Episode 47: May 18, 2026

Episode 56: May 27, 2026

This episode covers a critical Microsoft SharePoint vulnerability demanding immediate patching, a major 7-Eleven data breach exposing 183,000 people, and a coordinated supply chain attack hitting three major package ecosystems at once. Adrian also digs into an Oregon hacker who sold access to the state's emergency network for Bitcoin. It's Wednesday morning, and the signals are already humming. Stories covered: - Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions (The Hacker News) - https://thehackernews.com/2026/05/microsoft-patches-sharepoint-rce-flaw.html - 7-Eleven data breach exposes personal information of 185,000 people (BleepingComputer) - https://www.bleepingcomputer.com/news/security/7-eleven-data-breach-exposes-personal-information-of-185-000-people/ - TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO (The Hacker News) - https://thehackernews.com/2026/05/trapdoor-supply-chain-attack-spreads.html - Hacker who sold access to Oregon state emergency network for Bitcoin gets prison - OregonLive.com (OregonLive.com) - https://news.google.com/rss/articles/CBMixAFBVV95cUxNczh0aUVGUzllVUVlZXJ4R24zM25tVTgzM1FwNWZSMm9ibjZRdE9hU1VORWZTMWFSdk1TUVZGVklGdE5QdmZFM29JTl92X05uWWpfOUthWkdraGtVenpCVWtaRnYtV3dxOVJnWkxXSW41S0ZnR2FjYS1Nc0FnaGxSNXBiWnNESmdFX0E0enVfNXNEREY1ZmNwcnA0NXgyaHVtVVozSWlGNFJzUk02aFlpVThVQXlpUmlSNWN1LU9Hc0tUbk4y0gHYAUFVX3lxTE1WS3FpaVlGT0UtWVBtUVpBVnBtcFFQTjdvU1RZRjMzZlpFS0kwZmxfUmhyR1VTd1J0SGlOd1Vnc1pfYTZhSkxBWkZrRzBCZlNiUFIwNlFHbExOaEJWblVwTG5IaVlsWWJJX01Eclc0TDRtN2dyb2pjck4tQTcwa0NZMEczMWthQ1h2V24wYk4zcU5oVFF3T1RNMjlyWmZTdW9nc2tRdVFJYVhySHhfa1VWNzIyZVdtcldJb3lXM1d5NWQteExseWlKNU9SNzNsdjQzX19sTEdmNQ?oc=5 - These Runners Dress Up Like Salmon Every Year and Run This Historic Race—Backwards (Runner's World) - https://www.runnersworld.com/news/a71376795/bay-to-breakers-costume-runners/ - DuckDuckGo installs are up 30% as users reject being ‘force-fed’ Google’s AI Search (TechCrunch) - https://techcrunch.com/2026/05/26/duckduckgo-installs-are-up-30-as-users-reject-being-force-fed-googles-ai-search/

Episode 55: May 26, 2026

On today's Signal Check, Adrian North digs into a massive botnet takedown involving two million compromised devices, a coordinated supply chain attack targeting developers across three major code repositories, and Verizon's latest breach report showing a major shift in how attackers are getting in. Plus, a Romanian ultramarathon turns into a mountain rescue when weather strikes harder than expected. Stories covered: - US and Canada arrest and charge suspected Kimwolf botnet admin (BleepingComputer) - https://www.bleepingcomputer.com/news/security/us-and-canada-arrest-and-charge-suspected-kimwolf-botnet-admin/ - TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO (The Hacker News) - https://thehackernews.com/2026/05/trapdoor-supply-chain-attack-spreads.html - Verizon 2026 DBIR: Vulnerability Exploitation Leaps Ahead of Stolen Credentials as #1 Initial Breach Cause - CPO Magazine (CPO Magazine) - https://news.google.com/rss/articles/CBMi4gFBVV95cUxQcl80azh0dFB1ZE5TdGM3eW4zVk9XZEtnczNNeUM1SUI4M1lnSFJvbk8tQzY1RXNwT1AxQWZ5X21BUG82ZTJtQy1mUGhpYkpsOXNnT2FxaVVXdUZYTG9yd3NaR0pBLVNPQkE3UkpzYmFQS2tqeWItdFgtX3ZSMUx1U0RpWERPUnZYSHdZNXlhaGxUdjJHbDhud3cta0tGNkgxa3I4amc3WE1kMWcySEQ1dHRqenJPUDlPbnJJUFBTbWpOQkZhWmRKVENqcGFYN2dYZmNNajBTSFB3ZFItQXJNeWdn?oc=5 - Snow and Ice Trap Runners at Romania’s Transylvania 100, Triggering Mass Mountain Rescue (Marathon Handbook) - https://marathonhandbook.com/snow-and-ice-trap-runners-at-romanias-transylvania-100-triggering-mass-mountain-rescue/ - On Trails is a wandering tale that blends hiking, science, and history (The Verge) - https://www.theverge.com/entertainment/936860/robert-moor-on-trails-book-review - Microsoft Copilot Cowork Exfiltrates Files (Hacker News) - https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files

