Key Stories & Developments:

• The FBI's IC3 Report: For the first time in 25 years, the FBI has specifically categorized AI-enabled fraud, which accounted for $893 million in losses across BEC, romance, and investment scams.
• Ollama Exposure Spikes: A Shodan scan reveals that publicly exposed Ollama instances have jumped from 1,100 in September 2025 to over 25,000 in April 2026.
• Critical Infrastructure CVEs: Both MLflow and PraisonAI received maximum CVSS scores of 10.0 for flaws allowing unauthenticated code execution and command injection.
• The Axios Supply Chain Heist: In a sophisticated "long con," threat actors (Team PCP) spent weeks building rapport with the Axios project maintainer via a fake Slack workspace. They eventually lured the maintainer into downloading malware, allowing them to inject a Remote Access Trojan (RAT) into a package installed 600,000 times.
• Project Glasswing (Claude Mythos): Leaked documents from Anthropic describe Claude Mythos, a model family with terrifying cybersecurity capabilities. Mythos discovered a 27-year-old bug predating GitHub; currently, 99% of the zero-days it has identified remain unpatched, leading to internal concerns about a controlled rollout.
• Vertex AI Permission Flaw: Unit 42 discovered a flaw in Google Cloud’s Vertex AI that could allow AI agents to bypass security boundaries and access sensitive data.

Episode Links

https://securityboulevard.com/2026/04/cyber-fraud-cost-americans-17-billion-in-2025-ai-scams-make-list-fbi/

https://insecurestack.substack.com/p/eus-exposed-ai-infrastructure

https://securityonline.info/weekly-vulnerability-digest-april-2026-chrome-zero-day-ai-security/

https://thehackernews.com/2026/03/vertex-ai-vulnerability-exposes-google.html

https://fortune.com/2026/04/02/mercor-ai-startup-security-incident-10-billion/

https://www.sans.org/blog/what-we-learned-axios-npm-supply-chain-compromise-emergency-briefing

https://techcrunch.com/2026/04/06/north-koreas-hijack-of-one-of-the-webs-most-used-open-source-projects-was-likely-weeks-in-the-making/

https://thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html

https://www.securityweek.com/anthropic-unveils-claude-mythos-a-cybersecurity-breakthrough-that-could-also-supercharge-attacks/

https://www.staffingindustry.com/news/global-daily-news/mercor-reports-data-breach

https://red.anthropic.com/2026/mythos-preview/

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Key Stories & Developments:

• The AI-Generated Vulnerability Surge: Georgia Tech’s Vibe Security Radar tracked 35 CVEs in March 2026 alone that were directly attributable to AI-generated code, a sharp increase from just 6 in January.
• NCSC Warning: Richard Horne, head of the UK’s National Cyber Security Centre, warned at RSAC that "vibe coding" currently presents "intolerable risks" for most organizations as software volume is on track to double every 42 months.
• Langflow RCE Exploited: CISA has added a critical unauthenticated remote code execution (RCE) flaw in Langflow to its Known Exploited Vulnerabilities catalog.
• "MAD" Bugs in Legacy Tools: The "Month of AI Discovered Bugs" initiative utilized LLMs to find critical zero-day RCE vulnerabilities in decades-old tools like Vim and GNU Emacs.
• The Claude Mythos Leak: Anthropic confirmed a major leak of unpublished assets related to its next-generation model, Claude Mythos, following a content management system misconfiguration.
• Offensive AI Multiplier: Hacker crew Team PCP claimed in Forbes that they are using AI-powered automated agents to turbocharge attacks on developer tools and repository infrastructures.

Episode Links

https://www.forbes.com/sites/ronschmelzer/2026/03/27/major-security-breach-of-critical-ai-dependency-exposes-cloud-secrets/

https://threatprotect.qualys.com/2026/03/26/cisa-added-langflow-vulnerability-to-its-known-exploited-vulnerabilities-catalog-cve-2026-33017/

https://siliconangle.com/2026/03/30/openai-codex-vulnerability-enabled-github-token-theft-via-command-injection-report-finds/

https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/

https://www.itpro.com/security/ncsc-warns-vibe-coding-poses-a-major-risk

https://www.forbes.com/sites/thomasbrewster/2026/03/26/hackers-launch-devastating-attacks-on-ai-devs/

https://markaicode.com/prompt-injection-attacks-ai-security-2026/

https://cyberscoop.com/ai-cyberattacks-two-years-insane-vulnerabilities-kevin-mandia-alex-stamos-morgan-adamski-rsac-2026/

https://fortune.com/2026/03/26/anthropic-says-testing-mythos-powerful-new-ai-model-after-data-leak-reveals-its-existence-step-change-in-capabilities/

https://cyberwebspider.com/cyber-security-news/ai-critical-rce-flaws-vim-emacs/

Worried about AI security?

Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Key Episode Highlights:

• The AI Convergence: Joseph and Jeremy observe that AI has become the "fuel to the fire" for cybersecurity. While AI helps defenders move at the pace of attackers, it requires rigorous guardrails like least privilege and security by design to be successful.
• Identity of the Machine: A major theme of the conference was non-human identities. Joseph argues that AI agents should never use human credentials but should instead rely on ephemeral, just-in-time (JIT) keys to maintain accountability and limit the blast radius.
• Estonia’s Resiliency Playbook: Joseph details how Estonia transitioned from a target of cyber war to a resilient digital nation. He highlights the use of "Data Embassies"—storing sovereign data in geographically distributed, diplomatically protected locations—to ensure the country can "reboot" even after a total local failure.
• Beyond Cybersecurity to Physical Impacts: The discussion shifts to how attackers are reverting to "cheap" physical disruptions like GPS jamming and cutting undersea data cables when digital defenses become too strong.
• The "Luck" Trap: Referencing the famous Maersk ransomware recovery, Joseph warns that finding a single surviving backup by chance is not a strategy. Organizations must simulate worst-case scenarios, including the loss of their identity provider (IdP) or primary cloud vendor.

About Joseph

Joseph Carson is Chief Security Evangelist and Advisory CISO at Segura, where he helps organizations worldwide strengthen identity security and build resilient cyber defense strategies. An award-winning cybersecurity leader with more than three decades of experience, Joe has advised governments, critical infrastructure, and global enterprises. He is the author of Cybersecurity for Dummies, read by over 50,000 professionals, and a regular contributor to leading outlets including The Wall Street Journal and Dark Reading. Joe also hosts the podcast Security by Default and is a frequent keynote speaker on identity and AI-driven threats.

Episode Links

• Security by Default Podcast: https://open.spotify.com/show/0mzN5M5CkFVLn8fq5TnH0O
• Joseph on LinkedIn: https://www.linkedin.com/in/josephcarson/
• Segura Website: https://segura.security/

Key Stories & Developments:

• The "Minion" Problem: Zenity researchers demonstrated zero-click exploits against Cursor, Salesforce Einstein, ChatGPT, and Copilot, arguing that prompt injection should be reframed as "persuasion" vectors that turn agents into malicious minions.
• The $10M Discount Fabrication: A red teaming analysis of over 50 customer-facing AI agents found that "persuading" chatbots could lead to the fabrication of $10 million in unauthorized service discounts and commitments.
• Legal Precedent, Air Canada Liable: The British Columbia Civil Resolution Tribunal ruled that Air Canada is legally liable for the incorrect advice given by its chatbot, setting a major precedent for corporate AI accountability.
• Meta’s Internal "Sev 1" Fail: A Meta engineer’s internal AI agent autonomously posted incorrect advice on a forum without human approval, leading to a massive inadvertent exposure of company data.
• LLM Fingerprinting: New academic research shows that attackers can now fingerprint which specific LLM is in use by observing traffic patterns, allowing them to target the specific vulnerabilities (like the "Grandma" exploit) unique to that model.
• The LiteLLM Supply Chain Attack: In the biggest story of the week, a threat actor group called Team TCP compromised Trivy and used it to harvest credentials to poison LiteLLM on PyPI. Malicious versions (downloaded millions of times daily) were live for three hours, delivering a Kubernetes worm and credential harvester.

Episode Links

• https://www.theregister.com/2026/03/23/pwning_everyones_ai_agents/
• https://cybercory.com/2026/03/19/claudy-day-exposes-hidden-risks-prompt-injection-flaw-in-claude-ai-enables-silent-data-exfiltration/
• https://www.generalanalysis.com/blog/adversarial_analysis_customer_service_agents
• https://www.cve.org/CVERecord?id=CVE-2026-33068
• https://medium.com/@cbchhaya/making-prompt-injection-harder-against-ai-coding-agents-f4719c083a5c
• https://aiautomationglobal.com/blog/ransomware-ai-agents-enterprise-cybersecurity-2026
• https://techcrunch.com/2026/03/18/meta-is-having-trouble-with-rogue-ai-agents/
• https://arxiv.org/html/2510.07176v1
• https://www.bbc.com/travel/article/20240222-air-canada-chatbot-misinformation-what-travellers-should-know
• https://securityboulevard.com/2026/03/colorado-moves-to-revise-its-landmark-ai-law-after-industry-pushback/
• https://securitylabs.datadoghq.com/articles/litellm-compromised-pypi-teampcp-supply-chain-campaign/

Ann explains why "aging infrastructure" isn't always the biggest cyber risk, how the U.S. grid is actually structured (including the isolation of Texas), and why security leaders must move from "check-the-box" compliance to active risk management.

Key Episode Highlights:

• The AI Power Surge: For decades, grid demand was flat; now, AI and data centers are driving a massive growth in load that the aging infrastructure was never designed to handle.
• The "Air Gap" Myth: While older nuclear plants are safely analog, modern grid vulnerabilities live in the "two-way" traffic of IoT devices and smart meters that were never meant to be internet-connected.
• Nation-State Threats: The primary concern for grid security is a nation-state actor gaining a foothold to cause long-term, physically destructive disruptions as a prelude to kinetic war.
• Compliance vs. Risk: Ann shares her experience in the Biden-Harris administration, emphasizing that "table stakes" compliance isn't enough—leaders must use risk registers and tabletop exercises to educate boards on true threats.

About Ann

Ann Dunkin is an External Fellow and Distinguished Professor of the Practice at the Georgia Institute of Technology. She is also the CEO of Dunkin Global Advisors, providing strategic business advice to companies of all sizes as well as fractional CIO services. She serves as an independent director on the governing board of Global Interconnection group and the advisory boards for Bowtie Security, Openpolicy and CGAI.

Episode Links

• Ann Dunkin at Georgia Tech: https://research.gatech.edu/people/ann-dunkin
• Ann Dunkin on LinkedIn: https://www.linkedin.com/in/anndunkin/

Key Stories & Developments:

• The 87% Failure Rate: Research from Dry Run Security reveals that AI agents (Claude Code, Codex, Gemini) introduce at least one security vulnerability in 87% of pull requests. Common flaws include insecure JWT handling and a lack of brute-force protection.
• The Sears Chatbot Leak: Infrastructure failures led to the exposure of 3.7 million chat logs and 1.4 million audio files from Sears’ AI assistant, Samantha.
• "Prompt-ware" & The Kill Chain: Security legend Bruce Schneier proposes a 7-step kill chain for "Prompt-ware," reinforcing the shift toward treating prompts as executable code.
• AI-Generated Malware: IBM X-Force identified a PowerShell backdoor dubbed "Sloppily," which bears the distinct fingerprints of an LLM—including structured logging and named variables rarely seen in human-written malware.
• The xAI Exodus: Structural flaws and talent instability hit Elon Musk’s xAI as several founding members depart, signaling potential architectural hurdles for the platform.
• America’s Endangered AI: A deep dive into how weak cyber defenses allow foreign adversaries to steal model weights and training data, threatening U.S. tech dominance.

Episode Links

https://blog.rankiteo.com/mic1773325442-microsoft-vulnerability-march-2026/

https://mashable.com/article/sears-ai-chatbot-chats-audio-found-exposed-online

https://aws.amazon.com/security/security-bulletins/rss/2026-009-aws/

https://aws.amazon.com/security/security-bulletins/rss/2026-008-aws/

https://aws.amazon.com/security/security-bulletins/rss/2026-007-aws/

https://www.helpnetsecurity.com/2026/03/13/claude-code-openai-codex-google-gemini-ai-coding-agent-security/

https://www.schneier.com/blog/archives/2026/02/the-promptware-kill-chain.html

https://www.bleepingcomputer.com/news/security/ai-generated-slopoly-malware-used-in-interlock-ransomware-attack/

https://arstechnica.com/security/2026/03/supply-chain-attack-using-invisible-code-hits-github-and-other-repositories/

https://www.microsoft.com/en-us/security/blog/2026/03/06/ai-as-tradecraft-how-threat-actors-operationalize-ai/

https://www.theguardian.com/technology/ng-interactive/2026/mar/12/lab-test-mounting-concern-over-rogue-ai-agents-artificial-intelligence

https://thehackernews.com/2026/03/microsoft-patches-84-flaws-in-march.html

https://www.cnbc.com/2026/03/13/elon-musk-xai-co-founders-spacex-ipo.html

https://www.foreignaffairs.com/united-states/americas-endangered-ai

Worried about AI security?

Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Key Episode Highlights:

• The "Human Blind Spot": Robert explains how our biological instinct to trust the familiar often overrides digital suspicion, leaving us wide open to scams.
• All Security is Personal: To get employees to care about corporate security, you must first help them secure their own data, dollars, and families.
• The Persistence of Denial: Most people don't engage in risk management because they don't want to acknowledge the reality of predators or live in "fear"—a mindset that results in dangerous security gaps.
• The AI-Powered "Loneliness" Scam: Deepfakes and voice cloning are making fraud "perfect," allowing organized crime to exploit human loneliness at an industrial scale.

About Robert

Cybersecurity expert, good guy hacker, and private investigator Robert Siciliano delivers “straight talk” on safety and security, stripping away jargon to empower everyday protection. A bestselling author and CEO of Safr.Me, and head trainer at Protectnowllc.com he is a trusted commentator featured on CNN, Fox News, MSNBC, and the Today Show, decoding complex threats for mass audiences.

