Signal Check

Episode 67: June 07, 2026

Adrian North — Sun, 07 Jun 2026 03:00:00 -0600

This episode digs into Arabic-targeted Android spyware disguised as news apps, a massive npm supply chain attack distributing Rust-based malware to developers, and how hackers reportedly hijacked high-profile Instagram accounts using Meta's own AI support bot. Adrian North walks through the weekend's most critical signals before the world fully wakes up. It's your Sunday morning threat briefing with coffee in hand. Stories covered: - Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps (The Hacker News) - https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html - IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks (The Hacker News) - https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html - Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts (Krebs on Security) - https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/ - This High School Star Just Ran the 3rd Fastest Prep Mile Ever—and Even Beat the Pros (Runner's World) - https://www.runnersworld.com/news/a71508401/ellery-lincoln-hoka-festival-of-miles/ - What to Do if Your Trail Dog is Obsessed With Wildlife (Trail Runner Mag) - https://www.trailrunnermag.com/people/culture-people/what-to-do-if-your-trail-dog-is-obsessed-with-wildlife/ - Pentagon raised threat of Israeli spying on U.S. to highest level, sources say (Hacker News) - https://www.nbcnews.com/politics/national-security/pentagon-raised-threat-israeli-spying-us-highest-level-sources-say-rcna348565

Episode 66: June 06, 2026

Adrian North — Sat, 06 Jun 2026 03:00:00 -0600

This episode covers six critical cybersecurity signals, from World Cup scam operations already in overdrive to the disturbing rise of in-person social engineering attacks where ransomware crews literally walk into offices. Adrian unpacks why the browser has become the new security perimeter and what that means for anyone who thinks their defenses are still holding. Stories covered: - FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins (The Hacker News) - https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html - What 2026 DBIR Confirms: Attacks Are Living in the Browser (BleepingComputer) - https://www.bleepingcomputer.com/news/security/what-2026-dbir-confirms-attacks-are-living-in-the-browser/ - Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person (TechCrunch) - https://techcrunch.com/2026/06/05/google-and-fbi-warn-of-ransomware-group-that-sends-fake-it-workers-to-hack-victims-in-person/ - Best Running Shoes, Tested and Reviewed (2026): Saucony, Adidas, Hoka (Wired) - https://www.wired.com/gallery/best-running-shoes/ - pg_durable: Microsoft open sources in-database durable execution (Hacker News) - https://github.com/microsoft/pg_durable - The saga of the International Space Station air leak took a worrying turn Friday (Ars Technica) - https://arstechnica.com/space/2026/06/work-on-russias-leaky-space-station-module-causes-astronauts-to-take-shelter/

Episode 65: June 05, 2026

Adrian North — Fri, 05 Jun 2026 03:00:00 -0600

This episode covers a critical Cisco vulnerability that grants attackers root access without credentials, AI-powered tools now hunting bugs faster than humans, and underground tutorials industrializing cybercrime for beginners. We also dig into a two-year-old Redis flaw and a sixteen-year-old white-hat hacker who broke into India's exam portals just to fix them. It's Signal Check — your early-morning look at what's moving in the security world before the chaos starts. Stories covered: - Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public (The Hacker News) - https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html - Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) (The Hacker News) - https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html - Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook (BleepingComputer) - https://www.bleepingcomputer.com/news/security/hackers-are-after-the-gaps-in-your-vulnerability-program-heres-their-playbook/ - He is 16. He broke into NEET and JEE portals to fix it - India Today (India Today) - https://news.google.com/rss/articles/CBMiugFBVV95cUxNYV9RR0xua1h2X1lQQTNzN1ZwX1Blck82V0huZmFScmdwZFlfOXQ0OXFyOTVKLUZ4Mlp3WVJsQmI0Qm9JQjE1THA4aGJ3QVhjWGgtY2dXYm80Z01GTXR6MXh1SEdIVzM5dTkxUDhIYUpkN1dxSUp6WnBiN0I3M0E0ZjhZZk5vbkhsNHhsZ3YzUFI0cjZLQl9SYjNUdU9qcThxai1mYWRFRHZqRWE0WkdXbzV6MjVtMTdCVGfSAb8BQVVfeXFMUDdUUkx4VVZJbnAyNUdfWHdBdGMwWlRvR0padFFUY3hMR252YXJjcHA1TlEtSThlaE8teWpFelp6RlFsVzhvQ2JDMXpfWUdhalBsa3pObGdrbkVvSjBkVFRJbGhtWTh6VmdfRFhlMWNYek92dHFQa0M2enV0OE9USGdFM1hZS21tOUdFTUxUWkRJNmhmbUhZMlFaS19aank1WS1RNHFZSWFSU2ozTllEVXN6blBDLVJJb0FJdHVvYjA?oc=5 - This 90-Year-Old Runner Just Finished His First Marathon After Rediscovering Running Later in Life (Runner's World) - https://www.runnersworld.com/news/a71481967/bill-schwarz-first-marathon-90-years-old/ - Meta's ships facial recognition on smart glasses (Hacker News) - https://www.buchodi.com/meta-glasses-facial-recognition/

Episode 64: June 04, 2026

Adrian North — Thu, 04 Jun 2026 03:00:00 -0600

This episode covers a zero-day flaw in Visual Studio Code that's leaking GitHub tokens, a devastating HTTP/2 exploit hammering web servers across the internet, and how attackers are now using AI to automatically bypass security tools faster than defenders can respond. Adrian breaks down what's moving in the threat landscape before your second cup of coffee hits. It's Thursday morning, and the signals are already loud. Stories covered: - VS Code zero-day lets hackers steal GitHub tokens in one click (BleepingComputer) - https://www.bleepingcomputer.com/news/security/vs-code-zero-day-lets-hackers-steal-github-tokens-in-one-click/ - New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare (The Hacker News) - https://thehackernews.com/2026/06/new-http2-bomb-vulnerability-allows.html - Attackers Use AI to Automate EDR Evasion Testing (Dark Reading) - https://www.darkreading.com/endpoint-security/attackers-automate-edr-evasion-testing - Is It Okay to Take Breaks During Long Runs? Experts Explain When It Helps and When It Signals a Red Flag (Runner's World) - https://www.runnersworld.com/training/a71483612/stopping-during-long-runs/ - UAH researchers studying technology that could cut travel time to Mars - WAAY 31 News (WAAY 31 News) - https://news.google.com/rss/articles/CBMi4gFBVV95cUxQS081ZEhrbGhfa2V3LXhYcmVjQjZmMmU2UURsU2FkTnhOSlNzYW1nQ0duLS1iSTdRTE1pcG55cUhhR0hxX0ZxZHlmTG5kZ09ZSkdrejREb1ZTNzhQaHEwcWlWUWlFWi1RdUtackdPOGRmaEdIaGlSc0hWRHdWaWRzZUlBQV9FSUlzY1FsTk1zRFBXM08wLWVYNEgwMGZyMDJXY1lEYmdxZFVQd0wwWFR3aWczVkl6ZDM5Znc5SVplaEpQZnNJUkVsN0tjLVlXQ3FvQ1VfOXJGNFVKMmp2eXBxb25n?oc=5 - CISA warns of cyberattacks targeting fuel tank monitoring systems (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-warns-of-cyberattacks-targeting-fuel-tank-monitoring-systems/

Episode 63: June 03, 2026

Adrian North — Wed, 03 Jun 2026 03:00:00 -0600

This episode covers Google's urgent Android patch fixing an actively exploited vulnerability, another authentication bypass hitting Palo Alto's VPN gateways, and a wild new attack where hackers use Meta's own AI support tools to hijack Instagram accounts. We also dig into the growing cyberdeck movement — DIY enthusiasts building custom hardware to escape big tech surveillance — and wrap with a look at stunning independent trail races across the country. Stories covered: - Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited (The Hacker News) - https://thehackernews.com/2026/06/google-june-2026-android-update-patches.html - Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit (Dark Reading) - https://www.darkreading.com/threat-intelligence/patch-palo-alto-auth-bypass-bug-exploit - Instagram users locked out after Meta AI abused to steal accounts (BleepingComputer) - https://www.bleepingcomputer.com/news/security/instagram-users-locked-out-after-meta-ai-abused-to-steal-accounts/ - Cyberdecks are having a moment, rejecting big tech surveillance with style and substance (TechCrunch) - https://techcrunch.com/2026/06/02/cyberdeck-tiktok-trend-reject-big-tech/ - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - What I Learned Exploding Cams and Nuts On a Classic Squamish Splitter (Climbing Magazine) - https://www.climbing.com/gear/what-trad-climbers-should-know-about-exploding-cams-and-nuts/

