Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland - SWN #584
SC Media, Tuesday, May 26th, 2026
Security Weekly News episode covering Drupal vulnerability patches, CISA KEV nominations, GitHub supply chain attacks, and MFA prompt bombing.
This Security Weekly News episode (#584) hosted by Doug White and Aaran Leyland discusses multiple critical cybersecurity topics including CISA's orders to patch actively exploited Drupal vulnerabilities, a new form for nominating vulnerabilities to CISA's KEV catalog, and Anthropic's restricted Claude Mythos model.
The episode covers the Megalodon supply chain attack affecting over 5,500 GitHub repositories, MFA prompt bombing risks that undermine second-factor authentication, and Pope Leo's teachings on AI safety. Additional topics include Iranian hackers deploying MiniFast and MiniJunk V2 malware, Russian hacking claims related to Farage, and a marketer settlement for unauthorized device tracking for ad targeting.