Dark mode: ON

Infosec Decoded Season 5 #68: CDC Walkout

With Doug Spindler and sambowne@infosec.exchange

Recorded Fri, Aug 29, 2025

AI

CNIT 430: Introduction to Artificial Intelligence -- Sam Bowne - Spring 2026
Nx Build Tool Hacked with Malware That Checks for Claude or Gemini to Find Wallets and Secrets
Malware in the NX build tool steals credentials and creates GitHub repos.
Targets Claude and Gemini CLIs for advanced data exfiltration. If either AI-powered CLI is present, the malware issues a carefully crafted prompt to conduct fingerprintable filesystem scans.
We Are Still Unable to Secure LLMs from Malicious Inputs
Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. Inside the document, Bargury hid a 300-word malicious prompt that contains instructions for ChatGPT. The prompt is written in white text in a size-one font, something that a human is unlikely to see but a machine will still read.
We tested which AI gave the best answers without making stuff up. One beat ChatGPT.
Google AI Mode is the best.

Politics

Massive CDC walkout erupts amid internal chaos
On Wednesday, Susan Monarez was ousted as CDC director just weeks after being sworn in. Several other officials resigned in protest.
CDC Leader Drops Bombshell RFK Jr. Admission
Robert F. Kennedy Jr. has never actually been briefed by CDC experts before making major public health decisions.
Donald Trump Defends Chinese Student Numbers Amid MAGA Uproar
President Donald Trump has defended his proposal to allow 600,000 Chinese students into the United States, after several MAGA figures spoke out against it.
Bill Maher Is Right. There Is a Slow-Moving Coup | Opinion
It started with getting Americans accustomed to a masked police force snatching people off the streets, talk of crime, and talk of election fraud. If Democrats win control of the House, the Senate or both, he claims that they will never take power.
4chan and Kiwi Farms Sue the UK Over its Age Verification Law
The notorious troll sites filed a lawsuit in U.S. federal court as part of a fight over the UK's Online Safety Act.
Denmark Demands US Answers to New Greenland Allegations
American nationals linked to President Donald Trump are attempting to infiltrate Greenland and run covert influencing operations there.
Flock Wants to Partner With Consumer Dashcam Company That Takes ‘Trillions of Images’ a Month
That dashcam in your car could soon integrate with Flock, the surveillance company providing license plate data to DHS and local police.
DHS moves to bar aid groups from serving undocumented immigrants
Disaster-aid groups said the new contracts would make it harder for nonprofits to help the most vulnerable Americans in the aftermath of a disaster. That could put groups that provide food, housing, mental health support and other assistance in disaster-stricken states in the position of having to verify aid recipients legal status before providing assistance.
Putin on the code: DoD reportedly relies on utility written by Russia-based Yandex dev
A Node.js utility used by thousands of public projects - and more than 30 Department of Defense ones - appears to have a sole maintainer whose online profiles identify him as a Yandex employee living in Russia. The utility in question is fast-glob, which is used to find files and folders that match specific patterns.

Infosec

The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309)
Using a honeypot, they found a race-condition vulnerability, requiring specific POST requests to be sent 1000 or more times each rapidly. This results in the creation of a new administrative user.
This Is the Group That's Been Swatting US Universities
WIRED spoke to a self-proclaimed leader of an online group called Purgatory, which charged as little as $20 to call in fake threats against schools.
Velociraptor incident response tool abused for remote access
The velociraptor agent was used as a LOLbin. This doesn't mean anything's wrong with it, it just shows that it's become popular enough to be noticed by attackers.