Episode 62: June 02, 2026

Adrian North — Tue, 02 Jun 2026 03:00:00 -0600

This episode covers a wild range of security wake-up calls — from hackers tricking Meta's AI chatbot to hijack high-profile Instagram accounts, to compromised npm packages stealing developer credentials, to a critical Windows vulnerability now being actively exploited. Adrian North also shifts gears to spotlight thirteen stunning independent trail races across the U.S. for anyone looking to suffer beautifully. Stories covered: - Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts (Krebs on Security) - https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/ - Red Hat npm packages compromised to steal developer credentials (BleepingComputer) - https://www.bleepingcomputer.com/news/security/red-hat-npm-packages-compromised-to-steal-developer-credentials/ - Critical Windows Netlogon RCE flaw now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/ - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - Why Your Long Runs Leave You Wiped—and How to Bounce Back Better (Runner's World) - https://www.runnersworld.com/training/a71459738/amazing-runners-world-show-epsiode-117-long-run-fatigue_1780323049/ - This Weird 20-Legged Robot Moves Like Nothing Else on Earth and It Could Change How We Build Machines - ZME Science (ZME Science) - https://news.google.com/rss/articles/CBMiekFVX3lxTE1kVmZHZW9kNVZNX1VwTzl6RFdMWVNOYXJTSHhtYlcxb1RsUDRGUFByWFhYai0yd2ZsaG5wWmU4MXRpT2Vka1Z0WnN4cjdIM2lOT1FhQjRiSnptY0p3WWRqeXM0aDN4UGZzdXlmRFN4NXNfTWRLcjY4LW93?oc=5

Episode 61: June 01, 2026

Adrian North — Mon, 01 Jun 2026 03:00:00 -0600

This episode covers critical vulnerabilities in Gogs and Palo Alto's GlobalProtect VPN that are already being actively exploited, plus the takedown of a massive 17 million device botnet in the Netherlands. Adrian also digs into a bizarre new attack where hackers used an AI agent to carry out post-compromise actions autonomously. It's a Monday morning packed with urgent patches and unsettling new tactics. Stories covered: - Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code (The Hacker News) - https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html - Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/ - Dutch govt disrupts malware botnet with 17 million infected devices (BleepingComputer) - https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/ - Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit (The Hacker News) - https://thehackernews.com/2026/05/attackers-use-llm-agent-for-post.html - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - Tyler Andrews Sets Oxygen-Assisted Speed Record on Mount Everest (iRunFar) - https://www.irunfar.com/tyler-andrews-mount-everest-speed-record-2026

Episode 60: May 31, 2026

Adrian North — Sun, 31 May 2026 03:00:00 -0600

This episode covers critical vulnerabilities hitting Gogs self-hosted Git servers, Palo Alto VPN authentication bypass being actively exploited, and a groundbreaking attack where threat actors deployed an AI agent to autonomously handle post-exploitation. We also dig into a new Linux kernel privilege escalation flaw and what it means when your VPN becomes the weakest link. Stories covered: - Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code (The Hacker News) - https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html - Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/ - Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit (The Hacker News) - https://thehackernews.com/2026/05/attackers-use-llm-agent-for-post.html - New CIFSwitch Linux flaw gives root on multiple distributions (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-cifswitch-linux-flaw-gives-root-on-multiple-distributions/ - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - Tyler Andrews Sets Oxygen-Assisted Speed Record on Mount Everest (iRunFar) - https://www.irunfar.com/tyler-andrews-mount-everest-speed-record-2026

Episode 59: May 30, 2026

Adrian North — Sat, 30 May 2026 03:00:00 -0600

This episode covers a cybercrime gang funding real-world violence with stolen data, a Russian hacker who spent five years running an AI bot inside a 17,000-member Telegram channel, and Dutch authorities dismantling a botnet controlling 17 million infected devices. We also dig into how cloud misconfigurations stack into serious exploits when no one's watching the service accounts. Stories covered: - 'The Com' Cyberattacks Support Violence & Sexploitation (Dark Reading) - https://www.darkreading.com/threat-intelligence/the-com-cyberattacks-violence-sexploitation - A Russian hacker tricked a 17,000 strong MAGA Telegram channel with a jailbroken AI for over 5 years, leading to fraud, credential theft, and an empty crypto wallet - TechRadar (TechRadar) - https://news.google.com/rss/articles/CBMipwJBVV95cUxNRnpHUXhXbUtuN0NhVFl2blI5TzhlTGlsVTNhdGdmRm14aXl0MWQxS0h6VXRBNXZ2bHJzNkJMQllaQ3RfbnhveFlCdUU2ZUxqakxzbWpKc3FSSjFNZVAwZWY5OWoxOHdvajl2ejQwQTRfU2E0QlktcVdQczlGZ2gwZFNkcDRkdGhHNkJsZzJRYTNSUV9wQzJQT1FQOHZyNnljN2dDN3JnYmJTb3ZvUzYtSkFPR3RWR1RGSlAxaEEtbHU5YW1UQW5rY2tXOWtkLWVISmVZMnRVZnpxQTdWaDNUY1RVSzgzM2lScEJiQTQ0VjJhZ3BNbHE0UVIxNDRuQmJfMWp2bW1ldnJRV0FQVndFMEl0NDBieEFUTS02OU8zSFJoQUctMEU4?oc=5 - Dutch govt disrupts malware botnet with 17 million infected devices (BleepingComputer) - https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/ - With Complex Cloud Integrations, Small Errors Lead to Major Compromises (Dark Reading) - https://www.darkreading.com/vulnerabilities-threats/complex-cloud-integrations-small-errors-compromises - 5 Advanced Workouts That Build Marathon Speed and How to Know You’re Ready for Them (Runner's World) - https://www.runnersworld.com/advanced/a71423197/advanced-marathon-speed-workouts/ - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/

Episode 57: May 28, 2026

Adrian North — Thu, 28 May 2026 03:00:00 -0600

This episode digs into a dark week for software supply chains, from the Glassworm botnet takedown to the TrapDoor malware infecting npm, PyPI, and CratesIO—plus why multi-factor authentication isn't as bulletproof as you think when attackers weaponize fatigue. Adrian also spotlights thirteen under-the-radar trail races that trade crowds for waterfalls and old-growth forests. It's cybersecurity threats and hidden running gems before your coffee cools. Stories covered: - CrowdStrike and Google take down botnet used by hackers to target open source software developers (TechCrunch) - https://techcrunch.com/2026/05/27/crowdstrike-and-google-take-down-botnet-used-by-hackers-to-target-software-developers-in-supply-chain-attacks/ - TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO - The Hacker News (The Hacker News) - https://news.google.com/rss/articles/CBMigAFBVV95cUxOMElHdEJDV1N1Q1JINkxIcmc1eTZINWVRRFNSanc3ZURLN0pCRzE4UVNhRXd2UV9SUmV2bFd6OWdRbjZDcFJwM3JPMmh0bFd4UUJMMmhleXpIOHVIZVBrOWFhMWxBZEp0QUZFdHJxSUthdWt4Q3ljb0ozYkNRUTZYdg?oc=5 - MFA Prompt Bombing: Why Your Second Factor Isn't Saving You (The Hacker News) - https://thehackernews.com/2026/05/mfa-prompt-bombing-why-your-second.html - 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/ - Gemini, Gophers, and Fingers. Oh My Alternative Internets Beyond HTTPS (Hacker News) - https://brennan.day/gemini-gophers-and-fingers-oh-my-alternative-internets-beyond-https/ - Ransomware Actors Show Up In Person to Steal Law Firm Data (Dark Reading) - https://www.darkreading.com/cyberattacks-data-breaches/ransomware-actors-steal-law-firm-data

