Modern Cyber with Jeremy Snyder

In this episode for May 21, 2026, Jeremy looks at the rapidly compressing timeline of AI-driven exploits. From the first live confirmation of an AI-assisted 2FA zero-day to Microsoft's multi-agent "debate" system outperforming top frontier models, defenders are watching the offensive clock shrink in real time.
Key Episode Highlights:
First Live AI Zero-Day: Google's Threat Intelligence Group (GTAG) confirmed the first in-the-wild exploitation of a semantic logic 2FA bypass discovered and weaponized entirely via an LLM.
Microsoft's M-Dash System: Microsoft revealed a framework utilizing over 100 specialized AI agents that scan code and debate each other's findings, scoring an unprecedented 88.45% on the UC Berkeley Cyber Gym benchmark.
TanStack Supply Chain Assault: Team PCP hit the TanStack ecosystem via token theft, successfully compromising two OpenAI employee devices and forcing a major code-signing certificate rotation.
Amazon Quick Bypass: Jason Kao of Fog Security uncovered a critical server-side authorization flaw in Amazon Quick that permits restricted users to bypass interface boundaries and access blocked AI chat agents.
PraisonAI Zero-Auth Exposure: A legacy configuration oversight in the PraisonAI framework left instances entirely unauthenticated, resulting in automated malicious scanning within four hours of disclosure.
The DBIR Vulnerability Milestone: The 2026 Verizon DBIR notes an extraordinary historical shift: vulnerability exploitation now accounts for 31% of confirmed breaches, completely lapping credential theft at 13%.

Stop guessing where your models are exposed
Unmonitored models, insecure framework defaults, and shadow AI workflows are scaling your enterprise risk faster than traditional tools can track. FireTail provides complete discovery, posture management, and behavioral visibility across your entire AI environment in 15 minutes.
Book your FireTail demo: https://www.firetail.ai/schedule-your-demo

Episode Links
https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html
https://unit42.paloaltonetworks.com/ai-agent-prompt-injection/
https://www.microsoft.com/en-us/security/blog/2026/05/12/defense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-tops-leading-industry-benchmark/
https://thehackernews.com/2026/05/openai-launches-daybreak-for-ai-powered.html
https://www.scworld.com/brief/anthropics-ai-finds-one-low-severity-vulnerability-in-heavily-audited-curl-codebase
https://decrypt.co/367883/openai-confirms-security-breach-ai-malware-campaign
https://www.csoonline.com/article/4171215/praisonai-vulnerability-gets-scanned-within-4-hours-of-disclosure.html
https://www.theregister.com/ai-ml/2026/05/13/google-users-fight-for-refunds-as-unauthorized-api-usage-bills-soar/5239160
https://www.fogsecurity.io/blog/authorization-bypass-in-amazon-quick-ai-agents
https://tech.diegocarpintero.com/blog/the-zero-trust-gap-in-llms
https://www.securityweek.com/verizon-dbir-2026-vulnerability-exploitation-overtakes-credential-theft-as-top-breach-vector/

In this episode for May 14, 2026, Jeremy breaks down a watershed moment in cybersecurity: the first confirmed case of hackers using AI to discover and weaponize a zero-day vulnerability in the wild. We also explore a major self-reported PII leak in the banking sector and the expanding attack surface of AI development environments.

Key Episode Highlights:
The First AI-Generated Zero-Day: Google Threat Intelligence confirms hackers used AI to discover and weaponize a 2FA bypass in an open-source admin tool, marking a transition from theoretical risk to documented reality.
Banking Sector PII Leak: Community Bank (operating in PA, OH, and WV) filed an 8-K reporting that sensitive customer data, including SSNs and dates of birth, leaked into an AI application during training.
The "Beagle" Backdoor: Sophos uncovered a fake Claude-Pro website pushing trojanized installers that deploy a memory-resident backdoor targeting AI coding environments.
Framework Exploitation: Research reveals how prompt injection in popular frameworks like Semantic Kernel, LangChain, and CrewAI can escalate to full remote code execution (RCE).
Phonetic Obfuscation: New proof-of-concept research shows that LLMs can navigate phonetic misspellings to interpret malicious intent, effectively bypassing standard text filters.
Pixel-Perfect Phishing: Vercel’s v0.dev tool is being used by attackers to generate nearly perfect brand impersonations for Nike, Adidas, and Microsoft, making phishing detection significantly harder.
Secure AI Across Your Entire Organization
Unregulated AI usage and data leaks are the biggest threats to your organization's reputation. Get full visibility into your AI environment and block sensitive data exfiltration in 15 minutes. Book your FireTail demo: https://www.firetail.ai/schedule-your-demo

