On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They discuss:

• Iran’s Intune-based wiper attack on medical device maker Stryker
• Qihoo 360’s AI publishes its own wildcard TLS cert private key
• Instagram is canning its end-to-end encrypted messaging
• What’s going on with mobile internet access in Moscow?
• The Xbox One’s bootloader gets voltage glitched into submission
• Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…)

This week’s episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique.

Show Notes:

Iranian Hacktivists Strike Medical Device Maker Stryker in “Severe” Attack that Wiped Systems https://www.zetter-zeroday.com/iranian-hacktivists-strike-medical-device-maker-stryker-in-severe-attack-that-wiped-systems/

Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices | TechCrunch https://techcrunch.com/2026/03/17/stryker-says-its-restoring-systems-after-pro-iran-hackers-wiped-thousands-of-employee-devices/

Stryker attack raises concerns about role of device management tool | Cybersecurity Dive https://www.cybersecuritydive.com/news/stryker-attack-device-management-microsoft-iran/814816/

Stryker tells SEC that timeline for recovery from cyberattack unknown | The Record from Recorded Future News https://therecord.media/stryker-tells-sec-unknown-timeline-recovery

How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks | WIRED https://www.wired.com/story/handala-hacker-group-iran-us-israel-war/

U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued https://www.forbes.com/sites/the-wiretap/2026/03/17/us-strikes-killed-iranian-cyber-chiefs-but-the-hacks-continued/

Risky Business Features: Being a Wartime CISO https://risky.biz/RBFEATURES4/

Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica https://arstechnica.com/security/2026/03/supply-chain-attack-using-invisible-code-hits-github-and-other-repositories/

China’s biggest cybersecurity company, Qihoo 360 just leaked their own wildcard SSL private key https://x.com/intcyberdigest/status/2033547961976639890

Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors - Irregular https://www.irregular.com/publications/emergent-offensive-cyber-behavior-in-ai-agents

Risky Business Features: MCP is Dead https://risky.biz/RBFEATURES7

Measuring AI Agents’ Progress on Multi-Step Cyber Attack Scenarios https://www.aisi.gov.uk/research/measuring-ai-agents-progress-on-multi-step-cyber-attack-scenarios

Measuring AI Agents’ Progress on Multi-Step Cyber Attack Scenarios https://arxiv.org/pdf/2603.11214

What is end-to-end encryption on Instagram | Instagram Help Center https://help.instagram.com/491565145294150

US Lawmakers Move to Kill the FBI’s Warrantless Wiretap Access | WIRED https://www.wired.com/story/us-lawmakers-move-to-kill-the-fbis-warrantless-wiretap-access/

Website “whitelists” launched in Moscow | Forbes.ru https://www.forbes.ru/tekhnologii/557184-v-moskve-zarabotali-belye-spiski-sajtov

Exclusive: Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show | Reuters https://www.reuters.com/world/us/foreign-hacker-2023-compromised-epstein-files-held-by-fbi-source-documents-show-2026-03-11/

Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million | CyberScoop https://cyberscoop.com/digitalmint-ransomware-negotiator-arrest-angelo-martino-extortion/

Researchers disclose vulnerabilities in IP KVMs from four manufacturers - Ars Technica https://arstechnica.com/security/2026/03/researchers-disclose-vulnerabilities-in-ip-kvms-from-4-manufacturers/

RE//verse 2026: Hacking the Xbox One by Markus ‘doom’ Gaasedelen - YouTube https://www.youtube.com/watch?v=FTFn4UZsA5U

CrackArmor: Multiple vulnerabilities in AppArmor https://cdn2.qualys.com/advisory/2026/03/10/crack-armor.txt