Risky Bulletin

Tom Uren and James Wilson talk about Tom’s trip to NATO’s Cyber Conflict conference. NATO countries want to bulk up their cyber efforts, and the pair discuss what that could look like. They also look at the US military’s admission that commercial location data was used to target personnel involved in Epic Fury, the US war on Iran. This is not surprising at all, and is just the most visible manifestation of the national security risks of this kind of data sloshing around. If Iran is analysing this data in wartime, China is doing it in peacetime for intelligence and counter-espionage purposes. This episode is also available on YouTube Show notes

Russia’s FSB calls out a Western spyware operation, high-profile Instagram accounts hijacked via Meta’s AI support agents, Red Hat npm packages were compromised in another supply chain attack, and ten percent of domains registered last year were malicious. Show notes Risky Bulletin: A tenth of all new domains last year were malicious

In this edition of Between Two Nerds Tom Uren and The Grugq talk about the ways in which intelligence agencies are just like cults. This episode is also available on YouTube Show notes

A new Palo Alto Networks firewall bug is being exploited in the wild, Russia expands SORM surveillance, NIST is looking for new post quantum algorithms, and ENSOC launches in Europe. Show notes Risky Bulletin: Russia greatly expands SORM surveillance requirements

In this sponsored interview Casey Ellis chats with Truffle Security’s founder and CEO Dylan Ayrey about the recent CISA secrets leak. Days after Brian Krebs ran the story, plenty of the exposed credentials were still live, including an admin-level GitHub app key with full rights over CISA’s org. Dylan walks through why deleting the repo doesn’t fix anything, why most cloud vendors won’t hard-revoke exposed keys (OpenAI and Slack will; AWS, Google and friends mostly won’t), why Hugging Face datasets now hold more secrets than GitHub itself, and what the next generation of multi-provider credential-harvesting supply chain worms is going to look like. Show notes

Dutch police take down a botnet of 17 million devices, US military staff have been tracked with ad-tech location data, a Google engineer is arrested for insider trading on Polymarket, and Gogs and the Casdoor IAM leave major bugs unpatched. Show notes Risky Bulletin: Dutch police take down giant botnet of 17 million devices

Iran will reconnect to the Internet, a new vulnerability lets attackers bypass authentication on AI infrastructure, hackers breach Lithuania’s state registry, security firms take down the Glassworm botnet, and CERT India releases strict patching advice. Show notes Risky Bulletin: BadHost vulnerability bypasses authentication on AI infrastructure

Anthropic says Mythos has found thousands of critical bugs, hackers leak documents from a Russian disinfo group, GitHub rolls out new npm security features, and Dutch police raid two bulletproof hosting providers. Show notes Risky Bulletin: Mythos has found thousands of critical bugs

In this sponsored interview James Wilson chats with Sondera CEO Josh Devon about why guardrails and instruction files aren’t enough to keep AI agents from going haywire. EDR, DLP and other traditional controls can’t and won’t prevent agents from going rogue. Josh explains Sondera’s “principle of least autonomy” for agents: let them do useful work, but put them in a deterministic policy harness so they can’t leak secrets, abuse tools or wander off-task. Show notes

Microsoft ends support for SMS MFA on personal accounts, GitHub was hacked via a malicious VS Code extension, CISA will let researchers submit new KEV entries, and an SMS blaster was detained at Eurovision. Show notes Risky Bulletin: Microsoft ends SMS MFA for personal accounts

Tom Uren and James Wilson talk about moves from several European governments to ditch Signal and set up their own encrypted messaging systems for internal government use. These efforts are motivated by concerns about phishing and sovereignty, but the solutions being adopted are imperfect and will come with their own set of problems. Signal fills a space that can’t be filled with sovereign capability. They also talk about Fast16 malware. We are only now learning about the second arm of a mid-2000s campaign to delay Iran’s nuclear weapons program that included the infamous Stuxnet worm. This episode is also available on YouTube Show notes

