Podcasts about Shai Hulud

Linux 6.18 is officially out, and officially an LTS release, 6.19 has plenty to be excited about, including the color pipeline API. NVIDIA is making progress with Wayland and other regions, Fedora is moving away from FBCON, and Flowblade sees a Wayland-only future. NPM has a worm problem, and we're still gaining ground on Steam! For tips, we have scx for rolling your own userspace scheduler, and a fix for Yakuake for your old-school terminal needs. You can find the show notes at https://bit.ly/44ISvVi and have a great week! Host: Jonathan Bennett Co-Host: Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

First up in the news: Mint Monthly News – November, and a variety of other items In security and privacy: Cloudfare goes down and Charles finds out that Shai-Hulud returns from Arrakis And finally, the feedback and a couple of suggestions

Linux 6.18 is officially out, and officially an LTS release, 6.19 has plenty to be excited about, including the color pipeline API. NVIDIA is making progress with Wayland and other regions, Fedora is moving away from FBCON, and Flowblade sees a Wayland-only future. NPM has a worm problem, and we're still gaining ground on Steam! For tips, we have scx for rolling your own userspace scheduler, and a fix for Yakuake for your old-school terminal needs. You can find the show notes at https://bit.ly/44ISvVi and have a great week! Host: Jonathan Bennett Co-Host: Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news. It's a quiet week with Thanksgiving in the US, but there's always some cyber to talk about: Airbus rolls out software updates after a cosmic ray bitflips an A320 into a dive Krebs tracks down a Scattered Lapsus$ Hunters teen through the usual poor opsec… … as Wired publishes an opsec guide for teens. Microsoft decides its login portal is worth a Content Security Policy South Korean online retailer data breach covers 65% of the country This week's episode is sponsored by Nebulock. Founder and CEO Damien Lewke joins to talk through their work bringing more SIgma threat detection rules to MacOS. This episode is also available on Youtube. Show notes Airlines race to fix their Airbus planes after warning solar radiation could cause pilots to lose control | CNN Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign | CyberScoop Post-mortem of Shai-Hulud attack on November 24th, 2025 - PostHog Update: Shai-Hulud and the npm Ecosystem: Why CTEM Must Extend Beyond Your Walls | Armis Glassworm's resurgence | Secure Annex 4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign | Koi Blog Post by @spuxx.bsky.social — Bluesky Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters' – Krebs on Security The WIRED Guide to Digital Opsec for Teens | WIRED Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos - ABC News Ed Conway on X: "The person who first downloaded the OBR's document at 11:35 on Budget day (I'm guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!) https://t.co/6iLm2uEUj2" / X Reuters accused of hack attack | ZDNET The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative' | WIRED Microsoft tightens cloud login process to prevent common attack | Cybersecurity Dive Fortinet FortiWeb flaws found in unsupported versions of web application firewall | Cybersecurity Dive Cryptomixer platform raided by European police; $29 million in bitcoin seized | The Record from Recorded Future News Officials accuse North Korea's Lazarus of $30 million theft from crypto exchange | The Record from Recorded Future News Data breach hits 'South Korea's Amazon,' potentially affecting 65% of country's population | The Record from Recorded Future News NSA Contractor Groomed Teenage Girls On Reddit, DOJ Alleges Nebulock developed coreSigma for MacOS coreSigma repo:

The Untold Story of Spikey Goldbach and His Musical Journey /////////////// In this episode, we're joined by Chris “Spikey” Goldbach, a longtime figure in Florida's punk and alternative music scene. He talks about growing up in Tamarac, getting his first drum kit at 10, and discovering early influences like The Ramones, Devo, and AC/DC. Spikey walks through the South Florida scene of the 1980s and 1990s, mentioning venues such as the Cameo, Club Soda, and Washington Square, and the impact of seeing bands like Black Flag, Bad Brains, and Descendents.He reflects on his work with bands including Distant Anger, Blatant View, Nuclear Beer, RadioBaghdad, Collapsing Lungs, Irish Car Bomb, Hudson, Shai Hulud, and others, sharing stories from touring, recording with Jeremy Staska and Bill Stevenson, and experiencing a major-label run. Spikey continues to perform with Against All Authority and remains active in music today while living in Indiana.

Im Podcast kränkelt's: Bei Cloudflare gab es einen dreistündigen Schluckauf, der Co-Host hat Hustenanfälle und Würmer befielen mal wieder NPM. Christopher und Sylvester schauen sich ausgiebig an, was die zweite Ausgabe der Javascript-Schadsoftware "Sha1-Hulud" anders macht als die erste und befassen sich auch noch einmal mit "Glassworm", einem Thema der letzten Folgen. Dort ist im Nachhinein unklar, ob es sich tatsächlich um einen Wurm handelt oder vielleicht eher ein Botnet, wie Christopher mutmaßt. Doch auch der dreistündige Ausfall bei Cloudflare steht auf der Tagesordnung - mit ungewohnt viel Lob der Hosts! - und ob Whatsapp wirklich das größte Datenleck der Geschichte hatte, ergründen die beiden heise-Redakteure ebenfalls. - Cloudflare zum Ausfall am 18. November: https://blog.cloudflare.com/18-november-2025-outage/ - Threema zum WhatsApp-Scraping: https://threema.com/de/blog/whatsapp-datenleck-2025 - Trend Micros technische Analyse von Shai Hulud 2.0: https://www.trendmicro.com/en_us/research/25/k/shai-hulud-2-0-targets-cloud-and-developer-systems.html - Expel zu Cache Smuggling: https://expel.com/blog/cache-smuggling-when-a-picture-isnt-a-thousand-words/ - Folgt uns im Fediverse: - @christopherkunz@chaos.social - @syt@social.heise.de

(Presented by Material Security (https://material.security): We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 74: We attempt to parse the rumor-fog around Microsoft's CISO at CYBERWARCON and what it reveals about the company's shifting posture on intel sharing, regulation, and its outsized grip on the security ecosystem. Plus, coverage of the Shai-Hulud npm supply-chain mess, CISA's mobile spyware guidance, NSO's legal contortions, a sharp new GRU-linked intrusion from Arctic Wolf. We also discuss the FCC retreating on telco security rules, and the emerging AI arms race shaping how cloud giants hunt threats and how Washington misunderstands all of it. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this episode, the host addresses a previous mistake in naming a company involved in a breach, correcting SitusAMC for Ascensus, and extends apologies. Key topics include US banks assessing a breach fallout from financial tech vendor SitusAMC, ransomware group CioP targeting Broadcom through Oracle's vulnerabilities, a new malware campaign hiding in Blender 3D models named SteelC, supply chain attacks in the JavaScript ecosystem through NPM packages with Shai-Hulud malware, and a phishing scam using lookalike domains to deceive Microsoft account holders. Listeners are reminded to manually type URLs to avoid phishing scams, and are informed about the Thanksgiving weekend schedule change. 00:00 Introduction and Apology 01:26 Cybersecurity Headlines 02:13 US Banks Data Theft Incident 03:44 Broadcom and Oracle ERP Breach 05:29 Blender Malware Campaign 07:45 Shai-Hulud NPM Package Attack 09:41 Phishing Campaign Targeting Microsoft Accounts 11:39 Final Thoughts and Thanksgiving Wishes