Episode 54: May 25, 2026

This episode covers a coordinated supply chain attack on PHP's Packagist repository, mass exploitation of a critical Ghost CMS vulnerability turning websites into malware traps, and the ironic exposure of AWS GovCloud credentials by a CISA contractor's public GitHub repo. Adrian breaks down how attackers are poisoning dependencies upstream, automating large-scale injections, and why even the agencies protecting federal networks aren't immune to basic security mistakes. Stories covered: - Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware (The Hacker News) - https://thehackernews.com/2026/05/packagist-supply-chain-attack-infects-8.html - Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign (BleepingComputer) - https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows (The Hacker News) - https://thehackernews.com/2026/05/megalodon-github-attack-targets-5561.html - On Trails is a wandering tale that blends hiking, science, and history (The Verge) - https://www.theverge.com/entertainment/936860/robert-moor-on-trails-book-review - The Shoes That Won The 2026 Cape Town Marathon (Marathon Handbook) - https://marathonhandbook.com/the-shoes-that-won-the-2026-cape-town-marathon/

Episode 53: May 24, 2026

This episode covers GitHub's new security requirements for npm publishers, a major credential leak from a CISA contractor, and Apple's lockdown mode for high-risk users. We dig into how trust gets built—and broken—in software supply chains and government infrastructure. On today's show, friction that protects, keys left in plain sight, and what to do when your phone becomes a target. Stories covered: - npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks (The Hacker News) - https://thehackernews.com/2026/05/npm-adds-2fa-gated-publishing-and.html - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - These special phone and app features can help protect you from spyware (TechCrunch) - https://techcrunch.com/2026/05/23/you-dont-have-to-click-anything-to-get-hacked-anymore-heres-how-to-fight-back/ - Adidas Built a Suit That Makes You Run Faster. The World’s Best Marathoners Aren’t Sure They Want It. (Marathon Handbook) - https://marathonhandbook.com/adidas-built-a-suit-that-makes-you-run-faster-the-worlds-best-marathoners-arent-sure-they-want-it/ - TSA Confirms Medical Cannabis Air Travel Policy Remains Unchanged Triggering Widespread Passenger Confusion, Flight Cancellations Risk, and Airport Disruptions Across New York, Los Angeles, Chicago, and Miami: New Airline News and Aviation Upda - Nomad Lawyer (Nomad Lawyer) - https://news.google.com/rss/articles/CBMigAFBVV95cUxNSjk4Z2dodFpJZGVoZ2U3UHBzNEF6ZXYzUlB6RVJSbUFpWEhHMkgwYzBOSEhoZTh1b2RQamVpUk55NjNmVEJXd1liS3N0clRPTU9HeEVQY1VDQzl4a2pfNVpjYm5mY3Z3UUZyYWlLVThtWHpmT202WkRHVjNBT3Nxdg?oc=5 - Ebola outbreak now third largest recorded and "spreading rapidly" (Ars Technica) - https://arstechnica.com/health/2026/05/ebola-outbreak-now-third-largest-recorded-and-spreading-rapidly/

Episode 52: May 23, 2026

This episode digs into the week's quiet but persistent threats—Linux rootkits, router zero-days, and AI adversarial probing—before covering major incidents including Grafana Labs' GitHub breach and a zero-day exploit in Trend Micro's own security software. Adrian North wraps up with a sobering reminder that even CISA contractors aren't immune to mistakes, as exposed AWS GovCloud credentials sat publicly on GitHub. Stories covered: - ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories (The Hacker News) - https://thehackernews.com/2026/05/threatsday-bulletin-linux-rootkits.html - Grafana Labs Security Breach - Hackers Access GitHub and Download Codebase - CyberSecurityNews (CyberSecurityNews) - https://news.google.com/rss/articles/CBMia0FVX3lxTE00aWtyeFl6WE1sS1N0X0JRYkJXQmxvQ1NpYVlSeWZGempNc2RXdlM2TU5pdkh5SDlOVXVLMGRPMXZzU2VIOUFwUFlSNkR2YVpxcEpZdEcxa3Y4TGgzdlk4cnpra1FCbHh4OWhJ0gFwQVVfeXFMT1owNlYwdDNmV0c5bWVlNlJHbDB6TnlNS28xWUZ1RWpsVHpyQTFxWmZzcG9lV3h3RTBTczM1TWJnaW13Qk10RHpfMi1JME9abzh3QnBRdWlWeVk2cHpVLXJxNHlieWhUZTFUR0swWF9rVw?oc=5 - Trend Micro warns of Apex One zero-day exploited in the wild (BleepingComputer) - https://www.bleepingcomputer.com/news/security/trend-micro-warns-of-apex-one-zero-day-exploited-in-attacks/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - The Best Editor-Approved Memorial Day Deals on Garmin, Coros, and Shokz: Get Hundreds Off Popular Gear for Runners (Runner's World) - https://www.runnersworld.com/gear/a71292623/memorial-day-running-gear-deals-2026/ - Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses (TechCrunch) - https://techcrunch.com/2026/05/22/trump-mobile-confirms-it-exposed-customers-personal-data-including-phone-numbers-and-home-addresses/