Adversarial Podcast Ep. 20 – corporate espionage among SaaS companies, DC's Signal snafu, where is the cyber market going?
⬇️ See below for timestamps/summaries/references for each topic00:00 Highlight/theme00:28 Intro02:15 Unicorn startup allegedly cultivated spy to steal trade secrets from competitor18:19 Google Strikes $32 Billion Deal for Cybersecurity Startup Wiz33:35 Trump Administration accidentally sends war plans to reporter via Signal47:20 GitHub action supply chain attack53:55 Oracle under fire for its handling of security incidentsRippling Alleges Deel Cultivated Spy, Orchestrated Trade-Secret Theft Against CompetitorRippling has filed a lawsuit alleging that $12 billion HR-tech company Deel orchestrated a months-long corporate espionage campaign involving a planted spy within Rippling.Reference: https://www.rippling.com/blog/lawsuit-alleges-12-billion-unicorn-deel-cultivated-spy-orchestrated-long-running-trade-secret-theft-corporate-espionage-against-competitorGoogle Strikes $32 Billion Deal for Cybersecurity Startup WizGoogle has agreed to acquire cybersecurity startup Wiz for $32 billion in cash, marking its largest acquisition ever and the biggest tech deal of 2025 so far. Reference: https://www.wsj.com/business/deals/alphabet-back-in-deal-talks-for-cybersecurity-startup-wiz-41cd3090?st=uQ8bmN&reflink=article_copyURL_shareThe Trump Administration Accidentally Texted Me Its War PlansIn the article, journalist Jeffrey Goldberg reveals that he was accidentally included in a Signal group chat by senior members of the Trump administration—specifically Pete Hegseth, the Secretary of Defense—who shared detailed plans for a military strike on Houthi targets in Yemen. Reference: https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/Supply Chain Attack on GitHub ActionWiz discovered a supply chain attack on the GitHub Action reviewdog/action-setup@v1, likely leading to the compromise of tj-actions/changed-files, resulting in widespread CI secret leakage and highlighting the risks of unpinned actions.Reference: https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setupOracle hackedOracle has informed clients of a second recent cybersecurity breach in which a hacker accessed an old system and stole customer log-in credentials, some of which date back to 2024, according to Bloomberg News. Latest: https://www.reuters.com/technology/cybersecurity/oracle-tells-clients-second-recent-hack-log-in-data-stolen-bloomberg-news-2025-04-02/