Risky Bulletin: New White House EO Prioritizes Fight Against Scams and Cybercrime

Podcast: Risky Bulletin
Host: Risky Business Media
Episode Date: March 9, 2026

Episode Overview

In this information-packed edition, the Risky Bulletin team delivers fast-paced cybersecurity news headlines and analysis. The main focus is the new US White House executive order (EO) and cyber strategy, both aiming to escalate the federal government’s fight against scams and cybercrime. The episode also covers major breaches, legislative updates, international incident reports, AI security developments, and notable legal actions in the cybersecurity world.

Key Discussion Points & Insights

1. White House Executive Order on Cybercrime and Cyber Strategy

• Crackdown on Scams and Cybercrime (00:04 – 01:10):
  • President Trump signed a new EO instructing US agencies to prioritize cyber fraud and scam investigations, including ransomware, phishing, and sextortion schemes.
  • The State Department is to pressure other nations hosting scam operations.
  • The White House released a seven-page US Cyber Strategy focused on deregulation, modernizing networks, securing infrastructure, recruiting cybersecurity talent, and enabling private sector help in offensive operations.
  • Commentator critique: The strategy’s “vague language covers almost everything without any specific details.”

2. FBI Wiretap Network Breach

• [01:11 – 01:46]:
  • The FBI is probing a breach of its wiretap and surveillance network that stores sensitive call records and data.
  • Congress has been notified; reports blame Chinese state-sponsored hackers.
  • It’s unclear if this links to previous 2024 Salt Typhoon telecom breaches.

3. US Federal Cybersecurity Staffing Shakeup

• [01:47 – 02:15]:
  • DHS CISO Hamit Beidouan leaving; Deputy Amanda Day already departed for private sector.
  • Part of broader DHS IT and cybersecurity leadership reorganization.
  • Recent leadership changes at CISA as well.

4. Congressional Update: Rural & Municipal Utility Cybersecurity

• [02:16 – 02:43]:
  • The House Energy and Commerce Committee passed the Rural and Municipal Utility Cybersecurity Act.
  • Would reauthorize and expand federal support, grants, and technical assistance to rural/municipal utilities for cyber defense.

5. Anthropic AI Deemed National Security Risk

• [02:44 – 03:15]:
  • DoD labels AI company Anthropic a national security risk after company refuses to remove usage safeguards for military deployment.
  • Anthropic to challenge the designation in court.

6. US Soldiers Killed in Kuwait Missile Strike

• [03:16 – 03:48]:
  • Major Jeffrey O’Brien (Iowa cybersecurity expert) and Declan Cody (Drake University cybersecurity student) were among six Americans killed in a missile strike.
  • Highlighting the real-world risks and loss in the cyber professional community.

7. Youth Online Safety Regulations: Indonesia’s Ban

• [03:49 – 04:10]:
  • Indonesia issues an under-16 ban from "high risk" platforms, including social apps, YouTube, and Roblox (effective March 28).
  • Responds to rise in illegal/harmful online content.
  • Australia and some European countries are considering similar bans.

8. AI in Vulnerability Detection: Mozilla & Anthropic

• [04:11 – 04:24]:
  • Anthropic’s Claude AI detected 90 bugs and 22 security flaws in Firefox; all patched in latest browser release.

9. APT Activity: Pakistani Group “Transparent Tribe” Evolves

• [04:25 – 04:54]:
  • Transitions from commodity malware to AI-generated, “Vibe Coded” implants written in niche languages.
  • Used against Indian government and embassies to evade detection.

10. Ransomware Fallout: Romania’s Largest Meat Exporter Insolvent

• [04:55 – 05:16]:
  • Coco Rico (Alex1) begins insolvency after a ransomware attack halted operations and caused financial losses.

11. Crypto Heist: $2.7M Stolen from Solve Protocol

• [05:17 – 05:38]:
  • Attackers found a double minting smart contract flaw, exploited it 22 times before being stopped.

