Episode 69: June 09, 2026

Episode 69: June 09, 2026

This episode covers emergency patches for a critical Check Point VPN zero-day that's been exploited by ransomware groups since early May, plus a Python supply-chain attack that compromised nineteen packages on PyPI. Adrian breaks down why patching isn't enough when attackers have already had weeks inside networks, and how developer trust becomes the vulnerability in these campaigns. Stories covered: - Check Point VPN Flaw Exploited Since Early May (Dark Reading) - https://www.darkreading.com/vulnerabilities-threats/check-point-vpn-flaw-exploited-early-may - Check Point links VPN zero-day attacks to Qilin ransomware gang (BleepingComputer) - https://www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/ - New Shai-Hulud attack trojanizes 19 science-focused PyPI packages (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-shai-hulud-attack-trojanizes-19-science-focused-pypi-packages/ - UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign (The Hacker News) - https://thehackernews.com/2026/06/unc3753-used-vishing-and-physical.html - ‘I’m a 75-Year-Old Grandmother of Six and Just Ran a 3:57 Marathon. This Is How I Train’ (Runner's World) - https://www.runnersworld.com/training/a71523801/penny-jarvis-runner/ - Surveillance Is Not Safety: A statement on the UK's latest threat to privacy [pdf] (Hacker News) - https://signal.org/blog/pdfs/2026-06-08-uk-surveillance-is-not-safety.pdf

Episode 68: June 08, 2026

This episode digs into the worst security breaches of 2026 so far, from compromised critical infrastructure to a hacked FBI surveillance system. Adrian also covers World Cup scammers flooding the web with fake ticket sites and a freshly exploited SolarWinds vulnerability causing server crashes across government and enterprise networks. Stories covered: - Hacked, leaked, and held for ransom: the worst breaches of 2026 so far (TechCrunch) - https://techcrunch.com/2026/06/07/the-worst-hacks-and-breaches-of-2026-so-far/ - FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins (The Hacker News) - https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html - CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-hackers-now-exploit-solarwinds-serv-u-flaw-to-crash-servers/ - Cisco warns of unpatched SD-WAN zero-day exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/ - This High School Star Just Ran the 3rd Fastest Prep Mile Ever—and Even Beat the Pros (Runner's World) - https://www.runnersworld.com/news/a71508401/ellery-lincoln-hoka-festival-of-miles/ - Rory Linkletter Trades the Road for His Trail Running Debut (Marathon Handbook) - https://marathonhandbook.com/rory-linkletter-trades-the-road-for-a-mountain/

Episode 67: June 07, 2026

This episode digs into Arabic-targeted Android spyware disguised as news apps, a massive npm supply chain attack distributing Rust-based malware to developers, and how hackers reportedly hijacked high-profile Instagram accounts using Meta's own AI support bot. Adrian North walks through the weekend's most critical signals before the world fully wakes up. It's your Sunday morning threat briefing with coffee in hand. Stories covered: - Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps (The Hacker News) - https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html - IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks (The Hacker News) - https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html - Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts (Krebs on Security) - https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/ - This High School Star Just Ran the 3rd Fastest Prep Mile Ever—and Even Beat the Pros (Runner's World) - https://www.runnersworld.com/news/a71508401/ellery-lincoln-hoka-festival-of-miles/ - What to Do if Your Trail Dog is Obsessed With Wildlife (Trail Runner Mag) - https://www.trailrunnermag.com/people/culture-people/what-to-do-if-your-trail-dog-is-obsessed-with-wildlife/ - Pentagon raised threat of Israeli spying on U.S. to highest level, sources say (Hacker News) - https://www.nbcnews.com/politics/national-security/pentagon-raised-threat-israeli-spying-us-highest-level-sources-say-rcna348565

Episode 66: June 06, 2026

This episode covers six critical cybersecurity signals, from World Cup scam operations already in overdrive to the disturbing rise of in-person social engineering attacks where ransomware crews literally walk into offices. Adrian unpacks why the browser has become the new security perimeter and what that means for anyone who thinks their defenses are still holding. Stories covered: - FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins (The Hacker News) - https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html - What 2026 DBIR Confirms: Attacks Are Living in the Browser (BleepingComputer) - https://www.bleepingcomputer.com/news/security/what-2026-dbir-confirms-attacks-are-living-in-the-browser/ - Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person (TechCrunch) - https://techcrunch.com/2026/06/05/google-and-fbi-warn-of-ransomware-group-that-sends-fake-it-workers-to-hack-victims-in-person/ - Best Running Shoes, Tested and Reviewed (2026): Saucony, Adidas, Hoka (Wired) - https://www.wired.com/gallery/best-running-shoes/ - pg_durable: Microsoft open sources in-database durable execution (Hacker News) - https://github.com/microsoft/pg_durable - The saga of the International Space Station air leak took a worrying turn Friday (Ars Technica) - https://arstechnica.com/space/2026/06/work-on-russias-leaky-space-station-module-causes-astronauts-to-take-shelter/

Episode 65: June 05, 2026

This episode covers a critical Cisco vulnerability that grants attackers root access without credentials, AI-powered tools now hunting bugs faster than humans, and underground tutorials industrializing cybercrime for beginners. We also dig into a two-year-old Redis flaw and a sixteen-year-old white-hat hacker who broke into India's exam portals just to fix them. It's Signal Check — your early-morning look at what's moving in the security world before the chaos starts. Stories covered: - Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public (The Hacker News) - https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html - Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) (The Hacker News) - https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html - Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook (BleepingComputer) - https://www.bleepingcomputer.com/news/security/hackers-are-after-the-gaps-in-your-vulnerability-program-heres-their-playbook/ - He is 16. He broke into NEET and JEE portals to fix it - India Today (India Today) - https://news.google.com/rss/articles/CBMiugFBVV95cUxNYV9RR0xua1h2X1lQQTNzN1ZwX1Blck82V0huZmFScmdwZFlfOXQ0OXFyOTVKLUZ4Mlp3WVJsQmI0Qm9JQjE1THA4aGJ3QVhjWGgtY2dXYm80Z01GTXR6MXh1SEdIVzM5dTkxUDhIYUpkN1dxSUp6WnBiN0I3M0E0ZjhZZk5vbkhsNHhsZ3YzUFI0cjZLQl9SYjNUdU9qcThxai1mYWRFRHZqRWE0WkdXbzV6MjVtMTdCVGfSAb8BQVVfeXFMUDdUUkx4VVZJbnAyNUdfWHdBdGMwWlRvR0padFFUY3hMR252YXJjcHA1TlEtSThlaE8teWpFelp6RlFsVzhvQ2JDMXpfWUdhalBsa3pObGdrbkVvSjBkVFRJbGhtWTh6VmdfRFhlMWNYek92dHFQa0M2enV0OE9USGdFM1hZS21tOUdFTUxUWkRJNmhmbUhZMlFaS19aank1WS1RNHFZSWFSU2ozTllEVXN6blBDLVJJb0FJdHVvYjA?oc=5 - This 90-Year-Old Runner Just Finished His First Marathon After Rediscovering Running Later in Life (Runner's World) - https://www.runnersworld.com/news/a71481967/bill-schwarz-first-marathon-90-years-old/ - Meta's ships facial recognition on smart glasses (Hacker News) - https://www.buchodi.com/meta-glasses-facial-recognition/