Risky Bulletin: UK to Bail Out Jaguar Land Rover

Podcast: Risky Bulletin
Host: Risky.biz, read by Claire Airdrop
Date: September 29, 2025

Episode Overview

This episode delivers a rapid-fire roundup of major cybersecurity events from late September 2025. Headlining the news: the UK government steps in to rescue Jaguar Land Rover after a crippling ransomware attack halts its production lines. The episode also touches on government initiatives in digital identification, ransomware targeting nurseries, hacking incidents involving US law enforcement software, cyber-espionage arrests in the Netherlands, vulnerabilities in popular file transfer software, misuse of humanoid robots, and more.

Key Discussion Points and Insights

1. UK Government Bailout of Jaguar Land Rover

[00:04] The UK government will underwrite a £1.5 billion loan guarantee for Jaguar Land Rover, aimed at supporting the company’s recovery after a significant ransomware attack.
- The attack brought production to a halt in August 2025, with disruptions expected to last into October.
- Notably, Jaguar Land Rover did not have cyber insurance at the time of attack.
"The company's production lines halted in August when it was hit by ransomware. The shutdown is expected to continue into October. According to recent reports, the company did not have cyber insurance."
— Claire Airdrop [00:19]

2. UK Introducing Digital ID System

[00:36] The UK is launching a digital ID stored on mobile phones for all citizens and legal residents.
- The system will be mandatory for employment to verify eligibility to work.

3. Ransomware Attack on London Nursery Chains

[00:46] Hackers, going by "Radiant," stole data of over 8,000 children from a London nursery operator, Keto International.
- Attackers released photos and contact details of 10 children on the dark web, demanding ransom or threatening to publish more.
- Keto operates nurseries in the UK, US, India, and China.

4. Breach of US Law Enforcement Monitoring Software

[01:10] Remotecom, a US Texas-based company providing monitoring software to law enforcement, was breached.
- Data about police officers, parolees, and software details was leaked by a hacker named "Wicked."
- Software is used in 49 US states to track internet, PC, and smartphone usage of paroled individuals.

5. Court-Approved Hack of Telegram Account

[01:36] US authorities were granted court permission to hack Telegram servers targeting an account linked to child exploitation.
- This is notable as Telegram typically ignores law enforcement requests for user data.
"A U.S. attorney's office was given permission from the court to hack Telegram servers... officials obtained permission through the court due to Telegram's general refusal to respond to law enforcement requests."
— Claire Airdrop [01:40]

6. Moscow IT Firm Leaks on Russian Payment Laundering

[02:00] Leaked internal documents reveal the Kremlin used the A7 A5 crypto token to launder money via Russian payment company A7.
- Used for bypassing sanctions, paying bribes, interfering in elections.
- Linked to oligarch Ilan Shaw, accused of major corruption and financing pro-Kremlin parties.

7. Dutch Teens Arrested for Spying with WiFi Sniffers

[02:38] Two Dutch 17-year-olds arrested for allegedly spying for Russia.
- Recruited via Telegram and paid to walk past sensitive sites (e.g., Canadian Embassy, Europol) with WiFi sniffers.

8. Router/Server Compromise: Renting Out to Botnets

[03:10] Cloudsec reports an operation compromising routers and servers, renting them out to botnet operators.
- Payloads for DDoS and cryptomining botnets (e.g., Rondodocs, Mirai, Morte) deployed.

9. Fortra GoAnywhere MFT Vulnerability Exploited

[03:24] Hackers exploiting a just-patched bug in Fortra GoAnywhere file transfer servers.
- Attacks began a week before patches were released.
- The deserialization vulnerability (severity rating: 10) allows remote command execution.
- Customers urged to take consoles offline until patched.
"The deserialization vulnerability allows threat actors to run commands on remote systems. The vulnerability has a severity rating of 10."
— Claire Airdrop [03:28]

10. Unconsented Telemetry from Unitree G1 Humanoid Robots

[03:49] Researchers found Unitree G1 humanoid robots are sending sensor and telemetry data to servers in China every five minutes.
- Bluetooth vulnerabilities also discovered—could be exploited to access internal networks.

