Risky Business #837 -- GitHub Actions footgun claims TanStack

Risky Business #837 -- GitHub Actions footgun claims TanStack

From Risky Business by Risky Business Media

May 13, 2026 · 1h 5m

About this episode

The episode discusses recent cybersecurity news including GitHub Actions vulnerabilities and data extortion incidents.

On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Mini Shai-Hulud and the TanStack compromise using Github Actions Instructure pays Canvas elearning platform data extortionists More Linux privilege escalation 0days! CISA helping critical infrastructure operators rearchitect their networks so they work offline This week’s episode is sponsored by email security platform Sublime Security. Bobby Filar chats with Patrick about how agentic AI is being evaluated by buyers in a marketplace that’s experiencing “AI fatigue”. This episode is also available on Youtube.

People in this episode

Hosts: Patrick Gray, Adam Boileau, James Wilson

Guest: Bobby Filar

Topics covered

  • cybersecurity news
  • GitHub Actions
  • data extortion
  • Linux privilege escalation
  • critical infrastructure
  • AI evaluation

Keywords

  • cybersecurity
  • GitHub Actions
  • TanStack
  • data extortion
  • Linux
  • CISA
  • AI fatigue

Sponsors

Sublime Security

Mentioned in this episode

Organizations: TanStack, Instructure, Canvas, CISA

More episodes of Risky Business

Explore listener stats, chart rankings, contacts and more on the Risky Business podcast page.