Risky Bulletin: Cambodia Promises to Dismantle Scam Compounds by April

Podcast: Risky Bulletin (Risky Biz)
Date: February 16, 2026
Host: Claire Airdrop (prepared by Catalyn Kimpanu)

Overview

This episode delivers a rapid-fire roundup of key cybersecurity news as of February 16, 2026. The main focus is Cambodia's pledge to take down cyberscam compounds by April, followed by updates on major incidents, regulatory moves, vendor controversies, malware trends, and tech advancements affecting the cybersecurity landscape globally.

Key Discussion Points & Insights

1. Cambodia's Crackdown on Cybercrime Compounds

• Main Theme:
  Cambodia’s government promises to dismantle all local cyberscam compounds by April, following recent large-scale raids.
• Details and Stats:
  • Raided 190 locations in January alone
  • Over 2,500 arrests
  • More than 110,000 workers deported or have left the country
  • Effort to address rampant online fraud operations hosted in Cambodian territory
• [00:04] Quote:
  • “Cambodia has promised to dismantle all local cyberscam compounds by April. Its government said it raided 190 locations in January and made more than 2,500 arrests.” – Claire Airdrop

2. US CISA Faces Staff Reductions Amid Government Shutdown

• Context:
  The US government enters a partial shutdown, impacting the Cybersecurity and Infrastructure Security Agency (CISA).
• Operational Impact:
  • Two-thirds of CISA employees furloughed
  • Only essential staff remain (collateral to political disputes over immigration funding)
• [01:23] Quote:
  • “CISA is operating with reduced staff this week as the US enters a partial government shutdown… Staff members with essential duties remain.”

3. CISA Pushes Open EOX Standard Adoption

• News:
  • CISA urges public and private sectors to adopt the Open EOX standard for communicating end-of-life/support statuses on devices.
  • Already adopted by Cisco, Microsoft, and Oracle.
• Reasoning:
  • “Open EOX provides a simple way for devices to share their end of life and end of support information.”

4. Shifting Priorities and Program Cuts at CISA

• Future Planning:
  • Anticipated shutdowns of cyber programs as CISA shifts focus to critical infrastructure.
  • Reports of internal warnings that fewer people will have to take on more responsibility.
  • [03:20] Quote (anonymous source via Cybersecurity Dive):
    • “The changes would result in a lot less people doing much more work.”

5. Controversy Over Spyware Sanctions

• Senate Concerns:
  • US Democratic senators demand answers for the lifting of sanctions on executives from spyware maker Intellexa.
  • Claims that the government skipped a meeting on Intellexa's sanction-evasion tactics.
  • Sanctions lifted after just three weeks.

6. Pegasus Spyware Targets Spanish Prime Minister

• Incident Details:
  • Moroccan intelligence believed to have infected Spanish PM Pedro Sanchez's phone in 2021.
  • Attack used IMSI-catcher and a zero-click exploit.
  • Hack revealed by Spanish intelligence for the first time.
  • [04:10] Quote:
    • “The attackers isolated the phone with an IMSI catcher and then deployed the spyware using a zero click exploit.”

7. Palantir sues Swiss Magazine over Product Vulnerability Reporting

• Background:
  • Republic magazine exposed security holes in Palantir software, leading to a Swiss Army investigation and contract termination.
  • Palantir is now suing for reputational damage.

8. Palo Alto Networks’ Cautious Attribution

• Espionage Campaign:
  • Palo Alto Networks links a cyber-espionage campaign to actors “operating out of Asia,” declining to specifically attribute it to China.
  • Fear of government retaliation cited as reason for this avoidance.
  • [06:45] Quote:
    • “The sources said the company feared retaliation from the Chinese government.”

9. Linux Kernels Embrace Post-Quantum Crypto

• Tech Advance:
  • Linux’s next major kernel will include quantum-resistant digital signatures (MLDSA).
  • Similar support will come to Windows and macOS.
  • US NIST recognized MLDSA as a standard in August 2024.

10. Ongoing Data Breaches and Malware

• Tenga Data Leak:
  • Adult toy maker Tenga was breached via email, risking customer data.
• Dutch ISP Odito:
  • Phishing led to theft of data for more than 6.2 million customers.
• First Contact Health reprimanded:
  • Guernsey Data Protection Agency orders improvement after a previous breach.
• Extortion via Cyber Hijinks in the Netherlands:
  • An extortionist accidentally downloads police files due to a file transfer mix-up, then demands payment.
• Malaysian SMS Blaster Ring Busted:
  • Operations used fake cell towers in cars to send spam near a casino and Singapore border.

11. Significant Threats and Vulnerabilities

• Bad IIS Malware Botnet:
  • Over 1,800 Windows servers infected for SEO poisoning and gambling redirects.
• Chained Shark APT Attacks China:
  • Focus: Chinese academia, marine technology, and diplomacy.
  • Noted for advanced social engineering and Chinese-language proficiency.
• Russian Influence Operations Restructured:
  • Prigozhin’s legacy operations folded into SVR’s ‘Stratconsult’, active in 30+ countries (22 in Africa).

12. High-Profile Vulnerability Alerts

• BeyondTrust Remote Access Vulnerability (RCE, CVSS 9.9):

  • Multiple attacks observed within days of public exploit code release.
  • Now listed in CISA’s Known Exploited Vulnerabilities database.

• Munge Authentication Flaw:

  • 20-year-old bug allows forgery of authentication tokens on supercomputers and high-performance clusters.

• Indian Pharmacy ‘Darva’ Secures API:

  • Exposed API could have allowed creation of super-admin accounts and data manipulation.

13. Social Media and Addictive Design Scrutiny

• TikTok Ordered to Curb Addictive Features in EU:

  • Must disable infinite scroll, tweak recommendations, add screen-time breaks.
  • Facebook and Instagram also under investigation for similar design practices.
  • [16:00] Summary:
    • “European Commission has told TikTok to change some of its features due to their addictive nature.”

• Meta’s Controversial Smart Glasses Plan:

  • Internal memo suggests now is “a good time” to add facial recognition as critics are “distracted by political tumult in the US.”
  • 7 million pairs sold in the previous year.

Notable Quotes

• On Cambodia’s Campaign:

  • “Cambodia has promised to dismantle all local cyberscam compounds by April.” – Claire Airdrop [00:04]

• On CISA Resource Shortage:

  • “Two anonymous sources said the changes would result in a lot less people doing much more work.” – Claire Airdrop [03:20]

• On Reticence to Blame Beijing:

  • “The sources said the company feared retaliation from the Chinese government.” – Claire Airdrop [06:45]

• On Meta’s Opportunistic Facial Recognition Rollout:

  • “Meta said it was a good time to release the controversial technology as critics are distracted by political tumult in the us.” – Claire Airdrop [14:10]

Major Segment Timestamps

• [00:04] – Cambodia’s cyberscam crackdown
• [01:23] – CISA staff reductions
• [03:20] – CISA internal program cuts
• [04:10] – Spanish PM Pegasus attack
• [06:45] – Palo Alto Networks avoids China attribution
• [09:15] – Quantum-resistant signatures in Linux
• [14:10] – Meta’s smart glasses/facial recognition
• [16:00] – TikTok and social media design crackdowns

Tone and Style

Claire Airdrop’s delivery is quick, clear, and focused on factual reporting, with the Risky Biz team’s trademark blend of urgency and dry understatement. The language is concise and highly informative, while the episode style is brisk, skipping editorializing in favor of direct reporting.