Daily Cyber Threat Brief Podcast

Episode 1068: Feb 13’s Top Cyber News NOW!

Host: Dr. Gerald Auger (Simply Cyber Media Group)
Date: February 13, 2026

Episode Overview

This episode delivers the latest cybersecurity headlines and expert commentary for practitioners, leaders, and newcomers alike. Dr. Gerald Auger shares his spontaneous, unfiltered reactions and insights on eight major stories, focusing on the real-world impact for defenders, organizations, and individuals. Listeners are encouraged to stay vigilant, learn in community, and adapt as threat landscapes and technologies evolve—especially as AI and geopolitics reshape risk.

Key News Stories & Insights

1. Hackers Abusing Gemini AI for All Attack Stages ([13:28])

Source: Google Threat Intelligence Group

• Threat actors from China, Iran, North Korea, and Russia are leveraging Google’s Gemini LLM for every phase: target profiling, phishing, translation, coding, vulnerability testing, and social engineering.
• Techniques include using an “expert cybersecurity persona” prompt to automate vulnerability analysis and testing.

Dr. Auger’s Insights:

• “This should come as no surprise—Gemini, Claude, ChatGPT, roll-your-own LLM… all are being abused by attackers at every stage. We as defenders have to do the same to keep up.” [15:07]
• Highlights the acceleration of both attack and defense due to AI. Security programs overly focused on “protect” (vs. “detect/respond/recover”) will struggle as attacks outpace legacy controls.
• Advocates for maturing incident response: “In 2026, you can’t just protect—you have to be wicked effective at detection and response.” [16:18]

“For years and years... many cybersecurity programs focus on identify and protect only. Detect, respond, and recover is left as a nice-to-have. In 2026, that gets you burnt badly.” [18:25]

2. Apple Patches Decades-Old iOS 0-day ([21:54])

• Vulnerability (in Dyld dynamic linker) affects “every iOS version since 1.0” and has been abused in highly targeted attacks.
• Patch is large (“10 gig patch”); discovered by Google’s Threat Analysis Group and highlighted by Huntress.

Dr. Auger’s Insights:

• “Even Apple is vulnerable! This myth has been busted for years.” [22:48]
• Compares the flaw to a doorman handing out ‘superkeys’ to attackers.
• Urges immediate patching, but notes ordinary users are likely at low risk; highest concern is for “high-value” targets (e.g., political or tech leaders).

“Decades-old vulnerability… There’s vulnerabilities for everybody. Don’t let imposter syndrome convince you you can’t find one.” [27:46]

3. Potential DHS Funding/CISA Shutdown ([28:48])

• DHS and its cybersecurity agency CISA face possible funding lapse, which would force most staff to work without pay or stay home.
• 888 employees designated to work through shutdown (no pay).

Dr. Auger’s Take:

• “What a dynamite opportunity—you too can work for free!” [29:26]
• Describes the blunt realities: “The whole social contract is, I give you my time and you give me money… To be designated ‘you work for free’? Don’t know about you, but I have bills.”
• Explains the wider context of U.S. administrative/political strife affecting critical cyber defense capabilities.
• Advises organizations dependent on CISA intel or services to be aware of this risk.

4. Russia Throttles Telegram/WhatsApp for State Messaging App ‘MaxMax’ ([33:34])

• Russia’s regulator slows Telegram and blocks WhatsApp to drive adoption of its own government-backed messaging app (MaxMax), modeled after China’s WeChat.

Dr. Auger’s Commentary:

• “Big Brother in action… do you think for a minute the state app isn’t backdoored?” [38:10]
• Notes the familiar justification—security against ‘extremism’—but warns of privacy, surveillance, and authoritarian overreach.
• Explains the power tradeoff in sacrificing privacy for ‘safety’ and the ease with which tech can be weaponized for population control.

“My son, dude, 7-year-old Jerry could have seen this coming. This is such… I mean, it’s Big Brother.” [38:55]

5. NYC Testing AI Cameras in Subway Fare Gates ([45:31])

• MTA pilots gates using AI to spot fare evaders and provide physical descriptions to authorities.
• Raises red flags from privacy advocates.

Dr. Auger’s Reflections:

• “Not strictly a cyber story, but a privacy one. Security pros aren’t privacy pros—but there’s overlap at confidentiality.” [46:13]
• Considers the outcome: How practical is enforcement? What’s the real intention? “This just screams justification for more mass surveillance, more AI facial recognition, more monitoring.”
• Warns of “mission creep”—examples where surveillance tech used for minor issues later targets unsuspecting innocents (e.g., Girl Scout leader at MSG).

6. InfoStealers, MacOS, & AI Supply-Chain (“Claw” Ecosystem) ([51:39])

Source: Flare Security

• Flare’s report shows infostealers are foundational to cybercrime, enabling stolen digital identities to fuel a mature “as-a-service” ecosystem.
• New campaigns abuse popular/AI software supply chains, including open-source “OpenClaw” marketplace, to target macOS—especially Mac users in exec roles.

