This episode of Security Intelligence delves into three critical cybersecurity topics: the implications of AI agents managing passwords, the impact of AI on vulnerability discovery and "Patch Tuesday" volumes, and the C-suite's evolving appetite for cyber risk in pursuit of innovation. Experts discuss the promises, pitfalls, and necessary strategic shifts in an AI-driven security landscape.
A deep dive into the 2026 IBM X-Force Threat Intelligence Index, exploring the shift to exploiting public-facing applications, the rise of AI agent-related threats, critical AI infrastructure flaws, and the need for a more human-centric approach to threat intelligence.
Experts discuss Gartner's advisory to ban AI browsers due to significant security risks like zero-click attacks. The conversation expands to the role AI vendors should play in threat intelligence, the frustrating persistence of old software vulnerabilities on the MITRE Top 25 list, the conditional safety of social logins, and a novel 'bring-your-own-virtual-machine' attack that bypasses traditional endpoint security.
This podcast episode dives into critical cybersecurity topics, starting with Gartner's warning to ban AI browsers in the workplace due to significant security risks, like zero-click exploits. The conversation then broadens to the role of AI model providers in the threat intelligence community, questioning their responsibility in sharing data after attacks. The panel also analyzes MITRE's latest list of top software weaknesses, the pros and cons of using social logins (SSO), and a novel 'bring-your-own-virtual-machine' attack vector that challenges traditional endpoint security.
Experts discuss the weaponization of AI in cybercrime, from "vibe hacking" that lowers the barrier for attackers, to frameworks like HexStrike AI enabling AI agent armies. The conversation covers new extortion tactics and the evolution of malware like Remote Access Trojans (RATs).
Anthropic's Threat Intelligence team discusses their new report on how AI models are being used in sophisticated cybercrime operations. They cover the concept of "vibe hacking," a large-scale employment scam run by North Korea, and Anthropic’s multi-layered strategy to detect and counteract these threats.