Modern Cyber with Jeremy Snyder

Jeremy Snyder

Looking for the latest news and views from the world of AI security? Welcome to Modern Cyber with Jeremy Snyder, a cutting-edge podcast series where cybersecurity thought leaders come together to explore the evolving landscape of digital security. In each episode, Jeremy engages with top cybersecurity professionals, uncovering the latest trends, innovations, and challenges shaping the industry. Also the home of 'This Week in AI Security', a snappy weekly round up of interesting stories from across the AI threat landscape.

  1. Taylor Hersom of Eden Dta

    4d ago

    Taylor Hersom of Eden Dta

    In this episode of Modern Cyber, Jeremy is joined by Taylor Hersom, Founder of Eden Data, to explore the critical intersection of cybersecurity, compliance, and enterprise growth. They discuss why startups often overinvest in technical security tools while underinvesting in the actual foundation of customer trust. Taylor unpacks how compliance frameworks like SOC 2 and ISO 27001 act as a powerful "trust escrow" for businesses and explains the complex nuances of the Cybersecurity Maturity Model Certification (CMMC) for government contractors and their subcontractors. The conversation also tackles the escalating challenge of shadow IT driven by AI tools, the urgent need for structured AI governance, and why the cybersecurity industry must shift away from relying on static employee policies toward implementing automated technical controls that eliminate human error entirely. About Taylor Hersom Taylor is the Founder of Eden Data, a modern cybersecurity firm recently acquired by Riveron, where it now plays a key role in expanding the firm’s risk advisory platform. A former Deloitte leader and CISO, Taylor brings deep expertise in governance and compliance frameworks, including SOC 2, ISO 27001, and HIPAA. Since founding Eden Data, he has helped hundreds of startups and scaleups—including Nooks AI, Zendesk, Bitly, and Kindbody—navigate everything from early-stage compliance to IPO readiness. He has earned Partner of the Year awards four years in a row from Drata. With his background, Taylor speaks to the evolving intersection of cybersecurity, compliance, and enterprise growth, showing how trust can be a powerful driver of business success. Episode Links Eden Data: https://www.edendata.com/ Taylor Hersom on LinkedIn: https://www.linkedin.com/in/taylorhersom/

    42 min
  2. This Week in AI Security - 18th June 2026

    Jun 18

    This Week in AI Security - 18th June 2026

    In this episode, Jeremy explores the fallout of the first US government-mandated global model kill switch, an unprecedented action taken against Anthropic's new Fable model. We also examine CISA's radical new 3-day vulnerability remediation timeline and how autonomous threats are now weaponizing application monitoring software. Key Episode Highlights: The Global Kill Switch: Just five days after launch, the US Department of Commerce invoked a sweeping export control directive against Anthropic's Claude Fable model after an Amazon-discovered jailbreak was flagged to national security officials. This action triggered a total global deactivation, limiting access exclusively to US citizens.The "Lethal Trifecta" of Agent Hijacking: Toxic researchers define the critical conditions where AI agents become highly weaponizable: concurrent access to sensitive data, exposure to untrusted external content, and the ability to execute outbound actions.Sentry "Agentjacking": Attackers are injecting malicious Markdown into standard Sentry error logs to bypass WAF and EDR tools, silently hijacking the AI agents developers deploy to automatically triage and fix code errors.CISA BOD 2026-04: As the "Vulnpocalypse" pushes the projected 2026 vulnerability count to 66,000, CISA has issued an emergency Binding Operational Directive that slashes the required patching timeline for critical software flaws down to a blistering 3 days.Hugging Face Framework RCE: A newly disclosed critical vulnerability (CVE-2026-4372) proves that a single polluted line in a Hugging Face configuration file can grant full Remote Code Execution on enterprise inference servers.The Shai-Hulud Miasma: A sophisticated 4.6MB payload is now exploiting static code analysis within AI development pipelines. The worm intentionally embeds instructions regarding heavily restricted topics (e.g., bomb-making) into error logs to intentionally trigger LLM safety halts, effectively blinding AI security monitoring tools. Episode Links https://unit42.paloaltonetworks.com/hijacking-vertex-ai-model/ https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html https://blog.securityjoes.com/post/shai-hulud-miasma-when-a-supply-chain-worm-learned-to-hijack-ai-coding-agents https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html https://thehackernews.com/2026/06/144-mastra-npm-packages-compromised-via.html https://www.brinztech.com/breach-alerts/brinztech-ai-infrastructure-alert-authentication-evasion-broken-access-controls-and-automated-agent-manipulation-the-in-the-wild-scanning-exploitation-loop-of-praisonai-cve-2026-44338 https://www.toxsec.com/p/agentic-ai-attacks-explained-lethal-trifecta https://cyberscoop.com/cisa-vulnerability-remediation-directive-bod-26-04/ https://www.helpnetsecurity.com/2026/06/15/first-2026-cve-forecast/ https://pluto.security/blog/unauthenticated-remote-code-execution-in-huggingface-transformers-via-config-injection/ https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html

