Risky Business News

Follow Risky Business News
Share on
Copy link to clipboard

Regular cybersecurity news updates from the Risky Business team...

risky.biz


    • Jun 24, 2026 LATEST EPISODE
    • weekdays NEW EPISODES
    • 14m AVG DURATION
    • 982 EPISODES


    Search for episodes from Risky Business News with a specific topic:

    Latest episodes from Risky Business News

    Risky Bulletin: FortiBleed hacks involved a lot of traffic sniffing

    Play Episode Listen Later Jun 24, 2026 8:43


    The FortiBleed hacks are worse than a credentials leak, a new White House executive order sets out a hard 2031 post quantum cryptography deadline, Meta leaks employee keystroke data, and a third of Samsung and LG TVs act as proxies. Show notes Risky Bulletin: The FortiBleed incident is so much worse than a simple credentials leak

    Sponsored: Trail of Bits and OpenAI patch the planet

    Play Episode Listen Later Jun 23, 2026 18:27


    In this sponsored interview James Wilson chats with Trail of Bits founder and CEO Dan Guido about its newly announced partnership with OpenAI. Together, they've started a new initiative called “Patch the Planet” to support open source maintainers. Being an open source maintainer is more difficult than ever. Just using frontier models to keep up with all the bug reports isn't enough. Trail of Bits wants to help maintainers by combining its deep cybersecurity expertise with OpenAI's GPT 5.5 Cyber. As Dan points out in this interview, this isn't just about helping maintainers find and fix bugs. They're spending just as much time on SDLC improvements, architecture changes, and the foundations needed to make open source sustainable in the AI era. Show notes

    Between Two Nerds: The PRC vs AI

    Play Episode Listen Later Jun 22, 2026 35:22


    In this edition of Between Two Nerds Tom Uren and The Grugq discuss the idea that the People's Republic of China has mobilised its influence operations against the construction of US data centres and its build out of AI capacity. This episode is also available on YouTube. Show notes Red Rap Two Sessions Get on the Beers

    Risky Bulletin: Klue breach impacts security firms

    Play Episode Listen Later Jun 22, 2026 8:08


    A data breach at business analytics platform Klue spreads to security firms, a hacker breaches Brazil's national alert system, North Koreans are behind the Mastra supply chain attack, and a new, unfixable vulnerability has been found in Apple's A12 and A13 chips. Show notes Risky Bulletin: Klue breach impacts security firms

    Risky Bulletin: Creds for 74,000 Fortinet devices leaked

    Play Episode Listen Later Jun 19, 2026 11:00


    A LOT of Fortinet creds have leaked online, Canada's spy agency allowed to remove a botnet from Canadian devices, a supply chain attack hits the Mastra AI framework, and Europol disrupts SocGolish. Show notes Risky Bulletin: Canada's spy agency allowed to remove a botnet from Canadian devices

    Srsly Risky Biz: Anthropic has artificial, but not emotional, intelligence

    Play Episode Listen Later Jun 18, 2026 31:22


    Tom Uren and James Wilson talk about Anthropic rolling out its latest models only to have them effectively banned by the US government within days. Although the administration's process for assessing new models is, ahem, amorphous, Anthropic is doing itself no favours by dismissing its concerns. The company needs to show some emotional intelligence and learn how to manage upwards. They also discuss Section 702 Foreign Intelligence Surveillance Act collection. The law authorising it has lapsed amidst political shenanigans, but it looks like collection can continue until next year. Plenty of time for kicking of political footballs! This episode is also available on YouTube Show notes

    Risky Bulletin: China arrests Silver Fox cybercrime group suspects

    Play Episode Listen Later Jun 17, 2026 10:54


    66 members of the Silver Fox cybercrime group arrested in China, the EU will help Ukraine in the event of a major cyberattack, MS-ISAC loses 70% of its members after a DHS funding cut, and S-BOMs are still not widely adopted. Show notes Risky Bulletin: China arrests Silver Fox cybercrime group suspects

