In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The KK Park scam compound in Myanmar gets blasted with actual dynamite
• China sentences more scammers TO DEATH
• While Singapore is opting to lash them with the cane
• Chinese security firm KnownSec leaks a bunch of documents
• Necromancy continues on NSO Group, with a Trump associate in charge
• OWASP freshens up the Top 10, you won’t believe what’s number three!

This week’s episode is sponsored by Thinkst Canary. Big bird Haroon Meer joins and, as usual, makes a good point. If you’re going to trust a vendor to do something risky like put a box on your network, they have an obligation to explain how they make that safe. Thinkst has a /security page that does exactly that. So why do we let Palo Alto and Fortinet get away with “trust me, bro”?

Show Notes:

Myanmar Junta Dynamites Scam Hub in PR Move as Global Pressure Grows https://www.irrawaddy.com/news/myanmars-crisis-the-world/myanmar-junta-dynamites-scam-hub-in-pr-move-as-global-pressure-grows.html

China sentences 5 Myanmar scam kingpins to death | The Record from Recorded Future News https://therecord.media/china-sentences-5-myanmar-scam-kingpins-to-death

Law passed for scammers, mules to be caned after victims in Singapore lose almost $4b since 2020 | The Straits Times https://www.straitstimes.com/singapore/politics/law-passed-for-scammers-mules-to-be-caned-after-victims-in-singapore-lose-almost-4b-since-2020

KnownSec breach: What we know so far. - NetAskari https://substack.com/inbox/post/178189244

Risky Bulletin: Another Chinese security firm has its data leaked https://risky.biz/risky-bulletin-another-chinese-security-firm-has-its-data-leaked/

Inside Congress Live https://www.politico.com/live-updates/2025/11/10/congress/cbo-still-under-threat-00644930

The Government Shutdown Is a Ticking Cybersecurity Time Bomb | WIRED https://www.wired.com/story/the-government-shutdown-is-a-ticking-cybersecurity-time-bomb/

Former Trump official named NSO Group executive chairman | The Record from Recorded Future News https://www.theguardian.com/technology/2025/nov/10/apple-whatsapp-spyware-paragon

Short-term renewal of cyber information sharing law appears in bill to end shutdown | The Record from Recorded Future News https://therecord.media/cisa-2015-information-sharing-law-renewal-bill-ending-shutdown

Jaguar Land Rover hack hurt the U.K.’s GDP, Bank of England says https://www.nbcnews.com/tech/security/jaguar-land-rover-hack-hurt-uk-gdp-bank-england-says-rcna243083

Monetary Policy Report - November 2025 | Bank of England https://www.bankofengland.co.uk/monetary-policy-report/2025/november-2025

SonicWall says state-linked actor behind attacks against cloud backup service | Cybersecurity Dive https://www.cybersecuritydive.com/news/sonicwall-state-linked-actor-attacks-cloud-backup/804867/

Japanese media giant Nikkei reports Slack breach exposing employee and partner records | The Record from Recorded Future News https://therecord.media/japan-nikkei-slack-breach

“Intel sues former employee for allegedly stealing confidential data” Post by @campuscodi.risky.biz — Bluesky https://bsky.app/profile/campuscodi.risky.biz/post/3m5eglkakxs26

Introduction - OWASP Top 10:2025 RC1 https://owasp.org/Top10/2025/0x00_2025-Introduction/