SN 1078: DigiCert does it right - Hugging Face Under Fire
From Security Now (Audio) by TWiT
May 13, 2026 · 2h 41m · Episode 1078
About this episode
The episode discusses DigiCert's security mishap and its implications, along with various related security topics.
DigiCert's latest security mishap triggered not just a scramble behind the scenes, but a cascading crisis that briefly wiped trust from millions of Windows systems. Find out how a single support slip, followed by Microsoft's heavy-handed response, left critical infrastructures exposed. The FCC decides router firmware updates are useful. Netgear applies for and gets a full FCC pass. AI uncovers a 21-year old critical FreeBSD RCE. What was behind that Let's Encrypt outage. AI model repositories are overflowing with malware. The CISA 2015 info-sharing act is being renewed. Edge leaves ALL usernames and passwords in the clear. An examination of DigiCert's breach and their response Show Notes - https://www.grc.com/sn/SN-1078-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now . You can submit a question to Security Now at the GRC Feedback Page . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com , also the home of the best disk maintenance and recovery utility ever written Spinrite 6 . Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video…
People in this episode
Hosts: Steve Gibson, Leo Laporte
Topics covered
- security mishap
- trust issues
- router firmware updates
- malware in AI repositories
- DigiCert breach
- Let's Encrypt outage
- CISA info-sharing act
Keywords
- DigiCert
- Microsoft
- FCC
- Netgear
- FreeBSD
- malware
- security breach
- router firmware
- Let's Encrypt
- CISA
Sponsors
CyberHoot, Guardsquare, Doppel, OutSystems, ThreatLocker
Mentioned in this episode
Organizations: DigiCert, Microsoft, FCC, Netgear, CISA
Products: FreeBSD
More episodes of Security Now (Audio)
- SN 1082: The Malicious Use of AI - Anthropic's Red Team Report · June 10, 2026 · 2h 37m
- SN 1081: AI Captured the Flag - Personal AI: Productivity Superpower or Privacy Threat? · June 3, 2026 · 3h 20m
- SN 1080: Vulnerability Debt Repayment - Will Mythos Change Cybersecurity Forever? · May 27, 2026 · 2h 44m
- SN 1079: Daybreak and Codename MDASH - Microsoft's Edge Password Blunder · May 20, 2026 · 2h 52m
- SN 1077: A Browser AI API? - End of Bug Bounties? · May 6, 2026 · 2h 35m
- SN 1076: FAST16.SYS - Unmasking the NSA's Most Diabolical Digital Sabotage · April 29, 2026 · 2h 35m
Explore listener stats, chart rankings, contacts and more on the Security Now (Audio) podcast page.