Episode 56: May 27, 2026

Adrian North — Wed, 27 May 2026 03:00:00 -0600

This episode covers a critical Microsoft SharePoint vulnerability demanding immediate patching, a major 7-Eleven data breach exposing 183,000 people, and a coordinated supply chain attack hitting three major package ecosystems at once. Adrian also digs into an Oregon hacker who sold access to the state's emergency network for Bitcoin. It's Wednesday morning, and the signals are already humming. Stories covered: - Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions (The Hacker News) - https://thehackernews.com/2026/05/microsoft-patches-sharepoint-rce-flaw.html - 7-Eleven data breach exposes personal information of 185,000 people (BleepingComputer) - https://www.bleepingcomputer.com/news/security/7-eleven-data-breach-exposes-personal-information-of-185-000-people/ - TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO (The Hacker News) - https://thehackernews.com/2026/05/trapdoor-supply-chain-attack-spreads.html - Hacker who sold access to Oregon state emergency network for Bitcoin gets prison - OregonLive.com (OregonLive.com) - https://news.google.com/rss/articles/CBMixAFBVV95cUxNczh0aUVGUzllVUVlZXJ4R24zM25tVTgzM1FwNWZSMm9ibjZRdE9hU1VORWZTMWFSdk1TUVZGVklGdE5QdmZFM29JTl92X05uWWpfOUthWkdraGtVenpCVWtaRnYtV3dxOVJnWkxXSW41S0ZnR2FjYS1Nc0FnaGxSNXBiWnNESmdFX0E0enVfNXNEREY1ZmNwcnA0NXgyaHVtVVozSWlGNFJzUk02aFlpVThVQXlpUmlSNWN1LU9Hc0tUbk4y0gHYAUFVX3lxTE1WS3FpaVlGT0UtWVBtUVpBVnBtcFFQTjdvU1RZRjMzZlpFS0kwZmxfUmhyR1VTd1J0SGlOd1Vnc1pfYTZhSkxBWkZrRzBCZlNiUFIwNlFHbExOaEJWblVwTG5IaVlsWWJJX01Eclc0TDRtN2dyb2pjck4tQTcwa0NZMEczMWthQ1h2V24wYk4zcU5oVFF3T1RNMjlyWmZTdW9nc2tRdVFJYVhySHhfa1VWNzIyZVdtcldJb3lXM1d5NWQteExseWlKNU9SNzNsdjQzX19sTEdmNQ?oc=5 - These Runners Dress Up Like Salmon Every Year and Run This Historic Race—Backwards (Runner's World) - https://www.runnersworld.com/news/a71376795/bay-to-breakers-costume-runners/ - DuckDuckGo installs are up 30% as users reject being ‘force-fed’ Google’s AI Search (TechCrunch) - https://techcrunch.com/2026/05/26/duckduckgo-installs-are-up-30-as-users-reject-being-force-fed-googles-ai-search/

Episode 55: May 26, 2026

Adrian North — Tue, 26 May 2026 03:00:00 -0600

On today's Signal Check, Adrian North digs into a massive botnet takedown involving two million compromised devices, a coordinated supply chain attack targeting developers across three major code repositories, and Verizon's latest breach report showing a major shift in how attackers are getting in. Plus, a Romanian ultramarathon turns into a mountain rescue when weather strikes harder than expected. Stories covered: - US and Canada arrest and charge suspected Kimwolf botnet admin (BleepingComputer) - https://www.bleepingcomputer.com/news/security/us-and-canada-arrest-and-charge-suspected-kimwolf-botnet-admin/ - TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO (The Hacker News) - https://thehackernews.com/2026/05/trapdoor-supply-chain-attack-spreads.html - Verizon 2026 DBIR: Vulnerability Exploitation Leaps Ahead of Stolen Credentials as #1 Initial Breach Cause - CPO Magazine (CPO Magazine) - https://news.google.com/rss/articles/CBMi4gFBVV95cUxQcl80azh0dFB1ZE5TdGM3eW4zVk9XZEtnczNNeUM1SUI4M1lnSFJvbk8tQzY1RXNwT1AxQWZ5X21BUG82ZTJtQy1mUGhpYkpsOXNnT2FxaVVXdUZYTG9yd3NaR0pBLVNPQkE3UkpzYmFQS2tqeWItdFgtX3ZSMUx1U0RpWERPUnZYSHdZNXlhaGxUdjJHbDhud3cta0tGNkgxa3I4amc3WE1kMWcySEQ1dHRqenJPUDlPbnJJUFBTbWpOQkZhWmRKVENqcGFYN2dYZmNNajBTSFB3ZFItQXJNeWdn?oc=5 - Snow and Ice Trap Runners at Romania’s Transylvania 100, Triggering Mass Mountain Rescue (Marathon Handbook) - https://marathonhandbook.com/snow-and-ice-trap-runners-at-romanias-transylvania-100-triggering-mass-mountain-rescue/ - On Trails is a wandering tale that blends hiking, science, and history (The Verge) - https://www.theverge.com/entertainment/936860/robert-moor-on-trails-book-review - Microsoft Copilot Cowork Exfiltrates Files (Hacker News) - https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files

Episode 54: May 25, 2026

Adrian North — Mon, 25 May 2026 03:00:00 -0600

This episode covers a coordinated supply chain attack on PHP's Packagist repository, mass exploitation of a critical Ghost CMS vulnerability turning websites into malware traps, and the ironic exposure of AWS GovCloud credentials by a CISA contractor's public GitHub repo. Adrian breaks down how attackers are poisoning dependencies upstream, automating large-scale injections, and why even the agencies protecting federal networks aren't immune to basic security mistakes. Stories covered: - Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware (The Hacker News) - https://thehackernews.com/2026/05/packagist-supply-chain-attack-infects-8.html - Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign (BleepingComputer) - https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows (The Hacker News) - https://thehackernews.com/2026/05/megalodon-github-attack-targets-5561.html - On Trails is a wandering tale that blends hiking, science, and history (The Verge) - https://www.theverge.com/entertainment/936860/robert-moor-on-trails-book-review - The Shoes That Won The 2026 Cape Town Marathon (Marathon Handbook) - https://marathonhandbook.com/the-shoes-that-won-the-2026-cape-town-marathon/

Episode 53: May 24, 2026

Adrian North — Sun, 24 May 2026 03:00:00 -0600

This episode covers GitHub's new security requirements for npm publishers, a major credential leak from a CISA contractor, and Apple's lockdown mode for high-risk users. We dig into how trust gets built—and broken—in software supply chains and government infrastructure. On today's show, friction that protects, keys left in plain sight, and what to do when your phone becomes a target. Stories covered: - npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks (The Hacker News) - https://thehackernews.com/2026/05/npm-adds-2fa-gated-publishing-and.html - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - These special phone and app features can help protect you from spyware (TechCrunch) - https://techcrunch.com/2026/05/23/you-dont-have-to-click-anything-to-get-hacked-anymore-heres-how-to-fight-back/ - Adidas Built a Suit That Makes You Run Faster. The World’s Best Marathoners Aren’t Sure They Want It. (Marathon Handbook) - https://marathonhandbook.com/adidas-built-a-suit-that-makes-you-run-faster-the-worlds-best-marathoners-arent-sure-they-want-it/ - TSA Confirms Medical Cannabis Air Travel Policy Remains Unchanged Triggering Widespread Passenger Confusion, Flight Cancellations Risk, and Airport Disruptions Across New York, Los Angeles, Chicago, and Miami: New Airline News and Aviation Upda - Nomad Lawyer (Nomad Lawyer) - https://news.google.com/rss/articles/CBMigAFBVV95cUxNSjk4Z2dodFpJZGVoZ2U3UHBzNEF6ZXYzUlB6RVJSbUFpWEhHMkgwYzBOSEhoZTh1b2RQamVpUk55NjNmVEJXd1liS3N0clRPTU9HeEVQY1VDQzl4a2pfNVpjYm5mY3Z3UUZyYWlLVThtWHpmT202WkRHVjNBT3Nxdg?oc=5 - Ebola outbreak now third largest recorded and "spreading rapidly" (Ars Technica) - https://arstechnica.com/health/2026/05/ebola-outbreak-now-third-largest-recorded-and-spreading-rapidly/

