34 episodes
- Your update dashboard keeps climbing. Not ten fixes, not fifty. Two hundred and six security patches waiting for approval, and everyone is asking if work stops now. That was June 2026, the largest Patch Tuesday on record.
This episode covers why record patch volumes are becoming normal, what AI-assisted vulnerability discovery has to do with the bug pipeline, how to prioritize under pressure with a four-lens triage framework (exploitability, exposure, impact, compensating controls), and why the real problem is not volume but the speed mismatch between finding bugs and fixing them. We walk through CVE-2026-45657, the wormable kernel issue rated CVSS 9.8, and what that severity score actually means for your risk timeline. You will also get a practical approach to building a 24-hour critical patch lane, classifying assets before the next wave, and using temporary containment when patching must wait.
This is for IT leaders managing emergency change windows, security teams ranking exploit paths, and business leaders deciding when downtime is justified.
One Topic, Ten minutes, No panic.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene - Your profile photo vanishes. Your email is changed. A password reset you never requested lands in someone else's inbox. You're locked out of your own Instagram account, and you didn't click a single suspicious link.
In early 2026, attackers manipulated Meta's AI support chatbot to approve password resets on roughly 20,225 Instagram accounts over seven weeks. This episode breaks down how social engineering evolved from targeting human support reps to exploiting AI-powered customer service systems. We cover identity verification failures, how chatbots became part of the security boundary, the policy response led by California Attorney General Rob Bonta and 40 state attorneys general, and the difference between traditional phishing and trust-layer manipulation. You'll hear why separating chat from authority matters, what phishing-resistant multi-factor authentication means, and how to apply throttling, anomaly detection, and tabletop exercises for bot abuse.
This is for anyone managing Instagram accounts, security teams integrating AI support tools, and developers building customer service automation who need to understand where convenience meets risk.
One Topic, Ten minutes, No panic.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene - Your firewall is supposed to be the thing that keeps attackers out. FortiBleed is the story of what happens when it becomes the way in.
In June 2026, roughly 86,644 sets of working Fortinet credentials turned up circulating among attackers across 194 countries. On June 18th, CISA issued an emergency advisory telling anyone running internet-facing Fortinet gear to terminate active sessions, rotate every credential, and turn on phishing-resistant multi-factor authentication immediately. This episode of Plaintext with Rich explains what FortiBleed actually is, why patching alone does not solve a credential-exposure incident, and what the difference between "patch" and "rotate" means for the people responsible for keeping a network safe. It also covers why a firewall breach lands differently than almost any other kind of breach, and what to check if you are worried someone already walked through the door before you changed the locks.
If you manage a team, own a business, or sit anywhere near a decision about network security gear, this one is directly relevant to your week. If you have no idea what a firewall does, that is fine too; the episode starts from the beginning.
One Topic, Ten minutes, No panic.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene - You don't inventory your house the morning of the move. You start months before. So why are most organizations still treating post-quantum cryptography as a 2035 problem?
Episode 31 of Plaintext with Rich treats the post-quantum crypto migration as what it actually is. A logistics problem, not a science one. We walk through the news peg that moved the timeline. Google's March 2026 announcement of a 2029 internal deadline, years ahead of federal targets, anchored by Craig Gidney's research at Google Quantum AI showing that one million noisy qubits could break a 2,048-bit RSA key in under a week. We explain harvest-now-decrypt-later in plain language, the threat that doesn't wait for Q-Day. We cover the three new NIST standards (FIPS 203, FIPS 204, FIPS 205), the NSA's January 2027 CNSA 2.0 procurement gate, and the design principle that matters more than any single algorithm. Crypto-agility. The episode closes with a Plaintext Starter Kit for the leader who needs to know what to ask the security team this quarter.
If you've ever wondered what "quantum breaks encryption" actually means for your environment, or whether you should be doing anything about it before 2030, this one is for you.
Ten minutes. One topic. No panic.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene - Someone pulled Rich aside at a conference recently. Six years in IT, ready to break into security, and asking the question more people ask every week. Should I even bother right now? Here's what the data actually shows.
Episode 30 of Plaintext with Rich unpacks the cybersecurity career paradox of 2026. The bottom rung is getting squeezed as AI automates SOC analyst, threat intelligence, and incident response work. At the same time, demand for AI security engineers, prompt injection specialists, and model risk leads is climbing fast. The episode walks through what prompt injection actually looks like in plain language, why the 2025 ISC2 Cybersecurity Workforce Study calls AI the field's top critical skill for the second year running, what BLS projects through 2034, and how the Pentagon's new Cyber Registered Apprenticeship Program is becoming a skills-based hiring blueprint other employers will copy.
If you're trying to break into cybersecurity right now, or you're already in the field and watching AI requirements sprout on every posting, this one is for you. It addresses the anxiety honestly. No doom. No false comfort.
Ten minutes. One topic. No panic.
Is there a topic/term you want me to discuss next? Text me!!
YouTube more your speed? → https://links.sith2.com/YouTube
Apple Podcasts your usual stop? → https://links.sith2.com/Apple
Neither of those? Spotify’s over here → https://links.sith2.com/Spotify
Prefer reading quietly at your own pace? → https://links.sith2.com/Blog
Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord
Follow the human behind the microphone → https://links.sith2.com/linkedin
Need another way to reach me? That’s here → https://linktr.ee/rich.greene
More Technology podcasts
Trending Technology podcasts
About Plaintext with Rich
Cybersecurity is an everyone problem. So why does it always sound like it’s only for IT people?Each week, Rich takes one topic, from phishing to ransomware to how your phone actually tracks you, and explains it in plain language in under ten minutes or less. No buzzwords. No condescension. Just the stuff you need to know to stay safer online, explained like you’re a smart person who never had anyone break it down properly. Because you are!
Podcast websiteListen to Plaintext with Rich, The AI Daily Brief: Artificial Intelligence News and Analysis and many other podcasts from around the world with the radio.net app

Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features
Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features


Plaintext with Rich
Scan code,
download the app,
start listening.
download the app,
start listening.
Plaintext with Rich: Podcasts in Family































