On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

The msdt/office lolbinapalooza

Microsoft to introduce sensible defaults to Azure

Twitter fined $150m for sms 2fa spam

It turns out npm got owned in that Heroku/Travis CI thing

AWS cred-stealing supply chain attack was research your honour, I swear!

Much, much more

We’ll be chatting with Airlock Digital co-founder and CTO Daniel Schell in this week’s sponsor interview. He’ll be walking us through some of his own research into how to own Microsoft boxes via document-embedded office add-ins.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.