    Between Two Nerds: Why NATO and cyber don't mix

    Play Episode Listen Later Jun 15, 2026 28:37


    In this edition of Between Two Nerds Tom Uren and The Grugq talk about how NATO is set up to deter conventional conflict, and how that approach is fundamentally unsuited for ongoing, everyday cyber operations that are intended to confound adversaries. This episode is also available on YouTube. Show notes

    Risky Bulletin: Arch Linux supply chain attack hits 1,900 packages

    Play Episode Listen Later Jun 15, 2026 11:14


    Almost 2,000 Arch Linux packages have been infected with malware in a supply chain attack, FISA surveillance powers expire for the first time since 2008, the FBI takes down a Chinese phishing service, and a major supply chain attack hits the WordPress ecosystem. Show notes Risky Bulletin: Arch Linux supply chain attack spreads to 1,900+ AUR packages

    Sponsored: Ent on using AI to track human behavior on the endpoint

    Play Episode Listen Later Jun 14, 2026 19:36


    In this Risky Business sponsored interview, Catalin Cimpanu talks with Brandon Dixon, co-founder and CTO of Ent AI, about the company's innovative use of local LLMs to track user behavior on the endpoint, and add context to suspicious events to detect or prevent malicious activity. Show notes Brandon Dixon on LinkedIn

    Risky Bulletin: CISA tightens patching rules amid bug deluge

    Play Episode Listen Later Jun 12, 2026 9:49


    CISA changes federal patching rules due to AI, a House Republican was hacked by Russia, ShinyHunters go on an Oracle hacking spree, and npm will block auto-run install scripts by default. Show notes Risky Bulletin: In the age of AI, CISA changes federal patching rules

    Sponsored: Understanding CI/CD attack paths

    Play Episode Listen Later Jun 12, 2026 15:48


    In this sponsored episode, James Wilson chats with SpecterOps CTO Jared Atkinson about the central role that GitHub has played in recent supply chain compromises. GitHub is where code gets built, tested, and shipped to devices, cloud, and on-prem environments. Understanding the paths an attacker can use to get into GitHub, and where they can pivot to from there, is essential to securing your GitHub repos and CI/CD pipelines. Show notes

    Srsly Risky Biz: Europe wants to wean itself off US tech

    Play Episode Listen Later Jun 11, 2026 19:48


    Tom Uren and James Wilson talk about the European Union's digital sovereignty push. A divorce from US tech giants is on the cards, but building sovereign infrastructure and chip capacity will be hard. From an American perspective this is an entirely predicable own-goal. You can have internationally competitive tech giants or you can have an aggressive and coercive foreign policy. You can't have both at the same time. They also discuss the reanimated corpse of NSO Group. It's in a hole, but it just keeps digging. This episode is also available on YouTube Show notes

    Risky Bulletin: Nightmare Eclipse drops fresh 0day

    Play Episode Listen Later Jun 10, 2026 11:27


    Nightmare Eclipse drops a fresh zero day, Meta says NSO is targeting WhatsApp users again, hackers breach France's Tchap secure messenger network, Putin disables some Kremlin security cameras, and Gmail be gone! Russia bans logins from foreign email addresses. Show notes Risky Bulletin: Meta says NSO violated court order with new campaign targeting WhatsApp

    Between Two Nerds: Nerds at NATO

    Play Episode Listen Later Jun 8, 2026 30:33


    In this edition of Between Two Nerds Tom Uren and The Grugq speak at the NATO CyCon conference on Cyber Conflict in Tallinn, Estonia. The pair discuss how cyber operations complement conventional military operations and the past, present and future of cyber conflict. This episode is also available on YouTube. Show notes Australia's Offensive Cyber Capability

    Risky Bulletin: RubyGems adds dependency cooldowns to counter supply chain attacks

    Play Episode Listen Later Jun 8, 2026 6:38


    RubyGems adds dependency-cooldowns to counter supply chain attacks, AT&T and IBM are accused of hiding foreign hacks, Cisco warns of a new SD-WAN zero-day, and Google layoffs hit security teams. Show notes Risky Bulletin: RubyGems adds dependency cooldowns to counter supply chain attacks

