This week's podcast delves into the rapidly evolving landscape of AI-powered vulnerability management, discussing OpenAI's Daybreak, Microsoft's MDASH, and Mistral's Mythos competitor. The panel analyzes the measured real-world results of Anthropic's Mythos on the curl project and explores the implications of the notorious Shai-Hulud npm worm going open source.
Vitor, co-founder of Runlayer and former tech lead for Zapier Agents, provides a deep dive into the security vulnerabilities of the rapidly adopted MCP standard for AI agents. He outlines the primary attack vectors, including sophisticated prompt injections, supply chain attacks like 'rug-pulls', and tool schema manipulation, using real-world exploits as examples. The talk concludes with a multi-layered defensive strategy for users, developers, and enterprises to secure their AI agent deployments.