12. Wikipedia JavaScript Worm Attack

• [05:39 – 06:04]:
  • Worm vandalized nearly 4,000 Wikipedia pages by compromising 85 user accounts; originated from Russian Wikipedia.
  • Inactive after 23 minutes; triggered accidentally by Wikimedia staff.

13. Major Scam & Criminal Cases

• [06:05 – 06:47]:
  • Ghanaian national Derek Vanyaboa pleads guilty to $100M online scam; faces up to 20 years (ordered to return $10M).
  • Vietnamese police arrest seven accused of impersonating Japanese law enforcement to run scams; similar past operations targeting South Koreans.

14. Leakbase Hacking Forum Bust

• [06:48 – 07:14]:
  • Forum’s admin identified as Russian (aliases “Chucky,” “Beakdaz”).
  • FBI & Europol seized Leakbase.

15. Malicious Chrome Extension: “Shotbird”

• [07:15 – 07:33]:
  • Extension turned malicious after being sold; began disabling browser security, prompting malicious updates, and credential theft.
  • Second major Chrome extension gone bad in 2026.

16. GitHub Supply Chain Malware

• [07:34 – 07:47]:
  • 50+ GitHub accounts running malware-laced fake tools disguised as SaaS products, game cheats, and developer utilities.
  • Attributed to Vietnamese threat actor.

17. Meta Ray-Ban Glasses Privacy Lawsuit

• [07:48 – 08:05]:
  • Meta faces a class action after Swedish media reports Kenyan contractors reviewed sensitive footage (including bathrooms, finances, explicit content) from smart glasses.
  • Plaintiffs allege false privacy advertising.

Notable Quotes & Memorable Moments

• On Policy Vagueness:
  • “Cybersecurity commentators say the document's vague language covers almost everything without any specific details.” (00:37)
• On FBI breach:
  • “The hacked network stores call records, IP history, website addresses and routing information.” (01:18)
• On Anthropic’s stance:
  • “The company refused to remove safeguards from its tools for military use. The restraints aim to prevent its use in autonomous weapons and mass surveillance of American citizens.” (02:47)
• On Indonesia’s youth online ban:
  • “The government cited the rise in illegal and harmful content online.” (03:57)
• On AI bug hunting:
  • “Anthropic's Claude AI agent found 90 bugs and 22 security flaws in the Firefox web browser.” (04:12)
• On real-world ransomware impact:
  • “Romania's largest meat exporter has begun insolvency procedures following a ransomware attack.” (04:55)
• On privacy violation:
  • “The footage included financial information, explicit content and people using bathrooms.” (07:55)

Timestamps for Important Segments

| Time | Segment | |-----------|-----------------------------------------------------------------| | 00:04 | White House cyber EO and new strategy | | 01:10 | FBI wiretap network breach by suspected Chinese hackers | | 01:47 | DHS CISO, CISA leadership shuffle | | 02:16 | Rural and municipal utility cybersecurity funding bill | | 02:44 | DoD declares Anthropic AI a security risk | | 03:16 | Cyber experts killed in Kuwaiti missile strike | | 03:49 | Indonesia bans under-16s from high risk platforms | | 04:11 | AI finds bugs in Firefox | | 04:25 | New “Vibe Coded” malware by Pakistani APT | | 04:55 | Ransomware puts Romanian meat exporter into insolvency | | 05:17 | $2.7 million in crypto stolen from Solve Protocol | | 05:39 | Wikipedia JavaScript worm attack | | 06:05 | Major scam convictions and international law enforcement news | | 06:48 | FBI/Europol busts Leakbase hacking forum | | 07:15 | Malicious “Shotbird” Chrome extension | | 07:34 | Malware-infected GitHub repositories | | 07:48 | Meta Ray-Ban smart glasses privacy scandal |

Tone & Language

The episode maintains an urgent, fast-moving, and matter-of-fact tone, mirroring the concise, pragmatic delivery of a cybersecurity news briefing, with brief moments of critical commentary and occasional emphasis on the real-life impact of breaches and scams.