Risky Business Podcast

January 14, 2026

Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)

Presented by

Adam Boileau
Adam Boileau

Technology Editor

Patrick Gray
Patrick Gray

CEO and Publisher

Risky Business returns for 2026! Patrick Gray and Adam Boileau talk through the week’s cybersecurity news, including:

  • Santa brings hackers MongoDB memory leaks for Christmas
  • Vercel pays out a million bucks to improve its React2Shell WAF defences
  • 39C3 delivers; the pink Power Ranger deletes nazis, while a catgirl ruins GnuPG
  • Cambodian scam compound kingpin gets extradited to China, and we don’t think it’ll go well for him
  • Krebs picks apart the Kimwolf botnet and residential proxy networks
  • So many healthcare data leaks that we have a roundup section

This week’s episode is sponsored by Airlock Digital. The founders of the application allow-listing vendor, David Cottingham and Daniel Schell, discuss Microsoft’s ClickOnce .NET app packaging, and how attackers have been abusing it to load code. Airlock hates it when you load code!

This episode is also available on Youtube.

Risky Business #820 -- Asian fraud kingpin will face Chinese justice (pew pew!)
0:00 / 59:15

Show notes

US, Australia say ‘MongoBleed’ bug being exploited | The Record from Recorded Future News

Merry Christmas Day! Have a MongoDB security incident. | by Kevin Beaumont | Dec, 2025 | DoublePulsar

Inside Vercel’s sleep-deprived race to contain React2Shell | CyberScoop

gpg.fail

Hacktivist deletes white supremacist websites live onstage during hacker conference | TechCrunch

Chinese attackers exploiting zero-day to target Cisco email security products | The Record from Recorded Future News

Ni8mare  -  Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research Labs

ServiceNow patches critical AI platform flaw that could allow user impersonation | CyberScoop

Alleged cyber scam kingpin arrested, extradited to China | The Record from Recorded Future News

FCC IoT labeling program loses lead company after China probe | Cybersecurity Dive

Trump picks Lt. Gen. Joshua Rudd to lead NSA spy agency - The Washington Post

NSA cyber directorate gets new acting leadership | The Record from Recorded Future News

Dutch court sentences hacker who used port systems to smuggle cocaine to 7 years | The Record from Recorded Future News

ECLI:NL:GHAMS:2026:22, Amsterdam Court of Appeal, 23-003218-22

The Kimwolf Botnet is Stalking Your Local Network – Krebs on Security

Who Benefited from the Aisuru and Kimwolf Botnets? – Krebs on Security

Coupang recovers smashed laptop that alleged data leaker threw into river | The Record from Recorded Future News

Ransomware responders plead guilty to using ALPHV in attacks on US organizations | The Record from Recorded Future News

Nearly 480,000 impacted by Covenant Health data breach | The Record from Recorded Future News

Illinois health department exposed over 700,000 residents' personal data for years | TechCrunch

Tech provider for NHS England confirms data breach | TechCrunch

Hacker claiming to be behind ManageMyHealth breach: ‘I do it for the money and I’m in negotiations to get it’ - NZ Herald