This episode covers critical vulnerabilities in Gogs and Palo Alto's GlobalProtect VPN that are already being actively exploited, plus the takedown of a massive 17 million device botnet in the Netherlands. Adrian also digs into a bizarre new attack where hackers used an AI agent to carry out post-compromise actions autonomously. It's a Monday morning packed with urgent patches and unsettling new tactics.

Stories covered:

- Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code (The Hacker News) - https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html

- Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks (BleepingComputer) - https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/

- Dutch govt disrupts malware botnet with 17 million infected devices (BleepingComputer) - https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/

- Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit (The Hacker News) - https://thehackernews.com/2026/05/attackers-use-llm-agent-for-post.html

- 13 Indy Trail Races With Views and Vibes That Will Blow You Away (Trail Runner Mag) - https://www.trailrunnermag.com/travel/race-guides/best-indy-trail-races-in-the-us/

- Tyler Andrews Sets Oxygen-Assisted Speed Record on Mount Everest (iRunFar) - https://www.irunfar.com/tyler-andrews-mount-everest-speed-record-2026