Episode 54: May 25, 2026

Episode 54: May 25, 2026

From Signal Check by Adrian North

May 25, 2026 · 7 min · Episode 54

About this episode

Adrian discusses a coordinated supply chain attack and critical vulnerabilities affecting major platforms.

This episode covers a coordinated supply chain attack on PHP's Packagist repository, mass exploitation of a critical Ghost CMS vulnerability turning websites into malware traps, and the ironic exposure of AWS GovCloud credentials by a CISA contractor's public GitHub repo. Adrian breaks down how attackers are poisoning dependencies upstream, automating large-scale injections, and why even the agencies protecting federal networks aren't immune to basic security mistakes.

People in this episode

Host: Adrian North

Topics covered

  • supply chain attack
  • cybersecurity
  • vulnerabilities
  • malware
  • dependency management

Keywords

  • supply chain attack
  • PHP
  • Packagist
  • Ghost CMS
  • AWS GovCloud
  • CISA
  • cybersecurity
  • malware

Mentioned in this episode

Organizations: PHP, Packagist, Ghost CMS, AWS GovCloud, CISA

More episodes of Signal Check

Explore listener stats, chart rankings, contacts and more on the Signal Check podcast page.