Workday launches Agent Passport for AI verification

White House sets 2030, 2031 PQC deadlines

Post-quantum cryptography just moved from long-term planning into near-term compliance. The US government has set firm deadlines that will ripple across contractors, vendors, and global standards, forcing organizations to confront how little they actually know about their own cryptographic footprint. This matters because most teams are not prepared for the operational side of this shift. Inventorying cryptography, managing keys, and migrating systems under deadline pressure will expose gaps in visibility and control. At the same time, attackers are exploiting identity layers like OAuth tokens and firewall-level credential capture, while AI pushes security teams toward automated patching as the new baseline. Also covered: the Klue breach and OAuth token risk, OpenAI's move into automated remediation, FortiBleed turning firewalls into credential harvesters, and key updates from GitHub, FinCEN, and others. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

OpenAI Daybreak moves from bugs to patches

Security is shifting from finding vulnerabilities to fixing them at machine speed. OpenAI's latest moves signal that automated remediation is becoming the new baseline, not an advantage. For security and IT leaders, this changes how teams should operate. Backlogs are no longer acceptable, and tools that cannot generate and apply fixes will fall behind. At the same time, AI is moving into enforcement layers, supply chain breaches are exposing sensitive data outside traditional perimeters, and a live zero-day in Microsoft Defender highlights how quickly risk can evolve. Also covered: Check Point embedding AI into production defenses, the Tata Electronics breach impacting Apple and Tesla data, and active exploitation trends across widely used platforms. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

GentleKiller uses BYOVD to kill EDRs

Ransomware operators are no longer trying to evade detection. They are disabling endpoint defenses at the kernel level before attacks even begin, changing how security teams need to think about control and visibility. This shift matters because many security strategies assume tools will stay active long enough to respond. At the same time, law enforcement is exposing how ransomware depends on large-scale identity fraud to turn crypto into cash. Together, these trends point to two pressure points: kernel access and identity assurance. In this episode, we cover the GentleKiller EDR takedown approach, the AudiA6 laundering network, Malaysia's push toward national digital identity, and a Bluetooth flaw that turns everyday devices into potential listening points. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Gravity SMTP flaw leaks WordPress API keys

A WordPress plugin flaw is exposing API keys, and attackers are already using it to move beyond simple exploits into account takeover and lateral access. This is not just a CMS issue. It is a reminder that secrets management failures can quickly become identity incidents. For security and IT leaders, the takeaway is immediate. Email infrastructure, API keys, and integrations now sit directly on the identity boundary. At the same time, vendor risk and AI cost control are becoming operational pressures that require proactive planning, not reactive fixes. This episode also covers VMware pricing fallout, a claimed breach of a major water utility, and growing limits on enterprise AI usage. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Klue breach weaponized OAuth tokens into CRM exfiltration

A breach at Klue shows how attackers are shifting away from breaking core systems and instead exploiting trusted integrations. By stealing OAuth tokens, they turned normal API access into a high-speed data exfiltration path inside Salesforce environments. This matters because most organizations do not tightly manage their integrations, token lifecycles, or non-human identities. At the same time, a critical Splunk vulnerability is already being exploited, and AI is now acting directly inside financial systems like QuickBooks. These changes are expanding the attack surface in ways traditional controls are not designed to handle. Also covered: a major law enforcement operation disrupting SocGholish infrastructure, new warnings on FortiGate exposure, and why phishing is becoming more precise even as volume drops. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]