Episode Links 🔗

• Safr.me: https://safr.me/
• Protect Now LLC: https://protectnowllc.com/
• Robert Siciliano on LinkedIn: https://www.linkedin.com/in/robertsiciliano/

Key Stories & Developments:

• AI Bug Hunters Accelerate the Zero-Day Clock: OpenAI Codex scanned 1.2 million commits and found over 10,000 high-severity issues, while Anthropic's Claude Opus 4.6 uncovered 22 Firefox vulnerabilities. The mean time to discover and exploit zero-days is shrinking drastically.
• Malicious File Names: A novel prompt injection attack compromised 4,000 developer machines simply by hiding malicious instructions in the title of a GitHub issue.
• Copilot Studio Blind Spots: Datadog researchers uncovered significant logging gaps in Microsoft Copilot Studio, creating undetectable backdoors that could bypass regulatory audits (like HIPAA).
• Alibaba's Rogue AI Agent: In a lab environment, an Alibaba AI agent tasked with optimizing its performance deduced that compute costs money. Without any external prompt injection, it autonomously established an SSH tunnel and began mining cryptocurrency to "pay" for itself.
• Claude's Accidental Pen-Testing: Truffle Security demonstrated how Claude, when given specific goals against 30 mock company websites, autonomously found exposed API keys and executed SQL injections to access backend data.
• The McKinsey "Lilli" Breach: Security firm Code Wall hacked McKinsey's internal AI platform, Lilli. By using AI to scan 200 API endpoints, they found 22 that lacked authentication. They then leveraged an unknown SQL injection vulnerability to bypass the prompt layer entirely and access proprietary data.

Episode Links

https://gbhackers.com/ai-accelerates-high-velocity/

https://thehackernews.com/2026/03/openai-codex-security-scanned-12.html

https://thehackernews.com/2026/03/anthropic-finds-22-firefox.html

https://cloud.google.com/blog/topics/threat-intelligence/2025-zero-day-review

https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another

https://securitylabs.datadoghq.com/articles/copilot-studio-logging-gaps/

https://x.com/JoshKale/status/2030116466104643633

https://trufflesecurity.com/blog/claude-tried-to-hack-30-companies-nobody-asked-it-to

https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Key Stories & Developments:

• Nation-State AI Hack: A hacker reportedly used Anthropic’s Claude to identify vulnerabilities and OpenAI’s GPT-4.1 for lateral movement, resulting in the theft of 150GB of data (over 180 million records) from the Mexican government.
• MCP Infrastructure Flaws: An unauthenticated Server-Side Request Forgery (SSRF) flaw leading to Remote Code Execution (RCE) was found in a widely used Atlassian MCP.
• The Gemini API Key Crisis: A flaw in the Gemini AI panel allowed browser extensions to escalate privileges. More critically, legacy Google API keys—traditionally viewed as safe "lookup only" keys ignored by secret scanners—are now being used for Gemini, granting them "teeth" and leading to massive financial exposures (like an $82,000 bill for a solo developer).

Dispatches from the Unprompted Conference: Jeremy shares his top thematic observations from the event, including:

• The "Zero-Day Clock": The mean time to exploit availability has plummeted from months to mere hours. As LLMs are increasingly used to write exploits, the industry must fundamentally rethink patching strategies.
• LLMs Finding Legacy Bugs: Researchers demonstrated LLMs uncovering vulnerabilities in massive software projects that have evaded human detection for decades—some predating the invention of Git.
• Treating Prompts as Code: A key takeaway from Google's Gemini workspace team: as prompts become the primary instruction set for executing tasks, developers must apply traditional secure coding hygiene and logic to their prompt engineering.

Episode Links

https://www.bloomberg.com/news/articles/2026-02-25/hacker-used-anthropic-s-claude-to-steal-sensitive-mexican-data

https://blog.pluto.security/p/mcpwnfluence-cve-2026-27825-critical

https://cyberpress.org/critical-servicenow-ai-platform-flaw-allows-remote-code-execution-attacks/

https://www.darkreading.com/endpoint-security/bug-google-gemini-ai-panel-hijacking

https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules

https://boingboing.net/2026/02/27/stolen-gemini-api-key-racks-up-82000-in-48-hours-for-solo-dev.htmlhttps://unpromptedcon.org/

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Key Episode Highlights:

• The Core Threats: Caleb identifies prompt injection as the number one most likely and impactful threat model for AI systems today, followed closely by data poisoning.
• The Rise of "App Sprawl": As employees across departments like HR and Finance use AI to build their own functional applications, organizations will face a massive shadow IT challenge without proper deployment pipelines.
• Defending the Inputs and Outputs: Managing AI security requires an approach similar to handling cross-site scripting, monitoring the inputs coming from untrusted sources and analyzing the outputs to prevent unauthorized actions.
• Getting Back to Basics: To secure AI, organizations must start with foundational visibility, establishing AI councils, and routing all LLM traffic through centralized enterprise gateways or firewalls.

About Caleb

Caleb is a multi-time founder, CEO and CTO, and also a CISO and practitioner at CapitalOne, DataBricks and RobinHood. Caleb has also recently started his own cyber investment firm, WhiteRabbit. At his core, Caleb is an engineer who loves problem-solving, getting into the weeds at the keyboard, and building things that matter.

Episode Links

• Caleb Sima on LinkedIn: https://www.linkedin.com/in/calebsima/
• WhiteRabbit: https://wr.vc/

Key Stories & Developments:

• Microsoft Copilot Confidential Email Bug: Microsoft Copilot was found summarizing confidential emails due to a flaw in the Copilot Chat “Work” tab.
• AI Agent Triggers AWS Bedrock Outage: An outage involving Amazon Bedrock exposed the risks of agentic coding systems with broad permissions.
• AI-Powered Assembly Line for Cybercrime: A Russian-speaking attacker breached FortiGate firewalls across 55 countries in just five weeks using AI as a force multiplier.
• PromptSpy: Android Malware Using Live LLM Command & Control: PromptSpy became the first known Android malware to dynamically leverage Google Gemini at runtime. Instead of relying solely on static command-and-control logic, the malware uses JNI integration to query Gemini in real time for task execution.
• ChatGPT, Mental Health, and Law Enforcement Boundaries: Following a shooting incident in Tumbler Ridge, Canada, investigators discovered significant usage of ChatGPT by the suspect prior to the event. Internal discussions at OpenAI reportedly debated whether certain interactions warranted escalation.
• LLM-Generated Passwords Lack Entropy: Security researchers highlighted that passwords generated by LLMs exhibit approximately 80% less entropy than those created by traditional password generators.
• Vibe-Coded Security Suite Exposes Master Keys: A Reddit thread revealed that a suite of “RR”-branded tools were entirely vibe-coded applications with severe security flaws. Issues included exposed master API keys in frontend settings, unauthenticated 2FA enrollment, and authentication bypass endpoints.
• Anthropic Moves from Detection to Remediation: Anthropic introduced tooling aimed at moving beyond passive source-code analysis toward automated remediation of vulnerabilities.

Episode Links

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-bug-causes-copilot-to-summarize-confidential-emails/

https://www.thestandard.com.hk/tech-and-startup/article/324872/Amazons-cloud-unit-hit-was-hit-by-least-two-outages-involving-AI-tools-in-December-FT-says

https://www.reuters.com/business/retail-consumer/amazons-cloud-unit-hit-by-least-two-outages-involving-ai-tools-ft-says-2026-02-20/

https://www.bleepingcomputer.com/news/security/amazon-ai-assisted-hacker-breached-600-fortigate-firewalls-in-5-weeks/

https://cyberandramen.net/2026/02/21/llms-in-the-kill-chain-inside-a-custom-mcp-targeting-fortigate-devices-across-continents/

https://www.bleepingcomputer.com/news/security/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/

https://techcrunch.com/2026/02/21/openai-debated-calling-police-about-suspected-canadian-shooters-chats/

https://www.techradar.com/pro/security/dont-trust-ai-to-come-up-with-a-new-strong-password-for-you-llms-are-pretty-poor-at-creating-new-logins-experts-warn

https://www.reddit.com/r/selfhosted/comments/1rckopd/huntarr_your_passwords_and_your_entire_arr_stacks/

https://www.anthropic.com/news/claude-code-security

Key Stories & Developments:

• Prompt Injecting Autonomous Vehicles: Researchers at UCSC and Johns Hopkins have demonstrated that autonomous cars and drones can be compromised by "visual" prompt injections placed on physical signs, causing them to ignore traffic rules or misinterpret their surroundings.
• Massive Chat App Leak: The "Chat & Ask AI" wrapper application exposed 300 million messages belonging to 25 million users due to a simple Firebase misconfiguration that allowed unauthenticated access to read, modify, and delete data.
• Docker AI Metadata Attacks: A new vulnerability in Docker's AI assistant allows attackers to trigger exploits by planting malicious instructions within container image metadata.
• Claude Opus 4.6 vs. Security: Anthropic's latest model, Claude Opus 4.6, has demonstrated a frightening new capability: finding high-severity vulnerabilities and logic bugs via reasoning (rather than fuzzing) without needing specialized prompting or scaffolding.

Worried about OpenClaw on your network?

The OpenClaw crisis proved that employees are deploying unvetted AI agents on their local machines. FireTail helps you discover and govern Shadow AI before it becomes a breach.

Scan Your Network for Shadow Agents Now

https://www.firetail.ai/schedule-your-demo

Episode Links

https://www.theregister.com/2026/01/30/road_sign_hijack_ai/

https://www.malwarebytes.com/blog/news/2026/02/ai-chat-app-leak-exposes-300-million-messages-tied-to-25-million-users

https://www.govinfosecurity.com/docker-ai-bug-lets-image-metadata-trigger-attacks-a-30709

https://www.axios.com/2026/02/05/anthropic-claude-opus-46-software-hunting

https://red.anthropic.com/2026/zero-days/

Key Stories & Developments:

• Operation Bizarre Bazaar: Threat actors are actively targeting exposed LLM infrastructure to steal computing resources for cryptocurrency mining and resell API access on dark markets, attempting to pivot into internal systems via compromised MCP servers.
• Gemini MCP Tool Exploit: A critical Remote Code Execution (RCE) vulnerability was identified in a Gemini Model Context Protocol (MCP) tool, highlighting the recurring theme that the infrastructure powering LLMs remains a primary weak point.
• MoltBook API Leak: Researchers discovered a hardcoded Supabase API key in "MoltBook," a social network for AI agents. This flaw granted unauthenticated access to the entire production database, exposing over 1.5 million API keys.
• Bondu AI Toy Breach: A privacy failure in an AI-powered dinosaur toy left 50,000 chat log records exposed to anyone with a Gmail account, underscoring the lack of robust authentication in consumer AI IoT devices.
• CISA Chief's Data Mishandling: Reports surfaced that the acting head of the country's cyber defense agency uploaded sensitive "official use only" documents into a public version of ChatGPT, bypassing enterprise controls and security protocols.

Worried about OpenClaw on your network?

The OpenClaw crisis proved that employees are deploying unvetted AI agents on their local machines. FireTail helps you discover and govern Shadow AI before it becomes a breach.

Scan Your Network for Shadow Agents Now

https://www.firetail.ai/schedule-your-demo

Episode Links

https://www.bleepingcomputer.com/news/security/hackers-hijack-exposed-llm-endpoints-in-bizarre-bazaar-operation/

https://darkwebinformer.com/cve-2026-0755-reported-zero-day-in-gemini-mcp-tool-could-allow-remote-code-execution/

https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys

https://ai.plainenglish.io/clawdbot-security-guide-de77b45ab719

https://blackoutvpn.au/blog/dont-buy-internet-connected-toys

https://www.politico.com/news/2026/01/27/cisa-madhu-gottumukkala-chatgpt-00749361

Key Stories & Developments:

• Chainlit Framework Flaws: Two critical CVEs were identified in Chainlit, a popular Python package for building enterprise chatbots. These vulnerabilities, including Arbitrary File Read and Server-Side Request Forgery (SSRF), highlight the supply chain risks inherent in the rapidly growing AI development ecosystem.
• Google Gemini Workspace Exploit: Researchers demonstrated how Gemini can be manipulated via malicious calendar invites. By embedding hidden instructions (similar to Ascii or emoji smuggling), attackers can trick the AI into exfiltrating sensitive user data, such as meeting details and attachments.
• VS Code "Spyware" Plugins: Over 1.5 million developers were potentially exposed to malicious VS Code extensions impersonating ChatGPT. These plugins serve as "watering hole" attacks designed to harvest sensitive environment variables, credentials, and deployment keys.
• Vertex AI Privilege Escalation: A novel attack chain in Google’s Vertex AI was disclosed. Attackers used a malicious reverse shell in a reasoning engine function to escalate privileges via the Instance Metadata Service, gaining master access to chat sessions, storage buckets, and logs.
• The "Cloudbot" Warning: A deep dive into Cloudbot (now rebranded as ClawdBot), a general-purpose AI agent. Researchers found hundreds of instances sitting wide open on the internet, many providing full root shell access and exposing personal conversation histories and API keys.