Notable Quotes and Memorable Moments

On the lack of insurance at JLR:
"According to recent reports, the company did not have cyber insurance."
— Claire Airdrop [00:22]
On ransomware tactics:
"They're threatening to publish more unless the parent company, Keto International, pays a ransom."
— Claire Airdrop [01:00]
On Telegram and law enforcement:
"...officials obtained permission through the court due to Telegram's general refusal to respond to law enforcement requests."
— Claire Airdrop [01:40]
On severe software vulnerabilities:
"The deserialization vulnerability allows threat actors to run commands on remote systems. The vulnerability has a severity rating of 10."
— Claire Airdrop [03:28]

Important Timestamps

00:04 — UK bails out Jaguar Land Rover after ransomware
00:36 — UK digital ID system rollout
00:46 — Ransom attack at London nursery chain
01:10 — US law enforcement monitoring software hacked
01:36 — US court hacks Telegram for child exploitation case
02:00 — Kremlin crypto laundering revealed
02:38 — Dutch teens arrested for espionage via WiFi sniffers
03:10 — Compromised routers and servers hired for botnet attacks
03:24 — GoAnywhere MFT critical bug exploited
03:49 — Unitree G1 robots' unconsented data transmissions

Summary

This packed bulletin exposes the ongoing scale of high-impact cyberattacks—from nation-state espionage and business-crippling ransomware to child data extortion and the shadowy world of data-leaking robots. The episode blends urgent breach reports with noteworthy policy changes (like the UK’s digital ID rollout), while highlighting risky trends such as state-sponsored recruitment of youth, and warnings about unpatched software leading to catastrophic attacks.

The language is concise, direct, and informed, mirroring the host's brisk news delivery, ensuring listeners receive actionable information about emerging threats in cybersecurity.

Risky Bulletin: UK to Bail Out Jaguar Land Rover

Podcast: Risky Bulletin
Host: Risky.biz, read by Claire Airdrop
Date: September 29, 2025

Episode Overview

Key Discussion Points and Insights

1. UK Government Bailout of Jaguar Land Rover

[00:04] The UK government will underwrite a £1.5 billion loan guarantee for Jaguar Land Rover, aimed at supporting the company’s recovery after a significant ransomware attack.
- The attack brought production to a halt in August 2025, with disruptions expected to last into October.
- Notably, Jaguar Land Rover did not have cyber insurance at the time of attack.
"The company's production lines halted in August when it was hit by ransomware. The shutdown is expected to continue into October. According to recent reports, the company did not have cyber insurance."
— Claire Airdrop [00:19]

2. UK Introducing Digital ID System

[00:36] The UK is launching a digital ID stored on mobile phones for all citizens and legal residents.
- The system will be mandatory for employment to verify eligibility to work.

3. Ransomware Attack on London Nursery Chains

[00:46] Hackers, going by "Radiant," stole data of over 8,000 children from a London nursery operator, Keto International.
- Attackers released photos and contact details of 10 children on the dark web, demanding ransom or threatening to publish more.
- Keto operates nurseries in the UK, US, India, and China.

4. Breach of US Law Enforcement Monitoring Software

[01:10] Remotecom, a US Texas-based company providing monitoring software to law enforcement, was breached.
- Data about police officers, parolees, and software details was leaked by a hacker named "Wicked."
- Software is used in 49 US states to track internet, PC, and smartphone usage of paroled individuals.

5. Court-Approved Hack of Telegram Account

[01:36] US authorities were granted court permission to hack Telegram servers targeting an account linked to child exploitation.
- This is notable as Telegram typically ignores law enforcement requests for user data.
"A U.S. attorney's office was given permission from the court to hack Telegram servers... officials obtained permission through the court due to Telegram's general refusal to respond to law enforcement requests."
— Claire Airdrop [01:40]

6. Moscow IT Firm Leaks on Russian Payment Laundering

[02:00] Leaked internal documents reveal the Kremlin used the A7 A5 crypto token to launder money via Russian payment company A7.
- Used for bypassing sanctions, paying bribes, interfering in elections.
- Linked to oligarch Ilan Shaw, accused of major corruption and financing pro-Kremlin parties.

