Signal Check

Episode 51: May 22, 2026

This episode covers Microsoft shutting down a malware signing operation that weaponized their own trust systems, law enforcement dismantling a VPN service used by ransomware gangs, and a nine-year-old Linux kernel vulnerability that somehow stayed hidden in plain sight. Adrian also digs into GitHub's employee device compromise and what it means when the tools built to protect us become the very things attackers exploit. Stories covered: - Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks (The Hacker News) - https://thehackernews.com/2026/05/microsoft-takes-down-malware-signing.html - Police seize “First VPN” service used in ransomware, data theft attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/police-seize-first-vpn-service-used-in-ransomware-data-theft-attacks/ - 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros (The Hacker News) - https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html - GitHub confirms 'hacking' attack; says: We detected and contained a compromise of an employee device invo - The Times of India (The Times of India) - https://news.google.com/rss/articles/CBMiqAJBVV95cUxPeWUwVngxRXo5NjZQWTlFMTAxMnpPLVVHYm5yVEtxZWdKVWMwd1ZVeGpUNEcwOVRxRUdBX2o5VjVlSnZ3LUVuLU9QNnc0NTNkUDBJWUVoblE1aGRlZWlWakQxMllzSWthNlVGV1hoWEQwb3pnMVM5NVdMd3J2NkE0bmFfN0FQamNidFdFNWVFWmw2OUhxU3ZXMTBEdWVlSjRxb3gtVjk2Qjl2aFJzS2JTWW81dEg1U1ZxbHVMcFZmMXozNWYybXpUb3lHcnVGT3o5bW9JQXRzN3Z4dGhTcm9RU1hlTWpCNjNZN09aTVpNSlN0YWhNZ2xzY3FwMVF4eVZ4UHNaRmNpSVdicXRVRG1mS0k4RmJXQzduMl83T2VqMGdtdDRGdXhCSNIBrgJBVV95cUxOcnhHTmJ3RXhwMUdyc1pYeFFtQ2t1c2s5anI4LVJkLVJoWnhVakdVWU1TVDRBQVNtVC1IOUN1OWFRcDJ5LTlCb0h6WFZCRlBndDRvbWgwOElXeE1aSF9ha3RNZ29fYm44MFJreVFMa250b0dPN25HWVJnUElkeFIxOVJDOGVnWTYtNmZ1aks2eHRCYTJsZWV0b3VFTjBkU3U2NFdoMmRBeGhETDc3Y2pGR1BQUzZ6NTdGNzV5Z29VdEhhUWc4b3lOWkRLSnMxWGFKNDItQlR0TW1GUE1xZmtBd1FVam8yMFBabjBJbzRBOTVlS0JhTmpIc2JSM0JVZ3hXRlBQVm1TdTRaWWlUWVozNWNTVEpyWmpPSktqOXd2WjVQdnJfS1lNMnZMd1dydw?oc=5 - The Adidas Ultraboost 5X Is Over 50% Off—and Still One of Our Favorite Running Shoes (Runner's World) - https://www.runnersworld.com/gear/a71365136/adidas-ultraboost-5x-sale-may-2026/ - Golden Trail World Series is now in Canada; here’s what you need to know (Canadian Running) - https://runningmagazine.ca/trail-running/golden-trail-world-series-is-now-in-canada-heres-what-you-need-to-know/

Episode 50: May 21, 2026

This episode covers GitHub's massive breach, CISA's accidental exposure of government cloud credentials, and Microsoft's new open-source AI security tools. We dig into what happens when the infrastructure holding our infrastructure gets compromised, plus a quick detour into gray zone training and why most runners are doing it wrong. Stories covered: - GitHub Confirms Breach, 4K Internal Repos Stolen (Dark Reading) - https://www.darkreading.com/application-security/github-confirms-breach-4k-internal-repos-stolen - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development (The Hacker News) - https://thehackernews.com/2026/05/microsoft-open-sources-rampart-and.html - What to Know About Gray Zone Training and How It Can Help—or Harm—Your Running (Runner's World) - https://www.runnersworld.com/training/a71353931/gray-zone-training/ - What Are Peptides, And Why Is Every Middle-Aged Runner Suddenly Talking About BPC-157? (Marathon Handbook) - https://marathonhandbook.com/what-are-peptides-and-why-is-every-middle-aged-runner-suddenly-talking-about-bpc-157/ - Google Declaring War on the Web (Hacker News) - https://tante.cc/2026/05/20/on-google-declaring-war-on-the-web/

