Cyber Security Headlines – Episode Summary

Podcast: Cyber Security Headlines
Host: Steve Prentiss (CISO Series)
Date: October 31, 2025
Episode: LinkedIn AI opt-out, NSA leadership candidates, Python foundation withdraws

Episode Overview

This episode delivers a concise round-up of the day’s most urgent cybersecurity news, covering stories such as LinkedIn’s AI data collection policy, changes in NSA leadership, the Python Software Foundation’s stance on DEI restrictions, notable cyberattacks, and updates on quantum computing outages. Hosted in a serious, news-centered tone, Steve Prentiss provides both context and expert insights on stories impacting the global cybersecurity community.

Key Discussion Points and Insights

1. LinkedIn AI Training Data Collection – User Opt-Out Deadline

(Timestamp: 00:08–01:16)

• Policy Change: LinkedIn announces that starting Monday, November 3rd, it will begin using profile details, public posts, feed activity, and more from users in the UK, EU, Switzerland, Canada, and Hong Kong to train its AI models.
• Exclusions: Private messages are not included.
• Implications: Data will also be shared with Microsoft entities for more personalized advertising.
• User Action: Deadline to opt out is Monday, November 3rd.
• Quote:

  "LinkedIn users have until Monday to opt out of its AI training program."
  — Steve Prentiss (00:10)

• Tone: Cautious, emphasizing user rights and transparency concerns.

2. NSA Leadership Shake-Up

(Timestamp: 01:16–01:48)

• Background: Army Lt. Gen. William Hartman has been serving as acting NSA head; the agency is expected to appoint a new permanent leader soon.
• Candidates: Army Lt. Gen. Paul Stanton and Air Force Lt. Gen. Thomas Hensley are named as frontrunners.
• Quote:

  "The National Security Agency is apparently readying a number of senior personnel moves meant to reinvigorate the organization."
  — Steve Prentiss (01:21)

• Significance: Signals possible changes in U.S. cybersecurity leadership doctrine.

3. Python Software Foundation Withdraws from U.S. Grant

(Timestamp: 01:48–02:29)

• Reason: The foundation pulled out of a $1.5M National Science Foundation research grant due to contract language prohibiting DEI (Diversity, Equity, and Inclusion) initiatives.
• Statement: Lauren Crary, Deputy Executive Director, states incompatibility with DEI restriction.
• Quote:

  "The organization could not agree to language in the contract that required a confirmation that the foundation would not operate any programs that advance or promote diversity, equity and inclusion."
  — Steve Prentiss quoting Lauren Crary (02:10)

• Context: Illustrates the intersection of open source security and evolving U.S. policy environments.

4. Business Rival Credits Marks & Spencer Cyber Attack for Profit Surge

(Timestamp: 02:29–03:10)

• Context: Next, a UK retailer, reports that its sales overperformed after a cyberattack disrupted rival Marks & Spencer’s operations.
• Market Impact: Online-first competitors benefited from the disruption, while non-digital retailers did not.
• Quote:

  "Next reported that it was, 'continuing to see sales overperform in the wake of a cyberattack on its rival Marks & Spencer.'"
  — Steve Prentiss (02:35)

• Insight: Explores secondary victimization and ecosystem ripple effects of cyberattacks.

5. Dentsu’s U.S. Unit (Merkle) Suffers Data Breach

(Timestamp: 03:29–04:10)

• Details: Merkle had files with supplier, client, and employee payroll/national insurance data stolen.
• Unknowns: The nature of the breach (ransomware or otherwise) is undisclosed.
• Quote:

  "Merkel…suffered an attack recently that resulted in the theft of files exposing… supplier, client and employee data including personal payroll national insurance details."
  — Steve Prentiss (03:40)

• Takeaway: Yet another example of the targeting of supply chain and service providers.

6. WhatsApp Adds Passkey for Encrypted Backup

(Timestamp: 04:10–04:45)

• Update: New passkey protection added to end-to-end encrypted WhatsApp backups, simplifying recovery if users lose their device.
• Steps: Can be managed via Settings > Chat > Chat Backup.
• Quote:

  "The addition of a passkey removes the need to dig up the recovery password."
  — Steve Prentiss (04:35)

• Benefit: Improves account and backup security for users worldwide.

7. Cloud Atlas Hackers Target Russian Agriculture

(Timestamp: 04:45–05:29)

• Incident: Phishing emails disguised as official event messages used to target Russia’s agricultural sector ahead of an industry forum.
• Technical Detail: Malicious files exploit an old Microsoft Office flaw active since 2017.
• Quote:

  "The hackers sent phishing emails disguised as the event's official program containing a malicious file that exploited an old Microsoft Office flaw active since 2017."
  — Steve Prentiss (05:15)

• Relevance: Shows ongoing risks of unpatched software and sector-specific espionage.

8. IBM Cloud Quantum Computer “Aachen” Offline

(Timestamp: 05:29–06:13)

• Issue: IBM’s Aachen quantum computer (Germany-based) is temporarily unavailable in the Qiskit runtime service.
• Technical Note: Quantum computers are inherently unstable and outages/failures are not uncommon at this stage of technology.
• Quote:

  "It can be difficult to maintain a qubit in a stable state and therefore current quantum machines can produce errors or just fail to finish a job."
  — Steve Prentiss (06:04)

• Perspective: A realistic view on quantum technology’s operational reliability in 2025.

Notable Quotes & Memorable Moments

| Timestamp | Speaker | Quote | |-----------|----------------|----------------------------------------------------------------------------------------------------------------------------------| | 00:10 | Steve Prentiss | "LinkedIn users have until Monday to opt out of its AI training program." | | 02:10 | Prentiss/Crary | "The organization could not agree to language in the contract that required a confirmation that the foundation would not operate any programs that advance or promote diversity, equity and inclusion." | | 04:35 | Steve Prentiss | "The addition of a passkey removes the need to dig up the recovery password." | | 05:15 | Steve Prentiss | "The hackers sent phishing emails disguised as the event's official program containing a malicious file that exploited an old Microsoft Office flaw active since 2017." | | 06:04 | Steve Prentiss | "It can be difficult to maintain a qubit in a stable state and therefore current quantum machines can produce errors or just fail to finish a job." |

Important Timestamps

• 00:08–01:16 – LinkedIn AI opt-out details
• 01:16–01:48 – NSA leadership update
• 01:48–02:29 – Python Foundation/NSF grant withdrawal
• 02:29–03:10 – Next and Marks & Spencer cyberattack fallout
• 03:29–04:10 – Dentsu/Merkle breach
• 04:10–04:45 – WhatsApp passkey rollout
• 04:45–05:29 – Cloud Atlas cyberespionage
• 05:29–06:13 – IBM Aachen quantum computer outage

Episode Tone and Style

• Language: Professional, concise, and informative
• Delivery: Newsroom-style, focused on headline clarity and factual reporting

This episode provides a robust briefing on top cybersecurity headlines with clear implications for professionals and organizations monitoring current threats, policy changes, and technology evolution.