Hackerbot-Claw Crosses the Line - The 443 Podcast - Episode 361

This week on the podcast, we chat about an OpenClaw bot that moved beyond vulnerability research and into malicious activity. Before that, we cover an AI-discovered vulnerability in the pac4j-jwt authentication library before ending with a discussion on an upcoming California law designed to help make age verification in the digital age easier, but with massive consequences.

This week on the podcast, we discuss the recently disclosed and patched 0-Day vulnerability in Cisco's Catalyst SD-WAN Controller which has been under active exploit for 3 years. After that, we cover the latest open source supply chain attack involving a self-propagating worm targeting AI tools. We end with a discussion about another social engineering campaign targeting job hunters in the software development world.

This week on the podcast, we cover the WatchGuard Threat Lab's Internet Security Report for the second half of 2025. In this episode, we cover the latest trends for malware at both the network perimeter and endpoint, network attacks, and the top malicious domains from the period before ending with some tips everyone can use to defend their networks.

This week on the podcast, we discuss OpenClaw, the open source chatbot that has exploded in popularity since launching late last year, and some of the risk it introduces to organizations. Before that, we chat about Ring's Super Bowl advertisement that caused a stir before ending with a Google Threat Intelligence Group report on advanced threat actor AI usage.

This week on the podcast, we cover a recent supply chain compromise involving the popular text editor Notepad++. After that, we discuss a recent vulnerability report in the Moltbook AI social network before ending with a deep-dive review of a recent remote code execution vulnerability in the N8N automation platform.

This week on the podcast, we cover a Politico report detailing a security lapse at CISA in the United States involving sensitive data and a public version of ChatGPT. Following that, we dive into a couple of vulnerabilities recently resolved in the SolarWinds Web Help Desk application. Finally, we end with some closure on a story about two Coalfire penetration testers who were arrested several years ago for completing a penetration test in Iowa.

This week on the podcast, we cover some first-hand research from the WatchGuard Threat Lab on a phishing campaign targeting users of nearly every major VPN vendor. After that, we discuss two recently resolved vulnerabilities in the Fortinet FortiSIEM application, then end with research from Varonis on a new attack flow against Copilot called RePrompt.

This week on the podcast, we discuss the recently disclosed React2Shell vulnerability affecting a wide array of web applications. Before that, we review a new phishing campaign that uses a newly coined ConsentFix technique before discussing a security misstep from Home Depot.

This week on the podcast, we cover the Kimwolf botnet, a collection of compromised IOT devices that at one point grew so large that it's command and control domain beat out Google.com as the most popular domain on the internet. After that, we discuss yet another devious take on ClickFix style phishing before ending with coverage from Cisco TALOS on another threat actor targeting edge networking equipment.

This week on the podcast, we cover a wave of attacks against network edge equipment and internet-exposed systems including an update on the recently patched Firebox 0-Day. After that, we cover two stories on browser extensions siphoning off data and making unwanted modifications to victim’s web browsing activity.