Is AI about to trigger a cybersecurity vulnerability explosion?

In this episode of Cybersecurity Today, David Shipley examines what some researchers are calling the early signs of a "vulnerability apocalypse" as Anthropic's Claude-powered Project Glasswing identifies thousands of potential software flaws at machine speed.

The episode breaks down the real numbers behind the hype: over 10,000 candidate vulnerabilities flagged, 1,726 confirmed high or critical findings, 97 patched issues, and the growing concern that AI-driven bug hunting could overwhelm already stretched security teams. One example: a critical WolfSSL certificate forgery vulnerability (CVE-2026-5194, CVSS 9.1).

Also in this episode: Canadian authorities arrest Ottawa suspect Jacob Butler, also known as "Dort," allegedly linked to the Kim Wolf botnet operation blamed for nearly 30 terabits-per-second distributed denial-of-service (DDoS) attacks and more than 25,000 incidents.

We also cover active exploitation of a Ghost CMS SQL injection vulnerability (CVE-2026-26980), with attackers reportedly compromising hundreds of websites using ClickFix malware lures, including high-profile targets.

And finally, an Iran-linked cyber espionage campaign dubbed "Screening Serpents" uses highly personalised fake recruitment approaches to target aerospace, defence, and telecom professionals with new remote access malware.

If you work in cybersecurity, infrastructure, or IT leadership, this is one to watch.

00:00 Vunpocalypse Headlines 00:28 AI Finds Vulnerabilities 01:32 False Positives and Costs 02:39 WolfSSL Critical CVE 03:51 Patch Volume Pressure 04:28 Kim Wolf Botnet Arrest 05:13 Botnet Scale and Swatting 06:48 International Takedowns 07:41 Ghost CMS Mass Exploits 09:07 ClickFix Infection Chain 10:25 How to Remediate Ghost 10:39 Iran Spear Phishing Ops 12:51 Closing and Sign Off

#Cybersecurity #CyberSecurityToday #AIsecurity #GhostCMS #DDoS #CyberEspionage #Anthropic #ClaudeAI #IranCyberThreat #InfoSec