惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Full Disclosure
Recorded Future
Recorded Future
T
Tenable Blog
S
Securelist
C
CERT Recently Published Vulnerability Notes
T
Threatpost
S
Schneier on Security
A
Arctic Wolf
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
Know Your Adversary
Know Your Adversary
P
Privacy International News Feed
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Register - Security
The Register - Security
Cisco Talos Blog
Cisco Talos Blog
AWS News Blog
AWS News Blog
K
Kaspersky official blog
T
True Tiger Recordings
T
Threat Research - Cisco Blogs
V
Vulnerabilities – Threatpost
P
Palo Alto Networks Blog
T
The Exploit Database - CXSecurity.com
小众软件
小众软件
B
Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Microsoft Azure Blog
Microsoft Azure Blog
Cyberwarzone
Cyberwarzone
C
Cybersecurity and Infrastructure Security Agency CISA
T
Tor Project blog
Spread Privacy
Spread Privacy
Malwarebytes
Malwarebytes
P
Proofpoint News Feed
F
Fox-IT International blog
F
Fortinet All Blogs
P
Privacy & Cybersecurity Law Blog
G
GRAHAM CLULEY
量子位
Latest news
Latest news
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
Project Zero
Project Zero
T
Tailwind CSS Blog
N
Netflix TechBlog - Medium
Martin Fowler
Martin Fowler
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
I
Intezer
博客园_首页
腾讯CDC
H
Hackread – Cybersecurity News, Data Breaches, AI and More
D
Darknet – Hacking Tools, Hacker News & Cyber Security

Risky Business Media

How to survive supply chain attacks Risky Bulletin: Mythos has found thousands of critical bugs Sponsored: Teaching AI agents the rules of the road Risky Bulletin: Microsoft ends SMS MFA for personal accounts How the CopyFail disclosure went sideways Srsly Risky Biz: Politicians ditch Signal for homegrown apps Risky Business #838 -- GitHub investigates possible breach Risky Bulletin: Microsoft takes down crime SaaS used by ransomware gangs Between Two Nerds: Russia's hacker university NCSC’s Ollie Whitehouse on surviving the "bugpocalypse" Risky Bulletin: Indonesia emerges as a new hub for cyber scams Sponsored: Push Security goes AI threat hunting in browser telemetry Soap Box: Where does AI fit into cloud security? Risky Bulletin: Shai-Hulud goes open-source Srsly Risky Biz: The AI Regulation Knife Fight Risky Bulletin: Damaging worm rips through npm ecosystem Risky Business #837 -- GitHub Actions footgun claims TanStack What a great agentic AI deployment plan looks like Between Two Nerds: The AI-first crime gang Risky Bulletin: FCC relaxes foreign router security patch ban Sponsored: Knocknoc built a Greynoise integration Mythos smythos! How to find 0day with lesser models Risky Bulletin: State sponsored group exploits Palo 0day Srsly Risky Biz: After Mythos, US government weighs AI regulation Risky Bulletin: Targeted supply chain attack hits DAEMON Tools Risky Business #836 -- You can't patch the bugpocalypse Between Two Nerds: The wild wild west Solving the AI agent identity problem Risky Bulletin: DigiCert hacked with a malicious screensaver file Sponsored: James Kettle built an AI hacker Risky Bulletin: cPanel auth bypass exploited in wild Snake Oilers: Ent AI, Spacewalk and Mondoo Srsly Risky Biz: US Vows to Fight Distillation Attacks Risky Business #835 -- Why the Fast16 malware is badass A deep dive on AI model distillation attacks Risky Bulletin: Ukrainians hacked Russian satellite comms platform Between Two Nerds: Hackers from the future Risky Bulletin: New fingerprinting technique can track Tor users Sponsored: RunZero accidentally got good at OT Risky Bulletin: Sean Plankey withdraws CISA nomination Feature Interview: Nicholas Carlini, Anthropic Srsly Risky Biz: Musk snubs French authorities Risky Bulletin: Former FBI official calls for terrorism designations for ransomware groups that target hospitals Between Two Nerds: AI as the mythical 10x hacker Risky Bulletin: ShinyHunters claim credit for Vercel hack A builder's perspective on Mythos and frontier models Sponsored: Nebulock on hunting shadow AI Risky Bulletin: NIST gives up enriching most CVEs Mythos and 0day: Fixing exploits is not safety Srsly Risky Biz: Time to ban sale of precise geolocation data Risky Bulletin: Malicious LLM proxy routers found in the wild Risky Business #833 -- The Great Mythos Freakout of 2026 Between Two Nerds: How AI will upset state cyber competition Mythos and 0day: A hacker’s perspective Risky Bulletin: France takes first steps to ditch Windows for Linux Sponsored: Corelight Agentic Triage helps defenders stay ahead Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs Snake Oilers: Burp AI, Sondera and Truffle Security Srsly Risky Biz: American diplomats to fight foreign propaganda... on X Risky Bulletin: Cybercrime losses passed $20 billion last year What happens after North Korea infiltrates? Risky Business #832 -- Anthropic unveils magical 0day computer God Between Two Nerds: Make cyber, not war Risky Bulletin: New Cambodian law will put scam compound operators in prison for life Sponsored: Application allowlisting, but not as you know it Why CISOs need to be more flexible in the AI era
Risky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugs
2026-04-22 · via Risky Business Media

