On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Microsoft reshuffles security leadership. It doesn’t spark joy.
• Russia is hacking the Winter Olympics. Again. But y tho?
• China-linked groups are keeping busy, hacking telcos in Norway, Singapore and dozens of others
• Campaigns underway targeting Ivanti, BeyondTrust and SolarWinds products
• An unknown hero blocks 23/tcp on the US internet backbone
• And James Wilson pops into talk about Claude’s go at a C compiler

This episode is sponsored by Ent.AI, an AI startup that isn’t quite ready to tell us all what they’re doing. But nevertheless, founder Brandon Dixon joins to discuss AI’s role in security. Where does language-based understanding take us that previous methods couldn’t?

Show Notes:

Updates in two of our core priorities https://blogs.microsoft.com/ blog/2026/02/04/updates-in-two-of-our-core-priorities/

Strengthening Windows trust and security through User Transparency and Consent https://blogs.windows.com/windowsexperience/2026/02/09/strengthening-windows-trust-and-security-through-user-transparency-and-consent/

Microsoft prepares to refresh Secure Boot’s digital certificate https://www.cybersecuritydive.com/news/microsoft-secure-boot-certificate-update/811846/

Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilities https://cyberscoop.com/microsoft-patch-tuesday-february-2026/

Microsoft releases urgent Office patch. Russian-state hackers pounce https://arstechnica.com/security/2026/02/russian-state-hackers-exploit-office-vulnerability-to-infect-computers/

Italy blames Russia-linked hackers for cyberattacks ahead of Winter Olympics https://therecord.media/italy-blames-russia-linked-hackers-winter-games-cyberattack

Researchers uncover vast cyberespionage operation targeting dozens of governments worldwide https://therecord.media/research-cyber-espionage-targeting-dozens-worldwide

Germany warns of state-linked phishing campaign targeting journalists, government officials https://therecord.media/germany-warns-phishing-campaign-signal-gov-officials-journalists

Norwegian intelligence discloses country hit by Salt Typhoon campaign https://therecord.media/norawy-intelligence-discloses-salt-typhoon-attacks

Singapore says China-linked hackers targeted telecom providers in major spying campaign https://therecord.media/singapore-attributes-telecoms-hacks-unc3886

Largest Multi-Agency Cyber Operation Mounted to Counter Threat Posed by Advanced Persistent Threat (APT) Actor UNC3886 to Singapore’s Telecommunications Sector https://www.csa.gov.sg/news-events/press-releases/largest-multi-agency-cyber-operation-mounted-to-counter-threat-posed-by-advanced-persistent-threat–apt–actor-unc3886-to-singapore-s-telecommunications-sector/

How Intel and Google Collaborate to Strengthen Intel® TDX https://www.intel.com/content/www/us/en/security/security-practices/blogs/google-collaboration-strengthen-intel-tdx.html

Strengthening the Foundation: A Joint Security Review of Intel TDX 1.5 https://bughunters.google.com/blog/a-joint-security-review-of-intel-tdx-15

Active Exploitation of SolarWinds Web Help Desk (CVE-2025-26399) https://www.huntress.com/blog/active-exploitation-solarwinds-web-help-desk-cve-2025-26399

EU, Dutch government announce hacks following Ivanti zero-days https://therecord.media/eu-dutch-government-announce-hacks-ivanti-zero-days

North Korean hackers targeted crypto exec with fake Zoom meeting, ClickFix scam https://therecord.media/north-korean-hackers-targeted-crypto-exec-clickfix

BeyondTrust warns of critical RCE flaw in remote support software https://www.bleepingcomputer.com/news/security/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software/

Rapid7 Analysis of CVE-2026-1731 https://attackerkb.com/topics/jNMBccstay/cve-2026-1731/rapid7-analysis

Building a C compiler with a team of parallel Claudes https://www.anthropic.com/engineering/building-c-compiler

Post by @ryiron.bsky.social https://bsky.app/profile/ryiron.bsky.social/post/3me6gr5p3ik25

What AI Security Research Looks Like When It Works https://aisle.com/blog/what-ai-security-research-looks-like-when-it-works

South Korean crypto exchange races to recover $40bn of bitcoin sent to customers by mistake https://www.theguardian.com/world/2026/feb/10/bithumb-korean-crypto-exchange-sent-bitcoin-mistake

White House to meet with GOP lawmakers on FISA Section 702 renewal https://therecord.media/white-house-to-meet-gop-lawmakers-702-renewal-path