GitHub bans vindictive security researcher - 2026-05-26
This episode covers a CISA contractor’s accidental exposure of AWS GovCloud credentials and internal system details on GitHub, the FBI’s efforts to patch vulnerable routers, and a critical NGINX vulnerability with public proof-of-concept code. The team also discusses Microsoft’s handling of a disputed Azure Backup security finding, the challenges of vulnerability disclosure and CVE assignment, and GitHub’s ban of security researcher Nightmare Eclipse following the publication of unpatched Windows vulnerability research.
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
Chapters
Links
Story # 1 - CISA Admin Leaked AWS GovCloud Keys on Github
Story # 2 - PoC Code Published for Critical NGINX Vulnerability
Story # 3 - Anthropic’s restricted Claude Mythos model may be coming to Claude Code
Story # 4 - The FBI just remotely reset thousands of home and small office routers – and your TP-Link could be on the hitlist
Story # 5 - Drupal to Release Emergency Core Security Updates Amid Fears of Rapid Exploitation
Story # 6 - Microsoft rejects critical Azure vulnerability report, no CVE issued
Story # 7 - GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”
Story # 8a - A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
Story # 8b - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Story # 10 - Ubiquiti patches three max severity UniFi OS vulnerabilities
Story # 11 - Pizza Hut’s AI system caused ‘cascading’ problems and $100M in damages, franchisee alleges in new suit
Story # 12 - Data Leak at German Hospital
Story # 13 - Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
Story # 14 - Chicken News
Story # 15 - New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released
Story # 15b - Might someone pass along that Crowdstrike and Nessus are having a moment?
Click here to watch this episode on YouTube.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
Chapters
- (00:00) - PreShow Banter™ — Getting to Chili's
- (05:45) - GitHub bans vindictive security researcher - 2026-05-26
- (07:09) - Story # 1: CISA Admin Leaked AWS GovCloud Keys on Github
- (10:45) - Story # 2 - PoC Code Published for Critical NGINX Vulnerability
- (12:53) - Story # 3 - Anthropic’s restricted Claude Mythos model may be coming to Claude Code
- (16:16) - Story # 4 - The FBI just remotely reset thousands of home and small office routers – and your TP-Link could be on the hitlist
- (22:37) - Story # 5 - Drupal to Release Emergency Core Security Updates Amid Fears of Rapid Exploitation
- (25:52) - Story # 6 - Microsoft rejects critical Azure vulnerability report, no CVE issued
- (28:09) - Story # 7 - GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”
- (30:41) - Story # 8a - A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
- (32:16) - Story # 8b - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
- (35:21) - Story # 10 - Ubiquiti patches three max severity UniFi OS vulnerabilities
- (37:51) - Story # 11 - Pizza Hut's AI system caused 'cascading' problems and $100M in damages, franchisee alleges in new suit
- (43:55) - Story # 12 - Data Leak at German Hospital
- (45:00) - Story # 13 - Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
- (47:50) - Story # 14 - Chicken News
- (50:07) - Story # 15 - New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
- (51:04) - Story # 15b - Might someone pass along that Crowdstrike and Nessus are having a moment?
Links
Story # 1 - CISA Admin Leaked AWS GovCloud Keys on Github
Story # 2 - PoC Code Published for Critical NGINX Vulnerability
Story # 3 - Anthropic’s restricted Claude Mythos model may be coming to Claude Code
Story # 4 - The FBI just remotely reset thousands of home and small office routers – and your TP-Link could be on the hitlist
Story # 5 - Drupal to Release Emergency Core Security Updates Amid Fears of Rapid Exploitation
Story # 6 - Microsoft rejects critical Azure vulnerability report, no CVE issued
Story # 7 - GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”
Story # 8a - A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
Story # 8b - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Story # 10 - Ubiquiti patches three max severity UniFi OS vulnerabilities
Story # 11 - Pizza Hut’s AI system caused ‘cascading’ problems and $100M in damages, franchisee alleges in new suit
Story # 12 - Data Leak at German Hospital
Story # 13 - Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
Story # 14 - Chicken News
Story # 15 - New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released
Story # 15b - Might someone pass along that Crowdstrike and Nessus are having a moment?
Click here to watch this episode on YouTube.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
Brought to you by:
Black Hills Information Security
Antisyphon Training
Active Countermeasures
Wild West Hackin Fest
Episode Video
Creators and Guests
Host
Bronwen Aker
Bronwen Aker is a BHIS Technical Editor who joined full-time in 2022 after years of contract work, bringing decades of web development and technical training experience to her roles in editing pentest reports, enhancing QA/QC processes, and improving public websites, and who enjoys sci-fi/fantasy, Animal Crossing, and dogs outside of work.
Host
Corey Ham
Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.
Host
Hayden Covington
Hayden Covington joined Black Hills Information Security (BHIS) in the Summer of 2022 as a SOC Analyst. He chose BHIS after hearing many great things over the years and seeing the quality of work, as well as finding people who have the same passion for the field as he does. His favorite part of the job so far has been the community. Previously, Hayden worked in a SOC for a Naval contractor, where he also served as their SOAR project manager and SME, as well as insider threat lead. When he’s not working, Hayden can be found doing anything athletic (like triathlons!), as well as enjoying video gaming and Formula 1.
Host
Wade Wells
Wade Wells has been working in cybersecurity for a decade, focusing on detection engineering, threat intelligence, and defensive operations. Wade currently works as a Lead Detection Engineer at 1Password, where he helps build and mature scalable detection programs. Outside of his day-to-day work, Wade is deeply involved in the security community through teaching, mentoring, podcasting, and running local events
Guest
Alethe Denis
Alethe Denis is a Senior Security Consultant II at Bishop Fox specializing in red team social engineering, physical security bypass, and open-source intelligence (OSINT). With extensive experience conducting security assessments for both private and public sector organizations — including critical infrastructure — she brings a rare combination of technical depth and human-focused attack simulation to every engagement. Alethe developed and owns Bishop Fox’s Tabletop Facilitation service line, designing realistic, scenario-driven exercises that help organizations stress-test their incident response capabilities. A recognized leader in the DEF CON community, Alethe serves as Global DEF CON Groups Coordinator and Deputy Lead for DEF CON Groups Singapore, working to grow and support the international security community. She earned a DEF CON Black Badge at DEF CON 27 after winning the 10th annual Social Engineering Capture the Flag (SECTF) contest, compromising a Fortune 500 target using only a telephone. She and her teammates have also earned bronze, silver, Most Valuable OSINT, and Black Badge awards across multiple TraceLabs capture-the-flag competitions, including first place in the August 2020 DEF CON edition of the TraceLabs Missing Persons OSINT CTF. Alethe has appeared on the “Darknet Diaries” podcast and has taken the stage at venues as varied as San Diego Comic-Con and the DEF CON main stage. She regularly supports conferences throughout the year with talks and workshops.