Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal

Risky Business
10/09/2025 51 min

Listen "Risky Business #806 -- Apple's Memory Integrity Enforcement is a big deal"

Descargar episodio Ver en sitio original

Episode Synopsis



On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:


Apple ruins exploit developers’ week with fresh memory corruption mitigations
Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack
Salesloft says its GitHub was the initial entry point for its compromise
Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”
Rogue certs for 1.1.1.1 appear to be just (stupid) testing
Jaguar Land Rover ransomware attackers are courting trouble


This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!

This episode is also available on Youtube.



Show notes


Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research

Venezuela's president thinks American spies can't hack Huawei phones | TechCrunch

18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security

Software packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars Technica

Salesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity Dive

CISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future News

SAP warns of high-severity vulnerabilities in multiple products - Ars Technica

The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. - Ars Technica

Cyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future News

Cyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future News

Bridgestone Americas continues probe as it looks to restore operations | Cybersecurity Dive

Qantas penalizes executives for July cyberattack | The Record from Recorded Future News

Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future News

GOP Cries Censorship Over Spam Filters That Work – Krebs on Security

Risky Bulletin: APT report? No, just a phishing test! - Risky Business Media

Post by @patrick.risky.biz — Bluesky




More episodes of the podcast Risky Business

Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD 29/10/2025
Risky Business #811 -- F5 is the tip of the crap software iceberg 22/10/2025
Wide World of Cyber: A deep dive on the F5 hack 21/10/2025
Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business 17/10/2025
Risky Business #810 -- Data extortion attacks have a silver lining 15/10/2025
Snake Oilers: Realm Security, Horizon3 and Persona 08/10/2025
Risky Business #809 -- Hackers try to pay a journalist for access to the BBC 01/10/2025
Risky Business #808 -- Insane megabug in Entra left all tenants exposed 24/09/2025
Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc 17/09/2025
Risky Biz Soap Box: runZero shakes up vulnerability management 15/09/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA