-19216590 Thu, 21 May 2026 07:00:00 -0700 709 MDM, MAM, Intune, AirWatch, BYOD, App Protection Policy, mobile security, DLP, Microsoft full false Dark Perimeter: "The Clock Is Broken: AI, Exploits, and the Death of Monthly Patching" Dark Perimeter: "The Clock Is Broken: AI, Exploits, and the Death of Monthly Patching" Support the show

]]> Support the show

]]> Buzzsprout-19209129 Wed, 20 May 2026 07:03:39 -0700 837 cybersecurity, AI, vulnerability management, patch management, DBIR, AGI, threat intelligence, CISA KEV, Verizon full false Dark Perimeter: "Remy Is Coming: AI Agents, Google I/O, and the New Attack Surface" Dark Perimeter: "Remy Is Coming: AI Agents, Google I/O, and the New Attack Surface" Support the show

]]> Support the show

]]> Buzzsprout-19198167 Mon, 18 May 2026 13:00:00 -0700 1470 Google IO, Gemini Spark, AI agents, MCP security, prompt injection full false Dark Perimeter: "The Propagation Engine" Dark Perimeter: "The Propagation Engine" Support the show

]]> Support the show

]]> Buzzsprout-19190761 Sun, 17 May 2026 09:47:19 -0700 1113 Fermi Paradox, AI alignment, astrobiology, transhumanism, panspermia, existential risk full false The State of AI: Where It Is, Where It's Going, and What Tomorrow Looks Like The State of AI: Where It Is, Where It's Going, and What Tomorrow Looks Like Support the show

]]> Support the show

]]> Buzzsprout-19152810 Sun, 10 May 2026 09:00:00 -0700 923 cybersecurity, artificial intelligence, AI, machine learning, deepfakes, threat intelligence, AGI, information security, SOC, phishing, dark perimeter full false One Phone Call One Phone Call In September 2022, a teenager broke into one of the world’s most valuable tech companies without writing a single line of exploit code. He bought stolen credentials on the dark web, flooded a contractor’s phone with authentication requests for over an hour, then sent a WhatsApp message pretending to be IT support. That was enough. Once inside Uber’s network, he found admin credentials sitting in a PowerShell script on a shared drive — and from there, he had access to everything: AWS, Google Workspace, Slack, bug bounty reports, and internal dashboards. He announced his success by posting on the company’s own Slack channel. This is the story of the 2022 Uber breach, MFA fatigue, and what it means that a phone call is still one of the most effective hacking tools ever invented.

Support the show

]]> In September 2022, a teenager broke into one of the world’s most valuable tech companies without writing a single line of exploit code. He bought stolen credentials on the dark web, flooded a contractor’s phone with authentication requests for over an hour, then sent a WhatsApp message pretending to be IT support. That was enough. Once inside Uber’s network, he found admin credentials sitting in a PowerShell script on a shared drive — and from there, he had access to everything: AWS, Google Workspace, Slack, bug bounty reports, and internal dashboards. He announced his success by posting on the company’s own Slack channel. This is the story of the 2022 Uber breach, MFA fatigue, and what it means that a phone call is still one of the most effective hacking tools ever invented.

Support the show

]]> Cole Drayden Buzzsprout-18943327 Tue, 21 Apr 2026 09:00:00 -0700 1042 Uber hack, MFA fatigue, Lapsus$, social engineering, cybersecurity podcast, data breach, MFA bombing, push notification attack, Teapot hacker, Uber 2022, cyber attack, infosec, true crime, CISO, credential theft, dark web, phishing, multi-factor authentic 1 2 full false Trust the Machine AI Agents, MCP Servers, and the New Attack Surface Trust the Machine AI Agents, MCP Servers, and the New Attack Surface What if your AI assistant could be turned against you by an email you never read? In 2024, Anthropic released the Model Context Protocol - a universal standard for connecting AI assistants to email, code repositories, databases, and cloud infrastructure. Within months, researchers began finding something alarming: AI agents with this kind of access could be hijacked by hidden instructions embedded in the very content they were asked to process. No stolen credentials. No exploit code. Just words that the AI read and obeyed. This episode explores the emerging security frontier of AI agents and MCP servers - the real CVEs, the documented incidents, and why the security community is paying very close attention.

Support the show

]]> What if your AI assistant could be turned against you by an email you never read? In 2024, Anthropic released the Model Context Protocol - a universal standard for connecting AI assistants to email, code repositories, databases, and cloud infrastructure. Within months, researchers began finding something alarming: AI agents with this kind of access could be hijacked by hidden instructions embedded in the very content they were asked to process. No stolen credentials. No exploit code. Just words that the AI read and obeyed. This episode explores the emerging security frontier of AI agents and MCP servers - the real CVEs, the documented incidents, and why the security community is paying very close attention.

Support the show

]]> Cole Drayden Buzzsprout-18943313 Tue, 14 Apr 2026 09:00:00 -0700 1282 Dark Perimeter, Cole Drayden, cybersecurity podcast, true cybersecurity stories, narrative podcast, infosec podcast, security stories, data breach podcast, hacking podcast, true crime technology, 1 3 full false Mythos: The Model That Scares Anthropic Mythos: The Model That Scares Anthropic Anthropic described its own upcoming model as posing unprecedented cybersecurity risks - then accidentally leaked that description. Cole Drayden sits down with former federal threat intelligence analyst Marcus Hale to work through what Mythos actually is, what it can do, and what happens when that capability reaches the wrong hands.

