Out of the Woods: The Threat Hunting Podcast
by Out of the Woods: The Threat Hunting Podcast
Is this your podcast?Insights from recent episode analysis
Audience Interest
Podcast Focus
Publishing Consistency
Platform Reach
Insights are generated by CastFox AI using publicly available data, episode content, and proprietary models.
Most discussed topics
Brands & references
Est. Listeners
Insufficient chart data. Estimates will improve as the show charts.
- Per-Episode Audience
Est. listeners per new episode within ~30 days
N/A🎙 ~2x weekly·155 episodes·Last published 1w ago - Monthly Reach
Unique listeners across all episodes (30 days)
N/A - Active Followers
Loyal subscribers who consistently listen
N/A
Market Insights
Platform Distribution
Reach across major podcast platforms, updated hourly
Total Followers
—
Total Plays
—
Total Reviews
—
* Data sourced directly from platform APIs and aggregated hourly across all major podcast directories.
On the show
From 13 epsHosts
Recent guests
No guests detected in recent episodes.
Recent episodes
S4 Ep4: Old Flaws, New Attacks
Jun 16, 2026
45m 34s
S4 Ep3: [LIVE] Know Thy Environment: Building Context for Effective Threat Hunting
May 29, 2026
1h 30m 55s
S4 Ep2: Ptrace Yourself Before Your Agent Wrecks Yourself
May 21, 2026
36m 25s
S4 Ep1: When the Chain Bites Back
May 18, 2026
56m 37s
S3 Ep63: May the Context Be With You
Apr 22, 2026
50m 42s
Social Links & Contact
Official channels & resources
Official Website
Login
RSS Feed
Login
| Date | Episode | Topics | Guests | Brands | Places | Keywords | Sponsor | Length | |
|---|---|---|---|---|---|---|---|---|---|
| 6/16/26 |  S4 Ep4: Old Flaws, New Attacks | Top Headlines: Trend Micro | Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open: https://www.trendmicro.com/en_us/research/26/f/old-winrar-flaw-fuels-attacks-on-ukraine.html The Hacker News | Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models: https://thehackernews.com/2026/06/researchers-build-self-replicating-ai.html Huntress | Unpatched NTLM Leakage in Windows search: URI Handler, Same Bug, No CVE, No Fix | Huntress: https://www.huntress.com/blog/unpatched-ntlm-leak-windows-search-uri-handler aikido.dev | Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm: https://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm?_gl=1*8wn4a9*_up*MQ..*_gs*MQ..&gclid=Cj0KCQjw_vnQBhCxARIsADcZyxL-SVitznmoZxhQ5DpjJdXLfpMZyybysJ0YaiJmipzBYpqtqpTk2GUaAtsMEALw_wcB&gbraid=0AAAAApQ3BFhNDUDPZ7DnB3pGVCSCcmPoZ ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 45m 34s | ||||||
| 5/29/26 | S4 Ep3: [LIVE] Know Thy Environment: Building Context for Effective Threat Hunting✨ | threat huntingdata profiling+4 | — | — | — | threat huntingdata profiling+5 | — | 1h 30m 55s | |
| 5/21/26 | S4 Ep2: Ptrace Yourself Before Your Agent Wrecks Yourself✨ | Linux KernelPrivilege Escalation+3 | — | RAMPARTClarity+5 | — | CVE-2026-46333Linux Kernel+5 | — | 36m 25s | |
| 5/18/26 | S4 Ep1: When the Chain Bites Back✨ | cybersecuritysupply chain security+3 | — | TanStackMistral AI+5 | Azerbaijan | cybersecuritysupply chain+4 | — | 56m 37s | |
| 4/22/26 | S3 Ep63: May the Context Be With You✨ | cybersecuritythreat hunting+3 | — | PhantomPulse RATSTX RAT+4 | — | Elastic Security LabsPhantomPulse RAT+3 | — | 50m 42s | |
| 4/21/26 | S3 Ep62: Q1 2026 - Threat Hunt Report✨ | threat huntingcybersecurity+4 | — | Intel471 | — | threat huntingcybersecurity trends+6 | — | 1h 04m 54s | |
| 3/26/26 | S3 Ep61: [LIVE] Guess Who: The Malware Edition✨ | malware analysisinteractive session+4 | — | malwareMITRE ATT&CK | — | malware familyexecution patterns+5 | — | 1h 29m 55s | |
| 3/5/26 | S3 Ep60: Honey, I sideloaded Havoc...✨ | malwarethreat hunting+3 | — | Arctic WolfHuntress+2 | — | malwarethreat hunting+6 | — | 47m 53s | |
| 2/27/26 | S3 Ep59: Raiders of the Lost Macro✨ | cybersecuritythreat intelligence+3 | — | Group-IBMuddyWater+4 | — | MuddyWaterVolt Typhoon+4 | — | 1h 02m 27s | |
| 2/19/26 | S3 Ep58: Keep the Classics, Cue the Chaos✨ | cybersecuritythreat hunting+4 | — | Oura Ring MCPSmartLoader+8 | — | cybersecuritymalware+5 | — | 46m 08s | |
