On this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including:

• Secret Service raids a SIM farm in New York
• MI6 launches a dark web portal
• Are the 2023 Scattered Spider kids finally getting their comeuppance?
• Production halt continues for Jaguar Land Rover
• GitHub tightens its security after Shai-Hulud worm

This week’s episode is sponsored by Sublime Security. In this week’s sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform.

Show Notes:

U.S. Secret Service disrupts telecom network that threatened NYC during U.N. General Assembly https://www.cbsnews.com/news/u-s-secret-service-disrupts-telecom-network-threatened-new-york-city-u-n-general-assembly/

MI6 launches darkweb portal to recruit foreign spies | The Record from Recorded Future News https://therecord.media/mi6-darkweb-portal-recruit-foreign-spies

MI6 – SecurelyContactingMI6 – Introducing SILENT COURIER MI6 - YouTube https://www.youtube.com/watch?v=FLneejpWtC0

One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens - dirkjanm.io https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

Github npm changes https://www.helpnetsecurity.com/2025/09/23/npm-publishing-security-improvements/

Flights across Europe delayed after cyberattack targets third-party vendor | Cybersecurity Dive https://www.cybersecuritydive.com/news/flights-europe-delayed-cyberattack-third-party/760745/

Major European airports work to restore services after cyberattack on check-in systems | The Record from Recorded Future News https://therecord.media/europe-airports-delays-ransomware-attack-checkin-systems

When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on – DataBreaches.Net https://databreaches.net/2025/09/21/when-goodbye-isnt-the-end-scattered-lapsus-hunters-hack-on/

UK arrests 2 more alleged Scattered Spider hackers over London transit system breach | Cybersecurity Dive https://www.cybersecuritydive.com/news/uk-arrests-scattered-spider-london-transit-hack-us-healthcare/760508/

Alleged Scattered Spider member turns self in to Las Vegas police | The Record from Recorded Future News https://therecord.media/las-vegas-arrest-scattered-spider-suspect-turns-self-in

Las Vegas police arrest minor accused of high-profile 2023 casino attacks | CyberScoop https://cyberscoop.com/las-vegas-teenager-arrested-casino-attacks-scattered-spider/

DOJ: Scattered Spider took $115 million in ransoms, breached a US court system | The Record from Recorded Future News https://therecord.media/scattered-spider-unsealed-charges-115million-extortion-breached-courts-system

vx-underground on X: “Scattered Spider ransoms company for 964BTC - wtf_thats_alot.jpeg - Document says “Cost of BTC at time was $36M” - $36M / 964BTC = $37.5K - BTC value was $37.5K in November, 2023 - Google “Ransomware, November, 2023” - omfg.exe | X https://x.com/vxunderground/status/1968801092663136696?s=46&t=VLIuBKdOq3MvRk4IpV-_-A

JLR ‘cyber shockwave ripping through UK industry’ as supplier share price plummets by 55% | The Record from Recorded Future News https://therecord.media/jlr-cyber-shockwave-auto-sector

Jaguar Land Rover to extend production pause into October following cyberattack | Cybersecurity Dive https://www.cybersecuritydive.com/news/jaguar-land-rover-extend-production-pause-cyberattack/760883/

New plan would give Congress another 18 months to revisit Section 702 surveillance powers | The Record from Recorded Future News https://therecord.media/fisa-section-702-legislation-sen-tom-cotton-plan

AI-powered vulnerability detection will make things worse, not better, former US cyber official warns | Cybersecurity Dive https://www.cybersecuritydive.com/news/ai-vulnerability-detection-patching-threats-mandiant-summit/760746/