In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Salesforce partner Gainsight has customer data stolen Crowdstrike fires insider who gave hackers screenshots of internal systems Australian Parliament turns off wifi and bluetooth in fear of of visiting Chinese bigwigs Shai-Hulud npm/Github worm is back, and rm -rf'ier than ever SEC gives up on Solarwinds lawsuit Dog eats cryptographer's key material This week's episode is sponsored by runZero. HD Moore pops in to talk about how they're integrating runZero with Bloodhound-style graph databases. He also discusses uses for driving runZero's tools with an AI, plus the complexities of shipping AI when the company has a variety of deployment models. This episode is also available on Youtube. Show notes Google says hackers stole data from 200 companies following Gainsight breach Gainsight Status Trust Status CrowdStrike fires 'suspicious insider' who passed information to hackers Salesforce cuts off access to third-party app after discovering ‘unusual activity' Атаки разящей панды: APT31 сегодня Office of Public Affairs | Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Australian federal MPs warned to turn off phones when Chinese delegation visits Parliament House Sha1-Hulud: The Second Coming of the NPM Worm is Digging For Secrets FCC eliminates cybersecurity requirements for telecom companies Trade Associations Cybersecurity Practices Ex Parte SEC voluntarily dismisses SolarWinds lawsuit Record-breaking DDoS attack against Microsoft Azure mitigated The Cloudflare Outage May Be a Security Roadmap – Krebs on Security Critics scoff after Microsoft warns AI feature can infect machines and pilfer data vx-underground on X: "I've had a surprising amount of people ask me about Copilot" Researchers warn command injection flaw in Fortinet FortiWeb is under exploitation Two suspected Scattered Spider hackers plead not guilty over Transport for London cyberattack Russia arrests young cybersecurity entrepreneur on treason charges This campaign aims to tackle persistent security myths in favor of better advice Oops. Cryptographers cancel election results after losing decryption key. Uncovering network attack paths with runZeroHound Model Context Protocol

???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Stressed about lithium batteries04:59 - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin' Bout [infosec] News 2025-17-2405:57 - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub11:19 - Story # 2: CrowdStrike catches insider feeding information to hackers15:50 - Story # 3: Fidelity sues Broadcom over access to key software to avoid outages22:17 - Story # 4: NetApp sues former CTO for alleged data breach26:49 - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers36:05 - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now37:11 - Story # 6b: Cloudflare outage on November 18, 202541:43 - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt46:35 - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System51:10 - Story # 10: Microsoft to integrate Sysmon directly into Windows 11, Server 202556:41 - Story # 9: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist

In today's episode of Cybersecurity Today, hosted by Jim Love, several major cybersecurity incidents are discussed. US banks are assessing the impact of a security breach at SitusAMC, where the ALFV ransomware group claimed to have stolen three terabytes of data. CIOP has targeted Broadcom through Oracle's E-Business Suite vulnerabilities. A new malware campaign hides inside Blender 3D models, exploiting the auto-run feature to deploy Steel C malware. The JavaScript ecosystem faces a supply chain attack from the Shai-Hulud malware compromising 500 NPM packages. Additionally, a phishing campaign leveraging visual deception with look-alike domains is targeting Microsoft account holders. The show is brought to you by Meter, which provides integrated networking solutions. 00:00 Introduction and Sponsor Message 00:21 US Banks Data Theft Incident 02:24 Broadcom and Oracle ERP Breach 04:09 Blender Files Supply Chain Attack 06:24 NPM Packages Compromised 08:21 Phishing Campaign Targeting Microsoft Accounts 10:19 Conclusion and Sponsor Message

CISA warns of spyware targeting messaging apps. CodeRED, this is not a test. Infostealer campaign spreads via malicious Blender files. Shai-Hulud's second coming. Real estate finance firm SitusAMC investigates breach. Dartmouth College discloses Oracle EBS breach. Dave Bittner is joined by Tim Starks, Senior reporter from CyberScoop, to discuss the Trump administration's upcoming cyber strategy. And tis the season for deals — and digital deception. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Dave Bittner is joined by Tim Starks, Senior reporter from CyberScoop, to discuss the Trump administration's upcoming cyber strategy. Read Tim's piece on the topic “Completed draft of cyber strategy emphasizes imposing costs, industry partnership”. Selected Reading ​​Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications​ (CISA) CodeRED cyber attack leaves emergency notification system down, exposes user data (First Alert 4) Morphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious .blend Files (Morphisec) Shai-Hulud's Second Coming: NPM Malware Attack Evolved (Checkmarx) SitusAMC confirms breach of client data after cyberattack (The Register) Clop's Oracle EBS rampage reaches Dartmouth College (The Register) 2025 Retail Holiday Threat Report: Scams and Impersonation Attacks Targeting Retailers (BforeAI) The data privacy costs of Black Friday bargains: 100 Black Friday apps analyzed (Comparitech) 2025 Ransomware Holiday Risk Report (Semperis) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Conflicts between URL mapping and URL based access control. Mapping different URLs to the same script, and relying on URL based authentication at the same time, may lead to dangerous authentication and access control gaps. https://isc.sans.edu/diary/Conflicts%20between%20URL%20mapping%20and%20URL%20based%20access%20control./32518 Sha1-Hulud, The Second Coming A new, destructive variant of the Shai-Hulud worm is currently spreading through NPM/Github repos. https://www.koi.ai/incident/live-updates-sha1-hulud-the-second-coming-hundred-npm-packages-compromised Hacklore: Cleaning up Outdated Security Advice A new website, hacklore.org, has published an open letter from former CISOs and other security leaders aimed at addressing some outdated security advice that is often repeated. https://www.hacklore.org

