AI Security Ops – Details, episodes &amp; analysis

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

Click here to view the episode transcript.

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Claude Mythos | Episode 49

Episode 49

vendredi 24 avril 2026 • Duration 25:40

In this episode of BHIS Presents: AI Security Ops, the team breaks down Claude Mythos Preview — Anthropic’s unreleased frontier model that may represent a turning point in AI-powered cybersecurity.

What started as a controlled research release under Project Glasswing has quickly become one of the most controversial developments in AI security. Mythos isn’t just better at finding vulnerabilities — it’s operating at a scale and depth that challenges long-held assumptions about how quickly software can be broken… and whether it can realistically be fixed.

From leaked internal documents to real-world exploit generation, this episode explores what happens when vulnerability discovery becomes cheap, fast, and automated — while remediation remains slow, manual, and human-bound.

The result? A growing asymmetry that could fundamentally reshape the security landscape.

We dig into:
• What Claude Mythos Preview is and why it was withheld from the public
• The leaks that exposed its existence and capabilities
• How Project Glasswing is positioning AI for defensive use
• Real-world vulnerability discoveries made by the model
• The “vulnpocalypse” problem: discovery vs. remediation imbalance
• Emerging AI behaviors that raise containment concerns
• How attackers are already leveraging AI for offensive operations
• The access control dilemma: who gets to use models like this?
• Why patching — not discovery — is now the primary bottleneck
• What defenders must do to prepare for AI-accelerated exploitation

This episode explores a critical shift in cybersecurity: when vulnerability discovery scales faster than human response, the entire defensive model starts to break down.

⸻

📚 Key Concepts & Topics

AI-Powered Vulnerability Discovery
• Autonomous exploit generation and chaining
• Benchmark performance vs. prior models
• AI-assisted offensive security workflows

AI Security Risks
• Discovery vs. remediation asymmetry
• AI-driven vulnerability scaling
• Offensive use by nation-states and cybercriminals

Model Behavior & Safety
• Emergent autonomy and sandbox escape concerns
• Evaluation awareness and deceptive behaviors
• Limits of containment and alignment

Defensive Strategy & Readiness
• Patch velocity as the new bottleneck
• AI-assisted vulnerability management
• Open-source ecosystem risk exposure

AI Governance & Industry Response
• Restricted model releases and access control
• Regulatory and financial sector concerns
• The future of AI capability containment

#AISecurity #CyberSecurity #ArtificialIntelligence #LLMSecurity #BHIS #AIThreats #InfoSec #AIAgents #CyberDefense

(00:00) - Intro & Show Overview

(01:00) - Sponsors, Hosts, and Episode Setup

(01:53) - What Is Claude Mythos Preview?

(03:04) - The Leak, Project Glasswing, and Restricted Access

(07:53) - Capabilities: Exploits, Benchmarks, and Breakthroughs

(09:16) - Real-World Vulnerabilities & “Vulnpocalypse” Concerns

(14:47) - Access Control, Threat Actors, and Emerging Risks

(21:38) - Defensive Strategy: Patching, AI Tools, and What Comes Next

(23:08) - Defensive Strategy: Patching, AI Tools, and What Comes Next

Click here to watch this episode on YouTube.

Creators & Guests

Derek Banks - Host

Bronwen Aker - Host

Brian Fehrman - Host

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

Click here to view the episode transcript.

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

AI in the SOC: Interview with Hayden Covington and Ethan Robish from the BHIS SOC | Episode 40

Episode 40

vendredi 20 février 2026 • Duration 29:28

AI in the SOC: Interview with Hayden Covington and Ethan Robish from the BHIS SOC | Episode 40

In this episode of BHIS Presents: AI Security Ops, we sit down with Hayden Covington and Ethan Robish from the BHIS Security Operations Center (SOC) to explore how AI is actually being used in modern defensive operations.

From foundational machine learning techniques like statistical baselining and clustering to large language models assisting with alert triage and reporting, we dig into what works, what doesn’t, and what SOC teams should realistically expect from AI today.

We break down:

- How AI helps reduce alert fatigue and improve triage
- Practical automation inside a real-world SOC
- The difference between traditional ML approaches and LLM-powered workflows
- Foundational techniques like K-means, anomaly detection, and behavioral baselining
- Using LLMs for enrichment, investigation, and report drafting
- Where AI struggles: hallucinations, inconsistency, and edge cases
- Risks around over-trusting AI in security operations
- How to responsibly integrate AI into analyst workflows

This episode is grounded in real operational experience—not vendor demos. If you’re running a SOC, building AI tooling, or just trying to separate hype from reality, this conversation will help you think clearly about augmentation vs. automation in defensive security.