7. Dutch Teens Arrested for Spying with WiFi Sniffers

[02:38] Two Dutch 17-year-olds arrested for allegedly spying for Russia.
- Recruited via Telegram and paid to walk past sensitive sites (e.g., Canadian Embassy, Europol) with WiFi sniffers.

8. Router/Server Compromise: Renting Out to Botnets

[03:10] Cloudsec reports an operation compromising routers and servers, renting them out to botnet operators.
- Payloads for DDoS and cryptomining botnets (e.g., Rondodocs, Mirai, Morte) deployed.

9. Fortra GoAnywhere MFT Vulnerability Exploited

[03:24] Hackers exploiting a just-patched bug in Fortra GoAnywhere file transfer servers.
- Attacks began a week before patches were released.
- The deserialization vulnerability (severity rating: 10) allows remote command execution.
- Customers urged to take consoles offline until patched.
"The deserialization vulnerability allows threat actors to run commands on remote systems. The vulnerability has a severity rating of 10."
— Claire Airdrop [03:28]

10. Unconsented Telemetry from Unitree G1 Humanoid Robots

[03:49] Researchers found Unitree G1 humanoid robots are sending sensor and telemetry data to servers in China every five minutes.
- Bluetooth vulnerabilities also discovered—could be exploited to access internal networks.

Notable Quotes and Memorable Moments

On the lack of insurance at JLR:
"According to recent reports, the company did not have cyber insurance."
— Claire Airdrop [00:22]
On ransomware tactics:
"They're threatening to publish more unless the parent company, Keto International, pays a ransom."
— Claire Airdrop [01:00]
On Telegram and law enforcement:
"...officials obtained permission through the court due to Telegram's general refusal to respond to law enforcement requests."
— Claire Airdrop [01:40]
On severe software vulnerabilities:
"The deserialization vulnerability allows threat actors to run commands on remote systems. The vulnerability has a severity rating of 10."
— Claire Airdrop [03:28]

Important Timestamps

00:04 — UK bails out Jaguar Land Rover after ransomware
00:36 — UK digital ID system rollout
00:46 — Ransom attack at London nursery chain
01:10 — US law enforcement monitoring software hacked
01:36 — US court hacks Telegram for child exploitation case
02:00 — Kremlin crypto laundering revealed
02:38 — Dutch teens arrested for espionage via WiFi sniffers
03:10 — Compromised routers and servers hired for botnet attacks
03:24 — GoAnywhere MFT critical bug exploited
03:49 — Unitree G1 robots' unconsented data transmissions

Summary

The language is concise, direct, and informed, mirroring the host's brisk news delivery, ensuring listeners receive actionable information about emerging threats in cybersecurity.

wavePod

Risky Bulletin: UK to bail out Jaguar Land Rover

Powered by Wave AI

Summary

Risky Bulletin: UK to Bail Out Jaguar Land Rover

Episode Overview

Key Discussion Points and Insights

1. UK Government Bailout of Jaguar Land Rover

2. UK Introducing Digital ID System

3. Ransomware Attack on London Nursery Chains

4. Breach of US Law Enforcement Monitoring Software

5. Court-Approved Hack of Telegram Account

6. Moscow IT Firm Leaks on Russian Payment Laundering

7. Dutch Teens Arrested for Spying with WiFi Sniffers

8. Router/Server Compromise: Renting Out to Botnets

9. Fortra GoAnywhere MFT Vulnerability Exploited

10. Unconsented Telemetry from Unitree G1 Humanoid Robots

Notable Quotes and Memorable Moments

Important Timestamps

Summary

Summary

Risky Bulletin: UK to Bail Out Jaguar Land Rover

Episode Overview

Key Discussion Points and Insights

1. UK Government Bailout of Jaguar Land Rover

2. UK Introducing Digital ID System

3. Ransomware Attack on London Nursery Chains

4. Breach of US Law Enforcement Monitoring Software

5. Court-Approved Hack of Telegram Account

6. Moscow IT Firm Leaks on Russian Payment Laundering

7. Dutch Teens Arrested for Spying with WiFi Sniffers

8. Router/Server Compromise: Renting Out to Botnets

9. Fortra GoAnywhere MFT Vulnerability Exploited

10. Unconsented Telemetry from Unitree G1 Humanoid Robots

Notable Quotes and Memorable Moments

Important Timestamps

Summary