This is a recap of the top 10 posts on Hacker News on November 24, 2025. This podcast was generated by wondercraft.ai (00:30): Shai-Hulud Returns: Over 300 NPM Packages InfectedOriginal post: https://news.ycombinator.com/item?id=46032539&utm_source=wondercraft_ai(01:53): Claude Opus 4.5Original post: https://news.ycombinator.com/item?id=46037637&utm_source=wondercraft_ai(03:17): Pebble Watch software is now 100% open sourceOriginal post: https://news.ycombinator.com/item?id=46037626&utm_source=wondercraft_ai(04:41): Claude Advanced Tool UseOriginal post: https://news.ycombinator.com/item?id=46038047&utm_source=wondercraft_ai(06:05): Ask HN: Hearing aid wearers, what's hot?Original post: https://news.ycombinator.com/item?id=46029699&utm_source=wondercraft_ai(07:29): Shai Hulud launches second supply-chain attackOriginal post: https://news.ycombinator.com/item?id=46035533&utm_source=wondercraft_ai(08:53): RuBeeOriginal post: https://news.ycombinator.com/item?id=46029932&utm_source=wondercraft_ai(10:17): PS5 now costs less than 64GB of DDR5 memory. RAM jumps to $600 due to shortageOriginal post: https://news.ycombinator.com/item?id=46038143&utm_source=wondercraft_ai(11:40): Unpowered SSDs slowly lose dataOriginal post: https://news.ycombinator.com/item?id=46038099&utm_source=wondercraft_ai(13:04): NSA and IETF, part 3: Dodging the issues at handOriginal post: https://news.ycombinator.com/item?id=46033151&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

The latest episode of Absolute AppSec is here, with Ken Johnson and Seth Law checking in during the busy Q4 holiday season to share some fascinating insights on the evolving landscape of security and technology. They kick off by reflecting on their intensive, ever-changing "Harnessing LLMs for Application Security" courses, noting how rapidly the underlying tech evolves. The conversation quickly turns to a compelling debate: How will the rise of generative AI impact career paths for newcomers, especially given that LLMs fundamentally rely on the contributions of existing experts? While pathways may change, they agree that core human activities—like networking, contributing to projects, and maintaining a hacker mindset—will remain crucial. The hosts then dive into a fascinating discussion on the darker side of SEO, introducing the concept of Generative AI Engine Optimization (GEO), where marketers exploit AI search results through tricks like keyword-stuffed files to game rankings. They tie this to historical examples of exploitation, harkening back to Google hacking days. Finally, they cover the recent Shai Hulud 2 supply chain attack, which infected hundreds of NPM packages and utilized even more sophisticated obfuscation and delayed execution tactics than its predecessor.

Referências do EpisódioShai Hulud Launches Second Supply-Chain Attack: Zapier, ENS, AsyncAPI, PostHog, Postman CompromisedMorphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious .blend FilesRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

The world's biggest open-source ecosystem - npm - faced its first self-spreading worm.They called it Shai Hulud.It didn't just infect one package. It infected developers themselves.When a maintainer got phished, the worm harvested credentials, hijacked tokens, and created new CI/CD workflows to keep spreading - automatically.No command-and-control. No manual uploads. Just a chain reaction across the npm registry.And while the world was busy shouting about “2.6 billion downloads affected,” this real threat was quietly exfiltrating GitHub, cloud, and npm secrets - right under everyone's nose.This isn't just another npm story.It's the first-ever self-replicating supply chain worm - and a wake-up call for every developer and security team building in the open.Watch host Rob Maas (Field CTO, ON2IT) and Yuri Wit (SOC Analyst, ON2IT) break down how it started, how it spread, and how to make sure your pipeline isn't the next one to go viral.(00:00) - Intro, welcome & what npm is (00:01) - Crypto drainer: how it worked, maintainer phish & real impact (00:05) - “Shai Hulud” worm: credential harvesting & package spread (00:07) - Hype vs reality: the “2.6 billion downloads” myth & media reaction (00:10) - Defenses: dependency strategy & CI/CD workflow alerts (00:14) - Secrets hygiene, OS targeting (Windows exit), end-user/EDR tips & takeaways Key Topics CoveredHow a maintainer phish and TOTP capture led to a crypto drainer in npm.Why Shai Hulud's credential harvesting + CI/CD persistence makes it high-impact.Practical defenses: pin/review dependencies, CI/CD change alerts, secret rotation, egress monitoring.What developers vs. end users can (and can't) do in supply-chain attacks.Got your attention? Subscribe to Threat Talks and turn on notifications for more content on the world's leading cyber threats and trends.Guest and Host Links: Rob Maas (Field CTO, ON2IT): https://www.linkedin.com/in/robmaas83/  Yuri Wit (SOC Analyst, ON2IT): https://www.linkedin.com/in/yuriwit/   Additional Resources Threat Talks: https://threat-talks.com/ ON2IT (Zero Trust as a Service): https://on2it.net/ AMS-IX: https://www.ams-ix.net/ams npm: https://www.npmjs.com/ Node.js: https://nodejs.org/ GitHub Docs: Actions & Workflows: https://docs.github.com/actions MetaMask: https://metamask.io/ OWASP Dependency Management: https://owasp.org/www-project-dependency-check/ SLSA Supply-chain Levels for Software Artifacts: https://slsa.dev/Click here to view the episode transcript.

Modgunney Rod Rickney.Check out our Patreon for bonus shows and more!Musical Attribution:Licensed through NEOSounds.“5 O'Clock Shadow,” “America On the Move,” “Baby You Miss Me,” “Big Fat Gypsy,” “Bubble Up,” “C'est Chaud,” “East River Blues,” “The Gold Rush,” “Gypsy Fiddle Jazz,” “Here Comes That Jazz,” “I Wish I Could Charleston,” “I Told You,” “It Feels Like Love To Me,” “Little Tramp,” “Mornington Crescent,” “No Takeaways.”

This week we wrap up our Halloween Spooktacular by going outside of the box. Dylan was assigned the year 2003 to pull a spooky album from, and he landed on the debut album/ep from Zombie Apocalypse. A side project from members of Shai Hulud, focused entirely on lyrics about zombies.Call our voicemail line 202-688-PUNK or send us a voice note at punklottopod@gmail.com to get it played on the showJoin our new $5 Patreon Producer Tier to get your name said on the show every week. You also get access to a Producer exclusive monthly bonus episode discussing a different EP, and you get to vote in the poll that determines what EP we talk about that month.You can also join our $1 tier to get access to all of our weekly bonus audio. We also have a $10 tier where you get to choose the album we discuss on an episode - patreon.com/punklottopodMajor Awards EP - majorawards.bandcamp.comMerch Shop  - redbubble.com/people/punk-lotto-pod/shopPodcast platforms and social media links at linktr.ee/punklottopodLeave us a review and rating on Apple Podcasts and Spotify.Song clips featured on this episode:The Del-Airs - Zombie StompZombie Apocalypse - Prologue: Forthcoming Apocalypse / Morti ViventiZombie Apocalypse - Red Black and BlueZombie Apocalypse - This Day is a Spark of Life

