Weekly Security Wrap: AI, Salesforce, and Cisco in Focus

Josh Marpet and the crew at Security Weekly pulled together another packed episode that bounces between some pretty different security angles. Local AI tools are getting traction, but they're bringing their own headaches to the table. When you run language models on your own infrastructure instead of relying on cloud providers, suddenly you own the entire attack surface.

The episode covers specific vulnerabilities hitting Salesforce, Aspose, Cisco gear, and HTTP/2 implementations that people are still sleeping on. Here's the thing though: how many teams actually patch their HTTP/2 stacks when the CVEs drop? Most deployments are so buried in legacy code that security teams can't even get visibility into what they're running.

Fluttershell showed up in the discussion too, which is worth paying attention to if you're doing anything with Flutter apps in production. The podcast network does the heavy lifting of connecting dots between different threat vectors so you don't have to sift through twenty different vendor advisories just to understand what actually matters this week.