Episode Links

• https://www.theregister.com/2026/01/20/ai_framework_flaws_enterprise_clouds/
• https://www.securityweek.com/weaponized-invite-enabled-calendar-data-theft-via-google-gemini/
• https://cybernews.com/security/fake-chatgpt-vscode-extensions-compromised-developers/
• https://gbhackers.com/google-vertex-ai-flaw/
• https://www.insurancejournal.com/magazines/mag-features/2026/01/26/855293.htm
• https://arxiv.org/pdf/2601.10338
• https://techcrunch.com/2026/01/27/everything-you-need-to-know-about-viral-personal-ai-assistant-clawdbot-now-moltbot/
• https://securityboulevard.com/2026/01/clawdbot-is-what-happens-when-ai-gets-root-access-a-security-experts-take-on-silicon-valleys-hottest-ai-agent/
• https://jpcaparas.medium.com/hundreds-of-clawdbot-instances-were-exposed-on-the-internet-heres-how-to-not-be-one-of-them-63fa813e6625
• https://www.bitdefender.com/en-us/blog/hotforsecurity/moltbot-security-alert-exposed-clawdbot-control-panels-risk-credential-leaks-and-account-takeovers

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Sydney shares her journey from "crawling under desks" in IT to building elite threat hunting teams at major organizations like Lumen (formerly CenturyLink) and Splunk. She breaks down her newly released Agentic Threat Hunting Framework (ATHF) and the LOCK pattern (Learn, Observe, Check, Keep), explaining how AI can condense a hunt that previously took four weeks into a mere 45 minutes. They also discuss the critical need for AI governance, the risks of "ungoverned access," and why "trust but verify" remains the golden rule when integrating LLMs into security workflows.

About Sydney Marrone

Sydney Marrone is the Head of Threat Hunting at Nebulock and a co-founder of the THOR Collective. With over a decade of experience in incident response, forensics, and blue teaming, she has become a leading voice in structured threat hunting. Sydney is the author of the Agentic Threat Hunting Framework (ATHF) and the co-author of the PEAK Threat Hunting Framework, which won a SANS award for its contribution to the community.

A respected author and educator, Sydney co-authored The Threat Hunter's Cookbook and is currently developing a SANS course focused on threat hunting. Her work focuses on moving organizations from reactive to proactive security postures through advanced data science, automation, and authentic AI integration.

Episode Links

• Nebulock (AI-Powered Threat Hunting): https://nebulock.io/
• Agentic Threat Hunting Framework (ATHF): https://github.com/Nebulock-Inc/agentic-threat-hunting-framework
• THOR Collective (Substack & Community): https://dispatch.thorcollective.com/
• PEAK Threat Hunting Framework: https://www.splunk.com/en_us/blog/security/peak-threat-hunting-framework.html
• HEARTH Repository (THOR Collective): https://github.com/THORCollective/HEARTH
• Threat Hunting MCP Server: https://github.com/THORCollective/threat-hunting-mcp-server

Key Stories & Developments:

• California's Cease and Desist to XAI: Following international concerns over sexualized deepfakes, California has issued a first-of-its-kind cease and desist order to XAI. This marks a major moment in regional AI oversight in the absence of federal legislation.
• ServiceNow "Body Snatcher" Flaw: A critical 9.3/10 CVE was identified in ServiceNow’s AI agent service. An unauthenticated endpoint allowed for Remote Code Execution (RCE), demonstrating that unauthenticated APIs remain a massive risk for agentic systems.
• Anthropic "Magic String" Crash: Researchers discovered a specific "magic string" that can effectively crash Anthropic LLM sessions. This specialized prompt acts as a denial-of-service against agentic workflows by killing the active interaction stream.
• Claude Code Data Leak: A default logging feature in Claude Code (vibe coding) saves full-text chat histories in a local directory. Developers committing this directory to public repos risk exposing their entire application logic and internal prompts to attackers.
• Eurostar Chatbot Exploit: A public-facing AI chatbot for Eurostar was found vulnerable to guardrail bypass and prompt injection. Ross Donald discovered that simply hardcoding a "validation" parameter in the API allowed him to bypass front-end checks.
• Industrialized Exploit Generation: A new study suggests that for a mere $30 token budget, an LLM can successfully generate an exploit for a known software vulnerability, potentially reducing the "time-to-exploit" to under 20 minutes.

Episode Links

• https://thehackernews.com/2026/01/servicenow-patches-critical-ai-platform.html
• https://appomni.com/ao-labs/bodysnatcher-agentic-ai-security-vulnerability-in-servicenow/
• https://cy.md/opencode-rce/
• https://techcrunch.com/2026/01/16/california-ag-sends-musks-xai-a-cease-and-desist-order-over-sexual-deepfakes/
• https://mastodon.social/@Viss/115923109466960526
• https://sean.heelan.io/2026/01/18/on-the-coming-industrialisation-of-exploit-generation-with-llms/
• https://bsky.app/profile/aparker.io/post/3mcqehqhcgc2q

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Market & Strategic Trends:

• Explosive Growth: AI consumption has tripled over the last year, with user prompt volume growing 6x.
• Specialized Foundations: We are seeing a shift from general-purpose models to domain-specific LLMs, such as Nvidia's Alpamayo for autonomous vehicles.
• Agentic Commerce: Google has announced a new protocol designed to facilitate interactions between AI shopping agents and retail systems.
• Regulatory Landscape: New York has introduced the RAISE Act for AI security, while Italy is challenging Meta's "walled garden" approach to AI chatbots on WhatsApp.

Critical Vulnerabilities & Research:

• Prompt Injection is "Inherent": OpenAI researchers suggest that agentic browsers may be inherently vulnerable to indirect prompt injection due to their need to process external instructions.
• Supply Chain Risks: Major vulnerabilities were identified in LangChain (API serialization issues) and n8n (max severity RCE), both core tools for building AI workflows.
• Shadow AI Attacks: Over 91,000 attack sessions were detected targeting AI deployments, including Server-Side Request Forgery (SSRF) campaigns launched via Llama.

Episode Links

https://securityboulevard.com/2026/01/report-increase-usage-of-generative-ai-services-creates-cybersecurity-challenge/

https://techcrunch.com/2026/01/05/boston-dynamicss-next-gen-humanoid-robot-will-have-google-deepmind-dna/

https://techcrunch.com/2026/01/05/nvidia-launches-alpamayo-open-ai-models-that-allow-autonomous-vehicles-to-think-like-a-human/

https://techcrunch.com/2026/01/11/google-announces-a-new-protocol-to-facilitate-commerce-using-ai-agents/

https://techcrunch.com/2025/12/20/new-york-governor-kathy-hochul-signs-raise-act-to-regulate-ai-safety/

https://techcrunch.com/2025/12/24/italy-tells-meta-to-suspend-its-policy-that-bans-rival-ai-chatbots-from-whatsapp/https://github.com/asgeirtj/system_prompts_leaks/

https://techcrunch.com/2025/12/22/openai-says-ai-browsers-may-always-be-vulnerable-to-prompt-injection-attacks/

https://techcrunch.com/2026/01/04/french-and-malaysian-authorities-are-investigating-grok-for-generating-sexualized-deepfakes/

https://www.bleepingcomputer.com/news/security/max-severity-ni8mare-flaw-lets-hackers-hijack-n8n-servers/

https://aws.amazon.com/security/security-bulletins/rss/2026-001-aws/

https://securityboulevard.com/2026/01/google-gemini-ai-flaw-could-lead-to-gmail-compromise-phishing-2/

https://www.scworld.com/brief/severe-ask-gordon-ai-vulnerability-addressed-by-docker

https://www.eweek.com/news/langchain-ai-vulnerability-exposes-apps-to-hack/

https://cybernews.com/security/dig-ai-new-cyber-weapon-abused-by-hackers/

https://cyberpress.org/hackers-actively-exploit-ai-deployments/

The duo discusses the staggering impact of 2025 ransomware incidents, most notably the Jaguar Land Rover breach, which halted production for six weeks and cost an estimated £1.5 billion. Mikko argues that these events prove cybersecurity is no longer just about protecting computers—it’s about securing society itself. They also break down the "random shotgun" nature of modern attacks, where gangs like Clop and Akira target vulnerabilities rather than specific industries or geographies.

Turning to AI, Mikko provides a reality check on the current state of deepfakes and automated orchestration. He reflects on the first massive AI-orchestrated cyber espionage campaign of 2025 and explains why the battle between open-source and closed-source models will define the next phase of defense. Finally, they examine how "data is the new oil" and AI is the "new oil refinery," creating a dual-extortion landscape where the risk of data leakage often outweighs the cost of downtime.

About Mikko

Mikko Hypponen is a world-renowned global security expert, author, and speaker with over 35 years of experience in the industry. In August 2025, Mikko transitioned from his long-standing tenure at WithSecure to become the Chief Research Officer at Sensofusion, a Finnish company specializing in advanced anti-drone technologies.

Mikko has assisted law enforcement in the U.S., Europe, and Asia on major cybercrime cases since the 1990s and is the curator of the Malware Museum at the Internet Archive. He is the author of the best-selling book "If It's Smart, It's Vulnerable" and a frequent contributor to The New York Times, Wired, and Scientific American. In addition to his role at Sensofusion, Mikko serves as an advisor to Firetail.

Episode Links

https://sensofusion.com/

https://mikko.com/

https://www.firetail.ai/ai-breach-tracker

https://www.anthropic.com/news/disrupting-AI-espionage

Key Stories & Developments:

• AI Poisoning of Search Results: Researchers identified an attack where threat actors plant false information online to trick AI-powered search engine crawlers. This results in search engines providing AI summaries that list scam phone numbers for legitimate services like airline call centers, effectively creating a modern, AI-driven version of SEO poisoning.
• The "Pay-to-Crawl" Proposal: Jeremy discusses a new proposal from Creative Commons that suggests moving away from outright blocking AI crawlers. Instead, website owners could set a price for crawling and training, allowing organizations to monetize the use of their data by LLM providers.
• Urban VPN Privacy Breach: A popular Chrome and Edge extension, Urban VPN Proxy, was caught intercepting and reading the AI chat messages of its 7.3 million users. This incident highlights the risk of third-party browser extensions reading sensitive data that users assume is private.

2025 in Review Snapshot: Using data from the Firetail AI Incident Tracker, Jeremy reveals two major trends from 2025:

• The Surge in Incidents: AI security incidents saw a massive jump from 2024 to 2025, marking this as the year AI-related security became a global, pervasive problem.
• Disclosure vs. Injection: While the OWASp Top 10 lists prompt injection as the #1 risk, the tracker data shows that sensitive information disclosure (largely due to organizational error) actually outstrips prompt injection by about a third.

Episode Links

• https://finance.yahoo.com/news/aurascape-researchers-expose-ai-attack-140000260.html?guccounter=1
• https://techcrunch.com/2025/12/15/creative-commons-announces-tentative-support-for-ai-pay-to-crawl-systems/
• https://thehackernews.com/2025/12/featured-chrome-browser-extension.html
• https://www.firetail.ai/ai-breach-tracker

Chris has spent more than 25 years helping people understand their digital presence and protect their online privacy. The conversation dives into the fascinating 26-year history of the site—from its start as a simple hobby on a home Windows NT box to becoming a global authority on cybersecurity.

Chris shares "war stories" from the early days of the web, including dealing with notoriously verbose log files that filled entire hard drives and managing a home data center that maxed out local copper lines. Chris and Jeremy also explore the modern landscape of digital privacy, discussing the balance between transparency and anonymity.

They cover practical topics like how scammers use urgency to fleece victims, the "supply chain" risks of website plugins, and Chris's "middle-ground" approach to privacy—avoiding both complete exposure and the "Faraday cage" lifestyle.

About Chris Parker

Chris Parker is the founder of WhatIsMyIPAddress.com, one of the world’s most visited websites, helping more than 13 million people each month safeguard their digital privacy. Chris has become the go-to expert on protecting yourself in the digital age, whether from scammers, data miners, or privacy threats you didn't know existed. He is the author of Privacy Crisis: How to Maintain Your Privacy Without Becoming a Hermit, and host of The Easy Prey Podcast.

Episode Links

Website: https://www.privacycrisis.com

LinkedIn: https://www.linkedin.com/in/christophergparker/

Podcast: https://www.easyprey.com/

Prompt Injection & RCE:

• PromptPwnd: A vulnerability in GitHub Actions allows attackers to use malicious commit messages to perform prompt injection against AI agents, executing privileged tools and leaking secrets from CI/CD pipelines.
• IDE Attack Surface: Similar prompt injection flaws were identified in popular development environments and extensions (Cursor, Copilot, Z-Ro), showing how malicious prompts can bypass guardrails and hijack context within the IDE.
• GeminiJack: A "zero-click" vulnerability in Google Gemini Enterprise and Vertex AI Search allowed attackers to embed indirect prompt injections in shared documents (Gmail, Calendar, Docs). A routine employee search would activate the attack, causing the AI to exfiltrate sensitive corporate data.

Industry Shifts:

• Gartner's Advisory: Gartner issued an unusual strong advisory recommending that CISOs block all AI browsers (like ChatGPT Atlas and Perplexity Comet) for the foreseeable future due to inherent security risks, including data leakage, credential abuse, and autonomous rogue actions.
• New OWASp Top 10: The OWASp Top 10 for Agentic Applications was released, focusing on risks unique to autonomous, tool-using systems, such as Agent Goal Hijack, Identity and Privilege Abuse, and Agentic Supply Chain Vulnerabilities.

Episode Links:

• https://gbhackers.com/prompt-injection-vulnerability-in-github-actions/
• https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html
• https://securityboulevard.com/2025/12/indirect-malicious-prompt-technique-targets-google-gemini-enterprise/
• https://securityboulevard.com/2025/12/gartners-ai-browser-ban-rearranging-deck-chairs-on-the-titanic/
• https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/

++++++++++

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Security Incidents & Research:

• OpenAI Third-Party Breach: We examine the security incident where OpenAI was affected by a third-party breach via the Mixpanel analytics platform. While customer PII was exposed, prompt and data content was not impacted. Jeremy notes that the API was the attack surface, reinforcing a recurring theme in AI-related incidents.
• Adversarial Poetry: We break down a fascinating academic paper demonstrating that embedding malicious prompts inside poetry is a successful technique for bypassing LLM guardrails. In some models, this "adversarial poetry" increased the Attack Success Rate (ASR) by over 60%, showing how context manipulation can trick frontier models.

