The AI, Privacy, and Security Weekly Update

R. Prescott Stearns Jr.
  • 4.5 (4)
  • Tech News
  • Updated Weekly

Into year 7 for this award-winning, light-hearted, lightweight AI privacy and security podcast that spans the globe in terms of issues covered, with topics that draw in everyone from executive to newbie, to tech specialist. For season 7, we've renamed the IT Privacy and Security Weekly Update to the AI, Privacy, and Security Weekly Update to better reflect the content. Your investment of between 15 and 20 minutes a week will bring you up to speed on half a dozen current AI privacy and security stories from around the world to help you improve the management of your own privacy and security.

  1. Episode 293. Deep Dive. Movies, Music, and the AI, Privacy and Security Weekly Update for May 26th 2026

    3d ago ·  Bonus

    Episode 293. Deep Dive. Movies, Music, and the AI, Privacy and Security Weekly Update for May 26th 2026

    The corporate attack surface is expanding as autonomous AI agents and developer tools dissolve traditional security boundaries. The software supply chain is now a strategic vulnerability, allowing compromised “trusted tools” to bypass legacy defenses and move directly into internal environments. Recent incidents demonstrate the scale of the risk. GitHub confirmed unauthorized access to roughly 3,800 repositories after a malicious VS Code extension compromised a developer device. Google Cloud infrastructure also exposed a critical “time-to-vulnerability” gap: deleted API keys remained active for an average of 16 minutes, and in some cases up to 23 minutes, despite appearing revoked in the UI. These delays create exploitable windows for autonomous systems to access AI services or sensitive data before responders can intervene. The Cloud Security Alliance warns of an emerging “agentic threat” driven by excessive privileges, weak configurations, prompt injection, poor accountability, and flaws in machine-to-machine interaction. The challenge is no longer simply malicious code, but malicious intent expressed through natural language. Meanwhile, the labor market reflects a “low hire, low fire” reality rather than mass AI unemployment. Layoffs remain historically normal, but hiring and career mobility have slowed as firms adopt leaner operating models and assess automation’s long-term impact. Entry-level opportunities are narrowing as companies demand higher productivity from fewer employees using generative tools. Industry leaders remain divided. Steve Wozniak argues AI cannot replace human creativity, while figures such as Sam Altman and Elon Musk warn disruption may eventually require interventions like Universal Basic Income. Many firms are also using “AI transformation” narratives to justify restructuring and post-pandemic cost corrections. Creative industries are shifting from resisting AI to monetizing it. The AI-generated film Hell Grind reportedly required a $500,000 budget, with most costs tied to compute power. Maintaining visual consistency demanded prompts averaging 3,000 words, revealing that AI production remains management-intensive rather than effortless. Spotify and Universal Music Group are also developing licensing frameworks where artists retain control over AI-generated remixes while platforms monetize premium AI creative tools. Technology companies now face growing friction between rapid AI deployment and user trust. Google’s “disregard” search glitch showed how AI systems can misinterpret user queries as commands, undermining reliability. Apple’s roadmap, including context-aware Siri capabilities and private cloud compute, highlights the industry’s push toward personalized assistants. Ultimately, AI adoption depends on trust. Consumers will embrace assistants only if companies prove the infrastructure behind them is reliable, accountable, and secure enough to protect personal data.

    36 min

  2. 3d ago

    Movies, Music, and the AI, Privacy, and Security Weekly Update for the Week ending May 26th, 2026

