Cisco patches critical ISE command-exec flaw

UK banks pilot consent-led reusable digital ID

Banks are moving into identity, and that could reshape how authentication and onboarding work across the digital economy. A new UK pilot shows how bank-verified identity attributes may become reusable across services, shifting control away from fragmented KYC systems. For security and IT leaders, this signals a change in where trust lives. Identity may consolidate around institutions that already hold strong signals, while access to advanced AI tools becomes uneven and employee behavior continues to outpace policy. The result is a more fragmented, less controllable environment that requires new approaches to integration, governance, and visibility. This episode also covers OpenAI's restricted GPT-5.6 launch, the rise of shadow AI in the workplace, and a new browser-based surveillance technique using WebRTC. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Bucket hijacking silently reroutes cloud audit logs

A new cloud attack pattern is quietly undermining one of the most trusted parts of your security stack: logging. By deleting and recreating storage buckets, attackers can reroute audit logs without triggering alerts, leaving teams blind while data continues to flow. This matters because detection, response, and forensics all depend on trustworthy telemetry. At the same time, access to advanced AI security models is becoming restricted by governments, creating uneven capabilities across organizations. Add in a breach that disrupted core insurance risk calculations, and the pattern is clear: control over data and tools is becoming a primary risk surface. We also cover consolidation in industrial security, AI orchestration trends, and the rise of automated exploit discovery. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Amazon Q repo bug steals AWS creds

AI developer tools and modern supply chains are introducing new paths to credential theft and account compromise. Today's episode focuses on how routine actions like opening a repository or running a build can now trigger silent execution and expose sensitive access. For security and IT leaders, the shift is structural. Trust boundaries are moving closer to developer workflows, build systems, and browser sessions. That means traditional controls like MFA, dependency scanning, and perimeter defenses are no longer enough on their own. The focus needs to move toward execution paths, session integrity, and tighter control over tooling behavior. We also cover a new coordinated effort to secure open source dependencies before they are exploited, along with emerging phishing techniques that render MFA ineffective. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Five Eyes: frontier AI cyber risk soon

Frontier AI is collapsing the time between vulnerability discovery and exploitation, and security teams are running out of buffer. This episode breaks down the latest warning from Five Eyes cyber agencies and what it means for how quickly organizations need to act. The shift is not about new tools. It is about speed, identity control, and treating cyber risk as a core business function. When attackers can automate discovery and movement, delays in patching and weak access controls become immediate exposure. The episode also explains why credential theft remains the primary entry point for most attacks and how that shapes defensive priorities. We also cover Operation Endgame disrupting infostealer infrastructure, a Cisco SD WAN zero day with control plane impact, and new federal guidance pushing SASE under TIC 3.0. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

White House sets 2030, 2031 PQC deadlines

Post-quantum cryptography just moved from long-term planning into near-term compliance. The US government has set firm deadlines that will ripple across contractors, vendors, and global standards, forcing organizations to confront how little they actually know about their own cryptographic footprint. This matters because most teams are not prepared for the operational side of this shift. Inventorying cryptography, managing keys, and migrating systems under deadline pressure will expose gaps in visibility and control. At the same time, attackers are exploiting identity layers like OAuth tokens and firewall-level credential capture, while AI pushes security teams toward automated patching as the new baseline. Also covered: the Klue breach and OAuth token risk, OpenAI's move into automated remediation, FortiBleed turning firewalls into credential harvesters, and key updates from GitHub, FinCEN, and others. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]