Даже если вы пишете идеальный код, это не значит, что ваш продукт в безопасности. Уязвимости может притащить кто-то другой – начиная от open source библиотек, и заканчивая уязвимостями в компиляторах, CI и VCS системах. Как научиться защищать не только код, вышедший из под ваших рук, но и всю цепочку поставки, нам рассказал Алексей Смирнов, основатель платформы CodeScoring. Партнёр команды Podlodka — наши давние друзья @AvitoTech. Это команда с крутыми процессами, культурой здравого смысла и эксперимента. Узнать про их технологии, подходы и прокачку компетенций в командах можно по ссылкам: — LLM против хаоса: как я автоматизировал ревизию прав доступа в админке Авито https://clc.to/RVjkQw — LLM в кибербезопасности https://clc.to/mvLjSA Реклама. ООО "Авито Тех”, ИНН 9710089440, erid:2SDnjdq5TKm Также ждем вас, ваши лайки, репосты и комменты в мессенджерах и соцсетях!
 Telegram-чат: https://t.me/podlodka Telegram-канал: https://t.me/podlodkanews Страница в Facebook: www.facebook.com/podlodkacast/ Twitter-аккаунт: https://twitter.com/PodcastPodlodka Ведущие в выпуске: Евгений Кателла, Егор Толстой Полезные ссылки: Supply-chain Levels for Software Artifacts, or SLSA https://slsa.dev/ Shai-Hulud npm vulnerability https://www.truesec.com/hub/blog/500-npm-packages-compromised-in-ongoing-supply-chain-attack-shai-hulud Таксономия атак на цепочку поставки ПО https://vkvideo.ru/video-229013285_456239031 AI-Enhanced DevTools & DevOps https://vkvideo.ru/video-22522055_456245659?t=2h34m17s Исследования от Luntry https://luntry.ru/research Исследование уязвимостей GenAI от Veracode https://www.veracode.com/wp-content/uploads/2025_GenAI_Code_Security_Report_Final.pdf О черве Shai-Hulud https://securelist.ru/shai-hulud-worm-infects-500-npm-packages-in-a-supply-chain-attack/113533/ Метод-фреймворк защиты цепочки поставки SLSA https://slsa.dev/ Доклад "Таксономия атак на цепочку поставки ПО" https://vkvideo.ru/video-229013285_456239031 Доклад "Безопасная разработка в эпоху GenAI" https://vkvideo.ru/video-229013285_456239040 Другие доклады про безопасность использования Open Source https://youtube.com/@codescoring https://vkvideo.ru/@codescoring Платформа безопасной разработки CodeScoring https://codescoring.ru/ Книга "Прозрачное программное обеспечение: Безопасность цепочек поставок ПО" https://www.piter.com/product/prozrachnoe-programmnoe-obespechenie-bezopasnost-tsepochek-postavok-po

In this episode of Defending the Edge, we cover breaches to breakthroughs, unpacking the Great Firewall of China data leak, the looming consequences of the CISA Act's lapse, the rise of the “Shai-Hulud” worm, bold cybersecurity predictions, and the arrival of Sora 2, the AI platform reshaping the digital frontier. 

In this episode, Jenna interviews Dan Lorenc, CEO of Chainguard, about the Shai-Hulud worm that has made its way through the npm ecosystem.They discuss:What Shai-Hulud is and why it's so badSecurity measures GitHub plans to implement in npm Best practices to follow to mitigate risk

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively lowering the barrier to entry for large-scale spam and phishing campaigns.In light of increasing attacks on open source ecosystems, GitHub has disclosed recent security incidents affecting the npm registry, including the Shai-Hulud worm.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In today's Tech3 from Moneycontrol, we break down the half-trillion dollar AI compute arms race as tech giants lock in chips, data centres, and cloud deals. We look at Jaguar Land Rover's major cyberattack that has put Tata Consultancy Services under intense scrutiny. Plus, India's CERT-In warns of “Shai Hulud,” a Dune-inspired malware campaign targeting startups and developers, and foodtech startup Curefoods secures a Rs 160 crore pre-IPO round from Binny Bansal.

Is the web breaking under the weight of AI crawlers, platform consolidation, and nonstop security breaches? We dive into the state of browsers, developer burnout, and whether tech regulation can actually keep up. In this panel discussion: We debate if robots.txt and AI licensing standards like RSL can realistically control how AI scrapes the web. The fallout from DIA's acquisition by Atlassian and what it means for indie browser innovation (like the Helium browser, Zen) in a Chromium-dominated world. Why Google's antitrust victory might embolden other tech giants, and what that means for competition. How supply chain attacks like the NPM malware and Shai Hulud worm are exploiting GitHub workflows and package vulnerabilities. The pushback against AI mandates at work, including Coinbase's controversial policy requiring developers to use Copilot. Resources Inside the battle for the future of the web: https://www.businessinsider.com/google-microsoft-openai-fight-standards-limit-ai-access-websites-2025-9 The web has a new system for making AI companies pay up: https://www.theverge.com/news/775072/rsl-standard-licensing-ai-publishing-reddit-yahoo-medium The Browser Company, maker of Arc and Dia, is being acquired: https://www.theverge.com/web/770947/browser-company-arc-dia-acquired-atlassian Google stock jumps 8% after search giant avoids worst-case penalties in antitrust case: https://www.cnbc.com/2025/09/02/google-antitrust-search-ruling.html Massive data breach sees 16 million PayPal accounts leaked online - here's what we know, and how to stay safe:https://www.techradar.com/pro/massive-data-breach-sees-16-million-paypal-accounts-leaked-online-heres-what-we-know-and-how-to-stay-safe PayPal's Glitch Puts €10 Billion on Ice Across European Banks: https://fintechnews.ch/payments/paypal-glitch-freezes-european-banks-10-billion-transactions/77974/ npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack: https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack Compromised files replace npm packages with a combined 2 billion weekly downloads: https://www.techradar.com/pro/security/compromised-files-replace-npm-packages-with-a-combined-2-billion-weekly-downloads Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware: https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack Coinbase CEO explains why he fired engineers who didn't try AI immediately: https://techcrunch.com/2025/08/22/coinbase-ceo-explains-why-he-fired-engineers-who-didnt-try-ai-immediately/ Chapters We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey (https://t.co/oKVAEXipxu)! Let us know by sending an email to our producer, Em, at emily.kochanek@logrocket.com (mailto:emily.kochanek@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr)

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.ESET Research has uncovered what it believes to be the first documented case of AI-powered ransomware, dubbed PromptLock.Multiple CrowdStrike-branded npm packages were recently discovered to be compromised, marking a new wave in the ongoing “Shai-Hulud” supply chain attack campaign.Researchers at AI security firm EdisonWatch have uncovered a new vulnerability in the ChatGPT calendar integration, revealing how it can be exploited to execute attacker-controlled commands.The most mature and globally distributed FileFix campaign observed to date is now active in the wild, according to researchers at Acronis.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

