This Week in AI Security - 16 October 2025

This Week in AI Security - 16 October 2025

In this week's episode of This Week in AI Security, Jeremy covers four key developments shaping the AI security landscape.

Jeremy begins by analyzing a GitHub Copilot flaw that exposed an LLM vulnerability similar to the one Jeremy disclosed last week. Researchers were able to use a hidden code comment feature to smuggle malicious prompts into the LLM, allowing them to potentially exfiltrate secrets and source code from private repositories. This highlights a growing risk in how LLMs process different input formats.

Next, we discuss a fascinating research paper demonstrating the effectiveness of data poisoning. The study found that corrupting a model's behavior was possible with as few as 250 malicious documents—even in models with large training sets. By embedding a malicious command that mimicked sudo, researchers could implement a backdoor that sends data out, proving that the Attack Success Rate (ASR) is a critical metric for this real-world threat.

We then examine a story at the intersection of agentic AI and supply chain risk, where untrusted actors exploited vulnerabilities in AI development plugins. By intercepting system prompts that lacked proper encryption, an attacker could discover the agent's permissions and potentially exfiltrate sensitive data, including Windows NTLM credentials.

Finally, we look at the latest State of AI report, which provides further confirmation that LLMs like Claude are being used by malicious actors—specifically suspected North Korean state actors—to "vibe hack" the hiring process. By using AI to create perfect-looking resumes and tailored interview responses, the traditional method of spotting phony candidates by poor text quality is no longer reliable.

Episode Links:

Discover all of your Shadow AI now...

Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform.

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(120)

This Week in AI Security - 2nd July 2026

This Week in AI Security - 2nd July 2026

A lighter week on volume, which gives Jeremy room to go deeper on a set of stories that all reinforce trends we've been tracking for months. The through-line: prompts keep showing up in places nobody ...

2 Heinä 12min

This Week in AI Security - 25th June 2026

This Week in AI Security - 25th June 2026

This week's episode is short but loaded. Jeremy walks through a run of stories where AI is reshaping both sides of the security fight at once. Models are now surfacing decades-old vulnerabilities that...

2 Heinä 13min

Taylor Hersom of Eden Dta

Taylor Hersom of Eden Dta

In this episode of Modern Cyber, Jeremy is joined by Taylor Hersom, Founder of Eden Data, to explore the critical intersection of cybersecurity, compliance, and enterprise growth.They discuss why star...

24 Kesä 42min

This Week in AI Security - 18th June 2026

This Week in AI Security - 18th June 2026

In this episode, Jeremy explores the fallout of the first US government-mandated global model kill switch, an unprecedented action taken against Anthropic's new Fable model. We also examine CISA's rad...

18 Kesä 14min

Kenneth Ellington of Ellington Cybersecurity Academy

Kenneth Ellington of Ellington Cybersecurity Academy

In this episode of Modern Cyber, Jeremy sits down with Kenneth Ellington, founder of Ellington Cyber Academy, to explore the rapidly evolving landscape of SIEM engineering, threat hunting, and automat...

16 Kesä 30min

This Week in AI Security - 11th June 2026

This Week in AI Security - 11th June 2026

In this episode, Jeremy explores how the automated "Vulnpocalypse" is officially manifesting in enterprise networks. As Microsoft logs a historic record-shattering Patch Tuesday to keep pace with AI-a...

11 Kesä 12min

Nick Cawthon of Guage

Nick Cawthon of Guage

In this episode of Modern Cyber, Jeremy sits down with Nick Cawthon, an enterprise-scale design strategist and user experience researcher, to explore the critical and frequently neglected relationship...

9 Kesä 38min

This Week in AI Security - 4th June 2026

This Week in AI Security - 4th June 2026

In this week's episode, Jeremy reports live from the sidelines of Infosecurity Europe in London. As state-sponsored actors turn to thousands of automated recursive prompts to weaponize zero-days, the ...

4 Kesä 14min

Suosittua kategoriassa Liike-elämä ja talous

sijotuskasti
psykopodiaa-podcast
mimmit-sijoittaa
ostan-asuntoja-podcast
rss-oivalluksia-rahasta-elamasta
rss-rahapodi
rahapuhetta
rss-sami-miettinen-neuvottelija
rss-rahamania
rss-markkinointitrippi
rss-inderes
syo-nuku-saasta
vapauta-supervoimasi-podcast
asuntoasiaa-paivakirjat
rss-kahavia-ja-markkinointia-podcast
rss-kaikki-koroista
rss-ammattipodcast
rss-stressivapaa-johtaja-nakokulmia-henkilokohtaiseen-kasvuun
rss-perho-rajoilla
rss-ainin-sekatoimisto