August 06, 2025

Risky Business #801 -- AI models can hack well now and it's weirding us out

Listen Later

1 hour 6 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.

This episode explores the rise of AI-powered bug hunting:

Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects

The XBOW AI bug hunting platform sees success on HackerOne

Is an AI James Kettle on the horizon?

There’s also plenty of regular cybersecurity news to discuss:

On-prem Sharepoint’s codebase is maintained out of China… awkward!

China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?

SonicWall advises customers to turn off their VPNs

Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs

Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.

The Russian government pushes VK’s Max messenger for everything

This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.

This episode is also available on Youtube.

Show notes

Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch

Is XBOW’s success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop

James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published 😂 maybe the countdown timer is just too ominous!

Risky Bulletin: China with the accusations again - Risky Business Media

美情报机构频繁对我国防军工领域实施网络攻击窃密

SharePoint Exploit: Microsoft Used China-Based Engineers to Maintain the Software — ProPublica

China fears Nvidia chips could track, trace and shut down its AIs - Asia Times

SonicWall urges customers to take VPN devices offline after ransomware incidents | The Record from Recorded Future News

Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity

ReVault! When your SoC turns against you…

Nearly 100,000 ChatGPT Conversations Were Searchable on Google

Microsoft catches Russian hackers targeting foreign embassies - Ars Technica

The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware | WIRED

Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats | Microsoft Security Blog

Russia blocks popular US-made internet speed test tool over national security concerns | The Record from Recorded Future News

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Risky Business Media

4.6

364364 ratings

August 06, 2025

Risky Business #801 -- AI models can hack well now and it's weirding us out

Listen Later

1 hour 6 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.

This episode explores the rise of AI-powered bug hunting:

Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects

The XBOW AI bug hunting platform sees success on HackerOne

Is an AI James Kettle on the horizon?

There’s also plenty of regular cybersecurity news to discuss:

On-prem Sharepoint’s codebase is maintained out of China… awkward!

China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?

SonicWall advises customers to turn off their VPNs

Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs

Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.

The Russian government pushes VK’s Max messenger for everything

This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.

This episode is also available on Youtube.

Show notes

Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch

Is XBOW’s success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop

James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published 😂 maybe the countdown timer is just too ominous!

Risky Bulletin: China with the accusations again - Risky Business Media

美情报机构频繁对我国防军工领域实施网络攻击窃密

SharePoint Exploit: Microsoft Used China-Based Engineers to Maintain the Software — ProPublica

China fears Nvidia chips could track, trace and shut down its AIs - Asia Times

SonicWall urges customers to take VPN devices offline after ransomware incidents | The Record from Recorded Future News

Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity

ReVault! When your SoC turns against you…

Nearly 100,000 ChatGPT Conversations Were Searchable on Google

Microsoft catches Russian hackers targeting foreign embassies - Ars Technica

The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware | WIRED

Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats | Microsoft Security Blog

Russia blocks popular US-made internet speed test tool over national security concerns | The Record from Recorded Future News

...more

More shows like Risky Business

Hacked by Hacked

Hacked

187 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,011 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

372 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

651 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,028 Listeners

Smashing Security by Graham Cluley

Smashing Security

317 Listeners

Click Here by Recorded Future News

Click Here

418 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,077 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

175 Listeners

Hacking Humans by N2K Networks

Hacking Humans

315 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

195 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

139 Listeners

Risky Bulletin by Risky Business Media

Risky Bulletin

45 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

168 Listeners