Want analysis for the episodes below?Free for Pro Submit a request, we'll have your selected episodes analyzed within an hour. Free, at no cost to you, for Pro users. | |||||||||
| 2/12/26 | S3 Ep57: If you speak it, they will come...✨ | threat huntingprivilege escalation+3 | — | Intel471Socket+3 | — | threat huntingprivilege escalation+5 | — | 49m 03s | |
| 2/5/26 | S3 Ep56: Hunt the Whole Story, Follow the Rabbit✨ | threat huntingcybersecurity+4 | — | CVE-2026-21509Metro4Shell+5 | UkraineEU | threat huntingcybersecurity+5 | — | 37m 46s | |
| 2/4/26 | S3 Ep55: Threat Hunting Year in Review: 2025 Trends and What’s Next✨ | Threat Hunting Trends2025 Year in Review+4 | — | Out of the Woods: The Threat Hunting PodcastMITRE ATT&CK | — | threat hunting2025 trends+5 | — | 1h 30m 52s | |
| 1/23/26 | S3 Ep54: Stop, Collaborate and Secure✨ | threat huntingcybersecurity trends+3 | — | Google CloudBleepingComputer+2 | — | threat huntingcybersecurity+3 | — | 52m 54s | |
| 1/8/26 | S3 Ep53: New Year, Old Tricks | *[LIVE] Out of the Woods: The Threat Hunting Podcast – Threat Hunting Year in Review: 2025 Trends and What’s NextJanuary 29, 2026 | 12:00 - 1:30 PM ETSign Up: https://www.intel471.com/resources/podcasts/threat-hunting-year-in-review-2025-trends-and-whats-nextTop Headlines: Securonix | Analyzing PHALT#BLYX: How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection: https://www.securonix.com/blog/analyzing-phaltblyx-how-fake-bsods-and-trusted-build-tools-are-used-to-construct-a-malware-infection/ https://mp.weixin.qq.com/mp/wappoc_appmsgcaptcha?poc_token=HM4cYGmjT2nsqEAFwWn2Sj9R90gqZmI2tEvjWdak&target_url=https%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyMjk4NzExMA%3D%3D%26mid%3D2247507757%26idx%3D1%26sn%3Dcf6b118e88395af45a000aae80811264 CYFIRMA | APT36 : Multi-Stage LNK Malware Campaign Targeting Indian Government Entities: https://www.cyfirma.com/research/apt36-multi-stage-lnk-malware-campaign-targeting-indian-government-entities/ BleepingComputer | VSCode IDE forks expose users to "recommended extension" attacks: https://www.bleepingcomputer.com/news/security/vscode-ide-forks-expose-users-to-recommended-extension-attacks/?&web_view=true ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 41m 06s | ||||||
| 12/24/25 | S3 Ep52: The Threat Hunting Soapbox | Top Headlines: welivesecurity.com | LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan: https://www.welivesecurity.com/en/eset-research/longnosedgoblin-tries-sniff-out-governmental-affairs-southeast-asia-japan/ Resecurity | DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists: https://www.resecurity.com/blog/article/dig-ai-uncensored-darknet-ai-assistant-at-the-service-of-criminals-and-terrorists?&web_view=true koi.ai | NPM Package With 56K Downloads Caught Stealing WhatsApp Messages: https://www.koi.ai/blog/npm-package-with-56k-downloads-malware-stealing-whatsapp-messages zscaler.com | Zscaler Threat Hunting Catches Evasive SideWinder APT Campaign: https://www.zscaler.com/blogs/security-research/zscaler-threat-hunting-catches-evasive-sidewinder-apt-campaign?&web_view=true ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 49m 39s | ||||||
| 12/17/25 | S3 Ep51: Same Break-In, New Front Door | Top Headlines: Unit 42 | Exploitation of Critical Vulnerability in React Server Components (Updated December 12): https://unit42.paloaltonetworks.com/cve-2025-55182-react-and-cve-2025-66478-next/ hackread.com | New PyStoreRAT Malware Targets OSINT Researchers Through GitHub: https://hackread.com/pystorerat-rat-malware-github-osint-researchers/?web_view=true Check Point Research | Ink Dragon's Relay Network and Stealthy Offensive Operation: https://research.checkpoint.com/2025/ink-dragons-relay-network-and-offensive-operation/ KOI.ai | Inside GhostPoster: How a PNG Icon Infected 50,000 Firefox Users: https://www.koi.ai/blog/inside-ghostposter-how-a-png-icon-infected-50-000-firefox-browser-users ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 52m 55s | ||||||
