Podcast
Risky Business
Hosted by Risky Business Media · EN
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
105episodes
Episodes
Newest firstAll episodes
Risky Business #838 -- GitHub investigates possible breach
Yesterday01:02:49Summary readyOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: GitHub announced a possible breach CISA leaks important creds, keys in public repo Awful vulnerability in Bitlocker renders it useless without a PIN So. Many. Patches. Polish Government urges officials to ditch Signal for mSzyfr Much, much more This week’s show is brought to you by Thinkst Canary. Thinkst’s founder, Haroon Meer, is this week’s sponsor guest. He joined James Wilson to talk about how doing “the basics” in security isn’t trivially easy. This episode is also available on YouTube. Show notes GitHub on X: "We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely" / X CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran Iran hackers: Hackers have breached tank readers at gas stations; officials suspect Iran is responsible | CNN Politics War and Data Centers Are Driving Up the Cost of Fiber-Optic Cable Microsoft on pace to break annual vulnerability record as AI-driven patch wave takes hold | The Record from Recorded Future News NCSC’s Ollie Whitehouse on surviving the "bugpocalypse" - Risky Business Media Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark | Microsoft Security Blog Project Glasswing: what Mythos showed us Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ First public macOS kernel memory corruption exploit on Apple M5 OpenAI launches Daybreak to combat cyber threats | Cybersecurity Dive Zero-day exploit completely defeats default Windows 11 BitLocker protections - Ars Technica GitHub - Wack0/bitlocker-attacks: A list of public attacks on BitLocker · GitHub Catalin Cimpanu: "The Polish government has advi…" - Mastodon CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday | The Record from Recorded Future News CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED) Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network | The Record from Recorded Future News Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN | Cybersecurity Dive Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs | The Record from Recorded Future News Streamer Realtime Deepfakes Himself into Mr. Beast, Says He Loves 'Touching Little Boys'
SummarySoap Box: Where does AI fit into cloud security?
6d ago00:33:37Summary readyIn this sponsored soap box edition of the Risky Business podcast Patrick Gray chats with Toni de la Fuente, the founder of Prowler. Prowler started off as a bunch of scripts in a trenchcoat, then became an open source cloud security tool, and it’s now a venture-funded cloud security business. In this interview Toni talks us through how AI is changing the game for him as an open source project owner, and as a vendor. In short, reports of the death of IT and security tooling at the hands of frontier models have been greatly exaggerated. This episode is also available on Youtube. Show notes
SummaryRisky Business #837 -- GitHub Actions footgun claims TanStack
1w ago01:05:15Summary readyOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Mini Shai-Hulud and the TanStack compromise using Github Actions Instructure pays Canvas elearning platform data extortionists More Linux privilege escalation 0days! CISA helping critical infrastructure operators rearchitect their networks so they work offline This week’s episode is sponsored by email security platform Sublime Security. Bobby Filar chats with Patrick about how agentic AI is being evaluated by buyers in a marketplace that’s experiencing “AI fatigue”. This episode is also available on Youtube. Show notes ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack | CyberScoop Hardening TanStack After the npm Compromise | TanStack Blog Canvas Breach Disrupts Schools & Colleges Nationwide – Krebs on Security Instructure pays ransom after Canvas incident as Congress announces investigation | The Record from Recorded Future News When DNSSEC goes wrong: how we responded to the .de TLD outage Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access | Google Cloud Blog Mythos smythos! How to find 0day with lesser models - Risky Business Media GitHub - V4bel/dirtyfrag · GitHub retr0.zip NVD - CVE-2026-42511 Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI | CyberScoop Ivanti customers confront yet another actively exploited zero-day | CyberScoop Palo Alto warns of critical software bug used in firewall attacks | The Record from Recorded Future News Where Have All the Complex Windows Malware and Their Analyses Gone? Meet Rassvet, Russia’s Answer to Starlink | WIRED DOJ says ransomware gang tapped into Russian government databases | TechCrunch Iranian government hackers using Chaos ransomware as cover, researchers say | The Record from Recorded Future News Foxconn confirms cyberattack impacting North American factories | The Record from Recorded Future News New CISA initiative aims for critical infrastructure to operate offline during cyberattacks | The Record from Recorded Future News ‘HELLO BOSS’: Inside the Chinese Realtime Deepfake Software Powering Scams Around the World How to Disable Google's Gemini in Chrome | WIRED FCC pushes ban on security updates for foreign-made routers, drones to 2029 | The Record from Recorded Future News
