Signal Check

40 Episodes
Subscribe

By: Adrian North

Tech, hacking, security, running, climbing news all in one podcast cause.. why not?

✂️ Turn this podcast into clips
Episode 98: July 08, 2026
#98
Today at 9:00 AM

This episode digs into a sixteen-year-old Linux kernel flaw that's been lurking in virtualized systems, Accenture's messy data breach with source code now up for sale, and a hidden backdoor baked into Tenda router firmware. We also cover GitHub's GitLost vulnerability that lets attackers pull private data through public repos, plus the usual reminder that scale and reputation don't make anyone immune. Stories covered: - 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems (The Hacker News) - https://thehackernews.com/2026/07/16-year-old-linux-kvm-flaw-lets-guest.html - Accenture confirms breach after hacker offers stolen data for...


Episode 97: July 07, 2026
#97
Yesterday at 9:00 AM

This episode covers a critical Gitea Docker vulnerability exploited just thirteen days after patching, the first fully autonomous LLM-driven ransomware attack called JadePuffer, and a sixteen-year-old KVM hypervisor flaw that lets guest VMs escape to the host. Adrian also digs into how Microsoft used Windows hardware IDs to track down a hacker, proving your device might be less anonymous than you think. Stories covered: - Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure (The Hacker News) - https://thehackernews.com/2026/07/threat-actors-probe-gitea-docker-flaw.html - JadePuffer: The First Complete LLM-Driven Ransomware Attack (Dark Reading) - https://www.darkreading.com...


Episode 96: July 06, 2026
#96
Last Monday at 9:00 AM

This episode covers North Korean hackers flooding developer repositories with over a hundred malicious packages, new credential-stealing tactics like ConsentFix that bypass multi-factor authentication in seconds, and a critical SharePoint vulnerability now being actively exploited two months after its patch. We also dig into what researchers believe is the first fully AI-automated ransomware attack, marking a dangerous new milestone in cyber threats. Stories covered: - North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign (The Hacker News) - https://thehackernews.com/2026/07/north-korean-hackers-publish-108.html - ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds (BleepingComputer) - https://www...


Episode 95: July 05, 2026
#95
Last Sunday at 9:00 AM

This episode digs into a Scattered Spider extradition, the first fully AI-driven ransomware attack, and a Tesla bug bounty that uncovered a $243 million flaw. We also cover an actively exploited SharePoint vulnerability and what it means when the tools running half the enterprise become the entry point. Stories covered: - Alleged Scattered Spider hacker extradited to the United States (BleepingComputer) - https://www.bleepingcomputer.com/news/security/alleged-scattered-spider-hacker-extradited-to-the-united-states/ - JadePuffer ransomware used AI agent to automate entire attack (BleepingComputer) - https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/ - Tesla paid a Russian hacker $15,000 per bug found — then he cracked open th...


Episode 94: July 04, 2026
#94
Last Saturday at 9:00 AM

This episode covers a critical Linux kernel flaw that gives unprivileged users full root access across billions of devices, a clever macOS credential stealer disguising itself as legitimate software, and the takedown of a massive residential proxy network that secretly compromised two million Android devices. Adrian North walks through the early morning signals that matter before the weekend noise kicks in. It's a quick Saturday security briefing for anyone who needs to know what's actively threatening systems right now. Stories covered: - New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android (The Hacker News) - https...


Episode 93: July 03, 2026
#93
Last Friday at 9:00 AM

This episode digs into ransomware crews deploying multi-vector attacks through Citrix vulnerabilities and stolen Fortinet credentials, plus a CISA warning on an actively exploited SharePoint flaw. We also cover the Tesla bug bounty that somehow escalated into a $243 million lesson, and why elite athletes aren't just better at training—they're better at everything around it. Stories covered: - Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials (The Hacker News) - https://thehackernews.com/2026/07/ransomware-groups-turn-to-citrix-bleed.html - FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations (The Hacker News) - https://thehackernews.com/2026/07/fortibleed-credential-theft-linked-to.html - CISA: Mi...