| 12/5/25 | S3 Ep50: Game of Nodes: Persistence Is Coming | Top Headlines: securelist.com | The Tsundere botnet uses the Ethereum blockchain to infect its targets: https://securelist.com/tsundere-node-js-botnet-uses-ethereum-blockchain/117979/ Group-IB | Bloody Wolf: A Blunt Crowbar Threat To Justice: https://www.group-ib.com/blog/bloody-wolf/ welivesecurity.com | MuddyWater: Snakes by the riverbank: https://www.welivesecurity.com/en/eset-research/muddywater-snakes-riverbank/ Fortinet Blog | ShadowV2 Casts a Shadow Over IoT Devices: https://www.fortinet.com/blog/threat-research/shadowv2-casts-a-shadow-over-iot-devices?&web_view=true darktrace.com | ShadowV2: An emerging DDoS for hire botnet: https://www.darktrace.com/blog/shadowv2-an-emerging-ddos-for-hire-botnet ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 42m 16s | ||||||
| 11/25/25 | S3 Ep49: Guess Who: The Adversary Edition - 2 | Can You Identify the Nation-State Actor? Out of the Woods: The Threat Hunting Podcast returns for another special edition episode that challenges how you think about adversary behavior. This live, interactive session will focus on a nation-state actor, revealing one phase of their campaign at a time as our hosts provide tradecraft clues and analysis. Participants will examine how observed techniques align to MITRE ATT&CK, how vertical-specific targeting shapes operational decisions, and how behavioral patterns emerge across campaigns. Before the final reveal, attendees will have the chance to submit their best guess on which nation-state threat actor is behind the activity.What You’ll Learn: Real adversary behavior – A phase-by-phase look at a real nation-state campaign MITRE ATT&CK in context – How techniques appear in real incidents Recognizing tradecraft patterns – What links behaviors across operations Sector-specific targeting – How industries influence attacker decisions Interactive analysis – Submit your guess before the reveal Watch the episode here: https://youtu.be/GyYTTMNyjCE?si=WynwmHS1psGN9KqO | 1h 32m 04s | ||||||
| 11/5/25 | S3 Ep48: Familiar Moves, Novel Grooves | *[LIVE] Out of the Woods: The Threat Hunting Podcast – Guess Who EditionNovember 19, 2025 | 12:00 - 1:30 PM ETSign Up: https://www.intel471.com/resources/podcasts/guess-who-the-adversary-edition-2----------Top Headlines: Secure Annex | SleepyDuck malware invades Cursor through Open VSX: https://secureannex.com/blog/sleepyduck-malware/ Arctic Wolf | UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities: https://arcticwolf.com/resources/blog/unc6384-weaponizes-zdi-can-25373-vulnerability-to-deploy-plugx/ Unit 42 | Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild: https://unit42.paloaltonetworks.com/microsoft-cve-2025-59287/ Unit 42 | Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack: https://unit42.paloaltonetworks.com/new-windows-based-malware-family-airstalk/ ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 41m 22s | ||||||
| 10/22/25 | S3 Ep47: Common, but Deadly | *Threat Hunting Management Workshop: The Business Value of Threat HuntingOctober 29, 2025 | 12:00 - 12:30 PM ETSign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting*[LIVE] Out of the Woods: The Threat Hunting Podcast – Guess Who EditionNovember 19, 2025 | 12:00 - 1:30 PM ETSign Up: https://www.intel471.com/resources/podcasts/guess-who-the-adversary-edition-2----------Top Headlines: Koi | GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace: https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace Cisco Talos Blog | BeaverTail and OtterCookie Evolve with a New Javascript Module: https://blog.talosintelligence.com/beavertail-and-ottercookie/ Synacktiv | LinkPro: eBPF Rootkit Analysis: https://www.synacktiv.com/en/publications/linkpro-ebpf-rootkit-analysis BleepingComputer | American Airlines Subsidiary Envoy Confirms Oracle Data Theft Attack: https://www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/?&web_view=true ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 1h 01m 56s | ||||||
