On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Musk’s DOGE kid has a history with The Com
• Paragon fires Italy as a spyware customer
• Thailand cuts power to scam compounds…
• … and arrests Phobos/8Base Russian cybercrims
• The CyberCX DFIR report shows non-U2F MFA is well and truly over
• And much, much more.

This week’s episode is sponsored by Dropzone.AI. They make an AI SOC analysis platform that relieves your analysts of the necessary but tedious work, so they can focus on the value of human insight. Dropzone’s founder and CEO Edward Wu joins to talk about how they approach the problem.

This episode is also available on Youtube.

Show notes

• Teen on Musk’s DOGE Team Graduated from ‘The Com’ – Krebs on Security
• ACLU Warns DOGE’s ‘Unchecked’ Access Could Violate Federal Law | WIRED
• Lawsuit accuses Trump administration of violating federal information security law | The Record from Recorded Future News
• The Recruitment Effort That Helped Build Elon Musk’s DOGE Army | WIRED
• States prepare privacy lawsuit against DOGE over access to federal data | The Record from Recorded Future News
• Union groups sue Treasury over giving DOGE access to sensitive data | The Record from Recorded Future News
• Student group sues Education Department over reported DOGE access to financial aid databases | The Record from Recorded Future News
• Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts | The Record from Recorded Future News
• DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers - Ars Technica
• DeepSeek Is a Win for Chinese Hackers - Risky Business
• Owner of spyware used in alleged WhatsApp breach ends contract with Italy | WhatsApp | The Guardian
• Another person targeted by Paragon spyware comes forward | TechCrunch
• Apple fixes security flaw allowing third-party access to locked devices | The Record from Recorded Future News
• U.S. sanctions bulletproof hosting provider for supplying LockBit infrastructure | CyberScoop
• Thailand cuts power supply to Myanmar scam hubs | The Record from Recorded Future News
• 8Base ransomware site taken down as Thai authorities arrest 4 connected to operation | The Record from Recorded Future News
• Two Russian nationals arrested in takedown of Phobos ransomware infrastructure | The Record from Recorded Future News
• The Company Man: Binance exec detained in Nigeria breaks his silence | The Record from Recorded Future News
• Deloitte pays $5M in connection with breach of Rhode Island benefits site | Cybersecurity Dive
• DFIR - Threat Report 2025 | CyberCX
• Request a Demo | Dropzone AI