SummaryRisky Business #836 -- You can't patch the bugpocalypse
2w ago01:01:56Summary readyOn this week’s show, Patrick Gray and James Wilson are joined by special guest co-host Brad Arkin. They discuss the week’s cybersecurity news, including: The US Government says we just have to patch faster, but… Bugs in cPanel, MoveIt and all Linux distributions this week show that patching alone isn’t enough James gets mad about lame AI Agent adoption advice from the US and Australian Governments James Kettle and Niels Provos both showed us that any model can find 0day like Mythos And the cyber-assisted theft of cargo results in an astonishing loss of $725 million dollars This week’s show is sponsored by SpecterOps. Their CTO, Jared Atkinson, chats to Pat about the big changes in the threat landscape, brought about by AI, that are causing a pivot away from detection and remediation, and toward prevention. This episode is also available on Youtube. Show notes Exclusive: US officials weigh cutting deadlines to fix digital flaws amid worries over AI-powered hacking, sources say | Reuters British cyber agency warns of looming ‘patch wave’ as AI speeds flaw discovery | The Record from Recorded Future News Federal agencies must patch cPanel bug by Sunday, CISA says | The Record from Recorded Future News cPanel zero-day exploited for months before patch release (CVE-2026-41940) - Help Net Security The most severe Linux threat to surface in years catches the world flat-footed - Ars Technica New MOVEit vulnerabilities prompt urgent patch warning | Cybersecurity Dive US and allies urge ‘careful adoption’ of AI agents | Cybersecurity Dive careful_adoption_of_agentic_ai_services.pdf User just tricked Grok and Bankrbot to send tokens with Morse code - Cryptopolitan Finding Zero-Days with Any Model (1872) Sponsored: James Kettle built an AI hacker - YouTube Feature Interview: Nicholas Carlini, Anthropic - Risky Business Media Trellix investigating breach of source code repository | Cybersecurity Dive Popular DAEMON Tools software compromised | Securelist Komari Red: The Monitoring Tool with a Built-in Reverse Shell | Huntress Hackers earning millions from hijacked cargo, FBI says | The Record from Recorded Future News Congress punts FISA renewal to June | The Record from Recorded Future News Cops Use Apple Data And Car Bluetooth To Identify Crypto Robbery Suspect Stewart Baker, outspoken voice on cybersecurity and national security law, dies at 78 | IAPP
SummarySnake Oilers: Burp AI, Sondera and Truffle Security
Apr 900:48:00Summary readyIn this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products: Burp AI and DAST: The founder of PortSwigger and creator of legendary security software Burp Suite, Dafydd Stuttard, drops by to pitch listeners on Burp AI and Burp Suite DAST. Sondera: Josh Devon talks about Sondera, a technology designed to intervene when AI models start doing the wrong thing by statefully tracking their trajectories. This isn’t a permissions suite for AI agents, it’s a way to stick agents in a harness and make sure they adhere to hard policy boundaries. Truffle Security: Dylan Ayrey, the founder of Truffle Security, joins Risky Business again to talk through the latest bells and whistles in Trufflehog, a security tool that searches for exposed secrets and validates them. The Truffle team has done a lot of work on the remediation part of their product over the last few years, and Dylan tells us all about it! This episode is also available on YouTube Show notes
SummaryRisky Business #832 -- Anthropic unveils magical 0day computer God