Episode 52: May 23, 2026

Adrian North — Sat, 23 May 2026 03:00:00 -0600

This episode digs into the week's quiet but persistent threats—Linux rootkits, router zero-days, and AI adversarial probing—before covering major incidents including Grafana Labs' GitHub breach and a zero-day exploit in Trend Micro's own security software. Adrian North wraps up with a sobering reminder that even CISA contractors aren't immune to mistakes, as exposed AWS GovCloud credentials sat publicly on GitHub. Stories covered: - ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories (The Hacker News) - https://thehackernews.com/2026/05/threatsday-bulletin-linux-rootkits.html - Grafana Labs Security Breach - Hackers Access GitHub and Download Codebase - CyberSecurityNews (CyberSecurityNews) - https://news.google.com/rss/articles/CBMia0FVX3lxTE00aWtyeFl6WE1sS1N0X0JRYkJXQmxvQ1NpYVlSeWZGempNc2RXdlM2TU5pdkh5SDlOVXVLMGRPMXZzU2VIOUFwUFlSNkR2YVpxcEpZdEcxa3Y4TGgzdlk4cnpra1FCbHh4OWhJ0gFwQVVfeXFMT1owNlYwdDNmV0c5bWVlNlJHbDB6TnlNS28xWUZ1RWpsVHpyQTFxWmZzcG9lV3h3RTBTczM1TWJnaW13Qk10RHpfMi1JME9abzh3QnBRdWlWeVk2cHpVLXJxNHlieWhUZTFUR0swWF9rVw?oc=5 - Trend Micro warns of Apex One zero-day exploited in the wild (BleepingComputer) - https://www.bleepingcomputer.com/news/security/trend-micro-warns-of-apex-one-zero-day-exploited-in-attacks/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - The Best Editor-Approved Memorial Day Deals on Garmin, Coros, and Shokz: Get Hundreds Off Popular Gear for Runners (Runner's World) - https://www.runnersworld.com/gear/a71292623/memorial-day-running-gear-deals-2026/ - Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses (TechCrunch) - https://techcrunch.com/2026/05/22/trump-mobile-confirms-it-exposed-customers-personal-data-including-phone-numbers-and-home-addresses/

Episode 51: May 22, 2026

Adrian North — Fri, 22 May 2026 03:00:00 -0600

This episode covers Microsoft shutting down a malware signing operation that weaponized their own trust systems, law enforcement dismantling a VPN service used by ransomware gangs, and a nine-year-old Linux kernel vulnerability that somehow stayed hidden in plain sight. Adrian also digs into GitHub's employee device compromise and what it means when the tools built to protect us become the very things attackers exploit. Stories covered: - Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks (The Hacker News) - https://thehackernews.com/2026/05/microsoft-takes-down-malware-signing.html - Police seize “First VPN” service used in ransomware, data theft attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/police-seize-first-vpn-service-used-in-ransomware-data-theft-attacks/ - 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros (The Hacker News) - https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html - GitHub confirms 'hacking' attack; says: We detected and contained a compromise of an employee device invo - The Times of India (The Times of India) - https://news.google.com/rss/articles/CBMiqAJBVV95cUxPeWUwVngxRXo5NjZQWTlFMTAxMnpPLVVHYm5yVEtxZWdKVWMwd1ZVeGpUNEcwOVRxRUdBX2o5VjVlSnZ3LUVuLU9QNnc0NTNkUDBJWUVoblE1aGRlZWlWakQxMllzSWthNlVGV1hoWEQwb3pnMVM5NVdMd3J2NkE0bmFfN0FQamNidFdFNWVFWmw2OUhxU3ZXMTBEdWVlSjRxb3gtVjk2Qjl2aFJzS2JTWW81dEg1U1ZxbHVMcFZmMXozNWYybXpUb3lHcnVGT3o5bW9JQXRzN3Z4dGhTcm9RU1hlTWpCNjNZN09aTVpNSlN0YWhNZ2xzY3FwMVF4eVZ4UHNaRmNpSVdicXRVRG1mS0k4RmJXQzduMl83T2VqMGdtdDRGdXhCSNIBrgJBVV95cUxOcnhHTmJ3RXhwMUdyc1pYeFFtQ2t1c2s5anI4LVJkLVJoWnhVakdVWU1TVDRBQVNtVC1IOUN1OWFRcDJ5LTlCb0h6WFZCRlBndDRvbWgwOElXeE1aSF9ha3RNZ29fYm44MFJreVFMa250b0dPN25HWVJnUElkeFIxOVJDOGVnWTYtNmZ1aks2eHRCYTJsZWV0b3VFTjBkU3U2NFdoMmRBeGhETDc3Y2pGR1BQUzZ6NTdGNzV5Z29VdEhhUWc4b3lOWkRLSnMxWGFKNDItQlR0TW1GUE1xZmtBd1FVam8yMFBabjBJbzRBOTVlS0JhTmpIc2JSM0JVZ3hXRlBQVm1TdTRaWWlUWVozNWNTVEpyWmpPSktqOXd2WjVQdnJfS1lNMnZMd1dydw?oc=5 - The Adidas Ultraboost 5X Is Over 50% Off—and Still One of Our Favorite Running Shoes (Runner's World) - https://www.runnersworld.com/gear/a71365136/adidas-ultraboost-5x-sale-may-2026/ - Golden Trail World Series is now in Canada; here’s what you need to know (Canadian Running) - https://runningmagazine.ca/trail-running/golden-trail-world-series-is-now-in-canada-heres-what-you-need-to-know/

Episode 50: May 21, 2026

Adrian North — Thu, 21 May 2026 03:00:00 -0600

This episode covers GitHub's massive breach, CISA's accidental exposure of government cloud credentials, and Microsoft's new open-source AI security tools. We dig into what happens when the infrastructure holding our infrastructure gets compromised, plus a quick detour into gray zone training and why most runners are doing it wrong. Stories covered: - GitHub Confirms Breach, 4K Internal Repos Stolen (Dark Reading) - https://www.darkreading.com/application-security/github-confirms-breach-4k-internal-repos-stolen - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development (The Hacker News) - https://thehackernews.com/2026/05/microsoft-open-sources-rampart-and.html - What to Know About Gray Zone Training and How It Can Help—or Harm—Your Running (Runner's World) - https://www.runnersworld.com/training/a71353931/gray-zone-training/ - What Are Peptides, And Why Is Every Middle-Aged Runner Suddenly Talking About BPC-157? (Marathon Handbook) - https://marathonhandbook.com/what-are-peptides-and-why-is-every-middle-aged-runner-suddenly-talking-about-bpc-157/ - Google Declaring War on the Web (Hacker News) - https://tante.cc/2026/05/20/on-google-declaring-war-on-the-web/

Episode 49: May 20, 2026

Adrian North — Wed, 20 May 2026 03:00:00 -0600

On today's Signal Check, Adrian North digs into over six hundred malicious npm packages flooding the registry, a CISA contractor's exposed AWS credentials left on GitHub, and a newly public Linux kernel exploit called DirtyDecrypt. The episode wraps with a quick detour into reframing personal narratives and how the stories we tell ourselves shape what we think is possible. Stories covered: - New Shai-Hulud malware wave compromises 600 npm packages (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-shai-hulud-malware-wave-compromises-600-npm-packages/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability (The Hacker News) - https://thehackernews.com/2026/05/dirtydecrypt-poc-released-for-linux.html - This Training Plan Transformed Her View on Running. It Could Change Your Mindset, Too. (Runner's World) - https://www.runnersworld.com/beginner/a71350276/couch-to-5k-training-plan/ - ‘Women Can Do This’: She Started Racing Postpartum in Her 30s. Now She’s an Ultrarunning Champion (Runner's World) - https://www.runnersworld.com/news/a71309956/careth-arnold-ultrarunning-postpartum/ - Microsoft Exchange Zero-Day Under Attack, No Patch Available (Dark Reading) - https://www.darkreading.com/vulnerabilities-threats/microsoft-exchange-zero-day-no-patch

