From Epstein to Notepad++: Redactions, Zero-Days and Supply Chain Attacks

(Presented by Thinkst Canary: Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents.)

Three Buddy Problem - Episode 84: We process the cybersecurity fallout from the latest Epstein document dump, focusing on why redactions fail in the AI era and how quickly modern tools can unravel them. The conversation moves from sloppy redaction practices and exploit mythology to harder questions about ethics, accountability, and silence within the infosec community.

Plus, inside the Notepad++ supply-chain compromise attributed to a known Chinese APT, Microsoft’s security executive changes, Anthropic's AI-driven vulnerability discovery, China-linked network implants, and Lockdown Mode thwarting FBI investigators.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Thinkst Canary - Customer Love
• Transcript (unedited, AI-generated)
• Did a renowned hacker help Jeffrey Epstein get ‘dirt on other people'?
• DOJ releases details alleged talented hacker working for Jeffrey Epstein
• Claude Opus 4.6 \ Anthropic
• 0-Days \ red.anthropic.com
• JAGS' Claude Code SDLC config
• CERT-Ukraine on zero-day attacks via MS Office
• Executive security shuffle at Microsoft
• TLPBLACK: What we know about the Notepad++ supply chain attack
• Lotus Blossom APT targets critical infrastructure via Notepad++.
• Kaspersky: Notepad++ supply chain attack breakdown
• Validin: Exploring the C2 Infrastructure of the Notepad++ Compromise
• Hostinger server unauthorized access case: What happened with Notepad++ and how we resolved it
• Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
• Palo Alto Unit 42: The Shadow Campaigns - Uncovering Global Espionage
• FBI Couldn’t Get into WaPo Reporter’s iPhone Because It Had Lockdown Mode Enabled
• Court document: FBI Washington Post Lockdown Mode
• PIVOTcon
• TLP BLACK
• LABScon 2026
• Decipher podcast (Dennis Fisher)
• Detection Engineering newsletter (Zack Allen)