![Talkin' Bout [Infosec] News cover image](https://share.snipd.com/share-image/resize?url=https%3A%2F%2Fimg.transistorcdn.com%2FVnvoAtHIBZfxvnu5jhP2JkZD3MebIpw9lCR6JElsxhU%2Frs%3Afill%3A0%3A0%3A1%2Fw%3A1400%2Fh%3A1400%2Fq%3A60%2Fmb%3A500000%2FaHR0cHM6Ly9pbWct%2FdXBsb2FkLXByb2R1%2FY3Rpb24udHJhbnNp%2Fc3Rvci5mbS81NjMx%2FZWE5ODYxNzUwZTI3%2FZTI4MDgyNjRhNzg0%2FMGQ2YS5qcGc.jpg&width=320&height=320)
A Live Stream From inside Lazarus Group – 2025-12-08
Talkin' Bout [Infosec] News
React2Shell vulnerability explained
Corey and Hayden summarize CVE-2025-55182, its Next.js/React exposure and real-world impact.
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord!
https://discord.gg/bhis
🔴live-chat
A Live Stream From inside Lazarus Group – 2025-12-08
This BHIS episode blends cybersecurity humor, hacker culture, and livestream chaos as the team jokes about nation-state threats, leaked webcams, OPSEC mishaps, and technical glitches. With unscripted banter and light industry insights, it’s a fun, energetic listen for fans of ethical hacking, infosec podcasts, and behind-the-scenes security chatter.
Chapters
00:00 - PreShow Banter™ — Industry Leaders
02:34 - A Live Stream From inside Lazarus Group – 2025-12-08
04:24 - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
08:58 - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
20:37 - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
26:44 - Story # 4: Apple refuses to pre-install government app on iPhones in India
37:42 - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
44:55 - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
57:53 - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
- (00:00) - 00:00 - PreShow Banter™ — Industry Leaders
- (02:34) - A Live Stream From inside Lazarus Group – 2025-12-08
- (04:24) - Story # 1: React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
- (08:57) - Story # 2: A Live Stream from Inside Lazarus Group’s IT Workers Scheme
- (20:37) - Story # 3: Contractors with hacking records accused of wiping 96 govt databases
- (26:44) - Story # 4: Apple refuses to pre-install government app on iPhones in India
- (37:41) - Story # 5: Russia blocks Apple's FaceTime in mounting push against foreign tech platforms
- (44:55) - Story # 6: ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
- (57:52) - Story # 7: Flock Uses Overseas Gig Workers to Build its Surveillance AI
The AI-powered Podcast Player
