Risky Bulletin

Law enforcement dismantles two more malware operations, Japan’s army used infected USB drives, Anthropic accuses Alibaba of distillation attacks, and Australia finds “digital dynamite” on critical networks.



Show notes



Risky Bulletin: Law enforcement agencies and security firms take down Amadey and StealerC

Tom Uren and James Wilson talk about the Five Eyes cyber security agencies warning about the arrival of AI-enabled cyber threats. The call-to-action is driven by the recognition that it is no longer possible to limit AI’s offensive cyber security capabilities to benign actors. The genie is out of the bottle, regardless of export controls on frontier models.

They also discuss the progress of Operation Endgame, the multinational joint operation that has been disrupting the cybercriminal ecosystem. It’s been a great success, but criminal enterprises bounce back. Keeping a lid on cybercrime will require continuous disruption programs.

This episode is also available on YouTube.



Show notes

The FortiBleed hacks are worse than a credentials leak, a new White House executive order sets out a hard 2031 post quantum cryptography deadline, Meta leaks employee keystroke data, and a third of Samsung and LG TVs act as proxies.



Show notes



Risky Bulletin: The FortiBleed incident is so much worse than a simple credentials leak

In this sponsored interview James Wilson chats with Trail of Bits founder and CEO Dan Guido about its newly announced partnership with OpenAI. Together, they’ve started a new initiative called “Patch the Planet” to support open source maintainers.

Being an open source maintainer is more difficult than ever. Just using frontier models to keep up with all the bug reports isn’t enough. Trail of Bits wants to help maintainers by combining its deep cybersecurity expertise with OpenAI’s GPT 5.5 Cyber.

As Dan points out in this interview, this isn’t just about helping maintainers find and fix bugs. They’re spending just as much time on SDLC improvements, architecture changes, and the foundations needed to make open source sustainable in the AI era.



Show notes

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the idea that the People’s Republic of China has mobilised its influence operations against the construction of US data centres and its build out of AI capacity.

This episode is also available on YouTube.



Show notes



Red Rap


Two Sessions


Get on the Beers