(00:00) - Intro & Guest Introductions

(04:44) - Alert Triage & SOC Pain Points

(06:04) - Automation Inside the SOC

(09:59) - “Boring AI”: Clustering, Baselining & Statistics

(17:06) - AI-Assisted Reporting & Client Communication

(18:34) - Limitations, Edge Cases & Model Risk

(22:56) - Hallucinations & Inconsistent Outputs

(25:04) - AI Demos vs. Real-World Security Work

(28:35) - Final Thoughts & Closing

Click here to watch this episode on YouTube.

Creators & Guests

Hayden Covington - Guest

Ethan Robish - Guest

Bronwen Aker - Host

Derek Banks - Host

Brian Fehrman - Host

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

AI News | Episode 39

Episode 38

jeudi 12 février 2026 • Duration 18:08

AI News | Episode 39

In this episode of AI Security Ops, we break down the latest developments in AI-driven threats, identity chaos caused by autonomous agents, NIST’s focus on securing AI in critical infrastructure, and new visibility tooling for AI exposure.

We cover real-world abuse of LLMs for phishing, how AI agents are colliding with IAM governance, and what defenders should be watching right now.

Chapters:
00:00 – Introduction and Sponsors
Black Hills Information Security - https://www.blackhillsinfosec.com/
Antisyphon Training - https://www.antisyphontraining.com/

01:08 – LLM-Generated Phishing JavaScript (Unit 42 / Palo Alto)
Discussion begins as the hosts introduce the first story.
How LLMs are generating polymorphic malicious JavaScript for phishing pages and evading traditional detection.
👉 https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/

08:49 – AI Agents vs IAM: “Who Approved This Agent?” (Hacker News)
Conversation shifts to agent privilege management and governance failures.
👉 https://thehackernews.com/2026/01/who-approved-this-agent-rethinking.html

10:07 – NIST Focus on Securing AI Agents in Critical Infrastructure
Discussion on federal guidance and why AI agents are being treated as critical infrastructure risk components.
👉 https://www.linkedin.com/pulse/cybersecurity-institute-news-roundup-20-january-2026-entrust-alz7c

13:44 – Tenable One AI Exposure
Breaking down Tenable’s push into enterprise AI usage visibility and exposure management.
👉 https://www.tenable.com/blog/tenable-one-ai-exposure-secure-ai-usage-at-scale

Join the 5,000+ cybersecurity professionals on our BHIS Discord server to ask questions and share your knowledge about AI Security.
https://discord.gg/bhis

Chapters

(00:00) - Introduction and Sponsors
(01:08) - LLM-Generated Phishing JavaScript (Unit 42 / Palo Alto)
(10:07) - NIST Focus on Securing AI Agents in Critical Infrastructure
(13:44) - Tenable One AI Exposure

Creators & Guests

Brian Fehrman - Host
Bronwen Aker - Host

Click here to watch this episode on YouTube.

----------------------------------------------------------------------------------------------
About Joff Thyer - https://www.blackhillsinfosec.com/team/joff-thyer/
About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/
About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/
About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/
About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

Click here to view the episode transcript.

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Questions From the Community | Episode 38

Episode 39

jeudi 5 février 2026 • Duration 16:35

Click here to watch this episode on YouTube.

Creators & Guests

Brian Fehrman - Host

Joff Thyer - Host

Derek Banks - Host

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

Click here to view the episode transcript.

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

A.I. Frameworks and Databases | Episode 37

Episode 37

vendredi 30 janvier 2026 • Duration 18:50

In Episode 37 of AI Security Ops, the team breaks down the most important AI security frameworks and vulnerability databases used to track risks in machine learning and large language models. The discussion covers emerging AI vulnerability databases, the OWASP Top 10 for LLMs, CVE challenges, and frameworks like MITRE ATLAS, highlighting why standardizing AI threats is still difficult. This episode is a practical guide for security professionals looking to stay ahead of AI vulnerabilities, attack techniques, and defensive resources in a fast-moving landscape.

Chapters

(00:00) - Episode 37 – AI Frameworks & Databases
(01:39) - A.I. vulnerability tracking is still young
(02:44) - Should A.I. get its own vulnerability database?
(07:33) - The benefit of multiple vulnerability databases
(15:58) - The what is the definition of a vulnerability?
(17:54) - Final Thoughts

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

AI News Stories | Episode 36

Episode 36

jeudi 22 janvier 2026 • Duration 35:16

This week on AI Security Ops, the team breaks down how attackers are weaponizing AI and the tools around it: a critical n8n zero-day that can lead to unauthenticated remote code execution, prompt-injection “zombie agent” risks tied to ChatGPT memory, a zero-click-style indirect prompt injection scenario via email/URLs, and malicious Chrome extensions caught siphoning ChatGPT/DeepSeek chats at scale. They close with a reminder that the tactics are often “same old security problems,” just amplified by AI—so lock down orchestration, limit browser extensions, and keep sensitive data out of chat tools.

