• Episode 102: July 12, 2026
    Jul 12 2026
    This episode covers a triple threat in Balochistan where Chinese and Indian hackers targeted the same police database, Progress Software's emergency weekend shutdown order for ShareFile customers, and Accenture's confirmed source code breach. Adrian also touches on a Runner's World reset plan that applies beyond the track. Signal Check delivers your Sunday morning cybersecurity briefing before the world wakes up. Stories covered: - Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns (The Hacker News) - https://thehackernews.com/2026/07/hackers-weaponize-balochistan-police.html - URGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat (The Hacker News) - https://thehackernews.com/2026/07/urgent-progress-tells-sharefile.html - Accenture Confirms Data Breach After Hacker Claims Source Code Theft - SecurityWeek (SecurityWeek) - https://news.google.com/rss/articles/CBMinwFBVV95cUxOaThuTEIyMF9sRV85UnpwMlBneHY2ZHhral94MS1ETXRhMUZGS3pwaXBPUmtzdHprUFBuVk1YQjF6SnM2UFNHQmpWdDg0STFuSjNpNkZBX1ZDbEhMNFFmZTZGSlJseXRSSm1VdDBTamhBSDdEQXdldnY4MzR2cFVubV8wcTdRV0FHUjJMUDhfTnUxckVMalRScGVIMG1DRknSAaQBQVVfeXFMTUNsbVlvOVhoUE5nNEY2SEl1b3JpbjA5R3JIbWJfX0JKVDAxNXBldVJQandxRWwtdUFkSVBUMkRhV2pDLXNJbm1DVXRsMGZjYk54clR6ZFFOUmIyWTA1TU1pSDQ5cmhySF90RmJDWE5KTDhkUDE1eU1UY3FXekNLRF9PZ0ZObURBdVljUFg5QXRGT0VlbDR1YXZyTjAzeHoxWGFiek0?oc=5 - Steal This 3-Step Plan to Get Out of a Running Rut and Rebuild Momentum (Runner's World) - https://www.runnersworld.com/training/a71884482/3-step-running-comeback/ - Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install (The Hacker News) - https://thehackernews.com/2026/07/compromised-jscrambler-8140-npm-release.html - Weightlifting beats running for blood sugar control, researchers find (Hacker News) - https://news.vt.edu/articles/2025/11/research_fralinbiomed_yanweightlifting.html
    Show More Show Less
    5 mins
  • Episode 101: July 11, 2026
    Jul 11 2026
    This episode covers a wave of critical security developments, from an Armenian national pleading guilty to deploying Ryuk ransomware to a severe authentication bypass being actively exploited in Gitea's Docker image. Adrian also digs into GhostLock, a fifteen-year-old Linux kernel flaw that's been hiding in plain sight, reminding us that even the most scrutinized code still harbors ghosts. Stories covered: - Ryuk ransomware member pleads guilty in the US, faces 15 years in prison (BleepingComputer) - https://www.bleepingcomputer.com/news/security/ryuk-ransomware-member-pleads-guilty-in-the-us-faces-15-years-in-prison/ - Hackers exploit critical auth bypass in Gitea Docker image (BleepingComputer) - https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-auth-bypass-in-gitea-docker-image/ - GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years (Hacker News) - https://nebusec.ai/research/ionstack-part-2/ - Accenture Confirms Data Breach After Hacker Claims Source Code Theft - SecurityWeek (SecurityWeek) - https://news.google.com/rss/articles/CBMinwFBVV95cUxOaThuTEIyMF9sRV85UnpwMlBneHY2ZHhral94MS1ETXRhMUZGS3pwaXBPUmtzdHprUFBuVk1YQjF6SnM2UFNHQmpWdDg0STFuSjNpNkZBX1ZDbEhMNFFmZTZGSlJseXRSSm1VdDBTamhBSDdEQXdldnY4MzR2cFVubV8wcTdRV0FHUjJMUDhfTnUxckVMalRScGVIMG1DRknSAaQBQVVfeXFMTUNsbVlvOVhoUE5nNEY2SEl1b3JpbjA5R3JIbWJfX0JKVDAxNXBldVJQandxRWwtdUFkSVBUMkRhV2pDLXNJbm1DVXRsMGZjYk54clR6ZFFOUmIyWTA1TU1pSDQ5cmhySF90RmJDWE5KTDhkUDE1eU1UY3FXekNLRF9PZ0ZObURBdVljUFg5QXRGT0VlbDR1YXZyTjAzeHoxWGFiek0?oc=5 - This Ultrarunner Covered 425 Miles Up the U.K.’s Highest Points—and Smashed the Fastest Known Time (Runner's World) - https://www.runnersworld.com/news/a71872563/trish-patterson-three-peaks-challenge-world-record/ - China recovered its first reusable rocket and showed a new way to do it (Ars Technica) - https://arstechnica.com/space/2026/07/china-recovered-its-first-reusable-rocket-and-showed-a-new-way-to-do-it/
    Show More Show Less
    6 mins
  • Episode 100: July 10, 2026
    Jul 10 2026
    This episode covers a Microsoft Defender patch that came dangerously late, how Windows telemetry helped nab a cybercriminal, and a supply chain attack that hit the Web3 ecosystem hard. We also dig into an Accenture data breach that could ripple across their massive client base, plus a quick detour into ultramarathon training strategy that's all about working smarter, not harder. Stories covered: - Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges (The Hacker News) - https://thehackernews.com/2026/07/microsoft-patches-rogueplanet-defender.html - Arrest and extradition of Scattered Spider hacker shines light on how Windows telemetry GDIDs can identify and track users — Microsoft device identifier is just one digital fingerprint in a software world rife with them - Tom's Hardware (Tom's Hardware) - https://news.google.com/rss/articles/CBMi_gJBVV95cUxNMVI1NVZ4emxVYWtuZlFIdU9OTTEtVlRxUENPUUVDWHZKLUJOVHZOV1hnSk9IRjd3clVza0pSRE8wYjVWdUxET1hOemp1ZHp0Z2wzYmMzVG9mU1o3OXJyb3N6c3dON01zUzFNSTVOQlh0aHVrdmVCUEhTMlFiUmhRLTUxZC13S2tpVmFpTXlkbU45b2NBVnhZb0trZUczeEp6ZFo0NFJKb01YM0NVNG9BWDJsRkp5dUY3aGk4RmExalFjUzFFOE5zYTFkOEdhVXhMRGRzWlhaSzdneTJ1dWd5R0Z5bFp3ekhBZjczN2stUjNJNUNFbzRGb2ZGeFFaczlyRF9ibjJ0N1ZCSFVsRFpDNjF5dVIzc2dmRTBoODNJRXpxSC1XeVFrTElrR2ZqbDJ0UnU2c09rYm9LOGh6aUVEWDROd1hDeHpxeTJoQmdUQ0NDcTlwNXNiU3ItS1VkRkJrQU10d0RJVDI2ZFY1VjA4bFVuOUdiVEZWX0p2enpn?oc=5 - Injective SDK on npm infected with cryptocurrency wallet stealer (BleepingComputer) - https://www.bleepingcomputer.com/news/security/injective-sdk-on-npm-infected-with-cryptocurrency-wallet-stealer/ - Accenture Confirms Data Breach After Hacker Claims Source Code Theft - SecurityWeek (SecurityWeek) - https://news.google.com/rss/articles/CBMinwFBVV95cUxOaThuTEIyMF9sRV85UnpwMlBneHY2ZHhral94MS1ETXRhMUZGS3pwaXBPUmtzdHprUFBuVk1YQjF6SnM2UFNHQmpWdDg0STFuSjNpNkZBX1ZDbEhMNFFmZTZGSlJseXRSSm1VdDBTamhBSDdEQXdldnY4MzR2cFVubV8wcTdRV0FHUjJMUDhfTnUxckVMalRScGVIMG1DRknSAaQBQVVfeXFMTUNsbVlvOVhoUE5nNEY2SEl1b3JpbjA5R3JIbWJfX0JKVDAxNXBldVJQandxRWwtdUFkSVBUMkRhV2pDLXNJbm1DVXRsMGZjYk54clR6ZFFOUmIyWTA1TU1pSDQ5cmhySF90RmJDWE5KTDhkUDE1eU1UY3FXekNLRF9PZ0ZObURBdVljUFg5QXRGT0VlbDR1YXZyTjAzeHoxWGFiek0?oc=5 - Why Your Ultramarathon Training Plan Isn’t Working (And How to Fix It) (Trail Runner Mag) - https://www.trailrunnermag.com/training/is-your-ultramarathon-training-plan-good-enough/ - This Ultrarunner Covered 425 Miles Up the U.K.’s Highest Points—and Smashed the Fastest Known Time (Runner's World) - https://www.runnersworld.com/news/a71872563/trish-patterson-three-peaks-challenge-world-record/
