On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back!
• The ransomware ecosystem is finding life a bit tough lately
• SAP Netweaver bug being used by Chinese APT crew
• Academics keep just keep finding CPU side-channel attacks
• And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF?

This week’s episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future.

This episode is also available on Youtube.

• Exploiting Copilot AI for SharePoint | Pen Test Partners
• MrBruh's Epic Blog
• Ransomware group Lockbit appears to have been hacked, analysts say | Reuters
• "CONTI LEAK: Video they tried to bury! 6+ Conti members on a private jet. TARGET’s birthday — $10M bounty on his head. Filmed by TARGET himself. Original erased — we kept a copy."
• Mysterious hackers who targeted Marks and Spencer's computer systems hint at political allegiance as they warn other tech criminals not to attack former Soviet states
• The organizational structure of ransomware groups is evolving rapidly.
• SAP NetWeaver exploitation enters second wave of threat activity
• China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
• DOGE software engineer’s computer infected by info-stealing malware
• Hackers hijack Japanese financial accounts to conduct nearly $2 billion in trades
• FBI and Dutch police seize and shut down botnet of hacked routers
• Poland arrests four in global DDoS-for-hire takedown
• School districts hit with extortion attempts after PowerSchool breach
• EU launches vulnerability database to tackle cybersecurity threats
• Training Solo - vusec
• Branch Privilege Injection: Exploiting Branch Predictor Race Conditions – Computer Security Group
• Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet
• PSIRT | FortiGuard Labs
• EPMM Security Update | Ivanti