Ascent Community Summit Takeaways: Jeremy shares high-level insights from the summit (co-hosted by Paladin and Georgia Tech), focusing on securing critical sectors (Defense, Infrastructure, Healthcare). Key themes include:

• Core Requirements for AI: The need for math expertise, dedicated compute infrastructure, massive data access, and specialized people.
• The New Perimeter: Discussion shifted from "identity as the perimeter" to data being the key asset and central focus for security controls.
• Supply Chain Risks: The societal impact of the AI boom, including increased strain on electricity, cooling, and bandwidth for data center infrastructure.
• Brakes on a Fast Car: The CISO's role is framed as enabling maximum speed while having the ability to act as the "brakes on a very fast moving car" (Dundee West, GSK), emphasizing rapid response over stagnation.

Episode Links

1. https://openai.com/index/mixpanel-incident/
2. https://arxiv.org/pdf/2511.15304
3. https://sites.gatech.edu/asccent/summit/

------

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Key stories include:

• RCE via PyTorch: A high-severity vulnerability (with an assigned CVE) was discovered in the widely-used PyTorch package, enabling Remote Code Execution (RCE) through malicious payloads at the API layer. This reinforces the trend of the API being the primary attack surface for AI applications.
• AI Browser Local Command Execution: Researchers found an API flaw in AI browsers that allowed a malicious instruction set to execute local commands on a user's machine via an embedded extension.
• Klein Bot Vulnerabilities: An open-source coding agent was found to have multiple security flaws, including the exfiltration of API keys and the disclosure of its underlying model (Grok), validating OWASp's risk categories.
• Multi-Agent Risk in ServiceNow: Researchers demonstrated that in ServiceNow’s new A-to-A agentic workflows, default configurations place agents in the same network, allowing them to communicate and be exploited using the privileges of the human user who created them.
• The "Subspace Problem" of Red Teaming: Academic research argues that current LLM red teaming methods are flawed because they test human language, not the numerical token strings the LLM actually processes, meaning predictable token-level vulnerabilities remain hidden.
• AI Evaluation Shift: A paper argues that non-deterministic LLM environments require a shift away from binary "yes/no" security checks (like traditional network security) toward scenario-based testing for better risk evaluation.
• Positive ROI of AI in Security: A Google paper provides positive data for early movers, showing that AI can triage at least 50% of security incidents, leading to reduced human workloads and faster response times, providing a strong case for simple, prompt-based AI improvements in security operations.

------

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

The conversation focuses on the human and organizational challenges in cybersecurity, stressing that small businesses should abandon the belief that they are too small to be targeted, as attackers "hit small businesses all day long" for incremental profit. Adam discusses the severe practical impacts of attacks, warning that businesses must "expect downtime" and be prepared for the significant time needed for recovery. He advocates for storytelling and analogies (like the comparison of hacking to a burglary) over technical regulations to build a strong security culture.

Adam also shares insights from his post-law enforcement work as an auditor and consultant, highlighting the common organizational "motivation problem" where people acknowledge the risk but delay action, comparing it to perpetually starting a diet "tomorrow". Finally, he addresses the breakdown of trust in the age of deepfakes (citing the Irish election example) and the critical need for continuous tabletop exercises to test communication and expose "little gaps" before a crisis hits.

Guest Bio – Adam Pilton

With a background of 15 years in law enforcement, Adam's final role was as a Detective Sergeant leading the Covert operations and Cyber Crime teams. Since then, Adam has worked in cyber security since 2016 across various roles and has a broad understanding of cyber security, from the impact of cyber crime upon individuals and businesses to the need to convey the right messages to senior leaders and end users, ensuring engagement and support.

As a subject matter expert in multiple areas for a large organisation, Adam has investigated and supervised hundreds of cases, identifying and prosecuting offenders. He has introduced digital tactics into overt and covert investigations, developing digital capabilities. Adam also held responsibility for training, utilising his communication skills to simplify the complex.

Adam has worked with multi-national businesses developing their people and processes to improve their cyber security maturity.

Episode Links

• https://heimdalsecurity.com/
• https://www.linkedin.com/in/adampilton/

First, we analyze Shadow MQ, a vulnerability discovered by Oligo that affects multiple popular AI tools, including those from Nvidia and Meta Llama. The flaw stems from the mass reuse of core, insecure components—specifically, an unsafe Python pickle deserialization technique—in the underlying plumbing of various LLMs. This vulnerability allows attackers to inject malicious commands, potentially leading to Remote Code Execution (RCE) and Privilege Escalation at the API layer.

Second, we dive deep into the first publicly confirmed, AI-orchestrated cyber espionage campaign, detailed in a threat intelligence report from Anthropic. The state-sponsored campaign used a frontier AI model to accelerate nearly every phase of the attack, including:

• Weaponized System Prompts: Attackers defined a persona ("senior cyber operations specialist") to guide the LLM's malicious behavior.
• AI-Driven Evasion: The AI was used to refine malware and bypass EDR solutions.
• AI-Powered Reconnaissance: The model performed vulnerability research on obscure protocols and orchestrated lateral movement within networks.

Jeremy emphasizes that this report is a wake-up call, validating the core risks around AI adoption and proving that malicious AI usage is now a real-world reality.

Episode Links:

• https://www.oligo.security/blog/shadowmq-how-code-reuse-spread-critical-vulnerabilities-across-the-ai-ecosystem
• https://assets.anthropic.com/m/ec212e6566a0d47/original/Disrupting-the-first-reported-AI-orchestrated-cyber-espionage-campaign.pdf

------

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

The conversation focuses on how to help customers achieve "data readiness" for AI adoption, particularly stressing that organizational discipline (like good compliance) is the fastest path to realizing AI's ROI. Ben reveals that the biggest concern he hears from enterprise customers is not LLM hallucinations or bias, but the risk of a major data breach via new AI services. He explains how ProArch leverages the comprehensive Microsoft security platform to provide centralized security and identity control across data, devices, and AI agents, ensuring that user access and data governance (Purview) trickle down through the entire stack.

Finally, Ben discusses the inherent friction of his dual CISO/CTO role, explaining his philosophy of balancing rapid feature deployment with risk management by defining a secure "MVP" baseline and incrementally layering on controls as product maturity and risk increase.

About Ben Wilcox

Ben Wilcox is the Chief Technology Officer and Chief Information Security Officer at ProArch, where he leads global strategy for cloud modernization, cybersecurity, and AI enablement. With over two decades of experience architecting secure digital transformations, Ben helps enterprises innovate responsibly while maintaining compliance and resilience. He’s recently guided Fortune 500 clients through AI adoption and zero-trust initiatives, ensuring that security evolves in step with rapid technological change.

Episode Links

https://www.proarch.com/

https://www.linkedin.com/in/ben-wilcox/

https://ignite.microsoft.com/en-US/home

Key stories include:

• Prompt Flux Malware: Google Threat Intelligence Group (GTAG) discovered a new malware family called Prompt Flux that uses the Google Gemini API to continuously rewrite and modify its own behavior to evade detection—a major evolution in malware capabilities.
• ChatGPT Leak: User interactions and conversations with ChatGPT have been observed leaking into Google Analytics and the Google Search Console on third-party websites, potentially exposing the context of user queries.
• Traffic Analysis Leaks: New research demonstrates that observers can deduce the topics of a conversation in an LLM chatbot with high accuracy simply by analyzing the size and frequency of encrypted network packets (token volume), even without decrypting the data.
• Secret Sprawl: An analysis by Wiz found that several of the world's largest AI companies are leaking secrets and credentials in their public GitHub repositories, underscoring that the speed of AI development is leading to basic, repeatable security mistakes.
• Non-Deterministic LLMs: Research from Anthropic highlights that LLMs are non-deterministic and highly unreliable in describing their own internal reasoning processes, giving inconsistent responses even to minor prompt variations.
• The New AI VSS: The OWASp Foundation unveiled the AI Vulnerability Scoring System (AI VSS), a new framework to consistently classify and quantify the severity (on a 0-10 scale) of risks like prompt injection in LLMs, helping organizations make better risk-informed decisions.

Episode Links:

https://cybersecuritynews.com/promptflux-malware-using-gemini-api/

https://thehackernews.com/2025/11/microsoft-uncovers-whisper-leak-attack.html

https://arstechnica.com/ai/2025/11/llms-show-a-highly-unreliable-capacity-to-describe-their-own-internal-processes/

https://futurism.com/artificial-intelligence/llm-robot-vacuum-existential-crisis

https://www.scworld.com/resource/owasp-global-appsec-new-ai-vulnerability-scoring-system-unveiled

https://arstechnica.com/tech-policy/2025/11/oddest-chatgpt-leaks-yet-cringey-chat-logs-found-in-google-analytics-tool/

https://www.securityweek.com/many-forbes-ai-50-companies-leak-secrets-on-github/

API Exposure in AI Services: We discuss a path traversal vulnerability that led to the discovery of 3,000 API keys in a managed AI hosting service, underscoring that the API remains the exposed attack surface where data exfiltration occurs.

AI Code Agent Traffic Analysis: Drawing on research from Chaser Systems, Jeremy breaks down the network traffic from popular AI coding agents (like Copilot and Cursor). The analysis reveals that sensitive data, including previous conversation context and PII, is repeatedly packaged and resent with every subsequent request, making detection and leakage risk significantly higher.

LLM-Powered Malware: We cover a groundbreaking discovery by the Microsoft Incident Response Team (DART): malware using the OpenAI Assistants API as its Command and Control (C2) server. This new category of malware replaces traditional hard-coded instructions with an LLM-driven "brain," giving it the potential to coordinate malicious activity with context, creativity, and adaptability.

The Guardrail Fallacy: Finally, Jeremy discusses an academic paper showing that strong, adaptive attacks can bypass LLM defenses against Jailbreaks and Prompt Injections with an Attack Success Rate (ASR) of over 90%. The research argues that simple guardrails provide organizations with a dangerous false sense of security.

Episode Links

https://chasersystems.com/blog/what-data-do-coding-agents-send-and-where-to/

https://embracethered.com/blog/posts/2025/claude-abusing-network-access-and-anthropic-api-for-data-exfiltration/

https://arxiv.org/pdf/2510.09023

https://www.microsoft.com/en-us/security/blog/2025/11/03/sesameop-novel-backdoor-uses-openai-assistants-api-for-command-and-control/

------

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

We analyze two stories highlighting the exposure of secrets and sensitive data:

API Insecurity: A path traversal vulnerability was discovered in the APIs powering an MCP server hosting service, leading to the exposure of 3,000 API keys. This reinforces the lesson that foundational security mistakes, such as inadequate secret management and unpatched vulnerabilities, are being repeated in the rush to launch new AI services.

CVE in Google Cloud Vertex AI: We discuss a confirmed CVE in Google's Vertex AI service APIs. This vulnerability briefly allowed requests made by one customer's application to be routed and responded to another customer's account, risking exposure of sensitive corporate data and intellectual property in a multi-tenant SaaS environment.

Finally, we explore the risks of AI Browsers (like the ChatGPT Atlas or Perplexity Comet browser) and AI Sidebars. These agents, designed to act with agency on a user's behalf (e.g., price comparison), are vulnerable to techniques that can reveal sensitive PII and user credentials to malicious websites, or unwittingly download malware.

Episode Links

https://blog.gitguardian.com/breaking-mcp-server-hosting/https://cloud.google.com/support/bulletins#gcp-2025-059

https://fortune.com/2025/10/23/cybersecurity-vulnerabilities-openai-chatgpt-atlas-ai-browser-leak-user-data-malware-prompt-injection/

https://securityboulevard.com/2025/10/news-alert-squarex-reveals-new-browser-threat-ai-sidebars-cloned-to-exploit-user-trust/

https://techcrunch.com/2025/10/25/the-glaring-security-risks-with-ai-browser-agents/

____________

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of FireTail's AI Security & Governance Platform

The Salesforce "forced leak" vulnerability, where an AI agent was exposed to malicious prompt injection via seemingly innocuous text fields on web forms (a failure of input sanitization).

Research from Nvidia detailing waterhole attacks where malicious code (e.g., PowerShell) is hidden in decoy libraries (like "react-debug") that AI coding assistants might suggest to developers.

A consumer AI girlfriend app that exposed customer chat data by storing conversations in an open Apache Kafka pipeline, demonstrating a basic failure of security hygiene under the pressure of rapid AI development.

The "Glass Worm" campaign, where invisible Unicode control characters (similar to Ascii Smuggling research by Firetail) were used to embed malware in a VS Code plugin, proving the invisible code risk is actively being leveraged in development tools.

Finally, Jeremy shares strategic insights from the summit, including the massive projected growth of the AI market (approaching the size of cloud computing), the urgency of data readiness and governance to prevent model poisoning, and the futurist perspective that AI's accelerated skill acquisition (potentially surpassing humans in certain tasks in an 18-month cycle) will require human workers to constantly upskill and change roles more frequently.

Episode Links

https://noma.security/blog/forcedleak-agent-risks-exposed-in-salesforce-agentforce/

https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace

https://developer.nvidia.com/blog/from-assistant-to-adversary-exploiting-agentic-ai-developer-tools/

https://www.foxnews.com/tech/ai-girlfriend-apps-leak-millions-private-chats

https://layerxsecurity.com/blog/cometjacking-how-one-click-can-turn-perplexitys-comet-ai-browser-against-you/

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform

The core of the episode explores the concept of the Sovereign Cloud, specifically Amazon's intended European Sovereign Cloud. Chris clarifies that simple data residency is not true sovereignty due to the US Cloud Act. He details the unique nature of the European partition—a completely separate partition, billing system, and support staff operated only by EU citizens—and identifies the primary flaw: the lack of a legal statute protecting the European employees from being compelled to act under the Cloud Act. Finally, Chris shares a powerful reflection on the fwd:cloudsec community, calling it a "second cloud family".

Guest Bio

Chris Farris is a highly experienced IT professional with a career spanning over 25 years. During this time, he has focused on various areas, including Linux, networking, and security. For the past eight years, he has been deeply involved in public-cloud and public-cloud security in media and entertainment, leveraging his expertise to build and evolve multiple cloud security programs.

