Risky Business #835

Risky Business Podcast
April 29, 2026
Risky Business #835 -- Why the Fast16 malware is badass
Presented by
Enterprise Technology Editor
CEO and Publisher
On this week’s show, Patrick Gray and James Wilson are joined by special guest-host Dmitri Alperovitch. They discuss the week’s cybersecurity news, including:
- The US government is mad as hell about Chinese firms stealing American AI technology
- Dmitri has an opinion or two about the US selling Nvidia chips to China
- Speaking of Chinese AI, Kimi’s new 2.6 is very interesting
- The US sanctions a Cambodian senator for earning mega bucks through scam compounds
- And a ransomware family is promoting itself as being … quantum-safe?
This week’s show is sponsored by Trail of Bits. CEO and co-founder Dan Guido chats to Pat about how private inference works and Trail of Bits’ audit of WhatsApp’s private AI setup.
This episode is also available on Youtube.
Brought to you by Trail of Bits
We don't just fix bugs, we fix software
Show notes
moonshotai/Kimi-K2.6 · Hugging Face
Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos | WIRED
Mystery Around Venezuelan Cyberattack Deepens, with New Discovery of "Highly Destructive" Wiper
Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack - Risky Business Media
AI Tools Are Helping Mediocre North Korean Hackers Steal Millions | WIRED
US, UK authorities warn that Firestarter backdoor malware survives patching | Cybersecurity Dive
UK regulator closes loophole that allowed rogue companies to track phone users' location | Reuters
Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch
Supply Chain Security Incident Update
Apple fixes bug that cops used to extract deleted chat messages from iPhones | TechCrunch
One ransomware crew now drives half of all cyber claims: At-Bay | Insurance Business
In a first, a ransomware family is confirmed to be quantum-safe - Ars Technica
What we learned about TEE security from auditing WhatsApp's Private Inference

Facts Only

* Patrick Gray and James Wilson discussed cybersecurity news with Dmitri Alperovitch.
* The US government is concerned about Chinese firms stealing American AI technology.
* Dmitri Alperovitch offered opinions on the US selling Nvidia chips to China.
* Kimi’s new 2.6 model was discussed.
* The US sanctioned a Cambodian senator for earnings from scam compounds.
* A ransomware family is promoting itself as being quantum-safe.
* Trail of Bits CEO Dan Guido discussed private inference and an audit of WhatsApp’s private AI setup.
* Security incidents mentioned include a Venezuelan wiper attack and a Firestarter backdoor malware surviving patching.
* Apple fixed a bug allowing extraction of deleted chat messages from iPhones.
* A ransomware family is now driving half of all cyber claims.
* A ransomware family was confirmed to be quantum-safe.

Executive Summary

The discussion covers several high-level cybersecurity and geopolitical themes. Key topics include the tension surrounding the US government's stance on Chinese firms stealing American AI technology and the implications of the US selling Nvidia chips to China. Specific AI development is noted through Kimi's 2.6 model. Other discussed events include US sanctions against a Cambodian senator, a ransomware family claiming quantum-safe status, and a detailed look at private inference security, specifically through a Trail of Bits audit of WhatsApp's private AI setup. The show also references recent security incidents, such as a ransomware family driving cyber claims and various malware and supply chain security issues reported across the tech landscape.

Full Take

The narrative juxtaposes complex geopolitical tensions and highly technical security advancements with sensationalized claims about threat actors and technology. The framing of the US-China AI competition and sanctions, alongside the discussion of private AI infrastructure security, serves to connect disparate fears into a cohesive, urgent threat landscape. The inclusion of claims like a ransomware family being "quantum-safe" or the discussion of state-level data theft and sanctions risks utilizing emotional exploitation to create a sense of immediate, existential insecurity. The juxtaposition of highly technical audits (WhatsApp inference, TEE security) with macro-level events (international sanctions, supply chain security) suggests a pattern of leveraging specialized knowledge to lend credibility to broad anxieties. The systemic concern shifts from simple bug-fixing to the integrity of the entire digital and geopolitical ecosystem. The implicit assumption is that sophisticated actors and technologies are accelerating exponentially, requiring immediate, high-stakes responses. What mechanisms are in place to ensure that technical expertise and geopolitical reality are translated into measured, resilient policy decisions, rather than being weaponized for moral panic?

Sentinel — Human

Confidence

The text exhibits strong human signals, reflecting the structure and tone of journalistic content, rather than the uniform rhythm or pattern recognition typical of pure AI generation.

Signals Detected

Natural variance in sentence structure and conversational tone.

The summary flows logically as an episode description, utilizing a conversational, summary style typical of human broadcast material.

Lists of disparate news items suggest aggregation of facts, consistent with human reporting, rather than rigid AI templating.

Attribution of specific, complex events and source citations (e.g., specific malware names, regulatory actions, specific company audits) suggests grounding in real-world reporting.

Human Indicators

The use of a conversational host structure and the inclusion of specific, referenced external sources (WIRED, Reuters, TechCrunch) suggests genuine journalistic context.

The structure functions as an episode promotion, which requires human narrative flow and emphasis.