Up first, the ASW news of the week.
At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity’s door. They discuss the terrifying reality of quantum computing’s power to break RSA and ECC encryption—the very foundations of modern digital life. With 2030 set as the deadline for transitioning away from legacy crypto, organizations face a race against time. Ted breaks down what "full crypto visibility" really means, why it’s crucial to map your cryptographic assets now, and how legacy tech—from robotic sawmills to outdated hospital gear—poses serious risks. The interview explores NIST's new post-quantum algorithms, global readiness efforts, and how Keyfactor’s acquisitions of InfoSec Global and Cipher Insights help companies start the quantum transition today—not tomorrow. Don’t wait for the breach. Watch this and start your quantum strategy now. If digital trust is the goal, cryptography is the foundation.
Segment Resources: http://www.keyfactor.com/digital-trust-digest-quantum-readiness https://www.keyfactor.com/press-releases/keyfactor-acquires-infosec-global-and-cipherinsights/
For more information about Keyfactor’s latest Digital Trust Digest, please visit: https://securityweekly.com/keyfactorbh
Live from BlackHat 2025 in Las Vegas, cybersecurity host Jackie McGuire sits down with Seemant Sehgal, founder of BreachLock, to unpack one of the most pressing challenges facing SOC teams today: alert fatigue—and its even more dangerous cousin, vulnerability fatigue. In this must-watch conversation, Seemant reveals how his groundbreaking approach, Adversarial Exposure Validation (AEV), flips the script on traditional defense-heavy security strategies. Instead of drowning in 10,000+ “critical” alerts, AEV pinpoints what actually matters—using Generative AI to map realistic attack paths, visualize kill chains, and identify the exact vulnerabilities that put an organization’s crown jewels at risk. From his days leading cybersecurity at a major global bank to pioneering near real-time CVE validation, Seemant shares insights on scaling offensive security, improving executive buy-in, and balancing automation with human expertise. Whether you’re a CISO, SOC analyst, red teamer, or security enthusiast, this interview delivers actionable strategies to fight fatigue, prioritize risks, and protect high-value assets. Key topics covered: - The truth about alert fatigue & why it’s crippling SOC efficiency - How AI-driven offensive security changes the game - Visualizing kill chains to drive faster remediation - Why fixing “what matters” beats fixing “everything” - The future of AI trust, transparency, and control in cybersecurity Watch now to discover how BreachLock is redefining offensive security for the AI era.
Segment Resources: https://www.breachlock.com/products/adversarial-exposure-validation/
This segment is sponsored by Breachlock. Visit https://securityweekly.com/breachlockbh to learn more about them!
Ted Shorter is the Chief Technology Officer and co-founder at Keyfactor. Responsible for Keyfactor’s Intellectual Property development efforts, Ted helps align Keyfactor’s focus with the changing security landscape, ensuring our clients understand the importance of crypto-agility.
Ted has worked in the security arena for over 25 years, in the fields of cryptography, Public Key Infrastructure, authentication and authorization, and software vulnerability analysis. His past experience includes 10 years at the National Security Agency, a master’s degree in computer science from The Johns Hopkins University, and an active CISSP certification.
Seemant Sehgal founded BreachLock with two things: 20+ years of experience in the cybersecurity industry and a dream to create a solution that would make proactive security the new standard.
As the former Head of Cybersecurity at ING Bank, who held a multi-million-dollar cybersecurity budget, he dealt with the pain of traditional pentesting approaches falling short of what modern businesses today need for a strong security posture. A go-getter by nature, Seemant was motivated to solve these challenges, and went on to create the world’s first full-stack, human-led, AI-powered Penetration Testing as a Service (PTaaS) solution with a strong company culture that has helped BreachLock gain momentum and scale rapidly.
Today, BreachLock is a global leader in offensive security, offering attack surface management, penetration testing, red teaming, and adversarial exposure validation (AEV) services within one unified platform.
Join us for InfoSec World 2025 — October 27 to 29 in sunny Lake Buena Vista, Florida at Disney’s Coronado Springs Resort! Workshops run October 25–26 and October 29–30. The premier cybersecurity conference is here — save 25% with code ISW25-SW at securityweekly.com/ISW2025!
Mike Shema
- The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security
- YouTube secretly tested AI video enhancement without notifying creators – Ars Technica
- A new layer of security for certified Android devices
- Welcoming the Rust Innovation Lab
- FYI: agentic ai ctf demo
- Will Coding AI Tools Ever Reach Full Autonomy? – IEEE Spectrum
Check out the paper on arxiv.org.
- Malicious versions of Nx and some supporting plugins were published
Check out the original commit for how simple the bash command injection is.