    15 min
  3. Kenneth Ellington of Ellington Cybersecurity Academy

    Jun 16

    Kenneth Ellington of Ellington Cybersecurity Academy

    In this episode of Modern Cyber, Jeremy sits down with Kenneth Ellington, founder of Ellington Cyber Academy, to explore the rapidly evolving landscape of SIEM engineering, threat hunting, and automated incident response. As organizations transition from conceptual AI to deploying agentic AI in production environments, Kenneth shares his extensive hands-on expertise managing complex enterprise security operations across Splunk, Elastic, and Microsoft Sentinel architectures. The conversation dives deep into the realities of alert fatigue, explaining why security analysts remain overwhelmed by false positives and how proper data pipeline management is essential before any AI automation can be effectively introduced. Kenneth unpacks the historical shift from SIEMs acting as long-term historical audit records to highly optimized, real-time threat detection engines, while advocating for cost-effective security data lakes for extended threat hunting visibility. Then, the discussion tackles the nuances of implementing AI in highly regulated sectors like finance and healthcare, demystifying the difference between marketing buzzwords around SOAR platforms and genuinely actionable AI-assisted threat hunting workflows. Wrapping up, Kenneth shares raw insights into the harsh realities of breaking into the cybersecurity industry today, emphasizing the indispensable need for hard technical skills, strong soft skills, and resilient mental models for aspiring SOC analysts facing trial by fire. About Kenneth Kenneth Ellington is a Senior SIEM Engineer and cybersecurity entrepreneur, and the Founder of Ellington Cyber Academy (ECA), where he trains the next generation of detection engineers and threat hunters. He previously served as a Senior Consultant at EY, supporting enterprise security operations and SIEM engineering initiatives across complex environments. Kenneth specializes in detection engineering, threat hunting, and XDR architecture, with deep hands-on experience across Splunk, Elastic, and Sentinel ecosystems. He recently spoke at BSides St. Pete, sharing insights on real-world threat detection and building practical cyber talent pipelines. Episode Links Ellington Cyber Academy: https://www.ellingtoncyberacademy.com/Kenneth Ellington on LinkedIn: https://www.linkedin.com/in/kenneth-ellington/

