Risky Business (844): China closes AI vulndev gap as US lifts Fable ban

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Co-host at large

On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover:

  • Anthropic’s Fable 5 returning while OpenAI’s GPT-5.6 gets thrown in model jail
  • Distillation, cheap tokens, and AI chat harvesting is an industry in China
  • Edge becomes a lolbin via a new malicious extension
  • An Iranian APT boss’s vacation in a beautiful place goes wrong
  • Much, much more!

In this week’s sponsor interview Daf Stuttard and Katie Warren from Portswigger pop along to talk about how they built an AI security testing product that people would actually feel comfortable using.

Show notes:

Anthropic (@AnthropicAI) on X | X (formerly Twitter) https://x.com/AnthropicAI/status/2072106151890809341

Howard Lutnick (@howardlutnick) on X | X (formerly Twitter) https://x.com/howardlutnick/status/2072100729603452965

U.S. government gives Anthropic green light for limited re-release of Mythos 5 | NBC News Tech https://www.nbcnews.com/tech/tech-news/us-government-gives-anthropic-green-light-limited-re-release-mythos-5-rcna352018

OpenAI limits GPT-5.6 rollout after government request | TechCrunch https://techcrunch.com/2026/06/26/openai-limits-gpt-5-6-rollout-after-government-request-says-restrictions-shouldnt-be-the-norm

The U.S. government will decide who gets to use the latest American AI technology | washingtonpost.com https://www.washingtonpost.com/technology/2026/06/26/openai-says-us-government-will-vet-users-its-latest-ai-model

Anthropic says Alibaba illicitly extracted Claude AI model capabilities | reut.rs https://reut.rs/3SpAcBn

How to Buy Cheap Claude Tokens in China | https://www.chinatalk.media/p/how-to-buy-cheap-claude-tokens-in

Alex Stamos (@alexstamos) on X | X (formerly Twitter) https://x.com/alexstamos/status/2071991571566981264

Synthesis of Exploitarium Mass Zero-Day Disclosure | detections.ai https://systemtwosecurity.com/share/inspiration/VNJMKFVM

Mythos on your desk? Using local LLMs for code reviews Risky Business Media https://risky.biz/RBFEATURES30

Beyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews | Security Research Labs https://srlabs.de/blog/beyond-fable

Accelerating EDR Evasion with LLM-Driven Analysis | SpecterOps https://specterops.io/blog/2026/06/29/llm-powered-edr-analysis

CISA: Windows BlueHammer flaw now exploited by ransomware gangs | BleepingComputer https://www.bleepingcomputer.com/news/security/cisa-windows-bluehammer-flaw-now-exploited-by-ransomware-gangs

When cybercriminals hire burglars: Inside an alleged Russian effort to infiltrate multibillion-dollar US law firms | CNN Politics | Social Signals https://edition.cnn.com/2026/06/27/politics/cybercriminals-hire-burglars-russian-us-law-firms

Microsoft quietly extends free Windows 10 ESU support to October 2027 | BleepingComputer https://www.bleepingcomputer.com/news/microsoft/microsoft-quietly-extends-free-windows-10-esu-support-to-october-2027

Edgecution: Malicious Edge Extension Backdoor | ThreatLabz | Social Signals https://www.zscaler.com/blogs/security-research/payouts-king-ransomware-initial-access-broker-deploys-new-edgecution

Bluekit phishing kit adopts browser-in-the-middle for login theft | BleepingComputer https://www.bleepingcomputer.com/news/security/bluekit-phishing-kit-adopts-browser-in-the-middle-for-login-theft

New macOS malware embeds fake errors to confuse AI analysis tools | BleepingComputer https://www.bleepingcomputer.com/news/security/new-macos-malware-embeds-fake-errors-to-confuse-ai-analysis-tools

DraftKings hacker ‘Snoopy’ sentenced to 18 months in prison | BleepingComputer https://www.bleepingcomputer.com/news/security/draftkings-hacker-snoopy-sentenced-to-18-months-in-prison

Polymarket says hackers stole users’ funds | TechCrunch Security https://techcrunch.com/2026/06/25/polymarket-says-hackers-stole-users-funds

Australia’s spy chief warns of rising terror and cyber threats | japantimes.co.jp https://www.japantimes.co.jp/news/2026/06/25/asia-pacific/australia-spy-chief-warning

Russian hackers were behind $2.5 billion hack of Jaguar Land Rover: Report | TechCrunch Security https://techcrunch.com/2026/06/26/russian-hackers-were-behind-2-5-billion-hack-of-jaguar-land-rover-report

Iranian national sought by US on hacking charges arrested in Montenegro | apnews.com https://apnews.com/article/45be9031b71d6cd939745f13dee16af4

[un]prompted.au - AI x CyberSecurity: Notes from the Field: Call for Speakers | https://sessionize.com/au-unprompted