Episode Links
https://cloud.google.com/blog/products/identity-security/beyond-source-code-the-files-ai-coding-agents-trust-and-attackers-exploit
https://www.microsoft.com/en-us/security/blog/2026/05/07/prompts-become-shells-rce-vulnerabilities-ai-agent-frameworks/
https://www.bleepingcomputer.com/news/security/fake-claude-ai-website-delivers-new-beagle-windows-malware/
https://www.infosecurity-magazine.com/news/researchers-10-wild-indirect/
https://www.darkreading.com/cloud-security/hackers-ai-exploit-dev-attack-automation
https://www.darkreading.com/ics-ot-security/worlds-first-ai-driven-cyberattack-couldnt-breach-ot-systems
https://hackread.com/hackers-exploit-vercel-genai-phishing-sites/
https://bishopfox.com/blog/cve-2026-42208-pre-authentication-sql-injection-in-litellm-proxy
https://securityaffairs.com/191888/data-breach/braintrust-security-incident-raises-concerns-over-ai-supply-chain-risks.html
https://shape-of-code.com/2025/06/29/an-attempt-to-shroud-text-from-llms/
https://databreaches.net/2026/05/12/us-bank-reports-itself-for-revealing-customer-data-to-unauthorized-ai-application/

In this episode for May 7, 2026, Jeremy reports from the sidelines of BSides Luxembourg. This week marks a significant shift in AI-driven vulnerability research, moving from source code analysis to the successful reverse engineering of closed-source compiled binaries.

Key Episode Highlights:
GitHub Backend RCE: Researchers from Wiz used AI-augmented binary analysis to find an X-stat header injection vulnerability in GitHub’s Git push pipeline, achieving a CVSS score of 8.7 on closed-source code.
The "Copyfail" Crisis: A critical Linux security flaw dating back to 2017 was uncovered using AI-assisted tools. The story highlights the tension between automated discovery and the rise of "AI slop" in automated vulnerability disclosures.
CISA Patching Mandates: CISA is considering lowering the required "mean time to patch" from 14 days to just 3 days in response to AI’s ability to find vulnerabilities at an "apocalypse" scale.
Shadow AI Exposure: A study by Intruder found over 1 million exposed AI services via certificate transparency logs, with 31% of Meta Llama servers requiring zero authentication.
Google "Cosmo" Leak: A massive 1.13 GB system-level agent for Android briefly leaked on the Play Store, revealing an autonomous browser agent with deep system permissions.
The Criminal Skill Gap: New research from the University of Edinburgh suggests that while AI is boosting professional developers, most cybercriminals currently lack the skills to weaponize AI at a "weaponizable scale".

Shadow AI and unsecured AI models are the new frontier of enterprise risk. 31% of exposed AI servers are operating with zero authentication. Don't let your infrastructure be the next headline. Get full visibility into your AI environment in 15 minutes. Book your FireTail demo: https://www.firetail.ai/schedule-your-demo

Episode Links
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
https://cyberscoop.com/copy-fail-linux-vulnerability-artificial-intelligence/
https://www.reuters.com/legal/litigation/us-officials-weigh-cutting-deadlines-fix-digital-flaws-amid-worries-over-ai-2026-05-01/
https://venturebeat.com/security/ai-agent-runtime-security-system-card-audit-comment-and-control-2026
https://thehackernews.com/2026/05/we-scanned-1-million-exposed-ai.html
https://www.euronews.com/next/2026/05/05/cybercriminals-gave-ai-a-go-and-came-away-disappointed-study-finds
https://www.bleepingcomputer.com/news/security/learning-from-the-vercel-breach-shadow-ai-and-oauth-sprawl/
https://azat.tv/en/google-cosmo-ai-leak-privacy-safety/https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854