    30 min
  4. This Week in AI Security - 11th June 2026

    Jun 11

    This Week in AI Security - 11th June 2026

    In this episode, Jeremy explores how the automated "Vulnpocalypse" is officially manifesting in enterprise networks. As Microsoft logs a historic record-shattering Patch Tuesday to keep pace with AI-accelerated discovery, a new breed of open-weight logic malware is emerging to change the threat landscape forever. Key Episode Highlights: The Record 206-CVE Patch Tuesday: Microsoft issues an unprecedented 206 CVE fixes in a single month, roughly double the historical average, signaling the direct impact of autonomous vulnerability scanners like Claude Mythos and ChatGPT Cyber Edition.LiteLLM Added to CISA's KEV: The recently disclosed LiteLLM vulnerability officially transitions into CISA’s Known Exploited Vulnerabilities (KEV) catalog following verified active exploitation in the wild.1,200% Surge in Deepfake Fraud: Google’s June 2026 Fraud Alert highlights an explosive rise in deepfakes, voice cloning, and synthetic identities, triggering a rollout of on-device security countermeasures for Pixel smartphones.20,225 Instagram Accounts Hijacked: Bad actors successfully compromised over 20,000 accounts by leveraging context window exhaustion against Meta’s automated AI customer support, causing stored ethical guardrails to completely fade out over long conversations.The Dawn of Reasoned Logic Malware: Academic researchers demonstrate an autonomous AI worm that brings a lightweight open-weight model directly onto compromised systems, navigating local environments dynamically using logical reasoning rather than static exploit checklists.The 6-Month Frontier Window: Internal policy intelligence indicates the United States has less than 6 to 12 months of standard lead time before Beijing achieves technical parity with the newest wave of hyper-advanced frontier model architectures. Episode Links https://www.helpnetsecurity.com/2026/06/08/instagram-ai-support-vulnerability-account-takeovers/https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.htmlhttps://www.helpnetsecurity.com/2026/06/03/autonomous-ai-worm-prototype/https://fortune.com/2026/06/03/a-new-ai-powered-computer-worm-could-prove-to-be-the-stuff-of-cybersecurity-nightmares/https://www.politico.com/news/2026/06/07/frontier-ai-cybersecurity-china-race-00952786https://www.reuters.com/technology/anthropic-rolls-out-public-version-mythos-without-cybersecurity-capability-2026-06-09/https://www.forbes.com/sites/zacharyfolk/2026/06/09/anthropic-releases-first-public-version-of-claude-mythos-with-major-safeguards/https://www.darkreading.com/vulnerabilities-threats/blame-ai-patch-tuesday-record-206-cveshttps://www.darkreading.com/cyber-risk/adaptive-agentic-ai-worms-enterprise-cyber-threathttps://www.forbes.com/sites/maribellopez/2026/06/04/enterprise-ais-security-time-bomb-is-ticking-cisco-shares-its-plan/https://www.toxsec.com/p/agentic-ai-attacks-explained-lethal-trifectahttps://www.webpronews.com/googles-june-2026-fraud-alert-exposes-ais-growing-role-in-sophisticated-online-scamshttps://www.bleepingcomputer.com/news/security/google-adds-android-protection-against-ai-deepfake-scam-calls/https://techcrunch.com/2026/06/03/instagram-is-alerting-users-who-were-targeted-by-hackers-during-ai-chatbot-attacks/

    13 min
  5. Nick Cawthon of Guage

    Jun 9

    Nick Cawthon of Guage

    In this episode of Modern Cyber, Jeremy sits down with Nick Cawthon, an enterprise-scale design strategist and user experience researcher, to explore the critical and frequently neglected relationship between cybersecurity utility, system design, and analyst fatigue. The discussion uncovers the hidden dangers of the "sticky" design trap, explaining how enterprise security platforms have mistakenly adopted consumer social media features like infinite scrolling. This layout inadvertently causes security practitioners to experience extreme cognitive exhaustion, resulting in a dangerous tendency to scroll entirely past active threat alerts and critical log messages. To combat this operational blindness, Nick details the "woodpecker" approach to user interface layout. This methodology focuses on optimizing high-frequency triage queues by keeping the operator's eye focus and mouse movements completely static, allowing them to rapidly dismiss or escalate anomalies without unnecessary interface distraction. Additionally, the conversation moves into the structural isolation of current generative AI prompt engineering workspaces. They highlight why single-user terminal cursors fail to support collaborative corporate teams and outline how forward-deployed engineering squads are integrating cognitive theory and behavioral sciences directly into rapid prototyping environments to build superior tools. About Nick Designer, Researcher and Strategist. User-Centric x Enterprise-Scale. Invited speaker for SigCHI, BayDUX, Xerox PARC, Lunch@Google, HeavyBit, PeopleNerds and others. Adjunct Professor for the CCA Design Strategy MBA program and the TRIUM Executive MBA curriculums. Organizer for IxDA, Episode Links https://www.linkedin.com/in/nickcawthon-ux-digital-agency-product-design-leadership/ https://sandbox.gauge.io/ https://anchorbox.gauge.io/

