On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The Salesloft breach and why OAuth soup is a problem
• The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed
• Google says it will stand up a “disruption unit”
• Microsoft writes up a ransomware gang that’s all-in on the cloud future
• Aussie firm hot-mics its work-from-home employees’ laptops
• Youtube scam baiters help the feds take down a fraud ring

This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!

Show notes:

The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/

Salesloft: The Leading AI Revenue Orchestration Platform https://www.salesloft.com/

Palo Alto Networks, Zscaler customers impacted by supply chain attacks | Cybersecurity Dive https://www.cybersecuritydive.com/news/palo-alto-networks-zscaler-supply-chain-attacks/758990/

The impact of the Salesloft Drift breach on Cloudflare and our customers https://blog.cloudflare.com/response-to-salesloft-drift-incident/

China used three private companies to hack global telecoms, U.S. says https://www.nbcnews.com/tech/security/china-used-three-private-companies-hack-global-telecoms-us-says-rcna227543

CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF https://media.defense.gov/2025/Aug/22/2003786665/-1/-1/0/CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF

Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense | CyberScoop https://cyberscoop.com/google-cybersecurity-disruption-unit-active-defense-hack-back/

Ransomware gang takedowns causing explosion of new, smaller groups | The Record from Recorded Future News https://therecord.media/ransomware-gang-takedown-proliferation

Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier | The Record from Recorded Future News https://therecord.media/sweden-municipalities-ransomware-software

Storm-0501’s evolving techniques lead to cloud-based ransomware | Microsoft Security Blog https://www.microsoft.com/en-us/security/blog/2025/08/27/storm-0501s-evolving-techniques-lead-to-cloud-based-ransomware/

The Era of AI-Generated Ransomware Has Arrived | WIRED https://www.wired.com/story/the-era-of-ai-generated-ransomware-has-arrived/

Between Two Nerds: How threat actors are using AI to run wild - YouTube https://www.youtube.com/watch?v=AjQVn1bGBQw

Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security https://krebsonsecurity.com/2025/08/affiliates-flock-to-soulless-scam-gambling-machine/

UK sought broad access to Apple customers’ data, court filing suggests https://www.ft.com/content/fe2c9ae1-d175-4eb9-909e-0b171f6d097c

ICE reactivates contract with spyware maker Paragon | TechCrunch https://techcrunch.com/2025/09/02/ice-reactivates-contract-with-spyware-maker-paragon/

WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware | TechCrunch https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/

Safetrac turned staff laptops into covert recording devices to monitor WFH https://www.afr.com/work-and-careers/workplace/company-turned-laptops-into-covert-recording-devices-to-monitor-wfh-20250822-p5mp0z

Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring - Risky Business Media https://risky.biz/risky-bulletin-youtubers-unmask-and-help-dismantle-giant-chinese-scam-ring/