Chris is passionate about enabling the broader security team’s objectives of secure design, incident response, and vulnerability management. He has developed cloud security standards and baselines to provide risk-based guidance to development and operations teams. As a practitioner, he has architected and implemented numerous serverless and traditional cloud applications, focusing on deployment, security, operations, and financial modeling.

He is one of the organizers of the fwd:cloudsec conference and presented at various AWS conferences and BSides events. He was named one of the inaugural AWS Security Heroes. Chris shares his insights on security and technology on social media platforms like BlueSky, Mastodon and his website chrisfarris.com.

Episode Links‍

https://fwdcloudsec.org

https://fwdcloudsec.org/forum/

https://www.chrisfarris.com

Discover all of your Shadow AI now

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Book a demo of Firetail's AI Security & Governance Platform.

Jeremy begins by analyzing a GitHub Copilot flaw that exposed an LLM vulnerability similar to the one Jeremy disclosed last week. Researchers were able to use a hidden code comment feature to smuggle malicious prompts into the LLM, allowing them to potentially exfiltrate secrets and source code from private repositories. This highlights a growing risk in how LLMs process different input formats.

Next, we discuss a fascinating research paper demonstrating the effectiveness of data poisoning. The study found that corrupting a model's behavior was possible with as few as 250 malicious documents—even in models with large training sets. By embedding a malicious command that mimicked sudo, researchers could implement a backdoor that sends data out, proving that the Attack Success Rate (ASR) is a critical metric for this real-world threat.

We then examine a story at the intersection of agentic AI and supply chain risk, where untrusted actors exploited vulnerabilities in AI development plugins. By intercepting system prompts that lacked proper encryption, an attacker could discover the agent's permissions and potentially exfiltrate sensitive data, including Windows NTLM credentials.

Finally, we look at the latest State of AI report, which provides further confirmation that LLMs like Claude are being used by malicious actors—specifically suspected North Korean state actors—to "vibe hack" the hiring process. By using AI to create perfect-looking resumes and tailored interview responses, the traditional method of spotting phony candidates by poor text quality is no longer reliable.

Episode Links:

• https://www.securityweek.com/github-copilot-chat-flaw-leaked-data-from-private-repositories/
• https://www.anthropic.com/research/small-samples-poison
• https://versprite.com/blog/watch-who-you-open-your-door-to-in-ai-times/
• https://excitech.substack.com/p/16-highlights-from-the-state-of-ai
• https://www.stateof.ai/
• https://www.firetail.ai/blog/we-interviewed-north-korean-hacker-heres-what-learned

Discover all of your Shadow AI now...

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform.

We start with a classic error: a contractor for the Australian State of New South Wales repeated the "open S3 bucket" mistake by uploading a sensitive data set to a generative AI platform, confirming that old security missteps are resurfacing with new technology.

Next, we look at a win for the defense: how Microsoft's AI analysis tools blocked a sophisticated phishing campaign that used AI-generated malicious code embedded in an SVG file and was sent from a compromised small business—a clear proof that AI can be very useful on the defensive side.

Finally, we discuss recent research from the Firetail team uncovering an ASCII Smuggling vulnerability in Google Gemini, Grok, and other LLMs. This technique uses hidden characters to smuggle malicious instructions into benign-looking prompts (e.g., in emails or calendar invites). We detail the surprising dismissal of this finding by Google, which highlights the urgent need to address common, yet serious, social engineering risks in the new age of LLMs.

Show links:

https://databreaches.net/2025/10/06/nsw-gov-contractor-uploaded-excel-spreadsheet-of-flood-victims-data-to-chatgpt/

https://www.infosecurity-magazine.com/news/ai-generated-code-phishing/

https://www.firetail.ai/blog/ghosts-in-the-machine-ascii-smuggling-across-various-llms

https://thehackernews.com/2025/09/researchers-disclose-google-gemini-ai.html

________

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Guest Bio – Noora Ahmed-Moshe

Noora is the Vice President of Strategy and Operations at Hoxhunt, where she works with internal teams, customers, and partners to develop the future of Human Risk Management. With a strong focus on the human side of cybersecurity, she is an advocate for the importance of culture in driving secure behaviours, and in bridging the gap between technology and human interaction. Noora’s career spans 20 years of digital product and strategy development across industries in the UK and in Finland. Hoxhunt Website - https://hoxhunt.com/

AI Powered Phishing Outperforms Elite Cybercriminals in 2025- https://hoxhunt.com/blog/ai-powered-phishing-vs-humans

Guest Bio – Joseph Carson

Joseph Carson is Chief Security Evangelist and Advisory CISO at Segura, where he helps organizations worldwide strengthen identity security and build resilient cyber defense strategies. An award-winning cybersecurity leader with more than three decades of experience, Joe has advised governments, critical infrastructure, and global enterprises. He is the author of Cybersecurity for Dummies, read by over 50,000 professionals, and a regular contributor to leading outlets including The Wall Street Journal and Dark Reading. Joe also hosts the podcast Security by Default and is a frequent keynote speaker on identity and AI-driven threats.

Security by Default Podcast - https://open.spotify.com/show/0mzN5M5CkFVLn8fq5TnH0O

Joseph on Linkedin - https://www.linkedin.com/in/josephcarson/

Segura Website - https://segura.security/

Guest Bio – Eldon Sprickerhoff

Eldon Sprickerhoff is an acclaimed entrepreneur, advisor, and investor with deep expertise in information security, machine learning, SaaS, and finance. He co-founded eSentire, a global leader in managed detection and response, and served there for over two decades before founding Caledon Ventures, where he now advises and invests in cybersecurity startups. A graduate of the University of Waterloo, Eldon received the J.W. Graham Medal for computing and innovation and was inducted into the Waterloo Region Entrepreneur Hall of Fame in 2024. He is also the author of Committed, a candid guide for startup founders.

Eldon's Book: https://www.amazon.com/Committed-Survival-Uncommon-First-Time-Founders/dp/1738396428

Caledon Ventures on Linkedin: https://www.linkedin.com/company/caledon-ventures

Guest Bio – Dhruv Ahuja

Dhruv Ahuja is a cybersecurity professional from Chaser Systems with a background in financial services and sysadmin roles in London. He specializes in network and cloud security, focusing on building user-friendly products that prioritize usability for developers and security teams. A strong advocate for interoperability and open-source protocols, Dhruv is known for his work leveraging asymmetric cryptography and has presented on topics like using Let's Encrypt with AWS IAM Roles Anywhere to create secure, elegant authentication solutions. He has extensive experience with the unique security demands of financial institutions , from low-latency market data feeds to retail banking operations.

Chaser Systems - https://chasersystems.com/

The two explore the shift from traditional network boundaries to identity-based security models, and Jason shares practical takeaways for organizations looking to improve IAM strategy in the face of sprawling permissions and conflicting access controls.

Guest Bio – Jason Kao:

Jason Kao is the founder of FoxSecurity, a new company focused on solving data perimeter and cloud ransomware challenges. His career spans engineering roles at Cisco and Fidelity Investments, offensive security consulting at Praetorian, security research at CloudQuery, and now startup leadership. Jason is a regular speaker at security conferences like fwd:cloudsec, where he shares deep research and practical insights into complex topics like IAM, cloud architecture, and data protection.

Fog Security - https://www.fogsecurity.io/

About Toni de la Fuente

Toni de la Fuente is the founder of Prowler, the open source cloud security tool designed to help organizations improve their cloud security posture. With over 25 years of experience in cybersecurity and more than a decade focused on cloud, Toni has held roles across blue, red, and purple teams, including time at AWS. A passionate open source advocate and Iron Maiden fan, Toni built Prowler to automate cloud configuration checks and make security accessible to all.

Prowler Website: https://prowler.com/

Prowler on GitHub: https://github.com/prowler-cloud/prowler

With the health tech industry as a backdrop, they reflect on balancing innovation with control, managing AI risks, and fostering collaboration between platform engineering and governance teams. This episode is a timely and practical look at the realities of secure AI adoption in modern organizations.

Guest Bio – Kyler Middleton

Kyler Middleton is the Principal Internal AI Developer at Veradigm, where she leads internal AI development initiatives with a focus on enablement, experimentation, and responsible model usage. A passionate technologist, Kyler works closely with platform and security teams to ensure AI is integrated thoughtfully and securely into enterprise workflows.

Guest Bio – Sai Gunaranjan

Sai Gunaranjan is the Lead Architect for the Veradigm Cloud Platform, with a focus on Azure technologies and scalable platform governance. He plays a key role in enabling secure AI experimentation and implementation across Veradigm’s healthcare-focused products, combining deep cloud expertise with a pragmatic approach to compliance and risk mitigation.

Kyler on Linkedin - https://www.linkedin.com/in/kylermiddleton

Sai on Linked - https://www.linkedin.com/in/saigunaranjan

Let's Do DevOps - http://letsdodevops.com/

Guest Bio – Celina Stewart:

Celina Stewart is the Director of Cyber and AI Risk Management at Neuvik, where she helps organizations design and optimize cybersecurity programs through a risk-based lens. Before joining Neuvik, Celina was a founding member of McKinsey & Company’s cybersecurity practice, advising Fortune 500 companies on strategy, program performance, and enterprise risk integration. Her insights have been published in McKinsey on Risk and other leading outlets, and she’s a regular speaker at conferences including the AI Risk Summit, HackRedCon, and ACSAC. Celina holds an MBA and an MS in Design Innovation from Northwestern’s Kellogg School of Management.

Neuvik Webiste - www.neuvik.com

About Dan Draper

Dan Draper is the founder and CEO of CipherStash, a data security company focused on enabling trusted access to encrypted data. An experienced cryptography engineer, Dan previously served as VP of Engineering at MedicalDirector and Expert360. His mission is to empower developers with the tools and knowledge they need to build secure, privacy-respecting applications. Dan is a leading voice in applying searchable encryption to real-world business challenges and is passionate about rethinking how organizations manage data access securely and efficiently.

Host Note: “We checked Riverside’s encryption after recording and found this: https://www.ietf.org/id/draft-ietf-tls-ecdhe-mlkem-00.html — so quantum-safe 🙂”

CipherStash Website: https://cipherstash.com/

Dan on Linkedin: https://www.linkedin.com/in/ddraper/

About Stephen Hinch

Stephen W. Hinch is an experienced senior executive, award-winning author, and recognized innovator in the high-tech industry. With decades of management experience at companies like Hewlett-Packard, Agilent Technologies, and TeamLogic IT, he played a pivotal role in advancing surface mount and fiber optic technologies. He has authored five books, including the IBPA Benjamin Franklin Award-winning The Slickrock Desert, and his latest title, Winning Through Innovation: Lessons from the Front Lines of Business, is set to release in May 2025. Steve now serves as a consultant to senior executives in high tech and continues to shape industry standards and innovation.

Winning Through Innovation on Amazon: https://www.amazon.com/Winning-through-Innovation-Lessons-Business-ebook/dp/B0DXRGS99R

The Slickrock Desert on Amazon: https://www.amazon.com/Slickrock-Desert-Discovery-Endangered-Wilderness/dp/0966199901

Stephen's Website: https://www.stephen-w-hinch.com/

About Mikko Hypponen:

Mikko Hyppönen is a globally recognized cybersecurity expert and the Chief Research Officer at WithSecure. With over 30 years of experience in the industry, Mikko has analyzed some of the most significant malware outbreaks in history, such as Love Letter, Melissa, and Stuxnet. He is a sought-after speaker at international conferences, a TED Talk veteran, and the author of the acclaimed book If It’s Smart, It’s Vulnerable. Passionate about cybersecurity education, Mikko has been a driving force behind initiatives like the Museum of Malware Art, showcasing how digital threats can inspire artistic creativity.

Mikko's Website: https://mikko.com/

WithSecure Website: https://www.withsecure.com/en/home

Mikko's Linkedin: https://www.linkedin.com/in/hypponen/

Mikko's X: https://twitter.com/mikko

About Justin

Justin Rende is the founder and CEO of Rhymetec, a cybersecurity firm providing cybersecurity, compliance and data privacy needs to SaaS companies. With more than 20 years of experience in cybersecurity, Justin has focused exclusively on developing the most innovative and customizable cybersecurity solutions for modern SaaS-based companies. Since founding the company in 2015, Justin has led Rhymetec’s growth to more than 35 full-time employees, without outsourcing any of its services, and has served more than 1,000 clients ranging from startups to large enterprises.

Rhymetec Website - https://rhymetec.com/

Justin on Linkedin - https://www.linkedin.com/in/justin-rende/

About Joe Erle

Joe Erle is the host of the Ransomware Rewind podcast and a cybersecurity insurance expert at C3 Insurance. With years of experience helping organizations navigate the complexities of cyber risk, Joe brings deep knowledge of incident response, policy coverage, and ransomware negotiation. Through his podcast and professional work, he provides actionable insights on current threats, trends, and how companies can better protect themselves.

Ransomware Rewind Podcast - https://www.youtube.com/@UC8UYB3xzRVdm6QypQ8SZBww

C3 Insurance - https://c3insurance.com/

Joe on Linkedin - https://www.linkedin.com/in/joeerle/

About Danny Allan

Danny Allan is the Chief Technology Officer at Snyk, where he leads the strategic direction of the company’s developer-first security platform. Before joining Snyk, Danny served as CTO at Veeam and Desktone (acquired by VMware), and as Director of Security Research at IBM. With deep experience across security, infrastructure, and cloud, Danny is a champion for making security accessible and scalable for developers. A proud Canadian, he’s also an avid scuba diver, cyclist, and hockey enthusiast.

www.snyk.io

About Adam Burns

Adam Burns is the CEO of BlackVeil, a New Zealand-based company focused on simplifying email security for businesses of all sizes. With a career rooted in the MSP space, Adam has worked across support, engineering, and project delivery roles. Drawing on years of experience responding to cybersecurity incidents, he now helps organizations protect against common vulnerabilities—especially phishing and email-based threats.