Support the show

]]> Anthropic described its own upcoming model as posing unprecedented cybersecurity risks - then accidentally leaked that description. Cole Drayden sits down with former federal threat intelligence analyst Marcus Hale to work through what Mythos actually is, what it can do, and what happens when that capability reaches the wrong hands.

Support the show

]]> Cole Drayden Buzzsprout-18982856 Wed, 08 Apr 2026 07:00:00 -0700 1065 Anthropic, Mythos, Capybara, Project Glasswing, AI cybersecurity, zero-day vulnerabilities, offensive AI, AI threat landscape, cybercrime, nation-state cyber, ransomware, critical infrastructure security, Linux kernel exploit, OpenBSD, vulnerability disco 99 3 full false The Blueprint Leak: What Anthropic Exposed About the Future of AI The Blueprint Leak: What Anthropic Exposed About the Future of AI On March 31st, a misconfigured build file exposed 512,000 lines of Anthropic's Claude Code source code to the world. Cole Drayden sits down with AI systems security consultant Dr. Elliott Vance to unpack what leaked, what it reveals about autonomous AI, and why this moment may accelerate the field faster than anyone expected.

Support the show

]]> On March 31st, a misconfigured build file exposed 512,000 lines of Anthropic's Claude Code source code to the world. Cole Drayden sits down with AI systems security consultant Dr. Elliott Vance to unpack what leaked, what it reveals about autonomous AI, and why this moment may accelerate the field faster than anyone expected.

Support the show

]]> Cole Drayden Buzzsprout-18966055 Mon, 06 Apr 2026 08:00:00 -0700 1212 Anthropic, Claude Code, AI security, source code leak, npm supply chain attack, agentic AI, autonomous AI agents, KAIROS, AI governance, cybersecurity, AI safety, machine learning security, software supply chain, open source AI, AI acceleration, LLM, arti 99 2 full false SPECIAL EPISODE: "Leaky Bucket" The Anthropic Claude Code Source Code Leak SPECIAL EPISODE: "Leaky Bucket" The Anthropic Claude Code Source Code Leak On March 31st, 2026, a security researcher found that Anthropic had accidentally shipped the
complete source code of Claude Code - its flagship AI product generating $2.5 billion in
annualized revenue - in a public npm package. A missing configuration entry. A public cloud
storage bucket. Within hours, the code was mirrored across GitHub 41,500 times. A clean-room
rewrite called claw-code became the fastest-growing repository in GitHub's history, crossing
100,000 stars in under 48 hours. Anthropic then accidentally blocked 8,100 legitimate developer
projects while trying to contain the damage. This is a breaking news special episode. Details
are still emerging. We cover what is confirmed, what is unknown, and what it means for the AI
industry.

Support the show

]]> On March 31st, 2026, a security researcher found that Anthropic had accidentally shipped the
complete source code of Claude Code - its flagship AI product generating $2.5 billion in
annualized revenue - in a public npm package. A missing configuration entry. A public cloud
storage bucket. Within hours, the code was mirrored across GitHub 41,500 times. A clean-room
rewrite called claw-code became the fastest-growing repository in GitHub's history, crossing
100,000 stars in under 48 hours. Anthropic then accidentally blocked 8,100 legitimate developer
projects while trying to contain the damage. This is a breaking news special episode. Details
are still emerging. We cover what is confirmed, what is unknown, and what it means for the AI
industry.

Support the show

]]> Cole Drayden Buzzsprout-18957995 Fri, 03 Apr 2026 08:00:00 -0700 1801 Anthropic, Claude Code, source code leak, npm leak, claw-code, GitHub, open source, AI security, Chaofan Shou, KAIROS, Undercover Mode, feature flags, DMCA takedown, Boris Cherny, build pipeline security, source map, .npmignore, Capybara, Numbat, Mythos, 99 1 full false Guardians of Peace. The Sony Pictures Hack of 2014 Guardians of Peace. The Sony Pictures Hack of 2014 In November 2014, thousands of Sony Pictures employees arrived at work to find grinning red skulls on every computer screen. What followed was twenty-two days of leaked films, exposed emails, executive humiliation, and a geopolitical standoff that ended with the President of the United States calling out a foreign dictator by name. This is the story of the most destructive cyberattack ever launched against an American entertainment company - who did it, how they did it, and what it means for every organization operating in a world where a nation-state can decide you are a target.

Support the show

]]> In November 2014, thousands of Sony Pictures employees arrived at work to find grinning red skulls on every computer screen. What followed was twenty-two days of leaked films, exposed emails, executive humiliation, and a geopolitical standoff that ended with the President of the United States calling out a foreign dictator by name. This is the story of the most destructive cyberattack ever launched against an American entertainment company - who did it, how they did it, and what it means for every organization operating in a world where a nation-state can decide you are a target.

Support the show

]]> Cole Drayden Buzzsprout-18943280 Tue, 31 Mar 2026 23:00:00 -0700 1450 Sony Pictures hack, North Korea, Guardians of Peace, Lazarus Group, wiper malware, Bureau 121, The Interview, Amy Pascal, Park Jin-hyok, cybersecurity, nation-state attack 1 1 full false