Sign up to save your podcasts
Or
Share GitHub bans vindictive security researcher - 2026-05-26
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
![Talkin' Bout [Infosec] News](https://podcast-api-images.s3.amazonaws.com/corona/show/516141/logo_300x300.jpeg){kind=logo}
GitHub bans vindictive security researcher - 2026-05-26
This episode covers a CISA contractor’s accidental exposure of AWS GovCloud credentials and internal system details on GitHub, the FBI’s efforts to patch vulnerable routers, and a critical NGINX vulnerability with public proof-of-concept code. The team also discusses Microsoft’s handling of a disputed Azure Backup security finding, the challenges of vulnerability disclosure and CVE assignment, and GitHub’s ban of security researcher Nightmare Eclipse following the publication of unpatched Windows vulnerability research.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
Chapters
- (00:00) - PreShow Banter™ — Getting to Chili's
Links
Story # 1 - CISA Admin Leaked AWS GovCloud Keys on Github
Story # 2 - PoC Code Published for Critical NGINX Vulnerability
Story # 3 - Anthropic’s restricted Claude Mythos model may be coming to Claude Code
Story # 4 - The FBI just remotely reset thousands of home and small office routers – and your TP-Link could be on the hitlist
Story # 5 - Drupal to Release Emergency Core Security Updates Amid Fears of Rapid Exploitation
Story # 6 - Microsoft rejects critical Azure vulnerability report, no CVE issued
Story # 7 - GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”
Story # 8a - A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
Story # 8b - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Story # 10 - Ubiquiti patches three max severity UniFi OS vulnerabilities
Story # 11 - Pizza Hut’s AI system caused ‘cascading’ problems and $100M in damages, franchisee alleges in new suit
Story # 12 - Data Leak at German Hospital
Story # 13 - Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
Story # 14 - Chicken News
Story # 15 - New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released
Story # 15b - Might someone pass along that Crowdstrike and Nessus are having a moment?
Creators & Guests
Click here to watch this episode on YouTube.
Click here to view the episode transcript.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
View all episodes
By Black Hills Information Security
4.8
9292 ratings
This episode covers a CISA contractor’s accidental exposure of AWS GovCloud credentials and internal system details on GitHub, the FBI’s efforts to patch vulnerable routers, and a critical NGINX vulnerability with public proof-of-concept code. The team also discusses Microsoft’s handling of a disputed Azure Backup security finding, the challenges of vulnerability disclosure and CVE assignment, and GitHub’s ban of security researcher Nightmare Eclipse following the publication of unpatched Windows vulnerability research.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
Chapters
- (00:00) - PreShow Banter™ — Getting to Chili's
Links
Story # 1 - CISA Admin Leaked AWS GovCloud Keys on Github
Story # 2 - PoC Code Published for Critical NGINX Vulnerability
Story # 3 - Anthropic’s restricted Claude Mythos model may be coming to Claude Code
Story # 4 - The FBI just remotely reset thousands of home and small office routers – and your TP-Link could be on the hitlist
Story # 5 - Drupal to Release Emergency Core Security Updates Amid Fears of Rapid Exploitation
Story # 6 - Microsoft rejects critical Azure vulnerability report, no CVE issued
Story # 7 - GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”
Story # 8a - A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
Story # 8b - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Story # 10 - Ubiquiti patches three max severity UniFi OS vulnerabilities
Story # 11 - Pizza Hut’s AI system caused ‘cascading’ problems and $100M in damages, franchisee alleges in new suit
Story # 12 - Data Leak at German Hospital
Story # 13 - Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
Story # 14 - Chicken News
Story # 15 - New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released
Story # 15b - Might someone pass along that Crowdstrike and Nessus are having a moment?
Creators & Guests
Click here to watch this episode on YouTube.
Click here to view the episode transcript.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
More shows like Talkin' Bout [Infosec] News
View all
Hacked
187 Listeners
This Week in Tech (Audio)
3,063 Listeners
Security Now (Audio)
2,010 Listeners
Risky Business
376 Listeners
Talk Python To Me
583 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,028 Listeners
Smashing Security
316 Listeners
Click Here
422 Listeners
Darknet Diaries
8,058 Listeners
The Jordan Harbinger Show
11,988 Listeners
Cybersecurity Today
179 Listeners
Hacking Humans
313 Listeners
Cybersecurity Headlines
136 Listeners
The 404 Media Podcast
398 Listeners