SN 1078: DigiCert does it right - Hugging Face Under Fire
From Security Now (Video) by TWiT
May 13, 2026 · 2h 41m · Episode 1078
About this episode
The episode discusses DigiCert's security mishap and its implications, along with various security topics including router firmware updates and malware in AI repositories.
DigiCert's latest security mishap triggered not just a scramble behind the scenes, but a cascading crisis that briefly wiped trust from millions of Windows systems. Find out how a single support slip, followed by Microsoft's heavy-handed response, left critical infrastructures exposed. The FCC decides router firmware updates are useful. Netgear applies for and gets a full FCC pass. AI uncovers a 21-year old critical FreeBSD RCE. What was behind that Let's Encrypt outage. AI model repositories are overflowing with malware. The CISA 2015 info-sharing act is being renewed. Edge leaves ALL usernames and passwords in the clear. An examination of DigiCert's breach and their response Show Notes - https://www.grc.com/sn/SN-1078-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now . You can submit a question to Security Now at the GRC Feedback Page . For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com , also the home of the best disk maintenance and recovery utility ever written Spinrite 6 . Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video…
People in this episode
Hosts: Steve Gibson, Leo Laporte
Topics covered
- security mishap
- trust issues
- router firmware updates
- malware in AI repositories
- critical vulnerabilities
- CISA info-sharing act
- password security
Keywords
- DigiCert
- Microsoft
- FCC
- malware
- FreeBSD
- Let's Encrypt
- Edge
- security breach
- router updates
- CISA
Sponsors
Club TWiT, cyberhoot.com, guardsquare.com, doppel.com, outsystems.com, threatlocker.com
Mentioned in this episode
Organizations: DigiCert, Microsoft, FCC, Netgear, CISA, Let's Encrypt, FreeBSD, Edge
More episodes of Security Now (Video)
- SN 1082: The Malicious Use of AI - Anthropic's Red Team Report · June 10, 2026 · 2h 37m
- SN 1081: AI Captured the Flag - Personal AI: Productivity Superpower or Privacy Threat? · June 3, 2026 · 3h 20m
- SN 1080: Vulnerability Debt Repayment - Will Mythos Change Cybersecurity Forever? · May 27, 2026 · 2h 44m
- SN 1079: Daybreak and Codename MDASH - Microsoft's Edge Password Blunder · May 20, 2026 · 2h 52m
- SN 1077: A Browser AI API? - End of Bug Bounties? · May 6, 2026 · 2h 35m
- SN 1076: FAST16.SYS - Unmasking the NSA's Most Diabolical Digital Sabotage · April 29, 2026 · 2h 35m
Explore listener stats, chart rankings, contacts and more on the Security Now (Video) podcast page.