On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• British retail stalwart Marks & Spencer gets cybered


• South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat


• It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups


• Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then)


• Anti-DOGE whistleblower sure sounds like he has a point

This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems.

Editors Note : Pat also gives Adam (Boileau) stick in the sponsor interview about the Risky Biz webserver not having IPv6 enabled, which fact-checking during the edit says is FAKE NEWS. Just uh, don’t look at how fresh that AAAA record in the DNS is, friends 😉

This episode is also available on Youtube.

Show notes

• British retailer M&S confirms being hit by ‘cyber incident’ amid store delays | The Record from Recorded Future News



• M&S cyber-attack linked to hacking group Scattered Spider | Marks & Spencer | The Guardian



• Bina Puri shares, Warrant B close sharply lower day after hacking



• Bina Puri, Pos Malaysia tumble following hacking incident | FMT



• Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts | The Record from Recorded Future News



• US conducts cyberattacks against major Chinese commercial encryption provider: report - Global Times



• Iran says major cyberattack on infrastructure repelled | Iran International



• Spain rules out cyber attack - but what could have caused power cut?



• South Korea's SK Telecom begins SIM card replacement after data breach



• AirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security



• iOS and Android juice jacking defenses have been trivial to bypass for years - Ars Technica



• How Android 16's new security mode will stop USB-based attacks - Android Authority



• Researchers warn of critical flaw found in Erlang OTP SSH | Cybersecurity Dive



• Critical vulnerability in SAP NetWeaver under threat of active exploitation | Cybersecurity Dive



• CVE-2025-31324: Critical SAP Flaw Explained | Strobes



• Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)



• Risky Bulletin: NFC card malware keeps evolving in Russia, a bad omen for the future - Risky Business Media



• Hegseth had unsecured internet line in Pentagon for Signal, sources say | AP News



• Whistleblower: DOGE Siphoned NLRB Case Data – Krebs on Security



• 2025_0414_Berulis-Disclosure-with-Exhibits.s.pdf



• CISA gets a deputy director as it braces for major layoffs | Cybersecurity Dive



• Two top cyber officials resign from CISA | The Record from Recorded Future News



• Ex-CISA chief Chris Krebs leaving SentinelOne following Trump pressure | Reuters



• Former cyber official targeted by Trump speaks out after cuts to digital defense



• Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries | SentinelOne



• ZachXBT on X: "Nine hours ago a suspicious transfer was made from a potential victim for 3520 BTC ($330.7M)"