🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord!
https://discord.gg/bhis
🔴live-chat

A Live Stream From inside Lazarus Group – 2025-12-08
This BHIS episode blends cybersecurity humor, hacker culture, and livestream chaos as the team jokes about nation-state threats, leaked webcams, OPSEC mishaps, and technical glitches. With unscripted banter and light industry insights, it’s a fun, energetic listen for fans of ethical hacking, infosec podcasts, and behind-the-scenes security chatter.

Chapters

• (00:00) - - PreShow Banter™ — Industry Leaders
• (02:34) - - A Live Stream From inside Lazarus Group – 2025-12-08
• (04:24) - - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
• (08:58) - - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
• (20:37) - - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
• (26:44) - - Story # 4: Apple refuses to pre-install government app on iPhones in India
• (37:42) - - Story # 5: Russia blocks Apple’s FaceTime in mounting push against foreign tech platforms
• (44:55) - - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
• (57:53) - - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI

Brought to you by:

Black Hills Information Security

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

Chapters

• (00:00) - PreShow Banter™ — The Problem With Extensions
• (03:10) - Lawmakers Want to Ban VPNs – BHIS - Talkin' Bout [infosec] News 2025-12-01
• (03:47) - Story # 1: Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
• (12:05) - Story # 2: Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
• (21:18) - Story # 3: Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
• (25:48) - Story # 4: 'Slop Evader' Lets You Surf the Web Like It’s 2022
• (37:07) - Story # 5: China’s Espionage in Europe is Deepening and More Sophisticated than Acknowledged, Expert Says
• (39:10) - Story # 6: Apple Update Warning For All iPhone 17, 16 And 15 Users—Act Now
• (42:38) - Story # 7: Meta is earning a fortune on a deluge of fraudulent ads, documents show
• (50:22) - Story # 8: Meta had a 17-strike policy for sex trafficking, former safety leader claims
• (52:40) - Story # 9: Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Active Countermeasures
https://www.activecountermeasures.com

Wild West Hackin Fest
https://wildwesthackinfest.com

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

Chapters and News Links

• (00:00) - PreShow Banter™ — Stressed about lithium batteries
• (04:59) - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin' Bout [infosec] News 2025-11-24
• (05:57) - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
• (11:18) - Story # 2: CrowdStrike catches insider feeding information to hackers
• (15:50) - Story # 3: NetApp sues former CTO for alleged data breach
• (26:48) - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers
• (36:05) - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now
• (37:11) - Story # 6b: Cloudflare outage on November 18, 2025
• (41:43) - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
• (46:34) - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System
• (51:10) - Story # 9: Microsoft to integrate Sysmon directly into Windows 11, Server 2025
• (56:40) - Story # 10: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist

Brought to you by:

Black Hills Information Security

https://www.blackhillsinfosec.com

Antisyphon Training
https://www.antisyphontraining.com/

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00:00 - PreShow Banter™ — The Way the Community Rumbles

00:08:21 - A.I. Transcription Startup Was Just A Guy Taking Notes - BHIS - Talkin’ Bout [infosec] News 2025-11-17

00:09:01 - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations

00:18:06 - Eric & Whitney’s “Podcast” [webcast] on training your own LLM

00:22:12 - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand

00:26:20 - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

00:37:35 - Story # 4: Google is easing up on Android’s new sideloading restrictions!

