On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The Salesloft breach and why OAuth soup is a problem
• The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed
• Google says it will stand up a “disruption unit”
• Microsoft writes up a ransomware gang that’s all-in on the cloud future
• Aussie firm hot-mics its work-from-home employees’ laptops
• Youtube scam baiters help the feds take down a fraud ring

This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!

This episode is also available on Youtube.

• The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security
• Salesloft: The Leading AI Revenue Orchestration Platform
• Palo Alto Networks, Zscaler customers impacted by supply chain attacks | Cybersecurity Dive
• The impact of the Salesloft Drift breach on Cloudflare and our customers
• China used three private companies to hack global telecoms, U.S. says
• CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF
• Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense | CyberScoop
• Ransomware gang takedowns causing explosion of new, smaller groups | The Record from Recorded Future News
• Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier | The Record from Recorded Future News
• Storm-0501’s evolving techniques lead to cloud-based ransomware | Microsoft Security Blog
• The Era of AI-Generated Ransomware Has Arrived | WIRED
• Between Two Nerds: How threat actors are using AI to run wild - YouTube
• Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security
• UK sought broad access to Apple customers’ data, court filing suggests
• ICE reactivates contract with spyware maker Paragon | TechCrunch
• WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch
• Safetrac turned staff laptops into covert recording devices to monitor WFH
• Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring - Risky Business Media

The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft’s entanglement in China.

Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It’s all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world’s most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out!

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Oracle’s long term CSO departs, and we’re not that sad about it
• Canada’s House of Commons gets popped through a Microsoft bug
• Russia degrades voice calls via Whatsapp and Telegram to push people towards Max
• South-East Asian scam compounds are also behind child sextortion
• Reports that the UK has backed down on Apple crypto are… strange
• Oh and of course there’s a Fortinet bug! There’s always a Fortinet bug!

This week’s episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You’ll never guess which one was a few lines of PAM config, and which was a multi-month engineering project!

This episode is also available on Youtube.

• Is Oracle facing headwinds? After layoffs, its 4-decade veteran Chief Security Officer Mary Ann Davidson departs
• Oracle CSO blasted over anti-security research rant - iTnews
• New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts | The Record from Recorded Future News
• Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme – Krebs on Security
• How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes | TechCrunch
• UK has backed down on demand to access US Apple user data, spy chief says
• DNI Tulsi Gabbard on X: "As a result, the UK has agreed to drop its mandate for"
• Hackers target Workday in social engineering attack
• Russia curbs WhatsApp, Telegram calls to counter cybercrime | The Record from Recorded Future News
• Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability | The Record from Recorded Future News
• Norway police believe pro-Russian hackers were behind April dam sabotage | The Record from Recorded Future News
• US agencies, international allies issue guidance on OT asset inventorying | Cybersecurity Dive
• FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970)
• U.S. State Dept - Near Eastern Affairs on X: "He did not claim diplomatic immunity and was released by a state judge"
• 493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds | WIRED
• .:: Phrack Magazine ::.
• Accenture to buy Australian cyber security firm CyberCX - iTnews

In this Soap Box edition of the Risky Business podcast Patrick Gray chats with Socket founder Feross Aboukhadijeh about how to measure the reachability of vulnerabilities in applications.

It’s great to know there’s a CVE in a library you’re using, but it’s even better if you can say whether or not that vulnerability actually impacts your application.

They also talk about how Socket started out as a way to discover malicious packages in software projects, but these days it’s playing the CVE game as well.

This episode is also available on Youtube.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut.

This episode explores the rise of AI-powered bug hunting:

• Google’s Project Zero and Deepmind team up to find and report 20 bugs to open source projects
• The XBOW AI bug hunting platform sees success on HackerOne
• Is an AI James Kettle on the horizon?

There’s also plenty of regular cybersecurity news to discuss:

• On-prem Sharepoint’s codebase is maintained out of China… awkward!
• China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China?
• SonicWall advises customers to turn off their VPNs
• Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs
• Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em.
• The Russian government pushes VK’s Max messenger for everything

This week’s show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn’t as scary as people make out, but if the update isn’t on your radar now, time is running out.

This episode is also available on Youtube.

• Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch
• Is XBOW’s success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop
• James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published 😂 maybe the countdown timer is just too ominous!
• Risky Bulletin: China with the accusations again - Risky Business Media
• 美情报机构频繁对我国防军工领域实施网络攻击窃密
• SharePoint Exploit: Microsoft Used China-Based Engineers to Maintain the Software — ProPublica
• China fears Nvidia chips could track, trace and shut down its AIs - Asia Times
• SonicWall urges customers to take VPN devices offline after ransomware incidents | The Record from Recorded Future News
• Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity
• ReVault! When your SoC turns against you…
• Nearly 100,000 ChatGPT Conversations Were Searchable on Google
• Microsoft catches Russian hackers targeting foreign embassies - Ars Technica
• The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware | WIRED
• Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats | Microsoft Security Blog
• Russia blocks popular US-made internet speed test tool over national security concerns | The Record from Recorded Future News

In this Soap Box edition of the show Patrick Gray chats with the CEO of email security company Sublime Security, Josh Kamdjou. They talk about where AI is useful, where it isn’t, and why AI can’t save vendors from their bad product design choices.

This episode is also available on Youtube.