Apple’s iOS forensics freeze, WhatsApp zero-click, China outs NSA

Three Buddy Problem - Episode 69: We dig into news that Apple's iOS 26 has quietly killed the shutdown.log forensic artifact used to spot signs of infections and what it means for threat hunters. Plus, whispers of a million-dollar WhatsApp zero-click exploit that never materialized at Pwn2Own, a surreal court case linking a Trenchant exploit developer to Russian buyers, and Chinese threat intel reports pointing fingers at the NSA.

We also discuss calls for the US government to build a structured, lawful ecosystem for private-sector offensive operations to address existing chaos and market gaps.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Transcript (unedited, AI-generated)
• Key IOCs for iPhone Spyware Cleaned With iOS 26 Update
• Exploitation of WSUS Remote Code Execution Vulnerability (CVE-2025-59287)
• Hamid Kashfi on CVE-2025-59287
• Pwn2Own Ireland results
• Hacking Lab Boss Charged with Seeking to Sell Secrets in Russia
• Court doc (Peter Williams case)
• Cyber Insurer Sues Policyholder’s Cyber Pros
• NSA Accused of Stealing Secrets from China's National Time Centre
• China's CN-CERT on alleged NSA espionage operation
• DanderSpritz documentation
• Building the US market for offensive cyber
• Netherlands Limits Intelligence-Sharing With US Amid Politicization, Russia Fears
• Agenda - Binding Hook Live
• Agenda - State of Statecraft
• TBP Live at Countermeasures (Ottawa)