Episode 79: June 19, 2026

Episode 80: June 20, 2026

This episode covers critical security patches for NGINX that can't wait until Monday, a messy OAuth breach at Klue that gave hackers direct access to Salesforce data, and an unpatchable exploit in millions of older iPhones that Apple can't fix with software. Adrian walks through what moved overnight and why it matters before the weekend noise kicks in. Stories covered: - F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution (The Hacker News) - https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html - Klue OAuth breach victim list grows as Icarus hackers claim attack (BleepingComputer) - https://www.bleepingcomputer.com/news/security/klue-oauth-breach-victim-list-grows-as-icarus-hackers-claim-attack/ - Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain (The Hacker News) - https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html - I Faded During My First Two Races. This Simple Workout Helped Me Finish the Next One Strong—and Set a PR. (Runner's World) - https://www.runnersworld.com/training/a71631335/fartlek-training-race-stronger/ - A bold satellite rescue mission came together in record time, but will it work? (Ars Technica) - https://arstechnica.com/space/2026/06/a-bold-satellite-rescue-mission-came-together-in-record-time-but-will-it-work/ - The Free and Open Web Is Under Attack at the IETF (EFF) - https://www.eff.org/deeplinks/2026/06/free-and-open-web-under-attack-ietf

Episode 79: June 19, 2026

This episode digs into a patient cryptocurrency clipper campaign running since February, a French attacker who pivoted to legitimate remote tools when their server died, and why Salesforce integrations are becoming a serious supply chain risk. Adrian pulls signal from the noise before the day gets loud. Stories covered: - Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 (The Hacker News) - https://thehackernews.com/2026/06/microsoft-details-windows-clipper.html - Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline (The Hacker News) - https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html - Salesforce Data Thefts Continue via Klue App Compromise (Dark Reading) - https://www.darkreading.com/cyberattacks-data-breaches/salesforce-data-thefts-klue-app-compromise - Shoulder and back exercises to improve your running mechanics (Canadian Running) - https://runningmagazine.ca/sections/training/shoulder-and-back-exercises-to-improve-your-running-mechanics/ - Launch HN: TesterArmy (YC P26) – Agents that test web and mobile apps (Hacker News) - https://tester.army - ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm (Krebs on Security) - https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/

Episode 78: June 18, 2026

On today's Signal Check, Adrian North walks through six morning signals including the UK's controversial ID-based age verification law for social media, a sophisticated Android banking trojan called Rokarolla targeting hundreds of apps, and a French cyberattack that used legitimate IT tools to maintain persistent access. It's a sharp look at what moved overnight before the inbox explodes. Stories covered: - UK to require ID or face scan before you can make social media accounts (BleepingComputer) - https://www.bleepingcomputer.com/news/security/uk-to-require-id-or-face-scan-before-you-can-make-social-media-accounts/ - New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds (The Hacker News) - https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html - Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline (The Hacker News) - https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html - The Performance Booster That Could Help You Push Through Fatigue—If Your Stomach Can Handle It (Runner's World) - https://www.runnersworld.com/nutrition-weight-loss/a71606411/sodium-bicarbonate-runners-performance/ - European Champion Ciara Mageean Says She Will “Fit as Much Living” Into the Years She Has Left (Marathon Handbook) - https://marathonhandbook.com/european-champion-ciara-mageean-says-she-will-fit-as-much-living-into-the-years-she-has-left/ - The Free and Open Web Is Under Attack at the IETF (EFF) - https://www.eff.org/deeplinks/2026/06/free-and-open-web-under-attack-ietf

Episode 77: June 17, 2026

This episode digs into a powerful new Android banking trojan hitting over 200 apps, a federal warning about an actively exploited cPanel plugin, and a leaked membership list from Peter Thiel's ultra-exclusive Dialog retreat. Signal Check covers the threats already moving before your coffee gets cold. Stories covered: - New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds (The Hacker News) - https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html - Humiliating IIS servers for fun and jail time (Hacker News) - https://mll.sh/humiliating-iis-servers-for-fun-and-jail-time/ - CISA warns of another cPanel plugin flaw exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-warns-of-another-actively-exploited-cpanel-plugin-flaw/ - Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society (Wired) - https://www.wired.com/story/leak-exposes-members-of-peter-thiels-secretive-dialog-society/ - The 6 Best Toe Separators That Can Help Prevent Injury and Relieve Pain (Runner's World) - https://www.runnersworld.com/health-injuries/g40457572/best-toe-separators/ - Hacker: 'I Could Have Rickrolled the World Cup' - Bank Info Security (Bank Info Security) - https://news.google.com/rss/articles/CBMiiAFBVV95cUxNODd3SDVpTGV6ZGxCMU9HNS1ycjc3M0JnSDltYmJIOXZkQUEzSEtVTi1hZGVaVW1nc2J5MXJwTTZHZGxDeDBRd2lRd2U2YXd3b0U1UUpEOVd6RjdXRUxoSW01UEFOTk9Jbm1lV1Y0MnNGS2RUNFpFZWQ1Zzctd2t5M0VodlVSZm4w?oc=5

Episode 76: June 16, 2026

This episode digs into a cascade of high-value security breaches, from a three-vulnerability chain in AI gateway infrastructure to a one-click exploit in Microsoft 365 Copilot that exposed entire workspaces. We also cover a year-long Chinese espionage campaign that weaponized Google Workspace forwarding rules and a LinkedIn job scam that sparked hundreds of comments on Hacker News. Stories covered: - LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers (The Hacker News) - https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html - One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes (The Hacker News) - https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html - Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails (The Hacker News) - https://thehackernews.com/2026/06/chinese-hackers-abused-google-workspace.html - A backdoor in a LinkedIn job offer (Hacker News) - https://roman.pt/posts/linkedin-backdoor/ - Think Your Best Running Years Are Behind You at 50+? This Mileage Data Says Otherwise. (Runner's World) - https://www.runnersworld.com/training/a71591415/running-after-50-mileage-data/ - A New “Stairway to Heaven” Awaits Broken Arrow Runners This Week (Marathon Handbook) - https://marathonhandbook.com/a-new-stairway-to-heaven-awaits-broken-arrow-runners-this-week/