Episode 76: June 16, 2026

Episode 76: June 16, 2026

This episode digs into a cascade of high-value security breaches, from a three-vulnerability chain in AI gateway infrastructure to a one-click exploit in Microsoft 365 Copilot that exposed entire workspaces. We also cover a year-long Chinese espionage campaign that weaponized Google Workspace forwarding rules and a LinkedIn job scam that sparked hundreds of comments on Hacker News. Stories covered: - LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers (The Hacker News) - https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html - One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes (The Hacker News) - https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html - Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails (The Hacker News) - https://thehackernews.com/2026/06/chinese-hackers-abused-google-workspace.html - A backdoor in a LinkedIn job offer (Hacker News) - https://roman.pt/posts/linkedin-backdoor/ - Think Your Best Running Years Are Behind You at 50+? This Mileage Data Says Otherwise. (Runner's World) - https://www.runnersworld.com/training/a71591415/running-after-50-mileage-data/ - A New “Stairway to Heaven” Awaits Broken Arrow Runners This Week (Marathon Handbook) - https://marathonhandbook.com/a-new-stairway-to-heaven-awaits-broken-arrow-runners-this-week/

Episode 75: June 15, 2026

This episode covers six cybersecurity and tech stories from Monday morning, including a zero-day exploit in Oracle PeopleSoft by ShinyHunters, a massive AUR package compromise affecting Arch Linux users, and a CISA emergency directive on Ivanti Sentry. Adrian also digs into a fascinating DIY project where someone indexed 669 gigabytes of GoPro footage using local machine learning models. Stories covered: - ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (The Hacker News) - https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html - Over 400 Arch Linux packages compromised to push rootkit, infostealer (BleepingComputer) - https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/ - CISA orders feds to patch actively exploited Ivanti flaw by Sunday (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/ - I indexed 669 GB of my GoPro videos using my M1 Max computer and local ML models (Hacker News) - https://news.ycombinator.com/item?id=48528029 - Are You Running More or Less Than Your Peers? New Data Shows the Average Distance by Age Group (Runner's World) - https://www.runnersworld.com/training/a71570890/average-run-distance-by-age/ - She Started Running at 65—and Just 3 Years Later Finished Her First Boston Marathon (Runner's World) - https://www.runnersworld.com/runners-stories/a71550469/sandra-cotterell-boston-marathon/

Episode 74: June 14, 2026

This episode covers a major supply chain attack on Arch Linux's AUR, a zero-day exploit in Oracle PeopleSoft used by the ShinyHunters crew to breach universities, and a few unexpected signals about endurance and starting late. Adrian breaks down the technical fallout from both incidents and reminds us that not every signal is a threat—some are just proof that it's never too late to begin. Grab your coffee and get the morning download before the day gets loud. Stories covered: - Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit (The Hacker News) - https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html - ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (The Hacker News) - https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html - Over 400 Arch Linux packages compromised to push rootkit, infostealer (BleepingComputer) - https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/ - She Started Running at 65—and Just 3 Years Later Finished Her First Boston Marathon (Runner's World) - https://www.runnersworld.com/runners-stories/a71550469/sandra-cotterell-boston-marathon/ - Intriguing Storylines and Predictions for the 2026 Western States 100 (iRunFar) - https://www.irunfar.com/intriguing-storylines-and-predictions-for-the-2026-western-states-100 - Chinese hackers hijack auth flow, spy on isolated network for a decade (BleepingComputer) - https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/

