On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Github Actions supply chain attack loots keys and secrets from 23k projects
• Why a VC fund now owns a minority stake in Risky Business Media (!?!?)
• China doxes Taiwanese military hackers
• Microsoft thinks .lnk file whitespace trick isn’t worth patching but APTs sure love it
• CISA delivers government efficiency by re-hiring fired staff… to put them on paid leave
• …and Google acquires Wiz for $32bn

This week’s show is sponsored by Zero Networks, and they have sent along a happy customer to talk about their experience. Aaron Steinke is Head of Infrastructure at La Trobe Financial, an asset management firm in Australia. Aaron talks through bringing modern zero-trust goodness to the reality of a technology environment that’s been around 40 years.

Show Notes:

Risky Bulletin: GitHub supply chain attack prints everyone’s secrets in build logs - Risky Business Media https://risky.biz/risky-bulletin-github-supply-chain-attack-prints-everyones-secrets-in-build-logs/

China says Taiwan’s military is behind PoisonIvy APT https://risky.biz/risky-bulletin-china-says-taiwans-military-is-behind-poisonivy-apt/

China identifies Taiwanese hackers allegedly behind cyberattacks and espionage | The Record from Recorded Future News https://therecord.media/china-taiwan-hacks-identify-cyber

Crypto exchange OKX shuts down tool used by North Korean hackers to launder stolen funds | The Record from Recorded Future News https://therecord.media/crypto-okx-shuts-down-exchange

Lazarus Group deceives developers with 6 new malicious npm packages | CyberScoop https://cyberscoop.com/lazarus-group-north-korea-malicious-npm-packages-socket/

Poisoned Windows shortcuts found to be a favorite of Chinese, Russian, N. Korean state hackers | The Record from Recorded Future News https://therecord.media/windows-lnk-files-nation-state-hacking-campaigns

‘Mora_001’ ransomware gang exploiting Fortinet bug spotlighted by CISA in January | The Record from Recorded Future News https://therecord.media/mora001-ransomware-gang-exploiting-vulnerability-lockbit

Black Basta uses brute-forcing tool to attack edge devices | Cybersecurity Dive https://www.cybersecuritydive.com/news/black-basta-uses-brute-forcing-tool-to-attack-edge-devices/742672/

Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court | The Record from Recorded Future News https://therecord.media/lockbit-alleged-russian-developer-extradited-us-israel

CISA works to contact probationary employees for reinstatement after court order - Nextgov/FCW https://www.nextgov.com/people/2025/03/cisa-works-contact-probationary-employees-reinstatement-after-court-order/403810/

‘People Are Scared’: Inside CISA as It Reels From Trump’s Purge | WIRED https://www.wired.com/story/inside-cisa-under-trump/

The Wiretap: CISA Staff Are Cautiously Optimistic About Trump’s Pick For Director https://www.forbes.com/sites/thomasbrewster/2025/03/18/cisa-staff-are-cautiously-optimistic-about-trumps-pick-for-director/

White House instructs agencies to avoid firing cybersecurity staff, email says | Reuters https://www.reuters.com/world/us/white-house-instructs-agencies-avoid-firing-cybersecurity-staff-email-says-2025-03-13/

Signal no longer cooperating with Ukraine on Russian cyberthreats, official says | The Record from Recorded Future News https://therecord.media/signal-no-longer-cooperating-with-ukraine

Telegram CEO Pavel Durov allowed to leave France amid investigation https://www.nbcnews.com/tech/tech-news/telegram-ceo-pavel-durov-allowed-leave-france-investigation-rcna196713

Appellate court upholds sentence for former Uber cyber executive Joe Sullivan | The Record from Recorded Future News https://therecord.media/joe-sullivan-former-uber-executive-conviction-upheld

Google buys cloud security provider Wiz for $32 billion | The Record from Recorded Future News https://therecord.media/google-buys-cloud-security-provider-wiz

Pat Gray, Founder of Risky Business, Joins Decibel as Founder Advisor - Decibel https://www.decibel.vc/articles/pat-gray-founder-of-risky-business-joins-decibel-as-founder-advisor