On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Shai-Hulud worm propagates via npm and steals credentials
• Jaguar Land Rover attack may put smaller suppliers out of business
• Leaked data emerges from the vendor behind the Great Firewall of China
• Vastaamo hacker walks free while appeal is underway
• Why is a senator so mad about Kerberos?

This week’s episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc’s identity-to-firewall glue to protect internal services and networks.

Show Notes:

Self-Replicating Worm Hits 180+ Software Packages – Krebs on Security https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/

Jaguar Land Rover: Some suppliers ‘face bankruptcy’ due to hack crisis https://www.bbc.com/news/articles/czdjn0lv64ro

Jaguar Land Rover production shutdown could last until November https://www.telegraph.co.uk/business/2025/09/15/jaguar-land-rover-production-shutdown-november/

U.S. Investors, Trump Close In on TikTok Deal With China - WSJ https://www.wsj.com/tech/details-emerge-on-u-s-china-tiktok-deal-594e009f

U.S. Investors, Trump Close In on TikTok Deal With China - WSJ https://www.wsj.com/tech/details-emerge-on-u-s-china-tiktok-deal-594e009f

How China’s Propaganda and Surveillance Systems Really Operate | WIRED https://www.wired.com/story/made-in-china-how-chinas-surveillance-industry-actually-works/

Mythical Beasts: Diving into the depths of the global spyware market - Atlantic Council https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/mythical-beasts-diving-into-the-depths-of-the-global-spyware-market/

Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal | The Record from Recorded Future News https://therecord.media/finland-vastaamo-hacker-free-during-appeal-conviction

US national charged in Finnish psychotherapy center extortion | The Record from Recorded Future News https://therecord.media/finland-vastaamo-hack-us-national-charged

BreachForums administrator given three-year prison stint after resentencing | The Record from Recorded Future News https://therecord.media/conor-fitzpatrick-pompompurin-three-year-sentence-breachforums-administrator

Microsoft, Cloudflare disrupt RaccoonO365 credential stealing tool run by Nigerian national | The Record from Recorded Future News https://therecord.media/microsoft-cloudflare-disrupt-raccoono365-credential-stealing-tool

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” - Ars Technica https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/

Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters https://www.reuters.com/legal/government/us-warns-hidden-radios-may-be-embedded-solar-powered-highway-infrastructure-2025-09-10/

Israel announces seizure of $1.5M from crypto wallets tied to Iran | TechCrunch https://techcrunch.com/2025/ 09/15/israel-announces-seizure-of-1-5-million-from-crypto-wallets-tied-to-iran/