1.4K
Downloads
38
Episodes
Stay ahead of the latest cybersecurity trends with Cyberside Chats! Listen to our weekly podcast every Tuesday at 6:30 a.m. ET, and join us live once a month for breaking news, emerging threats, and actionable solutions. Whether you’re a cybersecurity professional or an executive looking to understand how to protect your organization, cybersecurity experts Sherri Davidoff and Matt Durrin will help you stay informed and proactively prepare for today’s top cybersecurity threats, AI-driven attack and defense strategies, and more!
Join us monthly for an interactive Cyberside Chats: Live! Our next session will be announced soon.
Episodes
3 days ago
3 days ago
What happens when the same AI tools that make coding easier also give cybercriminals new powers? In this episode of Cyberside Chats Live, we explore the rise of “vibe coding” and its darker twin, “vibe hacking.” You’ll learn how AI is reshaping software development, how attackers are turning those vibes into cybercrime, and what it means for the future of security.
Key Takeaways
- Establish ground rules for AI use
- Even if you don’t have developers, employees may experiment with AI tools. Set a policy for how (or if) AI can be used for coding, automation, or day-to-day tasks.
- Make sure staff understand not to paste sensitive data (like credentials or customer info) into AI tools.
- Strengthen your software supply chain
- If you rely on vendors or contractors, ask them whether they use AI in their development process and how they vet the resulting code.
- Request (or create) an inventory of software components and dependencies (SBOMs) so you know what’s inside the software you buy.
- Stay alert to supply chain risks from open-source code or third-party add-ons.
- Treat your endpoints like crown jewels
- Limit what software employees can install, especially IT staff.
- Provide a safe “sandbox” machine for testing unfamiliar tools instead of using production systems.
- Apply strong endpoint protection and restrict administrative privileges.
- Prepare for AI-related incidents
- Include scenarios where AI is part of the attack, such as compromised development tools, malicious packages, or data fed into rogue AI systems.
- Plan for vendor incidents, since third-party software providers may be the first link in a compromise.
- Test these scenarios through tabletop exercises so your team knows how to respond.
References
- Malwarebytes — Claude AI chatbot abused to launch cybercrime spree (Aug 2025): https://www.malwarebytes.com/blog/news/2025/08/claude-ai-chatbot-abused-to-launch-cybercrime-spree
- Trend Micro / Industrial Cyber — EvilAI malware campaign exploits AI-generated code to breach global critical sectors (Aug 2025): https://industrialcyber.co/ransomware/evilai-malware-campaign-exploits-ai-generated-code-to-breach-global-critical-sectors/
- The Hacker News — Cursor AI code editor flaw enables silent code execution on developer systems (Sept 2025): https://thehackernews.com/2025/09/cursor-ai-code-editor-flaw-enables.html
- PCWorld — I saw how an “evil” AI chatbot finds vulnerabilities. It’s as scary as you think (May 2025): https://www.pcworld.com/article/2424205/i-saw-how-an-evil-ai-chatbot-finds-vulnerabilities-its-as-scary-as-you-think.html
#AIhacking #AIcoding #vibehacking #vibecoding #cyberattack #cybersecurity #infosec #informationsecurity #datasecurity
No comments yet. Be the first to say something!