    Episode 293 A two-week shoot, a half-million dollar budget, and not a single human behind the camera, welcome to the future of Hollywood. This year at Cannes, the most talked-about presence on the Croisette wasn't a movie star; it was artificial intelligence. The Cloud Security Alliance is sounding the alarm on a new breed of AI system that doesn't just answer questions, it takes action, on its own, across your entire digital infrastructure. GitHub just confirmed that roughly 3,800 internal repositories were compromised, and the attacker didn't need a zero-day exploit, just a poisoned developer tool your engineers trust every single day. Google API Keys: Here's a question every incident responder needs to answer: if you delete a compromised credential and the attacker keeps using it for the next twenty-three minutes, did you actually stop the breach? The same AI technology making phishing attacks more convincing may also be our best shot at catching them, and this week, a listener's inbox put that to the test. Spotify and Universal Music Group just agreed to let fans remix their favorite songs using AI, and for the music industry, it's the clearest sign yet that the question is no longer whether this happens, but who controls it when it does. In a spring full of AI doomsday commencement speeches, Steve Wozniak walked onto a stage in Michigan and reminded a room full of nervous graduates that they already carry the most powerful intelligence in the room. Welcome back, everyone. We’re glad you're here for Episode 293 of the AI, Privacy, and Security Weekly Update. It's May 26th, 2026, and this week we are going big. We're starting in Cannes, we're going to swing through some genuinely alarming security stories, and we're going to land somewhere a little more hopeful at the end. Let's get into it. Find the transcript to this podcast here.

    21 min
  3. EP 292. Deep Dive. Leaks and the AI, Privacy, Security Weekly Update for the Week Ending May 19th., 2026

    May 20 ·  Bonus

    EP 292. Deep Dive. Leaks and the AI, Privacy, Security Weekly Update for the Week Ending May 19th., 2026

    This update highlights a deteriorating security landscape where human error and advanced technology intersect to create significant digital risks. Critical infrastructure faces threats from sensitive credential leaks at federal agencies and the discovery of unpatched Windows zero-day exploits released by disgruntled researchers. Simultaneously, the rise of artificial intelligence is transforming both offense and defense, enabling experts to bypass modern hardware security in record time while overwhelming open-source maintainers with automated bug reports. Governments are responding by expanding surveillance capabilities, seeking nationwide access to vehicle tracking data and using AI to police financial markets. Meanwhile, geopolitical tensions have shifted toward digital choke points, with nations like Iran threatening the physical cables that underpin global internet connectivity. These shifts occur alongside corporate instability, evidenced by mass layoffs at Meta and legal friction between major tech partners over AI integration.

    47 min

  4. May 20

    Leaks and the AI, Privacy, and Security Weekly Update for the Week Ending May 19th., 2026

    EP 292. This week we kick off with a flood of updates: The agency trusted to protect America's critical infrastructure couldn't protect its own credentials.Canada is reopening one of tech's most consequential debates  and this time, your compliance architecture may be in the crosshairs.A researcher's very public falling-out with Microsoft is quietly becoming everyone's security problem.What once took a seasoned red team weeks now takes a small team and a frontier model less than five days.The race to use AI to find flaws faster than attackers is officially underway  and the audit trail question is already lagging behind.AI is flooding the Linux kernel security pipeline with noise, and Linus Torvalds has had enough.Regulators are quietly deploying AI surveillance at a scale that reframes what financial oversight even means.The world's most consequential digital chokepoint just became even more of a geopolitical bargaining chip. Let's go get soaked! Find the full transcript to this podcast here.

    20 min
  5. EP 291. Deep Dive. Unintended Outcome and the AI, Privacy, and Security Weekly Update for the Week Ending May 12th., 2026

    May 13 ·  Bonus

    EP 291. Deep Dive. Unintended Outcome and the AI, Privacy, and Security Weekly Update for the Week Ending May 12th., 2026

    This week we highlight the multifaceted global impact of AI infrastructure and digital security, focusing on the physical and financial costs of technological expansion. Reports detail how massive data centers are straining public utilities, causing power disputes in Kenya and Maryland while leading to significant water waste in Georgia. In the realm of cybersecurity, researchers have identified critical vulnerabilities in smart home devices and "zero-day" exploits developed by artificial intelligence, prompting tech giants like Google and Apple to implement stricter protections. Meanwhile, the professional landscape is shifting as Amazon and Nvidia emphasize AI-driven metrics and proprietary software ecosystems, creating new pressures for employees and developers alike. Collectively, these narratives illustrate that while AI offers advancements in molecule design and medical research, its integration into daily life demands greater transparency and more robust infrastructure management.