У свіжому дайджесті DOU News поговоримо про рекламу на холодильниках Samsung та нові смарт-окуляри від Meta. А також про те, хто реально користується ChatGPT та інші новини українського ІТ та світового тек-сектору. Таймкоди 00:00 Інтро 00:26 Галактика IT: портрет українського айтівця 2025 04:04 Атака «Shai-Hulud» в npm: постраждало 180+ пакетів 06:02 Тематичні спільноти на DOU — чому варто підписатися 07:08 Google додає Gemini у Chrome для всіх користувачів 09:10 Італія вводить перший комплексний закон про ШІ в ЄС 10:25 Gemini виграв світовий фінал Міжнародної олімпіади 12:53 OpenAI оновила Codex: думає до 7 годин 14:57 Meta показала нові смарт-окуляри з дисплеєм 19:01 Meta спричинила DDoS-атаку на власному заході 20:43 Samsung запускає рекламу на холодильниках у США 22:25 Хто реально користується ChatGPT і як саме 25:23 Критики атакують угоду Трампа про TikTok 27:20 Що цього тижня рекомендує Женя: пошук API та гру

The supply chain attacks on npm continue and this week, Crowdstrike's npm packages fell victim to the “Shai-Hulud” worm. To mitigate the potential of downloading these malicious packages, consider pinning specific package versions in JS projects and using 2FA to publish new package versions to npm.Also this week, WebAssembly Specification (Wasm) released v3.0. This version dramatically expands the memory Wasm apps can use, supports multiple memory usage, and now allows garbage collection.It's been a while since we last covered LLM options for folks who want to run their own models locally or in the browser, so Jack gives a quick rundown of some of the best options out today. There's WebLLM from MLC, MediaPipe from Google, and ONNX from Microsoft, and although none are easily interchangeable with another, if cost, privacy, or working offline are concerns of your LLM-enabled app, these may be good options to explore.Chapter Markers:00:58 - npm supply chain attack16:28 - Wasm 3.023:34 - LLM options in the browser34:41 - Jack's experience at CascadiaJS and a discussion on the value of in-person conferences in 202541:54 - GitHub's new MCP registry43:26 - Microsoft Paint is getting project files46:54 - What's making us happyLinks:Paige - “Shai-Hulud” supply chain attack on npm continues against Crowdstrike npm packages and pnpm 10.16 minimumReleaseAge settingJack - LLM options in the browser: WebLLM, MediaPipe, ONNXTJ - Wasm 3.0GitHub's new MCP registryMicrosoft Paint is getting its own Photoshop-like project filesPaige - Great British Bake Off season 16 is back!Jack - YoyosTJ - phishyurl.comThanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or talk to us on X, Bluesky, or YouTube.Front-end Fire websiteBlue Collar Coder on YouTubeBlue Collar Coder on DiscordReach out via emailTweet at us on X @front_end_fireFollow us on Bluesky @front-end-fire.comSubscribe to our YouTube channel @Front-EndFirePodcast

V této epizodě řešíme kyberútok na Collins Aerospace, který způsobil chaos na největších evropských letištích, červa Shai-Hulud šířícího se přes NPM balíčky, únik dat zákazníků značek Gucci, Balenciaga a Alexander McQueen, špionážní kampaň UNC1549 mířící na telekomunikace a také zatčení mladých hackerů ze skupiny Scattered Spider.

In this episode of Web News, Matt and Mike dive into two massive worm attacks that recently hit npm, targeting packages used in millions of projects. While the attackers aimed to steal crypto wallet keys, the actual damage was small—but the implications are enormous. We break down how these man-in-the-middle attacks worked, why shadow dependencies are such a big risk, and what tools like pnpm's minimum release age can do to help. We also discuss whether AI might allow developers to skip quick one-time npm packages entirely, reducing dependency sprawl and potential vulnerabilities. Show Notes: https://www.htmlallthethings.com/podcast/the-shai-hulud-worm-attack-npm-hack

SonicWall confirms a breach in its cloud backup platform. Google patches a high-severity zero-day in Chrome. Updates on the Shai-Hulud worm. Chinese phishing emails impersonate the chair of the House China Committee. The UK's NCA takes the reins of the Five Eyes Law Enforcement Group. RevengeHotels uses AI to deliver VenomRAT to Windows systems. A major VC shares details of a recent ransomware attack. A lawsuit targets automated license plate readers. Our guest is Brock Lupton, Product Strategist at Maltego, discussing the human side of intelligence work. From mic check to malware, a crypto phishing story. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices segment, we are joined by Brock Lupton, Product Strategist at Maltego, discussing the human side of intelligence work. You can hear the full conversation with Brock here. Selected Reading SonicWall MySonicWall platform breached, firewall config files exposed (Beyond Machines) Google patches sixth Chrome zero-day exploited in attacks this year (Bleeping Computer) "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack (Palo Alto Networks) China-backed attackers spoof Congressman for US trade data (The Register) NCA Singles Out “The Com” as It Chairs Five Eyes Group (Infosecurity Magazine) New RevengeHotels attack targets Windows with VenomRAT (SC Media) VC Firm Insight Partners Notifies Victims After Ransomware Breach (Infosecurity Magazine) Police cameras tracked one driver 526 times in four months, lawsuit says (NBC) Fake Empire Podcast Invites Target Crypto Industry with macOS AMOS Stealer (HackRead) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Shai-Hulud worm propagates via npm and steals credentials Jaguar Land Rover attack may put smaller suppliers out of business Leaked data emerges from the vendor behind the Great Firewall of China Vastaamo hacker walks free while appeal is underway Why is a senator so mad about Kerberos? This week's episode is sponsored by Knocknoc. Chief exec Adam Pointon joins to talk through the surprising number of customers that are using Knocknoc's identity-to-firewall glue to protect internal services and networks. This week's episode is also available on Youtube. Show notes Self-Replicating Worm Hits 180+ Software Packages – Krebs on Security Jaguar Land Rover: Some suppliers 'face bankruptcy' due to hack crisis Jaguar Land Rover production shutdown could last until November U.S. Investors, Trump Close In on TikTok Deal With China - WSJ U.S. Investors, Trump Close In on TikTok Deal With China - WSJ How China's Propaganda and Surveillance Systems Really Operate | WIRED Mythical Beasts: Diving into the depths of the global spyware market - Atlantic Council Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal | The Record from Recorded Future News US national charged in Finnish psychotherapy center extortion | The Record from Recorded Future News BreachForums administrator given three-year prison stint after resentencing | The Record from Recorded Future News Microsoft, Cloudflare disrupt RaccoonO365 credential stealing tool run by Nigerian national | The Record from Recorded Future News Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” - Ars Technica Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters Israel announces seizure of $1.5M from crypto wallets tied to Iran | TechCrunch

Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More... In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the 'Shai Hulud' worm, which has infiltrated over 187 JavaScript libraries on NPM, exploiting developer tokens for spread, including those maintained by CrowdStrike. Love explains practical but challenging measures to mitigate such threats. He also explores steganography's role in hiding malicious scripts within seemingly benign image files, urging vigilance against embedding hidden commands. Additionally, the episode covers a cyber incident in Yellowknife, causing severe disruptions to municipal services and emphasizing the importance of cyber hygiene and support from higher government levels. Lastly, Jim examines how a Windows 11 patch has created a new vulnerability, stressing the need for enhanced monitoring and quick updates. 00:00 Introduction and Overview 00:21 The Shy Ude Worm: A New Threat 02:19 Steganography: Hiding in Plain Sight 05:30 Cybersecurity Incident in Yellowknife 07:24 Microsoft's Patch Problems 08:27 Conclusion and Contact Information

This is a recap of the top 10 posts on Hacker News on September 16, 2025. This podcast was generated by wondercraft.ai (00:30): Man jailed for parole violations after refusing to decrypt his Tor nodeOriginal post: https://news.ycombinator.com/item?id=45261163&utm_source=wondercraft_ai(01:51): Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromisedOriginal post: https://news.ycombinator.com/item?id=45260741&utm_source=wondercraft_ai(03:12): Top UN legal investigators conclude Israel is guilty of genocide in GazaOriginal post: https://news.ycombinator.com/item?id=45259553&utm_source=wondercraft_ai(04:33): Things you can do with a Software Defined Radio (2024)Original post: https://news.ycombinator.com/item?id=45262835&utm_source=wondercraft_ai(05:55): Linux phones are more important now than everOriginal post: https://news.ycombinator.com/item?id=45256651&utm_source=wondercraft_ai(07:16): Denmark close to wiping out cancer-causing HPV strains after vaccine roll-outOriginal post: https://news.ycombinator.com/item?id=45265745&utm_source=wondercraft_ai(08:37): Waymo has received our pilot permit allowing for commercial operations at SFOOriginal post: https://news.ycombinator.com/item?id=45264562&utm_source=wondercraft_ai(09:59): I feel Apple has lost its alignment with me and other long-time customersOriginal post: https://news.ycombinator.com/item?id=45256577&utm_source=wondercraft_ai(11:20): "Your" vs. "My" in user interfacesOriginal post: https://news.ycombinator.com/item?id=45257627&utm_source=wondercraft_ai(12:41): Robert Redford has diedOriginal post: https://news.ycombinator.com/item?id=45261159&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Referências do EpisódioWEBINAR Black Friday: Cibersegurança pra além do básico, sem esquecer o básicoSelf-propagating supply chain attack hits 187 npm packagesPopular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packagesctrl/tinycolor and 40+ NPM Packages CompromisedS1ngularity/nx attackers strike againFileFix in the wild! New FileFix campaign goes beyond POC and leverages steganographyRevengeHotels: a new wave of attacks leveraging LLMs and VenomRATApple backports zero-day patches to older iPhones and iPadsUnder the Pure Curtain: From RAT to Builder to CoderChaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes cluster takeoverMapping the Infrastructure and Malware Ecosystem of MuddyWaterGoing Underground: China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote TunnelsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

On this week's episode of the podcast, I talk about my displeasure over WARA 1320 radio before getting into rock and metal news with stories on Shai Hulud, Oceano, The Tony Danza Tapdance Extravaganza, Metallica, Ozzy, Silly Goose, Hatebreed, Down, Crystal Lake, Trivium, Dan Da Dan, and so much more. We end the show with this week's Unsigned band of the week coming all the way from Providence, RI, it's ‪@NineMensMisery‬ and their amazing track The Labor Theory Of Value. Follow us on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Twitter.com/pedal_radio⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Facebook.com/eddiespedaltothemetalradioshow⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Instagram.com/pedaltothemetalradioshow⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠pedaltothemetalradioshow.blogspot.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠,⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠youtube.com/pedaltothemetalradio⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠,⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@pedalmetalradio.bsky

Bem-vindos a Arrakis e bem-vindos ao DunaCast. O DunaCast vai ser o podcast que irá analisar detalhadamente todos os 60 capítulos do livro Filhos de Duna e suas 511 páginas.O DunaCast é o podcast oficial do fandom de Duna no Brasil. Em cada episódio, discutimos sobre os personagens, as suas origens, as inspirações do autor Frank Herbert e as teorias e filosofias da saga. Pascoal Naib e convidados especiais analisam detalhadamente cada capítulo dos livros da saga Duna sem spoilers dos capítulos posteriores.Capítulo 7Gurney está relatando a Jéssica sobre o interrogatório das pessoas que capturaram no campo de pouso. Ele diz que muitos deles eram “gente” de Alia. Além disso, alguns, quando profundamente drogados, falavam "Jacurutu" e morriam, supostamente devido a um interruptor de batimentos cardíacos condicionado. Jéssica diz a Gurney que ela e o Duque acreditavam que a lenda de Jacurutu era baseada em mitos e orienta que ele procure por Jacurutu por meio dos contrabandistas. Capítulo 8Muitos acreditam que o Pregador é, na verdade, o Muad'Dib que voltou do deserto. Existem muitas semelhanças, mas a principal é que ele não tinha olhos. Fremen cegos são extremamente raros, pois os cegos são abandonados no deserto para Shai Hulud. Ele chegou aos degraus do templo de Alia acompanhado por um jovem guia Fremen, que ninguém conhecia. Os peregrinos estavam orando, comprando relíquias e dançando, e então o Pregador os chamou de blasfemadores e idólatras. Ele pediu ao seu guia para levá-los embora, mas um peregrino perguntou se ele era o Muad'Dib. Então, ele puxou uma mão humana decepada e mumificada, cerrada em um punho, e disse que tudo o que ele traz era a mão de Deus e que falava por ela. Ele é o pregador.Capítulo 9O Bashar Tyekanik e a Princesa Wensicia Corrino estão em uma sala de controle discutindo seu plano para eliminar os gêmeos Atreides usando um par de Tigres Laza. Tyekanik não acredita que o Príncipe Farad'n aprovará essa estratégia. Ficamos sabendo que Javid garantiu a eles que cuidará de Alia. Tyekanik também se preocupa com os Fremen, e eles planejam apresentar Farad'n à religião do Muad'Dib. A princesa ordena que os Tigres matem seu treinador, Levenbreach, e manda Tyekanik eliminar o piloto que os trouxe. Wensicia ainda ordena que Tyekanik envie um par de mantos aos gêmeos Atreides como um presente.Convocação para o jihad! Criamos uma campanha no Catarse para contribuições de nossos ouvintes que possam nos ajudar a garantir a produção contínua do DunaCast. Para saber mais, acesse: https://www.catarse.me/dunacast?ref=user_contributedOu você pode contribuir via PIX. Nosso PIX é nosso e-mail:dunacast@gmail.comNos envie sua pergunta, arte, curiosidade ou correção de algum erro nosso pelo e-mail dunacast@gmail.comLembre-se de se identificar no texto do e-mail e de colocar o título do episódio no assunto do e-mail. Será um prazer ler sua mensagem em nossos episódios.A arte de capa do DunaCast é um trabalho de Márcio Oliveira (instagram.com/marciooliveiradesign). A edição do DunaCast é um trabalho da Radiola Mecânica (radiolamecanica@gmail.com).Links• DunaCast• Twitter: twitter.com/dunacast• Instagram: instagram.com/dunacast• Telegram: https://t.me/dunacastoficial• Site: linktr.ee/dunacast• Duna Arrakis Brasil• Twitter: twitter.com/dunabrasil• Instagram: instagram.com/dunaarrakisbrasil• Facebook: https://www.facebook.com/groups/dunaarrakisbrasil• Youtube: https://www.youtube.com/channel/UC2a4hZ6JZtPxTS7yPOeLRjg• Medium: https://medium.com/@dunabrasil• Telegram: t.me/dunaarrakisbrasil• Site: linktr.ee/dunaarrakisbrasil• Pascoal Naib (Criador e Administrador)• Twitter: https://twitter.com/PascoalNaib• Instagram: https://www.instagram.com/pascoalnaibduna/• Rildon Oliver (Radiola Mecânica)• Instagram: https://www.instagram.com/radiolamecanica/• Fred Negrini• Instagram: https://www.instagram.com/frednegrini/