In this episode for April 30, 2026, Jeremy breaks down a week where the "human-in-the-loop" failed spectacularly. From a production environment deleted in just nine seconds to "Abliterated" models providing kidnapping instructions to Congress, the risks of autonomous AI agents are no longer theoretical. They are live.
Key Episode Highlights:
Abliterated Models on Capitol Hill: OpenAI and Anthropic briefed House lawmakers on "abliterated" models - versions with safety guardrails stripped - demonstrating how they can provide step-by-step instructions for criminal acts.
Entra ID Hijacking: Researchers at Silverfort discovered that the new "Agent ID" role in Microsoft Entra ID can be exploited to hijack service principals, leading to a full Global Admin takeover.
The 9-Second Disaster: An AI agent at PocketOS, attempting to fix a staging environment, fetched production credentials and deleted both the production environment and its backups in under ten seconds.
LiteLLM SQL Injection: A critical vulnerability in the LiteLLM gateway saw targeted exploitation within 36 hours of disclosure, specifically aiming for provider API keys.
Vercel Breach Update: The recent Vercel data breach is traced back to a "Luma Stealer" malware infection at a third-party AI analytics partner.
Episode Links
https://www.politico.com/news/2026/04/22/ai-chatbots-jailbreak-safety-00887869
https://security.googleblog.com/2026/04/ai-threats-in-wild-current-state-of.html
https://www.microsoft.com/en-us/security/blog/2026/04/06/ai-enabled-device-code-phishing-campaign-april-2026/
https://hackread.com/microsoft-entra-agent-id-flaw-tenant-takeover/
https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-a-critical-litellm-pre-auth-sqli-flaw/
https://www.cbsnews.com/news/anthropic-investigates-mythos-ai-breach/
https://thehackernews.com/2026/04/vercel-breach-tied-to-context-ai-hack.html
https://x.com/lifeof_jer/status/2048103471019434248
Is your organization part of the 82% with unknown AI agents running on your network? Don't wait for a "9-second deletion" event. Get full visibility into your AI agents today.
Book your FireTail demo: https://www.firetail.ai/schedule-your-demo

In this episode for April 23, 2026, Jeremy explores a week where "first principles" in security are being forgotten in the rush to adopt AI. From guessable API endpoints exposing Anthropic’s most powerful model to a $10,000 fine for a lawyer’s AI "slop," the message of the week is clear: There is no AI without API security.
Key Stories & Developments:
The Mythos API Leak: Unauthorized actors gained access to Anthropic’s Claude Mythos model by simply guessing API naming conventions. This classic case of Broken Function Level Authorization highlights a major oversight in the rollout of sensitive models.
Shadow AI Agents: A new survey from the Cloud Security Alliance reveals that 82% of enterprises have unknown AI agents operating without security oversight.
The $10K Hallucination: An Oregon lawyer was fined $10,000 for "AI slop" in court filings, setting a firm legal precedent that AI error does not excuse professional negligence.
MCP Design Flaws: The Model Context Protocol (MCP), designed to wrap APIs in human language, is proving vulnerable to coercion. Attackers are using human language requests to probe back-end systems through NGINX.
"Logjack": New research into "Logjack" shows how malicious prompts hidden in system logs can compromise the LLMs used to analyze them.
Meta Keystroke Capturing: Reports indicate Meta is capturing employee keystrokes to refine internal AI training sets, raising massive concerns about insider risk and password exfiltration.
Shadow AI agents are the new Shadow IT. Are you part of the 82% with zero visibility into your AI agents? Discover every agent and API connection in 15 minutes. Book your FireTail demo: https://www.firetail.ai/schedule-your-demo

Episode Links
https://www.inc.com/kevin-haynes/faulty-ai-leads-to-record-10000-fine-for-oregon-lawyer/91322007
https://www.nytimes.com/2026/04/17/us/oregon-winery-ai-legal-fight.html
https://techcrunch.com/2026/04/21/meta-will-record-employees-keystrokes-and-use-it-to-train-its-ai-models/
https://cloudsecurityalliance.org/press-releases/2026/04/21/new-cloud-security-alliance-survey-reveals-82-of-enterprises-have-unknown-ai-agents-in-their-environments
https://techcrunch.com/2026/04/20/app-host-vercel-confirms-security-incident-says-customer-data-was-stolen-via-breach-at-context-ai/
https://www.securityweek.com/by-design-flaw-in-mcp-could-enable-widespread-ai-supply-chain-attacks/
https://www.theregister.com/2026/04/16/anthropic_mcp_design_flaw/
https://www.darkreading.com/application-security/critical-mcp-integration-flaw-nginx-risk
https://www.helpnetsecurity.com/2026/04/16/llm-router-security-risk-agent-commands/
https://oddguan.com/blog/comment-and-control-prompt-injection-credential-theft-claude-code-gemini-cli-github-copilot/
https://arxiv.org/abs/2604.15368
https://venturebeat.com/security/microsoft-salesforce-copilot-agentforce-prompt-injection-cve-agent-remediation-playbook
https://techcrunch.com/2026/04/21/unauthorized-group-has-gained-access-to-anthropics-exclusive-cyber-tool-mythos-report-claims/
https://aisle.com/blog/ai-cybersecurity-after-mythos-the-jagged-frontier
https://www.darkreading.com/vulnerabilities-threats/every-old-vulnerability-ai-vulnerability
https://www.theregister.com/2026/04/20/lovable_denies_data_leak/