Microsoft disrupts a malware-signing service used by ransomware gangs, a CISA contractor leaks sensitive GovCloud keys, vulnerability exploitation is now the dominant network entry vector, and Drupal readies security updates for a “highly critical” vulnerability. Show notes Risky Bulletin: Microsoft takes down MSaaS used by ransomware gangs

In this edition of Between Two Nerds Tom Uren and The Grugq look at Department 4 of Bauman Moscow State Technical University where students learn how to hack for the state. Its curriculum is extremely explicit about how the hacking and propaganda operations are relevant to state operations. They discuss whether this is an advantage for Russia’s cyber program and look at what Western intelligence agencies do instead. This episode is also available on YouTube. Show notes The GRU's Hogwarts Vlodymyr Styran's substack BTN92 with Alex Joske, how the MSS became a cyber juggernaut

Indonesia emerges as a new cyber scam hub, Grafana got hacked and held for ransom, the Fast16 malware subverted software used to simulate nuclear explosions, and a new Microsoft Exchange zero-day is under attack. Show notes Risky Bulletin: Indonesia emerges as a new hub for cyber scams

In this sponsored interview James Wilson chats with Push Security’s Chief Research Officer Jacques Louw about how the company has integrated an army of AI agents into its threat detection platform. Not only has agentic AI led to the discovery of Install Fix campaigns, but it will help simplify the platform for new customers. Show notes

The source code for the Shai-Hulud worm has been released online, a dark web market admin was charged after a major OPSEC failure, France investigates an Israeli disinfo firm, and ‘Composer’ rushes to fix a GitHub token leak. Show notes Risky Bulletin: Shai-Hulud goes open-source

Tom Uren and James Wilson talk about the argy bargy within the Trump administration about AI regulation. They cover who is fighting, what is at stake and what the real areas of concern are. They also cover low earth orbit satellite constellations. Russia’s building one, the EU has plans and China is building two. They are the new must-have accessory for any country with global ambitions. This episode is also available on YouTube Show notes

RubyGems disables sign-ups after an attack on staff, Instructure paid the ransom, the Gentlemen ransomware operation gets hacked, and another major supply chain attack on npm (yawn). Show notes Risky Bulletin: RubyGems disables sign-ups after attack on staff

In this edition of Between Two Nerds Tom Uren and The Grugq discuss why it makes even more sense for criminal organisations to adopt AI as compared to regular businesses. This episode is also available on YouTube. Show notes Microsoft's 2026 Work Trend Index Annual Report Cybersecurity Looks Like Proof of Work Now On the Hunt for FIN7

The FCC relaxes its foreign router ban to allow for security updates, the ShinyHunters group disrupts schools across the globe, a 21-year-old remote code execution bug turns up in FreeBSD, and another Linux privilege escalation bug was disclosed… without a patch. Show notes Risky Bulletin: FCC relaxes foreign router ban to allow for security updates

In this sponsored interview Patrick Gray chats with Knocknoc CEO Adam Pointon about their Greynoise integration. Knocknoc allowlists network connections from users’ IPs after they’ve been through an SSO challenge. It’s great for protecting vulnerable or risky assets that your org has to connect to the internet. But what happens when one of your users tries to authenticate from a bad IP? You probably don’t want to add that one to your allowlist! Thanks to Knocknoc’s new Greynoise integration, you don’t have to! Show notes

Palo Alto Networks patches a firewall zero-day, Google patches an Android remote takeover bug, Ivanti also patches one, and a leak exposes Russia’s spy and hacker school. Show notes Risky Bulletin: Google patches Android remote takeover bug

Tom Uren and James Wilson talk about the sudden drive to put regulation around the releases of new AI models because of their cyber security implications. A standardised approach is desirable, but clamping down too hard won’t achieve as much as might be hoped. Experts with older or even open models can get just as far as novices with the latest models. They also discuss Australia’s new Cyber Incident Review Board. It has been hamstrung and won’t be as successful as it could be because it can’t assign blame. This episode is also available on YouTube Show notes

The DAEMON Tools website was hit in a targeted supply chain attack, Australia gets its own CSRB, the US arrests a wanted VOIP server hacker after 17 years, and Oracle switches to monthly security updates. Show notes Risky Bulletin: Extremely targeted supply chain attack hits DAEMON Tools