Episode 49: May 20, 2026

On today's Signal Check, Adrian North digs into over six hundred malicious npm packages flooding the registry, a CISA contractor's exposed AWS credentials left on GitHub, and a newly public Linux kernel exploit called DirtyDecrypt. The episode wraps with a quick detour into reframing personal narratives and how the stories we tell ourselves shape what we think is possible. Stories covered: - New Shai-Hulud malware wave compromises 600 npm packages (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-shai-hulud-malware-wave-compromises-600-npm-packages/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability (The Hacker News) - https://thehackernews.com/2026/05/dirtydecrypt-poc-released-for-linux.html - This Training Plan Transformed Her View on Running. It Could Change Your Mindset, Too. (Runner's World) - https://www.runnersworld.com/beginner/a71350276/couch-to-5k-training-plan/ - ‘Women Can Do This’: She Started Racing Postpartum in Her 30s. Now She’s an Ultrarunning Champion (Runner's World) - https://www.runnersworld.com/news/a71309956/careth-arnold-ultrarunning-postpartum/ - Microsoft Exchange Zero-Day Under Attack, No Patch Available (Dark Reading) - https://www.darkreading.com/vulnerabilities-threats/microsoft-exchange-zero-day-no-patch

Episode 48: May 19, 2026

This episode covers a critical NGINX vulnerability already being exploited in the wild, a Windows zero-day giving attackers full system control, and a jaw-dropping security lapse where CISA's own contractor leaked AWS GovCloud credentials on GitHub. We also dig into a massive NYC Health + Hospitals breach exposing biometric data from nearly two million people—the kind of information you can never change once it's stolen. Stories covered: - NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE (The Hacker News) - https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html - New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released (BleepingComputer) - https://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people (TechCrunch) - https://techcrunch.com/2026/05/18/nyc-health-and-hospitals-says-hackers-stole-medical-data-and-fingerprints-during-breach-affecting-at-least-1-8-million-people/ - What to Do When You Don’t Get Into Your Goal Race (Runner's World) - https://www.runnersworld.com/races-places/a71318334/world-marathon-major-race-alternatives/ - Everything You Need to Know About the 2026 Cape Town Marathon (Marathon Handbook) - https://marathonhandbook.com/everything-you-need-to-know-about-the-2026-cape-town-marathon/

Episode 47: May 18, 2026

On today's Signal Check, Adrian covers a dangerous new Windows zero-day giving attackers full system access, an actively exploited NGINX vulnerability hitting millions of sites, and why your summer running pace feels impossibly hard. Plus, Olympic marathoner Molly Seidel's shift from the road to ultrarunning reminds us that even elite athletes need to find what's fun again. Stories covered: - New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released (BleepingComputer) - https://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/ - NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE (The Hacker News) - https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html - Why Your Usual Running Pace Feels Harder in the Heat—and What to Do About It (Runner's World) - https://www.runnersworld.com/training/a71318220/running-intensity-in-heat/ - ‘It Just Wasn’t Fun Anymore’: Why Molly Seidel Stepped Away from Marathoning—and Is Thriving on the Trails (Runner's World) - https://www.runnersworld.com/news/a71166284/molly-seidel-ultra-trail-running/ - Victory! End-to-End Encrypted RCS Comes to Apple and Android Chats (EFF) - https://www.eff.org/deeplinks/2026/05/victory-end-end-encrypted-rcs-comes-apple-and-android-chats - Ebola outbreak with uncommon strain erupts in Congo and Uganda; 65 deaths (Ars Technica) - https://arstechnica.com/health/2026/05/ebola-outbreak-confirmed-in-congo-and-uganda-246-suspected-cases-65-deaths/