Episode 65: June 05, 2026

Episode 65: June 05, 2026

This episode covers a critical Cisco vulnerability that grants attackers root access without credentials, AI-powered tools now hunting bugs faster than humans, and underground tutorials industrializing cybercrime for beginners. We also dig into a two-year-old Redis flaw and a sixteen-year-old white-hat hacker who broke into India's exam portals just to fix them. It's Signal Check — your early-morning look at what's moving in the security world before the chaos starts. Stories covered: - Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public (The Hacker News) - https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html - Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) (The Hacker News) - https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html - Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook (BleepingComputer) - https://www.bleepingcomputer.com/news/security/hackers-are-after-the-gaps-in-your-vulnerability-program-heres-their-playbook/ - He is 16. He broke into NEET and JEE portals to fix it - India Today (India Today) - https://news.google.com/rss/articles/CBMiugFBVV95cUxNYV9RR0xua1h2X1lQQTNzN1ZwX1Blck82V0huZmFScmdwZFlfOXQ0OXFyOTVKLUZ4Mlp3WVJsQmI0Qm9JQjE1THA4aGJ3QVhjWGgtY2dXYm80Z01GTXR6MXh1SEdIVzM5dTkxUDhIYUpkN1dxSUp6WnBiN0I3M0E0ZjhZZk5vbkhsNHhsZ3YzUFI0cjZLQl9SYjNUdU9qcThxai1mYWRFRHZqRWE0WkdXbzV6MjVtMTdCVGfSAb8BQVVfeXFMUDdUUkx4VVZJbnAyNUdfWHdBdGMwWlRvR0padFFUY3hMR252YXJjcHA1TlEtSThlaE8teWpFelp6RlFsVzhvQ2JDMXpfWUdhalBsa3pObGdrbkVvSjBkVFRJbGhtWTh6VmdfRFhlMWNYek92dHFQa0M2enV0OE9USGdFM1hZS21tOUdFTUxUWkRJNmhmbUhZMlFaS19aank1WS1RNHFZSWFSU2ozTllEVXN6blBDLVJJb0FJdHVvYjA?oc=5 - This 90-Year-Old Runner Just Finished His First Marathon After Rediscovering Running Later in Life (Runner's World) - https://www.runnersworld.com/news/a71481967/bill-schwarz-first-marathon-90-years-old/ - Meta's ships facial recognition on smart glasses (Hacker News) - https://www.buchodi.com/meta-glasses-facial-recognition/

Episode 64: June 04, 2026

This episode covers a zero-day flaw in Visual Studio Code that's leaking GitHub tokens, a devastating HTTP/2 exploit hammering web servers across the internet, and how attackers are now using AI to automatically bypass security tools faster than defenders can respond. Adrian breaks down what's moving in the threat landscape before your second cup of coffee hits. It's Thursday morning, and the signals are already loud. Stories covered: - VS Code zero-day lets hackers steal GitHub tokens in one click (BleepingComputer) - https://www.bleepingcomputer.com/news/security/vs-code-zero-day-lets-hackers-steal-github-tokens-in-one-click/ - New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare (The Hacker News) - https://thehackernews.com/2026/06/new-http2-bomb-vulnerability-allows.html - Attackers Use AI to Automate EDR Evasion Testing (Dark Reading) - https://www.darkreading.com/endpoint-security/attackers-automate-edr-evasion-testing - Is It Okay to Take Breaks During Long Runs? Experts Explain When It Helps and When It Signals a Red Flag (Runner's World) - https://www.runnersworld.com/training/a71483612/stopping-during-long-runs/ - UAH researchers studying technology that could cut travel time to Mars - WAAY 31 News (WAAY 31 News) - https://news.google.com/rss/articles/CBMi4gFBVV95cUxQS081ZEhrbGhfa2V3LXhYcmVjQjZmMmU2UURsU2FkTnhOSlNzYW1nQ0duLS1iSTdRTE1pcG55cUhhR0hxX0ZxZHlmTG5kZ09ZSkdrejREb1ZTNzhQaHEwcWlWUWlFWi1RdUtackdPOGRmaEdIaGlSc0hWRHdWaWRzZUlBQV9FSUlzY1FsTk1zRFBXM08wLWVYNEgwMGZyMDJXY1lEYmdxZFVQd0wwWFR3aWczVkl6ZDM5Znc5SVplaEpQZnNJUkVsN0tjLVlXQ3FvQ1VfOXJGNFVKMmp2eXBxb25n?oc=5 - CISA warns of cyberattacks targeting fuel tank monitoring systems (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-warns-of-cyberattacks-targeting-fuel-tank-monitoring-systems/