Episode 92: July 02, 2026
#92
Last Thursday at 9:00 AM

This episode covers AI-generated malware that's raising alarms among cybersecurity researchers, a teenage hacker's extradition in the Scattered Spider case, and record-breaking performances at the Western States 100 ultramarathon. Adrian North walks through six signals from the tech and culture landscape before your workday demands attention. It's your early-morning dose of what's moving through the network right now. Stories covered: - AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android (The Hacker News) - https://thehackernews.com/2026/07/ai-generated-browser-ransomware-abuses.html - 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges (The Hacker News) - https://thehackernews.com/2026/07/19-year-old-scattered-spider-suspect.html ...


Episode 91: July 01, 2026
#91
07/01/2026

This episode digs into a shocking security study revealing that nearly two-thirds of AI chatbot apps on iPhone are leaking user credentials and API keys in plain sight. We also cover RustDuck, a dangerous new botnet targeting home routers and cameras, plus the latest Kali Linux release packed with fresh penetration testing tools. Stories covered: - 282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study (The Hacker News) - https://thehackernews.com/2026/06/282-ios-apps-found-leaking-llm-api-keys.html - RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS (The Hacker News) - https://thehackernews.com/2026/06...


Episode 90: June 30, 2026
#90
06/30/2026

This episode covers a major Microsoft Edge extension purge, a sneaky supply chain attack using VS Code automation, and a new Linux privilege escalation exploit called pedit COW. Adrian also highlights an incredible ultrarunning performance at Western States before the day's chaos takes over. Stories covered: - Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts (The Hacker News) - https://thehackernews.com/2026/06/microsoft-removes-119-edge-extensions.html - Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer (The Hacker News) - https://thehackernews.com/2026/06/hijacked-npm-and-go-packages-use-vs.html - New Linux pedit COW Exploit Enables Root Access...


Episode 89: June 29, 2026
#89
06/29/2026

This episode digs into three emerging threats targeting the tools developers and security-conscious users rely on most. We cover a sophisticated npm supply chain attack infiltrating GitHub Actions, a Russian phishing campaign hunting Signal backup keys, and a chilling new exploit that weaponizes AI coding agents through hidden instructions. The common thread? Trust is the new attack surface. Stories covered: - Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack (The Hacker News) - https://thehackernews.com/2026/06/miasma-malware-targets-npm-packages-and.html - FBI: Russian hackers now target Signal backup recovery keys (BleepingComputer) - https://www.bleepingcomputer.com/news/security...


Episode 88: June 28, 2026
#88
06/28/2026

This episode covers the quiet but critical signals from a Sunday morning in late June, including a new framework to help companies manage aging open-source projects before they become security nightmares. We dig into a Russian phishing campaign targeting Signal backup keys, an anonymous GitHub account dropping zero-day exploits into the wild, and why even the most secure tools fail when human trust gets weaponized. Stories covered: - New Initiative Tackles Security for End-of-Life Open Source Software (Dark Reading) - https://www.darkreading.com/application-security/initiative-tackles-security-end-of-life-open-source - FBI: Russian hackers now target Signal backup recovery keys (BleepingComputer) - https://www...


Episode 86: June 26, 2026
#86
06/26/2026

This episode digs into a Cisco SD-WAN zero-day exploit breakdown from Mandiant, a clever macOS malware strain that deceives AI analysis tools with fake error messages, and a former hacker now applying exploit-finding skills to solar energy collection. Adrian North walks through early-morning signals before the noise of the day takes over. Stories covered: - Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access (BleepingComputer) - https://www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/ - New macOS malware embeds fake errors to confuse AI analysis tools (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-macos-malware-embeds-fake-errors-to-confuse-ai-analysis-tools/ - This former hacker saw...


Episode 85: June 25, 2026
#85
06/25/2026

This episode digs into two actively exploited Cisco vulnerabilities that are making waves — including a zero-day that gave attackers root access to SD-WAN devices. We also cover a new website publicly shaming companies that still don't support passkeys, and a reformed hacker with an unexpected new mission. Stories covered: - Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access (BleepingComputer) - https://www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/ - Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisco-unified-cm-sme-flaw-cve-2026-20230-now-exploited-in-attacks/ - New website names and shames companies that still do...