Apr 800:53:30Summary readyOn this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s new Mythos model hunts bugs and chains exploits together so well that… you cant have it… …Unless you’re one of their Project Glasswing partners The world isn’t short on bugs, though. F5, Fortinet, Progress ShareFile, and TrueConf are all getting rekt by humans GPU Rowhammering goes in the GPU, past the IOMMU and back into the host-side Nvidia driver North Korea is spending serious time and money on its crypto hacking Just when the US needs CISA most, they slash its budget some more! This week’s episode is sponsored by identity verification firm, Persona. Tying digital actions to actual human identities isn’t just for banking know-your-customer any more. Persona’s Benjamin Crait says know-your-staff checks belong in high-value flows inside your organisation, too. This episode is also available on Youtube. Show notes Claude Mythos Preview \ red.anthropic.com Anthropic Claims Its New A.I. Model, Mythos, Is a Cybersecurity ‘Reckoning’ - The New York Times Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything | WIRED FFmpeg on X: "Thank you to @AnthropicAI for sending FFmpeg patches" / X Critical flaw in F5 BIG-IP faces wide exploitation risk | Cybersecurity Dive React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data | Cybersecurity Dive Critical flaw in FortiClient EMS under exploitation | Cybersecurity Dive Researchers warn of critical flaws in Progress ShareFile | Cybersecurity Dive CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers | The Record from Recorded Future News New Rowhammer attacks give complete control of machines running Nvidia GPUs - Ars Technica North Korea's hijack of one of the web's most used open source projects was likely weeks in the making | TechCrunch Drift crypto platform confirms $280 million stolen in hack as researchers point finger at North Korea | The Record from Recorded Future News Drift on X: "Drift Protocol — Incident Background Update " / X Trump’s FY2027 budget again targets CISA | Cybersecurity Dive CISA’s vulnerability scans, field support on chopping block in Trump budget | Cybersecurity Dive Iranian hackers break into U.S. industrial systems, agencies warn FBI labels suspected China hack of law enforcement data 'a major cyber incident' Russia Hacked Routers to Steal Microsoft Office Tokens – Krebs on Security Massachusetts hospital turning ambulances away after cyberattack | The Record from Recorded Future News Exclusive | 'Ghost Murmur,' a never-used secret tool, deployed to find lost airman in Iran in daring mission A Secure Chat App’s Encryption Is So Bad It Is ‘Meaningless’
SummaryHow the World Got Owned Episode 2: The 1990s, Part One
Apr 300:46:46Summary readyIn this special documentary episode, Patrick Gray and Amberleigh Jack take a look back at hacking throughout the 1990s, from the feel-good vibes of the early hacking communities to the antics of young hackers who wound up on the run from the FBI. Part one features recollections from: Jeff Moss (The Dark Tangent), DefCon and Black Hat founder Chris Wysopal (Weld Pond), L0pht member, co-founder, @Stake Kevin Poulsen (Dark Dante), 1990s hacker turned journalist Elias Levy (Aleph One), author of Smashing the Stack for Fun and Profit, Phrack, 1996 How the World Got Owned is produced in partnership with SentinelOne. Show notes Elias Levy (Aleph1), Former Principle Engineer, Google Kevin Poulsen, Journalist Jeff Moss, DefCon founder Chris Wysopal, @Stake founder, L0pht member Hackers testifying at the United States Senate, May 19, 1998 Hackers May ‘Net’ Good PR for Studio DefCon Archives | DefCon 1 A Not So Terribly Brief History of the Electronic Frontier Foundation Innocent Hackers Want Their Computers Back Breakdowns in Computer Security Unsolved Mysteries, Season 3, Episode 4 The Last Hacker: He Called Himself Dark Dante. His Compulsion Led Him to Secret Files and, Eventually, The Bar of Justice Justia appeal summary, Kevin Poulsen, 1994 Smashing the Stack for Fun and Profit, Phrack Magazine, November 1996 From subversives to CEOs: How radical hackers built today’s cybersecurity industry
SummaryRisky Business #831 -- The AI bugpocalypse begins
Apr 100:59:40Summary readyOn this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Those pesky North Koreans shim a backdoor into a 100M-downloads-a-week npm package TeamPCP appear to have ransacked Cisco’s source and cloud environments AI is getting legitimately good at being told to “just go find some 0day in this” Kaspersky says Coruna and Triangulation do share code lineage Iranian hackers dump Kash Patel’s gmail spool Oh, and of course there’s a Citrix Netscaler memory leak being exploited in the wild This week’s episode is sponsored by Dropzone AI, who make automated AI SOC analysts. Head honcho Ed Wu explains how they’ve built pre-canned ‘hunt packs’ to lead the AI off into your environment to find weird, interesting and security relevant things. This episode is also available on Youtube. Show notes Google links axios supply chain attack to North Korean group | The Record from Recorded Future News Cisco source code stolen in Trivy-linked dev environment breach chiefofautism on X: "someone at ANTHROPIC just showed CLAUDE finding ZERO DAY vulnerabilities in a live conference demo" h0mbre on X: "Claude is somehow better at kernel