    Risky Bulletin: EU unveils digital sovereignty plan

    Play Episode Listen Later Jun 5, 2026 11:48


    The EU unveils its digital sovereignty plan, an American law firm pays a $20 million ransom, authorities take down millions of email and social media scam accounts, and a new DoS bug can crash servers within seconds. Show notes Risky Bulletin: The EU debuts digital sovereignty plan

    Srsly Risky Biz: NATO's cyber approach needs to change

    Play Episode Listen Later Jun 4, 2026 24:44


    Tom Uren and James Wilson talk about Tom's trip to NATO's Cyber Conflict conference. NATO countries want to bulk up their cyber efforts, and the pair discuss what that could look like. They also look at the US military's admission that commercial location data was used to target personnel involved in Epic Fury, the US war on Iran. This is not surprising at all, and is just the most visible manifestation of the national security risks of this kind of data sloshing around. If Iran is analysing this data in wartime, China is doing it in peacetime for intelligence and counter-espionage purposes. This episode is also available on YouTube Show notes

    Risky Bulletin: FSB calls out Western spyware operation

    Play Episode Listen Later Jun 3, 2026 10:39


    Russia's FSB calls out a Western spyware operation, high-profile Instagram accounts hijacked via Meta's AI support agents, Red Hat npm packages were compromised in another supply chain attack, and ten percent of domains registered last year were malicious. Show notes Risky Bulletin: A tenth of all new domains last year were malicious

    Between Two Nerds: The intelligence cult

    Play Episode Listen Later Jun 2, 2026 27:55


    In this edition of Between Two Nerds Tom Uren and The Grugq talk about the ways in which intelligence agencies are just like cults. This episode is also available on YouTube Show notes

    Risky Bulletin: Recently patched PAN 0day exploited in the wild

    Play Episode Listen Later Jun 1, 2026 7:05


    A new Palo Alto Networks firewall bug is being exploited in the wild, Russia expands SORM surveillance, NIST is looking for new post quantum algorithms, and ENSOC launches in Europe. Show notes Risky Bulletin: Russia greatly expands SORM surveillance requirements

    Sponsored: Inside CISA's disastrous secrets leak

    Play Episode Listen Later May 31, 2026 19:10


    In this sponsored interview Casey Ellis chats with Truffle Security's founder and CEO Dylan Ayrey about the recent CISA secrets leak. Days after Brian Krebs ran the story, plenty of the exposed credentials were still live, including an admin-level GitHub app key with full rights over CISA's org. Dylan walks through why deleting the repo doesn't fix anything, why most cloud vendors won't hard-revoke exposed keys (OpenAI and Slack will; AWS, Google and friends mostly won't), why Hugging Face datasets now hold more secrets than GitHub itself, and what the next generation of multi-provider credential-harvesting supply chain worms is going to look like. Show notes

    Risky Bulletin: Dutch police take down 17m device botnet

    Play Episode Listen Later May 29, 2026 8:45


    Dutch police take down a botnet of 17 million devices, US military staff have been tracked with ad-tech location data, a Google engineer is arrested for insider trading on Polymarket, and Gogs and the Casdoor IAM leave major bugs unpatched. Show notes Risky Bulletin: Dutch police take down giant botnet of 17 million devices

    Risky Bulletin: Iran to reconnect to the Internet

    Play Episode Listen Later May 27, 2026 6:14


    Iran will reconnect to the Internet, a new vulnerability lets attackers bypass authentication on AI infrastructure, hackers breach Lithuania's state registry, security firms take down the Glassworm botnet, and CERT India releases strict patching advice. Show notes Risky Bulletin: BadHost vulnerability bypasses authentication on AI infrastructure