Episode 84: June 24, 2026
#84
06/24/2026

This episode covers active exploitation of a Cisco Unified Communications flaw, LastPass confirming another breach through stolen OAuth tokens, and a former hacker who pivoted to solar energy. Adrian digs into why supply chain attacks are now the standard playbook and shares a Runner's World tip on avoiding long-run mistakes. Stories covered: - Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisco-unified-cm-sme-flaw-cve-2026-20230-now-exploited-in-attacks/ - LastPass confirms data breach in Klue supply chain attack (BleepingComputer) - https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/ - This former hacker saw the light—an...


Episode 83: June 23, 2026
#83
06/23/2026

This episode digs into Canada's unprecedented move to remotely clean malware from citizens' devices without permission, Microsoft's attribution of the Mastra AI supply chain attack to North Korean hackers, and a newly published iPhone exploit that lives in hardware Apple can't patch. We also touch on why your best running mentor is probably the local coach who shows up at dawn, not the influencer with perfect splits. Stories covered: - Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices (The Hacker News) - https://thehackernews.com/2026/06/canadas-spy-agency-used-first-of-its.html - Microsoft links Mastra AI supply chain attack to North Ko...


Episode 82: June 22, 2026
#82
06/22/2026

This episode digs into a CISA deadline for a critical Splunk vulnerability that's already being exploited in the wild, a North Korean supply chain attack that poisoned over 140 npm packages, and how a junior hacker used legitimate tools like Tailscale to maintain persistence after losing his primary command server. Adrian breaks down six stories that show how attackers are leveraging trust, timing, and creative tradecraft to stay ahead. Stories covered: - CISA: Splunk Enterprise flaw actively exploited, patch by Sunday (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-splunk-enterprise-flaw-actively-exploited-patch-by-sunday/ - Microsoft links Mastra AI supply chain attack to North Korean...


Episode 81: June 21, 2026
#81
06/21/2026

On today's Signal Check, Adrian digs into a North Korean supply chain attack that poisoned over 140 npm packages, an unpatchable iPhone exploit targeting Apple's SecureROM, and a scrappy hacker who kept his operation alive using Tailscale and SSH after losing his C2 server. Plus, millions in Brazil received a mysterious unauthorized emergency alert that nobody can quite explain yet. Stories covered: - Microsoft links Mastra AI supply chain attack to North Korean hackers (BleepingComputer) - https://www.bleepingcomputer.com/news/security/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/ - Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain (The Hacker News) - https...


Episode 80: June 20, 2026
#80
06/20/2026

This episode covers critical security patches for NGINX that can't wait until Monday, a messy OAuth breach at Klue that gave hackers direct access to Salesforce data, and an unpatchable exploit in millions of older iPhones that Apple can't fix with software. Adrian walks through what moved overnight and why it matters before the weekend noise kicks in. Stories covered: - F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution (The Hacker News) - https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html - Klue OAuth breach victim list grows as Icarus hackers claim attack (BleepingComputer) - https://www.bleepingcomputer...


Episode 79: June 19, 2026
#79
06/19/2026

This episode digs into a patient cryptocurrency clipper campaign running since February, a French attacker who pivoted to legitimate remote tools when their server died, and why Salesforce integrations are becoming a serious supply chain risk. Adrian pulls signal from the noise before the day gets loud. Stories covered: - Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 (The Hacker News) - https://thehackernews.com/2026/06/microsoft-details-windows-clipper.html - Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline (The Hacker News) - https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html - Salesforce Data Thefts...


Episode 78: June 18, 2026
#78
06/18/2026

On today's Signal Check, Adrian North walks through six morning signals including the UK's controversial ID-based age verification law for social media, a sophisticated Android banking trojan called Rokarolla targeting hundreds of apps, and a French cyberattack that used legitimate IT tools to maintain persistent access. It's a sharp look at what moved overnight before the inbox explodes. Stories covered: - UK to require ID or face scan before you can make social media accounts (BleepingComputer) - https://www.bleepingcomputer.com/news/security/uk-to-require-id-or-face-scan-before-you-can-make-social-media-accounts/ - New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds (The Hacker News...