Episode 63: June 03, 2026

This episode covers Google's urgent Android patch fixing an actively exploited vulnerability, another authentication bypass hitting Palo Alto's VPN gateways, and a wild new attack where hackers use Meta's own AI support tools to hijack Instagram accounts. We also dig into the growing cyberdeck movement — DIY enthusiasts building custom hardware to escape big tech surveillance — and wrap with a look at stunning independent trail races across the country. Stories covered: - Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited (The Hacker News) - https://thehackernews.com/2026/06/google-june-2026-android-update-patches.html - Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit (Dark Reading) - https://www.darkreading.com/threat-intelligence/patch-palo-alto-auth-bypass-bug-exploit - Instagram users locked out after Meta AI abused to steal accounts (BleepingComputer) - https://www.bleepingcomputer.com/news/security/instagram-users-locked-out-after-meta-ai-abused-to-steal-accounts/ - Cyberdecks are having a moment, rejecting big tech surveillance with style and substance (TechCrunch) - https://techcrunch.com/2026/06/02/cyberdeck-tiktok-trend-reject-big-tech/ - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - What I Learned Exploding Cams and Nuts On a Classic Squamish Splitter (Climbing Magazine) - https://www.climbing.com/gear/what-trad-climbers-should-know-about-exploding-cams-and-nuts/

Episode 62: June 02, 2026

This episode covers a wild range of security wake-up calls — from hackers tricking Meta's AI chatbot to hijack high-profile Instagram accounts, to compromised npm packages stealing developer credentials, to a critical Windows vulnerability now being actively exploited. Adrian North also shifts gears to spotlight thirteen stunning independent trail races across the U.S. for anyone looking to suffer beautifully. Stories covered: - Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts (Krebs on Security) - https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/ - Red Hat npm packages compromised to steal developer credentials (BleepingComputer) - https://www.bleepingcomputer.com/news/security/red-hat-npm-packages-compromised-to-steal-developer-credentials/ - Critical Windows Netlogon RCE flaw now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/ - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - Why Your Long Runs Leave You Wiped—and How to Bounce Back Better (Runner's World) - https://www.runnersworld.com/training/a71459738/amazing-runners-world-show-epsiode-117-long-run-fatigue_1780323049/ - This Weird 20-Legged Robot Moves Like Nothing Else on Earth and It Could Change How We Build Machines - ZME Science (ZME Science) - https://news.google.com/rss/articles/CBMiekFVX3lxTE1kVmZHZW9kNVZNX1VwTzl6RFdMWVNOYXJTSHhtYlcxb1RsUDRGUFByWFhYai0yd2ZsaG5wWmU4MXRpT2Vka1Z0WnN4cjdIM2lOT1FhQjRiSnptY0p3WWRqeXM0aDN4UGZzdXlmRFN4NXNfTWRLcjY4LW93?oc=5

Episode 61: June 01, 2026

This episode covers critical vulnerabilities in Gogs and Palo Alto's GlobalProtect VPN that are already being actively exploited, plus the takedown of a massive 17 million device botnet in the Netherlands. Adrian also digs into a bizarre new attack where hackers used an AI agent to carry out post-compromise actions autonomously. It's a Monday morning packed with urgent patches and unsettling new tactics. Stories covered: - Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code (The Hacker News) - https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html - Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/ - Dutch govt disrupts malware botnet with 17 million infected devices (BleepingComputer) - https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/ - Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit (The Hacker News) - https://thehackernews.com/2026/05/attackers-use-llm-agent-for-post.html - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - Tyler Andrews Sets Oxygen-Assisted Speed Record on Mount Everest (iRunFar) - https://www.irunfar.com/tyler-andrews-mount-everest-speed-record-2026