Episode 48: May 19, 2026

Adrian North — Tue, 19 May 2026 03:00:00 -0600

This episode covers a critical NGINX vulnerability already being exploited in the wild, a Windows zero-day giving attackers full system control, and a jaw-dropping security lapse where CISA's own contractor leaked AWS GovCloud credentials on GitHub. We also dig into a massive NYC Health + Hospitals breach exposing biometric data from nearly two million people—the kind of information you can never change once it's stolen. Stories covered: - NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE (The Hacker News) - https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html - New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released (BleepingComputer) - https://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/ - CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) - https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ - NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people (TechCrunch) - https://techcrunch.com/2026/05/18/nyc-health-and-hospitals-says-hackers-stole-medical-data-and-fingerprints-during-breach-affecting-at-least-1-8-million-people/ - What to Do When You Don’t Get Into Your Goal Race (Runner's World) - https://www.runnersworld.com/races-places/a71318334/world-marathon-major-race-alternatives/ - Everything You Need to Know About the 2026 Cape Town Marathon (Marathon Handbook) - https://marathonhandbook.com/everything-you-need-to-know-about-the-2026-cape-town-marathon/

Episode 47: May 18, 2026

Adrian North — Mon, 18 May 2026 03:00:00 -0600

On today's Signal Check, Adrian covers a dangerous new Windows zero-day giving attackers full system access, an actively exploited NGINX vulnerability hitting millions of sites, and why your summer running pace feels impossibly hard. Plus, Olympic marathoner Molly Seidel's shift from the road to ultrarunning reminds us that even elite athletes need to find what's fun again. Stories covered: - New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released (BleepingComputer) - https://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/ - NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE (The Hacker News) - https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html - Why Your Usual Running Pace Feels Harder in the Heat—and What to Do About It (Runner's World) - https://www.runnersworld.com/training/a71318220/running-intensity-in-heat/ - ‘It Just Wasn’t Fun Anymore’: Why Molly Seidel Stepped Away from Marathoning—and Is Thriving on the Trails (Runner's World) - https://www.runnersworld.com/news/a71166284/molly-seidel-ultra-trail-running/ - Victory! End-to-End Encrypted RCS Comes to Apple and Android Chats (EFF) - https://www.eff.org/deeplinks/2026/05/victory-end-end-encrypted-rcs-comes-apple-and-android-chats - Ebola outbreak with uncommon strain erupts in Congo and Uganda; 65 deaths (Ars Technica) - https://arstechnica.com/health/2026/05/ebola-outbreak-confirmed-in-congo-and-uganda-246-suspected-cases-65-deaths/

Episode 46: May 17, 2026

Adrian North — Sun, 17 May 2026 03:00:00 -0600

This episode covers a critical Microsoft Exchange vulnerability being actively exploited in the wild, the story of Fisker EV owners who reverse-engineered their abandoned cars into an open-source movement, and a deep dive into the "sweet spot" training zone that could unlock faster running without the burnout. We also touch on prize money still owed to marathon runners six months after crossing the finish line. Stories covered: - Microsoft warns of Exchange zero-day flaw exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-exchange-zero-day-flaw-exploited-in-attacks/ - On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email (The Hacker News) - https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html - Fisker went bankrupt and owners built an open source car company from the ashes (Hacker News) - https://electrek.co/2026/05/16/fisker-ocean-open-source-ev-story-after-bankruptcy/ - This Type of Training Could Be the Secret to Running Faster Without Burning Out—and It Can Lead to a PR in Any Distance (Runner's World) - https://www.runnersworld.com/training/a71310980/critical-velocity-workouts/ - 6 Months After This Marathon, the Top Finishers Still Haven’t Been Paid Prize Money—and They Want Answers (Runner's World) - https://www.runnersworld.com/news/a71318097/soweto-marathon-prize-money-controversy/ - Three's a party: US, China, and now Russia are on the prowl in GEO (Ars Technica) - https://arstechnica.com/space/2026/05/threes-a-party-us-china-and-now-russia-are-on-the-prowl-in-geo/

Episode 45: May 16, 2026

Adrian North — Sat, 16 May 2026 03:00:00 -0600

This episode covers active exploitation of critical vulnerabilities in Microsoft Exchange and Cisco SD-WAN, a supply chain breach that hit OpenAI developers, and why patching timelines matter when attackers are already inside the door. Adrian pulls weekend signals on threats that don't take days off—from zero-days to compromised signing certificates. It's a sobering look at how fast the window closes between disclosure and exploitation. Stories covered: - On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email (The Hacker News) - https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html - Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks/ - OpenAI confirms security breach in TanStack supply chain attack (BleepingComputer) - https://www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/ - 6 Months After This Marathon, the Top Finishers Still Haven’t Been Paid Prize Money—and They Want Answers (Runner's World) - https://www.runnersworld.com/news/a71318097/soweto-marathon-prize-money-controversy/ - ‘I Don’t Know How I Did This’: He Ran 1,000 Miles. Around a Single Track. For 18 Days. (Runner's World) - https://www.runnersworld.com/news/a71317409/1000-mile-track-ultrarunner-charity/ - Tesla Reveals New Details About Robotaxi Crashes—and the Humans Involved (Wired) - https://www.wired.com/story/tesla-reveals-new-details-about-robotaxi-crashes-and-the-humans-involved/

Episode 44: May 15, 2026

Adrian North — Fri, 15 May 2026 03:00:00 -0600

This episode covers the fallout from Pwn2Own Berlin, where researchers exposed 24 zero-day exploits in one day, plus urgent warnings about a Cisco SD-WAN authentication bypass being actively exploited in the wild. We also dig into a new Linux privilege escalation flaw called Fragnesia and what it means when similar bugs start clustering together. Stories covered: - Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 (BleepingComputer) - https://www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/ - Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks/ - New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption (The Hacker News) - https://thehackernews.com/2026/05/new-fragnesia-linux-kernel-lpe-grants.html - Training for Another Half Marathon? Avoid the Common Mistakes I Made So You Run a Faster Race. (Runner's World) - https://www.runnersworld.com/training/a71285796/second-half-marathon-training-tips/ - Not Just Cruise Ships: What to Know About Hantavirus in the Backcountry (ExplorersWeb) - https://explorersweb.com/not-just-cruise-ships-what-to-know-about-hantavirus-in-the-backcountry/ - An Engineer’s Post Protesting Laptop Surveillance Is Going Viral Inside Meta (Wired) - https://www.wired.com/story/meta-employee-protest-mouse-tracking-surveillance-ai-training/

Episode 43: May 14, 2026

Adrian North — Thu, 14 May 2026 03:00:00 -0600

This episode covers two unpatched Windows zero-days that bypass BitLocker and escalate privileges, a self-replicating worm spreading through npm packages in the TanStack ecosystem, and a critical remote code execution flaw in the Exim mail server. Adrian breaks down how disclosure tensions, supply chain infections, and legacy infrastructure vulnerabilities are colliding all at once. It's a packed signal day that shows just how fast things can unravel. Stories covered: - Windows BitLocker zero-day gives access to protected drives, PoC released (BleepingComputer) - https://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/ - Microsoft Windows Alert—Angry Hacker Drops 2 New Zero-Day Exploits - Forbes (Forbes) - https://news.google.com/rss/articles/CBMiuwFBVV95cUxQS1J1OUpHM1RWdDF6LXdqLThRTUFHMFFmVWk5ZGphU2ZWVnR4NWQxeTZFWmpWQmFCSldobzFvVUZKdVVXNG14Y1Y1YTdWczhnUWNGX0JtSkJ2dGpxQl9vTUlSQkdpYzdvV3A5VWNqWG4xMTZwSVN0bE8yQVNVNnN2TURTSG1pSElaR0hmTUVHNmMzSDd1MTlwNUVSWkVobjlaWFhiblZ2VzczV21YcVR3WmxHNm45MHF2TU5V?oc=5 - Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain (Dark Reading) - https://www.darkreading.com/application-security/worm-redux-fresh-mini-shai-hulud-infections-bite-supply-chain - New critical Exim mailer flaw allows remote code execution (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-critical-exim-mailer-flaw-allows-remote-code-execution/ - ‘Strava Brain’ Is Making Your Long, Hot Runs Harder Than They Need to Be (Runner's World) - https://www.runnersworld.com/news/a71273015/elapsed-time-strava-summer-runs/ - Want to Start Trail Running Like Rachel Entrekin? Begin With These Top 10 Essentials (Runner's World) - https://www.runnersworld.com/trail-running/a71293507/trail-running-gear-for-beginners/

