Episode 81: June 21, 2026

Episode 81: June 21, 2026

On today's Signal Check, Adrian digs into a North Korean supply chain attack that poisoned over 140 npm packages, an unpatchable iPhone exploit targeting Apple's SecureROM, and a scrappy hacker who kept his operation alive using Tailscale and SSH after losing his C2 server. Plus, millions in Brazil received a mysterious unauthorized emergency alert that nobody can quite explain yet. Stories covered: - Microsoft links Mastra AI supply chain attack to North Korean hackers (BleepingComputer) - https://www.bleepingcomputer.com/news/security/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/ - Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain (The Hacker News) - https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html - Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline - The Hacker News (The Hacker News) - https://news.google.com/rss/articles/CBMie0FVX3lxTFBNOXBPUEVoeE5CZl82WmNsVTRUMGY0LVJlMXMxZ3NJYnNuV1Y0MlFRY2pReHl1b2UwWVVENTRBeURnVlFpRmh0eEFzNEJUYkNNZ2IyNlRGOFRsMWJ0aTk1aFhfQURpb2ptVlh2N0hnYktPb2dwNGVMTWNZQQ?oc=5 - Unauthorized alert sent to cell phones across Brazil (Hacker News) - https://www.cnn.com/2026/06/20/americas/brazil-hackers-unauthorized-alert-latam - What 50,000 Runners And 76 Studies Teach Us About Racing The NYC Marathon Smarter (Marathon Handbook) - https://marathonhandbook.com/what-50000-runners-and-76-studies-teach-us-about-racing-the-nyc-marathon-smarter/ - The Free and Open Web Is Under Attack at the IETF (EFF) - https://www.eff.org/deeplinks/2026/06/free-and-open-web-under-attack-ietf

Episode 80: June 20, 2026

This episode covers critical security patches for NGINX that can't wait until Monday, a messy OAuth breach at Klue that gave hackers direct access to Salesforce data, and an unpatchable exploit in millions of older iPhones that Apple can't fix with software. Adrian walks through what moved overnight and why it matters before the weekend noise kicks in. Stories covered: - F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution (The Hacker News) - https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html - Klue OAuth breach victim list grows as Icarus hackers claim attack (BleepingComputer) - https://www.bleepingcomputer.com/news/security/klue-oauth-breach-victim-list-grows-as-icarus-hackers-claim-attack/ - Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain (The Hacker News) - https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html - I Faded During My First Two Races. This Simple Workout Helped Me Finish the Next One Strong—and Set a PR. (Runner's World) - https://www.runnersworld.com/training/a71631335/fartlek-training-race-stronger/ - A bold satellite rescue mission came together in record time, but will it work? (Ars Technica) - https://arstechnica.com/space/2026/06/a-bold-satellite-rescue-mission-came-together-in-record-time-but-will-it-work/ - The Free and Open Web Is Under Attack at the IETF (EFF) - https://www.eff.org/deeplinks/2026/06/free-and-open-web-under-attack-ietf

Episode 79: June 19, 2026

This episode digs into a patient cryptocurrency clipper campaign running since February, a French attacker who pivoted to legitimate remote tools when their server died, and why Salesforce integrations are becoming a serious supply chain risk. Adrian pulls signal from the noise before the day gets loud. Stories covered: - Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 (The Hacker News) - https://thehackernews.com/2026/06/microsoft-details-windows-clipper.html - Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline (The Hacker News) - https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html - Salesforce Data Thefts Continue via Klue App Compromise (Dark Reading) - https://www.darkreading.com/cyberattacks-data-breaches/salesforce-data-thefts-klue-app-compromise - Shoulder and back exercises to improve your running mechanics (Canadian Running) - https://runningmagazine.ca/sections/training/shoulder-and-back-exercises-to-improve-your-running-mechanics/ - Launch HN: TesterArmy (YC P26) – Agents that test web and mobile apps (Hacker News) - https://tester.army - ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm (Krebs on Security) - https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/

Episode 78: June 18, 2026

On today's Signal Check, Adrian North walks through six morning signals including the UK's controversial ID-based age verification law for social media, a sophisticated Android banking trojan called Rokarolla targeting hundreds of apps, and a French cyberattack that used legitimate IT tools to maintain persistent access. It's a sharp look at what moved overnight before the inbox explodes. Stories covered: - UK to require ID or face scan before you can make social media accounts (BleepingComputer) - https://www.bleepingcomputer.com/news/security/uk-to-require-id-or-face-scan-before-you-can-make-social-media-accounts/ - New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds (The Hacker News) - https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html - Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline (The Hacker News) - https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html - The Performance Booster That Could Help You Push Through Fatigue—If Your Stomach Can Handle It (Runner's World) - https://www.runnersworld.com/nutrition-weight-loss/a71606411/sodium-bicarbonate-runners-performance/ - European Champion Ciara Mageean Says She Will “Fit as Much Living” Into the Years She Has Left (Marathon Handbook) - https://marathonhandbook.com/european-champion-ciara-mageean-says-she-will-fit-as-much-living-into-the-years-she-has-left/ - The Free and Open Web Is Under Attack at the IETF (EFF) - https://www.eff.org/deeplinks/2026/06/free-and-open-web-under-attack-ietf

Episode 77: June 17, 2026

This episode digs into a powerful new Android banking trojan hitting over 200 apps, a federal warning about an actively exploited cPanel plugin, and a leaked membership list from Peter Thiel's ultra-exclusive Dialog retreat. Signal Check covers the threats already moving before your coffee gets cold. Stories covered: - New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds (The Hacker News) - https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html - Humiliating IIS servers for fun and jail time (Hacker News) - https://mll.sh/humiliating-iis-servers-for-fun-and-jail-time/ - CISA warns of another cPanel plugin flaw exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-warns-of-another-actively-exploited-cpanel-plugin-flaw/ - Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society (Wired) - https://www.wired.com/story/leak-exposes-members-of-peter-thiels-secretive-dialog-society/ - The 6 Best Toe Separators That Can Help Prevent Injury and Relieve Pain (Runner's World) - https://www.runnersworld.com/health-injuries/g40457572/best-toe-separators/ - Hacker: 'I Could Have Rickrolled the World Cup' - Bank Info Security (Bank Info Security) - https://news.google.com/rss/articles/CBMiiAFBVV95cUxNODd3SDVpTGV6ZGxCMU9HNS1ycjc3M0JnSDltYmJIOXZkQUEzSEtVTi1hZGVaVW1nc2J5MXJwTTZHZGxDeDBRd2lRd2U2YXd3b0U1UUpEOVd6RjdXRUxoSW01UEFOTk9Jbm1lV1Y0MnNGS2RUNFpFZWQ1Zzctd2t5M0VodlVSZm4w?oc=5