[00:00] Aaron Cole: From Neural Newscast, this is Prime Cyber Insights, Intelligence for Defenders, Leaders, and Decision
[00:05] Aaron Cole: Makers.
[00:06] Chad Thompson: Critical infrastructure is in the crosshairs this Sunday, February 22, 2026.
[00:12] Chad Thompson: We're tracking a massive ransomware shutdown at the University of Mississippi Medical Center
[00:17] Chad Thompson: and a long-term breach at PayPal.
[00:20] Chad Thompson: Joining us today is Chad Thompson, a director-level AI and security leader with a systems-level
[00:26] Chad Thompson: perspective on automation and enterprise risk.
[00:28] Chad Thompson: Chad, it's great to have you.
[00:31] Chad Thompson: We have to start with the health care crisis in Mississippi.
[00:34] Chad Thompson: Since Thursday, the University of Mississippi Medical Center has shuttered all 35 clinics.
[00:39] Chad Thompson: We're talking about canceled chemotherapy and elective procedures because their epic electronic
[00:45] Chad Thompson: health records and phone systems are completely down.
[00:48] Chad Thompson: The FBI is surging resources, but staff are essentially working off paper right now.
[00:53] Chad Thompson: At the same time, we're seeing PayPal confirm a breach where a hacker had access from July
[00:59] Chad Thompson: to December of last year due to a code error in their working capital loan application.
[01:04] Lauren Mitchell: Lauren, the PayPal incident is particularly concerning because of that six-month window.
[01:10] Lauren Mitchell: While it only hit about 100 users, the exposure of social security numbers and business addresses for that long creates a massive tail of risk.
[01:19] Lauren Mitchell: It's a reminder that even in highly regulated financial environments, small code changes can lead to persistent undetected access.
[01:27] Lauren Mitchell: This connects directly to the supply chain pressure we're seeing with the ransomware attack on chip testing giant advent tests this week.
[01:34] Chad Thompson: Right. AdBinTest is a linchpin in semiconductor manufacturing.
[01:39] Chad Thompson: If their operations stall, the entire global chip supply fuels it.
[01:44] Chad Thompson: But it's not all bad news on the tech front.
[01:46] Chad Thompson: Cogen Security just pulled in $42 million in funding.
[01:50] Chad Thompson: They're using AI to automate the prioritization of vulnerabilities.
[01:54] Chad Thompson: Chad, with the volume of exploits we're seeing, how vital is that AI-driven automation for enterprise resilience?
[02:00] Lauren Mitchell: It's essential.
[02:02] Lauren Mitchell: Look at the Forescout data from 2025.
[02:05] Lauren Mitchell: Over 500 ICS advisories with an average severity score of 8.07.
[02:13] Lauren Mitchell: Humans can't keep up with that volume manually.
[02:16] Lauren Mitchell: However, we're seeing the double-edged sword.
[02:19] Lauren Mitchell: The UAE just reported foiling terrorist cyber attacks where the actors actually used AI to develop offensive tools.
[02:29] Lauren Mitchell: We are moving toward an era where AI on AI defense is the only way to maintain operational stability.
[02:36] Chad Thompson: That automation gap is glaring when you look at the Beyond Trust flaw CVE-2026 to 1731.
[02:45] Chad Thompson: It has a CVSS of 9.9, and attackers were exploiting it within 24 hours of the proof-of-concept
[02:53] Chad Thompson: hitting earlier this month.
[02:55] Chad Thompson: We're also watching a critical stack-based buffer overflow in Grandstream GXP 1600 series phones.
[03:04] Chad Thompson: Rapid7 says it allows silent, transparent interception of calls.
[03:09] Chad Thompson: If you're an SMB using those phones, you need firmware 1.0.7.81 immediately.
[03:17] Chad Thompson: The enforcement side is pushing back, though.
[03:20] Chad Thompson: Interpol just announced a massive operation across Africa, netting 651 arrests and recovering over $4 million from romance scams and BEC schemes.
[03:32] Chad Thompson: It's a significant blow to organized cybercrime networks.
[03:36] Chad Thompson: Meanwhile, Lauren, Bumble is facing a class-action lawsuit over that shiny hunter's breach, alleging they didn't do enough to protect sensitive user data.
[03:47] Lauren Mitchell: The Bumble case and the EU Parliament's decision to block AI features on corporate tablets highlight the growing tension between utility and privacy.
[03:58] Lauren Mitchell: The Parliament is literally disabling these features because they can't guarantee data won't leak to external clouds.
[04:05] Lauren Mitchell: This is why CISA is opening another comment period for CIR-CIA reporting rules.
[04:13] Lauren Mitchell: They need the industry to help clarify how we report these incidents without it becoming a purely administrative burden.
[04:22] Chad Thompson: Speed of reporting is going to be the theme of 2026.
[04:25] Chad Thompson: From UMCC's paper and pen recovery to PayPal's six-month detection gap, the window for response
[04:32] Chad Thompson: is shrinking.
[04:33] Chad Thompson: Organizations that can't automate their defense are going to find themselves on the wrong
[04:38] Chad Thompson: side of the next major breach.
[04:39] Chad Thompson: Chad, thank you for your insights on the systemic risks we're facing.
[04:44] Chad Thompson: For sure.
[04:45] Chad Thompson: And for our listeners, check those grants stream firmwares and stay vigilant on those PayPal accounts.
[04:51] Chad Thompson: We'll be here to track the fallout.
[04:53] Chad Thompson: We'll see you next time, Lauren.
[04:55] Chad Thompson: For more information, visit pci.neuralnewscast.com.
[05:00] Chad Thompson: Neural Newscast is AI-assisted, human-reviewed.
[05:05] Chad Thompson: View our AI transparency policy at neuralnewscast.com.
[05:09] Aaron Cole: This has been Prime Cyber Insights on Neural Newscast.
[05:13] Aaron Cole: Intelligence for defenders, leaders, and decision makers.
[05:16] Aaron Cole: Neural Newscast uses artificial intelligence in content creation
[05:20] Aaron Cole: with human editorial review prior to publication.
[05:23] Aaron Cole: While we strive for factual, unbiased reporting, AI-assisted content may occasionally contain
[05:29] Aaron Cole: errors. Verify critical information with trusted sources. Learn more at neuralnewscast.com.