171 episodes
- In this wholly sponsored Soap Box edition of the podcast Patrick Gray chats with Damien Lewke, the CEO and founder of Nebulock, about the future of threat hunting and detection.
Damien spent a decade in the EDR and MDR space before founding Nebulock in 2024. It started off as an AI-powered threat hunt platform but has evolved into a broader security data platform that can answer questions, drive hunts and drive detections.
This product is engineered around the idea that a lot of security is a data problem. So, if we accept this premise, how do we solve security? And how much of that solution is about agents, vs building a good graph? And if you’re going to build a good graph, do you want to build it for a person to use, or an agent to use?
This is truly a conversation for the security nerd’s nerd. Enjoy!
This episode is also available on YouTube
Show notes - On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
Anthropic’s Fable 5 returning while OpenAI’s GPT-5.6 gets thrown in model jail
Distillation, cheap tokens, and AI chat harvesting is an industry in China
Edge becomes a lolbin via a new malicious extension
An Iranian APT boss’s vacation in a beautiful place goes wrong
Much, much more!
In this week’s sponsor interview Daf Stuttard and Katie Warren from Portswigger pop along to talk about how they built an AI security testing product that people would actually feel comfortable using.
This episode is also available on YouTube.
Show notes
Anthropic (@AnthropicAI) on X | X (formerly Twitter)
Howard Lutnick (@howardlutnick) on X | X (formerly Twitter)
U.S. government gives Anthropic green light for limited re-release of Mythos 5 | NBC News Tech
OpenAI limits GPT-5.6 rollout after government request | TechCrunch
The U.S. government will decide who gets to use the latest American AI technology | washingtonpost.com
Anthropic says Alibaba illicitly extracted Claude AI model capabilities | reut.rs
How to Buy Cheap Claude Tokens in China |
Alex Stamos (@alexstamos) on X | X (formerly Twitter)
Synthesis of Exploitarium Mass Zero-Day Disclosure | detections.ai
Mythos on your desk? Using local LLMs for code reviews | Risky Business Media
Beyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews | Security Research Labs
Accelerating EDR Evasion with LLM-Driven Analysis | SpecterOps
CISA: Windows BlueHammer flaw now exploited by ransomware gangs | BleepingComputer
When cybercriminals hire burglars: Inside an alleged Russian effort to infiltrate multibillion-dollar US law firms | CNN Politics | Social Signals
Microsoft quietly extends free Windows 10 ESU support to October 2027 | BleepingComputer
Edgecution: Malicious Edge Extension Backdoor | ThreatLabz | Social Signals
Bluekit phishing kit adopts browser-in-the-middle for login theft | BleepingComputer
New macOS malware embeds fake errors to confuse AI analysis tools | BleepingComputer
DraftKings hacker 'Snoopy' sentenced to 18 months in prison | BleepingComputer
Polymarket says hackers stole users’ funds | TechCrunch Security
Australia's spy chief warns of rising terror and cyber threats | japantimes.co.jp
Russian hackers were behind $2.5 billion hack of Jaguar Land Rover: Report | TechCrunch Security
Iranian national sought by US on hacking charges arrested in Montenegro | apnews.com
[un]prompted.au - AI x CyberSecurity: Notes from the Field: Call for Speakers | - On this week’s show special guest co-host Rob Joyce joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Rob served as an advisor to Donald Trump during his first term as president and also served at NSA for 34 years. While at the agency, Joyce led Tailored Access Operations (TAO), and later became NSA’s Director of Cybersecurity.
They cover:
The surprisingly well done Fortibleed campaign
Stolen Klue OAuth tokens lead to Salesforce data theft
OpenAI wants to patch the planet
runZero gets acquired by Accenture, congrats HD Moore!
Much, much more!
This episode is also available on YouTube.
Show notes
FortiBleed campaign used custom FortiGate sniffer to steal credentials | BleepingComputer
FortiBleed: Fortinet device credential compromise expands into broader credential-attack guidance | unit42.paloaltonetworks.com
Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world | TechCrunch Security
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks | BleepingComputer
Polymarket (@Polymarket) on X | X (formerly Twitter)
The Korean telecom giant at the center of Anthropic’s Mythos controversy | wrd.cm
Beyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews - SRLabs Research | SRLabs
OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos | wired.com
Sponsored: Trail of Bits and OpenAI patch the planet | Risky Bulletin
Intel agencies: Frontier AI models will reshape cybersecurity faster than expected | cyberscoop.com
Embedding Forbidden Text in Spyware to Discourage AI Analysis | Schneier on Security
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak | TechCrunch Security
USB worm spreads crypto-stealing malware via Windows shortcut files | BleepingComputer
Android verification is coming: Google confirms timeline and supported app stores | Ars Technica
California water utility probes breach claim by Iran-linked actor | Cybersecurity Dive
Suspected cyberattack triggers false emergency alerts across parts of Brazil | The Record
Tesco moving 40,000 server workloads off VMware amid Broadcom's "abusive conduct" | Ars Technica
Trump directs federal agencies to protect US data from quantum threats | therecord.media
Accenture shells out $4.18B on three companies in big industrial cybersecurity push | cyberscoop.com - On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:
Anthropic’s Fable 5 and Mythos 5 get nuked by the US government four days after launch “because security”
Why “guardrails” won’t keep the world safe from your AI doomsday machine
The FISA 702 statute expired, but the spying can (probably) continue!