    Show More Show Less
    4 mins
  • Episode 99: July 09, 2026
    Jul 9 2026
    This episode covers critical security patches from Ubiquiti for UniFi gear, a fifteen-year-old Linux kernel flaw called GhostLock that allows privilege escalation, and a solo attacker who breached AWS in just seventy-two hours using AI and cloud misconfigurations. We also touch on sustainable optimization strategies and John Deere's landmark right-to-repair settlement with the FTC. Stories covered: - Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS (The Hacker News) - https://thehackernews.com/2026/07/ubiquiti-patches-critical-unifi-flaws.html - 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros (The Hacker News) - https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html - Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours (Dark Reading) - https://www.darkreading.com/cloud-security/lone-attacker-ai-breach-aws-cloud-environment - Is High Mileage Right for You? Experts Break Down How to Find Your Volume Sweet Spot (Runner's World) - https://www.runnersworld.com/training/a71841267/low-mileage-vs-high-mileage-runner/ - John Deere owners will get the right to repair equipment under FTC settlement (Hacker News) - https://apnews.com/article/john-deere-right-to-repair-agriculture-equipment-cb7514ffedb95c130a976af661f2bc02 - Accenture Confirms Data Breach After Hacker Claims Source Code Theft - SecurityWeek (SecurityWeek) - https://news.google.com/rss/articles/CBMinwFBVV95cUxOaThuTEIyMF9sRV85UnpwMlBneHY2ZHhral94MS1ETXRhMUZGS3pwaXBPUmtzdHprUFBuVk1YQjF6SnM2UFNHQmpWdDg0STFuSjNpNkZBX1ZDbEhMNFFmZTZGSlJseXRSSm1VdDBTamhBSDdEQXdldnY4MzR2cFVubV8wcTdRV0FHUjJMUDhfTnUxckVMalRScGVIMG1DRknSAaQBQVVfeXFMTUNsbVlvOVhoUE5nNEY2SEl1b3JpbjA5R3JIbWJfX0JKVDAxNXBldVJQandxRWwtdUFkSVBUMkRhV2pDLXNJbm1DVXRsMGZjYk54clR6ZFFOUmIyWTA1TU1pSDQ5cmhySF90RmJDWE5KTDhkUDE1eU1UY3FXekNLRF9PZ0ZObURBdVljUFg5QXRGT0VlbDR1YXZyTjAzeHoxWGFiek0?oc=5
    Show More Show Less
    5 mins
  • Episode 98: July 08, 2026
    Jul 8 2026
    This episode digs into a sixteen-year-old Linux kernel flaw that's been lurking in virtualized systems, Accenture's messy data breach with source code now up for sale, and a hidden backdoor baked into Tenda router firmware. We also cover GitHub's GitLost vulnerability that lets attackers pull private data through public repos, plus the usual reminder that scale and reputation don't make anyone immune. Stories covered: - 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems (The Hacker News) - https://thehackernews.com/2026/07/16-year-old-linux-kvm-flaw-lets-guest.html - Accenture confirms breach after hacker offers stolen data for sale (BleepingComputer) - https://www.bleepingcomputer.com/news/security/accenture-confirms-breach-after-hacker-offers-stolen-data-for-sale/ - Hidden backdoor in Tenda