Podcasts

News, analysis and commentary

Risky Bulletin: Researcher drops giant cache of zero-days

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

An anonymous researcher has dropped a giant cache of zero-day exploits, a sensitive DHS network got hacked, the US Supreme Court restricts geofence warrants, and security firm Huntress has denied accusations of a malicious insider.

Risky Bulletin: Researcher drops giant cache of zero-days
0:00 / 9:45

Risky Business #844 -- China closes AI vulndev gap as USA lifts Fable ban

Presented by

James Wilson
James Wilson

Technology Editor

Adam Boileau
Adam Boileau

Co-host at large

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:

  • Anthropic’s Fable 5 returning while OpenAI’s GPT-5.6 gets thrown in model jail
  • Distillation, cheap tokens, and AI chat harvesting is an industry in China
  • Edge becomes a lolbin via a new malicious extension
  • An Iranian APT boss’s vacation in a beautiful place goes wrong
  • Much, much more!

In this week’s sponsor interview Daf Stuttard and Katie Warren from Portswigger pop along to talk about how they built an AI security testing product that people would actually feel comfortable using.

This episode is also available on YouTube.

Risky Business #844 -- China closes AI vulndev gap as USA lifts Fable ban
0:00 / 60:11

Mythos on your desk? Using local LLMs for code reviews

Presented by

James Wilson
James Wilson

Technology Editor

In this podcast episode James Wilson chats with Karsten Nohl about his research into using local LLMs to replace cloud AI in security code reviews.

In essence, Karsten created a hybrid code reviewing system where both cloud and local models are used to orchestrate, triage outputs, and write reports. In this system, only the local LLMs have source code access, with the cloud models used to manage the local models.

In this “source-local” review technique, the source code never leaves the local endpoint, which is a requirement for some reviews. But funnily enough, Karsten was able to use this system to generate findings that were as impressive as when using frontier models directly.

In a nutshell, Karsten proved it’s possible to use locally-hosted, open-weight models running on commodity hardware to produce findings comparable to those discovered by frontier cloud models.

This episode is also available on YouTube.

Mythos on your desk? Using local LLMs for code reviews
0:00 / 71:29

Between Two Nerds: Set cyberspace ablaze

Presented by

The Grugq
The Grugq

Independent Security Researcher

Tom Uren
Tom Uren

Policy & Intelligence

In this edition of Between Two Nerds, Tom Uren and The Grugq discuss whether cyber organisations should actually be separated from Signals Intelligence organisations. The Grugq argues that having cyber expertise subordinate to intelligence collection means that many opportunities are never explored.

This episode is also available on YouTube.

Between Two Nerds: Set cyberspace ablaze
0:00 / 39:08

Risky Bulletin: White House asks OpenAI to restrict GPT 5.6

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

The White House asks OpenAI to keep a tight grip on ChatGPT 5.6, the US Secret Service made some appalling OpSec mistakes, AMD has reintroduced a CPU security feature after consumer backlash, and an Iranian APT operator has been arrested in Montenegro.

Risky Bulletin: White House asks OpenAI to restrict GPT 5.6
0:00 / 7:28

Sponsored: Corelight’s blueprint for AI-era defence

Presented by

James Wilson
James Wilson

Technology Editor

In this sponsored interview James Wilson chats with Corelight’s VP of Product Vijit Nair about defence strategies for the AI era. When agents can find and exploit vulnerabilities at machine speed, you need to balance between proactive and reactive measures.

On the proactive side, you need modelling of assets and threats. On the reactive side you’ll need telemetry so you can act quickly if a threat becomes a reality.

Corelight makes NDR hardware that runs a heavily optimised version of the Zeek network monitoring tool. Combined with its Agentic Triage product, customers can detect threats in their networks, and monitor the effectiveness of their mitigation strategies.

Sponsored: Corelight’s blueprint for AI-era defence
0:00 / 19:27

Risky Bulletin: Operation Endgame dismantles Amadey and StealerC

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

Law enforcement dismantles two more malware operations, Japan’s army used infected USB drives, Anthropic accuses Alibaba of distillation attacks, and Australia finds “digital dynamite” on critical networks.

Risky Bulletin: Operation Endgame dismantles Amadey and StealerC
0:00 / 10:15

Srsly Risky Biz: Open weight models make the Mythos debate moot

Presented by

James Wilson
James Wilson

Technology Editor

Tom Uren
Tom Uren

Policy & Intelligence

Tom Uren and James Wilson talk about the Five Eyes cyber security agencies warning about the arrival of AI-enabled cyber threats. The call-to-action is driven by the recognition that it is no longer possible to limit AI’s offensive cyber security capabilities to benign actors. The genie is out of the bottle, regardless of export controls on frontier models.

They also discuss the progress of Operation Endgame, the multinational joint operation that has been disrupting the cybercriminal ecosystem. It’s been a great success, but criminal enterprises bounce back. Keeping a lid on cybercrime will require continuous disruption programs.

This episode is also available on YouTube.

Srsly Risky Biz: Open weight models make the Mythos debate moot
0:00 / 28:28

Risky Bulletin: FortiBleed hacks involved a lot of traffic sniffing

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Claire Aird
Claire Aird

Newsreader

The FortiBleed hacks are worse than a credentials leak, a new White House executive order sets out a hard 2031 post quantum cryptography deadline, Meta leaks employee keystroke data, and a third of Samsung and LG TVs act as proxies.

Risky Bulletin: FortiBleed hacks involved a lot of traffic sniffing
0:00 / 8:43

Risky Business #843 -- Fortibleed is kinda awesome, actually

Presented by

James Wilson
James Wilson

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

On this week’s show special guest co-host Rob Joyce joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Rob served as an advisor to Donald Trump during his first term as president and also served at NSA for 34 years. While at the agency, Joyce led Tailored Access Operations (TAO), and later became NSA’s Director of Cybersecurity.

They cover:

  • The surprisingly well done Fortibleed campaign
  • Stolen Klue OAuth tokens lead to Salesforce data theft
  • OpenAI wants to patch the planet
  • runZero gets acquired by Accenture, congrats HD Moore!
  • Much, much more!

This episode is also available on YouTube.

Risky Business #843 -- Fortibleed is kinda awesome, actually
0:00 / 63:35