Episode 77: June 17, 2026
#77
06/17/2026

This episode digs into a powerful new Android banking trojan hitting over 200 apps, a federal warning about an actively exploited cPanel plugin, and a leaked membership list from Peter Thiel's ultra-exclusive Dialog retreat. Signal Check covers the threats already moving before your coffee gets cold. Stories covered: - New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds (The Hacker News) - https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html - Humiliating IIS servers for fun and jail time (Hacker News) - https://mll.sh/humiliating-iis-servers-for-fun-and-jail-time/ - CISA warns of another cPanel plugin flaw exploited in attacks (BleepingComputer) - https://www...


Episode 76: June 16, 2026
#76
06/16/2026

This episode digs into a cascade of high-value security breaches, from a three-vulnerability chain in AI gateway infrastructure to a one-click exploit in Microsoft 365 Copilot that exposed entire workspaces. We also cover a year-long Chinese espionage campaign that weaponized Google Workspace forwarding rules and a LinkedIn job scam that sparked hundreds of comments on Hacker News. Stories covered: - LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers (The Hacker News) - https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html - One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes (The Hacker News) - https://thehackernews...


Episode 75: June 15, 2026
#75
06/15/2026

This episode covers six cybersecurity and tech stories from Monday morning, including a zero-day exploit in Oracle PeopleSoft by ShinyHunters, a massive AUR package compromise affecting Arch Linux users, and a CISA emergency directive on Ivanti Sentry. Adrian also digs into a fascinating DIY project where someone indexed 669 gigabytes of GoPro footage using local machine learning models. Stories covered: - ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (The Hacker News) - https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html - Over 400 Arch Linux packages compromised to push rootkit, infostealer (BleepingComputer) - https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/ ...


Episode 74: June 14, 2026
#74
06/14/2026

This episode covers a major supply chain attack on Arch Linux's AUR, a zero-day exploit in Oracle PeopleSoft used by the ShinyHunters crew to breach universities, and a few unexpected signals about endurance and starting late. Adrian breaks down the technical fallout from both incidents and reminds us that not every signal is a threat—some are just proof that it's never too late to begin. Grab your coffee and get the morning download before the day gets loud. Stories covered: - Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit (The Hacker News) - https://thehackernews.co...


Episode 73: June 13, 2026
#73
06/13/2026

This episode digs into a brutal week for security, starting with over 400 hijacked Arch Linux packages that installed credential stealers and rootkits. We also cover ShinyHunters exploiting a zero-day in Oracle PeopleSoft to hit universities, and an AI-powered cyber defense platform launching with serious funding and even bigger questions. Stories covered: - Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit (The Hacker News) - https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html - ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (The Hacker News) - https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html - He Hacked Teslas For Elon...


Episode 72: June 12, 2026
#72
06/12/2026

This episode covers ShinyHunters exploiting an unpatched Oracle PeopleSoft vulnerability to breach universities, the leaked Miasma worm source code lowering the barrier for supply-chain attacks, and new research showing how AI agents like OpenClaw can be tricked into running malicious code through prompt injection. Adrian breaks down the week's critical signals before the weekend hits. Stories covered: - ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (The Hacker News) - https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html - The ‘Miasma’ worm source code briefly leaked on GitHub (BleepingComputer) - https://www.bleepingcomputer.com/news/security/the-miasma-worm-source-code-briefly-leaked-on-github/ - New Attacks Trick Open...


Episode 71: June 11, 2026
#71
06/11/2026

This episode digs into a fresh Microsoft Defender zero-day granting full system access, a new SSD timing attack that tracks your browsing through hardware behavior, and the rise of The Gentlemen ransomware group building a professional cybercrime empire. Adrian breaks down why these aren't just bugs—they're fundamental shifts in how attacks work. Morning coffee required. Stories covered: - Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows (The Hacker News) - https://thehackernews.com/2026/06/microsoft-defender-rogueplanet-zero-day.html - New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing - The Hacker News (The Hacker Ne...


