On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They talk through:

• TeamPCP’s supply chain attack on Github, and they threw in an anti-Iran wiper, because why not?!
• Anthropic hooks up its models to just… use your whole computer
• After Stryker’s Very Bad Day, CISA says maybe add some more controls around your Intune?
• Another iOS exploit kit shows up in the cyber bargain-bin
• The FTC decides to ban… all new home routers?! U wot m8?!
• Supermicro founder was personally sanction-busting Nvidia GPUs into China?!

This week’s episode is sponsored by enterprise browser maker, Island. Chief Customer Officer Bradon Rogers joins Pat to explain how its customers are using Island to control the use of personal AI services in regulated industries.

Show Notes:

‘CanisterWorm’ Springs Wiper Attack Targeting Iran https://krebsonsecurity.com/2026/03/canisterworm-springs-wiper-attack-targeting-iran/

TeamPCP deploys CanisterWorm on NPM following Trivy compromise https://www.aikido.dev/blog/teampcp-deploys-worm-npm-trivy-compromise

Andrej Karpathy on X: “Software horror: litellm PyPI supply chain” attack https://x.com/karpathy/status/2036487306585268612

Checkmarx KICS GitHub Action Compromised: Malware Injected in All Git Tags https://www.stepsecurity.io/blog/checkmarx-kics-github-action-compromised-malware-injected-in-all-git-tags

Felix Rieseberg on X: “Today, we’re releasing a feature that allows Claude to control your computer” https://x.com/felixrieseberg/status/2036193240509235452

A Top Google Search Result for Claude Plugins Was Planted by Hackers https://www.404media.co/a-top-google-search-result-for-claude-plugins-was-planted-by-hackers/

Lockheed Martin targeted in alleged breach by pro-Iran hacktivist https://www.cybersecuritydive.com/news/lockheed-martin-breach-pro-iran-hacktivist/815430/

CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices https://techcrunch.com/2026/03/19/cisa-urges-companies-to-secure-microsoft-intune-systems-after-hackers-mass-wipe-stryker-devices/

FBI seems to seize website tied to Iranian cyberattack on Stryker https://www.nbcnews.com/tech/security/iran-cyber-attack-stryker-us-company-risk-war-fbi-handala-rcna264332

Stryker confirms cyberattack is contained and restoration underway https://www.cybersecuritydive.com/news/stryker-confirms-cyberattack-is-contained-and-restoration-underway/815427/

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild https://www.wired.com/story/hundreds-of-millions-of-iphones-can-be-hacked-with-a-new-tool-found-in-the-wild/

Someone has publicly leaked an exploit kit that can hack millions of iPhones https://techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/

Russia-linked hackers use advanced iPhone exploit to target Ukrainians https://therecord.media/russia-linked-hackers-use-iphone-exploit-ukraine

Apple rolls out first ‘background security’ update for iPhones, iPads, and Macs to fix Safari bug https://techcrunch.com/2026/03/17/apple-rolls-out-first-background-security-update-for-iphones-ipads-and-macs-to-fix-safari-bug/

Post by @wartranslated.bsky.social — Bluesky https://bsky.app/profile/wartranslated.bsky.social/post/3mhnj7y42ys2o

Signal’s Creator Is Helping Encrypt Meta AI https://www.wired.com/story/signals-creator-is-helping-encrypt-meta-ai/

Hacker says they compromised millions of confidential police tips held by US company https://www.reuters.com/legal/government/hacker-says-they-compromised-millions-confidential-police-tips-held-by-us-2026-03-18/

Millions of ‘anonymous’ crime tips exposed in massive Crime Stoppers hack https://san.com/cc/millions-of-anonymous-crime-tips-exposed-in-massive-crime-stoppers-hack-exclusive/

[ Full show notes at https://risky.biz/RB830 ]