    53 min

  6. May 13

    Unintended Outcome and the AI, Privacy, and Security Weekly Update for the Week Ending May 12th., 2026

    EP 291.  In this week's update: When a 200-pound internet-connected machine can be hijacked from 6,000 miles away, the smart home has officially become a liability. The moment security researchers have long anticipated has arrived: AI is no longer just defending systems - it's actively being used to break them. The same open ecosystems that accelerated AI adoption are now emerging as a significant and underestimated vector for supply chain attacks. In a landscape where breaches are inevitable, DigiCert's handling of a code-signing compromise offers a rare and instructive model for what accountability actually looks like. A browser trusted with your most sensitive credentials is quietly leaving them exposed in memory - and the vendor considers it working as intended. Google is embedding fraud detection directly into the operating system, signaling a fundamental shift in where the mobile security perimeter now begins. After years of a fragmented messaging security landscape, Apple and Google have closed one of the most glaring cross-platform encryption gaps in consumer technology. Decades of observational data linking coffee to longevity may finally have a molecular foundation - and it has nothing to do with caffeine. Let's go grab a mug! Find all links and the full transcript for this podcast here.

    19 min
  7. Episode 290. Deep Dive. Assumed Safe. The AI, Privacy, and Security Weekly Update for the Week Ending May 5th, 2026.

    May 7 ·  Bonus

    Episode 290. Deep Dive. Assumed Safe. The AI, Privacy, and Security Weekly Update for the Week Ending May 5th, 2026.

    This Deep dive dives into the dangerous shift in the digital landscape where sophisticated exploits and simple human deception frequently converge. Major security alerts include a long-standing Linux kernel flaw that grants full system control and the rise of automated AI phishing kits that make high-level cyberattacks more accessible to criminals. Beyond technical bugs, the sources detail how identity theft is being used to systematically defraud financial institutions and how public voter records are being weaponized to expose personal information. Regulatory bodies are pushing back against these trends, evidenced by the FTC’s crackdown on data brokers and new international guidance for the safe deployment of agentic AI. Meanwhile, the reports suggest that modern ransomware is evolving to bypass traditional encryption, focusing instead on pure data extortion and credential abuse. Ultimately, these sources emphasize that internal system integrity and strict identity verification are now more critical than traditional perimeter defenses. Find more here

    1h 10m

  8. May 6

    Assumed Safe. The AI, Privacy, and Security Weekly Update for the Week Ending May 5th, 2026.

    Episode 290. This week, we assume nothing in our collection of stories... A flaw hiding in plain sight for nearly a decade has quietly turned every Linux system's most trusted layer into an open door. Attackers have discovered that the easiest way to install malware is to convince users the malware is the cure. A new phishing kit is lowering the barrier to industrial-scale credential theft to roughly the cost of a Netflix subscription.  Ransomware didn't slow down in Q1 2026  it mutated, and the new strain doesn't even need encryption to extort you. Credit Union Loan Fraud The most methodical fraud playbook circulating underground right now doesn't involve a single line of malicious code. A teenager with a forum alias just handed a third of France's population an identity problem they didn't ask for. Six of the world's most serious cybersecurity agencies just issued a unified warning that most organizations deploying agentic AI are not ready for what they've built. A new paper argues that the discipline meant to stress-test AI safety has itself become the thing it was designed to find a vulnerability dressed up as a control. The arc runs from infrastructure to brand to process to institution to the security function itself. Each story is a different flavor of the same failure: someone trusted something they shouldn't have, or built a system that assumed others would. Let's go verify! Find the full transcript to this podcast here.

    22 min
See All (380)

4.5
out of 5
4 Ratings

About

Into year 7 for this award-winning, light-hearted, lightweight AI privacy and security podcast that spans the globe in terms of issues covered, with topics that draw in everyone from executive to newbie, to tech specialist. For season 7, we've renamed the IT Privacy and Security Weekly Update to the AI, Privacy, and Security Weekly Update to better reflect the content. Your investment of between 15 and 20 minutes a week will bring you up to speed on half a dozen current AI privacy and security stories from around the world to help you improve the management of your own privacy and security.

Information

You Might Also Like