For years, stolen credentials were king—the hacker’s attack vector of choice. Until now.&nbsp; The 2026 IBM X-Force Threat Intelligence Index reveals a surge in the exploitation of public-facing applications, overtaking identity-based attacks as the top initial access vector.&nbsp;&nbsp; Why are threat actors changing their tactics so dramatically—and what does it mean for defenders?&nbsp;&nbsp;In this episode of Security Intelligence, panelists Claire Nuñez, Chris Caridi and Joe Xatruch break down the biggest findings from the latest Threat Intelligence Index, plus:&nbsp;<ul><li>Infostealers that grab AI agents’ “souls”&nbsp;</li><li>Compromised packages that drop AI agents as malware&nbsp;</li><li>The AI infrastructure flaws we can’t seem to fix&nbsp;</li><li>Why threat intelligence is so siloed—and what we can do about it&nbsp;</li></ul> All that and more—on Security Intelligence.&nbsp; 00:00 - Intro&nbsp;1:17 - Threat Intelligence Index 2026&nbsp;&nbsp;16:22 - Stealing AI agents’ souls&nbsp;&nbsp;28:03 - AI infrastructure flaws&nbsp;&nbsp;36:36 - Threat intelligence made human&nbsp; &nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp; Follow the Security Intelligence podcast on your preferred platform →&nbsp;<a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;Explore the Threat Intelligence Index 2026 →&nbsp;<a href="https://www.ibm.com/reports/threat-intelligence#sipod" rel="noopener noreferrer" target="_blank">https://www.ibm.com/reports/threat-intelligence#sipod</a>&nbsp;&nbsp;&nbsp;&nbsp;

Claire Nuñez

Creative Director, X-Force Cyber Range 

Chris Caridi

Cyber Threat Analyst, X-Force Strategic Threat Analysis 

Joe Xatruch

CTM Chief Architect 

The 2026 IBM X-Force Threat Intelligence Index reveals surging app exploitation, AI credential theft and growing supply chain security risks. 

Exploits of public-facing apps are surging. Why?

Security Intelligence is a weekly news podcast for cybersecurity pros who need to stay ahead of fast-moving threats. Each week, we cover the latest threats, trend, and stories shaping the digital landscape, alongside expert insights that help make sense of it all. Whether you’re a builder, defender, business leader or simply curious about how to stay secure in a connected world, you’ll find timely updates and timeless principles in an accessible, engaging format. New episodes weekly on Wednesdays at 6am EST.

Security Intelligence

Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp; Valentine’s day might be over, but love is in the air.&nbsp; The love a scammer has for their victim’s wallet, that is.&nbsp; In this special episode of Security Intelligence, host Matt Kosinski sits down with Claire Nunez, Suja Viswesan, and Dave Bales to break down how modern romance scams actually work: from the “wrong number” text that starts an innocent chat, to long-con “pig butchering” schemes that use emotion, trust and time to extract money — often through crypto investment bait.&nbsp; The panel explains why anyone can fall for these scams, how breaches and public records can help scammers build convincing victim profiles and how AI is making the problem worse.&nbsp; Finally, the team gets practical: how to talk to a loved one who may be caught in a scam, how to remove stigma so people report faster and what organizations can do when a “personal” scam becomes a corporate risk.&nbsp; Key takeaways: Don’t respond to unknown numbers, treat online “investment opportunities” as a red flag and remember: if this happened to you, you’re not alone.&nbsp; &nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; Subscribe to the IBM Think newsletter → <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a>

Suja Viswesan 

Vice President, Security Products

Dave Bales

X-Force Incident Command 

Claire Nunez

Creative Director, IBM X-Force Cyber Range 

Romance scams are organized crime—now supercharged by AI and deepfakes. How they work, who they target, and how to protect yourself. 

Romance scams: How they work, how they win and what we do about it

Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a> Are enterprises moving too fast with AI—and breaking security in the process?&nbsp; In this episode of Security Intelligence, host Matt Kosinski is joined by Sridhar Muppidi, Nick Bradley and Jeff Crume to unpack a pivotal moment in cybersecurity.&nbsp; The panel dives into the rapid rise of AI agents and the growing risks of shadow AI in the enterprise, comparing open-source agent platforms like OpenClaw with proprietary models such as Claude Opus 4.6 and its new agent teams. We explore how speed-first AI adoption, unsecured agent implementations and weak separation of duties are creating new attack surfaces—and why executives may be unintentionally fueling the problem.&nbsp; The conversation also examines the recent Notepad++ supply chain breach as a warning sign of broader software inventory and supplier risk failures, and analyzes DragonForce’s attempt to reinvent ransomware as a scalable cartel business.&nbsp; Along the way, we keep returning to a key theme: Have we optimized for velocity at the expense of security?&nbsp; 00:00 -- Intro&nbsp;01:18 -- OpenClaw vs. Claude Opus 4.6&nbsp;15:05 -- Move fast. Break security?&nbsp;27:29 -- Notepad++ breach&nbsp;38:55 -- DragonForce ransomware cartel&nbsp; &nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; Subscribe to the IBM Think newsletter → <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120 " rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120 </a> #OpenClaw #ClaudeOpus #shadowAI #AIagentsecurity

