Artemis Astronaut's Bad Outlooks - 2026-04-06

This episode covers several major cybersecurity and tech news stories, including a sophisticated NPM supply chain attack that compromised the widely used Axios library through advanced social engineering, and the broader implications for software security. The hosts also discuss the accidental leak of Anthropic’s Claude codebase, what it reveals about AI development practices, and the risks of misconfigurations exposing sensitive systems. Additional conversation touches on AI reliability, “vibe-coded” software, and the growing role of AI in both development and attack techniques. Join us LIVE on Mondays, 4:30pm EST. A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team. https://www.youtube.com/@BlackHillsInformationSecurity Chat with us on Discord! - https://discord.gg/bhis 🔴live-chat Chapters (00:00) - PreShow Banter™ — Professional Sitters (04:36) - Artemis Astronaut's Bad Outlooks - 2026-04-06 (07:12) - The Absolute Truths of Cybersecurity with Doc Blackburn (08:52) - Professionally Evil API Testing: AAA and Keys are Not Just for Cars (09:35) - Story # 1: Post Mortem: axios npm supply chain compromise (19:54) - Story # 2: Artemis II astronaut: 'I have two Microsoft Outlooks, and neither one of those are working' (26:02) - Story # 3: Microsoft Copilot Terms of Service Label Copilot is for Entertainment Purposes Only (30:13) - Story # 4: Here’s what that Claude Code source leak reveals about Anthropic’s plans (35:03) - Story # 4b: https://neuromatch.social/@jonny/116325123136895805 (37:57) - Story # 5: Meta freezes AI data work after breach puts training secrets at risk (41:40) - Story # 6: Possible US Government iPhone Hacking Tool Leaked (44:32) - Story # 7: FBI labels data breach ‘major incident,’ notifies Congress (46:58) - Story # 8: vSphere and BRICKSTORM Malware: A Defender's Guide (52:12) - Story # 9: CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards (01:04:26) - ChickenSec: Why did the chicken wear a reflective vest? To cross the road of course LinksThe Absolute Truths of Cybersecurity with Doc Blackburn Professionally Evil API Testing: AAA and Keys are Not Just for Cars Story # 1: Post Mortem: axios npm supply chain compromise Story # 2: Artemis II astronaut: ‘I have two Microsoft Outlooks, and neither one of those are working’ Story # 3: Microsoft Copilot Terms of Service Label Copilot is for Entertainment Purposes Only Story # 4: Here’s what that Claude Code source leak reveals about Anthropic’s plans Story # 4b: https://neuromatch.social/@jonny/116325123136895805 Story # 5: Meta freezes AI data work after breach puts training secrets at risk Story # 6: Possible US Government iPhone Hacking Tool Leaked Story # 7: FBI labels data breach ‘major incident,’ notifies Congress Story # 8: vSphere and BRICKSTORM Malware: A Defender’s Guide Story # 9: CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards ChickenSec: Why did the chicken wear a reflective vest? To cross the road of course Creators & Guests Jennifer Shannon - Guest Wade Wells - Host Corey Ham - Host Ralph May - Host Ryan Poirier - Producer Bronwen Aker - Host Doc Blackburn - Guest Click here to watch this episode on YouTube. Click here to view the episode transcript. 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits  https://poweredbybhis.com Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com