In this week's episode, recorded live from the inaugural AI Security Summit hosted by Snyk, Jeremy reports on the latest threats and strategic discussions shaping the industry. Covering multiple instances of "old risks" reappearing in new AI contexts...

The Salesforce "forced leak" vulnerability, where an AI agent was exposed to malicious prompt injection via seemingly innocuous text fields on web forms (a failure of input sanitization).

Research from Nvidia detailing waterhole attacks where malicious code (e.g., PowerShell) is hidden in decoy libraries (like "react-debug") that AI coding assistants might suggest to developers.

A consumer AI girlfriend app that exposed customer chat data by storing conversations in an open Apache Kafka pipeline, demonstrating a basic failure of security hygiene under the pressure of rapid AI dev ...