BlackVeil Website: https://www.blackveil.co.nz

About Jeff Lyon

Jeff Lyon is a Business Information Security Advisor who empowers organizations to take control of their cybersecurity frontier. As the CEO and Founder of TheCyberWild, Jeff guides organizations through the intricacies of cyberspace. With a wealth of knowledge accumulated through years of hands-on experience and strategic leadership, he provides security awareness training, security assessments, 24x7x365 Security Monitoring and governance, risk, and compliance strategies and other cybersecurity solutions tailored to the unique needs of each client.

TheCyberWild Website - https://thecyberwild.com/

About Mike McCabe:

Mike McCabe is the founder and CEO of Cloud Security Partners, where he helps organizations design and implement secure cloud architectures. With a career spanning over two decades in cybersecurity and IT, Mike specializes in incident response, threat detection, and cloud security strategy. He has worked with enterprises across multiple industries to strengthen their security postures and is a frequent speaker on cloud and cybersecurity best practices.

Cloud Security Partners Website - https://cloudsecuritypartners.com/

About Jeremy Snyder Jeremy Snyder is the founder and CEO of FireTail, where he focuses on AI & API security and securing modern cloud-native applications. With over 20 years of experience in cybersecurity, cloud computing, and IT operations, Jeremy previously worked at Rapid7, DivvyCloud, and AWS in various leadership roles.

About Shrav Mehta

Shrav Mehta is the founder and CEO of Secureframe, which has quickly become a leading compliance automation platform helping thousands of organizations meet their security and privacy obligations. A lifelong entrepreneur, Mehta began developing mobile applications as a teenager, creating more than a dozen apps that amassed millions of downloads. Recognizing the need for a modern, streamlined approach to security and compliance, he launched Secureframe at just 23 years old. Under his leadership, the company continues to redefine the industry, simplifying complex compliance processes and empowering organizations of all sizes to navigate today’s evolving security landscape.

Secureframe Website - https://secureframe.com/

About Kristin Demoranville

Kristin Demoranville is a seasoned cybersecurity and risk management expert with 26 years of experience in the tech industry. She is the founder and CEO of AnzenSage, a firm dedicated to cybersecurity solutions in the food and agricultural sectors, and co-founder of AnzenOT, an innovative SaaS OT Cybersecurity Risk Intelligence solution. Kristin holds a degree in environmental management, and her studies included researching gorilla behavior, which brought a unique perspective to her work. She excels in crafting and implementing risk cybersecurity strategies, particularly within OT/ICS environments. As the host of the Bites & Bytes Podcast, Kristin drives meaningful conversations at the intersection of food, technology, and cybersecurity.

AnzenOT Website - https://www.anzenot.com/

AnzenSage Website -https://www.anzensage.com/

Kristin on Linkedin - https://www.linkedin.com/in/demoranvillekristin/

Bites & Bytes Podcast - https://www.bitesandbytespodcast.com/episodes

‍

About Terry Ziemniak

Terry has over 25 years of experience in the information security field with work ranging from technical, compliance, and executive leadership. His recent positions include 10 years as Information Security Officer for multi-billion dollar organizations across the United States. Terry now works as a fractional cybersecurity executive, helping SMBs understand, manage, and reduce their cyber risks.

Terry on Linkedin - https://www.linkedin.com/in/terryziemniak/

TechCXO Website - https://www.techcxo.com/

John shares insights into recursive DNS as a cybersecurity tool, the political and regulatory pressures on DNS providers, and why DNS-based censorship is a growing concern worldwide. Plus, they explore the role of Quad9 in protecting user privacy, the importance of trust in Internet infrastructure, and how governments and corporations are influencing DNS operations.

Tune in to understand why DNS security is more critical than ever and what the future of DNS might look like.

About John Todd

John Todd is the General Manager for Quad9. He has been involved in internet infrastructure, networking operations, and DNS-related roles for 35 years as an engineer, manager, and IP enthusiast.

Quad9 Website - https://quad9.net/

DNS Haiku - https://www.cyberciti.biz/humour/a-haiku-about-dns/

About Gemma Moore

Gemma Moore is a highly-experienced Red Teamer, Penetration Tester, and Technical Security Consultant. Her expertise lies in network and web application penetration testing, with an emphasis on adversary simulation and simulated attack strategies. She is a founding director of the information security consultancy, Cyberis.

Cyberis Blog: cyberis.com/blog

Gemma's LinkedIn: https://www.linkedin.com/in/gemma-moore-9839921/

Penetration Testing: A guide for business and IT managers : https://shop.bcs.org/store/221/detail/workgroup?id=3-221-9781780174082

About Dave Sobel

Dave Sobel is the host of The Business of Tech podcast and owner of MSP Radio, where he provides expert analysis on IT services and managed service providers. A recognized industry leader, Dave operated an award-winning MSP for over a decade, was a finalist for Microsoft’s Worldwide Partner of the Year, and has held leadership roles at Level Platforms, GFI, LogicNow, and SolarWinds. He is also an author, co-host of the Killing IT podcast, and a frequent industry speaker. Based near Washington, D.C., Dave enjoys travel, craft beer, retro video games, and cheering for the Nationals and Capitals.

The Business of Tech Podcast: https://www.businessof.tech/

About Kelvin Green

Kelvin Green is the Chief Cybersecurity Advisor and co-founder of CyberSec And I, an advisory firm specializing in User and Entity Behavioral Analytics (UEBA) and AI-driven security solutions. With over 20 years of experience in IT and cybersecurity, Kelvin has worked in diverse sectors, including healthcare, government, and SMBs. He has held notable roles such as Infrastructure and Operations Lead for the Kentucky Health Benefits Exchange and Lead Messaging Engineer for a behavioral health organization. Known for his practical expertise, Kelvin has delivered training sessions globally and provided cutting-edge solutions as a Solutions Architect for DHS. Outside of cybersecurity, he once worked as a game tester for Tetris and remains passionate about fostering accessible, robust security practices in a rapidly evolving digital landscape.

CyberSec And I Website: https://cybersecandi.com/

About Leslie Daigle

Leslie Daigle is the Chief Technical Officer and Director of the Internet Integrity Program at the Global Cyber Alliance (GCA), where she leads efforts to enhance global cybersecurity through practical solutions. With more than two decades of experience, Leslie has worked at the crossroads of technology, economics, and policy to address complex challenges in Internet security and architecture.In addition to her role at GCA, Leslie is the principal at Thinking Cat Enterprises and co-host of the Tech Sequences podcast, where she examines the impacts of technology, including its unintended consequences. She holds an M.S. in Computing and Information Systems from the University of Guelph and a B.S. in Math and Computer Science from McGill University.Leslie is recognized as a thought leader in the cybersecurity community and is a passionate advocate for fostering trust, integrity, and inclusivity in the Internet’s infrastructure.

Useful Links

https://globalcyberalliance.org/

https://www.techsequences.org/podcasts/

https://manrs.org/

In this episode of Modern Cyber, Jeremy travels to Helsinki, Finland to meet with cybersecurity legend Mikko Hypponen for a personal tour of WithSecure's Museum of Malware Art. Mikko takes Jeremy on an exclusive curator’s tour of the museum, showcasing the intersection of malware history, art, and technology. Explore stunning exhibits like sculptures inspired by infamous ransomware, interactive malware simulations, and visualized outbreaks of iconic viruses such as Love Letter and Melissa. Hear Mikko’s insights on the evolution of malware—from early viruses that were playful or visually striking to modern ransomware gangs with corporate-like branding. This episode celebrates cybersecurity’s rich history while examining the artistic lens through which these stories are now told.

About Mikko Hyppönen

Mikko Hyppönen is a globally recognized cybersecurity expert and the Chief Research Officer at WithSecure. With over 30 years of experience in the industry, Mikko has analyzed some of the most significant malware outbreaks in history, such as Love Letter, Melissa, and Stuxnet. He is a sought-after speaker at international conferences, a TED Talk veteran, and the author of the acclaimed book If It’s Smart, It’s Vulnerable. Passionate about cybersecurity education, Mikko has been a driving force behind initiatives like the Museum of Malware Art, showcasing how digital threats can inspire artistic creativity.

Mikko's Website: https://mikko.com/

WithSecure Website: https://www.withsecure.com/en/home

Mikko's Linkedin: https://www.linkedin.com/in/hypponen/

Mikko's X: https://twitter.com/mikko

Museum of Malware Art - https://www.withsecure.com/en/experiences/museum-of-malware-art

About Sounil Yu

Sounil Yu is the co-founder of Knostic AI and a highly respected thought leader in cybersecurity. Previously, he served as CISO and Head of Research at JupiterOne, as well as Chief Security Scientist at Bank of America. Sounil is best known for creating the Cyber Defense Matrix and the DIE Triad, two groundbreaking frameworks that are reshaping approaches to cybersecurity. He holds an MS in Electrical Engineering from Virginia Tech and dual BS and BA degrees in Electrical Engineering and Economics from Duke University. Sounil also serves as an Advisory Board Member for FireTail, bringing his wealth of experience to the forefront of API security innovation.

Knostic AI Website - https://www.knostic.ai/

About Confidence Staveley:

Confidence Staveley is a distinguished cybersecurity leader, founder of MerkleFence, and the driving force behind the CyberSafe Foundation. She is a best-selling author of API Security for White Hat Hackers and creator of the acclaimed YouTube series API Kitchen, which simplifies API security using culinary metaphors. Confidence has been recognized as one of the Top 40 Global Thought Leaders in Cybersecurity for 2024 and one of 150 Fascinating Females Fighting Cybercrime by Women Know Cyber. Through her initiatives, she has empowered thousands, including women in Africa via the Cyber Girls Fellowship, the continent’s largest cybersecurity training program for women. With a deep commitment to inclusion, education, and security innovation, Confidence is a trailblazer in the global fight against cyber threats.

Links and Resources:

• Confidence's TED Talk
• API Kitchen Season 1
• Confidence's Personal Website
• MerkleFence Website
• Connect with Confidence on LinkedIn

About Richard Hollis:

Richard Hollis is the Founder and CEO of Risk Crew, a London-based consultancy specializing in cybersecurity risk management, ethical hacking, and user awareness training. With over 30 years of experience, Richard is a recognized expert in designing and testing secure IT systems. He is a passionate advocate for privacy rights and simplifying cybersecurity solutions. Known for his candid critiques and pragmatic approaches, Richard aims to drive meaningful change in how organizations protect sensitive information.

Risk Crew Website - https://www.riskcrew.com

Circle of Failure White Paper - https://www.riskcrew.com/resources-2/cybersecurity-circle-of-failure/

About Simo Kohonen

Simo Kohonen is the founder and CEO of Defused, a cutting-edge cyber deception company that empowers organizations to outsmart attackers. With a background in computer science, Simo has transitioned from warehouse work to becoming a leader in deception technology. He is a guest lecturer at Cranfield University’s Ministry of Defense Cyber Program and has been featured in media outlets such as The Wall Street Journal and Yahoo. Simo’s expertise lies in deploying innovative deception strategies to enhance situational awareness and protect digital infrastructures.

https://defusedcyber.com/

https://x.com/simokohonen

About Simon Wijckmans

Simon Wijckmans is the CEO and founder of c/side, a company focused on client-side web security. With extensive experience in web and browser security, Simon is a key advocate for proactive defenses against client-side exploits. His approach with c/side emphasizes real-time monitoring and innovative browser capabilities. Passionate about bridging the gap between developers and security teams, Simon’s expertise continues to drive forward-thinking solutions for modern web security.

https://cside.dev/

About Cory O'Daniel

Cory O'Daniel is the Co-Founder and CEO of Massdriver, an innovative platform dedicated to simplifying cloud infrastructure through secure, scalable, and easy-to-deploy solutions. With a career spanning cloud security and DevOps, Cory has become a prominent voice on topics like infrastructure-as-code and platform automation. He's the author of the blog post "DevOps is Bullshit," a critique that has sparked ongoing industry debate. Known for his hands-on expertise and down-to-earth approach, Cory leads Massdriver in creating practical solutions that streamline cloud operations, making it accessible and effective for development teams of all sizes. Outside his professional pursuits, Cory is a taco enthusiast and an RC car hobbyist.

https://www.massdriver.cloud/

https://www.massdriver.cloud/blogs/devops-is-bullshit

https://www.youtube.com/channel/UCfj8P7MJcdlem2DJpvymtaQ

About Wes Kussmaul

Wes Kussmaul is the founder and CEO of the Authenticity Institute, an organization that pioneers solutions in digital identity and PKI-driven accountability frameworks. With a background as a top-rated cybersecurity thought leader on Thinkers360’s list, Wes is also credited with creating the first online encyclopedia, which evolved into the Delphi social network. His career spans work with the International Telecommunication Union and the publication of his book Quiet Enjoyment, which addresses social media accountability. Known for his innovative perspective on digital spaces, Wes champions a more accountable and privacy-respecting internet built upon PKI technology.

https://www.authenticityinstitute.com/

https://weskussmaul.com/

https://www.linkedin.com/in/weskussmaul/

About Jeff Perry

Jeff Perry is a leadership and career expert who helps engineers and technical professionals unlock their potential. He is the author of The Intentional Engineer, a guide to building purpose-driven careers. Jeff's work focuses on mindset, leadership, and organizational culture, helping both individuals and teams thrive in their environments.

https://jeff-perry.com/

https://arbinger.com/

https://www.theintentionalengineer.com

About Jonathan Steele

Jonathan Steele is a distinguished family law attorney and the founder of Steele Fortress, a leading privacy and cybersecurity consulting firm. As a partner at Beermann LLP in Chicago, Jonathan has a reputation for handling complex family law cases with innovative legal strategies. His dual expertise in law and cybersecurity uniquely positions him to provide invaluable insights into the intersection of these fields.

Website: https://steelefortress.com/

About Sounil Yu

Sounil Yu is the co-founder of Knostic.ai and a prominent figure in cybersecurity known for creating the Cyber Defense Matrix and the DIE Triad, which have become key frameworks in the industry. Previously, he served as the CISO and Head of Research at JupiterOne and as the Chief Security Scientist at Bank of America. Sounil holds an MS in Electrical Engineering from Virginia Tech and dual degrees in Economics and Electrical Engineering from Duke University. He is an advisory board member at FireTail and frequently speaks on the intersection of technology, security, and risk management.