    Risky Bulletin: Mythos has found thousands of critical bugs

    Play Episode Listen Later May 25, 2026 8:15


    Anthropic says Mythos has found thousands of critical bugs, hackers leak documents from a Russian disinfo group, GitHub rolls out new npm security features, and Dutch police raid two bulletproof hosting providers. Show notes Risky Bulletin: Mythos has found thousands of critical bugs

    Sponsored: Teaching AI agents the rules of the road

    Play Episode Listen Later May 24, 2026 26:54


    In this sponsored interview James Wilson chats with Sondera CEO Josh Devon about why guardrails and instruction files aren't enough to keep AI agents from going haywire. EDR, DLP and other traditional controls can't and won't prevent agents from going rogue. Josh explains Sondera's “principle of least autonomy” for agents: let them do useful work, but put them in a deterministic policy harness so they can't leak secrets, abuse tools or wander off-task. Show notes

    Risky Bulletin: Microsoft ends SMS MFA for personal accounts

    Play Episode Listen Later May 22, 2026 9:00


    Microsoft ends support for SMS MFA on personal accounts, GitHub was hacked via a malicious VS Code extension, CISA will let researchers submit new KEV entries, and an SMS blaster was detained at Eurovision. Show notes Risky Bulletin: Microsoft ends SMS MFA for personal accounts

    Srsly Risky Biz: Politicians ditch Signal for homegrown apps

    Play Episode Listen Later May 21, 2026 28:45


    Tom Uren and James Wilson talk about moves from several European governments to ditch Signal and set up their own encrypted messaging systems for internal government use. These efforts are motivated by concerns about phishing and sovereignty, but the solutions being adopted are imperfect and will come with their own set of problems. Signal fills a space that can't be filled with sovereign capability. They also talk about Fast16 malware. We are only now learning about the second arm of a mid-2000s campaign to delay Iran's nuclear weapons program that included the infamous Stuxnet worm. This episode is also available on YouTube Show notes

    Risky Bulletin: Microsoft takes down crime SaaS used by ransomware gangs

    Play Episode Listen Later May 20, 2026 8:50


    Microsoft disrupts a malware-signing service used by ransomware gangs, a CISA contractor leaks sensitive GovCloud keys, vulnerability exploitation is now the dominant network entry vector, and Drupal readies security updates for a “highly critical” vulnerability. Show notes Risky Bulletin: Microsoft takes down MSaaS used by ransomware gangs

    Between Two Nerds: Russia's hacker university

    Play Episode Listen Later May 19, 2026 29:22


    In this edition of Between Two Nerds Tom Uren and The Grugq look at Department 4 of Bauman Moscow State Technical University where students learn how to hack for the state. Its curriculum is extremely explicit about how the hacking and propaganda operations are relevant to state operations. They discuss whether this is an advantage for Russia's cyber program and look at what Western intelligence agencies do instead. This episode is also available on YouTube. Show notes The GRU's Hogwarts Vlodymyr Styran's substack BTN92 with Alex Joske, how the MSS became a cyber juggernaut

    Risky Bulletin: Indonesia emerges as a new hub for cyber scams

    Play Episode Listen Later May 18, 2026 10:10


    Indonesia emerges as a new cyber scam hub, Grafana got hacked and held for ransom, the Fast16 malware subverted software used to simulate nuclear explosions, and a new Microsoft Exchange zero-day is under attack. Show notes Risky Bulletin: Indonesia emerges as a new hub for cyber scams

    Sponsored: Push Security goes AI threat hunting in browser telemetry

    Play Episode Listen Later May 17, 2026 14:01


    In this sponsored interview James Wilson chats with Push Security's Chief Research Officer Jacques Louw about how the company has integrated an army of AI agents into its threat detection platform. Not only has agentic AI led to the discovery of Install Fix campaigns, but it will help simplify the platform for new customers. Show notes

    Risky Bulletin: Shai-Hulud goes open-source

    Play Episode Listen Later May 15, 2026 8:50


    The source code for the Shai-Hulud worm has been released online, a dark web market admin was charged after a major OPSEC failure, France investigates an Israeli disinfo firm, and ‘Composer' rushes to fix a GitHub token leak. Show notes Risky Bulletin: Shai-Hulud goes open-source

