In this week’s episode of the InfoSec.Watch Podcast, hosts Grant Lawson and Sloane Parker break down the security stories that defenders can’t afford to ignore.

The episode opens with urgent patching guidance for an actively exploited WatchGuard IKEv2 VPN remote code execution flaw, followed by analysis of “MongoBleed” (CVE-2025-14847)—a memory disclosure vulnerability in MongoDB now seeing real-world exploitation. Grant and Sloane walk through not just why these issues matter, but what defenders should be doing after patching, including log review, threat hunting, and hardening exposed services.

The discussion then turns to a growing threat targeting security teams themselves: malicious GitHub proof-of-concept repositories that masquerade as exploit code but actually deploy WebRAT malware. The hosts explain how researchers and blue teams can safely handle PoCs without becoming the next breach.

Other highlights include:

• A breakdown of the Aflac breach notification affecting 22.65 million individuals and why incident response doesn’t end at containment
• Ongoing DDoS disruptions impacting French postal and banking services, with a focus on operational resilience and customer communication
• A Vulnerability Spotlight on a critical SmarterMail flaw enabling arbitrary file upload and likely RCE
• Tool of the Week: Praetorian’s Gato, which maps attack paths in CI/CD environments using GitHub Actions and self-hosted runners
• A Deep Dive into the accelerating weaponization of AI-driven phishing campaigns

The episode wraps with an Actionable Defense Move of the Week, outlining a formal, repeatable process for safely handling exploit code, and a Final Word on why fundamentals—patching, exposure management, and disciplined workflows—still define the fastest path to compromise.

For full analysis, links, and takeaways, subscribe to the newsletter at infosec.watch and follow along on X, LinkedIn, and Facebook.