Nick Bradley

Manager, X-Force Threat Intelligence 

Jeff Crume

Distinguished Engineer, Master Inventor, Data and AI Security Architect 

Sridhar Muppidi

IBM Fellow, CTO IBM Security 

OpenClaw and Claude Opus 4.6 present two different views of AI agents in the enterprise. On this episode, we dive into the security implications.  

OpenClaw and Claude Opus 4.6: Where is AI agent security headed?

OpenClaw and Moltbook are extremely cool. They're also extremely dangerous. And they tell us just how far AI agent security has to go.&nbsp; In this episode of Security Intelligence, Dave McGinnis, Seth Glasgow and Evelyn Anderson unpack how locally run AI agents are becoming a brand-new attack surface, and why defenders may be underestimating the risks. From misconfigured agent databases leaking API keys, to malicious “skills” that can quietly hijack trusted systems, we explore what happens when powerful AI tools are treated like just another app.&nbsp; We also dig into a growing signal problem across cybersecurity:&nbsp;&nbsp; <ul><li>Why AI-generated “slop” is overwhelming bug bounty programs.&nbsp;</li><li>Why NIST may stop enriching vulnerabilities in the National Vulnerability Database.&nbsp;</li></ul> Along the way, our panel debates a deeper question: Is AI a gift or a curse for security pros?&nbsp;&nbsp; All that and more on Security Intelligence&nbsp; 00:00 - Intro&nbsp;01:03 - OpenClaw and the AI agent attack surface&nbsp;16:49 - Will AI slop end bug bounties?&nbsp;26:49 - Big changes to NIST’s NVD&nbsp;35:27 - The problem with vibe coded malware&nbsp; The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; Subscribe for more AI and cybersecurity news → <a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a> Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>

Dave McGinnis

VP/Sr Partner, Global Cyber Threat Management 

Seth Glasgow 

Cyber Range Executive Advisor

Evelyn Anderson

CSS CTO, IBM Distinguished Engineer, IBM Master Inventor 

AI agents are the new attack surface. We explore agent security risks, AI bug bounty spam, NVD changes and how AI is breaking cybersecurity signals. 

What cybersecurity pros need to know about OpenClaw and Moltbook

AI-generated malware has officially arrived. But does it matter all that much?&nbsp; This week on Security Intelligence, Suja Viswesan, Dave Bales and Dustin Heywood join us to discuss VoidLink, which might just be the first thoroughly documented case of a malware framework generated with significant AI help. The question is: What really changes when malware is no longer the handiwork of human hackers?&nbsp; We also explore the World Economic Forum’s Global Cybersecurity Outlook 2026, where CEOs and CISOs are split on what they fear most: cyber fraud or ransomware? Then we cover the debate over data protection vs. service resilience, and we dig into the takedown of RedVDS, a major player in the cybercrime-as-a-service supply chain.&nbsp; Finally, we reflect on the 40th anniversary of “The Hacker Manifesto,” asking what’s changed—and what hasn’t—in hacker culture.&nbsp; All that and more on Security Intelligence&nbsp; 00:00 -- Introduction01:40 -- CEOs vs. CISOs: 2026 cyberthreats&nbsp;&nbsp;11:10 -- VoidLink: Documented AI malware&nbsp;&nbsp;19:28 -- Are we too worried about our data?&nbsp;&nbsp;27:28 -- Cybercrime supply chains&nbsp;&nbsp;34:05 -- 40 years of hacking culture&nbsp; &nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp;Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;Learn more about cybersecurity → <a href="https://www.ibm.com/think/podcasts/techsplainers#tabs-fw-44e285b2cc-item-df35f5fbab-tab" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/techsplainers#tabs-fw-44e285b2cc-item-df35f5fbab-tab</a> &nbsp;

Suja Viswesan

Vice President, Security Products 

Dustin Heywood

Executive Managing Hacker, Senior Technical Staff Member 

Dave Bales,

Does it matter if AI writes malware? Plus: cyber fraud vs. ransomware, data protection vs. cyber resilience and The Hacker Manifesto. 

