Risky Business Features

Mythos smythos! How to find 0day with lesser models

Fri, 08 May 2026 16:17:57 +1000

In this podcast James Wilson chats with Niels Provos about his research into using older AI models to successfully hunt for 0day vulnerabilities. Niels has had a long and prolific career in cybersecurity, having worked as a Distinguished Engineer at Google and then heading up security at Stripe.

His interest in AI bug hunting was piqued recently when one of the Mythos 0day vulnerabilities that received lots of attention happened to be in code he wrote for the OpenBSD project 27 years ago.

It got him thinking: Are these frontier models really that magical? Or could we replicate their findings with some clever orchestration instead of relying on the model’s smarts to find bugs with a single prompt?

As it turns out, this was worth looking into. Niels’ orchestration framework, Iron Curtain, works extremely well.

This episode is also available on YouTube

Show notes

Solving the AI agent identity problem

Mon, 04 May 2026 17:05:48 +1000

In this podcast James Wilson and Brad Arkin chat about emerging trends in AI agent identity and credential management. Brad was formerly the CISO of Adobe, Cisco and Salesforce, and is now working with all sorts of companies that are deploying AI.

With everyone now in at least a large-scale pilot of agentic AI, the issue of how to manage agent identities and credentials is still an unsolved problem. But, some interesting patterns are emerging.

Show notes

A deep dive on AI model distillation attacks

Wed, 29 Apr 2026 14:24:47 +1000

In this solo episode of Risky Business Features James Wilson explores how distillation techniques are both a legitimate way to train smaller models, as well as a way to steal model capabilities. It’s not just a problem for frontier labs! Any LLM-based product could have its competitive advantage stolen through these attacks.

James covers:

High-level concept of distillation
Why it matters including close/open-weight/open-source explanation
Types of distillation and the prompts used
The distillation pipeline end to end
Distillation at scale and mitigation techniques
Hardware resource constraints for distillation

Show notes

Feature Interview: Nicholas Carlini, Anthropic

Fri, 24 Apr 2026 12:54:03 +1000

In this episode, Anthropic’s Nicholas Carlini joins Patrick Gray and James Wilson to talk about advancements in AI-driven vulnerability research and exploit development.

Nicholas’ talk at the recent [un]prompted conference demonstrated how Anthropic’s Opus 4.6 could find and exploit vulnerabilities in popular open source projects. In the short few weeks since then, Anthropic announced a new model that’s already identifying hundreds of bug fixes across critical software. Nicholas talks us through the work he does at Anthropic, what’s possible and the limitations with current frontier models, and where this goes from here.

This episode is also available on YouTube

Show notes

A builder's perspective on Mythos and frontier models

Mon, 20 Apr 2026 12:29:04 +1000

In this episode, James Wilson is joined by entrepreneur and investor Yaniv Bernstein to discuss Anthropic’s Mythos through the lens of startups and growing businesses. Yaniv is Google’s former VP of Engineering, and is former VP Eng and COO at Airtasker. He’s now an investor and advisor to startups and he co-hosts The Startup Podcast.

Show notes

Mythos and 0day: Fixing exploits is not safety

Fri, 17 Apr 2026 12:19:33 +1000

In this episode, James Wilson is joined by Brad Arkin who provides a CISO’s perspective on Anthropic’s Mythos. As former CISO at Adobe, Cisco and Salesforce, Brad’s perspective challenges the notion that finding and fixing exploits makes us safer.

Show notes

Mythos and 0day: A hacker’s perspective

Mon, 13 Apr 2026 14:34:57 +1000

In this episode of Risky Business Features, James Wilson chats to professional hacker Jamieson O’Reilly about Anthropic’s Mythos and the impact it could have on offensive security. Jamieson is CEO of DVULN and co-founder of Aether AI. He’s been hacking into organisations for more than a decade, and knows a thing or two about combining AI and offensive security.

Show notes

What happens after North Korea infiltrates?

Wed, 08 Apr 2026 15:10:31 +1000

In this episode, investigative journalist Geoff White joins James Wilson for a look into the complex machine that is North Korea’s IT worker infiltration scheme. They discuss the interview process, what happens once the workers are actually hired, how value is maximised for the regime, and how the money moves around. It’s even more diabolical than the headlines divulge.

Show notes

Lazarus Heist Podcast

Why CISOs need to be more flexible in the AI era

Fri, 03 Apr 2026 14:39:24 +1100

In this episode, James Wilson chats with Brad Arkin (former CISO of Adobe, Cisco and Salesforce) to talk about the mounting pressure that CISOs are under in the AI era. Attackers are operating at unprecedented scale, and internal users are adopting AI faster than security teams can keep up. This requires CISOs to bend on things that would have otherwise been a hard-no in the past, and revisit some fundamental controls that might have seemed too difficult previously.

Show notes

A Risky Biz Experiment: Hunting for iOS 0day with AI

Tue, 31 Mar 2026 11:16:05 +1100

In this sort-of-solo episode, James Wilson is “joined” by one of his OpenClaw AI agents for a chat about whether or not an LLM can understand, modify or even create a sophisticated nation-state grade iOS exploit kit. Technically this podcast is James having a conversation with himself, but the exchange is illuminating. It turns out LLMs can really help with finding 0day, even in mature code repos like WebKit.

Show notes

Interview: Former NSA and CIA cyber leaders on offensive AI

Fri, 27 Mar 2026 12:25:42 +1100

In this interview you’ll hear former NSA executive Rob Joyce and former CIA cyber intelligence leader Andy Boyd talk to host Patrick Gray about how AI is changing the state of art in offensive security.

Recorded in front of a live audience at the Decibel Oasis side event next door to the RSA Conference in San Francisco, the trio also talk about why a series of iOS exploit chain leaks don’t seem to be stirring up a scandal.

Show notes

When disaster strykes

Mon, 23 Mar 2026 12:10:23 +1100

In this episode of Risky Business Features, James Wilson and Brad Arkin discuss the attack that devastated medtech company Stryker. It turns out the attackers used Microsoft’s inTune to wipe the company’s devices, but what else could they have weaponised?

This podcast basically turned into an incident review of the Stryker incident. Enjoy!

Show notes

MCP is Dead

Wed, 18 Mar 2026 15:06:06 +1100

James Wilson delivers his take on the state of the Model Context Protocol (MCP) in this solo episode of Risky Business Features. Despite MCP being the technology that made Large Language Models useful and AI Agents possible, the models have shown us they want to use something else instead. They want to use the shell directly, and that is going to have serious cybersecurity consequences.

Show notes

They don't break in, they log in. What's an enterprise to do?

Fri, 13 Mar 2026 10:33:33 +1100

In this podcast James Wilson chats with Brad Arkin about how enterprises can better deal with attackers logging in with valid credentials. Stolen identities, weak special-use credentials, and over-scoped API keys are the new zero-day and they’re abundantly available to attackers. Sadly, the solution here isn’t as simple as deploying phishing resistant MFA. Fixing this takes an enterprise identity strategy.

Show notes

A ridiculously deep dive into the Coruna Exploits

Wed, 11 Mar 2026 17:08:44 +1100

Join James Wilson in this solo podcast as he takes a (ridiculously) deep dive into the Coruna exploit kit. James was a software engineer and senior manager at Apple for many years, so he has an intimate knowledge of iOS internals. He even worked alongside the people who wrote the software that the Coruna kit exploits!

This long-form solo podcast follows the chain of exploits from watering-hole website right through to full device compromise with many incredible leaps over security boundaries along the way. You’ve heard Coruna described as a sophisticated, nation state-grade exploit kit, and James will explain to you why that description is fitting.

Show notes

Being a wartime CISO

Fri, 06 Mar 2026 11:50:07 +1100

In this edition of Risky Business Features James Wilson chats with cohost Brad Arkin about what it’s like being a CISO for a global company when a war starts.

How do you deal with a branch office full of important key material being abandoned? What about cloud infrastructure that’s in a data centre that falls into enemy hands? And if your staff are okay, are any of your key suppliers going to face problems?

As you’ll hear, being a wartime CISO is less about adjusting your SIEM sensitivity because the Iranians are coming to get you, and more about figuring out how to deal with very real threats to life and infrastructure.

Show notes

What to do about North Korean remote workers

Fri, 27 Feb 2026 14:31:52 +1100

In this podcast James Wilson chats with Brad Arkin about North Korea’s sprawling fake IT worker ecosystem. From fake interviews, to stolen identities, basement laptop farms and IP-KVM tricks, the North Koreans are operating a whole employment fraud industry.

Brad and James discuss how the scheme works in practice and the technical detection challenges defenders now face, like dealing with stolen or borrowed identities, bribed verification checks and multi-person operational chains. They also dig into why enterprises are largely on the back foot, and why there’s no single product you can buy to solve this.

As the former CISO of Adobe, Cisco and Salesforce, Brad has some firsthand experience dealing with this stuff!

Show notes

Former Adobe, Cisco and Salesforce CISO talks AI pentesting

Fri, 20 Feb 2026 10:30:28 +1100

In this debut feature conversation in the Risky Business Features feed James Wilson sits down with Brad Arkin, the former CSO of Adobe, Cisco, and Salesforce, to talk all about AI pentesting.

Finding and fixing bugs is great, but does it materially improve the overall security of a product? What’s the point of a pentest if the tester can’t walk you through their findings when it’s over? Is “bugs per dollar spend” really the measure of value in security testing?

We hope you enjoy this podcast!

Show notes

History Repeats: Security in the AI Agent Era

Tue, 17 Feb 2026 13:20:42 +1100

AI agents are being deployed with the same trust-by-default architecture the early internet had. Same mistakes, MUCH faster timeline.

OpenClaw has hit 180K+ GitHub stars. But in the past week:

341 malicious skills on ClawHub were distributing Atomic Stealer
ZeroPath disclosed a Browser Relay vuln enabling cross-tab cookie theft
CrowdStrike, Cisco, and Bitdefender all published enterprise advisories
VirusTotal partnered with ClawHub to scan uploads
Korean tech firms (Kakao, Naver, Karrot) banned it on corporate networks
1,000+ Open PRs, 250+ less than 24 hours old.

But how does this thing actually work? Join James Wilson as he explains why banning these types of agents doesn’t work, why browser sessions are now API surfaces, and why your organisation needs to think of these issues early or be condemned to decades of catch-up programs.