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the breakdown of cyber norms. What would have been an unthinkable cyber operation just a few years ago is now a regular occurrence. This episode is also available on YouTube. Show notes Fast16 analysis by SentinelOne Fast16 malware Zero Day on the wiper targeting Venezuela's state oil company

DigiCert got hacked via a malicious screensaver file, two ransomware negotiators each get four years in prison, Trellix discloses a security breach, and another Russian hacker gets arrested while vacationing in the wrong place. Show notes Risky Bulletin: DigiCert hacked with a malicious screensaver file

In this sponsored interview, James Wilson talks with James Kettle and Daf Stuttard from PortSwigger about the incredible research James will unveil at Black Hat US this July, and how that research will be productised into Burp Suite. It shouldn’t be surprising that when James Kettle bolts an LLM into his research methodology that insanely dangerous things happen. This interview is a window into the future of AI-enabled hacking and security testing. This interview is also available on YouTube. Show notes

The Copy Fail vulnerability impacts all Linux distros going back to 2017, hackers are exploiting a cPanel auth bypass, every Moldovan citizen has their data stolen, and some scam compounds got raided raided… in Dubai. Show notes Risky Bulletin: The mysterious hack of Moldova's healthcare database

Tom Uren and Amberleigh Jack talk about the US government stepping in to fight ‘distillation attacks’ by Chinese AI labs. These are methods used to steal the special sauce of frontier AI models simply by asking questions. They also discuss the wide-spread shift amongst Chinese threat actors to using botnets for all aspects of their operations. It’s a problem for defenders, but also a disruption opportunity for authorities. This episode is also available on YouTube. Show notes

Ukrainians hack Russian satellites, Vimeo is being extorted, Greece wants to ban anonymity on social media, and a Scattered Spider hacker was arrested in Finland. Show notes Risky Bulletin: UK NCSC blasts SOC metrics

In this edition of Between Two Nerds Tom Uren and The Grugq discuss what the North Korean hack of Drift can tell us about the future of hacking. This episode is also available on YouTube. Show notes Drift Protocol incident update on X Cointelegraph coverage CredShields incident post-morten

A fingerprinting technique can track Tor users, Intellexa had an American exploit provider, the US accuses China of copying its AI, and the US router ban also covers WiFi hotspots. Show notes Risky Bulletin: New fingerprinting technique can track Tor users

In this Risky Business sponsored interview Casey Ellis chats to runZero’s founder and CEO HD Moore about runZero’s new release: 4.9. It drops this week and doubles down on OT scanning. Animated world and network maps add another layer to visualisation and for those that have been asking: yes, there’s a dark mode. Show notes

Sean Plankey withdraws his CISA Director nomination, Russians hacked the Bundestag President, Discord users gain unauthorised access to Anthropic’s Mythos, and the US sanctions a Cambodian senator for running cyber scam compounds. Show notes Risky Bulletin: There are now SIM-Farm-as-a-Service providers

Tom Uren and James Wilson talk about the French criminal investigation into bias and illegal content on X. Elon Musk and former X CEO Linda Yaccarino didn’t appear for voluntary interviews scheduled this week, but refusing meetings won’t make X’s problems go away. European countries are concerned about X’s influence and regulators will be exploring all other options beyond criminal investigations. They also discuss the fight to renew authorisation of Section 702 collection. It’s a valuable intelligence source, but in the past the FBI pointlessly overused it. This episode is also available on YouTube Show notes

A Former FBI official wants terrorism designations for some ransomware groups, China threatens the EU over new cybersecurity regulations, Europe commits to €180 million for a sovereign cloud and a novel data wiper was found in Venezuela during US military operations. Show notes Risky Bulletin: Former FBI official calls for terrorism designations for ransomware groups that target hospitals and critical infrastructure

In this edition of Between Two Nerds Tom Uren and The Grugq take a deep dive into how a single hacker used OpenAI and Anthropic’s tools to help hack nine Mexican government organisations in quick time. This episode is also available on YouTube. Show notes Gambit security report