The newest AI malware vs. 40 years of hacker culture

AI has changed the speed of cyberattacks. But it hasn’t changed the most important variable: people.&nbsp; In this episode of Security Intelligence, panelists Jake Paulson, Stephanie Carruthers and Matt Cerny dig into how AI-driven threats—phishing, deepfakes and disinformation—are reshaping the cyberthreat landscape. Organizations, too, are adopting AI tools to help detect these attacks.&nbsp; But even in the era of AI, people are ultimately our first and last lines of defense. And all too often, we don’t give them what they need to succeed. How do we help human beings adapt to the increased speed, scale and impact of AI threats?&nbsp; The answer, our panel argues, isn’t more checkbox training or prettier slides. It’s realistic, immersive training that builds muscle memory, confidence under stress and decision-making skills for moments when things don’t go according to plan.&nbsp; We talk about:&nbsp; <ul><li>00:00 -- Introduction&nbsp;</li><li>01:48 -- AI phishing, deepfakes and modern social engineering tactics&nbsp;</li><li>09:19 -- Why humans are still the primary attack surface—and the strongest defense&nbsp;</li><li>17:03 -- The difference between tabletop exercises and cyber range training&nbsp;</li><li>22:00 -- How immersive simulations prepare teams for real incident response pressure&nbsp;</li><li>42:00 -- Why preparedness matters more than awareness in the age of AI attacks&nbsp;</li></ul> Because when AI accelerates attacks, training determines the outcome.&nbsp; All that and more on Security Intelligence.&nbsp; The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp; #cybersecuritytraining #AIcyberthreats #AIphishing #AIcyberattacks Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>Learn more about the cyber range → <a href="https://www.ibm.com/think/topics/cyber-range" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/topics/cyber-range</a>Discover how AI training can support your business → <a href="https://www.ibm.com/services/xforce-cyber-range" rel="noopener noreferrer" target="_blank">https://www.ibm.com/services/xforce-cyber-range</a>

Stephanie Carruthers

Global Head of Cyber Range, Chief People Hacker, X-Force 

Matt Cerny

Director, Cyber Security at Integra LifeSciences 

Jake Paulson

Deputy Head of X-Force 

Cybersecurity training is more important than ever in the age of AI cyberattacks. But we have to get it right. 

Most cybersecurity training doesn’t work. Can we change that?

Between LockBit, RansomHub and BlackSuit, law enforcement racked up some big wins against ransomware gangs last year. So why aren’t the attacks letting up?&nbsp;&nbsp;&nbsp;In this episode of Security Intelligence, panelists JR Rao, Jeff Crume and Michelle Alavarez unpack what the state of ransomware in 2025 really looked like, and why things haven’t slowed things down as much as we might hope.&nbsp;&nbsp;&nbsp;&nbsp;Then, we turn to identity security and cloud breaches as we consider the striking case of Zestix, the lone threat actor linked to breaches at 50 global enterprises. And all he needed were some passwords.&nbsp;&nbsp;&nbsp;&nbsp;From there, we look at what the future of hacking might hold. Palo Alto’s Wendi Whitmore issued a warning about how AI agents could become devastating insider threats, and security researchers at GEEKCon demonstrated how AI-powered robots can be hijacked using voice commands alone, turning prompt injection into a physical-world security risk.&nbsp;&nbsp;&nbsp;It’s a niche scenario today. But is it also a preview of what happens when AI, robotics and operational technology collide?&nbsp;&nbsp;Listen to Security Intelligence to find out.&nbsp;&nbsp;&nbsp;00:00 -- Introduction&nbsp;01:05 -- Ransomware in 2026&nbsp;&nbsp;09:26 -- Zestix linked to 50 hacks&nbsp;&nbsp;18:42 -- AI agents as insider threats&nbsp;&nbsp;31:20 -- Hacking humanoid robots&nbsp;&nbsp;The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.&nbsp;&nbsp;Subscribe to the IBM Think newsletter →&nbsp;<a href="https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120" rel="noopener noreferrer" target="_blank">https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120</a>&nbsp;Explore the podcast → <a href="https://www.ibm.com/think/podcasts/security-intelligence" rel="noopener noreferrer" target="_blank">https://www.ibm.com/think/podcasts/security-intelligence</a>&nbsp;&nbsp;

JR Rao

IBM Fellow, CTO Security Research 

Distinguished Engineer, Master Inventor, AI and Data Security 

Michelle Alvarez

Why ransomware persists, MFA still fails, and AI agents may become insider threats—plus a look at voice-hacked robots. 

IBM

Recent Episodes

SEASON 1

Exploits of public-facing apps are surging. Why?

Romance scams: How they work, how they win and what we do about it

OpenClaw and Claude Opus 4.6: Where is AI agent security headed?

What cybersecurity pros need to know about OpenClaw and Moltbook

The newest AI malware vs. 40 years of hacker culture

Most cybersecurity training doesn’t work. Can we change that?

Ransomware whack-a-mole, AI agents as insider threats and how to hack a humanoid robot

About The Show

Security Intelligence

Matt Kosinski

Host