Cybersecurity Today Cybersecurity Today: CloudFlare Outage, Microsoft's AI Risk, New Red Team Tool, and More!
Nov 19, 2025
This episode dives into the recent Cloudflare outage that disrupted major services like OpenAI and Discord. Microsoft’s new AI feature raises eyebrows with potential malware risks. A cutting-edge red team tool is introduced, which exploits cloud-based EDR systems. Interestingly, attackers are now using calendar invites as a stealth phishing tactic. A critical SAP vulnerability, scoring a perfect 10 on the CVSS scale, demands immediate attention. Plus, an AI mishap leads to a bizarre escalation attempt to the FBI!
AI Snips
Chapters
Books
Transcript
Episode notes
Single File Brought Down Many Sites
- Cloudflare's outage was caused by an oversized auto-generated configuration file that crashed traffic-handling software.
- The company found no evidence of attack and promised a post-mortem and fixes to prevent recurrence.
Enable Agentic AI Only With Caution
- Only enable Windows 11 agentic AI if you understand the security implications and trust administrators on the device.
- Keep the feature off by default and require human approval for sensitive agent actions when testing.
Agentic AI Expands Local Attack Surface
- Agentic AI runs as local accounts with access to core folders, creating a new attack surface for prompt injection.
- Microsoft requires logging and human approvals but admits no apps currently use the feature yet.