ShinyHunters claim credit for the Vercel hack, a malware strain attempted to sabotage Israel’s water system, the US government wants access to Mythos, and a Supreme Court hacker gets probation. Show notes Risky Bulletin: New malware tries to sabotage Israel's water system but fails because it's buggy

In this Risky Business sponsor interview, Catalin Cimpanu talks with Sydney Marrone, Head of Threat Hunting at Nebulock, about hunting shadow AI agents on corporate networks. Show notes Sydney Marrone LinkedIn profile Hunting OpenClaw and Agentic AI Through Behavior

NIST says it won’t be enriching most CVEs, Russian hackers tried to disrupt a Swedish power plant, the EU releases its age verification app, and OpenAI announces its own private cyber model. Show notes Risky Bulletin: NIST gives up enriching most CVEs

Tom Uren and Amberleigh Jack talk about a new Citizen Lab report into Webloc, a tool to identify and track mobile devices. It demonstrates how the collection and sale of mobile phone geolocation data presents privacy and national security risks. They also discuss a deep-dive into how a single hacker was able to breach nine Mexican government agencies in just weeks using AI assistants. They enabled the attacker to move much faster. This episode is also available on YouTube Show notes Citizen Lab's Webloc report Gambit's Mexican hack analysis

Researchers find malicious LLM proxy routers, a fake Ledger crypto-wallet on the Mac App Store stole $10 million dollars, a ransomware crew leaks data from 38 law firms, and Google cracks down on back button hijacking. Show notes Risky Bulletin: Malicious LLM proxy routers found in the wild

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how the rise of AI, which is very good at vulnerability and exploit development, will change the cyber security industry and competition between states. This episode is also available on YouTube Show notes The Grugq on X: People are freaking out about an impending flood of 0days Patrick Gray with former NSA and CIA cyber leaders

France prepares to ditch Windows for Linux, OpenAI was impacted by the Axios supply chain attack, Rockstar Games gets hacked again, and Adobe patches a reader zero-day. Show notes Risky Bulletin: France takes first steps to ditch Windows for Linux

In this sponsored interview, Corelight’s Senior Director of Product Management, Dave Getman, tells James Wilson how Corelight Agentic Triage helps defenders stay ahead of AI-powered attacks. Corelight makes NDR hardware that runs a heavily optimised version of the Zeek network monitoring tool. Corelight Agentic Triage integrates with EDR and other data sources, and helps defenders make sense of all the data that NDR can generate. Show notes

The FBI extracted Signal chats from iPhone notifications logs, Los Angeles police data was leaked online, a former Meta employee is under investigation for downloading private photos, and an Adobe Reader zero-day is being exploited in the wild. Show notes Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs

Tom Uren and Amberleigh Jack talk about the State Department taking to X to counter foreign propaganda. US Secretary of State Marco Rubio dismantled the State Department’s counter-propaganda office when he took charge, but it turns out that giving adversary states free reign online is a bad idea. They also discuss how America’s lawful intercept systems are high value targets for Chinese hackers. It’s a big deal that part of the FBI’s lawful intercept system has been breached and it is high time that the security of these systems was reviewed. This episode is also available on Youtube. Show notes

Cybercrime losses surpassed $20 billion last year, authorities disrupt a Russian router botnet that intercepted email logins, Iran hacks PLCs across the US, and exploitation hits ComfyUI and Flowise-AI-servers. Show notes Risky Bulletin: Cybercrime losses passed $20 billion last year

In this edition of Between Two Nerds Tom Uren and The Grugq discuss how Iran’s cyber forces have been used during the ongoing war so far. Show notes The Financial Times on the plan to kill Ali Khamenei Israel National News, 50 companies wiped

Cambodia prepares harsher prison terms for scam compound operators, an Italian museum moves valuables into a bank vault after a cyberattack, hackers exploit a bug in Vite-based apps and sites, and a supply chain attack hits an e-learning platform. Show notes Risky Bulletin: New Cambodian law will put scam compound operators in prison for life