• Explore
  • Blog
  • Podcast
  • Community
  • About
  • Services
  • Contact
Menu

Exploring Information Security

Securing the Future - A Journey into Cybersecurity Exploration
  • Explore
  • Blog
  • Podcast
  • Community
  • About
  • Services
  • Contact

The Exploring Information Podcast Top 10 Podcast Episodes of 2025

December 31, 2025

In 2025, the cybersecurity landscape shifted from "theoretical risk" to "operational reality." This was reflected in the listening habits of the Exploring Information Security community, where the most-consumed content focused on the internal mechanics of cybercrime and the emerging threats of the AI era.

To create the list this year, I looked at the data from two distinct data sets Apple Podcasts and the views on YouTube. Then I threw those into Gemini and had it spit out the Top 10 episodes for this year.

The Top 10 Episodes:

1. How Do Ransomware Gangs Work? (Kyle Andrus)

The Global #1: This was the undisputed heavyweight champion of 2025. It resonated because it stripped away the "hooded hacker" myth and showed ransomware for what it is: a highly organized, corporate-style business.

  • Key Insight: Cybercriminal groups now have HR departments, performance reviews, and 24/7 customer support.

2. Hacking Space Systems: Inside Tempest (Tim Fowler)

The Visual Standout: While popular on audio, this exploded on YouTube. Tim Fowler’s "Tempest" CubeSat project gave the community a rare, hands-on look at the vulnerabilities in our satellite infrastructure.

  • Key Insight: Space is simply the newest extension of the internet—and it’s just as vulnerable.

3. Exploring the Rogue AI Agent Threat (Sam Chehab)

The 2025 Trend-Setter: This episode caught the "AI anxiety" wave perfectly. It identified a new attack vector: sanctioned AI agents that go "rogue" due to over-privileged API permissions.

  • Key Insight: Your biggest AI threat isn't a malicious outsider; it's a misconfigured internal tool with too much power.

4. Real-World Windows Forensics & IR (JC)

The Technical Masterclass: A staple for practitioner reference. JC’s breakdown of forensic artifacts remains one of the most shared episodes among SOC analysts and incident responders.

  • Key Insight: Digital detective work is about meticulous troubleshooting and pattern recognition.

5. NDR with Corelight (Brian Dye)

The Visibility Anchor: As perimeter defenses failed throughout 2025, the industry turned to Network Detection and Response. This episode became the standard guide for understanding the power of open-source Zeek telemetry.

  • Key Insight: In 2025, if you can't see your network traffic in real-time, you've already lost.

6. Monitoring the Inner Workings of a Cybercriminal Org (Matthew Maynard)

The Intelligence Deep-Dive: This served as the perfect companion to Rank #1. Matthew Maynard provided the "how-to" for researchers looking to safely infiltrate and monitor threat actor communities.

  • Key Insight: Effective threat intelligence requires a mix of technical OSINT and a deep understanding of criminal psychology.

7. Info Stealers and Supply Chain Attacks (Kyle Andrus)

The Credential Crisis: This episode highlighted why MFA alone isn't enough anymore. It focused on the rise of "session hijacking" and the commodity market for stolen employee tokens.

  • Key Insight: The supply chain is only as strong as the browser session of your most privileged administrator.

8. How to Implement a Content Security Policy (Jason Gillam)

The Developer’s Choice: A highly technical and practical episode that broke down the stats on why most CSPs fail. It’s the "how-to" guide that many listeners used to harden their own web applications.

  • Key Insight: Security shouldn't be a "bolt-on"—it needs to be built into the code using modern headers like CSP.

9. Gamifying Your Incident Response Playbook (Anushree Vaidya)

The Engagement Winner: This episode stood out for its unique approach to a dry topic. Anushree's method of using game mechanics to train IR teams saw a massive spike in social media sharing and community interaction.

  • Key Insight: People don't learn from boring slide decks; they learn from immersive, high-stakes simulations.

10. 2025 State of the API Report (Postman)

The Data-Driven Wrap-Up: Rounding out the top 10, this provided the statistical backbone for the year. It confirmed that the explosion of AI has made API security the most critical battleground for security engineers.

  • Key Insight: 2025 was the year the API became the "limbs" of the AI brain, creating a massive new attack surface.

What was your favorite episode from this past year. Leave a comment below.

In Podcast Tags Podcast, Top 10, API, threat intelligence, Application Security, Incident Response, malware, Forensics, network security, AI
Making Security Stick: Lessons from Cybersecurity Awareness Month →

Latest PoDCASTS

Featured
Dec 30, 2025
What is React2Shell (CVE-2025-55182)?
Dec 30, 2025
Dec 30, 2025
Dec 23, 2025
[RERELEASE] What is application security?
Dec 23, 2025
Dec 23, 2025
Dec 16, 2025
The Final Frontier of Security: The State of Space Security with Tim Fowler
Dec 16, 2025
Dec 16, 2025
Dec 9, 2025
How to Manage Cybersecurity Awareness Month
Dec 9, 2025
Dec 9, 2025
Dec 2, 2025
Exploring the Next Frontier of IAM: Shared Signals and Data Analytics
Dec 2, 2025
Dec 2, 2025
Nov 25, 2025
How to Close the Cybersecurity Skills Gap with a Student Powered SOC
Nov 25, 2025
Nov 25, 2025
Nov 18, 2025
What is the 2025 State of the API Report From Postman?
Nov 18, 2025
Nov 18, 2025
Nov 11, 2025
How AI Will Transform Society and Affect the Cybersecurity Field
Nov 11, 2025
Nov 11, 2025
Nov 4, 2025
[RERELEASE] How Macs get Malware
Nov 4, 2025
Nov 4, 2025
Oct 28, 2025
[RERELEASE] Why communication in infosec is important - Part 2
Oct 28, 2025
Oct 28, 2025

Powered by Squarespace