Ransomware doesn’t just freeze computers - it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai Hulud” has wriggled its way through more than 180 npm packages, quietly stealing secrets.
But it’s not all doom and gloom - unless you count your kitchen appliances turning into ad billboards.
All this and more is discussed in episode 436 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and his special guest Zoë Rose.
EPISODE LINKS:
- EU cyber agency says airport software held to ransom by criminals - BBC News.
- Teenagers charged over cyber attack on TfL costing millions of pounds - Sky News.
- Teen arrested on suspicion of Vegas Strip attack that cost $100M - SF Gate.
- Paris: cyber-attack hits Natural History Museum, cancels exhibition - Sortira Paris.
- Cybersécurité : le Grand Palais et plusieurs musées dont le Louvre victimes d’une attaque par rançongiciel - Le Parisien.
- "Des pièces de collection nationale": le directeur du Muséum d'histoire naturelle de Paris indique que les pépites d'or volées ont "une valeur inestimable" - BFMTV.
- Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit - Security Week.
- Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware - Wiz.
- 180+ NPM Packages Hit in Major Supply Chain Attack - Ox.
- Samsung confirms ads will now be shown on its $1,800+ fridges - UniLad.
- Bosch Cordless Multifunction Tool - Bosch.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORED BY:
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
CrimeLess: Hillbilly Heist
It’s 1996 in rural North Carolina, and an oddball crew makes history when they pull off America’s third largest cash heist. But it’s all downhill from there. Join host Johnny Knoxville as he unspools a wild and woolly tale about a group of regular ‘ol folks who risked it all for a chance at a better life. CrimeLess: Hillbilly Heist answers the question: what would you do with 17.3 million dollars? The answer includes diamond rings, mansions, velvet Elvis paintings, plus a run for the border, murder-for-hire-plots, and FBI busts.