Risky Business Features

Solo podcast: A deep dive on TeamPCP 02.06.2026 1時間 4分

In this solo episode, James Wilson takes a detailed look at TeamPCP. It started off by launching clumsy attacks against misconfigured Kubernetes clusters in September 2025. But by February this year, TeamPCP had skilled up and was smashing global software supply chains in the highest profile attacks of 2026. TeamPCP upskilled and turned the software development ecosystem into its personal credential harvesting machine. Here’s how TeamPCP did it, and what we can learn from it.

How to survive supply chain attacks 25.05.2026 36分

In this podcast James Wilson chats with Brad Arkin about why software supply chain attacks have gone from rare, once-in-a-while disasters to an operational problem affecting mainstream enterprises almost daily. AI has made attackers faster, and “vibe coding” means the number of environments pulling packages from the internet has gone to the moon. It also means legacy tooling that seeks out the bad packages and cleans them up isn’t enough. Package cooldown windows won’t fix this either. But all hope is not lost! Tune in to this podcast to find out how you can get a grip on the disaster de jour!

How the CopyFail disclosure went sideways 21.05.2026 18分

In this episode, Theori’s Brian Pak and Andrew Wesie join James Wilson to discuss why the CopyFail exploit was publicly disclosed before Linux distributions had their patches ready. As you’ll hear in this episode, mistakes were made and lessons learned. It’s worth a podcast, too, because in our opinion this incident foreshadows the inevitable problems that open source software will face in the unfolding vulnpocalypse.

NCSC’s Ollie Whitehouse on surviving the "bugpocalypse" 18.05.2026 29分

In this edition of Risky Business Features Ollie Whitehouse, the CTO of the UK’s National Cyber Security Centre, joins Patrick Gray and James Wilson to talk about why “patch faster” will only get organisations so far in the face of the AI “bugpocalypse”. As Ollie explains, organisations will need to reduce internet-facing attack surface and make better architecture decisions as 0day discovery speeds up. This episode is also available on YouTube.

What a great agentic AI deployment plan looks like 12.05.2026 39分

In this podcast James Wilson and Brad Arkin workshop the advice they think the industry needs to hear when it comes to deploying agentic AI in the enterprise. Relegating agentic AI to non-sensitive and low-risk tasks doesn’t deliver value, and avoiding all risk stalls progress. James and Brad discuss the phases of AI adoption and contrast what a great plan looks like, versus an overly cautious one.

Mythos smythos! How to find 0day with lesser models 08.05.2026 1時間 27分

In this podcast James Wilson chats with Niels Provos about his research into using older AI models to successfully hunt for 0day vulnerabilities. Niels has had a long and prolific career in cybersecurity, having worked as a Distinguished Engineer at Google and then heading up security at Stripe. His interest in AI bug hunting was piqued recently when one of the Mythos 0day vulnerabilities that received lots of attention happened to be in code he wrote for the OpenBSD project 27 years ago. It got him thinking: Are these frontier models really that magical? Or could we replicate their findings with some clever orchestration instead of relying on the model’s smarts to find bugs with a single prompt? As it turns out, this was worth looking into. Niels’ orchestration framework, Iron Curtain, works extremely well. This episode is also available on YouTube

Solving the AI agent identity problem 04.05.2026 40分

In this podcast James Wilson and Brad Arkin chat about emerging trends in AI agent identity and credential management. Brad was formerly the CISO of Adobe, Cisco and Salesforce, and is now working with all sorts of companies that are deploying AI. With everyone now in at least a large-scale pilot of agentic AI, the issue of how to manage agent identities and credentials is still an unsolved problem. But, some interesting patterns are emerging.

A deep dive on AI model distillation attacks 29.04.2026 1時間 12分

In this solo episode of Risky Business Features James Wilson explores how distillation techniques are both a legitimate way to train smaller models, as well as a way to steal model capabilities. It’s not just a problem for frontier labs! Any LLM-based product could have its competitive advantage stolen through these attacks. James covers: High-level concept of distillation Why it matters including close/open-weight/open-source explanation Types of distillation and the prompts used The distillation pipeline end to end Distillation at scale and mitigation techniques Hardware resource constraints for distillation

Feature Interview: Nicholas Carlini, Anthropic 24.04.2026 42分

In this episode, Anthropic’s Nicholas Carlini joins Patrick Gray and James Wilson to talk about advancements in AI-driven vulnerability research and exploit development. Nicholas’ talk at the recent [un]prompted conference demonstrated how Anthropic’s Opus 4.6 could find and exploit vulnerabilities in popular open source projects. In the short few weeks since then, Anthropic announced a new model that’s already identifying hundreds of bug fixes across critical software. Nicholas talks us through the work he does at Anthropic, what’s possible and the limitations with current frontier models, and where this goes from here. This episode is also available on YouTube

A builder's perspective on Mythos and frontier models 20.04.2026 32分

In this episode, James Wilson is joined by entrepreneur and investor Yaniv Bernstein to discuss Anthropic’s Mythos through the lens of startups and growing businesses. Yaniv is Google’s former VP of Engineering, and is former VP Eng and COO at Airtasker. He’s now an investor and advisor to startups and he co-hosts The Startup Podcast.

