April 01, 2026

Risky Business #831 -- The AI bugpocalypse begins

Listen Later

59 minutes

On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:

Those pesky North Koreans shim a backdoor into a 100M-downloads-a-week npm package

TeamPCP appear to have ransacked Cisco’s source and cloud environments

AI is getting legitimately good at being told to “just go find some 0day in this”

Kaspersky says Coruna and Triangulation do share code lineage

Iranian hackers dump Kash Patel’s gmail spool

Oh, and of course there’s a Citrix Netscaler memory leak being exploited in the wild

This week’s episode is sponsored by Dropzone AI, who make automated AI SOC analysts. Head honcho Ed Wu explains how they’ve built pre-canned ‘hunt packs’ to lead the AI off into your environment to find weird, interesting and security relevant things.

This episode is also available on Youtube.

Show notes

Google links axios supply chain attack to North Korean group | The Record from Recorded Future News

Cisco source code stolen in Trivy-linked dev environment breach

chiefofautism on X: "someone at ANTHROPIC just showed CLAUDE finding ZERO DAY vulnerabilities in a live conference demo"

h0mbre on X: "Claude is somehow better at kernel exploitation than creating meal plans."

Vulnerability Research Is Cooked — Quarrelsome

MAD Bugs: vim vs emacs vs Claude - Calif

MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)

A Risky Biz Experiment: Hunting for iOS 0day with AI - Risky Business Media

Security leaders say the next two years are going to be 'insane' | CyberScoop

Coruna framework: an exploit kit and ties to Operation Triangulation | Securelist

Apple says no one using Lockdown Mode has been hacked with spyware | TechCrunch

Reverse engineering Apple’s silent security fixes - Calif

Jury finds Meta's platforms are harmful to children in 1st wave of social media addiction lawsuits | PBS News

Meta and YouTube found liable in social media addiction trial

Iranian hackers publish emails allegedly stolen from Kash Patel

Iran Us War: 'Legitimate targets': Iran issues warning to US tech firms including Google, Amazon, Microsoft, Nvidia - The Times of India

Drop Site on X: "IRGC: From now on, for every assassination, an American company will be destroyed"

OSINTtechnical on X: "Starlink shutdowns are forcing Russian troops even deeper into Ubiquiti’s ecosystem. "

Citrix NetScaler products confirmed to be under exploitation | Cybersecurity Dive

CISA tells federal agencies to patch Citrix NetScaler bug by Thursday | The Record from Recorded Future News

Using a VPN May Subject You to NSA Spying | WIRED

Post reporters called the White House. Their phones showed ‘Epstein Island.’ - The Washington Post

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Risky Business Media

4.6

364364 ratings

April 01, 2026

Risky Business #831 -- The AI bugpocalypse begins

Listen Later

59 minutes

On this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:

Those pesky North Koreans shim a backdoor into a 100M-downloads-a-week npm package

TeamPCP appear to have ransacked Cisco’s source and cloud environments

AI is getting legitimately good at being told to “just go find some 0day in this”

Kaspersky says Coruna and Triangulation do share code lineage

Iranian hackers dump Kash Patel’s gmail spool

Oh, and of course there’s a Citrix Netscaler memory leak being exploited in the wild

This week’s episode is sponsored by Dropzone AI, who make automated AI SOC analysts. Head honcho Ed Wu explains how they’ve built pre-canned ‘hunt packs’ to lead the AI off into your environment to find weird, interesting and security relevant things.

This episode is also available on Youtube.

Show notes

Google links axios supply chain attack to North Korean group | The Record from Recorded Future News

Cisco source code stolen in Trivy-linked dev environment breach

chiefofautism on X: "someone at ANTHROPIC just showed CLAUDE finding ZERO DAY vulnerabilities in a live conference demo"

h0mbre on X: "Claude is somehow better at kernel exploitation than creating meal plans."

Vulnerability Research Is Cooked — Quarrelsome

MAD Bugs: vim vs emacs vs Claude - Calif

MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)

A Risky Biz Experiment: Hunting for iOS 0day with AI - Risky Business Media

Security leaders say the next two years are going to be 'insane' | CyberScoop

Coruna framework: an exploit kit and ties to Operation Triangulation | Securelist

Apple says no one using Lockdown Mode has been hacked with spyware | TechCrunch

Reverse engineering Apple’s silent security fixes - Calif

Jury finds Meta's platforms are harmful to children in 1st wave of social media addiction lawsuits | PBS News

Meta and YouTube found liable in social media addiction trial

Iranian hackers publish emails allegedly stolen from Kash Patel

Iran Us War: 'Legitimate targets': Iran issues warning to US tech firms including Google, Amazon, Microsoft, Nvidia - The Times of India

Drop Site on X: "IRGC: From now on, for every assassination, an American company will be destroyed"

OSINTtechnical on X: "Starlink shutdowns are forcing Russian troops even deeper into Ubiquiti’s ecosystem. "

Citrix NetScaler products confirmed to be under exploitation | Cybersecurity Dive

CISA tells federal agencies to patch Citrix NetScaler bug by Thursday | The Record from Recorded Future News

Using a VPN May Subject You to NSA Spying | WIRED

Post reporters called the White House. Their phones showed ‘Epstein Island.’ - The Washington Post

...more

More shows like Risky Business

Hacked by Hacked

Hacked

187 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,011 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

372 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

651 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,028 Listeners

Smashing Security by Graham Cluley

Smashing Security

317 Listeners

Click Here by Recorded Future News

Click Here

418 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,077 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

175 Listeners

Hacking Humans by N2K Networks

Hacking Humans

315 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

195 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

139 Listeners

Risky Bulletin by Risky Business Media

Risky Bulletin

45 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

168 Listeners