| 10/14/25 | S3 Ep46: Here We Go Again... | *Threat Hunting Management Workshop: The Business Value of Threat HuntingOctober 29, 2025 | 12:00 - 12:30 PM ETSign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting----------Top Headlines: Cisco Talos | Velociraptor Leveraged in Ransomware Attacks: https://blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/ GBHackers Security | Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware: https://gbhackers.com/info-stealer-malware/?web_view=true FortiGuard Labs | New Stealit Campaign Abuses Node.js Single Executable Application: https://www.fortinet.com/blog/threat-research/stealit-campaign-abuses-nodejs-single-executable-application eSecurity Planet | AI Chatbots Used as Backdoors in New Cyberattacks: https://www.esecurityplanet.com/news/ai-exploited-prompt-injection/?&web_view=true ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 41m 14s | ||||||
| 10/3/25 | S3 Ep45: Think, McFly, Think | *Threat Hunting Management Workshop: The Business Value of Threat HuntingOctober 29, 2025 | 12:00 - 12:30 PM ETSign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting----------Top Headlines: LastPass | Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware: https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages Cisco Talos BlogCisco Talos Blog | How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/?&web_view=true Trend MicroTrend Micro | AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks: https://www.trendmicro.com/en_us/research/25/i/ai-powered-app-exposes-user-data.html?&web_view=true SentinelOne | Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware: https://www.sentinelone.com/labs/prompts-as-code-embedded-keys-the-hunt-for-llm-enabled-malware/ ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 42m 00s | ||||||
| 9/25/25 | S3 Ep44: If You Build It... Backdoors Will Open | Top Headlines: LastPass Labs | Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware: https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages Cisco Talos Blog | How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/?&web_view=true SentinelOne | Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware: https://www.sentinelone.com/labs/prompts-as-code-embedded-keys-the-hunt-for-llm-enabled-malware/ Trend MicroTrend Micro | AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks: https://www.trendmicro.com/en_us/research/25/i/ai-powered-app-exposes-user-data.html?&web_view=true ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 57m 32s | ||||||
| 9/18/25 | S3 Ep43: Invasion of the Modular Malware | *Threat Hunting Workshop: Hunting for Persistence - Level 2September 24, 2025 | 12:00 - 1:00 PM ETSign Up: https://www.intel471.com/resources/webinars/threat-hunting-workshop-16-hunting-for-persistence-level-2----------Top Headlines: Jamf Threat Labs | Learn about ChillyHell, a modular Mac backdoor: https://www.jamf.com/blog/chillyhell-a-modular-macos-backdoor/ SecureList | Malicious MCP servers used in supply chain attacks: https://securelist.com/model-context-protocol-for-ai-integration-abused-in-supply-chain-attacks/117473/?web_view=true Bitdefender Blog | EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company: https://www.bitdefender.com/en-us/blog/businessinsights/eggstreme-fileless-malware-cyberattack-apac welivesecurity | Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass: https://www.welivesecurity.com/en/eset-research/introducing-hybridpetya-petya-notpetya-copycat-uefi-secure-boot-bypass/ ----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/ | 56m 54s | ||||||
Showing 25 of 161
Pitch Fit is a Pro feature
See how bookable this show is for guests, which brands already advertise, the per-episode ad value, and the best-fit guest and sponsor profile. The numbers are blurred on the free plan.
How readily this show books outside guests like you.
How proven this show is for host-read sponsorships.
For Guests
ProFor Advertisers
ProUpgrade to Pro to unlock guest cadence, sponsor categories, fit scores, and per-episode ad value for this show.