On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back!
• The ransomware ecosystem is finding life a bit tough lately
• SAP Netweaver bug being used by Chinese APT crew
• Academics keep just keep finding CPU side-channel attacks
• And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF?

This week’s episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future.

Show Notes:

Exploiting Copilot AI for SharePoint | Pen Test Partners https://www.pentestpartners.com/security-blog/exploiting-copilot-ai-for-sharepoint/

MrBruh’s Epic Blog https://mrbruh.com/asusdriverhub/

Ransomware group Lockbit appears to have been hacked, analysts say | Reuters https://www.reuters.com/technology/ransomware-group-lockbit-appears-have-been-hacked-analysts-say-2025-05-08/

“CONTI LEAK: Video they tried to bury! 6+ Conti members on a private jet. TARGET’s birthday — $10M bounty on his head. Filmed by TARGET himself. Original erased — we kept a copy.” https://x.com/GangExposed/status/1919741718338936980

Mysterious hackers who targeted Marks and Spencer’s computer systems hint at political allegiance as they warn other tech criminals not to attack former Soviet states https://www.dailymail.co.uk/news/article-14699457/hackers-target-Marks-Spencers-political-allegiance.html

The organizational structure of ransomware groups is evolving rapidly. https://www.coveware.com/blog/2025/4/29/the-organizational-structure-of-ransomware-threat-actor-groups-is-evolving-before-our-eyes

SAP NetWeaver exploitation enters second wave of threat activity https://www.cybersecuritydive.com/news/sap-netweaver-exploitation-second-wave/747661/

China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures

DOGE software engineer’s computer infected by info-stealing malware https://arstechnica.com/security/2025/05/doge-software-engineers-computer-infected-by-info-stealing-malware/

Hackers hijack Japanese financial accounts to conduct nearly $2 billion in trades https://therecord.media/hackers-hijack-japan-finance-accounts

FBI and Dutch police seize and shut down botnet of hacked routers https://techcrunch.com/2025/05/09/fbi-and-dutch-police-seize-and-shut-down-botnet-of-hacked-routers/

Poland arrests four in global DDoS-for-hire takedown https://therecord.media/poland-arrests-four-ddos-hire

School districts hit with extortion attempts after PowerSchool breach https://www.nbcnews.com/tech/security/school-districts-hit-extortion-attempts-powerschool-breach-rcna205429

EU launches vulnerability database to tackle cybersecurity threats https://therecord.media/eu-launches-vulnerability-database

Training Solo - vusec https://www.vusec.net/projects/training-solo/

Branch Privilege Injection: Exploiting Branch Predictor Race Conditions – Computer Security Group https://comsec.ethz.ch/research/microarch/branch-privilege-injection/

Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet https://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf

PSIRT | FortiGuard Labs https://fortiguard.fortinet.com/psirt/FG-IR-25-254

EPMM Security Update | Ivanti https://www.ivanti.com/blog/epmm-security-update