00:43:44 - Story # 5: Google is collecting troves of data from downgraded Nest thermostats

00:44:58 - Story # 5b: Hackers are saving Google’s abandoned Nest thermostats with open-source firmware

00:51:34 - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs

01:00:40 - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead

01:05:55 - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign

01:14:58 - Discord CTF Winners

• (00:00) - PreShow Banter™ — The Way the Community Rumbles
• (08:21) - A.I. Transcription Starup Was Just A Guy Taking Notes - BHIS - Talkin' Bout [infosec] News 2025-11-17
• (09:01) - Story # 1: New data shows companies are rehiring former employees as AI falls short of expectations
• (18:05) - Eric & Whitney's "Podcast" [webcast] on training your own LLM
• (22:12) - Story # 2: Founder Admits His “AI Transcription” Startup Was Just Him Joining People’s Meetings and Taking Notes by Hand
• (26:20) - Story # 3: Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies
• (37:34) - Story # 4: Google is easing up on Android's new sideloading restrictions!
• (43:43) - Story # 5: Google is collecting troves of data from downgraded Nest thermostats
• (44:58) - Story # 5b: Hackers are saving Google's abandoned Nest thermostats with open-source firmware
• (51:33) - Story # 6: FFmpeg to Google: Fund Us or Stop Sending Bugs
• (01:00:39) - Story # 7: Teens are Hacking School Systems. Let’s Teach Them to Protect Communities Instead
• (01:05:55) - Story # 8: Disrupting the first reported AI-orchestrated cyber espionage campaign
• (01:14:58) - Discord CTF Winners

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

Chapters

00:00 - PreShow Banter™ — Humans are Done

03:04 - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin’ Bout [infosec] News 2025-11-10

05:11 - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.

15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell

25:14 - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’

29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers

32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities

40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools

56:37 - BHIS Webcast – X-Typhoon - Not your Father’s China with John Strand

• (00:00) - PreShow Banter™ — Humans are Done
• (03:03) - Louvre’s video security password was ‘Louvre’ – BHIS - Talkin' Bout [infosec] News 2025-11-10
• (05:10) - Story # 1: I Tried the Robot That’s Coming to Live With You. It’s Still Part Human.
• (15:14) - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell
• (25:13) - Story # 3: The Louvre’s video security password was reportedly ‘Louvre’
• (29:03) - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers
• (32:58) - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities
• (40:00) - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools
• (56:37) - BHIS Webcast – X-Typhoon - Not your Father's China with John Strand

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com

00:00 - PreShow Banter™ — Musical Views of the Universe

04:05 - – BHIS - Talkin’ Bout [infosec] News 2025-11-03

04:39 - Story # 1: Ransomware profits drop as victims stop paying hackers

06:22 - Chart since 2019

16:06 - Story # 2: More than a million people every week show suicidal intent when chatting with ChatGPT, OpenAI estimates

33:02 - Story # 3: 10M people watched a YouTuber shim a lock; the lock company sued him. Bad idea.

41:18 - Story # 4: ‘Dangerous’ YouTube videos struck down for bypassing Windows 11 account setup [Update: Restored]

47:13 - Story # 5: Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says

51:08 - Story # 6: Microsoft: DNS outage impacts Azure and Microsoft 365 services

54:33 - Story # 7: EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure

55:22 - Stordy # 8: Black Hat Europe 2025 Arsenal: 8 AI Security Tools Transforming Cybersecurity

• (00:00) - PreShow Banter™ — Musical Views of the Universe
• (04:04) - Ransomware Victims Stop Paying Hackers – BHIS - Talkin' Bout [infosec] News 2025-11-03
• (04:38) - Story # 1: Ransomware profits drop as victims stop paying hackers
• (06:22) - Chart since 2019 (thumbnail)
• (16:06) - Story # 2: More than a million people every week show suicidal intent when chatting with ChatGPT, OpenAI estimates
• (33:02) - Story # 3: 10M people watched a YouTuber shim a lock; the lock company sued him. Bad idea.
• (41:18) - Story # 4: ‘Dangerous’ YouTube videos struck down for bypassing Windows 11 account setup [Update: Restored]
• (47:12) - Story # 5: Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says
• (51:07) - Story # 6: Microsoft: DNS outage impacts Azure and Microsoft 365 services
• (54:33) - Story # 7: EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure
• (55:22) - Story # 8: Black Hat Europe 2025 Arsenal: 8 AI Security Tools Transforming Cybersecurity

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

The BHIS crew breaks down the latest cybersecurity stories making waves — from data breaches and malware campaigns to privacy issues, exploit trends, and tech policy shake-ups. Join our panel of security pros for expert analysis, sharp humor, and practical insights you can actually use. Whether it’s social engineering, AI-powered attacks, or bizarre security headlines, we dig into what matters most for defenders and curious minds alike. Stay informed, entertained, and one step ahead in the ever-changing world of infosec.