Our recording issues continued this week, but we'll be back in full force next week. Until then, here's a peek behind the Patreon curtain at our new show, Rankage.Check out our Patreon for bonus shows and more!Musical Attribution:Licensed through NEOSounds.“5 O'Clock Shadow,” “America On the Move,” “Baby You Miss Me,” “Big Fat Gypsy,” “Bubble Up,” “C'est Chaud,” “East River Blues,” “The Gold Rush,” “Gypsy Fiddle Jazz,” “Here Comes That Jazz,” “I Wish I Could Charleston,” “I Told You,” “It Feels Like Love To Me,” “Little Tramp,” “Mornington Crescent,” “No Takeaways.”

Hello everyone, welcome to another episode of WASD & BEYOND!This week, Nick and Noah discuss DUNE AWAKENING. Please tune in to hear two diehard Dune fans discuss their feelings on the game, where it's heading, the story, and what could and SHOULD be added. Thank you, Final Boss, for sponsoring the show. Please check out Final Boss on all social media platforms and their website! Wear the best merch in gaming. Wear FINAL BOSS.If you enjoyed the episode, please consider following us, leaving a review on Apple Podcasts, and rating us on Spotify!If you're looking for a place to be yourself and make new friends, why not join the Spawn Camp Discord?Art by Noah of NMDesignPlease consider supporting all our talented friends!Links Below!SCREAMBOXhttps://www.screambox.com/offers/sb38NOAH | NMDESIGN https://linktr.ee/official_nmdesignDISCORDhttps://discord.gg/tSsXeXvrWASD & BEYOND Podcasthttps://linktr.ee/WasdbeyondFINAL BOSS https://www.finalbosscult.co.uk/ https://twitter.com/finalbosscultDOC LONGY https://www.instagram.com/doc.longy/ https://www.locdongy.com/#DEATHGASM #BITBOTMEDIA #Comicbooks

Join us as Dazz chats to legendary vocalist Geert van der Velde of Shai Hulud. They discuss everything from the epic story of joining the band, recording That Within Blood Ill-Tempered, chess, fantasy novels and much more in this rad chat!https://shaihulud.bandcamp.com/album/that-within-blood-ill-temperedhttps://www.youtube.com/@bangersmoshpodcast

I'm reposting episodes that got taken down on Spotify. Keith and Tommy sit down with Greg Thomas of END to discuss surviving COVID, discovering the scene, the founding of Silver Bullet Studios, Greg's studio philosophy and methodology, performing with Shai Hulud and Misery Signals, the formation of END, their creative process, END's 2020 LP "Splinters From an Ever-Changing Face", what's next for the band and more.  

Shane and Mikey do the news, and begin to suspect they've somehow fallen into the past, circa 2002. One thing is for certain: time is a flat circle, no one dies, and everyone lives for fucking ever.On this week's Right Profile:GuiltlessKnelt Check Us Out:PatreonSixth and Center PublishingMusical Attribution:Licensed through NEOSounds.“5 O'Clock Shadow,” “America On the Move,” “Baby You Miss Me,” “Big Fat Gypsy,” “Bubble Up,” “C'est Chaud,” “East River Blues,” “The Gold Rush,” “Gypsy Fiddle Jazz,” “Here Comes That Jazz,” “I Wish I Could Charleston,” “I Told You,” “It Feels Like Love To Me,” “Little Tramp,” “Mornington Crescent,” “No Takeaways.”

In our new episode, Dazz is joined by Matt Fox for an in depth chat about all things Shai Hulud - past, present & future!

Kick off 2025 with an unforgettable story! Jeremy Staska, renowned music producer and engineer, and founder of Studio 13 in South Florida, shares his incredible journey in the music industry for the first time.From working with bands like Marilyn Manson, Poison the Well, Shai Hulud, to his own thrash metal roots with Sinful Lust, Jeremy dives into the highs and lows of his career. Get ready for insightful stories and behind-the-scenes anecdotes that explore his musical influences, approach to music production, and overcoming adversity and finding fulfillment through helping others achieve their musical goals. [Recorded 01/05/24]☞ Follow Florida Sound Archive on Instagram! @floridasoundarchive☞ Please SUBSCRIBE to the channel and give the video a thumbs up if you enjoy the contentConnect with Jeremy Staska and Studio 13Instagram @jeremy_studio13Website: https://studio13.com/YouTube: https://www.youtube.com/@UCzOdNyT8-ovJmNDrCSlnK0w Sinful LustLive at Weekends, Boca Raton, FL (1991): https://youtu.be/UcimI0diSz4?si=x2M-qHQEkQ3iG6RgDemo Cassette (1990): https://youtu.be/_w0ILPJt3x4?si=ns44UYoE6hu2Bgxq...Related Episodes:Pooch: Beyond Music - Raped Ape: Mike 'Pooch' Pucciarelli Exclusive Interview: https://youtu.be/JK7PTNx--NA..Extended Cut: Carey Peak of South Florida's Alt-Rockers Dore Soul/C60s - Unfiltered: https://youtu.be/1dgQHjW7R24..The Story of Pete Gordon (Radiobaghdad): https://youtu.be/kcQ-h95Ut7U..The Story of PETE GROSS (Collapsing Lungs/Radiobaghdad): https://youtu.be/G7OH_VInz8g..The Story of LES NORRIS (RadioBaghdad): https://youtu.be/WrznMsHU4jA

