Security Intelligence

AI-generated malware has officially arrived. But does it matter all that much?

This week on Security Intelligence, Suja Viswesan, Dave Bales and Dustin Heywood join us to discuss VoidLink, which might just be the first thoroughly documented case of a malware framework generated with significant AI help. The question is: What really changes when malware is no longer the handiwork of human hackers?

We also explore the World Economic Forum’s Global Cybersecurity Outlook 2026, where CEOs and CISOs are split on what they fear most: cyber fraud or ransomware? Then we cover the debate over data protection vs. service resilience, and we dig into the takedown of RedVDS, a major player in the cybercrime-as-a-service supply chain.

Finally, we reflect on the 40th anniversary of “The Hacker Manifesto,” asking what’s changed—and what hasn’t—in hacker culture.

All that and more on Security Intelligence

00:00 -- Introduction
01:40 -- CEOs vs. CISOs: 2026 cyberthreats
11:10 -- VoidLink: Documented AI malware
19:28 -- Are we too worried about our data?
27:28 -- Cybercrime supply chains
34:05 -- 40 years of hacking culture


The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.

Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligence
Learn more about cybersecurity → https://www.ibm.com/think/podcasts/techsplainers#tabs-fw-44e285b2cc-item-df35f5fbab-tab

AI has changed the speed of cyberattacks. But it hasn’t changed the most important variable: people.

In this episode of Security Intelligence, panelists Jake Paulson, Stephanie Carruthers and Matt Cerny dig into how AI-driven threats—phishing, deepfakes and disinformation—are reshaping the cyberthreat landscape. Organizations, too, are adopting AI tools to help detect these attacks.

But even in the era of AI, people are ultimately our first and last lines of defense. And all too often, we don’t give them what they need to succeed. How do we help human beings adapt to the increased speed, scale and impact of AI threats?

The answer, our panel argues, isn’t more checkbox training or prettier slides. It’s realistic, immersive training that builds muscle memory, confidence under stress and decision-making skills for moments when things don’t go according to plan.

We talk about:

00:00 -- Introduction
01:48 -- AI phishing, deepfakes and modern social engineering tactics
09:19 -- Why humans are still the primary attack surface—and the strongest defense
17:03 -- The difference between tabletop exercises and cyber range training
22:00 -- How immersive simulations prepare teams for real incident response pressure
42:00 -- Why preparedness matters more than awareness in the age of AI attacks

Because when AI accelerates attacks, training determines the outcome.

All that and more on Security Intelligence.

The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.

#cybersecuritytraining #AIcyberthreats #AIphishing #AIcyberattacks

Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligence
Learn more about the cyber range → https://www.ibm.com/think/topics/cyber-range
Discover how AI training can support your business → https://www.ibm.com/services/xforce-cyber-range

Between LockBit, RansomHub and BlackSuit, law enforcement racked up some big wins against ransomware gangs last year. So why aren’t the attacks letting up?

In this episode of Security Intelligence, panelists JR Rao, Jeff Crume and Michelle Alavarez unpack what the state of ransomware in 2025 really looked like, and why things haven’t slowed things down as much as we might hope.

Then, we turn to identity security and cloud breaches as we consider the striking case of Zestix, the lone threat actor linked to breaches at 50 global enterprises. And all he needed were some passwords.

From there, we look at what the future of hacking might hold. Palo Alto’s Wendi Whitmore issued a warning about how AI agents could become devastating insider threats, and security researchers at GEEKCon demonstrated how AI-powered robots can be hijacked using voice commands alone, turning prompt injection into a physical-world security risk.

It’s a niche scenario today. But is it also a preview of what happens when AI, robotics and operational technology collide?

Listen to Security Intelligence to find out.

00:00 -- Introduction
01:05 -- Ransomware in 2026
09:26 -- Zestix linked to 50 hacks
18:42 -- AI agents as insider threats
31:20 -- Hacking humanoid robots

The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.

Subscribe to the IBM Think newsletter → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120
Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligence

Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligence

Say your cloud storage service gets hacked. Say the attackers broke in by exploiting a vulnerability in an open-source library your organization used to build the service. Who owns that vulnerability?

Microsoft is trying to clear some of the smog obscuring the software supply chain by expanding its bug bounty program to include some third-party code that affects it services. In this episode of Security Intelligence, panelists Jeff Crume, Nick Bradley and Claire Nuñez discuss what that move means for cybersecurity responsibility models going forward.

We also analyze how a three-year-old LastPass breach is still giving cybercriminals new credentials to steal. Turns out “harvest now, decrypt later” isn’t just a quantum concern.

Plus: OpenAI fights prompt injections with an automated, AI-powered red team, hackers have a new tool to make ClickFix attacks even easier and we share the New Year’s Resolutions we hope organizations will make in 2026.

All that and more on Security Intelligence.

00:00 -- Introduction
1:11 -- Cybersecurity resolutions
6:51 -- Microsoft’s new bug bounties
14:00 -- The LastPass breach’s long tail
26:07 -- Automated red teaming
33:22 -- ClickFix-as-a-service

The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.

Subscribe for AI and security updates → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120

Why does it cost so much more to get hacked in the United States than anywhere else in the world?

In this special bonus episode of Security Intelligence, we sit down with Michelle Alvarez, Manager of Strategic Threat Analysis at IBM X-Force, for a deep dive into IBM’s 2025 Cost of a Data Breach report—and one of its most surprising findings: global breach costs are falling, but US breach costs just hit a record high.

What’s driving the gap?

In this episode, we unpack:

Why faster detection and containment are lowering breach costs globally
Why shadow AI is quietly increasing breach risk and driving up response costs
Why regulatory fines, global operations and organizational scale hit US companies especially hard
And how supply chain breaches, cloud complexity and shadow IT amplify the damage

We also explore a critical inflection point ahead: AI isn’t a major attack target yet—but once adoption crosses key market concentration thresholds, attackers will follow the ROI.

All that and more on Security Intelligence

The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.

Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence
Read the Cost of a Data Breach report: https://ibm.biz/BdbkLt