Risky Business Features

In this solo podcast episode, James Wilson breaks down the current state of AI model jailbreaks.

If you’ve somehow missed the story, last week Anthropic released its Fable 5 and Mythos 5 models to the public. In the name of safety, both models were guardrailed up the wazoo, but that didn’t stop a bunch of jailbreakers from figuring out how to bypass at least some of their safety restrictions.

In response to these guardrail bypasses the White House issued an export control directive on the models, citing national security concerns. But was the Trump administration right to do this? Do these jailbreaks represent a threat to the security of the USA, or was the export restriction overkill? Tune in to find out!



Show notes



Pliny the Elder on Fable 5 Jailbreak


whoJumper's response to Pliny


ConfusedPilot: Confused Deputy Risks in RAG-based LLMs

In this podcast episode, James Wilson is joined by Open Source Malware Security co-founder Paul McCarty to talk about the supply chain attack mitigations coming in NPM v12.

NPM disabling (by default) auto-run install scripts and dynamic dependencies is a positive step forward… but it’ll take years for this new version to be adopted, and these changes do nothing to prevent malicious packages being imported into projects.

Further, Paul thinks disabling these features by default will introduce friction that will cause them to be re-enabled. When the choice is “this builds” and “this is less prone to malware”, the former will always win.



Show notes

In this podcast Brad Arkin joins James Wilson to talk about how the fear of being left behind in the AI era means enterprises are taking risks that would have been considered insane just a couple of years ago.

Fears around outages or being hacked have been trumped by fears of being labelled an AI laggard.

So where are we all going? Say hello to tech debt-riddled, vibe-coded apps, crazy dependencies on AI providers, and an emerging threat landscape that can’t be mitigated by a contemporary SOC. Sounds like fun, eh?



Show notes

In this solo episode, James Wilson takes a detailed look at TeamPCP.

It started off by launching clumsy attacks against misconfigured Kubernetes clusters in September 2025. But by February this year, TeamPCP had skilled up and was smashing global software supply chains in the highest profile attacks of 2026.

TeamPCP upskilled and turned the software development ecosystem into its personal credential harvesting machine.

Here’s how TeamPCP did it, and what we can learn from it.



Show notes

In this podcast James Wilson chats with Brad Arkin about why software supply chain attacks have gone from rare, once-in-a-while disasters to an operational problem affecting mainstream enterprises almost daily.

AI has made attackers faster, and “vibe coding” means the number of environments pulling packages from the internet has gone to the moon. It also means legacy tooling that seeks out the bad packages and cleans them up isn’t enough. Package cooldown windows won’t fix this either.

But all hope is not lost! Tune in to this podcast to find out how you can get a grip on the disaster de jour!



Show notes