Alex: Welcome to Cleartext. It's Thursday, May 28th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves. Let's get into it.

Alex: We have a packed show today. The GCHQ director went very public this week with two major warnings — one about Russia's daily attacks on UK infrastructure, the other about AI reshaping cyber warfare. We've got CrowdStrike dismantling a botnet that's been poisoning the open-source supply chain for over a year. The FBI is warning about ransomware actors who are literally walking into law firms. And a new report that should make every CISO audit their vendor contracts before the end of the week. Let's start where Jordan wants to start.

Jordan: So Anne Keast-Butler, the director of GCHQ, stood up this week and said something that intelligence officials almost never say this plainly: Russia is conducting daily attacks on the United Kingdom, quote, "from seabed to cyberspace." Daily. She confirmed GCHQ is actively defending subsea cables, energy pipelines, disrupting Russian technology smuggling networks, and countering what she called reckless sabotage and assassination attempts. This is not a threat briefing about what might happen. This is an operational disclosure about what is happening right now.

Alex: And the reason this matters to our audience — most of whom are not defending subsea cables — is the signal it sends about threat posture across the entire Western alliance. If you're a CISO at a multinational with operations in Europe, or if you have third-party dependencies that touch UK critical infrastructure, energy, telecommunications, logistics, this is your threat model shifting in real time. When GCHQ goes public like this, they're telling the private sector: update your assumptions.

Jordan: Exactly. And the subtext is important. GCHQ doesn't make these disclosures for fun. They're building public and political support for increased defensive spending and for the private sector to take action. When the head of a signals intelligence agency says "daily attacks," she's telling CISOs in allied nations: your board needs to hear this.

Alex: The second piece from the same set of remarks is Keast-Butler calling AI an "unstoppable force" with offensive and defensive ramifications. She announced GCHQ is building an AI-powered national cyber shield, explicitly because adversary nations are already deploying AI in their offensive operations.

Jordan: Two things stand out to me here. First, the framing. She didn't say AI is a concern or a risk. She said unstoppable force. That's a signal that the UK intelligence community has concluded there is no scenario where AI doesn't fundamentally reshape cyber conflict. Second, she explicitly called on businesses to take urgent action. That's unusual. Intelligence chiefs don't typically issue calls to action for the private sector unless they see a gap that government alone cannot close.

Alex: Which dovetails directly into our next story, because the research on AI-assisted exploit development is no longer theoretical. Dark Reading covered new findings this week confirming that attackers are using AI to dramatically compress the time from CVE disclosure to working exploit. And here's the key finding: AI-assisted exploit development is now outpacing the detection capabilities of conventional vulnerability scanners.

Jordan: Let me put that in operational terms. Your scan-based vulnerability management program was built on the assumption that you had a window — days, sometimes weeks — between a CVE going public and an exploit appearing in the wild. That window is collapsing. If your patch prioritization cadence is still calibrated to a pre-AI threat landscape, you are behind.

Alex: This doesn't mean abandon scanners. It means scanners are necessary but no longer sufficient. You need to layer in threat intelligence-driven prioritization, assume faster exploitation timelines, and have compensating controls ready for the gap between disclosure and patch deployment. If your MTTR on critical CVEs is measured in weeks, that's now a board-level risk conversation.

Jordan: Let's pivot to supply chain, because CrowdStrike, Google, and Shadowserver coordinated the takedown of the Glassworm botnet this week. This one had been operating since early 2025 — over a year — injecting malware into hundreds of open-source software packages. The operation took down four attacker-controlled servers simultaneously.

Alex: Hundreds of packages. Since early 2025. Think about how many build pipelines consumed those dependencies over sixteen months. If you're an enterprise that relies on open-source — and let's be honest, that's every enterprise — you need to be asking your engineering teams a very specific question right now: have we audited our dependency trees against the Glassworm indicator list?

Jordan: CrowdStrike published indicators. Google published indicators. If your software composition analysis tooling isn't already flagging these, that's a gap. And this brings us to the IBM story, which is actually a useful bookend.

Alex: IBM and Red Hat announced Project Lightwell this week — a five billion dollar commitment to create what they're calling an enterprise clearinghouse for open-source software security. Twenty thousand engineers, frontier AI capabilities, covering the full lifecycle from upstream development through production. It's a massive bet.

Jordan: Five billion dollars is a market signal, not just an investment. IBM is betting that enterprises will pay for a trusted intermediary layer between raw open-source and production environments. Given what Glassworm just demonstrated, that bet looks well-timed. Whether Project Lightwell delivers on the promise is another question, but the strategic direction is sound. CISOs should watch this closely — not to buy today, but to understand where the market is heading on supply chain trust.