Mythos and 0day: Fixing exploits is not safety 17.04.2026 21分

In this episode, James Wilson is joined by Brad Arkin who provides a CISO’s perspective on Anthropic’s Mythos. As former CISO at Adobe, Cisco and Salesforce, Brad’s perspective challenges the notion that finding and fixing exploits makes us safer.

Mythos and 0day: A hacker’s perspective 13.04.2026 32分

In this episode of Risky Business Features, James Wilson chats to professional hacker Jamieson O’Reilly about Anthropic’s Mythos and the impact it could have on offensive security. Jamieson is CEO of DVULN and co-founder of Aether AI. He’s been hacking into organisations for more than a decade, and knows a thing or two about combining AI and offensive security.

What happens after North Korea infiltrates? 08.04.2026 51分

In this episode, investigative journalist Geoff White joins James Wilson for a look into the complex machine that is North Korea’s IT worker infiltration scheme. They discuss the interview process, what happens once the workers are actually hired, how value is maximised for the regime, and how the money moves around. It’s even more diabolical than the headlines divulge.

Why CISOs need to be more flexible in the AI era 03.04.2026 18分

In this episode, James Wilson chats with Brad Arkin (former CISO of Adobe, Cisco and Salesforce) to talk about the mounting pressure that CISOs are under in the AI era. Attackers are operating at unprecedented scale, and internal users are adopting AI faster than security teams can keep up. This requires CISOs to bend on things that would have otherwise been a hard-no in the past, and revisit some fundamental controls that might have seemed too difficult previously.

A Risky Biz Experiment: Hunting for iOS 0day with AI 31.03.2026 56分

In this sort-of-solo episode, James Wilson is “joined” by one of his OpenClaw AI agents for a chat about whether or not an LLM can understand, modify or even create a sophisticated nation-state grade iOS exploit kit. Technically this podcast is James having a conversation with himself, but the exchange is illuminating. It turns out LLMs can really help with finding 0day, even in mature code repos like WebKit.

Interview: Former NSA and CIA cyber leaders on offensive AI 27.03.2026 15分

In this interview you’ll hear former NSA executive Rob Joyce and former CIA cyber intelligence leader Andy Boyd talk to host Patrick Gray about how AI is changing the state of art in offensive security. Recorded in front of a live audience at the Decibel Oasis side event next door to the RSA Conference in San Francisco, the trio also talk about why a series of iOS exploit chain leaks don’t seem to be stirring up a scandal.

When disaster strykes 23.03.2026 40分

In this episode of Risky Business Features, James Wilson and Brad Arkin discuss the attack that devastated medtech company Stryker. It turns out the attackers used Microsoft’s inTune to wipe the company’s devices, but what else could they have weaponised? This podcast basically turned into an incident review of the Stryker incident. Enjoy!

MCP is Dead 18.03.2026 36分

James Wilson delivers his take on the state of the Model Context Protocol (MCP) in this solo episode of Risky Business Features. Despite MCP being the technology that made Large Language Models useful and AI Agents possible, the models have shown us they want to use something else instead. They want to use the shell directly, and that is going to have serious cybersecurity consequences.

They don't break in, they log in. What's an enterprise to do? 13.03.2026 32分

In this podcast James Wilson chats with Brad Arkin about how enterprises can better deal with attackers logging in with valid credentials. Stolen identities, weak special-use credentials, and over-scoped API keys are the new zero-day and they’re abundantly available to attackers. Sadly, the solution here isn’t as simple as deploying phishing resistant MFA. Fixing this takes an enterprise identity strategy.

A ridiculously deep dive into the Coruna Exploits 11.03.2026 1時間 17分

Join James Wilson in this solo podcast as he takes a (ridiculously) deep dive into the Coruna exploit kit. James was a software engineer and senior manager at Apple for many years, so he has an intimate knowledge of iOS internals. He even worked alongside the people who wrote the software that the Coruna kit exploits! This long-form solo podcast follows the chain of exploits from watering-hole website right through to full device compromise with many incredible leaps over security boundaries along the way. You’ve heard Coruna described as a sophisticated, nation state-grade exploit kit, and James will explain to you why that description is fitting.