    Srsly Risky Biz: The AI Regulation Knife Fight

    Play Episode Listen Later May 14, 2026 23:34


    Tom Uren and James Wilson talk about the argy bargy within the Trump administration about AI regulation. They cover who is fighting, what is at stake and what the real areas of concern are. They also cover low earth orbit satellite constellations. Russia's building one, the EU has plans and China is building two. They are the new must-have accessory for any country with global ambitions. This episode is also available on YouTube Show notes

    Risky Bulletin: Damaging worm rips through npm ecosystem

    Play Episode Listen Later May 13, 2026 7:49


    RubyGems disables sign-ups after an attack on staff, Instructure paid the ransom, the Gentlemen ransomware operation gets hacked, and another major supply chain attack on npm (yawn). Show notes Risky Bulletin: RubyGems disables sign-ups after attack on staff

    Between Two Nerds: The AI-first crime gang

    Play Episode Listen Later May 12, 2026 25:57


    In this edition of Between Two Nerds Tom Uren and The Grugq discuss why it makes even more sense for criminal organisations to adopt AI as compared to regular businesses. This episode is also available on YouTube. Show notes Microsoft's 2026 Work Trend Index Annual Report Cybersecurity Looks Like Proof of Work Now On the Hunt for FIN7

    Risky Bulletin: FCC relaxes foreign router security patch ban

    Play Episode Listen Later May 11, 2026 10:56


    The FCC relaxes its foreign router ban to allow for security updates, the ShinyHunters group disrupts schools across the globe, a 21-year-old remote code execution bug turns up in FreeBSD, and another Linux privilege escalation bug was disclosed… without a patch. Show notes Risky Bulletin: FCC relaxes foreign router ban to allow for security updates

    Sponsored: Knocknoc built a Greynoise integration

    Play Episode Listen Later May 10, 2026 10:22


    In this sponsored interview Patrick Gray chats with Knocknoc CEO Adam Pointon about their Greynoise integration. Knocknoc allowlists network connections from users' IPs after they've been through an SSO challenge. It's great for protecting vulnerable or risky assets that your org has to connect to the internet. But what happens when one of your users tries to authenticate from a bad IP? You probably don't want to add that one to your allowlist! Thanks to Knocknoc's new Greynoise integration, you don't have to! Show notes

    Risky Bulletin: State sponsored group exploits Palo 0day

    Play Episode Listen Later May 8, 2026 7:55


    Palo Alto Networks patches a firewall zero-day, Google patches an Android remote takeover bug, Ivanti also patches one, and a leak exposes Russia's spy and hacker school. Show notes Risky Bulletin: Google patches Android remote takeover bug

    Srsly Risky Biz: After Mythos, US government weighs AI regulation

    Play Episode Listen Later May 7, 2026 22:32


    Tom Uren and James Wilson talk about the sudden drive to put regulation around the releases of new AI models because of their cyber security implications. A standardised approach is desirable, but clamping down too hard won't achieve as much as might be hoped. Experts with older or even open models can get just as far as novices with the latest models. They also discuss Australia's new Cyber Incident Review Board. It has been hamstrung and won't be as successful as it could be because it can't assign blame. This episode is also available on YouTube Show notes

    Risky Bulletin: Targeted supply chain attack hits DAEMON Tools

    Play Episode Listen Later May 6, 2026 8:48


    The DAEMON Tools website was hit in a targeted supply chain attack, Australia gets its own CSRB, the US arrests a wanted VOIP server hacker after 17 years, and Oracle switches to monthly security updates. Show notes Risky Bulletin: Extremely targeted supply chain attack hits DAEMON Tools

    Between Two Nerds: The wild wild west

    Play Episode Listen Later May 4, 2026 31:57


    In this edition of Between Two Nerds Tom Uren and The Grugq discuss the breakdown of cyber norms. What would have been an unthinkable cyber operation just a few years ago is now a regular occurrence. This episode is also available on YouTube. Show notes Fast16 analysis by SentinelOne Fast16 malware Zero Day on the wiper targeting Venezuela's state oil company

