About
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:
Low skill actors compromise 600 Fortinets with AI-generated playbooks
Anthropic calls out Chinese AI firms over model distillation
Meta’s director of AI safety tells her ClawdBot not to delete her mail… so of course it does
Peter Williams cops 7 years in jail for selling L3 Harris Trenchant’s exploits to Russia
Ivanti got hacked in 2021 via… bugs in Ivanti
This episode is sponsored by line-rate network capture system Corelight. CEO Brian Dye joins to discuss what AI can do for defenders, and what it can’t.
This episode is also available on Youtube.
Show notes
AI-augmented threat actor accesses FortiGate devices at scale
"this reads to me like: they ran existing tools.... but with a cool dashboard :D"
Anthropic accuses Chinese labs of trying to illicitly take Claude’s capabilities | CyberScoop
Detecting and preventing distillation attacks
Hegseth warns Anthropic to let the military use the company’s AI tech as it sees fit, AP sources say
Anthropic Rolls Out Embedded Security Scanning for Claude
AWS's AI Coding Bot Kiro Caused a 13-Hour Outage
Running OpenClaw safely: identity, isolation, and runtime risk
Former Adobe, Cisco and Salesforce CISO talks AI pentesting
History Repeats: Security in the AI Agent Era
Meta Director of AI Safety Allows AI Agent to Accidentally Delete Her Inbox
Microsoft says Office bug exposed customers' confidential emails to Copilot AI | TechCrunch
The (tangential) fix: Microsoft adds Copilot data controls to all storage locations
Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker
Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools
Risky Bulletin: Russia starts criminal probe of Telegram founder Pavel Durov
Ukraine pushes tighter Telegram regulation, citing Russian recruitment of locals
The watchers: how openai, the US government, and persona built an identity surveillance machine that files reports on you to the feds
Persona emails customers saying they don’t work with ICE or DHS amid ‘surveillance’ claims
Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513
Ivanti hacked in 2021 via its own product
Fed agencies ordered to patch Dell bug by Saturday after exploitation warning | The Record from Recorded Future News
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day