
About this episode
Adrian discusses a coordinated supply chain attack and critical vulnerabilities affecting major platforms.
This episode covers a coordinated supply chain attack on PHP's Packagist repository, mass exploitation of a critical Ghost CMS vulnerability turning websites into malware traps, and the ironic exposure of AWS GovCloud credentials by a CISA contractor's public GitHub repo. Adrian breaks down how attackers are poisoning dependencies upstream, automating large-scale injections, and why even the agencies protecting federal networks aren't immune to basic security mistakes.
People in this episode
Host: Adrian North
Topics covered
- supply chain attack
- cybersecurity
- vulnerabilities
- malware
- dependency management
Keywords
- supply chain attack
- PHP
- Packagist
- Ghost CMS
- AWS GovCloud
- CISA
- cybersecurity
- malware
Mentioned in this episode
Organizations: PHP, Packagist, Ghost CMS, AWS GovCloud, CISA
More episodes of Signal Check
- Episode 72: June 12, 2026 · June 12, 2026 · 6 min
- Episode 71: June 11, 2026 · June 11, 2026 · 6 min
- Episode 70: June 10, 2026 · June 10, 2026 · 5 min
- Episode 69: June 09, 2026 · June 9, 2026 · 7 min
- Episode 68: June 08, 2026 · June 8, 2026 · 7 min
- Episode 67: June 07, 2026 · June 7, 2026 · 6 min
Explore listener stats, chart rankings, contacts and more on the Signal Check podcast page.