Law enforcement dismantles two more malware operations, Japan’s army used infected USB drives, Anthropic accuses Alibaba of distillation attacks, and Australia finds “digital dynamite” on critical networks.
Tom Uren and James Wilson talk about the Five Eyes cyber security agencies warning about the arrival of AI-enabled cyber threats. The call-to-action is driven by the recognition that it is no longer possible to limit AI’s offensive cyber security capabilities to benign actors. The genie is out of the bottle, regardless of export controls on frontier models.
They also discuss the progress of Operation Endgame, the multinational joint operation that has been disrupting the cybercriminal ecosystem. It’s been a great success, but criminal enterprises bounce back. Keeping a lid on cybercrime will require continuous disruption programs.
This episode is also available on YouTube.
The FortiBleed hacks are worse than a credentials leak, a new White House executive order sets out a hard 2031 post quantum cryptography deadline, Meta leaks employee keystroke data, and a third of Samsung and LG TVs act as proxies.
In this sponsored interview James Wilson chats with Trail of Bits founder and CEO Dan Guido about its newly announced partnership with OpenAI. Together, they’ve started a new initiative called “Patch the Planet” to support open source maintainers.
Being an open source maintainer is more difficult than ever. Just using frontier models to keep up with all the bug reports isn’t enough. Trail of Bits wants to help maintainers by combining its deep cybersecurity expertise with OpenAI’s GPT 5.5 Cyber.
As Dan points out in this interview, this isn’t just about helping maintainers find and fix bugs. They’re spending just as much time on SDLC improvements, architecture changes, and the foundations needed to make open source sustainable in the AI era.
In this edition of Between Two Nerds Tom Uren and The Grugq discuss the idea that the People’s Republic of China has mobilised its influence operations against the construction of US data centres and its build out of AI capacity.
This episode is also available on YouTube.
A data breach at business analytics platform Klue spreads to security firms, a hacker breaches Brazil’s national alert system, North Koreans are behind the Mastra supply chain attack, and a new, unfixable vulnerability has been found in Apple’s A12 and A13 chips.
A LOT of Fortinet creds have leaked online, Canada’s spy agency allowed to remove a botnet from Canadian devices, a supply chain attack hits the Mastra AI framework, and Europol disrupts SocGolish.
Tom Uren and James Wilson talk about Anthropic rolling out its latest models only to have them effectively banned by the US government within days. Although the administration’s process for assessing new models is, ahem, amorphous, Anthropic is doing itself no favours by dismissing its concerns. The company needs to show some emotional intelligence and learn how to manage upwards.
They also discuss Section 702 Foreign Intelligence Surveillance Act collection. The law authorising it has lapsed amidst political shenanigans, but it looks like collection can continue until next year. Plenty of time for kicking of political footballs!
This episode is also available on YouTube
66 members of the Silver Fox cybercrime group arrested in China, the EU will help Ukraine in the event of a major cyberattack, MS-ISAC loses 70% of its members after a DHS funding cut, and S-BOMs are still not widely adopted.
In this edition of Between Two Nerds Tom Uren and The Grugq talk about how NATO is set up to deter conventional conflict, and how that approach is fundamentally unsuited for ongoing, everyday cyber operations that are intended to confound adversaries.
This episode is also available on YouTube.
Almost 2,000 Arch Linux packages have been infected with malware in a supply chain attack, FISA surveillance powers expire for the first time since 2008, the FBI takes down a Chinese phishing service, and a major supply chain attack hits the WordPress ecosystem.
In this Risky Business sponsored interview, Catalin Cimpanu talks with Brandon Dixon, co-founder and CTO of Ent AI, about the company’s innovative use of local LLMs to track user behavior on the endpoint, and add context to suspicious events to detect or prevent malicious activity.
CISA changes federal patching rules due to AI, a House Republican was hacked by Russia, ShinyHunters go on an Oracle hacking spree, and npm will block auto-run install scripts by default.
In this sponsored episode, James Wilson chats with SpecterOps CTO Jared Atkinson about the central role that GitHub has played in recent supply chain compromises. GitHub is where code gets built, tested, and shipped to devices, cloud, and on-prem environments. Understanding the paths an attacker can use to get into GitHub, and where they can pivot to from there, is essential to securing your GitHub repos and CI/CD pipelines.
Tom Uren and James Wilson talk about the European Union’s digital sovereignty push. A divorce from US tech giants is on the cards, but building sovereign infrastructure and chip capacity will be hard. From an American perspective this is an entirely predicable own-goal. You can have internationally competitive tech giants or you can have an aggressive and coercive foreign policy. You can’t have both at the same time.
They also discuss the reanimated corpse of NSO Group. It’s in a hole, but it just keeps digging.
This episode is also available on YouTube
Nightmare Eclipse drops a fresh zero day, Meta says NSO is targeting WhatsApp users again, hackers breach France’s Tchap secure messenger network, Putin disables some Kremlin security cameras, and Gmail be gone! Russia bans logins from foreign email addresses.
In this edition of Between Two Nerds Tom Uren and The Grugq speak at the NATO CyCon conference on Cyber Conflict in Tallinn, Estonia. The pair discuss how cyber operations complement conventional military operations and the past, present and future of cyber conflict.
This episode is also available on YouTube.
RubyGems adds dependency-cooldowns to counter supply chain attacks, AT&T and IBM are accused of hiding foreign hacks, Cisco warns of a new SD-WAN zero-day, and Google layoffs hit security teams.
The EU unveils its digital sovereignty plan, an American law firm pays a $20 million ransom, authorities take down millions of email and social media scam accounts, and a new DoS bug can crash servers within seconds.
Tom Uren and James Wilson talk about Tom’s trip to NATO’s Cyber Conflict conference. NATO countries want to bulk up their cyber efforts, and the pair discuss what that could look like.
They also look at the US military’s admission that commercial location data was used to target personnel involved in Epic Fury, the US war on Iran. This is not surprising at all, and is just the most visible manifestation of the national security risks of this kind of data sloshing around. If Iran is analysing this data in wartime, China is doing it in peacetime for intelligence and counter-espionage purposes.
This episode is also available on YouTube
Login