Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 335
Jan 7, 2026
Discover how fake proof-of-concept repos on GitHub spread WebRat malware, and why blindly trusting random POCs is risky for security teams. Explore the alarming MongoDB 'MongoBleed' vulnerability and its implications. Tune in for insights on the FortiGate LDAP bypass issue, which highlights critical authentication bugs. The hosts also discuss the intricate Oracle E-Business Suite hack, detailing its exploit chain and the challenges of timely patching. Dive into the complexities of zero-day detection and why many vulnerabilities remain overlooked.
AI Snips
Chapters
Books
Transcript
Episode notes
Fake POCs Target Security Teams
- Security teams are now direct targets because attackers weaponize fake POCs on GitHub to trick researchers into running malware.
- Jerry Bell and Andrew Kallett warn to treat random POCs with high skepticism and isolate testing environments.
Sandbox POCs And Vet Sources
- Do run untrusted proof-of-concept code only in isolated sandboxes or test systems to limit blast radius.
- Avoid downloading POCs from unknown GitHub repos and establish a web-of-trust for reputable researchers.
Exposure Magnifies Zero-Day Risk
- Exposed internet-facing databases remain a high-risk pattern that keeps getting exploited around holidays.
- Both hosts emphasize minimizing internet exposure to reduce automated mass scanning and exploitation.