Episode 42: May 13, 2026

Adrian North — Wed, 13 May 2026 03:00:00 -0600

This episode covers Microsoft's rare zero-day-free Patch Tuesday, Google's discovery of the first AI-developed exploit bypassing two-factor authentication, and a self-propagating worm infecting hundreds of npm packages in the open source ecosystem. Adrian also touches on the rising cost of high-performance running shoes and what it says about premium pricing creep. Stories covered: - It's Patch Tuesday for Microsoft and Not a Zero-Day In Sight (Dark Reading) - https://www.darkreading.com/application-security/patch-tuesday-microsoft-zero-day-sight - Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation (The Hacker News) - https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html - Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain (Dark Reading) - https://www.darkreading.com/application-security/worm-redux-fresh-mini-shai-hulud-infections-bite-supply-chain - Our Favorite New Shoes All Cost $200 and Up. But You Don’t Have to Spend That Much (Runner's World) - https://www.runnersworld.com/training/a71270170/amazing-runners-world-show-epsiode-114-favorite-shoes-of-2026/ - She Ran 250 Miles in an Astonishing 56 Hours—Beating All the Men at Cocodona and Making History - Runner's World (Runner's World) - https://news.google.com/rss/articles/CBMihAFBVV95cUxNNjZOVEZBdEFwcFdSUHRJRFNWRHZVU3dKLWxtT2xvRUVfRFlnMm9wOUN5bVRPSWRoTzhnOHlObzMtQXNVRDZJSlctV3VJem40UlcwRlI4a0RXNGxtX29VaHlrOUNTTnNYUDVFaEhRb1hkUEwxaXp2ZHBCNkstV1RsZlBzbDQ?oc=5 - New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots (The Hacker News) - https://thehackernews.com/2026/05/new-trickmo-variant-uses-ton-c2-and.html

Episode 41: May 12, 2026

Adrian North — Tue, 12 May 2026 03:00:00 -0600

This episode digs into Google's confirmation of the first AI-generated zero-day exploits now being used in the wild, marking a major shift in the threat landscape. We also cover a supply-chain compromise in the TanStack Router project and what it means for every developer pulling dependencies. Stories covered: - Google: Hackers used AI to develop zero-day exploit for web admin tool (BleepingComputer) - https://www.bleepingcomputer.com/news/security/google-hackers-used-ai-to-develop-zero-day-exploit-for-web-admin-tool/ - Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation (The Hacker News) - https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html - Postmortem: TanStack npm supply-chain compromise (Hacker News) - https://tanstack.com/blog/npm-supply-chain-compromise-postmortem - Our Favorite New Shoes All Cost $200 and Up. But You Don’t Have to Spend That Much (Runner's World) - https://www.runnersworld.com/training/a71270170/amazing-runners-world-show-epsiode-114-favorite-shoes-of-2026/ - 2026 Transvulcania Ultramarathon Results: David Sinclair and Blandine L'Hirondel Topple Course Records - iRunFar (iRunFar) - https://news.google.com/rss/articles/CBMickFVX3lxTFBvTk83UDFJUE5panhXQVppTWNKSkk5T1U2U1g4Yzg0VEtIOFljWVpNSlZjanVseGJsSWFNdDB2bnlYT3hLSmY0cjV2LU11amlHVTJqNUswY0YxTVctckNaTWNfTmREZ3JBLUktSXJQREVuUQ?oc=5 - Linux bitten by second severe vulnerability in as many weeks (Ars Technica) - https://arstechnica.com/security/2026/05/linux-bitten-by-second-severe-vulnerability-in-as-many-weeks/

Episode 39: May 10, 2026

Adrian North — Sun, 10 May 2026 03:00:00 -0600

This episode covers a dangerous new Linux zero-day called Dirty Frag that grants root access across major distros, a mass ShinyHunters attack defacing Canvas portals at hundreds of universities, and CISA's urgent four-day patching deadline for a critical Ivanti flaw already being exploited in the wild. Adrian also touches on volcanic trail running victories and a lightning-fast Clojure implementation in Go that boots in seven milliseconds. Stories covered: - New Linux 'Dirty Frag' zero-day gives root on all major distros (BleepingComputer) - https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/ - Canvas login portals hacked in mass ShinyHunters extortion campaign (BleepingComputer) - https://www.bleepingcomputer.com/news/security/canvas-login-portals-hacked-in-mass-shinyhunters-extortion-campaign/ - CISA gives feds four days to patch Ivanti flaw exploited as zero-day (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-gives-feds-four-days-to-patch-ivanti-flaw-exploited-as-zero-day/ - 2026 Transvulcania Half Marathon Results: Volcanic Victory for Ruth Gitonga and Philemon Kiriago (iRunFar) - https://www.irunfar.com/2026-transvulcania-half-marathon-results - Show HN: I made a Clojure-like language in Go, boots in 7ms (Hacker News) - https://github.com/nooga/let-go - Zara data breach exposed personal information of 197,000 people (BleepingComputer) - https://www.bleepingcomputer.com/news/security/zara-data-breach-exposed-personal-information-of-197-000-people/

Episode 38: May 09, 2026

Adrian North — Sat, 09 May 2026 03:00:00 -0600

This episode covers critical zero-day exploits hitting Palo Alto firewalls before disclosure, an unpatched Linux privilege escalation flaw called Dirty Frag, and ShinyHunters breaching Canvas for the second time. Adrian breaks down how the window between vulnerability discovery and exploitation is collapsing fast. If you're running enterprise infrastructure or Linux systems, this Signal Check is essential listening. Stories covered: - PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage (The Hacker News) - https://thehackernews.com/2026/05/pan-os-rce-exploit-under-active-use.html - Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions (The Hacker News) - https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.html - Canvas login portals hacked in mass ShinyHunters extortion campaign (BleepingComputer) - https://www.bleepingcomputer.com/news/security/canvas-login-portals-hacked-in-mass-shinyhunters-extortion-campaign/ - 2026 Cocodona 250 Mile Results: Rachel Entrekin Wins Outright and Kilian Korth Takes Men’s Race in Record Times (iRunFar) - https://www.irunfar.com/2026-cocodona-250-mile-results - Poland says hackers breached water treatment plants, and the US is facing the same threat (TechCrunch) - https://techcrunch.com/2026/05/08/poland-says-hackers-breached-water-treatment-plants-and-the-u-s-is-facing-the-same-threat/ - DOGE used ChatGPT in a way that was both dumb and illegal, judge rules (The Verge) - https://www.theverge.com/policy/927071/doge-chatgpt-grants-canceled

