On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover: * The Coruna exploits were L3 Harris, but it seems Triangulation… was not! * Iran's cyber HQ hit by Israeli (kinetic) strikes * Trump's cyber “strategy” is … well, all we've got is jokes cause there's no serious content * NSA and CyberCom finally get a leader after Lt Gen Joshua Rudd gets Senate nod * DOGE (remember them?!) employee walked a social security database out on a USB stick This episode is sponsored by open source cloud security scanner Prowler. Creator and CEO Toni de la Fuente talks to Pat about some of the enterprise features Prowler is growing, while remaining true to its open source roots. Show Notes: Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript https://www.nadsec.online/blog/coruna GitHub - matteyeux/coruna: deobfuscated JS and blobs https://github.com/matteyeux/coruna US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine https://techcrunch.com/2026/03/10/us-military-contractor-likely-built-iphone-hacking-tools-used-by-russian-spies-in-ukraine/ APT36: A Nightmare of Vibeware https://businessinsights.bitdefender.com/apt36-nightmare-vibeware State-linked actors targeted US networks in lead-up to Iran war https://www.cybersecuritydive.com/news/state-linked-actors-targeted-us-networks-in-lead-up-to-iran-war/814190/ Iranian cyber warfare HQ allegedly hit by Israel https://www.scworld.com/brief/iranian-cyber-warfare-hq-allegedly-hit-by-israel Last 2 names of 6 US soldiers who died in Kuwait attack identified by the Pentagon https://apnews.com/article/iran-us-military-deaths-0a3f1532ec1953d51898e5b5e2b625d6 Signal, WhatsApp users face Russian phishing push, Dutch warn https://www.nbcnews.com/tech/security/signal-whatsapp-users-face-russian-phishing-push-dutch-warn-rcna262533 Samuel Bendett on X: "Russian military told it couldn't use Telegram messaging app" https://x.com/sambendett/status/2031468780560265571?s=46&t=VLIuBKdOq3MvRk4IpV-_-A FBI investigating ‘suspicious’ cyber activities on critical surveillance network https://edition.cnn.com/2026/03/05/politics/fbi-investigating-cyber-breach-critical-surveillance-network Risky Bulletin: New White House EO prioritizes fight against scams and cybercrime https://risky.biz/risky-bulletin-new-white-house-eo-prioritizes-fight-against-scams-and-cybercrime/ President Trump’s CYBER STRATEGY for America https://www.whitehouse.gov/wp-content/uploads/2026/03/President-Trumps-Cyber-Strategy-for-America.pdf Fact Sheet: President Donald J. Trump Combats Cybercrime, Fraud, and Predatory Schemes Against American Citizens https://www.whitehouse.gov/fact-sheets/2026/03/fact-sheet-president-donald-j-trump-combats-cybercrime-fraud-and-predatory-schemes-against-american-citizens/ UK plans to shift fraud fight onto telecoms, tech companies https://therecord.media/uk-plans-to-shift-fraud-fight-to-telecoms-tech Trump to hit Anthropic with executive order to remove "woke" AI Claude https://www.axios.com/2026/03/09/trump-white-house-anthropic-executive-order?utm_source=x&utm_campaign=editorial&utm_medium=owned_social Anthropic launches code review tool to check flood of AI-generated code https://techcrunch.com/2026/03/09/anthropic-launches-code-review-tool-to-check-flood-of-ai-generated-code/ CrowdStrike reports record quarter amid investor concerns about AI impact https://www.cybersecuritydive.com/news/crowdstrike-record-quarter-investor-concerns-ai/813791/ Critical defect in Java security engine poses serious downstream security risks https://cyberscoop.com/pac4j-open-source-library-vulnerability-max-severity-risk/ Gen. Joshua Rudd confirmed as NSA, Cyber Command head https://www.washingtonpost.com/national-security/2026/03/10/joshua-rudd-nsa-cyber-command-confirmed/ Plankey’s nomination as CISA director now in jeopardy https://www.cybersecuritydive.com/news/sean-plankey-cisa-dhs-controversy/813898/ DOGE employee stole Social Security data and put it on a thumb drive, report says https://techcrunch.com/2026/03/10/doge-employee-stole-social-security-data-and-put-it-on-a-thumb-drive-report-says/ Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel https://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking/ Cel mai mare exportator român de carne, deținătorul brandului Cocorico, a intrat în restructurări, alături de Casa de Insolvență Transilvania https://startupcafe.ro/cel-mai-mare-exportator-roman-carne-cocorico-restructurari-alaturi-casa-insolventa-transilvania- 94953

Srsly Risky Biz: Open weight models make the Mythos debate moot
494 views

Risky Business (843): Fortibleed is kinda awesome, actually
751 views

Pitching security startups to VCs in the AI era
203 views

Between Two Nerds: The PRC vs AI
342 views

Srsly Risky Biz: Anthropic has artificial, but not emotional, intelligence
460 views

Risky Business Weekly (842): Anthropic needs an adult in the C suite
1.2K views