Cybersecurity Today Month in Review: AI Coding Risks, Canvas Breach, QR Phishing Surge
Cybersecurity Today9 Mai

Cybersecurity Today Month in Review: AI Coding Risks, Canvas Breach, QR Phishing Surge

This week's panel dives into the cybersecurity stories that matter most for security leaders, IT teams, and anyone watching how AI is changing risk.

Jim Love is joined by David Shipley (Beauceron Security), Laura Payne (White Tuque), and Jeff Williams (Contrast Security).

Cybersecurity Today would like to thank Material Security for supporting this podcast. Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. Contact them at material[dot]security


Topics include:

Anthropic's Mythos AI security research and whether large language models can realistically replace traditional vulnerability testing
Why "vibe coding" may be creating a wave of insecure software
The growing risk of autonomous AI agents making damaging decisions
The massive Instructure Canvas data breach affecting schools, students, and educators
Alberta's voter list privacy failure and what it says about public sector data protection
Microsoft's warning about the rapid surge in QR code phishing attacks bypassing traditional email security

AI is accelerating software development. It may also be accelerating software insecurity.

If your organisation is experimenting with AI coding tools, AI agents, or automated application development, this conversation is worth your time.

#Cybersecurity #AI #DataBreach #QRPhishing #ApplicationSecurity #VibeCoding #Canvas #CyberSecurityToday #JimLove

00:00 Sponsor Message
00:22 Meet the Panel
00:55 Jeff Williams Introduction
02:21 AI Bug Hunting with Mythos
05:40 Cost and Limits of AI Security Testing
10:16 The Vibe Coding Security Problem
13:24 Context Window and Data Flow Limits
16:59 Spec-Driven AI Development
18:29 Software Liability and EU Regulation
24:47 When AI Agents Go Rogue
27:05 Trust in the AI Era
28:24 Enterprise Reality Check
29:03 Critical Thinking vs AI
30:31 Testing AI Agents Safely
31:30 Canvas Data Breach Fallout
34:45 Real-World Data Harm
38:00 Liability and Attack Methods
41:39 Alberta Voter List Privacy Failure
48:56 Government Breach Lessons
51:26 QR Code Phishing Surge
55:00 Wrap Up and Sponsor

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(100)

Cybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl Biswas

Cybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl Biswas

Host David Shipley speaks with cybersecurity professional Cheryl Biswas about her journey into the industry and why she believes Arctic sovereignty must be viewed as a cybersecurity challenge as much ...

29 Mai 29min

CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill

CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill

CISA has ordered U.S. federal civilian agencies to urgently patch an actively exploited critical Drupal SQL injection vulnerability (CVE-2026-9082) affecting PostgreSQL-backed Drupal deployments, afte...

27 Mai 10min

AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage

AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage

Is AI about to trigger a cybersecurity vulnerability explosion? In this episode of Cybersecurity Today, David Shipley examines what some researchers are calling the early signs of a "vulnerability apo...

25 Mai 13min

Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

The episode recounts how GitGuardian security researcher Guillaume Valadon, while monitoring public GitHub for leaked secrets, discovered a publicly accessible repository labeled "CISA-Private" contai...

23 Mai 26min

GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill

GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill

GitHub confirms a major supply chain breach after a malicious Visual Studio Code extension reportedly gave attackers linked to TeamPCP access to roughly 3,800 internal repositories. The bigger issue: ...

22 Mai 9min

Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today

Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today

A serious new Windows 11 BitLocker vulnerability, open-sourced offensive malware tools, a suspected Iranian cyber campaign targeting U.S. fuel infrastructure, and malware that appears designed to inte...

20 Mai 13min

Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws

Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws

A dangerous new Microsoft Exchange zero-day is being actively exploited, ransomware gangs are adopting nation-state-style tactics, two fired contractors were caught deleting U.S. government databases ...

19 Mai 12min

Inside CIRA: How Canada's .ca Registry Became a Global DNS & Cybersecurity Force

Inside CIRA: How Canada's .ca Registry Became a Global DNS & Cybersecurity Force

David Shipley interviews Jon Ferguson, VP at CIRA, about how the Canadian Internet Registration Authority evolved from early paper-based .ca registrations at UBC into a 142-person, member-based not-fo...

16 Mai 53min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
popradet
forklart
stopp-verden
fotballpodden-2
rss-espen-lee-usensurert
nokon-ma-ga
rss-gukild-johaug
hanna-de-heldige
dine-penger-pengeradet
det-store-bildet
rss-ness
aftenbla-bla
e24-podden
lydartikler-fra-aftenposten
rss-dannet-uten-piano
bt-dokumentar-2
rss-penger-polser-og-politikk