This week we cover five stories that all point at the same uncomfortable truth - the systems we trust to keep us safe are failing quietly, and the bill is coming due.

A US military contractor built government-grade iPhone spyware. An insider sold it to Russia. Criminals are now using it on everyday people. We break down what Coruna is, how it got out, and what your institution should be doing about it today.

Then the bombshell ProPublica investigation into Microsoft's GCC High - the cloud product handling some of America's most sensitive national security data, that the government's own reviewers called "a pile of shit" and approved anyway. What it means for every bank running Microsoft 365, and why DORA's third-party risk requirements exist for exactly this reason.

Medical device giant Stryker was brought to its knees across 79 countries - not by ransomware, but by a single compromised admin account in Microsoft Intune. Surgeries delayed. 5,500 employees sent home. The one configuration change that would have stopped it cold.

A Chinese company posed as a cybersecurity firm while systematically robbing crypto wallet users of $7 million. What it means for your digital asset supply chain risk.

And Meta's AI agent posted sensitive data to an internal forum without permission - triggering a Sev 1 incident. The same month, Meta's own Director of AI Safety had her inbox wiped by an agent she was overseeing. The model risk management questions every CRO should be asking before their next AI deployment.

In this episode I break down four major stories that reveal where the biggest risks are heading - from AI automation to cloud data breaches and mobile banking threats.

An AI agent is spreading so fast that regulators are stepping in, a well-known hacker group is threatening companies using stolen Salesforce data, an alleged insider incident raises concerns around Social Security records, and a banking trojan is draining money from users in real time.

While these stories may seem unrelated, they all point to the same underlying issue: access.

As systems become more connected and automated, controlling who - or what - has access is becoming one of the most critical challenges in cybersecurity today.

In this episode, we cover seven stories that sit at the intersection of geopolitics, technology, and financial risk. From Iranian state-linked hackers confirmed inside U.S. banking networks, to regulators forcing a reckoning on cloud concentration, to AI systems taking over operational decision-making without adequate governance, the risks are converging faster than most institutions are moving.

Seven stories. One through line. The threat surface is wider, faster, and more complex than most risk registers reflect.

• Hackers are inside banking networks right now - Symantec confirms active Seedworm intrusions at a U.S. bank, airport, and defense supply chain since February
• Your threat detection response window is now 30 minutes - AI has cut lateral movement time from 100 minutes in 2021 to 30 today
• Three cloud providers control 85% of European financial infrastructure - DORA is forcing banks to build multi-cloud resilience now
• Agentic AI is flipping the operating model - the machine becomes the operator, the human supervises, and governance hasn't caught up
• A government iPhone exploit kit has leaked into criminal hands - 23 vulnerabilities, five exploit chains, already used by Russian and Chinese threat actors