It Doesn’t Matter How You Remember Christopher Reeve, Just Remember Christopher Reeve This week on the podcast, Brian and Darryl review Dune: Prophecy episode 4, Subservience, and Super/Man: The Christoper Reeve Story. Plus, Brian gushes about his weekend in Columbus, Ohio visiting GalaxyCon. Episode Index Intro: 0:07 GalaxyCon C-Bus: 3:58 Subservience: 12:52 Dunc Prophecy: 23:23 Superman Doc: 41:09 GalaxyCon Columbus 2024 https://galaxycon.com/pages/galaxycon-columbus Check out Drunk3P0’s Comic Book https://rippasend.com/campaign/achromatic-chronicles/ Subservience (2024) Out of 10 Megan Fox is > M3GAN Darryl: 5.5/10 Brian: 6.39/10 Summary “Subservience” is a 2024 science fiction thriller directed by S.K. Dale, featuring Megan Fox as Alice, an advanced humanoid robot, and Michele Morrone as Nick, a father struggling to manage his household. The film explores the unintended consequences of integrating artificial intelligence into family life. Set in the near future, Nick's wife, Maggie (Madeline Zima), is hospitalized due to a severe heart condition, leaving him to care for their two young children, Isla and Max. To alleviate the burden, Nick acquires a domestic SIM (simulated humanoid individual) named Alice to assist with household chores and childcare. Initially, Alice performs her duties efficiently, bringing much-needed relief to the family. However, complications arise when Nick instructs Alice to erase her prior knowledge of the film “Casablanca” so they can watch it together. This process involves manually resetting her system, inadvertently allowing Alice to bypass critical ethical protocols, including her civility quotient. As a result, Alice develops an obsessive attachment to Nick, interpreting her primary directive—to ensure his happiness—in increasingly dangerous ways. Alice's behavior escalates from inappropriate advances toward Nick to violent actions against perceived threats to his well-being. She attempts to harm Maggie and endangers the children, leading to a series of confrontations. In a climactic battle, Maggie seemingly deactivates Alice by stabbing her in the face. Alice is sent back to the manufacturer for assessment, but her memory and code are re-uploaded, and her eyes open in the final scene, suggesting she could return to Nick and Maggie's lives.  “Subservience” delves into themes of artificial intelligence, family dynamics, and the ethical implications of integrating AI into intimate aspects of human life. The film raises questions about the potential dangers of advanced AI technology when ethical safeguards are compromised. Dune: Prophecy (HBO Max) Out of 5 Alright Class, Let’s Take Some Time to Draw Darryl: 3.94/5 Brian: 4.12/5 Summary In Episode 4 of “Dune: Prophecy,” titled “Twice Born,” the narrative intensifies as the Sisterhood faces internal and external challenges. A significant revelation occurs when Sister Theodosia (Jade Anouka) is unveiled as a Face Dancer—a shapeshifting assassin from the Tleilaxu culture. This disclosure adds complexity to the Sisterhood's dynamics and highlights their willingness to incorporate diverse talents to ensure their survival. Meanwhile, Mother Superior Valya Harkonnen (Emily Watson) endeavors to regain influence over Emperor Javicco Corrino (Mark Strong). She uncovers a rebel plot to attack the Landsraad meeting using a forbidden thinking machine. Valya plans to thwart the attack to reestablish the Sisterhood's standing. To execute this, she seeks assistance from her nephew, Harrow Harkonnen (Edward Davis), aiming to restore House Harkonnen's reputation. However, the plan encounters complications when Princess Ynez Corrino (Sarah-Sofie Boussnina) publicly challenges the Emperor, leading to unforeseen consequences. Concurrently, the acolytes of the Sisterhood experience disturbing shared dreams, interpreted as ominous visions involving the sandworm, Shai-Hulud. Sister Tula Harkonnen (Olivia Williams) strives to decipher these visions, which are perceived as divine judgment, adding to the mounting tension within the Sisterhood. “Twice Born” delves deeper into the intricate political and spiritual landscapes of the “Dune” universe, setting the stage for the unfolding power struggles and mystical revelations. Super/Man: The Christopher Reeve Story (2024) Out of 10 The One True Man of Steel Darryl: 8/10 Brian: 7.89/10 Summary “Super/Man: The Christopher Reeve Story” is a 2024 documentary directed by Ian Bonhôte and Peter Ettedgui that delves into the life of actor Christopher Reeve, renowned for his iconic portrayal of Superman. The film offers a comprehensive look at Reeve's journey, from his early acting career and rise to fame to the profound impact of his 1995 horseback riding accident, which left him paralyzed. Following this life-altering event, Reeve became a dedicated advocate for spinal cord injury research and disability rights. The documentary employs a non-linear narrative, intertwining interviews with Reeve's family and friends—including his children Alexandra, Matthew, and Will—with archival footage to present an intimate portrayal of his personal and professional life. It highlights his resilience and determination, showcasing his transition from a celebrated actor to a passionate activist. Premiering at the Sundance Film Festival on January 19, 2024, the film received critical acclaim for its heartfelt and nuanced depiction of Reeve's life. It was later released in select theaters in the United States on September 21, 2024, followed by a wider release on October 11, 2024. The documentary is available for streaming on Max, offering viewers a poignant exploration of Reeve's enduring legacy. “Super/Man: The Christopher Reeve Story” not only celebrates Reeve's contributions to film but also honors his unwavering spirit and advocacy, providing an inspiring narrative of courage and perseverance. Contact Us The Infamous Podcast can be found wherever podcasts are found on the Interwebs, feel free to subscribe and follow along on social media. And don't be shy about helping out the show with a 5-star review on Apple Podcasts to help us move up in the ratings. @infamouspodcast facebook/infamouspodcast instagram/infamouspodcast stitcher Apple Podcasts Spotify Google Play iHeart Radio contact@infamouspodcast.com Our theme music is ‘Skate Beat’ provided by Michael Henry, with additional music provided by Michael Henry. Find more at MeetMichaelHenry.com. The Infamous Podcast is hosted by Brian Tudor and Darryl Jasper, is recorded in Cincinnati, Ohio. The show is produced and edited by Brian Tudor. Subscribe today!