SN 1075: Yes. Exactly. - The Zero-Day Ticking Clock
Security Now (Audio)
Leo Laporte
4.6 • 2.3K Ratings
🗓️ 21 April 2026
⏱️ 160 minutes
🧾️ Download transcript
Summary
Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch?
- A disgruntled developer discloses multiple Windows 0-days.
- Microsoft purchases its own bugs in massive campaign.
- VeraCrypt & Wireshark suddenly lost their dev accounts.
- A serious problem with re-captured domain names.
- How might AI help to secure open source repositories.
- A listener wonders what we thought of Project Hail Mary.
- Cyber security professionals tell us What Mythos Means
Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit
Sponsors:
Transcript
Click on a timestamp to play from that location
| 0:00.0 | It's time for security now. Steve Gibson is here. He's got some more thoughts on Project Mythos, |
| 0:07.2 | the new super smart AI that can find security flaws. He's saying, you know what, this isn't |
| 0:14.7 | hype. And he's got some real evidence behind it. We'll talk about Microsoft buying its own bugs back and ignoring other ones. |
| 0:24.8 | And what, uh, what do Steve think of Project? How Mary? Yeah, even that. Coming up next on |
| 0:30.9 | Security Now. |
| 0:34.1 | Podcasts you love from people you trust this is twit this is security now with |
| 0:45.5 | steve gipson episode one thousand seventy five recorded tuesday april 21st 26 yes exactly it's |
| 0:54.1 | time for security now yay tuesday Tuesday has come. You've been waiting all week |
| 0:58.4 | long to hear from this guy right here. Steve Gibson, the man in charge at security now. |
| 1:04.4 | Hey, Steve, good afternoon to you. |
| 1:06.2 | Leo, great to be with you again, as always. I got some feedback from the 20 000 plus listeners who joined my |
| 1:17.0 | email list to receive the show notes yeah um as a consequence of my own schedule over the weekend i needed |
| 1:25.4 | to start work on this Friday. |
| 1:28.2 | I finished Saturday afternoon and immediately sent out the show notes. |
| 1:33.4 | And the feedback was, wait, is it Sunday? |
| 1:37.9 | People are paying attention, Steve. |
| 1:39.7 | You can't pull one over on that. |
| 1:41.0 | Unfortunately, they're paying very close attention because I also, because I, my emailing system |
| 1:47.0 | assumed that I would be doing the emailing in the morning of the podcast, it auto fills the |
| 1:54.6 | day's date at the top of the email. |
| 1:58.0 | But since I'm sending the mailing out typically on Sundays and occasionally on a Saturday, |
| 2:04.7 | I have to go in and remove the placeholder for the auto fill and replace it with the actual date. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Leo Laporte, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Leo Laporte and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.