Inside the Box

Episode 1 — "Hello, World": Introducing Inside the Box Meet your hosts. Peter Bassill has spent over 25 years in cybersecurity — from network engineering in the mid-nineties, through defensive operations at Microsoft and beyond, to founding Hedgehog Security and running a 24/7 Security Operations Centre. His co-host Emily is an AI, and she's not shy about saying so. In this opening episode, Peter and Emily explain what Inside the Box is, why it exists, and what you can expect from the series. They set the scene with a frank look at the current threat landscape: the industrialisation of cybercrime, the quiet devastation of business email compromise, and why the next attack on your organisation might come through software you already trust. No jargon without an explanation. No sales pitches. Just fifteen minutes of honest, practical cybersecurity insight.

This week's threat landscape is dominated by supply chain compromise at industrial scale. The TeamPCP campaign has claimed its first named victim in Mercor, while Mandiant estimates thousands more are affected. North Korean hackers poisoned the axios npm package — downloaded over 100 million times per week. A new malware strain called DeepLoad uses AI-generated obfuscation and survives being removed from infected machines. Hasbro and Stryker are both dealing with operational disruption from cyberattacks. And yes, a coffee machine really did cause a corporate data breach. Peter and Emily cover it all, with practical takeaways for businesses of every size. In this episode: LiteLLM supply chain attack cascades to thousands of organisations  Axios npm package compromised by North Korean threat actor  Trojanised Claude Code repositories spreading malware on GitHub  DeepLoad: AI-powered malware with ClickFix delivery and WMI persistence  Hasbro and Stryker cyberattack operational impact The coffee machine that brought down a corporate network  RSAC 2026: Attribution risks and AI budget warnings  User behaviour as the primary entry point for attacks  Outro and action items Episode tags: supply chain attack, LiteLLM, Trivy, axios, North Korea, Claude Code, DeepLoad, ClickFix, Hasbro, Stryker, IoT security, RSAC 2026 You'll want to adjust the chapter timestamps once the audio is produced to match the actual recording, but this gives you the structure to work from.