PRIME MEMBER EXCLUSIVE | 3 Months Free Trial

Auto-renews at INR 199/mo after 3 months. Cancel anytime. Offer ends 15 July, 2026.
Risky Business cover art

Risky Business

Risky Business

Written by: Risky Business Media
Listen for free

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.Copyright Risky Business Media 2007-2026 Politics & Government
Episodes
  • Risky Business #844 -- China closes AI vulndev gap as USA lifts Fable ban
    Jul 1 2026
    On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s Fable 5 returning while OpenAI’s GPT-5.6 gets thrown in model jailDistillation, cheap tokens, and AI chat harvesting is an industry in ChinaEdge becomes a lolbin via a new malicious extensionAn Iranian APT boss’s vacation in a beautiful place goes wrongMuch, much more! In this week’s sponsor interview Daf Stuttard and Katie Warren from Portswigger pop along to talk about how they built an AI security testing product that people would actually feel comfortable using. This episode is also available on YouTube. Show notes Anthropic (@AnthropicAI) on X | X (formerly Twitter)Howard Lutnick (@howardlutnick) on X | X (formerly Twitter)U.S. government gives Anthropic green light for limited re-release of Mythos 5 | NBC News TechOpenAI limits GPT-5.6 rollout after government request | TechCrunchThe U.S. government will decide who gets to use the latest American AI technology | washingtonpost.comAnthropic says Alibaba illicitly extracted Claude AI model capabilities | reut.rsHow to Buy Cheap Claude Tokens in China | Alex Stamos (@alexstamos) on X | X (formerly Twitter)Synthesis of Exploitarium Mass Zero-Day Disclosure | detections.aiMythos on your desk? Using local LLMs for code reviews | Risky Business Media Beyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews | Security Research LabsAccelerating EDR Evasion with LLM-Driven Analysis | SpecterOpsCISA: Windows BlueHammer flaw now exploited by ransomware gangs | BleepingComputerWhen cybercriminals hire burglars: Inside an alleged Russian effort to infiltrate multibillion-dollar US law firms | CNN Politics | Social SignalsMicrosoft quietly extends free Windows 10 ESU support to October 2027 | BleepingComputerEdgecution: Malicious Edge Extension Backdoor | ThreatLabz | Social SignalsBluekit phishing kit adopts browser-in-the-middle for login theft | BleepingComputerNew macOS malware embeds fake errors to confuse AI analysis tools | BleepingComputerDraftKings hacker 'Snoopy' sentenced to 18 months in prison | BleepingComputerPolymarket says hackers stole users’ funds | TechCrunch SecurityAustralia's spy chief warns of rising terror and cyber threats | japantimes.co.jpRussian hackers were behind $2.5 billion hack of Jaguar Land Rover: Report | TechCrunch SecurityIranian national sought by US on hacking charges arrested in Montenegro | apnews.com[un]prompted.au - AI x CyberSecurity: Notes from the Field: Call for Speakers |
    Show More Show Less
    1 hr
  • Risky Business #843 -- Fortibleed is kinda awesome, actually
    Jun 24 2026
    On this week’s show special guest co-host Rob Joyce joins Patrick Gray and James Wilson to discuss the week’s cybersecurity news. Rob served as an advisor to Donald Trump during his first term as president and also served at NSA for 34 years. While at the agency, Joyce led Tailored Access Operations (TAO), and later became NSA’s Director of Cybersecurity. They cover: The surprisingly well done Fortibleed campaignStolen Klue OAuth tokens lead to Salesforce data theftOpenAI wants to patch the planetrunZero gets acquired by Accenture, congrats HD Moore!Much, much more! This episode is also available on YouTube. Show notes FortiBleed campaign used custom FortiGate sniffer to steal credentials | BleepingComputerFortiBleed: Fortinet device credential compromise expands into broader credential-attack guidance | unit42.paloaltonetworks.comCybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world | TechCrunch SecurityKlue OAuth breach linked to 'Icarus' Salesforce data theft attacks | BleepingComputerPolymarket (@Polymarket) on X | X (formerly Twitter)The Korean telecom giant at the center of Anthropic’s Mythos controversy | wrd.cmBeyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews - SRLabs Research | SRLabsOpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos | wired.comSponsored: Trail of Bits and OpenAI patch the planet | Risky BulletinIntel agencies: Frontier AI models will reshape cybersecurity faster than expected | cyberscoop.comEmbedding Forbidden Text in Spyware to Discourage AI Analysis | Schneier on SecurityA new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak | TechCrunch SecurityUSB worm spreads crypto-stealing malware via Windows shortcut files | BleepingComputerAndroid verification is coming: Google confirms timeline and supported app stores | Ars TechnicaCalifornia water utility probes breach claim by Iran-linked actor | Cybersecurity DiveSuspected cyberattack triggers false emergency alerts across parts of Brazil | The RecordTesco moving 40,000 server workloads off VMware amid Broadcom's "abusive conduct" | Ars TechnicaTrump directs federal agencies to protect US data from quantum threats | therecord.mediaAccenture shells out $4.18B on three companies in big industrial cybersecurity push | cyberscoop.com
    Show More Show Less
    1 hr and 4 mins
  • Risky Business #842 -- Anthropic needs an adult in the C suite
    Jun 17 2026
    On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s Fable 5 and Mythos 5 get nuked by the US government four days after launch “because security”Why “guardrails” won’t keep the world safe from your AI doomsday machineThe FISA 702 statute expired, but the spying can (probably) continue!NPM v12 delivers some protection against supply chain attacks, but not enough.Microsoft has a series of bugs that prevent Windows Update from … updatingMuch, much more! This episode is also available on YouTube Show notes Anthropic suspends new AI models after government directive | NBC News TechAnthropic rankles users with safety-first Fable release | NBC News TechHow a 90-minute White House deadline sparked Silicon Valley’s biggest AI fight | washingtonpost.comPete Hegseth (@PeteHegseth) on X | X (formerly Twitter)David Sacks (@DavidSacks) on X | X (formerly Twitter)DoW CIO Kirsten Davies (@DoWCIODavies) on X | X (formerly Twitter)David Shulman (@DavidShulmanFL) on X | X (formerly Twitter)Controversial FISA spying law expires tonight. The spying will continue. | Ars TechnicaGitHub announces npm security changes to tackle supply-chain attacks | BleepingComputerWhy NPM v12 won’t stop supply chain attacks - Risky Business Media | Social SignalsOracle PeopleSoft servers hacked in ShinyHunters data theft attacks | BleepingComputerMicrosoft patches Exchange Server zero-day exploited in attacks | BleepingComputerMax severity Ivanti Sentry vulnerability now exploited in attacks | BleepingComputerCISA warns of another cPanel plugin flaw exploited in attacks | BleepingComputerCritical Fortinet FortiSandbox flaws now exploited in attacks | BleepingComputerCISA orders feds to patch actively exploited Ivanti flaw by Sunday | BleepingComputerCISA to require federal agencies to patch some cyber vulnerabilities within 3 days | therecord.mediaPath traversal flaw in AI dev platform Langflow exploited in attacks | BleepingComputerMicrosoft: Some Windows PCs fail to install latest monthly updates | BleepingComputerMicrosoft fixes BitLocker recovery bug on Windows Server 2025 | BleepingComputerMicrosoft fixes Windows update failures linked to WUSA installer | BleepingComputerNew attack turned Microsoft 365 Copilot into 1-click data theft tool | BleepingComputerOver 73,000 French govt employees affected in Tchap messenger breach | BleepingComputerSignal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps | wired.comFBI disrupts massive AI-powered phishing service using a million URLs | BleepingComputerCyberattack shuts down major Australian sugar mills, disrupting harvest | The RecordDrug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts, Report Finds | wired.comIt Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests | 404.feed.pressWho Runs the Ransomware Group ‘The Gentlemen?’ | krebsonsecurity.com:brdKnife: (@cR0w@infosec.exchange) | Infosec Exchange
    Show More Show Less
    1 hr
adbl_web_anon_alc_button_suppression_t1
No reviews yet