Brought to you by Airlock Digital

Allowlisting Software - Allowlist Made Simple

Show notes

GitHub confirms being hacked by TeamPCP, says customer data unaffected | therecord.media

Grafana Labs links GitHub environment breach to TanStack npm supply chain attack | Cybersecurity Dive

Coruna Respawned: Compromised art-template npm Package Leads... | Socket

CISA chief frets about open-source vulnerabilities, delayed security improvements | cyberscoop.com

Anthropic: Mythos finds more than 10,000 software flaws in first month | cyberscoop.com

Pardon MIE? | ironPeak Blog

CISA asks cybersecurity community to alert it to vulnerability exploitation | Cybersecurity Dive

Lawmakers Demand Answers as CISA Tries to Contain Data Leak | krebsonsecurity.com

Google publishes exploit code threatening millions of Chromium users | arstechnica.com

Millions of AI agents imperiled by critical vulnerability in open source package | arstechnica.com

Discord migrates all users to end-to-end encryption by default | The Record

Texas AG sues Meta over claims that WhatsApp doesn't provide end-to-end encryption | arstechnica.com

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada | krebsonsecurity.com

Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages | Cybersecurity Dive

FBI warns about fast-growing phishing kit targeting Microsoft 365 users | cyberscoop.com

Analyzing the rise in device code phishing attacks in 2026 | Push Security

Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses | TechCrunch Security

Kash Patel’s clothing brand website shut down after reports it was hacked | TechCrunch Security

Tulsi Gabbard resigns as US director of national intelligence | Social Signals

When Certificate Trust Fails: The DigiCert Code-Signing Incident and Microsoft Defender False Positive |