(Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.)
Three Buddy Problem - Episode 94: We discuss a mysterious, VM-obfuscated backdoor that lived undetected on a single U.K. machine for a year before disappearing, finding clues pointing to an elite-level APT intrusion that still evades broader industry coverage.
Plus, connecting the dots across AI-driven vulnerability discovery, Microsoft’s massive Patch Tuesday, Jensen Huang talks cybersecurity, Mythos dangers and Chinese chips, and the quiet erosion of CVE enrichment at NIST.
Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.
Timestamps:
0:00 – Intros + AI news whiplash
5:10 – Patch Tuesday breakdown: Microsoft's second-largest CVE release ever
7:32 – AI accelerating vulnerability discovery at record pace
10:00 – Frontier lab cyber models, fine-tuning, guardrail removal & KYC
12:37 – FreeBSD NFS bug: Opus 4.6 was already finding critical vulns
14:26 – Anthropic's infrastructure strain: Is Opus being nerfed?
21:05 – OpenAI's Trusted Access for Cyber vs. Anthropic's Mythos cabal
28:45 – SharePoint zero-day CVE-2026-32201: The endless Microsoft tax
34:36 – Adobe Acrobat zero-day: A rare, real, Russia-linked exploit in the wild
41:36 – VirusTotal mining: The golden age of threat intel hunting
50:03 – ZionSiphon: Vibe-coded OT malware targeting Israeli water infrastructure
55:04 – Paleontology of threat research: When do you publish? Who do you trust?
1:13:53 – Angry Spark: A one-machine, one-year backdoor raises eyebrows
1:49:25 – Jensen Huang vs. Dwarkesh Patel on Mythos, China and chips
2:14:32 – Chinese AI distillation: 24,000 fake Anthropic accounts, DeepSeek & the catch-up question
Links:
- Transcript
- Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulns
- ZDI: April 2026 Patch Tuesday Review
- Inside ZionSiphon: OT Malware Targeting Israeli Water Systems
- GenDigital: Chasing an Angry Spark
- MAD Bugs: Month of AI-Discovered Bugs (Calif)
- HackerOne: The Vulnerability Apocalypse is a Remediation Crisis
- OpenAI scaling up Trusted Access for Cyber (TAC) Program
- OpenAI Commits $10m in API credits for cybersecurity
- Anthropic: Introducing Claude Opus 4.7
- OpenAI confirms Axios developer tool compromise
- Jensen Huang x Jensen Huang on Nvidia’s AI Moat
- Anthropic: Detecting and preventing distillation attacks
- NIST Updates NVD Operations to Address Record CVE Growth
- Dreadnode Open-Source Tools to Measure AI Offense-Defense Gap
- LABScon 2026 Call for Papers
- Cyber-Paleontology in the Age of AI (Black Hat Asia 2026)
- Ekoparty Miami Schedule
- TLPBLACK
Fler avsnitt av Three Buddy Problem
Visa alla avsnitt av Three Buddy ProblemThree Buddy Problem med Security Conversations finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.