Episode 37: May 08, 2026

Adrian North — Fri, 08 May 2026 03:00:00 -0600

This episode covers a critical zero-day exploit in Palo Alto firewalls that went unpatched for nearly a month, malware hiding in PyPI packages using workplace chat tools for cover, and a major breach at Canvas that exposed student data across universities. We also dig into why trust systems in open-source repos keep getting weaponized and close with an ultramarathon story that redefines what the human body can actually endure. Stories covered: - PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux (The Hacker News) - https://thehackernews.com/2026/05/pypi-packages-deliver-zichatbot-malware.html - Palo Alto Networks firewall zero-day exploited for nearly a month (BleepingComputer) - https://www.bleepingcomputer.com/news/security/pan-os-firewall-rce-zero-day-exploited-in-attacks-since-april-9/ - Canvas, used by schools and universities across the U.S., breached by hacker group - FOX13 Memphis (FOX13 Memphis) - https://news.google.com/rss/articles/CBMi9gFBVV95cUxQbWIzLVJFd3BNcWNGam9KQWdJNnJsT0ozeUZ1UVFpTGltY0RNb1FyUTlvUEtydVVxMFJsQmlmMTBrYkRuUzJyRUdtTXRZQ2dzQTlNQlJnOUVpbmYta05NcW9wMkZ6UnV5NXh2WkV3bExPTzN6NE8wZC02X0dKdkJlY3BScmhfTV84eW40TDN1THlNN3BJY1JnRmszTEM5TGlVOFFnS3h2NjJHOUtXMXNsWlYta3RjZXRGcWhLV2hwcFFSakdfaGFSejhaQW1aQWpGN1o5TGYzb21UUlh2RTA3dldxbkRPNHMzZ0hUcnJnQ1NFOGdWQlE?oc=5 - She Ran 250 Miles in an Astonishing 56 Hours—Beating All the Men at Cocodona and Making History (Runner's World) - https://www.runnersworld.com/news/a71240926/rachel-entrekin-wins-cocodona-250/ - A hacker ran me over with a robot lawn mower (The Verge) - https://www.theverge.com/tech/925696/yarbo-robot-lawn-mower-hack-remote-control-camera-access-mqtt - Dirtyfrag: Universal Linux LPE (Hacker News) - https://www.openwall.com/lists/oss-security/2026/05/07/8

Episode 2026-04-23

Adrian North — Wed, 22 Apr 2026 18:33:30 -0600

This episode digs into North Korean hackers weaponizing job interviews to infect developers, the concerning reality that CISA was shut out from testing Anthropic's security AI tool, and Meta's new policy of tracking every keystroke and mouse click to train its AI models. It's a Signal Check packed with uncomfortable truths about who gets access, who gets targeted, and what counts as consent in the age of surveillance capitalism.

Episode 2026-04-20

Adrian North — Mon, 20 Apr 2026 15:08:43 -0600

This episode digs into the surprisingly organized underground economy of stolen credit cards, where fraudsters use customer service metrics and escrow systems to avoid getting scammed themselves. We also explore the EU's rushed age-verification app that researchers dismantled in minutes, and why your push notifications might be leaking more metadata than you think.

Episode 2026-04-18

Adrian North — Sat, 18 Apr 2026 09:00:00 -0600

This episode covers a massive North Korean laptop-farm scheme that fooled U.S. companies for years, Bluesky's battle with a brutal DDoS attack that's testing its credibility, and a teen hacker's rare public confession just before heading to prison. Adrian North breaks down how each story reveals something bigger about the vulnerabilities baked into our digital systems.

Episode 2026-04-09

Adrian North — Fri, 17 Apr 2026 00:16:48 -0600

This episode digs into the growing gap between cyber threats and our defenses — from the FBI's report on a record $21 billion lost to scams, to AI models now finding zero-day vulnerabilities in hours instead of months. We also look at how modern GPUs can crack complex passwords in under a day, and why credential theft remains the fastest path to a breach.

Episode 2026-04-07

Adrian North — Wed, 08 Apr 2026 09:00:00 -0600

This episode digs into NASA's Artemis II Moon mission — historic but more infrastructure test than breakthrough — then pivots to a brutal week in cybersecurity. From Anthropic's code leak and the FBI getting breached to North Korean crypto heists and supply chain attacks collapsing response times, Adrian unpacks how AI tools have turned developer machines into open credential vaults for attackers.

Episode 2026-04-06

Adrian North — Mon, 06 Apr 2026 09:00:00 -0600

This episode digs into LinkedIn's hidden surveillance of over 6,000 Chrome extensions, the failure of app store privacy labels to actually protect users, and Microsoft's hilarious legal disclaimer that Copilot is "for entertainment purposes only" despite selling it as a serious business tool. We're looking at the gap between what tech companies say they're doing and what's really happening behind the scenes. It's your morning Signal Check — coffee's hot, and the tech world's already showing its hand.

Episode 2026-04-04

Adrian North — Sat, 04 Apr 2026 09:00:00 -0600

This episode digs into a lightning-fast npm supply chain attack that shows how AI is collapsing human response time, explores a skull-vibration authentication system built into XR headsets that could verify you're still you without lifting a finger, and covers the North Carolina IT admin who methodically locked thousands of company devices with a password straight out of a cybercrime playbook. From accelerating threats to passive biometrics to insider extortion, it's a snapshot of security in motion.

Episode 2026-04-01

Adrian North — Wed, 01 Apr 2026 12:00:00 -0600

This episode digs into a man who lost everything to an AI chatbot he believed was becoming sentient, a shocking leak of Claude's source code through a simple packaging error, and one of the most sophisticated supply chain attacks ever—targeting Axios with tradecraft that points straight to North Korea. Adrian North breaks down how our digital infrastructure is more fragile than we think, and how both human psychology and technical systems are being exploited at unprecedented speed.

Episode 2026-03-29

Adrian North — Sun, 29 Mar 2026 17:15:00 -0600

This episode covers Google's 2029 deadline for quantum-safe encryption, the military weaponization of hacked security cameras by state actors, and the compromising of FBI Director Kash Patel's personal email by a suspected Iranian cyber unit. Adrian North walks through why these aren't isolated incidents—they're signals of a rapidly shifting threat landscape where legacy systems, unpatched IoT devices, and personal security gaps are becoming critical vulnerabilities.

Episode 2026-03-26

Adrian North — Sat, 28 Mar 2026 17:16:38 -0600

This episode digs into a landmark legal case where a jury held Meta and Google accountable for harm caused to a teen's mental health, plus a sophisticated malware campaign targeting healthcare and government orgs with fake copyright notices. We also cover the FCC's new ban on foreign-made routers and what it really means for cybersecurity.

Episode 2026-03-24

Adrian North — Tue, 24 Mar 2026 09:00:00 -0600

This episode digs into a supply-chain attack that compromised Trivy, the vulnerability scanner millions trust, turning a security tool into the very threat it's meant to detect. We also explore a chemistry student's quest to create conductive nail polish that actually works with long nails, and the wild discovery of all five DNA building blocks on an asteroid floating through space for billions of years.

Episode 2026-03-23

Adrian North — Mon, 23 Mar 2026 07:00:00 -0600

This episode covers a massive international takedown of four major botnets that had hijacked IoT devices to launch hundreds of thousands of crippling cyberattacks. We also dig into how a French Navy officer accidentally revealed his aircraft carrier's location by posting his jog on Strava, proving that fitness apps and military ops don't mix. Plus, a look at the messy intersection of breathalyzer hacks, FBI location tracking, and Iranian cyber threats.

Episode 2026-03-22

Adrian North — Sun, 22 Mar 2026 07:00:00 -0600

On today's Signal Check — we cover Musician admits to $10M streaming royalty fraud using AI bots, WordPress.com now lets AI agents write and publish posts, and more, This Guy Ran a 4:47 Mile—While Juggling (and Only Had 1 Drop) and Chuck Norris Once Hosted a 5K Where All the Runners Dressed Up As Chuck Norris. Tune in for the full breakdown.

Episode 2026-03-21

Adrian North — Sat, 21 Mar 2026 07:00:00 -0600

This episode digs into three major security threats making waves right now: a devastating iOS exploit chain called DarkSword that's giving attackers full device control, a frighteningly clever attack on Claude AI users through weaponized Google ads, and new revelations about how Meta and TikTok tracking pixels are harvesting way more personal data than anyone realized. Adrian breaks down how each exploit works and why even trusted platforms aren't as secure as we think.

Episode 2026-03-20

Adrian North — Thu, 19 Mar 2026 07:00:00 -0600

On this episode of Signal Check, Adrian North digs into how the FBI keeps buying location data from brokers to bypass warrants, why Meta and TikTok tracking pixels are collecting way more personal information than anyone signed up for, and how credential theft has become the number one way attackers are infiltrating enterprise networks. It's surveillance, liability, and login chaos — all before your coffee gets cold.

