On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• We roll our eyes over the “16 billion credentials” leak hitting mainstream news
• Some interesting cyber angles emerge from the conflict in Iran
• Opensource maintainer of libxml2 is fed up with this hacker crap
• Shockingly, there are yet more ways to trick people into pasting commands into Windows
• Veeam “patches” its backup software RCE like it’s 2002 … by breaking the public PoC

This week’s episode is sponsored by Internet-wide honeypot reconnaissance platform, Greynoise. Founder Andrew Morris joins to talk about their journey spotting Chinese ORB-builders hacking thousands of ASUS routers, and why they’re destined for the woodchipper.

Show notes:

No, the 16 billion credentials leak is not a new data breach https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/

Canadian telecom hacked by suspected China state group https://arstechnica.com/security/2025/06/suspected-china-state-hackers-exploited-patched-flaw-to-breach-canadian-telecom/

Telecom giant Viasat breached by China’s Salt Typhoon hackers https://www.bleepingcomputer.com/news/security/telecom-giant-viasat-breached-by-chinas-salt-typhoon-hackers/

Iran’s jamming GPS in the Strait of Hormuz, messing with ~970 ships, per Windward. https://x.com/wartranslated/status/1936742379567935575?s=46&t=VLIuBKdOq3MvRk4IpV-_-A

Chairman of the Joint Chiefs Gen. Dan Caine says @US_CYBERCOM supported this strike mission https://x.com/dalperovitch/status/1936769659275264355?s=46&t=VLIuBKdOq3MvRk4IpV-_-A

Top Pentagon spy pick rejected by White House https://www.politico.com/news/2025/06/20/richard-angle-nsa-cyber-command-00415619

DHS warns of heightened cyber threat as US enters Iran conflict https://www.cybersecuritydive.com/news/dhs-warns-of-heightened-cyber-threat-as-us-enters-iran-conflict/751314/

Exclusive: Early US intel assessment suggests strikes on Iran did not destroy nuclear sites, sources say https://edition.cnn.com/2025/06/24/politics/intel-assessment-us-strikes-iran-nuclear-sites

U.S. braces for Iran’s response after overnight strikes on nuclear sites https://www.nbcnews.com/world/iran/iran-trump-nuclear-israel-bombing-what-next-rcna214328

Assessing the Damage to Iran’s Nuclear Program https://podcast.silverado.org/e/assessing-the-damage-to-iran-s-nuclear-program/

Iran Hacks Tirana Municipality in Retaliation Over MEK https://www.tiranatimes.com/iran-hacks-tirana-municipality-in-retaliation-over-mek/

Iran’s government says it shut down internet to protect against cyberattacks https://techcrunch.com/2025/06/20/irans-government-says-it-shut-down-internet-to-protect-against-cyberattacks/

Aflac discloses cyber intrusion linked to wider crime spree targeting insurance industry https://www.cybersecuritydive.com/news/aflac-cyber-crime-spree-insurance/751175/

Tonga Ministry of Health hit with cyberattack affecting website, IT systems https://therecord.media/tonga-ministry-of-health-hit-with-cyberattack

Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US https://therecord.media/alleged-ryuk-member-arrest-ukraine-extradited-us

Russia releases REvil members after convictions for payment card fraud https://therecord.media/revil-cybercrime-gang-members-released-russia

OneLogin, Many Issues: How I Pivoted from a Trial Tenant to Compromising Customer Signing Keys https://specterops.io/blog/2025/06/10/onelogin-many-issues-how-i-pivoted-from-a-trial-tenant-to-compromising-customer-signing-keys/

Triaging security issues reported by third parties (#913) · Issue · GNOME/libxml2 https://gitlab.gnome.org/GNOME/libxml2/-/issues/913

README: Set expectations straight https://gitlab.gnome.org/GNOME/libxml2/-/commit/35d04a0848d8648807672e2ac1ba73ff7bbaee3a

What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia

FileFix - A ClickFix Alternative https://mrd0x.com/filefix-clickfix-alternative/

Address bar shows hp.com. Browser displays scammers’ malicious text anyway https://arstechnica.com/security/2025/06/tech-support-scammers-inject-malicious-phone-numbers-into-big-name-websites/

Researchers urge vigilance as Veeam releases patch to address critical flaw https://www.cybersecuritydive.com/news/veeam-patch-critical-flaw-backup/751052/

ASUSpicious Flaw - Millions of Users’ Information Exposed Since 2022 | MrBruh’s Epic Blog https://mrbruh.com/asus_p2/

Perth dad who created ‘evil twin’ Wi-Fi did so to access pictures of women https://www.watoday.com.au/national/western-australia/perth-man-admits-creating-evil-twin-wi-fi-service-to-steal-personal-information-20250620-p5m92m.html

GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers https://www.greynoise.io/blog/stealthy-backdoor-campaign-affecting-asus-routers