Sign up to save your podcasts
Or
Share This Week in AI Security - 19th March 2026
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
This Week in AI Security - 19th March 2026
In this episode for March 19, 2026, Jeremy breaks down a massive week where the line between "helpful AI" and "insider risk" continues to blur. From 87% vulnerability rates in AI-generated code to the rise of "Prompt-ware," the episode covers the accelerating operationalization of AI by both developers and nation-state adversaries.
Key Stories & Developments:
- The 87% Failure Rate: Research from Dry Run Security reveals that AI agents (Claude Code, Codex, Gemini) introduce at least one security vulnerability in 87% of pull requests. Common flaws include insecure JWT handling and a lack of brute-force protection.
- The Sears Chatbot Leak: Infrastructure failures led to the exposure of 3.7 million chat logs and 1.4 million audio files from Sears’ AI assistant, Samantha.
- "Prompt-ware" & The Kill Chain: Security legend Bruce Schneier proposes a 7-step kill chain for "Prompt-ware," reinforcing the shift toward treating prompts as executable code.
- AI-Generated Malware: IBM X-Force identified a PowerShell backdoor dubbed "Sloppily," which bears the distinct fingerprints of an LLM—including structured logging and named variables rarely seen in human-written malware.
- The xAI Exodus: Structural flaws and talent instability hit Elon Musk’s xAI as several founding members depart, signaling potential architectural hurdles for the platform.
- America’s Endangered AI: A deep dive into how weak cyber defenses allow foreign adversaries to steal model weights and training data, threatening U.S. tech dominance.
Episode Links
https://blog.rankiteo.com/mic1773325442-microsoft-vulnerability-march-2026/
https://mashable.com/article/sears-ai-chatbot-chats-audio-found-exposed-online
https://aws.amazon.com/security/security-bulletins/rss/2026-009-aws/
https://aws.amazon.com/security/security-bulletins/rss/2026-008-aws/
https://aws.amazon.com/security/security-bulletins/rss/2026-007-aws/
https://www.helpnetsecurity.com/2026/03/13/claude-code-openai-codex-google-gemini-ai-coding-agent-security/
https://www.schneier.com/blog/archives/2026/02/the-promptware-kill-chain.html
https://www.bleepingcomputer.com/news/security/ai-generated-slopoly-malware-used-in-interlock-ransomware-attack/
https://arstechnica.com/security/2026/03/supply-chain-attack-using-invisible-code-hits-github-and-other-repositories/
https://www.microsoft.com/en-us/security/blog/2026/03/06/ai-as-tradecraft-how-threat-actors-operationalize-ai/
https://www.theguardian.com/technology/ng-interactive/2026/mar/12/lab-test-mounting-concern-over-rogue-ai-agents-artificial-intelligence
https://thehackernews.com/2026/03/microsoft-patches-84-flaws-in-march.html
https://www.cnbc.com/2026/03/13/elon-musk-xai-co-founders-spacex-ipo.html
https://www.foreignaffairs.com/united-states/americas-endangered-ai
Worried about AI security?
Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo
View all episodes
By Jeremy SnyderIn this episode for March 19, 2026, Jeremy breaks down a massive week where the line between "helpful AI" and "insider risk" continues to blur. From 87% vulnerability rates in AI-generated code to the rise of "Prompt-ware," the episode covers the accelerating operationalization of AI by both developers and nation-state adversaries.
Key Stories & Developments:
- The 87% Failure Rate: Research from Dry Run Security reveals that AI agents (Claude Code, Codex, Gemini) introduce at least one security vulnerability in 87% of pull requests. Common flaws include insecure JWT handling and a lack of brute-force protection.
- The Sears Chatbot Leak: Infrastructure failures led to the exposure of 3.7 million chat logs and 1.4 million audio files from Sears’ AI assistant, Samantha.
- "Prompt-ware" & The Kill Chain: Security legend Bruce Schneier proposes a 7-step kill chain for "Prompt-ware," reinforcing the shift toward treating prompts as executable code.
- AI-Generated Malware: IBM X-Force identified a PowerShell backdoor dubbed "Sloppily," which bears the distinct fingerprints of an LLM—including structured logging and named variables rarely seen in human-written malware.
- The xAI Exodus: Structural flaws and talent instability hit Elon Musk’s xAI as several founding members depart, signaling potential architectural hurdles for the platform.
- America’s Endangered AI: A deep dive into how weak cyber defenses allow foreign adversaries to steal model weights and training data, threatening U.S. tech dominance.
Episode Links
https://blog.rankiteo.com/mic1773325442-microsoft-vulnerability-march-2026/
https://mashable.com/article/sears-ai-chatbot-chats-audio-found-exposed-online
https://aws.amazon.com/security/security-bulletins/rss/2026-009-aws/
https://aws.amazon.com/security/security-bulletins/rss/2026-008-aws/
https://aws.amazon.com/security/security-bulletins/rss/2026-007-aws/
https://www.helpnetsecurity.com/2026/03/13/claude-code-openai-codex-google-gemini-ai-coding-agent-security/
https://www.schneier.com/blog/archives/2026/02/the-promptware-kill-chain.html
https://www.bleepingcomputer.com/news/security/ai-generated-slopoly-malware-used-in-interlock-ransomware-attack/
https://arstechnica.com/security/2026/03/supply-chain-attack-using-invisible-code-hits-github-and-other-repositories/
https://www.microsoft.com/en-us/security/blog/2026/03/06/ai-as-tradecraft-how-threat-actors-operationalize-ai/
https://www.theguardian.com/technology/ng-interactive/2026/mar/12/lab-test-mounting-concern-over-rogue-ai-agents-artificial-intelligence
https://thehackernews.com/2026/03/microsoft-patches-84-flaws-in-march.html
https://www.cnbc.com/2026/03/13/elon-musk-xai-co-founders-spacex-ipo.html
https://www.foreignaffairs.com/united-states/americas-endangered-ai
Worried about AI security?
Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo