Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Feed Claude Code a threat report URL and it'll search for compromise indicators across LimaCharlie tenants, confirm the environment is clean, then it'll create and deploy detection rules. The agent extracts IOCs, generates rule logic, validates through testing, and establishes continuous monitoring. Security teams can operationalize published threat intelligence without manual rule writing.

This week on the podcast, we cover a recent supply chain compromise involving the popular text editor Notepad++. After that, we discuss a recent vulnerability report in the Moltbook AI social network before ending with a deep-dive review of a recent remote code execution vulnerability in the N8N automation platform.

In this quick demo, I show how easy it is to install and start using Viberails: LimaCharlie’s agentic firewall. Viberails intercepts, audits, and validates AI agent tool calls before they execute, giving security teams control over agentic operations.

In this week's Intel Chat, Chris Luft and Matt Bromiley discuss how a malicious VS Code extension impersonated OpenClaw (formerly ClawdBot) to distribute remote access malware to developers. Matt breaks down a critical pattern: whenever there's a stampede toward new technology, threat actors will find a way to inject a malicious version of it. The episode also covers PeckBirdie (a JScript-based C2 framework), Shiny Hunters' massive phishing campaign, and a Russian cyberattack on Poland's power grid.

See Claude Code execute a parallel IOC hunt for a suspicious IP across multiple LimaCharlie organizations. The agent enumerates all available tenants, launches concurrent searches, normalizes results into match categories, and reports positive hits with sensor details, timestamps, and occurrence counts. Security teams can investigate threats across their entire fleet without manually querying each tenant.

This week on the podcast, we cover a Politico report detailing a security lapse at CISA in the United States involving sensitive data and a public version of ChatGPT. Next, we dive into a couple of recently resolved vulnerabilities in the SolarWinds Web Help Desk application. Finally, we end with some closure on a story about two Coalfire penetration testers who were arrested several years ago for completing a penetration test in Iowa.

Watch Claude Code generate production-ready Cobalt Strike detection rules in LimaCharlie. The agent defines detection requirements, creates rule logic for high-signal patterns, validates syntax, and deploys rules to the tenant. Named-pipe indicators and process-based signatures are tested against positive and negative controls to confirm accuracy. Security teams can operationalize threat-specific detections in minutes instead of hours.