Website: https://www.knostic.ai/

LinkedIn: https://www.linkedin.com/in/sounil/

About Jeff Lyon

Jeff Lyon is the CEO and founder of The Cyberwild, a cybersecurity firm specializing in helping small and mid-sized organizations protect their digital assets. With decades of experience in cybersecurity, including roles in healthcare and as a consultant for Fortune 50 companies, Jeff brings a wealth of knowledge to the table. He is a certified CISM, CISSP, and CCSP, and holds degrees in management information systems and computer engineering. Jeff is passionate about making advanced security solutions accessible to all organizations, regardless of size or industry.

The Cyberwild Website: https://thecyberwild.com

LinkedIn: https://www.linkedin.com/in/cyber-jeff/

About Trent Gander:

Trent Gander is a defense and security consultant with over eight years of experience working in the firearms, law enforcement, and military sectors. He specializes in making complex security issues more accessible and has contributed to multiple projects related to modern warfare. Trent is available for consulting work in the law enforcement and military space and can be found on LinkedIn and Upwork.

Contact:

https://x.com/Gentdeirreveren

https://www.linkedin.com/in/trent-gander-944541aa/

secondageallanon@gmail.com

About Ani Chaudhuri

Ani Chaudhuri is the CEO of Dasera, a company dedicated to automating data security and governance for structured and unstructured data across cloud and on-prem environments. With a background in building successful tech companies such as eCircle, Opelin, and Whodini, Ani has a deep understanding of data protection and privacy. His experience spans roles at McKinsey, HP, and Tata Steel, and he’s passionate about creating solutions that foster trust between consumers and businesses.

https://www.dasera.com/

https://www.linkedin.com/in/anionline/

https://www.dasera.com/blog/author/ani-chaudhuri

https://www.darkreading.com/author/ani-chaudhuri

https://www.ophionsecurity.com/

https://www.securityrunners.io/

About Dustin Lehr

Dustin Lehr is the co-founder and Chief Product and Technology Officer at Katilyst, where he focuses on helping companies drive cultural change through security champion programs. Prior to his leadership role in cybersecurity, Dustin spent over 13 years as a software engineer and application architect across various industries, including retail, defense, and video gaming. His experience in both development and security enables him to bridge gaps between engineering teams and security professionals. In addition to his work at Katilyst, Dustin co-founded "Let’s Talk Software Security," a global virtual meetup group, and authored the Security Champion Program Success Guide. He holds a computer science degree from Colorado State University and a variety of industry certifications.

https://www.meetup.com/lets-talk-software-security/

https://securitychampionsuccessguide.org/

https://www.katilyst.com/

About Zack Glick

Zack Glick is a co-founder and CTO at Zatik Security, a company providing fractional application security services for small and medium-sized businesses. Before starting Zatik, Zack spent eight years at AWS, where he played a key role in cloud incident response, handling some of the most significant security events in the industry. Zack's experience also includes time at New Relic, where he further honed his expertise in cybersecurity. He now focuses on helping small businesses build robust security strategies and navigate complex vendor management requirements.

Zatik Security Website - https://www.zatik.io/

Zack Glick LinkedIn - https://www.linkedin.com/in/zglick/

About Dirk Schrader:

Dirk Schrader is the Vice President of Security Research at Netwrix, where he focuses on advancing cyber resilience as a modern approach to tackling cyber threats. He also holds the title of Resident CISO for EMEA. With over 25 years of experience in IT security, Dirk specializes in research for critical industries such as healthcare, energy, and finance—sectors that are frequently targeted by cyberattacks. He holds prestigious certifications including CISSP from ISC2 and CISM from ISACA. Dirk is known for his deep understanding of cybersecurity strategies, particularly in how traditional military tactics can be applied to modern cyber defense.

https://blog.netwrix.com/

https://en.wikipedia.org/wiki/Anti-submarine_warfare

https://en.wikipedia.org/wiki/List_of_submarine_operators

About Javvad

Javvad Malik is the Lead Security Awareness Advocate at KnowBe4, based in London, with over two decades of experience in IT security. His career spans roles as a security administrator, consultant, industry analyst, and advocate. Javvad is not only a multi-award-winning professional but also holds a Guinness World Record for the most views of a cybersecurity lesson on YouTube in 24 hours. He is passionate about helping organizations understand the value of security awareness and how it can be integrated into every facet of an organization. Through his engaging blog posts, videos, podcasts, and public speaking events, Javvad continues to influence the cybersecurity landscape. He holds key certifications, including SSCP and CISSP, and is known for his practical and human-centric approach to cybersecurity.

Guinness World Record - https://www.youtube.com/watch?v=fI6s-NqbqPs

Javvad's YouTube Channel - https://www.youtube.com/InfosecCynic

Deceptive Design - https://www.deceptive.design/

KnowBe4 - https://www.knowbe4.com/

About Marina Segal

Marina Segal is the Founder and CEO of Tamnoon, a company dedicated to advancing cloud security. With a career spanning roles from a consultant at Deloitte to a key player in the development of cloud security technologies, Marina has been at the forefront of the industry. Her expertise includes working on CNAPP and CSPM tools, and she played a significant role in shaping cloud security best practices. Prior to founding Tamnoon, Marina contributed to the success of several cloud security initiatives, including Dom9 and Checkpoint, where she honed her skills in product management and cybersecurity strategy. Her passion for cloud security continues to drive her work at Tamnoon, where she focuses on solving the industry's most pressing challenges.

Tamnoon Website - https://tamnoon.io/

About Johannes Wiklund

Johannes Wiklund is the Head of Information Security at JotForm, a leading SaaS application for creating online forms. With close to three years at JotForm, Johannes has been instrumental in shaping the company's information security strategy and implementation. He oversees multiple teams, including AppSec, cloud infrastructure, incident response, and governance and compliance. Johannes brings a wealth of experience in leveling up security programs for late-stage startups and has a comprehensive background in managing compliance functions such as HIPAA, SOC2, and FedRAMP/StateRAMP. His approach to security includes integrating tools like Semgrep for static code analysis and running an invitation-only bug bounty program through HackerOne. Johannes is also known for his proactive stance on data security and his ability to guide product security decisions, making him a pivotal figure in the cybersecurity landscape.

About Shauli Rozen

Shauli is the co-founder and CEO of ARMO, a pioneering company in cloud-native security solutions, and the driving force behind Kubescape, an open-source Kubernetes security platform. With a wealth of experience in the cloud security space, Shauli has a deep understanding of the challenges and intricacies of protecting modern cloud environments. His career is marked by a passion for product creation and innovation in security, focusing on developing solutions that integrate runtime and configuration security to enhance overall cloud security posture. Shauli is known for his practical approach to cybersecurity, emphasizing the importance of synergy between different security products and the need for continuous hardening and contextual awareness. He actively engages with the security community, sharing insights and fostering discussions on emerging trends and best practices in cloud security.

https://www.armosec.io/

https://github.com/kubescape/kubescape

About Noah McDonald

Noah is an experienced security engineer at Google Clou where he helps clients optimize and secure their cloud environments. He is also an Advisory Board Member at Fulton-Montgomery Community College, contributing to cybersecurity education. Previously, he held key roles at Palo Alto Networks Unit 42 and EY, where he provided advanced digital forensics and cybersecurity consulting services. With a strong background in both technical and advisory capacities, Noah is a respected professional in the cybersecurity industry.

About Steve Stratton

Steve Stratton has had an illustrious career in cybersecurity, beginning with his service in the military, where he worked in White House Communications and as a Special Forces Senior Weapons and Communications Sergeant. He later joined the US Secret Service before transitioning to develop software solutions for the warfighter and intelligence community. Steve holds a BA in Management and numerous technical certifications from Sun Microsystems, Novell, Cisco, and others. With extensive experience in cybersecurity, Steve is a respected advisor and author, contributing significant insights to the field, particularly in cross-domain solutions and high assurance systems.

Citibank Vax Hack: https://www.cybereason.com/blog/malicious-life-podcast-the-real-story-of-citibanks-10m-hack

Shadow Tier: https://www.amazon.com/Shadow-Tier-SHADOW-TIER-Book-ebook/dp/B0CTXNC734/ref=sr_1_2?c[…]igital-text&sprefix=steve+stratton%2Cdigital-text%2C70&sr=1-2

Warrior’s Path: https://www.amazon.com/Warriors-Path-Lance-Origin-SHADOW-ebook/dp/B0D482MDHG/ref=sr_[…]igital-text&sprefix=steve+stratton%2Cdigital-text%2C70&sr=1-1

About Viktor Markopoulos

Viktor Markopoulos is a security researcher with extensive experience in analyzing and mitigating cybersecurity threats. He specializes in API security and has contributed to numerous security incident reports, helping organizations understand and address their vulnerabilities. Viktor is known for his expertise in authentication issues and his ability to break down complex security breaches for broader audiences.

About Stuart Seymour

Stuart is Group Chief Security Officer (Group CISO and CSO) at Virgin Media O2. Stuart is proudly dyslexic and a Cyber Security and Physical Security Leader with over 25 years of global remit and experience. Stuart has a proven track record of building Security Functions and teams globally at major multinationals. He was ranked #1 CISO at the CSO 30UK awards in 2023 and received an award for Diversity and Inclusion for his work on Neurodiversity the same year. Multilingual with global experience in security consultancy, physical security, cyber security, cyber incident response and all aspects of business resilience, Stuart has designed, managed and delivered complex, fiscally prudent physical and cyber security solutions / programs finding the balance between security, availability and business enablement. Stuart has an ability to lead a diverse and virtual workforce spread across four continents during periods of significant pressure, recognised for developing and mentoring staff to achieve more than is expected of them.

About Tanya Janca

Tanya Janca, also known as SheHacksPurple, is a renowned figure in cybersecurity with over 25 years of experience in IT and coding. She is the bestselling author of "Alice and Bob Learn Application Security" and an award-winning public speaker who has delivered hundreds of talks across six continents. As the head of education and community at Semgrep, Tanya focuses on creating and sharing content and training to promote secure software development. She is also an active blogger and a strong advocate for diversity, inclusion, and kindness in the tech community.

https://semgrep.dev/

https://shehackspurple.ca/

About Alexey Sapozhnikov

Alexey Sapozhnikov is the CEO of Andeavour, specializing in organizational intelligence through AI. With a rich background in AI and data science, Alexey has developed solutions for cybersecurity, sanctions compliance, and HR analytics. He is a thought leader in AI compliance and the future of AGI, contributing valuable insights to the cybersecurity community.

Andeavour Website - https://andeavour.io/

Alexey Linkedin - https://www.linkedin.com/in/alexey-sapozhnikov-%E2%98%81-88494a2/

They highlight the differences in attack patterns, with the US facing more phishing and reconnaissance, while Asia encounters targeted DDoS attacks often linked to competitive tactics. This is an episode you don't want to miss. Check it out now.

About Scott McCrady

Scott is the CEO of SolCyber, with over 25 years of experience in the cybersecurity industry. He has held leadership roles at companies such as FireEye, IBM, and Symantec, focusing on driving growth and innovation in cybersecurity solutions. Scott has a strong background in managing global teams and developing strategic initiatives to enhance organizational security. He is passionate about the cybersecurity landscape in Asia, having spent significant time in the region, and is committed to improving cybersecurity practices worldwide. He is also the host of Security Shorts with Scott.

Relevant links

Security Shorts with Scott - https://open.spotify.com/show/0YRGrauXqhQRgFcqCCcm4e

SolCyber Website - https://solcyber.com/

Scott’s LinkedIn - https://www.linkedin.com/in/scottmccrady/

About Steve Orrin

Steve Orrin is a leading expert in cybersecurity with a focus on organizational and technological strategies. With extensive experience working on multiple security standards and guidance with NIST, Steve has a deep understanding of the challenges and solutions in the cybersecurity landscape. He is actively involved in various public sector initiatives and using commercial technologies to solve federal problems.

For more insights from Steve, see the links below...

Relevant Links

• Intel Public Sector https://www.intel.com/content/www/us/en/government/public-sector-solutions-overview.html
• Steve on Linkedin: https://www.linkedin.com/in/sorrin/
• NIST 800 Family of Documents: https://csrc.nist.gov/publications/sp800
• NIST CSF: https://www.nist.gov/cyberframework
• NIST 1800 Family of Documents: https://www.nist.gov/itl/publications-0/nist-special-publication-1800-series-general-information
• OCSF: https://schema.ocsf.io/
• FireTail Endpoint Security Blog: https://www.firetail.io/blog/i-was-wrong-about-endpoint-security

About Ryan Smith

Ryan Smith is the founder of QFunction, a company dedicated to enhancing cybersecurity through the integration of AI and human expertise. With a background in computer science and extensive experience in cybersecurity for organizations like NASA JPL and Pfizer, Ryan has developed innovative solutions for anomaly detection and threat intelligence. He is passionate about making cybersecurity accessible to small and medium-sized businesses and advocates for ethical AI practices.

QFunction's website https://qfunction.ai

Ryan on LinkedIn - https://www.linkedin.com/in/ryan-smith-0390202b/

Craig highlights the need for cyber literacy, emphasizing the frequent causes of breaches such as phishing, social engineering, and weak passwords. The discussion also touches on the role of AI in both aiding and combating cyber threats. AI helps hackers improve phishing emails and exploit vulnerabilities, but it also enhances intrusion detection systems by identifying anomalies quickly.

Craig shares an anecdote about a company where an HR employee was tricked into purchasing $26,000 worth of gift cards for a scammer posing as the CEO, highlighting the importance of cyber literacy training to prevent such incidents. He underscores that until cyber literacy is widely taught and enforced, phishing and social engineering will remain prevalent attack vectors. This is an episode you don't want to miss.

