Risky Business #831: AI Bugpocalypse, North Korean npm Backdoor, Cisco Breach, and Citrix Exploitation
This week's Risky Business podcast covers a North Korean backdoor in a 100M-downloads-a-week npm package, a TeamPCP breach of Cisco's source code, active exploitation of a Citrix NetScaler memory leak, and AI tools like Claude finding zero-day vulnerabilities.
The latest episode of the Risky Business podcast, hosted by Patrick Gray with Adam Boileau and James Wilson, delivers a dense roundup of the most consequential cybersecurity events of the past week. The show covers a North Korean supply-chain attack on a massively popular npm package, a brazen breach of Cisco's internal source code and cloud environments, active exploitation of a Citrix NetScaler vulnerability, and a series of demonstrations showing that AI tools like Anthropic's Claude are now capable of autonomously discovering zero-day vulnerabilities.
First, the podcast details how North Korean threat actors backdoored an npm package with over 100 million weekly downloads. The attack, linked to the same group behind the recent Axios supply-chain compromise, involved injecting malicious code into a widely used JavaScript library. The Record from Recorded Future News reported that Google has attributed the Axios attack to a North Korean state-sponsored group, and this npm backdoor appears to be part of the same campaign. The scale of the infection is staggering, potentially affecting millions of downstream applications and developer environments.
Second, the team discusses the TeamPCP breach of Cisco's source code and Trivy's development environments. According to a post on X by chiefofautism, attackers gained access to Cisco's source code and cloud infrastructure, exfiltrating proprietary data. The breach is linked to a compromised developer environment associated with Trivy, a popular open-source vulnerability scanner. The incident underscores the growing risk of supply-chain attacks targeting the tools and infrastructure used by major technology vendors.
Third, the podcast covers the active exploitation of a Citrix NetScaler memory leak vulnerability, tracked as CVE-2026-4747. Cybersecurity Dive and The Record report that CISA has confirmed exploitation in the wild and has ordered federal agencies to patch the bug by Thursday. The vulnerability allows an unauthenticated attacker to leak sensitive memory contents, potentially exposing session tokens, credentials, and other secrets. Given the widespread deployment of NetScaler appliances in enterprise and government networks, this is a critical threat.
Fourth, the show highlights a series of demonstrations showing that AI tools like Anthropic's Claude are becoming genuinely capable of finding zero-day vulnerabilities. In one notable example, Claude autonomously discovered and exploited a remote kernel code execution vulnerability in FreeBSD (CVE-2026-4747). Another demonstration showed Claude writing a full FreeBSD remote kernel RCE exploit with a root shell. Security researcher h0mbre noted on X that "Claude is somehow better at kernel exploitation than creating meal plans." This trend, which the podcast dubs the "AI bugpocalypse," suggests that AI-powered vulnerability research is rapidly maturing.
Finally, the episode touches on Kaspersky's research linking the Coruna exploit kit to Operation Triangulation, a sophisticated iOS spyware campaign. Kaspersky's Securelist report reveals shared code lineage between the two, suggesting that the same developers may be behind both. The podcast also covers Iranian hackers dumping emails allegedly stolen from Kash Patel's Gmail account, and a warning from Iran's IRGC that American tech companies are now considered "legitimate targets."
The episode is sponsored by Dropzone AI, which offers automated AI SOC analysts with pre-canned 'hunt packs' for finding security-relevant anomalies. The show notes also link to a Risky Business experiment on hunting for iOS 0day with AI, and a CyberScoop article where security leaders say the next two years are going to be 'insane.'