Episode 70: June 10, 2026
#70
06/10/2026

This episode covers a critical Check Point VPN flaw being actively exploited by ransomware groups, a wild new browser-based attack that uses your SSD to spy on your activity, and a must-patch Veeam vulnerability that lets any domain user compromise your backup infrastructure. Adrian also digs into surprising running science that shows walking breaks can actually make you faster. It's threat intel, hardware side-channels, and a dash of endurance strategy before your second cup of coffee. Stories covered: - CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day (BleepingComputer) - https://www.bleepingcomputer.com/news/security...


Episode 69: June 09, 2026
#69
06/09/2026

This episode covers emergency patches for a critical Check Point VPN zero-day that's been exploited by ransomware groups since early May, plus a Python supply-chain attack that compromised nineteen packages on PyPI. Adrian breaks down why patching isn't enough when attackers have already had weeks inside networks, and how developer trust becomes the vulnerability in these campaigns. Stories covered: - Check Point VPN Flaw Exploited Since Early May (Dark Reading) - https://www.darkreading.com/vulnerabilities-threats/check-point-vpn-flaw-exploited-early-may - Check Point links VPN zero-day attacks to Qilin ransomware gang (BleepingComputer) - https://www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/ - New Shai-Hulud...


Episode 68: June 08, 2026
#68
06/08/2026

This episode digs into the worst security breaches of 2026 so far, from compromised critical infrastructure to a hacked FBI surveillance system. Adrian also covers World Cup scammers flooding the web with fake ticket sites and a freshly exploited SolarWinds vulnerability causing server crashes across government and enterprise networks. Stories covered: - Hacked, leaked, and held for ransom: the worst breaches of 2026 so far (TechCrunch) - https://techcrunch.com/2026/06/07/the-worst-hacks-and-breaches-of-2026-so-far/ - FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins (The Hacker News) - https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html - CISA: Hackers now exploit...


Episode 67: June 07, 2026
#67
06/07/2026

This episode digs into Arabic-targeted Android spyware disguised as news apps, a massive npm supply chain attack distributing Rust-based malware to developers, and how hackers reportedly hijacked high-profile Instagram accounts using Meta's own AI support bot. Adrian North walks through the weekend's most critical signals before the world fully wakes up. It's your Sunday morning threat briefing with coffee in hand. Stories covered: - Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps (The Hacker News) - https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html - IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks...


Episode 66: June 06, 2026
#66
06/06/2026

This episode covers six critical cybersecurity signals, from World Cup scam operations already in overdrive to the disturbing rise of in-person social engineering attacks where ransomware crews literally walk into offices. Adrian unpacks why the browser has become the new security perimeter and what that means for anyone who thinks their defenses are still holding. Stories covered: - FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins (The Hacker News) - https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html - What 2026 DBIR Confirms: Attacks Are Living in the Browser (BleepingComputer) - https://www.bleepingcomputer.com/news/security...


Episode 65: June 05, 2026
#65
06/05/2026

This episode covers a critical Cisco vulnerability that grants attackers root access without credentials, AI-powered tools now hunting bugs faster than humans, and underground tutorials industrializing cybercrime for beginners. We also dig into a two-year-old Redis flaw and a sixteen-year-old white-hat hacker who broke into India's exam portals just to fix them. It's Signal Check — your early-morning look at what's moving in the security world before the chaos starts. Stories covered: - Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public (The Hacker News) - https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html - Autonomous AI Tool Finds 2-Y...


Episode 64: June 04, 2026
#64
06/04/2026

This episode covers a zero-day flaw in Visual Studio Code that's leaking GitHub tokens, a devastating HTTP/2 exploit hammering web servers across the internet, and how attackers are now using AI to automatically bypass security tools faster than defenders can respond. Adrian breaks down what's moving in the threat landscape before your second cup of coffee hits. It's Thursday morning, and the signals are already loud. Stories covered: - VS Code zero-day lets hackers steal GitHub tokens in one click (BleepingComputer) - https://www.bleepingcomputer.com/news/security/vs-code-zero-day-lets-hackers-steal-github-tokens-in-one-click/ - New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache...


