On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover:

• Low skill actors compromise 600 Fortinets with AI-generated playbooks
• Anthropic calls out Chinese AI firms over model distillation
• Meta’s director of AI safety tells her ClawdBot not to delete her mail… so of course it does
• Peter Williams cops 7 years in jail for selling L3 Harris Trenchant’s exploits to Russia
• Ivanti got hacked in 2021 via… bugs in Ivanti

This episode is sponsored by line-rate network capture system Corelight. CEO Brian Dye joins to discuss what AI can do for defenders, and what it can’t.

Show Notes:

AI-augmented threat actor accesses FortiGate devices at scale https://aws.amazon.com/blogs/security/ai-augmented-threat-actor-accesses-fortigate-devices-at-scale/

“this reads to me like: they ran existing tools…. but with a cool dashboard :D” https://x.com/uk_daniel_card/status/2025158197019849126?s=46&t=VLIuBKdOq3MvRk4IpV-_-A

Anthropic accuses Chinese labs of trying to illicitly take Claude’s capabilities | CyberScoop https://cyberscoop.com/anthropic-accuses-chinese-labs-ai-distillation-cyber-risk/

Detecting and preventing distillation attacks https://www.anthropic.com/news/detecting-and-preventing-distillation-attacks

Hegseth warns Anthropic to let the military use the company’s AI tech as it sees fit, AP sources say https://apnews.com/article/anthropic-hegseth-ai-pentagon-military-3d86c9296fe953ec0591fcde6a613aba

Anthropic Rolls Out Embedded Security Scanning for Claude https://cyberscoop.com/anthropic-claude-code-security-automated-security-review/

AWS’s AI Coding Bot Kiro Caused a 13-Hour Outage https://arstechnica.com/ai/2026/02/an-ai-coding-bot-took-down-amazon-web-services/

Running OpenClaw safely: identity, isolation, and runtime risk https://www.microsoft.com/en-us/security/blog/2026/02/19/running-openclaw-safely-identity-isolation-runtime-risk/

Former Adobe, Cisco and Salesforce CISO talks AI pentesting https://risky.biz/RBFEATURES2/

History Repeats: Security in the AI Agent Era https://risky.biz/RBFEATURES1/

Meta Director of AI Safety Allows AI Agent to Accidentally Delete Her Inbox https://www.404media.co/meta-director-of-ai-safety-allows-ai-agent-to-accidentally-delete-her-inbox/

Microsoft says Office bug exposed customers’ confidential emails to Copilot AI | TechCrunch https://techcrunch.com/2026/02/18/microsoft-says-office-bug-exposed-customers-confidential-emails-to-copilot-ai/

The (tangential) fix: Microsoft adds Copilot data controls to all storage locations https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-copilot-data-controls-to-all-storage-locations/

Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker https://cyberscoop.com/l3harris-executive-peter-williams-sentenced-zero-day-exploits-russia/

Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools https://home.treasury.gov/news/press-releases/sb0404

Risky Bulletin: Russia starts criminal probe of Telegram founder Pavel Durov https://risky.biz/risky-bulletin-russia-starts-criminal-probe-of-telegram-founder-pavel-durov/

Ukraine pushes tighter Telegram regulation, citing Russian recruitment of locals https://therecord.media/ukraine-telegram-regulation-russia-sabotage-recruitment

The watchers: how openai, the US government, and persona built an identity surveillance machine that files reports on you to the feds https://vmfunc.re/blog/persona

Persona emails customers saying they don’t work with ICE or DHS amid ‘surveillance’ claims https://piunikaweb.com/2026/02/20/persona-denies-ice-dhs-ties-customer-email/

Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513 https://www.akamai.com/blog/security-research/2026/feb/inside-the-fix-cve-2026-21513-mshtml-exploit-analysis

Ivanti hacked in 2021 via its own product https://www.bloomberg.com/news/features/2026-02-19/vpn-used-by-us-government-failed-to-stop-china-state-sponsored-hackers

Fed agencies ordered to patch Dell bug by Saturday after exploitation warning | The Record from Recorded Future News https://therecord.media/fed-agencies-ordered-to-patch-dell-bug-after-exploitation-warning

From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day