Dr. Auger’s Analysis:

• “Executives love Macs—and now info stealers target them via AI tool chains… It’s a cesspool out there for malicious extensions.” [52:40]
• Strong warning: “If your org uses OpenClaw or similar, you must amp up user education. Identity is the new perimeter.”

7. Volvo Group Data Breach via Conduent Vendor ([57:40])

• Hackers had access to Conduent’s network for more than a year before being discovered, compromising 17,000 Volvo Group employees (PII, health insurance, medical data).
• Second vendor-related incident for Volvo in months.

Dr. Auger’s Response:

• “Over a year in? That’s gross in 2026.” [58:41]
• Gives a shoutout to “the hardest-working Attorney General in privacy,” referencing Maine’s relentless breach notifications.
• Emphasizes ongoing supply chain and third-party risks: “If you have anything to do with Volvo Group, your data is out there.”

8. L3Harris/Trenchant Employee Sold Exploits to Russian Broker ([61:02])

• Ex-employee (Peter Williams, 39) sold 8 hacking tools and 0-days worth $1.3 million in crypto to a Russian company serving state clients.

Dr. Auger’s Take:

• “Silly games, silly prizes… You regret it? No, you regret being caught and facing jail. This is Lord of War but with cyber.” [61:58]

Notable Quotes & Memorable Moments

On AI Speed and Security Gaps:

“Threat actors will move at AI speed, and if your security program looks like it was built in 1996, you’re gonna have a horrible day.” [18:03]

On Apple’s Decade-Old Flaw:

“Even Apple is vulnerable. For all the imposter syndrome people… there are vulnerabilities for everybody.” [27:46]

On Russia’s Messaging App Move:

“If you believe the state messaging app isn’t surveilled at the backend, I have a bridge to sell you.” [38:45]

On Career Networking:

“We don’t live in a meritocracy. Relationships and visibility matter more than being valedictorian.” [86:42]

On AI-Generated Resumes:

“If you just prompt ‘write me a resume’, it’s going to stink. AI can make you faster, but you need to direct it, refine it, answer its questions.” [87:31]

On Cyber & Privacy:

“Security pros aren’t privacy pros. Privacy isn’t just about confidentiality in the CIA triad, but that’s where they overlap.” [46:13]

Career Advice & Jawjacking Q&A (from 71:00+)

How to break into cybersecurity without experience:

• Build and maintain your network—don’t just ask for jobs, deliver value, stay top-of-mind to people you interned with (e.g., share tools, insights, post on LinkedIn).
• “Have a portfolio; but don’t wait for people to come to you—bring it to them, make it valuable and visible.” [97:33]
• Document your home lab/cloud projects (e.g., Terraform, OpenClaw), share lessons learned, and keep iterating.
• Tailor your resume with AI, but don’t rely on “vibe coding”—refine, personalize, answer follow-up questions.

Q&A on AI Use in the Workplace:

• Use AI as research augmentation for building resumes, prepping for interviews, and automating menial tasks.
• Companies are increasingly using AI to screen for AI-generated resumes—purely generic submissions get filtered out.
• “If a company says ‘you can’t use AI,’ I don’t want to work there. That’s like not using the Internet in 2000.” [92:57]

Q&A on Privacy, Healthcare and Protecting Yourself Post-Breach:

• Healthcare breaches are common due to priority on patient safety, transient users, massive tech footprint, and vendor remote access. Very hard for individuals to “prevent” compromise; best you can do is vigilance and hygiene.

Special Segments

At [40:03]: James McQuiggan @ 35,000ft — “Joke of the Week”

• “What did one volcano say to the other? I lava you.”
• “Who always has a date on Valentine’s Day? A calendar.”
• “Two WiFi routers got married—the reception was amazing.”

Timestamps for Important Segments

| Timestamp | Segment/Event | |:-----------|:---------------------:| | 13:28 | Gemini AI Attacks | | 21:54 | Apple iOS 0-day Patch | | 28:48 | DHS/CISA Shutdown | | 33:34 | Russia Messaging Apps | | 45:31 | NYC AI Fare Cameras | | 51:39 | InfoStealers/Mac/Claw | | 57:40 | Volvo Group Breach | | 61:02 | L3Harris Exploit Sale | | 71:00 | Career/AMA segment | | 40:03 | Joke Segment |

Final Thoughts

• Cybersecurity programs must move beyond “protect” to excel in detection, response, and recovery—especially as adversaries leverage AI for acceleration.
• AI is transforming both offense and defense; defenders who don’t adapt will fall behind.
• Third-party and supply chain risks persist, as do challenges in data privacy and surveillance.
• Career success in cybersecurity is governed by relationships, visibility, and continuous learning, not just credentials or technical skill.
• “You can do this all day”—show up, be consistent, keep moving forward with community support.

For daily briefings, career tips, and to join the live stream:
Visit Simply Cyber at 8 AM ET weekdays.
For events, resources, and social links: simplycyber.io/schedule