exploitation than creating meal plans." Vulnerability Research Is Cooked — Quarrelsome MAD Bugs: vim vs emacs vs Claude - Calif MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747) A Risky Biz Experiment: Hunting for iOS 0day with AI - Risky Business Media Security leaders say the next two years are going to be 'insane' | CyberScoop Coruna framework: an exploit kit and ties to Operation Triangulation | Securelist Apple says no one using Lockdown Mode has been hacked with spyware | TechCrunch Reverse engineering Apple’s silent security fixes - Calif Jury finds Meta's platforms are harmful to children in 1st wave of social media addiction lawsuits | PBS News Meta and YouTube found liable in social media addiction trial Iranian hackers publish emails allegedly stolen from Kash Patel Iran Us War: 'Legitimate targets': Iran issues warning to US tech firms including Google, Amazon, Microsoft, Nvidia - The Times of India Drop Site on X: "IRGC: From now on, for every assassination, an American company will be destroyed" OSINTtechnical on X: "Starlink shutdowns are forcing Russian troops even deeper into Ubiquiti’s ecosystem. " Citrix NetScaler products confirmed to be under exploitation | Cybersecurity Dive CISA tells federal agencies to patch Citrix NetScaler bug by Thursday | The Record from Recorded Future News Using a VPN May Subject You to NSA Spying | WIRED Post reporters called the White House. Their phones showed ‘Epstein Island.’ - The Washington Post
SummarySoap Box: Red teaming AI systems with SpecterOps
Mar 2700:30:11Summary readyIn this sponsored Soap Box edition of the show, Patrick Gray and James Wilson talk about red teaming AI systems with Russel Van Tuyl, Vice President of Services at elite penetration testing firm SpecterOps. SpecterOps is the company behind attack path enumeration tool Bloodhound and Bloodhound Enterprise, but they’re also a pentest and red teaming shop with world class expertise in popping shells on all sorts of interesting systems in all sorts of interesting places. This episode is also available on Youtube. Show notes
SummaryRisky Business #830 -- LiteLLM and security scanner supply chains compromised
Mar 2501:03:53Summary readyOn this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They talk through: TeamPCP’s supply chain attack on Github, and they threw in an anti-Iran wiper, because why not?! Anthropic hooks up its models to just… use your whole computer After Stryker’s Very Bad Day, CISA says maybe add some more controls around your Intune? Another iOS exploit kit shows up in the cyber bargain-bin The FTC decides to ban… all new home routers?! U wot m8?! Supermicro founder was personally sanction-busting Nvidia GPUs into China?! This week’s episode is sponsored by enterprise browser maker, Island. Chief Customer Officer Bradon Rogers joins Pat to explain how its customers are using Island to control the use of personal AI services in regulated industries. This episode is also available on Youtube. Show notes ‘CanisterWorm’ Springs Wiper Attack Targeting Iran TeamPCP deploys CanisterWorm on NPM following Trivy compromise Andrej Karpathy on X: "Software horror: litellm PyPI supply chain" attack Checkmarx KICS GitHub Action Compromised: Malware Injected in All Git Tags Felix Rieseberg on X: "Today, we’re releasing a feature that allows Claude to control your computer" A Top Google Search Result for Claude Plugins Was Planted by Hackers Lockheed Martin targeted in alleged breach by pro-Iran hacktivist CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices FBI seems to seize website tied to Iranian cyberattack on Stryker Stryker confirms cyberattack is contained and restoration underway Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild Someone has publicly leaked an exploit kit that can hack millions of iPhones Russia-linked hackers use advanced iPhone exploit to target Ukrainians Apple rolls out first 'background security' update for iPhones, iPads, and Macs to fix Safari bug Post by @wartranslated.bsky.social — Bluesky Signal’s Creator Is Helping Encrypt Meta AI Hacker says they compromised millions of confidential police tips held by US company Millions of 'anonymous' crime tips exposed in massive Crime Stoppers hack Feds Disrupt IoT Botnets Behind Huge DDoS Attacks FCC bans import of consumer-grade routers amid national security concerns White House pours cold water on cyber ‘letters of marque’ speculation Google launches threat disruption unit, stops short of calling it ‘offensive' Supermicro’s cofounder was just arrested for allegedly smuggling $2.5 billion in GPUs to China Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US Man pleads guilty to $8 million AI-generated music scheme Two Israelis AI generated "intelligence" and sold it to Iran
Summary