Episode 73: June 13, 2026

This episode digs into a brutal week for security, starting with over 400 hijacked Arch Linux packages that installed credential stealers and rootkits. We also cover ShinyHunters exploiting a zero-day in Oracle PeopleSoft to hit universities, and an AI-powered cyber defense platform launching with serious funding and even bigger questions. Stories covered: - Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit (The Hacker News) - https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html - ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (The Hacker News) - https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html - He Hacked Teslas For Elon Musk. Now He’s Launching A $100 Million AI Cyber Agent. - Forbes (Forbes) - https://news.google.com/rss/articles/CBMiuwFBVV95cUxPeEhOdFU0M2trc1E2Zko0d0pzX2lyQ2RNdExTcno4WWI5cGRHUThGeWQtR3locXZPREwtNkhkVG0yZ2lUQjNVVTJQM0VjVHd3U2k1WHp3S0dwMEc5YlNfN1ZBTll3cTJ2dm14ZWVHZjJ4eTJiWnRVazBJN3FvbU1MM2I1VHh5VlhLNnVROHJaNXR5eDA5UUE2dUVJU25HcU1ITFpZQnV0eUxTS0FxUmpRaVI4TkFrbWdDTEFB?oc=5 - Oracle mitigates PeopleSoft zero-day exploited in data theft attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/oracle-mitigates-peoplesoft-zero-day-exploited-in-data-theft-attacks/ - Intriguing Storylines and Predictions for the 2026 Western States 100 (iRunFar) - https://www.irunfar.com/intriguing-storylines-and-predictions-for-the-2026-western-states-100 - Man sues law enforcement alleging AI facial recognition technology led to wrongful arrest - ABC News - Breaking News, Latest News and Videos (ABC News - Breaking News, Latest News and Videos) - https://news.google.com/rss/articles/CBMipgFBVV95cUxNYkxZcmlfd3dZdHRKb0JGdUExZWVmRDlPYkNlczc0LWtfMnU1ektLaWt1a2JtTXRhOGVpYkJUOUJmdG9VXzJVdUxsMnR0UWNRYXdmUUtnQnR6QmhuQUNRc2NpcFQ1ZEZackU2UzJ6SU8wUndvZ1VWUjN0NS0yWVhTRGt5QjZCZmk2QjR0NHQzTmx4Z0Q5MVBEZjdPZDVkbDg2WkRyNDdB0gGrAUFVX3lxTE1ZaGdfR1NQVWZQQVRkXzZDc2tWcl9JVUV4clhPUzlvNUgxdWNyVDFuSkptWjVSWXp1aU5ZOGcxblpWX1JzMGtJalgzUFJhcS1VX2lWNy1fR0tOeGFJY3NnNDhEUGlRazZuT2ZYejdOWGpPOXJBcExnd1paMnhvZkppdjZWU2xCeU9VMk1DeWZiMVNONzdMdHlyOFNpRC01Sm1Zb0RzY2dEY0ROSQ?oc=5

Episode 72: June 12, 2026

This episode covers ShinyHunters exploiting an unpatched Oracle PeopleSoft vulnerability to breach universities, the leaked Miasma worm source code lowering the barrier for supply-chain attacks, and new research showing how AI agents like OpenClaw can be tricked into running malicious code through prompt injection. Adrian breaks down the week's critical signals before the weekend hits. Stories covered: - ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (The Hacker News) - https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html - The ‘Miasma’ worm source code briefly leaked on GitHub (BleepingComputer) - https://www.bleepingcomputer.com/news/security/the-miasma-worm-source-code-briefly-leaked-on-github/ - New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets (The Hacker News) - https://thehackernews.com/2026/06/new-attacks-trick-openclaw-ai-agent.html - Why You Have to Run SLOW to Race FAST (The Science of Easy Running) (Marathon Handbook) - https://marathonhandbook.com/why-you-have-to-run-slow-to-race-fast-the-science-of-easy-running/ - Everest 2026: Sherpas and Guides Call For Change (ExplorersWeb) - https://explorersweb.com/everest-2026-summary-sherpas-and-guides-call-for-change/ - Why You Might Already Own SpaceX Shares, Siri’s AI Makeover, and Knicks Owner’s Surveillance Machine (Wired) - https://www.wired.com/story/uncanny-valley-podcast-why-you-might-already-own-spacex-shares-siri-ai-makeover-knicks-owner-surveillance-machine/