Podcasts

In this solo episode, James Wilson takes a detailed look at TeamPCP.

It started off by launching clumsy attacks against misconfigured Kubernetes clusters in September 2025. But by February this year, TeamPCP had skilled up and was smashing global software supply chains in the highest profile attacks of 2026.

TeamPCP upskilled and turned the software development ecosystem into its personal credential harvesting machine.

Here’s how TeamPCP did it, and what we can learn from it.

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the ways in which intelligence agencies are just like cults.

This episode is also available on YouTube

A new Palo Alto Networks firewall bug is being exploited in the wild, Russia expands SORM surveillance, NIST is looking for new post quantum algorithms, and ENSOC launches in Europe.

In this sponsored interview Casey Ellis chats with Truffle Security’s founder and CEO Dylan Ayrey about the recent CISA secrets leak.

Days after Brian Krebs ran the story, plenty of the exposed credentials were still live, including an admin-level GitHub app key with full rights over CISA’s org.

Dylan walks through why deleting the repo doesn’t fix anything, why most cloud vendors won’t hard-revoke exposed keys (OpenAI and Slack will; AWS, Google and friends mostly won’t), why Hugging Face datasets now hold more secrets than GitHub itself, and what the next generation of multi-provider credential-harvesting supply chain worms is going to look like.

Dutch police take down a botnet of 17 million devices, US military staff have been tracked with ad-tech location data, a Google engineer is arrested for insider trading on Polymarket, and Gogs and the Casdoor IAM leave major bugs unpatched.

Iran will reconnect to the Internet, a new vulnerability lets attackers bypass authentication on AI infrastructure, hackers breach Lithuania’s state registry, security firms take down the Glassworm botnet, and CERT India releases strict patching advice.

On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:

• TeamPCP breached GitHub’s internal repos. Now what?
• Some absolute plonker glued Coruna to a hijacked npm package
• CISA is worried about about open source and wants third party submissions for KEV
• AI infrastructure is “systemically” insecure
• Much, much more

This week’s episode is sponsored by allowlisting vendor Airlock Digital. Airlock’s founders David Cottingham and Daniel Schell join Patrick Gray to talk about Microsoft briefly flagging DigitCert’s root certificate as malware. Fun!

This episode is also available on YouTube

In this podcast James Wilson chats with Brad Arkin about why software supply chain attacks have gone from rare, once-in-a-while disasters to an operational problem affecting mainstream enterprises almost daily.

AI has made attackers faster, and “vibe coding” means the number of environments pulling packages from the internet has gone to the moon. It also means legacy tooling that seeks out the bad packages and cleans them up isn’t enough. Package cooldown windows won’t fix this either.

But all hope is not lost! Tune in to this podcast to find out how you can get a grip on the disaster de jour!

Anthropic says Mythos has found thousands of critical bugs, hackers leak documents from a Russian disinfo group, GitHub rolls out new npm security features, and Dutch police raid two bulletproof hosting providers.

In this sponsored interview James Wilson chats with Sondera CEO Josh Devon about why guardrails and instruction files aren’t enough to keep AI agents from going haywire. EDR, DLP and other traditional controls can’t and won’t prevent agents from going rogue.

Josh explains Sondera’s “principle of least autonomy” for agents: let them do useful work, but put them in a deterministic policy harness so they can’t leak secrets, abuse tools or wander off-task.