    38 min
  6. This Week in AI Security - 4th June 2026

    Jun 4

    This Week in AI Security - 4th June 2026

    In this week's episode, Jeremy reports live from the sidelines of Infosecurity Europe in London. As state-sponsored actors turn to thousands of automated recursive prompts to weaponize zero-days, the compliance landscape is fracturing: US state and federal frameworks are retreating into voluntary measures, while the EU AI Act locks in strict, unyielding mandates with firm deadlines. Key Episode Highlights: The Symjack Attack Vector: Security researchers uncover "Symjack," an exploit that hijacks symbolic link functions inside agentic-powered IDE setups to force automated environments into processing malicious payloads.AWS Kiro Security Flaw: A newly patched CVE in AWS’s Kiro agent builder reveals a vulnerability that maps excessive write permissions to execution-sensitive paths.Claude.ai Context Exfiltration: Attackers successfully demonstrate data extraction from Claude.ai by blending hidden HTML tags inside URL query parameters with targeted conversation searches and unauthorized model credential leaks.State-Sponsored Recursive Prompting: Google Threat Intelligence confirms Chinese and North Korean actors are utilizing thousands of recursive prompts to evaluate CVEs and automate functional zero-day generation in the wild.AI Engine Optimization (AIEO) Poisoning: Cybercriminals are targeting high-value GPU operators by poisoning AI recommendation search indexes with malicious prompts that trick models into surfacing cryptomining download traps.Tool Abuse Escalation: Trend Micro's AI division moves beyond model description enumeration, proving that attackers can successfully force compromised autonomous agents into executing system tools maliciously.Community Bank 8-K Corporate Leak: Pennsylvania-based Community Bank formally registers an SEC data breach after an under-pressure employee uploaded high-volume customer data to an unauthorized generative model platform.The Regulatory Fracturing: While Colorado rolls back its landmark AI law and the White House steps back to voluntary security testing reviews, the EU AI Act remains rock-solid. Episode Links https://www.securityweek.com/symjack-attack-turns-ai-coding-agents-into-supply-chain-attack-delivery-systems/ https://flatt.tech/research/posts/poisoning-claude-code-one-github-issue-to-break-the-supply-chain/ https://aws.amazon.com/security/security-bulletins/2026-037-aws/ https://www.oasis.security/blog/claude-ai-prompt-injection-data-exfiltration-vulnerability https://cybersecuritynews.com/badhost-ai-agent-vulnerability/ https://www.euronews.com/next/2026/05/27/hackers-are-using-ai-to-find-security-flaws-no-scanner-can-catch-google-warns https://www.techtimes.com/articles/317423/20260530/ai-vs-ai-cybersecurity-sysdig-documents-first-llm-agent-intrusion-wild.htm https://www.bleepingcomputer.com/news/security/gpu-mining-malware-spreads-via-seo-poisoning-ai-chatbots/ https://www.helpnetsecurity.com/2026/05/27/ai-chatbot-cryptojacking-campaign/ https://www.npr.org/2026/06/02/nx-s1-5844347/ai-safety-trump-executive-order https://www.bleepingcomputer.com/news/artificial-intelligence/anthropic-confirms-claude-mythos-class-models-will-roll-out-to-the-public/ https://www.aitoday.io/colorado-rolls-back-landmark-ai-governance-law-a-31804 https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/pwning-agentic-ai-part-i-your-ai-agent-is-already-compromised https://dailyhodl.com/2026/05/30/pennsylvania-bank-issues-urgent-alert-after-ai-application-triggers-data-breach-exposing-sensitive-customer-info/