Alex: Good. Let's shift to the FBI warning about Silent Ransom Group, because this one is genuinely different. Jordan, set this up.

Jordan: So the FBI issued a formal warning that Silent Ransom Group is physically visiting law firm offices. Walking in the door. Social engineering staff to get direct access to servers and databases. This is not a phishing email. This is not a compromised VPN. This is a human being standing in your lobby, talking their way past reception, and accessing your systems in person.

Alex: This is the convergence of physical and cyber security that we've been talking about for years in theoretical terms. It's no longer theoretical. And the targeting is specific — law firms, professional services — because that's where the highest-value data lives with often the weakest physical access controls. If you're a CISO at a law firm, a financial advisory, an accounting firm, your physical security program and your cybersecurity program need to be having a joint conversation this week.

Jordan: The group is focused on data theft and extortion, not encryption. They don't need to deploy ransomware if they can walk out with your client files. And for law firms especially, the liability exposure from client data exfiltration is existential. This is a brief-the-managing-partner moment.

Alex: Let's stay on the social engineering theme because the Carnival breach fits here perfectly. ShinyHunters claimed responsibility. Carnival confirmed that the attacker compromised a single employee account through social engineering and used that access to exfiltrate personal data on approximately six million customers. The breach was identified on April 14th, which means they had time inside the environment.

Jordan: A single employee account. Six million records. Every time we see a breach like this, the root cause is the same: an employee was deceived, and the access that employee had — or could escalate to — was sufficient to reach millions of records. This is a controls conversation, not a training conversation. Phishing-resistant MFA, least privilege, privileged access monitoring. These are not aspirational goals anymore. They're baseline requirements.

Alex: Which connects directly to the Google Threat Intelligence Group's warning about Chinese-language phishing-as-a-service platforms. These platforms are using real-time OTP interception to defeat traditional MFA, then tokenizing stolen payment card credentials directly into attacker-controlled digital wallets. This is adversary-in-the-middle at industrial scale, offered as a service.

Jordan: The key phrase is "offered as a service." The sophistication barrier is gone. You no longer need to be a skilled threat actor to defeat OTP-based MFA. You need a subscription. If your organization is still relying on SMS or app-based one-time passwords as your primary MFA mechanism, you are defending against last year's threat landscape. FIDO2, hardware keys, phishing-resistant authentication — the migration timeline just got shorter.

Alex: Last story before we wrap. DataGrail released a report this week that should genuinely concern every CISO listening. They analyzed twenty-four hundred popular business software providers and found that sixty-three point six percent of vendors advertising AI capabilities do not disclose third-party AI subprocessors in their data processing agreements. Your vendors may be sending your data to AI models you never approved, and your DPAs don't cover it.

Jordan: Sixty-three percent. That means the majority of your AI-capable vendors are operating with a disclosure gap that directly undermines your compliance posture. If you're in a regulated industry, if you're subject to GDPR, state privacy laws, sector-specific regulations, your vendor risk management program has a blind spot that the regulators will eventually find.

Alex: This is an action item, not a watch item. Pull your top twenty AI-capable vendor contracts. Ask specifically about third-party AI subprocessors. If the DPA doesn't address it, you have a contract renegotiation conversation to initiate. This is the kind of governance gap that creates liability for the CISO personally, especially post-SEC enforcement actions.

Jordan: Alright, looking ahead. The theme this week is acceleration. Russia's daily attacks on allied infrastructure. AI compressing exploit development timelines. Phishing-as-a-service defeating MFA at scale. Open-source supply chains compromised for over a year before detection. Ransomware actors showing up in person. Every one of these stories reflects adversaries moving faster and operating more creatively than the defensive frameworks most enterprises have in place.

Alex: The question for CISOs this week isn't whether any single one of these threats applies to you. It's whether your program's assumptions about adversary speed, sophistication, and creativity are still valid. If your last strategic threat model refresh was six months ago, it's already stale. The tempo has changed.

Jordan: And the vendor trust story is the quiet bomb in the room. Everyone's focused on the loud threats — Russia, ransomware, botnets. But the systemic risk of your data flowing into AI models you didn't approve, through contracts that don't disclose it, that's the kind of risk that compounds silently until it doesn't.

Alex: Well said. That's our show for Thursday, May 28th. Show notes and links to every story we covered today are at cleartext.fm. We'll be back tomorrow. Stay sharp.

Jordan: Stay sharp.