Every week there’s a new zero-day, a new CVE, a new headline. But what rarely gets talked about is what real threat hunting is uncovering when you actually go looking.

Today’s conversation is about what’s happening beyond zero-days — the automated scanning, the long-tail exploitation, the shared infrastructure, and the attack behavior that lives in the background noise of the internet.

We’re joined by Vijay Akasapu, CEO of Cylerian, whose team recently went hunting for early React2Shell exploitation and instead uncovered something much bigger: a multi-layered exploitation ecosystem probing across Java, Python, and PHP stacks at the same time.

Welcome back to The CyberCall. Today we’re tackling one of the fastest-growing risks MSPs face: third-party exposure in the age of AI.

Our guest is Greg Rasner — author of Cybersecurity and Third-Party Risk and a leading voice on how AI is reshaping vendor security. Greg has spent years helping organizations understand how a single weak vendor can create massive operational, financial, and reputational damage.

With his new book on AI and third-party risk coming soon, Greg joins us to share what’s changing, what MSPs are missing, and what leaders must do now to protect their businesses.

Today’s conversation is all about how MSPs actually win in the modern threat landscape — before, during, and after an attack.

We’re joined by three practitioners who will each be leading hands-on workshops at Right of Boom 2026. John Strand will take us inside Cloud Forever Days and intro to pen testing, showing how attackers really move through cloud environments. Joff Thyer will break down how MSPs can use AI automation to scale security operations without scaling chaos. And Patterson Cake will walk us through what incident response should look like when things stop being theoretical and start being real.

This isn’t hype. This is how to think like an attacker, operate like a modern security team, and respond like a professional when it counts.