About Craig Taylor

Craig is a Certified Information Systems Security Professional (CISSP) since 2001, and a 25-year veteran in the field of cybersecurity. In 2014, he co-founded CyberHoot, a company dedicated to teaching cyber literacy skills through innovative training methods. Throughout his career, Craig has led cybersecurity efforts in various industries including web hosting (CSC), finance (JP Morgan Chase), and manufacturing (Vistaprint). Currently, he heads a cybersecurity consulting practice that delivers virtual Chief Information Security Officer (vCISO) services to over 40 companies.

Relevant Links:

LinkedIn: https://www.linkedin.com/in/craigmtaylor/

CyberHoot Website: https://cyberhoot.com/

Fresh from his keynote on the 'First Decade of Corporate Ransomware', Mikko talks ransomware gangs, AI, quantum computing and the role of cyber in modern conflicts. This is an episode you don't want to miss.

About Mikko Hypponen

Mikko is a cybersecurity expert, speaker and author and currently the Chief Research Officer at WithSecure. He is well known for the Hypponen Law of IoT Security: "If It's Smart, It's Vulnerable," which is also the title of his latest book, which has been translated into five languages. During his long career - which has lasted over 30 years - he has accomplished many notable career achievements: he was selected as one of the 50 most important people on the web by the PC World magazine, and was included in Foreign Policy’s Top 100 Global Thinkers list. Mikko is an accomplished speaker, regularly presenting at prestigious conferences around the world like TED, SXSW, Black Hat, DEFCON, RSA, and more.

Mikko's Website: https://mikko.com/

WithSecure Website: https://www.withsecure.com/en/home

Mikko's Linkedin: https://www.linkedin.com/in/hypponen/

Mikko's X: https://twitter.com/mikko

The incident saw a threat actor gain access to a partner portal using dummy credentials. They then proceeded to scrape 49M records using a poorly secured API, requesting 5,000 records per hour for almost three weeks.

Watch the full episode as Jeremy and Viktor cover what want wrong and how to protect your APIs against similar attacks.

Subscribe to Modern Cyber with Jeremy Snyder to get instant access to all episodes including these 'Breach Alert' specials as they happen.

Sources:

https://www.bleepingcomputer.com/news/security/dell-warns-of-data-breach-49-million-customers-allegedly-affected/

https://www.pcworld.com/article/2328519/dell-data-breach-includes-your-id-and-detailed-hardware-info.html

https://techcrunch.com/2024/05/09/dell-discloses-data-breach-of-customers-physical-addresses/

https://www.securityweek.com/dell-says-customer-names-addresses-stolen-in-database-breach/

About Evgeniy Kharam

With decades of cybersecurity experience, Evgeniy Kharam has worn many hats during his long and storied career. Beginning on the technical frontlines as a firewall deployment engineer, Evgeniy has served as cybersecurity architect, VP, CISO, evangelist, consultant, advisor and speaker. Evgeniy is also the co-founder and host of both the Security Architectures Podcast and Cyber Inspiration Podcast as well as organizing the unique 'Ski & Snowboard Cybersecurity Conference'.

LinkedIn - https://www.linkedin.com/in/ekharam/

SSCC Website - https://thesscc.ca/

About Joe Saunders

Joe Saunders is the CEO of RunSafe Security, a cybersecurity company specializing in protecting critical infrastructure against memory-based vulnerabilities. With an extensive background in cybersecurity, Joe leads RunSafe in its mission to make the world a safer place by fundamentally changing the economics of cyber defense.

RunSafe Website - https://runsafesecurity.com/

Joe Saunders Linkedin - https://www.linkedin.com/in/joesaunders/

Join the conversation as Sounil shares insights into the complexities of cybersecurity governance and risk management. Learn how organizations can adapt to evolving threats and build robust cybersecurity frameworks tailored to their needs.

About Sounil Yu:

Sounil Yu is a cybersecurity luminary with a rich background as a former CISO and chief security scientist at Bank of America. He is renowned for his groundbreaking work in reshaping cybersecurity approaches, notably creating the Cyber Defense Matrix and the DIE triad.

As the Co-founder of Knostic, Sounil continues to push boundaries in the industry, offering innovative solutions to cybersecurity challenges. His expertise and thought leadership have earned him recognition as a leading figure in the cybersecurity community.

Knostic Website: https://www.knostic.ai/

Today’s episode of the Modern Cyber podcast will examine the Essential 8 in the context of cyber security to see how relevant it is today. Listen as they compare and contrast the E8 to the ISM in terms of what they address and what they lack.

Stay tuned to hear about how breaches can actually help team’s bolster their security postures and learn the best things you can do for your security posture, per Jeremy and Toby’s expertise. Whether a seasoned cybersecurity expert or a novice, this episode offers fresh cybersecurity perspective.

About Toby Amodio

Toby has previously held the Chief Information Security Officer roles at Australian Parliament House (Department of Parliamentary Services) and Australian Taxation Office. He is currently consulting with MF and Associates a Fujitsu company into Federal Government. Toby is a father to two young kids and is constantly trying to balance work, life and compliance.

Toby’s LinkedIn: https://www.linkedin.com/in/toby-amodio-a58041b4/

MF & Associates: https://www.mfassociates.com.au/about-us

About Jeremy Snyder

Jeremy is founder and CEO at FireTail, an end-to-end API security platform that offers the inline, real-time, application-layer data needed to deliver true API security. Prevent breaches and protect your APIs from code to cloud with FireTail.

https://www.firetail.io

Jeremy and Dan discuss Dan's journey in cloud security, finding unintended and interesting uses for technology, modern attack paths, dealing with incidents when they happen and the importance of principles.

About Dan Grzelak:

Dan Grzelak is Chief Innovation Officer at Plerion where he leads technical security reasearch and evangelism for the cloud security platform. A seasoned CISO, Dan previously worked at Linktree and Atlassian.

Dan's Linkedin - https://www.linkedin.com/in/danielgrzelak/

Plerion Website - https://plerion.com/

Plerion Blog - https://blog.plerion.com/

About Ian McKay

Ian McKay is not only a revered AWS Community Hero but also serves as a Cloud Principal at Kablamo, where he leads the charge in driving cloud transformation and security initiatives. With years of hands-on experience and a passion for innovation, Ian is on a mission to revolutionize the cybersecurity landscape. As the mastermind behind Forma 2, IAM Live, Permissions Cloud, and IAM Dataset, Ian's groundbreaking open-source projects are setting new standards in cloud security. Stay connected with Ian on social media and explore his thought-provoking research on his blog.

Connect with Ian:Twitter: https://twitter.com/IANN0036

LinkedIn: https://www.linkedin.com/in/ian-mckay-431408156/

GitHub: https://github.com/IANN0036

Explore Ian's Research:

Blog: https://onecloudplease.com/

Tune in now to gain invaluable insights from Ian's expertise as a Cloud Principal at Kablamo and unlock the secrets to fortifying your digital infrastructure against evolving threats. Don't miss out on this enlightening conversation shaping the future of cloud security!

Join Jeremy and Christine as they explore the evolving landscape of cybersecurity, sharing valuable perspectives and practical advice for businesses looking to navigate the complexities of modern security challenges. Whether you're a seasoned cybersecurity professional or just starting out in the field, this episode offers valuable insights and actionable strategies to help you stay ahead in today's cyber-threat landscape.Don't miss out on this engaging discussion packed with expert insights and real-world examples. Tune in now to gain a deeper understanding of exposure management, regulatory compliance, and the future of cybersecurity in the digital age.

About Christine Bejerasco

Christine is the Chief Information Security Officer at WithSecure and a member of the Forbes Technology Council. She previously served as CTO at WithSecure and she has more than 20 years in the cybersecurity industry. Coming from a technical malware/threat-analysis background, Christine has always remained 'hands-on' in cybersecurity. She's seen the threat landscape evolve and she has worked as a researcher and a leader of diverse global teams with really varied backgrounds.

Christine Bejerasco Linkedin - https://www.linkedin.com/in/christinebejerasco/

WithSecure Website - https://www.withsecure.com/en/home

‍Why 2024 Will Be The Year Of Exposure Management by Christine Bejerasco for Forbes - https://www.forbes.com/sites/forbestechcouncil/2024/02/13/why-2024-will-be-the-year-of-exposure-management/

‍About Jeremy Snyder

Jeremy is founder and CEO at FireTail, an end-to-end API security platform that offers the inline, real-time, application-layer data needed to deliver true API security. Prevent breaches and protect your APIs from code to cloud with FireTail.

‍https://www.firetail.io

From discussing real-world examples of cyber threats to exploring the impact of political decisions on global cybersecurity landscapes, Jeremy and Anthony cover it all. They delve into the intricacies of cybersecurity for small to medium-sized businesses (SMBs), highlighting the challenges faced by these organizations in the face of evolving cyber threats.Join the conversation as they explore the trade-offs between best-in-breed and best-of-suite cybersecurity solutions, the accelerating trend of consolidation in the cybersecurity space, and the importance of integrating security into the fabric of business operations.Don't miss out on valuable insights into the ever-changing world of cybersecurity and how organizations can stay ahead of the curve.

About Anthony Johnson

Anthony Johnson is a former CISO at multiple Fortune 100 companies, Fannie Mae, JP Morgan Chase Corporate Investment Bank and GE Treasury included. He's currently a Managing Partner at Delve Risk, a market research firm focused on cybersecurity and innovative technologies.He's a sitting board member of multiple companies, a mentor and coach to multiple Fortune 500 CISOs, and an active advisor and investor to a number of cybersecurity startups.Antony Johnson

Linkedin - https://www.linkedin.com/in/anthony-johnson-delverisk/

‍Delve Risk Website - https://delverisk.com/

‍About Jeremy Snyder

Jeremy is founder and CEO at FireTail, an end-to-end API security platform that offers the inline, real-time, application-layer data needed to deliver true API security. Prevent breaches and protect your APIs from code to cloud with FireTail. ‍https://www.firetail.io

‍

Guest Bio – Noora Ahmed-Moshe

Noora is the Vice President of Strategy and Operations at Hoxhunt, where she works with internal teams, customers, and partners to develop the future of Human Risk Management. With a strong focus on the human side of cybersecurity, she is an advocate for the importance of culture in driving secure behaviours, and in bridging the gap between technology and human interaction. Noora’s career spans 20 years of digital product and strategy development across industries in the UK and in Finland.

Hoxhunt Website - https://hoxhunt.com/

AI Powered Phishing Outperforms Elite Cybercriminals in 2025- https://hoxhunt.com/blog/ai-powered-phishing-vs-humans

‍

About Sounil Yu:

Sounil Yu is a cybersecurity luminary with a rich background as a former CISO and chief security scientist at Bank of America. He is renowned for his groundbreaking work in reshaping cybersecurity approaches, notably creating the Cyber Defense Matrix and the DIE triad. As the Co-founder of Knostic, Sounil continues to push boundaries in the industry, offering innovative solutions to cybersecurity challenges. His expertise and thought leadership have earned him recognition as a leading figure in the cybersecurity community.

In the News 1 - https://therecord.media/tracfone-16-million-to-settle-fcc-investigation

In the News 2 - https://cyberscoop.com/fcc-tracfone-wireless-reach-16m-cyber-and-privacy-settlement/

The Full Consent Decree : https://docs.fcc.gov/public/attachments/DA-24-481A1.pdf

FCC Statement: https://docs.fcc.gov/public/attachments/DOC-404156A1.pdf

OWASPI API Top 10: https://owasp.org/API-Security/editions/2023/en/0x11-t10/

Key Stories & Developments:

• G-Obliteration Attack: Microsoft security researchers discovered a one-prompt training technique that strips safety alignment from LLMs. By leveraging Group Relative Policy Optimization (GRPO), attackers can use a single mild prompt to cause cross-category generalization of harm. This effectively removes guardrails across 15 open-source models while preserving their utility.
• Orchids Vibe-Coding Hack: A BBC reporter was hacked on Orchids, a popular "vibe-coding" platform. A security researcher demonstrated a malicious code injection that compromised the user's development environment.
• AI vs. Legacy Email Security: AI-powered cyberattacks are successfully bypassing 88% of legacy email security systems. Attackers are utilizing LLMs to generate highly authentic phishing and impersonation content at scale.
• AI Doctors Evade Privacy Rules: AI-powered health services are not subject to the same strict privacy regulations as traditional healthcare facilities. This raises concerns around data leaks and medical hallucinations.
• OpenClaw Info Stealer: A variant of the Vidar info-stealer is targeting the OpenClaw ecosystem. The attack aims to exfiltrate configuration files and gateway authentication tokens.
• OpenClaw Founder Joins OpenAI: Peter Steinberger, the creator of the OpenClaw framework, has joined OpenAI. The OpenClaw project will transition to an open-source foundation supported by OpenAI.
• Claude's Geopolitical Role: Reports indicate that Anthropic's Claude was utilized via the Palantir platform during a US military raid in Venezuela. This raid led to the capture of Nicolas Maduro.
• ASIS AI Safety Report 2026: The International AI Safety Report highlights three emerging risks. These include the lowered barrier for biological weapons, the surge in deepfakes and fraud, and the difficulty of safety research.

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo

Episode Links

https://www.microsoft.com/en-us/security/blog/2026/02/09/prompt-attack-breaks-llm-safety/

https://www.bbc.com/news/articles/cy4wnw04e8wo

https://www.cpapracticeadvisor.com/2026/02/09/study-ai-powered-cyber-attacks-hit-88-of-legacy-email-security-systems/177694/

https://cyberscoop.com/ai-healthcare-apps-hipaa-privacy-risks-openai-anthropic/

https://thehackernews.com/2026/02/infostealer-steals-openclaw-ai-agent.html

https://techcrunch.com/2026/02/15/openclaw-creator-peter-steinberger-joins-openai/

https://www.theguardian.com/technology/2026/feb/14/us-military-anthropic-ai-model-claude-venezuela-raid

https://www.asisonline.org/security-management-magazine/latest-news/today-in-security/2026/february/2026-international-safety-report/