    Risky Bulletin: DigiCert hacked with a malicious screensaver file

    Play Episode Listen Later May 4, 2026 9:45


    DigiCert got hacked via a malicious screensaver file, two ransomware negotiators each get four years in prison, Trellix discloses a security breach, and another Russian hacker gets arrested while vacationing in the wrong place. Show notes Risky Bulletin: DigiCert hacked with a malicious screensaver file

    Sponsored: James Kettle built an AI hacker

    Play Episode Listen Later May 3, 2026 24:56


    In this sponsored interview, James Wilson talks with James Kettle and Daf Stuttard from PortSwigger about the incredible research James will unveil at Black Hat US this July, and how that research will be productised into Burp Suite. It shouldn't be surprising that when James Kettle bolts an LLM into his research methodology that insanely dangerous things happen. This interview is a window into the future of AI-enabled hacking and security testing. This interview is also available on YouTube. Show notes

    Risky Bulletin: cPanel auth bypass exploited in wild

    Play Episode Listen Later May 1, 2026 13:05


    The Copy Fail vulnerability impacts all Linux distros going back to 2017, hackers are exploiting a cPanel auth bypass, every Moldovan citizen has their data stolen, and some scam compounds got raided raided… in Dubai. Show notes Risky Bulletin: The mysterious hack of Moldova's healthcare database

    Srsly Risky Biz: US Vows to Fight Distillation Attacks

    Play Episode Listen Later Apr 30, 2026 18:22


    Tom Uren and Amberleigh Jack talk about the US government stepping in to fight ‘distillation attacks' by Chinese AI labs. These are methods used to steal the special sauce of frontier AI models simply by asking questions. They also discuss the wide-spread shift amongst Chinese threat actors to using botnets for all aspects of their operations. It's a problem for defenders, but also a disruption opportunity for authorities. This episode is also available on YouTube. Show notes

    Risky Bulletin: Ukrainians hacked Russian satellite comms platform

    Play Episode Listen Later Apr 29, 2026 8:31


    Ukrainians hack Russian satellites, Vimeo is being extorted, Greece wants to ban anonymity on social media, and a Scattered Spider hacker was arrested in Finland. Show notes Risky Bulletin: UK NCSC blasts SOC metrics

    Between Two Nerds: Hackers from the future

    Play Episode Listen Later Apr 27, 2026 32:10


    In this edition of Between Two Nerds Tom Uren and The Grugq discuss what the North Korean hack of Drift can tell us about the future of hacking. This episode is also available on YouTube. Show notes Drift Protocol incident update on X Cointelegraph coverage CredShields incident post-morten

    Risky Bulletin: New fingerprinting technique can track Tor users

    Play Episode Listen Later Apr 27, 2026 8:39


    A fingerprinting technique can track Tor users, Intellexa had an American exploit provider, the US accuses China of copying its AI, and the US router ban also covers WiFi hotspots. Show notes Risky Bulletin: New fingerprinting technique can track Tor users

    Sponsored: RunZero accidentally got good at OT

    Play Episode Listen Later Apr 26, 2026 15:39


    In this Risky Business sponsored interview Casey Ellis chats to runZero's founder and CEO HD Moore about runZero's new release: 4.9. It drops this week and doubles down on OT scanning. Animated world and network maps add another layer to visualisation and for those that have been asking: yes, there's a dark mode. Show notes

    Risky Bulletin: Sean Plankey withdraws CISA nomination

    Play Episode Listen Later Apr 24, 2026 11:38


    Sean Plankey withdraws his CISA Director nomination, Russians hacked the Bundestag President, Discord users gain unauthorised access to Anthropic's Mythos, and the US sanctions a Cambodian senator for running cyber scam compounds. Show notes Risky Bulletin: There are now SIM-Farm-as-a-Service providers

    Claim Risky Business News

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel