Risky Business Podcast
September 17, 2025
Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc
Presented by
Technology Editor
CEO and Publisher
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
- Shai-Hulud worm propagates via npm and steals credentials
- Jaguar Land Rover attack may put smaller suppliers out of business
- Leaked data emerges from the vendor behind the Great Firewall of China
- Vastaamo hacker walks free while appeal is underway
- Why is a senator so mad about Kerberos?
This week’s episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc’s identity-to-firewall glue to protect internal services and networks.
This week’s episode is also available on Youtube.
Brought to you by Knocknoc
Knocknoc removes the attack surface of your assets.
Show notes
Self-Replicating Worm Hits 180+ Software Packages – Krebs on Security
Jaguar Land Rover: Some suppliers 'face bankruptcy' due to hack crisis
Jaguar Land Rover production shutdown could last until November
U.S. Investors, Trump Close In on TikTok Deal With China - WSJ
U.S. Investors, Trump Close In on TikTok Deal With China - WSJ
How China’s Propaganda and Surveillance Systems Really Operate | WIRED
Mythical Beasts: Diving into the depths of the global spyware market - Atlantic Council
US national charged in Finnish psychotherapy center extortion | The Record from Recorded Future News
Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” - Ars Technica
Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters
Israel announces seizure of $1.5M from crypto wallets tied to Iran | TechCrunch