EPISODE · May 22, 2026 · 1H 6M
Mythos finds a curl vulnerability - 2026-05-18
from Talkin' Bout [Infosec] News · host Black Hills Information Security
This episode covers Mythos uncovering a vulnerability in cURL, a recent Google Threat Intelligence report on a zero-day exploit, and the growing impact of AI on capture-the-flag competitions and bug bounty programs. The hosts also discuss the economics of AI platforms like OpenAI, security research trends, and broader concerns around software vulnerabilities, automation, and defensive tooling.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — Token CTFs (03:18) - Story # 1: Mythos finds a curl vulnerability (06:36) - Story # 2: Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation (14:47) - Story # 3: The down fall of bug bounties (15:34) - Story # 3: Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ (40:52) - Story # 4: Germany to Flood Ukraine’s Front Lines With Hundreds of New GEREON Combat Robots (43:51) - Story # 4b: Wild Video Shows Delivery Robots Causing Havoc, Getting Obliterated (49:35) - Story # 5: Windows BitLocker zero-day gives access to protected drives, PoC released (56:09) - Story # 6: Deal reached with hackers to delete data stolen from the Canvas educational platform (58:07) - Story # 7: Celebrities’ and influencers’ private communications exposed in stalkerware data breach (58:54) - Story # 8: Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible (01:00:29) - Threat Hunting Summit Talk: Threat Hunting in the Dark: A Practical Approach (01:04:47) - WEBCAST: Looking at A.I. Wrong with John Strand, BB King and Derek Banks LinksStory # 1: Mythos finds a curl vulnerabilityStory # 2: Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass ExploitationStory # 3: The down fall of bug bountiesStory # 3: Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’Story # 4: Germany to Flood Ukraine’s Front Lines With Hundreds of New GEREON Combat RobotsStory # 4b: Wild Video Shows Delivery Robots Causing Havoc, Getting ObliteratedStory # 5: Windows BitLocker zero-day gives access to protected drives, PoC releasedStory # 6: Deal reached with hackers to delete data stolen from the Canvas educational platformStory # 7: Celebrities’ and influencers’ private communications exposed in stalkerware data breachStory # 8: Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsibleThreat Hunting Summit Talk: Threat Hunting in the Dark: A Practical ApproachWEBCAST: Looking at A.I. Wrong with John Strand, BB King and Derek BanksCreators & Guests John Strand - Host Corey Ham - Host Wade Wells - Host Bronwen Aker - Host Ralph May - Host Shane Hartman - Guest Meagan Bentley - Producer Hayden Covington - Host Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
What this episode covers
This episode covers Mythos uncovering a vulnerability in cURL, a recent Google Threat Intelligence report on a zero-day exploit, and the growing impact of AI on capture-the-flag competitions and bug bounty programs. The hosts also discuss the economics of AI platforms like OpenAI, security research trends, and broader concerns around software vulnerabilities, automation, and defensive tooling.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — Token CTFs (03:18) - Story # 1: Mythos finds a curl vulnerability (06:36) - Story # 2: Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation (14:47) - Story # 3: The down fall of bug bounties (15:34) - Story # 3: Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ (40:52) - Story # 4: Germany to Flood Ukraine’s Front Lines With Hundreds of New GEREON Combat Robots (43:51) - Story # 4b: Wild Video Shows Delivery Robots Causing Havoc, Getting Obliterated (49:35) - Story # 5: Windows BitLocker zero-day gives access to protected drives, PoC released (56:09) - Story # 6: Deal reached with hackers to delete data stolen from the Canvas educational platform (58:07) - Story # 7: Celebrities’ and influencers’ private communications exposed in stalkerware data breach (58:54) - Story # 8: Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible (01:00:29) - Threat Hunting Summit Talk: Threat Hunting in the Dark: A Practical Approach (01:04:47) - WEBCAST: Looking at A.I. Wrong with John Strand, BB King and Derek Banks LinksStory # 1: Mythos finds a curl vulnerabilityStory # 2: Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass ExploitationStory # 3: The down fall of bug bountiesStory # 3: Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’Story # 4: Germany to Flood Ukraine’s Front Lines With Hundreds of New GEREON Combat RobotsStory # 4b: Wild Video Shows Delivery Robots Causing Havoc, Getting ObliteratedStory # 5: Windows BitLocker zero-day gives access to protected drives, PoC releasedStory # 6: Deal reached with hackers to delete data stolen from the Canvas educational platformStory # 7: Celebrities’ and influencers’ private communications exposed in stalkerware data breachStory # 8: Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsibleThreat Hunting Summit Talk: Threat Hunting in the Dark: A Practical ApproachWEBCAST: Looking at A.I. Wrong with John Strand, BB King and Derek BanksCreators & Guests John Strand - Host Corey Ham - Host Wade Wells - Host Bronwen Aker - Host Ralph May - Host Shane Hartman - Guest Meagan Bentley - Producer Hayden Covington - Host Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com
NOW PLAYING
Mythos finds a curl vulnerability - 2026-05-18
No transcript for this episode yet
Similar Episodes
Sep 18, 2020 ·119m
Sep 4, 2020 ·99m
May 29, 2020 ·90m
May 26, 2020 ·94m