On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• New York Times gets a little stolen Russian FSB data as a treat
• iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign
• Researcher figures out a trick to get Google account holders’ full names and phone numbers
• Major US food distributor gets ransomwared
• The Com’s social engineering of Salesforce app authorisations is a harbinger of our future problems
• Australian Navy forgets New Zealand has computers, zaps Kiwis with their giant radar.

This week’s episode is sponsored by identity provider Okta. Long-time friend of the show Alex Tilley is Okta’s Global Threat Research Coordinator, and he joins to discuss how organisations can use both human and technical signals to spot North Koreans in their midst.

Show Notes:

How The Times Obtained Secret Russian Intelligence Documents - The New York Times https://www.nytimes.com/2025/06/07/world/europe/russia-intelligence-documents-leak-how.html

Ukraine’s military intelligence claims cyberattack on Russian strategic bomber maker | The Record from Recorded Future News https://therecord.media/ukraine-military-russia-strategic-bomber

Harris-Walz campaign may have been targeted by iPhone hackers, cybersecurity firm says https://www.nbcnews.com/tech/security/harris-walz-campaign-may-targeted-iphone-hackers-cybersecurity-firm-sa-rcna199468

iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S. https://iverify.io/blog/iverify-uncovers-evidence-of-zero-click-mobile-exploitation-in-the-us

Spyware maker cuts ties with Italy after government refused audit into hack of journalist’s phone | The Record from Recorded Future News https://therecord.media/paragon-spyware-maker-cuts-ties-italy-government

Italian lawmakers say Italy used spyware to target phones of immigration activists, but not against journalist | TechCrunch https://techcrunch.com/2025/06/06/italian-lawmakers-say-italy-used-spyware-to-target-phones-of-immigration-activists-but-not-against-journalist/

Android chipmaker Qualcomm fixes three zero-days exploited by hackers | TechCrunch https://techcrunch.com/2025/06/03/phone-chipmaker-qualcomm-fixes-three-zero-days-exploited-by-hackers/

Cellebrite to acquire mobile testing firm Corellium in $200 million deal | CyberScoop https://cyberscoop.com/cellebrite-correllium-acquisition-ios-android/

Apple Gave Governments Data on Thousands of Push Notifications https://www.404media.co/apple-gave-governments-data-on-thousands-of-push-notifications/

A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account https://www.404media.co/a-researcher-figured-out-how-to-reveal-any-phone-number-linked-to-a-google-account/

Bruteforcing the phone number of any Google user https://brutecat.com/articles/leaking-google-phones

Acreed infostealer poised to replace Lumma after global crackdown | The Record from Recorded Future News https://therecord.media/acreed-infostealer-arises-after-lumma-takedown

BidenCash darknet forum taken down by US, Dutch law enforcement | The Record from Recorded Future News https://therecord.media/bidencash-cybercrime-darknet-market-takedown-us-netherlands

NHS calls for 1 million blood donors as UK stocks remain low following cyberattack | The Record from Recorded Future News https://therecord.media/uk-nhs-calls-for-blood-donations-after-cyberattack

Major food wholesaler says cyberattack impacting distribution systems | The Record from Recorded Future News https://therecord.media/major-food-wholesaler-cyberattack-impacting-distribution

Kettering Health confirms attack by Interlock ransomware group as health record system is restored | The Record from Recorded Future News https://therecord.media/kettering-health-ohio-interlock-ransomware

Hackers abuse malicious version of Salesforce tool for data theft, extortion | Cybersecurity Dive https://www.cybersecuritydive.com/news/hackers-abuse-salesforce-tool-extortion/749790/

shubs on X: “IP whitelisting is fundamentally broken. At @assetnote, we’ve successfully bypassed network controls by routing traffic through a specific location (cloud provider, geo-location). Today, we’re releasing Newtowner, to help test for this issue: https://t.co/X3dkMz9gwK” / X https://x.com/infosec_au/status/1930449312892498008?s=46&t=VLIuBKdOq3MvRk4IpV-_-A

Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect | WIRED https://www.wired.com/story/ross-ulbricht-31-million-donation-alphabay/

Australian navy ship causes radio and internet outages to parts of New Zealand https://www.9news.com.au/national/australian-navy-ship-causes-radio-and-internet-outages-to-parts-of-nz/7f5910c2-612a-4680-b7e1-283f0f4c5032