00:00:00 - PreShow Banter™ — The Cost of War.xyz

00:03:42 - The AI Browser Wars - BHIS - Talkin’ Bout [infosec] News 2025-10-27

00:04:04 - Story # 1: Smart bed owners experience AWS outage nightmare as they’re left sweating and stuck in upright position

00:10:49 - Story # 2: Robots May Replace 600,000 Human Employees at Amazon

00:14:40 - Story # 3: Meet Mico, Microsoft’s AI version of Clippy

00:20:59 - Story # 4: Exploitation of Windows Server Update Services Remote Code Execution Vulnerability

00:26:31 - Story # 5: Ex-L3Harris executive accused of selling trade secrets to Russia

00:31:29 - Story # 6: Introducing ChatGPT Atlas

00:43:34 - Story # 7: ‘Phased Out’—Google Confirms Bad News For 3 Billion Chrome Users

00:52:26 - Story # 8: The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn

01:00:16 - Story # 9: KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed

• (00:00) - PreShow Banter™ — The Cost of War.xyz
• (03:42) - The AI Browser Wars - BHIS - Talkin' Bout [infosec] News 2025-10-27
• (04:04) - Story # 1: Smart bed owners experience AWS outage nightmare as they're left sweating and stuck in upright position
• (10:48) - Story # 2: Robots May Replace 600,000 Human Employees at Amazon
• (14:40) - Story # 3: Meet Mico, Microsoft’s AI version of Clippy
• (20:58) - Story # 4: Exploitation of Windows Server Update Services Remote Code Execution Vulnerability
• (26:30) - Story # 5: Ex-L3Harris executive accused of selling trade secrets to Russia
• (31:28) - Story # 6: Introducing ChatGPT Atlas
• (43:34) - Story # 7: ‘Phased Out’—Google Confirms Bad News For 3 Billion Chrome Users
• (52:25) - Story # 8: The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn
• (01:00:15) - Story # 9: KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed

Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

00:00:00 - PreShow Banter™ — AWS Snow Day Party

00:11:31 - Online Book Store Takes Down Half of the Internet - BHIS - Talkin’ Bout [infosec] News 2025-10-20

00:12:12 - Story # 1: F5 says hackers stole undisclosed BIG-IP flaws, source code

00:35:11 - Story # 2: Newsom signs age verification law, siding with tech giants over Hollywood

00:48:39 - Story # 3: Researchers find a startlingly cheap way to steal your secrets from space

00:55:04 - Story # 4: Jeff Bezos Has a Plan to Curb AI’s Carbon Footprint: Send Data Centers to Space

01:02:22 - Story # 5: SolarWinds Security Chief reflects on the Russian hack that exposed US government agencies

• (00:00) - PreShow Banter™ — AWS Snow Day Party
• (11:30) - Online Book Store Takes Down Half of the Internet - BHIS - Talkin' Bout [infosec] News 2025-10-20
• (12:12) - Story # 1: F5 says hackers stole undisclosed BIG-IP flaws, source code
• (35:10) - Story # 2: Newsom signs age verification law, siding with tech giants over Hollywood
• (48:39) - Story # 3: Researchers find a startlingly cheap way to steal your secrets from space
• (55:03) - Story # 4: Jeff Bezos Has a Plan to Curb AI’s Carbon Footprint: Send Data Centers to Space
• (01:02:21) - Story # 5: SolarWinds Security Chief reflects on the Russian hack that exposed US government agencies