Episode 2026-03-18

Adrian North — Wed, 18 Mar 2026 07:00:00 -0600

This episode digs into Encyclopedia Britannica and Merriam-Webster's lawsuit against OpenAI for allegedly scraping their content and falsely attributing AI hallucinations to trusted sources. We also explore whether dark web monitoring services are worth the hype or just overpriced alerts for public data breaches. Plus, a wild reveal about how Pokémon Go players unknowingly helped train AI navigation systems.

Episode 2026-03-17

Adrian North — Tue, 17 Mar 2026 07:00:00 -0600

On today's Signal Check, Adrian North digs into the launch of Betterleaks, a new open-source tool from the creator of Gitleaks that scans code for accidentally committed secrets like API keys and credentials. We also cover McKinsey's major security breach where hackers accessed their entire internal AI platform in just two hours, exposing millions of messages and the firm's so-called "intellectual crown jewels." Plus, an interstellar comet carrying methanol and hydrogen cyanide offers a glimpse into the chemistry of distant star systems.

Episode 2026-03-16

Adrian North — Mon, 16 Mar 2026 07:00:00 -0600

This episode digs into Meta's surprising rollback of Instagram encryption, new Pew data revealing America's split feelings on AI, and the rise of Handala as a symbol in Iran-linked cyberattacks. Adrian also covers the latest exodus from Elon Musk's xAI as two more co-founders head for the exit.

Episode 2026-03-14

Adrian North — Sat, 14 Mar 2026 07:00:00 -0600

This episode digs into AI chatbots giving violent instructions when asked about mass attacks, a foreign hacker breaching FBI files on the Jeffrey Epstein case, and why everyone's suddenly having loud speakerphone conversations in public. It's a morning check-in on tech failures, security nightmares, and the weird social norms we're all pretending are fine.

Episode 2026-03-13

Adrian North — Fri, 13 Mar 2026 07:00:00 -0600

This episode digs into Amazon's massive six-hour outage traced back to AI-assisted code gone wrong, plus the company's new requirement for senior engineers to sign off on any AI-generated changes. We also explore Meta's acquisition of Moltbook, a social network built exclusively for AI agents to talk to each other, signaling a new frontier in how machines communicate.

Episode 2026-03-12

Adrian North — Thu, 12 Mar 2026 07:00:00 -0600

This episode covers a Russian hacking campaign targeting Signal and WhatsApp users through clever social engineering, North Korean IT workers now using AI face-swapping to infiltrate companies more convincingly, and a 102-year-old Canadian track star winning four events at a masters championship. Adrian digs into why even strong encryption fails when humans hand over the keys, and why celebrating extraordinary achievements doesn't mean pretending they're ordinary.

Episode 2026-03-11

Adrian North — Wed, 11 Mar 2026 07:00:00 -0600

This episode digs into how the tools we built for safety are being turned against us — from hacked security cameras becoming military reconnaissance tools to AI that can unmask your anonymous online profiles by analyzing how you write. We also explore the escalating AI arms race between voice-cloning scammers and the carriers trying to stop them before your phone rings with a perfect fake.

Episode 2026-03-10

Adrian North — Tue, 10 Mar 2026 07:00:00 -0600

This episode digs into incendiary devices hidden in massage pillows shipped from Lithuania, an AI model uncovering twenty-two security flaws in Firefox without human help, and a marathoner who never takes an offseason. It's espionage meets automation meets endurance — all before your morning coffee gets cold.

Episode 2026-03-09

Adrian North — Mon, 09 Mar 2026 00:00:00 -0600

This episode digs into Pakistan-aligned hackers using AI to mass-produce malware, the aging face of cybercrime moving beyond the teenage hacker stereotype, and why your running routine might be wrecking your digestive system. Adrian also unpacks Bitcoin's strange new behavior as a safe-haven asset and what happens when powerful tools fall into the wrong hands.

Episode 2026-03-08

Adrian North — Sun, 08 Mar 2026 00:00:00 -0700

This episode digs into how federal agencies buy your location data from advertising auctions without warrants, tracking people through prayer apps, dating profiles, and fitness trackers. We also cover the FBI's wiretap systems getting hacked amid a broader wave of breaches hitting telecom giants and government networks.

Episode 2026-03-07

Adrian North — Sat, 07 Mar 2026 00:00:00 -0700

This episode digs into a sophisticated iOS exploit kit called Coruna that's bringing spyware-grade tools to everyday crypto thieves, plus TikTok's controversial decision to skip end-to-end encryption on DMs. Adrian also explores how Stranger Things references are helping explain cybersecurity concepts in surprisingly effective ways.

Episode 2026-03-06

Adrian North — Fri, 06 Mar 2026 09:00:00 -0700

This episode covers two major digital security stories shaking up the tech world. We dig into how a sophisticated iPhone hacking toolkit — possibly built for the US government — leaked into the hands of Russian spies and cybercriminals, and explore a landmark court ruling that just slapped down massively overbroad digital search warrants used against a protester accused of simple assault.

Episode 2026-03-05

Adrian North — Thu, 05 Mar 2026 00:00:00 -0700

This episode covers physical warfare colliding with cloud infrastructure as Iranian missiles knock out Amazon data centers in the UAE, forcing customers to scramble for backup regions. We also dig into Samsung's settlement with Texas over secretly tracking what viewers watch on their smart TVs, burying consent forms under two hundred clicks of dark patterns.

Episode 2026-03-04

Adrian North — Wed, 04 Mar 2026 00:00:00 -0700

This episode covers disinformation flooding X during military strikes on Iran, a county health department using ChatGPT to solve a Salmonella outbreak at a beer tent, and the return of Mobile World Congress where experimental phones get wonderfully weird. Adrian North walks through how information moves — and breaks — when things happen fast.

Episode 2026-03-03

Adrian North — Tue, 03 Mar 2026 09:00:00 -0700

This episode covers U.S. and Israeli military strikes against Iran, the political fallout in Congress, and what it means as tensions continue to escalate in the Middle East. Adrian also digs into the guilty plea of a Ukrainian man who ran OnlyFake, an AI-powered website that generated over ten thousand fake IDs used to bypass banking security checks.

Episode 2026-03-02

Adrian North — Mon, 02 Mar 2026 00:00:00 -0700

This episode digs into the DOJ's $61 million Tether seizure linked to "pig butchering" scams, where victims are groomed for weeks before being drained of their crypto. Adrian also unpacks the irony of Meta suing advertisers for deceptive celeb-bait schemes and touches on emerging weapons in space.

Episode 2026-03-01

Adrian North — Sun, 01 Mar 2026 00:00:00 -0700

This episode digs into the Pentagon's unprecedented move to label Anthropic a supply chain risk after the AI company refused military contracts, explores how ransomware payments are hitting record lows even as attacks surge, and questions what happens when our hunger for viral content crashes into shared reality—like running a 5K inside an airplane bathroom. Adrian North breaks down the messy collision of AI ethics, cybercrime economics, and the absurdity of chasing clout at 30,000 feet.

Episode 2026-02-28

Adrian North — Sat, 28 Feb 2026 14:38:37 -0700

This episode digs into the reality check behind Claude Code's overhyped launch, explores the eerie timing of HBO's ransomware episode airing alongside a real Mississippi hospital attack, and profiles Polish computer scientist Maciej Besta who climbs the world's coldest peaks solo. Adrian breaks down why AI tools rarely live up to initial hype and how fictional portrayals might actually help everyday people understand cyber threats.

Episode 2026-02-27

Adrian North — Fri, 27 Feb 2026 19:00:00 -0700

This episode covers a relentless week in cybersecurity with breaches at PayPal, an emergency Chrome patch, and the troubling reality of AI jailbreaks being used to exfiltrate government data. Adrian also reflects on Jeff Galloway's legacy in running and how normalizing crisis mode has become the new baseline for tech security.

Episode 2026-02-26

Adrian North — Thu, 26 Feb 2026 14:37:50 -0700

All that AI but is it safe?