On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• TeleMessage memory dumps show up on DDoSecrets
• Coinbase contractor bribed to hand over user data
• Telegram does seem to be actually cooperating with law enforcement
• Britain’s legal aid service gets 15 years worth of applicant data stolen
• Shocking no one, Ivanti were weaseling when they blamed latest bugs on a third party library

This week’s episode is sponsored by Prowler, who make an open source cloud security tool. Founder and original project developer Toni de la Fuente joins to talk through the flexibility that open tooling brings. Prowler is also adding support for SaaS platforms like M365, and of course, an AI assistant to help you write checks!

This episode is also available on Youtube.

• TeleMessage - Distributed Denial of Secrets
• How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes | WIRED
• Coinbase says thieves stole user data and tried to extort $20M
• Hack could cost Coinbase up to $400M: filing | Cybersecurity Dive
• Severed Fingers and ‘Wrench Attacks’ Rattle the Crypto Elite
• Money Stuff: US Debt Rates Itself | NewsletterHunt
• 2 massive black market services blocked by Telegram, messaging app says | Reuters
• Telegram Gave Authorities Data on More than 20,000 Users
• GovDelivery, an email alert system used by governments, abused to send scam messages | TechCrunch
• ATO warning as hackers steal $14,000 in tax returns: ‘Be wary’
• Hack of SEC social media account earns 14-month prison sentence for Alabama man | The Record from Recorded Future News
• 19-year-old accused of largest child data breach in U.S. agrees to plead guilty
• Beach mansion, Benz and Bitcoin worth $4.5m seized from League of Legends hacker Shane Stephen Duffy | 7NEWS
• Pegasus spyware maker rebuffed in efforts to get off trade blacklist - The Washington Post
• Ransomware attack hits supplier of refrigerated groceries to British supermarkets | The Record from Recorded Future News
• UK government confirms massive data breach following hack of Legal Aid Agency | The Record from Recorded Future News
• Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities | Cybersecurity Dive
• Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)

In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security.

Push has built an identity security platform that collects identity information from your users’ browsers. It can detect phish kits and stop them, protect SSO passwords, and even find every single shadow/personal account that a user has spun up.

We think about phishing as protecting your users’ SSO details. But what about all the SaaS they’re using? What about the automation platforms your developers and admins use? What about data platforms like Snowflake? Are they using MFA? How would you know?

This is a fun one!

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back!
• The ransomware ecosystem is finding life a bit tough lately
• SAP Netweaver bug being used by Chinese APT crew
• Academics keep just keep finding CPU side-channel attacks
• And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF?

This week’s episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future.

This episode is also available on Youtube.

• Exploiting Copilot AI for SharePoint | Pen Test Partners
• MrBruh's Epic Blog
• Ransomware group Lockbit appears to have been hacked, analysts say | Reuters
• "CONTI LEAK: Video they tried to bury! 6+ Conti members on a private jet. TARGET’s birthday — $10M bounty on his head. Filmed by TARGET himself. Original erased — we kept a copy."
• Mysterious hackers who targeted Marks and Spencer's computer systems hint at political allegiance as they warn other tech criminals not to attack former Soviet states
• The organizational structure of ransomware groups is evolving rapidly.
• SAP NetWeaver exploitation enters second wave of threat activity
• China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
• DOGE software engineer’s computer infected by info-stealing malware
• Hackers hijack Japanese financial accounts to conduct nearly $2 billion in trades
• FBI and Dutch police seize and shut down botnet of hacked routers
• Poland arrests four in global DDoS-for-hire takedown
• School districts hit with extortion attempts after PowerSchool breach
• EU launches vulnerability database to tackle cybersecurity threats
• Training Solo - vusec
• Branch Privilege Injection: Exploiting Branch Predictor Race Conditions – Computer Security Group
• Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet
• PSIRT | FortiGuard Labs
• EPMM Security Update | Ivanti