NPM v12 delivers some protection against supply chain attacks, but not enough.
Microsoft has a series of bugs that prevent Windows Update from … updating
Much, much more!
This episode is also available on YouTube
Show notes
Anthropic suspends new AI models after government directive | NBC News Tech
Anthropic rankles users with safety-first Fable release | NBC News Tech
How a 90-minute White House deadline sparked Silicon Valley’s biggest AI fight | washingtonpost.com
Pete Hegseth (@PeteHegseth) on X | X (formerly Twitter)
David Sacks (@DavidSacks) on X | X (formerly Twitter)
DoW CIO Kirsten Davies (@DoWCIODavies) on X | X (formerly Twitter)
David Shulman (@DavidShulmanFL) on X | X (formerly Twitter)
Controversial FISA spying law expires tonight. The spying will continue. | Ars Technica
GitHub announces npm security changes to tackle supply-chain attacks | BleepingComputer
Why NPM v12 won’t stop supply chain attacks - Risky Business Media | Social Signals
Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks | BleepingComputer
Microsoft patches Exchange Server zero-day exploited in attacks | BleepingComputer
Max severity Ivanti Sentry vulnerability now exploited in attacks | BleepingComputer
CISA warns of another cPanel plugin flaw exploited in attacks | BleepingComputer
Critical Fortinet FortiSandbox flaws now exploited in attacks | BleepingComputer
CISA orders feds to patch actively exploited Ivanti flaw by Sunday | BleepingComputer
CISA to require federal agencies to patch some cyber vulnerabilities within 3 days | therecord.media
Path traversal flaw in AI dev platform Langflow exploited in attacks | BleepingComputer
Microsoft: Some Windows PCs fail to install latest monthly updates | BleepingComputer
Microsoft fixes BitLocker recovery bug on Windows Server 2025 | BleepingComputer
Microsoft fixes Windows update failures linked to WUSA installer | BleepingComputer
New attack turned Microsoft 365 Copilot into 1-click data theft tool | BleepingComputer
Over 73,000 French govt employees affected in Tchap messenger breach | BleepingComputer
Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps | wired.com
FBI disrupts massive AI-powered phishing service using a million URLs | BleepingComputer
Cyberattack shuts down major Australian sugar mills, disrupting harvest | The Record
Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts, Report Finds | wired.com
It Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests | 404.feed.press
Who Runs the Ransomware Group ‘The Gentlemen?’ | krebsonsecurity.com
:brdKnife: (@cR0w@infosec.exchange) | Infosec Exchange - On this week’s show special guest co-host Chris Wade, the founder of Corellium turned Cellebrite CTO, joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news.
They cover:
Microsoft has repos owned, GitHub tokens popped, and a new 0day dropped on them
Meanwhile, researchers are choosing full disclosure instead of engaging MSRC
Meta’s AI support agent allowed a staggering 20,000 accounts to be stolen!
Apple pulls Russia’s MAX messenger from the App Store and disables notifications
Anthropic gives the public our first Mythos-class model but it won’t do cybersecurity work
Stripe and Google Tag Manager used in eCommerce website hack campaign
And much, much more!
This week’s show is brought to you by runZero. HD Moore, runZeros’ founder, drops by in this week’s sponsor interview to talk about the AI vibe shift. Everyone is very worried about getting owned all of a sudden, and it’s really changing the cybersecurity business.
This episode is also available on YouTube.
Show notes
Microsoft Hacked to Deliver Malware to Claude and Gemini Users | 404.feed.press
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process | therecord.media
Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges | BleepingComputer
Microsoft breaks Patch Tuesday record with 206 vulnerabilities | CyberScoop
chompie1337 | X
WhatsApp says NSO targeted users with spearfishing attacks in violation of court order | therecord.media
Over 20,000 Instagram accounts stolen in Meta AI support hack | BleepingComputer
New Apple feature automatically changes your compromised passwords | BleepingComputer
Apple removes Russia’s state-backed messaging app Max from its store | therecord.media
Exclusive: Anthropic's Mythos can exploit new flaws in hours |
Anthropic’s new model is Mythos on a leash | CyberScoop
Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe’ Version for the Rest of You | wired.com
OpenClaw AI agent found falling for phishing attacks, spills user data | BleepingComputer
OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks | TechCrunch Security
Hands on with Intelligent Terminal, an AI-powered Windows Terminal | BleepingComputer
Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms | Mandiant
Check Point warns of zero-day flaw targeted by ransomware affiliate | Cybersecurity Dive
ServiceNow discloses security incident exposing customer data | BleepingComputer
Credit card theft campaign abuses Stripe to host stolen payment info | BleepingComputer
CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand | Cybersecurity Dive
The U.S. Military Quietly Turned GPS Into a Global ‘Numbers Station,’ Evidence Suggests | 404.feed.press
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute | BleepingComputer
Google has quietly cut staff across its Cloud business | businessinsider.com
More News podcasts
Trending News podcasts
About Risky Business
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Podcast websiteListen to Risky Business, The Intelligence from The Economist and many other podcasts from around the world with the radio.net app

Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features
Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features


Risky Business
Scan code,
download the app,
start listening.
download the app,
start listening.
Risky Business: Podcasts in Family





























