<p>A devastating new React vulnerability earned a "perfect 10" for risk, letting attackers remotely run code on a million-plus servers with a single HTTP request. Find out what happened, how fast attackers moved in, and why this bug changes everything for web security.</p><ul> <li>France's VanityFair face a stiff fine over cookies.</li> <li>GrapheneOS pulls out of France over coercion worries.</li> <li>The EU adds to the pile-on over underage social media.</li> <li>India mandates the tracking of all smartphones.</li> <li>Apple says no.</li> <li>India abandons its smartphone tracking mandate.</li> <li>India requires all encrypted messaging to be SIM-tied.</li> <li>Scattered Lapsus$ Hunters --becomes--> SLH.</li> <li>AI demand has driven RAM pricing sky high.</li> <li>GRC's DNS Benchmark is finished and available.</li> <li>Cisco may talk a good game, but they're still Cisco.</li> <li>Browsers to ask users for local network access permission.</li> <li>React: The worst remote code exploit in a LONG time.</li></ul> <p>Show Notes - <a href="https://www.grc.com/sn/SN-1055-Notes.pdf" target="_blank">https://www.grc.com/sn/SN-1055-Notes.pdf</a></p> <p><strong>Hosts:</strong> <a href="https://twit.tv/people/steve-gibson">Steve Gibson</a> and <a href="https://twit.tv/people/leo-laporte">Leo Laporte</a></p> <p>Download or subscribe to <em>Security Now</em> at <a href="https://twit.tv/shows/security-now">https://twit.tv/shows/security-now</a>.</p> <p>You can submit a question to <em>Security Now</em> at the <a href="https://www.grc.com/feedback.htm" target="_blank">GRC Feedback Page</a>.</p> <p>For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: <a href="https://www.grc.com/securitynow.htm" target="_blank">grc.com</a>, also the home of the best disk maintenance and recovery utility ever written <a href="https://www.grc.com/sr/spinrite.htm" target="_blank">Spinrite 6</a>.</p> <p><strong>Join Club TWiT for Ad-Free Podcasts!</strong><br /> Support what you love and get ad-free audio <em>and</em> video feeds, a members-only Discord, and exclusive content. Join today: <a href="https://twit.tv/clubtwit" rel="payment">https://twit.tv/clubtwit</a></p> <p><strong>Sponsors:</strong><ul> <li><a href="http://1password.com/securitynow" target="_blank" rel="sponsored">1password.com/securitynow</a></li> <li><a href="https://www.veeam.com/global-leader-data-resilience.html?utm_source=twit&utm_medium=audio&utm_campaign=2025-veeam-brand&utm_content=security-now" target="_blank" rel="sponsored">veeam.com</a></li> <li><a href="http://bigid.com/securitynow" target="_blank" rel="sponsored">bigid.com/securitynow</a></li> <li><a href="http://zscaler.com/security" target="_blank" rel="sponsored">zscaler.com/security</a></li> <li><a href="http://hoxhunt.com/securitynow" target="_blank" rel="sponsored">hoxhunt.com/securitynow</a></li> </ul></p>
Source: https://twit.tv/shows/security-now/episodes/1055
Published: 2025-12-09 19:45:43