    15 min
  7. This Week in AI Security - 28th May 2026

    May 28

    This Week in AI Security - 28th May 2026

    In this episode, Jeremy explores how autonomous model execution is completely upending classical software patch cycles and regulatory risk modeling. From Anthropic’s early access model mapping out thousands of real-world vulnerabilities autonomously to state regulators drawing a hard line on frontier safety, enterprise security is in a state of rapid transformation. Key Episode Highlights: Autonomous Scaling with Mythos: Anthropic's safety validation partners reveal that the new model family has autonomously scanned and identified over 10,000 vulnerabilities across roughly 1,000 open-source repositories with zero human guidance.The Apple M5 Silicon Exploit: Vietnamese security firm Khalif successfully leveraged model preview access to construct a functional macOS kernel memory corruption exploit, bypassing Apple's multi-billion-dollar hardware-level memory integrity protections in just five days.The Starlette "Bad Host" Flaw: A critical vulnerability has been uncovered in Starlette, the core routing engine behind the FastAPI framework, putting thousands of production-tier Python data and AI infrastructure stacks at immediate risk.Lapsus$ and Team PCP Joint Breach: Threat actors combined forces to target developer workstations, deploying malicious extensions directly inside VS Code environments to exfiltrate core corporate repository data.New York DFS Landmark Directive: The New York Department of Financial Services has officially issued an industry-wide mandate treating frontier models as an independent category of cyber threat, forcing financial institutions to implement rapid vulnerability management and strict guardrails.The Pulled Pre-Release Executive Order: The White House abruptly withdrew a highly anticipated framework that would have mandated 90-day voluntary pre-release security testing for frontier models, leaving enterprise compliance officers in a state of regulatory limbo. Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/schedule-your-demo Episode Links https://www.schneier.com/blog/archives/2026/05/macos-kernel-memory-corruption-exploit.htmlhttps://arstechnica.com/information-technology/2026/05/millions-of-ai-agents-imperiled-by-critical-vulnerability-in-open-source-package/https://www.helpnetsecurity.com/2026/05/20/github-breached-teampcp/https://techcrunch.com/2026/05/24/everyone-is-navigating-ai-security-in-real-time-even-google/https://www.dfs.ny.gov/industry-guidance/industry-letters/20260521-heightened-cybersecurity-risks-assoc-with-frontier-ai-modelshttps://arstechnica.com/tech-policy/2026/05/trump-canceled-ai-safety-testing-eo-after-snub-from-tech-ceos/

    14 min
  8. Rich Mogull of Cloud Security Alliance

    May 27

    Rich Mogull of Cloud Security Alliance

    In this episode of Modern Cyber, host Jeremy sits down with Rich Mogull, the Chief Analyst at the Cloud Security Alliance (CSA). Jeremy and Rich dive straight into the realities of AI-powered engineering, dissecting the risks and rewards of developer tool integrations like code copilots. They walk through the core architectures of Large Language Models (LLMs), outlining how non-determinism and the collapse of traditional control and data planes trigger modern security threats like indirect prompt injection. Rich offers a detailed breakdown of the high-profile AWS Amazon Q outage, analyzing how over-automation and over-provisioned privileges can lead to catastrophic environment tear-downs when the "human-in-the-loop" goes for coffee. Finally, the conversation shifts to Rich’s recent concept of "Core Collapse"—an astrophysics analogy for how AI-fueled offensive velocity creates a math problem of combinatorial complexity that human defenders cannot match alone. Learn how to combat this threat through goal-based permissions, deterministic guardrails, Zero Trust architectures, and proactive technical upskilling. About Rich Rich is the Chief Analyst at the Cloud Security Alliance where he focuses on leading-edge cloud and AI security research and implementation. He has over 25 years of security experience, with over 15 years of focusing on cloud and emerging technologies. Prior to joining the CSA full time Rich frequently collaborated with CSA as the principle course designer of the CCSK training class, primary author of the Guidance, and developer of the Cloud Security Maturity Model, among other projects. As Researcher and CEO of Securosis, RIch taught cloud security and incident response at Black Hat for over 10 years, developed the free Cloud Security Lab a Week (CloudSLAW) project, and actively works on developing hands-on cloud security techniques. Rich also founded DisruptOps, a cloud security startup acquired by FireMon where he became the SVP of Cloud Security. Prior to founding Securosis and DisruptOps, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator. Rich is the Security Editor of TidBITS and a frequent contributor to industry publications. He is a frequent industry speaker at events including the RSA Security Conference, Black Hat, and DefCon, and has spoken on every continent except Antarctica (where he's happy to speak for free -- assuming travel is covered). Episode Links: Rich Mogull's CSA Profile: https://cloudsecurityalliance.org/profiles/rich-mogull Rich Mogull's "Core Collapse" Blog Post: https://cloudsecurityalliance.org/blog/2026/02/26/core-collapse#_

    49 min
See All (118)

About

Looking for the latest news and views from the world of AI security? Welcome to Modern Cyber with Jeremy Snyder, a cutting-edge podcast series where cybersecurity thought leaders come together to explore the evolving landscape of digital security. In each episode, Jeremy engages with top cybersecurity professionals, uncovering the latest trends, innovations, and challenges shaping the industry. Also the home of 'This Week in AI Security', a snappy weekly round up of interesting stories from across the AI threat landscape.

Information