Signalgate redux, OpenAI's Aardvark, normalizing cyber offense

Three Buddy Problem - Episode 44: We unpack news that US government officials are using an obscure app to archive Signal messages, OpenAI’s new “Aardvark” code-evaluation and reasoning model and leapfrog implications, NSC cyber lead Alexei Bulazel on normalizing US offensive operations, and JP Morgan Chase CISO’s warning to software vendors. Plus, fresh SentinelOne threat-intel notes, France’s attribution of GRU activity and a head-scratching $330 million Bitcoin heist. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) , Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu) . Links: • Transcript (unedited, AI-generated) (https://docs.google.com/document/d/1K6oD3WVGNtnQZQy-1hBW3qoRNgVo1UrNKy2dktwL7RA/edit?tab=t.0#heading=h.iyimfr9zwj2b) • US government using obscure app to archive Signal messages (https://www.404media.co/mike-waltz-accidentally-reveals-obscure-app-the-government-is-using-to-archive-signal-messages/) • Reuters photo of Mike Waltz phone (https://www.reutersconnect.com/item/us-national-security-advisor-mike-waltz-attends-a-cabinet-meeting-held-by-president-trump-at-the-white-house-in-washington/dGFnOnJldXRlcnMuY29tLDIwMjU6bmV3c21sX1JDMkg4RUFEOEtGRw%3D%3D?ref=404media.co) • US revokes Romania visa waiver program (https://www.dhs.gov/news/2025/05/02/dhs-announces-rescission-romanias-designation-visa-waiver-program) • OpenSSH bug found by OpenAI 'Aardvark' (https://github.com/openssh/openssh-portable/commit/c991273c18afc490313a9f282383eaf59d9c13b9) • JP Morgan Chase CISO: An open letter to third-party suppliers (https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliers) • JPMorgan Chase CISO Fires Warning Shot Ahead of RSA Conference (https://www.securityweek.com/jpmorgan-chase-ciso-fires-warning-shot-ahead-of-rsa-conference/) • SentinelOne LABS on DPRK threat actor targeting (https://www.sentinelone.com/labs/top-tier-target-what-it-takes-to-defend-a-cybersecurity-company-from-todays-adversaries/) • Alexei Bulazel comments at RSA conference (https://cyberscoop.com/alexei-bulazel-white-house-national-security-councial-destigmatize-offensive-cyber-rsac-2025/) • Google report on 0day exploitation in 2024 (https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends) • Apple notifies new victims of spyware attacks across the world (https://techcrunch.com/2025/04/30/apple-notifies-new-victims-of-spyware-attacks-across-the-world/) • France attributes cyberattacks to Russia's military intelligence (https://www.diplomatie.gouv.fr/fr/dossiers-pays/russie/evenements/evenements-de-l-annee-2025/article/russie-attribution-de-cyberattaques-contre-la-france-au-service-de) • RT-Solar on ViPNet backdoor from 2021 (https://rt-solar.ru/solar-4rays/blog/5487/) • Kaspersky: Sophisticated backdoor mimicking secure networking software updates (https://securelist.com/new-backdoor-mimics-security-software-update/116246/) • $330m Bitcoin heist (https://x.com/zachxbt/status/1916756932763046273?s=46&t=ePKy91eN-ionB9LpDaBXcA)