EP 270. 

In this week’s update:Security researchers uncover over 10,000 publicly available Docker Hub images exposing sensitive credentials and API keys, posing severe risks to production systems and AI services.
A former Chinese official now seeking asylum in the United States reveals ongoing transnational harassment by Beijing, leveraging advanced surveillance tools-including those developed by American companies.
European law enforcement dismantles sophisticated "violence-as-a-service" networks in a major operation, arresting 193 suspects accused of recruiting teenagers for real-world attacks and intimidation.
Google announces the upcoming shutdown of its dark web monitoring service, citing user feedback that breach alerts lacked actionable guidance for meaningful protection.
A critical vulnerability in the popular React JavaScript library enables attackers to inject wallet-draining malware into legitimate cryptocurrency platforms, marking the second major supply-chain exploit in recent months.
Hundreds of Porsche vehicles across Russia suddenly become inoperable due to a widespread failure in satellite-dependent anti-theft systems, leaving owners stranded amid ongoing connectivity issues.
Pro-Russian threat actors launch a Telegram-based ransomware-as-a-service platform, only to undermine their own operation by carelessly hardcoding master decryption keys in plaintext.
Over 230 environmental organizations urge Congress to impose a nationwide pause on new data center construction, highlighting the facilities' escalating strain on electricity, water resources, and climate goals driven by AI expansion.
Let’s go have a look, but honey don’t forget the keys!

Find the full transcript to the podcast here.