In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. It’s a quiet week with Thanksgiving in the US, but there’s always some cyber to talk about:


Airbus rolls out software updates after a cosmic ray bitflips an A320 into a dive
Krebs tracks down a Scattered Lapsus$ Hunters teen through the usual poor opsec…
… as Wired publishes an opsec guide for teens.
Microsoft decides its login portal is worth a Content Security Policy
South Korean online retailer data breach covers 65% of the country


This week’s episode is sponsored by Nebulock. Founder and CEO Damien Lewke joins to talk through their work bringing more SIgma threat detection rules to MacOS.

This episode is also available on Youtube.



Show notes


Airlines race to fix their Airbus planes after warning solar radiation could cause pilots to lose control | CNN

Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign | CyberScoop

Post-mortem of Shai-Hulud attack on November 24th, 2025 - PostHog

Update: Shai-Hulud and the npm Ecosystem: Why CTEM Must Extend Beyond Your Walls | Armis

Glassworm's resurgence | Secure Annex

4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign | Koi Blog

Post by @spuxx.bsky.social — Bluesky

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on Security

The WIRED Guide to Digital Opsec for Teens | WIRED

Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos - ABC News

Ed Conway on X: "The person who first downloaded the OBR's document at 11:35 on Budget day (I'm guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!) https://t.co/6iLm2uEUj2" / X

Reuters accused of hack attack | ZDNET

The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’ | WIRED

Microsoft tightens cloud login process to prevent common attack | Cybersecurity Dive

Fortinet FortiWeb flaws found in unsupported versions of web application firewall | Cybersecurity Dive

Cryptomixer platform raided by European police; $29 million in bitcoin seized | The Record from Recorded Future News

Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange | The Record from Recorded Future News

Data breach hits 'South Korea's Amazon,' potentially affecting 65% of country’s population | The Record from Recorded Future News

NSA Contractor Groomed Teenage Girls On Reddit, DOJ Alleges

Nebulock developed coreSigma for MacOS

coreSigma repo:

Ver todos los episodios