Episode 63: June 03, 2026
#63
06/03/2026

This episode covers Google's urgent Android patch fixing an actively exploited vulnerability, another authentication bypass hitting Palo Alto's VPN gateways, and a wild new attack where hackers use Meta's own AI support tools to hijack Instagram accounts. We also dig into the growing cyberdeck movement — DIY enthusiasts building custom hardware to escape big tech surveillance — and wrap with a look at stunning independent trail races across the country. Stories covered: - Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited (The Hacker News) - https://thehackernews.com/2026/06/google-june-2026-android-update-patches.html - Patch Now: Another Palo Alto Auth Bypass Bug Under Acti...


Episode 62: June 02, 2026
#62
06/02/2026

This episode covers a wild range of security wake-up calls — from hackers tricking Meta's AI chatbot to hijack high-profile Instagram accounts, to compromised npm packages stealing developer credentials, to a critical Windows vulnerability now being actively exploited. Adrian North also shifts gears to spotlight thirteen stunning independent trail races across the U.S. for anyone looking to suffer beautifully. Stories covered: - Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts (Krebs on Security) - https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/ - Red Hat npm packages compromised to steal developer credentials (BleepingComputer) - https://www.bleepingcomputer.com/news/security/red-hat-npm-packages-compromised-to-steal-developer-credentials/ - Cr...


Episode 61: June 01, 2026
#61
06/01/2026

This episode covers critical vulnerabilities in Gogs and Palo Alto's GlobalProtect VPN that are already being actively exploited, plus the takedown of a massive 17 million device botnet in the Netherlands. Adrian also digs into a bizarre new attack where hackers used an AI agent to carry out post-compromise actions autonomously. It's a Monday morning packed with urgent patches and unsettling new tactics. Stories covered: - Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code (The Hacker News) - https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html - Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks (BleepingComputer) - https...


Episode 60: May 31, 2026
#60
05/31/2026

This episode covers critical vulnerabilities hitting Gogs self-hosted Git servers, Palo Alto VPN authentication bypass being actively exploited, and a groundbreaking attack where threat actors deployed an AI agent to autonomously handle post-exploitation. We also dig into a new Linux kernel privilege escalation flaw and what it means when your VPN becomes the weakest link. Stories covered: - Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code (The Hacker News) - https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html - Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/ ...


Episode 59: May 30, 2026
#59
05/30/2026

This episode covers a cybercrime gang funding real-world violence with stolen data, a Russian hacker who spent five years running an AI bot inside a 17,000-member Telegram channel, and Dutch authorities dismantling a botnet controlling 17 million infected devices. We also dig into how cloud misconfigurations stack into serious exploits when no one's watching the service accounts. Stories covered: - 'The Com' Cyberattacks Support Violence & Sexploitation (Dark Reading) - https://www.darkreading.com/threat-intelligence/the-com-cyberattacks-violence-sexploitation - A Russian hacker tricked a 17,000 strong MAGA Telegram channel with a jailbroken AI for over 5 years, leading to fraud, credential theft, and an empty crypto...


Episode 57: May 28, 2026
#57
05/28/2026

This episode digs into a dark week for software supply chains, from the Glassworm botnet takedown to the TrapDoor malware infecting npm, PyPI, and CratesIO—plus why multi-factor authentication isn't as bulletproof as you think when attackers weaponize fatigue. Adrian also spotlights thirteen under-the-radar trail races that trade crowds for waterfalls and old-growth forests. It's cybersecurity threats and hidden running gems before your coffee cools. Stories covered: - CrowdStrike and Google take down botnet used by hackers to target open source software developers (TechCrunch) - https://techcrunch.com/2026/05/27/crowdstrike-and-google-take-down-botnet-used-by-hackers-to-target-software-developers-in-supply-chain-attacks/ - TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, an...