Risky Business Podcast
March 25, 2026
Risky Business #830 -- LiteLLM and security scanner supply chains compromised
Presented by
Enterprise Technology Editor
Technology Editor
CEO and Publisher
On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They talk through:
- TeamPCP’s supply chain attack on Github, and they threw in an anti-Iran wiper, because why not?!
- Anthropic hooks up its models to just… use your whole computer
- After Stryker’s Very Bad Day, CISA says maybe add some more controls around your Intune?
- Another iOS exploit kit shows up in the cyber bargain-bin
- The FTC decides to ban… all new home routers?! U wot m8?!
- Supermicro founder was personally sanction-busting Nvidia GPUs into China?!
This week’s episode is sponsored by enterprise browser maker, Island. Chief Customer Officer Bradon Rogers joins Pat to explain how its customers are using Island to control the use of personal AI services in regulated industries.
This episode is also available on Youtube.
Brought to you by Island
The Enterprise Browser
Show notes
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
TeamPCP deploys CanisterWorm on NPM following Trivy compromise
Andrej Karpathy on X: "Software horror: litellm PyPI supply chain" attack
Checkmarx KICS GitHub Action Compromised: Malware Injected in All Git Tags
Felix Rieseberg on X: "Today, we’re releasing a feature that allows Claude to control your computer"
A Top Google Search Result for Claude Plugins Was Planted by Hackers
Lockheed Martin targeted in alleged breach by pro-Iran hacktivist
CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices
FBI seems to seize website tied to Iranian cyberattack on Stryker
Stryker confirms cyberattack is contained and restoration underway
Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild
Someone has publicly leaked an exploit kit that can hack millions of iPhones
Russia-linked hackers use advanced iPhone exploit to target Ukrainians
Apple rolls out first 'background security' update for iPhones, iPads, and Macs to fix Safari bug
Post by @wartranslated.bsky.social — Bluesky
Signal’s Creator Is Helping Encrypt Meta AI
Hacker says they compromised millions of confidential police tips held by US company
Millions of 'anonymous' crime tips exposed in massive Crime Stoppers hack
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
FCC bans import of consumer-grade routers amid national security concerns
White House pours cold water on cyber ‘letters of marque’ speculation
Google launches threat disruption unit, stops short of calling it ‘offensive'
Supermicro’s cofounder was just arrested for allegedly smuggling $2.5 billion in GPUs to China
Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US
Man pleads guilty to $8 million AI-generated music scheme
Two Israelis AI generated "intelligence" and sold it to Iran