Both Jon and Eric have mic issues, but Eric gets a new monitor and Jon goes fishing again. Everyone should start looking at Passkeys. Jon finds a ClickFix and ways to attack LLMs with math. Eric discovers 3600 year old cheese and Jon shares some poetry.

• 0:00 - Introduction
• 11:01 - Passkeys are In!
• 14:54 - Social Engineering with a ClickFix
• 18:47 - Using math to fool LLMs.
• 24:44 - Some Cheese with your Mummy
• 28:10 - Poetry

Eric's nest has emptied, and Jon's pantry is full of asian pear derivatives. Temu denies (rightly?) that the data didn't come from them, Transport for London has to restore 30k employee creds in person, and why not to let the authoritative server for a domain expire. For fun we have another word puzzle by the NYT, and estimating an avatar's gaze at a virtual keyboard to deconstruct typed text.

• 0:00 - Intro
• 12:55 - Not Temu
• 17:40 - Transport for London
• 21:23 - .mobi authority
• 28:15 - Eric Fun
• 31:42 - Gazeploit

Eric has some travel news and Jon smells like plums. Eric's beloved Yubikey is unpatchable. AT&T want VMWare security updates and Android malware uses OCR to find cryptocurrency creds in your photo album. Eric doesn't understand transparent flesh while Jon looks at a diamond making machine.

• 0:00 - Introduction
• 10:24 - Yubikey Vuln
• 14:08 - Security Updates for VMWare
• 18:06 - OCR for Cryptocurrency Creds
• 21:52 - Transparent flesh
• 27:45 - Making Diamonds

Eric gets productive, while Jon goes to the fair. An airline service to register crew can be SQL Injected, scammers combine location data and photos in sextortion emails, and Microsoft's Mac apps are vulnerable-ish. For fun Eric will be visiting the Monterey Bay Aquarium, and Ganymede had a smashing past.

• 0:00 - Introduction
• 12:46 - Pilot Test TestOnly
• 19:39 - Location Aware Sextortion
• 22:27 - Secure Your Plugins
• 28:02 - Monterey Bay Aquarium
• 30:46 - Intriguing Ganymede

Eric finishes his chess set project, Jon goes camping. Claude shares some of it's AI internals. Google fixes a zero-day exploit. Slack's AI allows extraction of unexpected data. 3D Printing with Glass?!?! Finally, a Grace Hopper YouTube video you should watch.

• 0:00 - Introduction
• 9:46 - System Prompts
• 14:09 - Browser CVE
• 16:13 - AI Exfil
• 22:36 - Printing with Glass
• 25:44 - Grace Hopper

Eric moves daughters to college, Jon extracts honey. The Oregon Zoo is compromised for ~6 months, a 60 million dollar BEC, and a new flavor of Mac Malware. Restoring and repairing an old Chess set, and Scientific American stories from 50, 100, and 150 years ago.

• 0:00 - Intro
• 9:38 - Zoo Heist
• 14:17 - Sixty Million Dollars
• 16:51 - TodoSwift
• 20:37 - Chess Repair
• 25:58 - Historical Stories

Eric is sending kids to college, Jon has four peaches, small green lemons (not limes), and other harvest bounty. Using 0.0.0.0 to attack local networks. Using SEC filings to disclose a breach. Using AI to craft content for Phishing Attacks in real time. Using non conductive liquid as a heat sink. Using Medieval Gibberish as a reference book.

• 0:00 - Introduction
• 4:40 - 0.0.0.0 Websites on the Rise
• 12:11 - ADT Breach Disclosure
• 14:12 - Realtime Phishing Attacks
• 19:28 - Dunking Servers in Liquid
• 24:59 - The Voynich Manuscript

Lazy(-ish) summer weekends for both. Crowdstrike releases their RCA (20!=21), an MDM vendor wipes 13k student devices in Singapore, and the results of a comprehensive audit of Homebrew. For fun we have electrostatics based propulsion and a long lost branch of the Nile likely used to help build the pyramids.

• 0:00 - Intro
• 8:20 - Missing Argument
• 13:43 - Wiped
• 21:55 - Brew Audit
• 31:48 - Propellantless Propulsion
• 37:44 - Nile Branch