router firmware grants admin access (BleepingComputer) - https://www.bleepingcomputer.com/news/security/hidden-backdoor-in-tenda-router-firmware-grants-admin-access/ - 'GitLost' Flaw Leaks Private Data From GitHub's Agentic Workflows (Dark Reading) - https://www.darkreading.com/cyber-risk/gitlost-leaks-private-data-github-agentic-workflows - Everything You Need To Know About The 2026 Hardrock 100 (Marathon Handbook) - https://marathonhandbook.com/everything-you-need-to-know-about-the-2026-hardrock-100/ - He Took 26 Days to Run the London Marathon—and Made Marathons Harder on Purpose (Runner's World) - https://www.runnersworld.com/news/a71855030/a-diving-suit-a-300-pound-dragon-and-the-remarkable-running-career-of-lloyd-scott/
    Show More Show Less
    6 mins
  • Episode 97: July 07, 2026
    Jul 7 2026
    This episode covers a critical Gitea Docker vulnerability exploited just thirteen days after patching, the first fully autonomous LLM-driven ransomware attack called JadePuffer, and a sixteen-year-old KVM hypervisor flaw that lets guest VMs escape to the host. Adrian also digs into how Microsoft used Windows hardware IDs to track down a hacker, proving your device might be less anonymous than you think. Stories covered: - Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure (The Hacker News) - https://thehackernews.com/2026/07/threat-actors-probe-gitea-docker-flaw.html - JadePuffer: The First Complete LLM-Driven Ransomware Attack (Dark Reading) - https://www.darkreading.com/cyberattacks-data-breaches/jadepuffer-first-complete-llm-driven-ransomware-attack - 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems (The Hacker News) - https://thehackernews.com/2026/07/16-year-old-linux-kvm-flaw-lets-guest.html - A Hacker's Arrest Reveals Microsoft Can Track Users Via a Windows Device ID - PCMag (PCMag) - https://news.google.com/rss/articles/CBMinwFBVV95cUxPR18tcjN4al9USHhMQ01vUHh3dm54MHVjLUZFTGxqWGhiQzdGSjg5VXJ2T1k4TEp4MTM2a2RnalV2U3JnXzc0NUdFRG9GNUM0a29CZ21oVG5mcmpCTFE5N1UtWi15WDJOakRIRjgyQjBtSm00ZnBtRFZSVndJLWtlVjIxNDZBSTM5c09iV3RlNS15bnM0Wl9jUWRkay1FREU?oc=5 - Jess McClain Took a 2-Year Break From Running—and Came Back Faster Than Ever. Here’s What You Can Learn From Her Impressive Return. (Runner's World) - https://www.runnersworld.com/training/a71834305/jess-mcclain-comeback-lessons/ - Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year (TechCrunch) - https://techcrunch.com/2026/07/06/canadian-spy-agency-says-it-hacked-drug-traffickers-extremists-and-a-ransomware-gang-last-year/
    Show More Show Less
    5 mins
  • Episode 96: July 06, 2026
    Jul 6 2026
    This episode covers North Korean hackers flooding developer repositories with over a hundred malicious packages, new credential-stealing tactics like ConsentFix that bypass multi-factor authentication in seconds, and a critical SharePoint vulnerability now being actively exploited two months after its patch. We also dig into what researchers believe is the first fully AI-automated ransomware attack, marking a dangerous new milestone in cyber threats. Stories covered: - North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign (The Hacker News) - https://thehackernews.com/2026/07/north-korean-hackers-publish-108.html - ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds (BleepingComputer) - https://www.bleepingcomputer.com/news/security/consentfix-and-clickfix-how-microsoft-365-accounts-are-hijacked-in-3-seconds/ - CISA: Microsoft SharePoint RCE flaw now actively exploited (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-microsoft-sharepoint-rce-flaw-now-actively-exploited/ - JadePuffer ransomware used AI agent to automate entire attack (BleepingComputer) - https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/ - Basing Your Weekly Mileage on Your Race Distance? One Coach Explains Why That’s the Wrong Tactic—and the Real Factors to Consider. (Runner's World) - https://www.runnersworld.com/training/a71806426/race-distance-weekly-mileage/ - How ethical hackers with just a $3,000 server found a flaw that could've put $70 billion in crypto at risk - CoinDesk (CoinDesk) - https://news.google.com/rss/articles/CBMi5gFBVV95cUxNSnp0OTJqdUNpN0JSaEZ5bXRFNG5naDNmMDRCdndwUWdSS295Uy1VZU9SaEwtWVZIcHBDWE03ZnNELWdYc05POXA0dHZwWEdnRGZxUEktODNZY1BtSGxtZ1pENlp5cXVLQ3hTSHd4U3lWaW41MmxORUoxM0pQV01FTDAydUd0dUp6SXJCTGcxbkYydng3STM4NTRKOEhOSDZyeUJrRkRKYmxYOWJsNGVfc0lzNDRHcGtvRENQOHVKSTRSNG1ZSmtVUEVKbEJWZ3RNd1dVd1dhRmNpMTRXVTkzZHZtdk5CQQ?oc=5
    Show More Show Less
    6 mins
  • Episode 95: July 05, 2026
    Jul 5 2026
    This episode digs into a Scattered Spider extradition, the first fully AI-driven ransomware attack, and a Tesla bug bounty that uncovered a $243 million flaw. We also cover an actively exploited SharePoint vulnerability and what it means when the tools running half the enterprise become the entry point. Stories covered: - Alleged Scattered Spider hacker extradited to the United States (BleepingComputer) - https://www.bleepingcomputer.com/news/security/alleged-scattered-spider-hacker-extradited-to-the-united-states/ - JadePuffer ransomware used AI agent to automate entire attack (BleepingComputer) - https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/ - Tesla paid a Russian hacker $15,000 per bug found — then he cracked open the case that cost them $243 million - Yahoo Finance (Yahoo Finance) - https://news.google.com/rss/articles/CBMilwFBVV95cUxOdnNiS0VBcTZqY3NOVzRjYXFLejRpeDYzRmpCV3J6QUlnRXhjVU80VHh6MXZnYV9pZVhmY0x6X21QcHUzanp5RW1kTkxTLUlMWHFXSGNLWWZiS0ZmZFI0ekpLWk1OczlOTXpCNTF5ZDVrMWwwN196bUFpRFVKNWg0STR6bkNUTlJoQzN4ZnNyNE9idUtHdkxn?oc=5 - CISA: Microsoft SharePoint RCE flaw now actively exploited (BleepingComputer) - https://www.bleepingcomputer.com/news/security/cisa-microsoft-sharepoint-rce-flaw-now-actively-exploited/ - Basing Your Weekly Mileage on Your Race Distance? One Coach Explains Why That’s the Wrong Tactic—and the Real Factors to Consider. (Runner's World) - https://www.runnersworld.com/training/a71806426/race-distance-weekly-mileage/ - FBI Seizes NetNut Proxy Platform, Popa Botnet (Krebs on Security) - https://krebsonsecurity.com/2026/07/fbi-seizes-netnut-proxy-platform-popa-botnet/
    Show More Show Less
    5 mins