Security Intelligence Podcast

IBM

Security Intelligence is a weekly news podcast for cybersecurity pros who need to stay ahead of fast-moving threats. Each week, we cover the latest threats, trend, and stories shaping the digital landscape, alongside expert insights that help make sense of it all. Whether you’re a builder, defender, business leader or simply curious about how to stay secure in a connected world, you’ll find timely updates and timeless principles in an accessible, engaging format. New episodes weekly on Wednesdays at 6am EST.

  1. Is open source safe? Featuring Mixture of Experts

    1 DAY AGO

    Is open source safe? Featuring Mixture of Experts

    Is open source good? Bad? Some secret third thing? Is this a silly question to even ask? In this special crossover episode of Security Intelligence and Mixture of Experts, we bring together AI and security experts to address one of the thorniest questions in tech right now: How do you enjoy the unique benefits of open source AI while managing its very real risks? MoE stalwarts Gabe Goodhart and Martin Keen join SI all-star Jeff Crume to dig into: Why open source is foundational to AI innovation Security concerns of both proprietary and open source AI infrastructure The difference between "secure" and “securable” And a whole lot more! Along the way, we hash out a robust, nuanced picture of the relationships between AI, security and open source. Go beyond the buzzwords to what really matters on this week’s episode of Security Intelligence. The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence

    25 min
  2. Should you let OpenClaw pen test your system? Plus: Cybersecurity for ephemeral software

    22 APR

    Should you let OpenClaw pen test your system? Plus: Cybersecurity for ephemeral software

    Learn more about how enterprises confront agentic attacks → https://newsroom.ibm.com/2026-04-15-ibm-announces-new-cybersecurity-measures-to-help-enterprises-confront-agentic-attacks Sophos let OpenClaw run wild on its network (sort of). It wasn’t as bad an idea as it sounds! With a few guardrails and restrictions in place, the security software firm turned OpenClaw into a serious little pen tester, surfacing “23 actionable, high-quality findings.” But is this a sustainable model for introducing AI agents to the security process? And how do we deal with the inevitable friction between a model meant to find exploits and the guardrails telling it to do no harm? This week, host Matt Kosinski and panelists Claire Nuñez, Dave McGinnis and Kimmie Farrington discuss the wisdom and folly of letting an AI agent pen test your system. Plus: We dig into Bruce Schneier’s thoughts on “security in the age of instant software” and a report from CipherCue that ransomware is growing three times faster than security spending. All that and more on Security Intelligence. Segments: 00:00 – Intro 1:07 -- OpenClaw as a pen tester 14:23 -- Cybersecurity for instant software 25:36 -- Ransomware outpaces security spending The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence

    36 min
  3. GPT-5.4-Cyber: What you need to know

    16 APR

    GPT-5.4-Cyber: What you need to know

    Earlier this week, OpenAI dropped GPT-5.4-Cyber, a “cyber-permissive” variant of GPT-5.4 . Basically: It's lets you do some things in the name of security research and defense that you can’t normally do with a regular GPT model. But you have to prove you’re a cybersecurity pro with good intentions to get access. On this bonus episode of Security Intelligence, Jeff Crume and Martin Keen join host Matthew Kosinski to break down what the new model means for cybersecurity and the big picture trends driving the evolution of LLMs. The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence

    12 min
  4. Claude Mythos: Marketing hype or the end of cybersecurity?

    15 APR

    Claude Mythos: Marketing hype or the end of cybersecurity?

    Anthropic says its newest AI model, Claude Mythos, has found thousands of zero-day vulnerabilities across every major OS and web browser. It's so powerful, they won't release it publicly. Instead, they’re restricting access to a handful of trusted partners, who get to experiment with Mythos through a new initiative called Project Glasswing. Where does that leave the rest of us, who don’t get to tinker with perhaps the most advanced model yet? This week on Security Intelligence, Sridhar Muppidi, Michelle Alvarez, and Dustin “EvilMog” Heywood join host Matt Kosinski to discuss what Mythos and Glasswing really mean for the average security pro. How much is hype? How much is the real deal? And how could this limited release backfire? Then: The FBI’s 2025 Internet Crime Report saw scam losses jump 26%, and Accenture found a 127% increase in malicious hackers trying to recruit the employees of their targets. All that and more on Security Intelligence. Segments: 00:00 – Intro 1:22 -- Claude Mythos and Project Glasswing 12:26 -- The 2025 Internet Crime Report 20:19 -- Attackers recruiting more insiders The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Read more about AI raising cybersecurity stakes → https://www.ibm.com/think/news/anthropic-claude-ai-mythos-project-glasswing-raises-stakes-cybersecurity Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence

    30 min
  5. The Claude Code source code leak: Takeaways for cybersecurity pros

    8 APR

    The Claude Code source code leak: Takeaways for cybersecurity pros

    What happens when one of the world’s most popular AI coding tools falls into the wrong hands? On this episode of Security Intelligence, Nick Bradley, Dave Bales and JR Rao discuss the Claude Code source code leak. Attackers are already using the opportunity to spread malware through fake repos, but the real question is how threat actors might use their newfound knowledge of Claude Code’s internals to wreak havoc on AI agents and the CI/CD pipeline. Then, we follow up on our old friends TeamPCP, Shiny Hunters and Lapsus$, whose overlapping data breach claims are causing no small amount of confusion and consternation among security pros. We examine the credential rotation problem and the uneven security surface of modern supply chains that helped get us in this mess. Plus: Threat intelligence usually focuses on attacks that did happen. But what if we started talking about the ones that didn’t? And do cybercriminals have anything to teach us about “mature” AI adoption? Some big names seem to think so. All that and more on Security Intelligence. Segments: 00:00 – Intro 1:12 -- The Claude Code leak 11:19 -- TeamPCP’s breach spree 21:21 -- “Close-call” databases 29:28 -- Cybercrime and AI adoption The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence

    42 min
  6. Promptware, cloud security trends for 2026, and what the Xbox One hack means for cybersecurity

    2 APR

    Promptware, cloud security trends for 2026, and what the Xbox One hack means for cybersecurity

    Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence Someone finally cracked the Xbox One after 13 years. Here’s why security pros should care. On this episode of Security Intelligence, panelists Ian Molloy, Seth Glasgow and Kimmie Farrington discuss the Xbox One hack presented at RE//verse 2026. More than just a neat story of one hacker’s ingenuity, there are some important takeaways for practitioners here. But before that, we get into promptware, a new model for understanding attacks on LLMs that goes beyond the basics of prompt injections. Formulated by a handful of prominent cybersecurity researchers, including Bruce Schneier, promptware urges defenders to start thinking about the full AI attack kill chain, not just the front door. Then we dive into a new analysis of cloud attack trends from IBM X-Force's Omari Jones, which finds that cybercriminals are targeting cloud ecosystems rather than cloud infrastructure. How do we need to shift our own mindsets to counter this? Meanwhile, Google Threat Intelligence Group and Coveware find ransomware gangs increasingly ditching their flashy external tools in favor of PowerShell and other built-in system utilities—making detection significantly harder. And Chuck Everette's Dark Reading op-ed raises a question that doesn't get enough airtime: With everyone focused on cutting-edge AI tech, what about the downright ancient OT systems and PLCs that underpin large swaths of American critical infrastructure? All that and more on Security Intelligence. In this episode: 00:00 – Introduction 1:01 -- From prompt injection to promptware 11:15 -- Cloud security trends 2026 19:59 -- Ransomware attackers live off the land 28:53 -- OT security: cybersecurity’s “rusting edge” 34:41 -- The Xbox One hack The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Cloud attacks are evolving: What 2025 trends mean for defenders in 2026 → https://www.ibm.com/think/x-force/cloud-attacks-evolving-what-2025-trends-mean-defenders-2026

    41 min
  7. RSA recap, the LiteLLM breach, and the quest to fix AI

    2 APR

    RSA recap, the LiteLLM breach, and the quest to fix AI

    LiteLLM is a nifty little Python library that gives you access to about 100 different AI services through one API. It gets an estimated 3.4 million downloads a day. And last week, it was turned into a Trojan horse, distributing infostealers to hundreds of thousands of devices. (At least, that’s what TeamPCP says—the hackers behind the LiteLLM breach and a slew of other high-profile software supply chain attacks in recent weeks.) Quote Andrej Karpathy: This is “basically the scariest thing imaginable in modern software.” On this episode of Security Intelligence, Suja Viswesan, Dave McGinnis and Jeff Crume help us break down the LiteLLM breach and the broader campaign TeamPCP is waging. We’re also joined by HashiCorp Field CTO Jake Lundberg in the first segment for a discussion of how organizations are trying—with varying degrees of success—to tackle the agentic AI problem. AI agents are identities—but identities our existing frameworks weren’t built to house. Simply porting existing human and non-human identity management practices onto them won’t cut it. But the question remains: What do we need instead? All that and more on Security Intelligence. 00:00 – Intro1:13 – Who will fix AI agent security? 21:17 – RSAC 2026 Recap 29:31 – 2026’s most dangerous cyberattacks 40:45 – The LiteLLM breach The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.

    49 min
  8. Cryptocurrency: The most misunderstood technology in cybersecurity

    27 MAR

    Cryptocurrency: The most misunderstood technology in cybersecurity

    Most cybersecurity pros only run into cryptocurrency when they’re dealing with ransomware gangs demanding payouts in Bitcoin. But what if crypto infrastructure were more than just a means of money laundering? In this episode of IBM’s Security Intelligence podcast, X-Force threat intelligence consultant Austin Zeizel makes the case that blockchain — the decentralized ledger underlying many cryptocurrency systems — has powerful, largely untapped applications for cybersecurity. In fact, Austin makes a pretty convincing argument that blockchain could be the key to a genuinely zero trust architecture. We also get into how cybercriminals actually exploit cryptocurrency — coin mixers, non-KYC exchanges, the pseudonymous nature of Bitcoin — and why understanding those mechanics matters for defenders. The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence

    23 min
See All (39)

About

Security Intelligence is a weekly news podcast for cybersecurity pros who need to stay ahead of fast-moving threats. Each week, we cover the latest threats, trend, and stories shaping the digital landscape, alongside expert insights that help make sense of it all. Whether you’re a builder, defender, business leader or simply curious about how to stay secure in a connected world, you’ll find timely updates and timeless principles in an accessible, engaging format. New episodes weekly on Wednesdays at 6am EST.

Information

You Might Also Like