Talkin' Bout [Infosec] News

This episode covers a CISA contractor’s accidental exposure of AWS GovCloud credentials and internal system details on GitHub, the FBI’s efforts to patch vulnerable routers, and a critical NGINX vulnerability with public proof-of-concept code. The team also discusses Microsoft’s handling of a disputed Azure Backup security finding, the challenges of vulnerability disclosure and CVE assignment, and GitHub’s ban of security researcher Nightmare Eclipse following the publication of unpatched Windows vulnerability research.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — Getting to Chili's (05:45) - GitHub bans vindictive security researcher - 2026-05-26 (07:09) - Story # 1: CISA Admin Leaked AWS GovCloud Keys on Github (10:45) - Story # 2 - PoC Code Published for Critical NGINX Vulnerability (12:53) - Story # 3 - Anthropic’s restricted Claude Mythos model may be coming to Claude Code (16:16) - Story # 4 - The FBI just remotely reset thousands of home and small office routers – and your TP-Link could be on the hitlist (22:37) - Story # 5 - Drupal to Release Emergency Core Security Updates Amid Fears of Rapid Exploitation (25:52) - Story # 6 - Microsoft rejects critical Azure vulnerability report, no CVE issued (28:09) - Story # 7 - GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered” (30:41) - Story # 8a - A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale (32:16) - Story # 8b - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension (35:21) - Story # 10 - Ubiquiti patches three max severity UniFi OS vulnerabilities (37:51) - Story # 11 - Pizza Hut's AI system caused 'cascading' problems and $100M in damages, franchisee alleges in new suit (43:55) - Story # 12 - Data Leak at German Hospital (45:00) - Story # 13 - Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware (47:50) - Story # 14 - Chicken News (50:07) - Story # 15 - New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released (51:04) - Story # 15b - Might someone pass along that Crowdstrike and Nessus are having a moment? LinksStory # 1 - CISA Admin Leaked AWS GovCloud Keys on GithubStory # 2 - PoC Code Published for Critical NGINX VulnerabilityStory # 3 - Anthropic’s restricted Claude Mythos model may be coming to Claude CodeStory # 4 - The FBI just remotely reset thousands of home and small office routers – and your TP-Link could be on the hitlistStory # 5 - Drupal to Release Emergency Core Security Updates Amid Fears of Rapid ExploitationStory # 6 - Microsoft rejects critical Azure vulnerability report, no CVE issuedStory # 7 - GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”Story # 8a - A Hacker Group Is Poisoning Open Source Code at an Unprecedented ScaleStory # 8b - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extensionStory # 10 - Ubiquiti patches three max severity UniFi OS vulnerabilitiesStory # 11 - Pizza Hut’s AI system caused ‘cascading’ problems and $100M in damages, franchisee alleges in new suitStory # 12 - Data Leak at German HospitalStory # 13 - Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malwareStory # 14 - Chicken NewsStory # 15 - New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC releasedStory # 15b - Might someone pass along that Crowdstrike and Nessus are having a moment?Creators & Guests Alethe Denis - Guest Corey Ham - Host Wade Wells - Host Bronwen Aker - Host Meagan Bentley - Producer Hayden Covington - Host Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com

This episode covers Mythos uncovering a vulnerability in cURL, a recent Google Threat Intelligence report on a zero-day exploit, and the growing impact of AI on capture-the-flag competitions and bug bounty programs. The hosts also discuss the economics of AI platforms like OpenAI, security research trends, and broader concerns around software vulnerabilities, automation, and defensive tooling.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — Token CTFs (03:18) - Story # 1: Mythos finds a curl vulnerability (06:36) - Story # 2: Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation (14:47) - Story # 3: The down fall of bug bounties (15:34) - Story # 3: Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ (40:52) - Story # 4: Germany to Flood Ukraine’s Front Lines With Hundreds of New GEREON Combat Robots (43:51) - Story # 4b: Wild Video Shows Delivery Robots Causing Havoc, Getting Obliterated (49:35) - Story # 5: Windows BitLocker zero-day gives access to protected drives, PoC released (56:09) - Story # 6: Deal reached with hackers to delete data stolen from the Canvas educational platform (58:07) - Story # 7: Celebrities’ and influencers’ private communications exposed in stalkerware data breach (58:54) - Story # 8: Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible (01:00:29) - Threat Hunting Summit Talk: Threat Hunting in the Dark: A Practical Approach (01:04:47) - WEBCAST: Looking at A.I. Wrong with John Strand, BB King and Derek Banks LinksStory # 1: Mythos finds a curl vulnerabilityStory # 2: Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass ExploitationStory # 3: The down fall of bug bountiesStory # 3: Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’Story # 4: Germany to Flood Ukraine’s Front Lines With Hundreds of New GEREON Combat RobotsStory # 4b: Wild Video Shows Delivery Robots Causing Havoc, Getting ObliteratedStory # 5: Windows BitLocker zero-day gives access to protected drives, PoC releasedStory # 6: Deal reached with hackers to delete data stolen from the Canvas educational platformStory # 7: Celebrities’ and influencers’ private communications exposed in stalkerware data breachStory # 8: Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsibleThreat Hunting Summit Talk: Threat Hunting in the Dark: A Practical ApproachWEBCAST: Looking at A.I. Wrong with John Strand, BB King and Derek BanksCreators & Guests John Strand - Host Corey Ham - Host Wade Wells - Host Bronwen Aker - Host Ralph May - Host Shane Hartman - Guest Meagan Bentley - Producer Hayden Covington - Host Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com

Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatThis episode of Talking About News focuses on the reported Canvas/Instructure breach, including discussion around ShinyHunters, transparency concerns, higher education security challenges, and possible attack paths involving phishing and tenant compromise. The team also explores broader cybersecurity trends such as social engineering, ransomware pressure tactics, and the growing role of AI and platform security in modern enterprise environments.Chapters(00:00) - PreShow Banter™ — Californian Problems (02:25) - The Canvas / Instructure Breach – 2026-05-11 (10:23) - Story # 1: Canvas Breach Disrupts Schools & Colleges Nationwide (13:45) - Story # 1b: Security Incident Update & FAQs (43:14) - Story # 2: Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peer (47:34) - Story # 3: Google Chrome silently installs a 4 GB AI model on your device without consent. (52:19) - Story # 4: Trellix source code breach claimed by RansomHouse hackers (58:12) - Story # 5: Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack - Cybersecurity LinksStory # 1: Canvas Breach Disrupts Schools & Colleges NationwideStory # 1b: Security Incident Update & FAQsStory # 2: Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peerStory # 3: Google Chrome silently installs a 4 GB AI model on your device without consent.Story # 4: Trellix source code breach claimed by RansomHouse hackersStory # 5: Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack - CybersecurityWade's Workshop: Threat Actor Profiling: Know Your EnemyAlethe Denis' Webcast: How to Build a Bulletproof PretextAlethe Denis' Workshop: How to Build Pressure-Proof PretextsCreators & Guests John Strand - Host Corey Ham - Host Wade Wells - Host Ched "cheddar" Wiggins - Guest Bronwen Aker - Host Hayden Covington - Host Ryan Poirier - Producer Alethe Denis - Guest Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com

Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatThis episode covers several major cybersecurity and technology news stories, including Utah’s proposed crackdown on VPNs used to bypass online age-verification systems and the privacy and enforcement concerns surrounding those laws. The hosts also discuss newly disclosed MOVEit Transfer vulnerabilities and patching guidance, software trust and code-signing weaknesses, and broader issues around internet regulation and digital identity verification. Additional discussion touches on AI, science-fiction-inspired technology concepts, relativity and time dilation, and other notable developments from the week in cybersecurity and tech news.Chapters(00:00) - PreShow Banter™ — Alien Communications 101 (03:38) - Utah Bans VPN Age Bypass - 2026-05-04 (09:13) - Story #1 - DigiCert Revokes Certificates After Support Portal Hack (15:25) - Story #2 - Progress warns of critical MOVEit Automation auth bypass flaw (16:44) - Story #3 - Critical cPanel and WHM bug exploited as a zero-day, PoC now available (23:33) - Story #4 - Copy Fail (26:17) - Story #5 - Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue (33:42) - Story #6 - Elon Musk testifies that xAI trained Grok on OpenAI models (38:51) - Story #7 - Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks (51:23) - Story #8 - Why you should refuse to let your doctor record you (56:19) - Story #9 - Technique Change Type: How the ATT&CK Object Changed LinksCreators & Guests Corey Ham - Host Wade Wells - Host Ralph May - Host Tim Medin - Guest Patrick Gorman - Guest Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com

This episode dives into the economics and competitive dynamics of the AI industry, including discussions on profitability, pricing strategies, monopolization, and the rise of open and distilled models—particularly concerns around Chinese AI competition. The hosts also cover a reported long-running phishing campaign linked to Chinese actors targeting NASA-affiliated researchers and engineers, highlighting how social engineering was used to extract sensitive aerospace information.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis🔴live-chatChapters(00:00) - PreShow Banter™ — Making More Money than OpenAI (04:58) - NASA Gets Phished by Chinese - 2026-04-27 (07:22) - Story # 1: ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty (13:07) - Story # 2: A Mexican surveillance giant you’ve never heard of is now watching the U.S. border (19:59) - Story # 3: Scam messages offering ships safe transit through Hormuz, security firm warns (24:24) - Story # 4: Apple fixes bug that let the FBI recover deleted Signal messages (27:49) - Story # 5: Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign (30:28) - Story # 6: cDc communications | CULT OF THE DEAD COW | The Hacktivismo Declaration: Rebooted 2026-04-21 (34:07) - Story # 7: NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software (36:29) - Story # 8: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite (41:34) - Story # 9: Discord group says it accessed Claude Mythos by guessing location (44:19) - Story # 10: Introducing GPT‑5.5 (46:46) - Story # 11: CERT-In Advisory CIAD-2026-0020 (50:47) - Story # 12: pro j e c t d e a l LinksStory # 1: ‘Scattered Spider’ Member ‘Tylerb’ Pleads GuiltyStory # 2: A Mexican surveillance giant you’ve never heard of is now watching the U.S. borderStory # 3: Scam messages offering ships safe transit through Hormuz, security firm warnsStory # 4: Apple fixes bug that let the FBI recover deleted Signal messagesStory # 5: Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain CampaignStory # 6: cDc communications | CULT OF THE DEAD COW | The Hacktivismo Declaration: Rebooted 2026-04-21Story # 7: NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense SoftwareStory # 8: How UNC6692 Employed Social Engineering to Deploy a Custom Malware SuiteStory # 9: Discord group says it accessed Claude Mythos by guessing locationStory # 10: Introducing GPT‑5.5Story # 11: CERT-In Advisory CIAD-2026-0020Story # 12: pro j e c t d e a lCreators & Guests Aisling nic Lynne "siriciryel" - Guest Corey Ham - Host John Strand - Host Ralph May - Host Hayden Covington - Host Wade Wells - Host Ryan Poirier - Producer Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits https://poweredbybhis.comBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com