Risky Business Podcast

April 22, 2026

Presented by

James Wilson

James Wilson

Technology Editor

Patrick Gray

Patrick Gray

CEO and Publisher

The Grugq

The Grugq

Independent Security Researcher

On this week’s show, Patrick Gray and James Wilson are joined by special guest The Grugq. They discuss the week’s cybersecurity news, including:

  • Vercel got owned, and there’s a few infostealer and compromised employee dots to connect
  • Mozilla used Mythos to find 271 bugs, which feels like a sign of the bug-pocalypse
  • Speaking of the bug-pocalypse, is that why NIST is noping out of enriching a bunch of bugs?
  • The NSA is using Mythos even though the government did that whole Anthropic blacklisting thing
  • And DDos attacks hit a couple of smaller-player socials

This week’s episode is sponsored by Permiso. Ian Ahl chats to Pat about the subtle signals Permiso uses to detect ShinyHunters-style activity in cloud and on-prem environments.

This episode is also available on Youtube.

Risky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugs

0:00 / 60:33

Subscribe  

Logo

Show notes

Vercel April 2026 Security incident

Vercel breach linked to infostealer infection at Context.ai

Vercel confirms breach as hackers claim to be selling stolen data

Matt Johansen: “This is not a good look” | X

NIST limits vulnerability analysis as CVE backlog swells | Cybersecurity Dive

CISA Cyber on X

Ransomware attack continues to disrupt healthcare in London nearly two years later | The Record from Recorded Future News

Lawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks | CyberScoop

In defeat for Trump, House extends electronic spying program for just 10 days | The Record from Recorded Future News

Crypto infrastructure company blames $290 million theft on North Korean hackers | The Record from Recorded Future News

US-sanctioned currency exchange says $15 million heist done by "unfriendly states" - Ars Technica

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Mozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox | WIRED

NSA using Anthropic's Mythos despite Defense Department blacklist

Beyond the breach: inside a cargo theft actor’s post-compromise playbook | Proofpoint US

Beware scam messages offering ships safe transit through Hormuz Strait, says security firm | The Straits Times

New Jersey men given lengthy sentences for running North Korean laptop farms | The Record from Recorded Future News

Turns Out We’re Not Alone - Volodymyr Styran

US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms | Cybersecurity Dive

Bluesky blames app outage on ‘sophisticated’ DDoS attack | The Record from Recorded Future News

Mastodon says its flagship server was hit by a DDoS attack | TechCrunch

An IT expert explained under what conditions using a VPN can cause a smartphone to explode

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。