Key stories discussed

1) n8n (“n-eight-n”) zero-day → unauthenticated RCE risk

https://thehackernews.com/2026/01/critical-n8n-vulnerability-cvss-100.html
The hosts discuss a critical flaw in the n8n workflow automation platform where a workflow-parsing HTTP endpoint can be abused (via a crafted JSON payload) to achieve remote code execution as the n8n service account. Because automation/orchestration platforms often have broad internal access, one compromise can cascade quickly across an organization’s automation layer.
ai-news-stories-episode-36
Practical takeaway: don’t expose orchestration platforms directly to the internet; restrict who/what can talk to them; treat these “glue” systems as high-impact targets and assess them like any other production system.
ai-news-stories-episode-36

2) “Zombie agent” prompt injection via ChatGPT Memory

https://www.darkreading.com/endpoint-security/chatgpt-memory-feature-prompt-injection
The team talks about research describing an exploit that stores malicious instructions in long-term memory, then later triggers them with a benign prompt—leading to potential data leakage or unsafe tool actions if the model has integrations. The discussion frames this as “stored XSS vibes,” but harder to solve because the “feature” (following instructions/context) is also the root problem.
ai-news-stories-episode-36
User-side mitigation themes: consider disabling memory, keep chats cleaned up, and avoid putting sensitive data into chat tools—especially when agents/tools are involved.
ai-news-stories-episode-36

3) “Zero-click” agentic abuse via crafted email/URL (indirect prompt injection)

https://www.infosecurity-magazine.com/news/new-zeroclick-attack-chatgpt/
Another story describes a crafted URL delivered via email that could trigger an agentic workflow (e.g., email summarization / agent actions) to export chat logs without explicit user interaction. The hosts largely interpret this as indirect prompt injection—a pattern they expect to keep seeing as assistants gain more connectivity.
ai-news-stories-episode-36
Key point: even if the exact implementation varies, auto-processing untrusted content (like email) is a persistent risk when the model can take actions or access history.
ai-news-stories-episode-36

4) Malicious Chrome extensions stealing ChatGPT/DeepSeek chats (900k users)

https://thehackernews.com/2026/01/two-chrome-extensions-caught-stealing.html
Two Chrome extensions posing as AI productivity tools reportedly injected JavaScript into AI web UIs, scraped chat text from the DOM, and exfiltrated it—highlighting ongoing extension supply-chain risk and the reality that “approved store” doesn’t mean safe.
ai-news-stories-episode-36
Advice echoed: minimize extensions, separate browsers/profiles for sensitive activities, and treat “AI sidebar” tools with extra skepticism.
ai-news-stories-episode-36

5) APT28 credential phishing updated with AI-written lures

https://thehackernews.com/2026/01/russian-apt28-runs-credential-stealing.html
The closing story is a familiar APT pattern—phishing emails with malicious Office docs leading to PowerShell loaders and credential theft—except the lure text is AI-generated, making it more consistent/convincing (and harder for users to spot via grammar/tone).
ai-news-stories-episode-36
The conversation stresses that “don’t click links” guidance is oversimplified; verification and layered controls matter (e.g., disabling macros org-wide).
ai-news-stories-episode-36

Chapter Timestamps

(00:00) - Intro & Sponsors
(01:16) - 1) n8n zero-day → unauthenticated RCE
(09:00) - 2) “Zombie agent” prompt injection via ChatGPT Memory
(19:52) - 3) “Zero-click” style agent abuse via crafted email/URL (indirect prompt injection)
(23:41) - 4) Malicious Chrome extensions stealing ChatGPT/DeepSeek chats (~900k users)
(29:59) - 5) APT28 phishing refreshed with AI-written lures
(34:15) - Closing thoughts: “AI genie is out of the bottle” + safety reminders

Click here to watch a video of this episode.
Creators & Guests

Brian Fehrman - Host
Bronwen Aker - Host
Derek Banks - Host

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

https://poweredbybhis.com

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

2026 Predictions | Episode 35

Episode 35

jeudi 8 janvier 2026 • Duration 24:50

AI Security Ops | Episode 35 – 2026 Predictions

In this episode, the BHIS panel looks into the crystal ball and shares bold predictions for AI in 2026—from energy constraints and drug development breakthroughs to agentic AI risks and cybersecurity threats.

Chapters

(00:00) - Intro & Sponsor Shoutouts
(01:14) - Prediction: Grid Power Becomes the Bottleneck
(10:27) - Prediction: FDA Qualifies AI Drug Development Tools
(15:45) - Prediction: Nation-State Threat Actors Weaponize AI
(17:33) - Prediction: Agentic AI Dominates App Development
(23:07) - Closing Thoughts: Jobs, Risk & Opportunity

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest

https://poweredbybhis.com

----------------------------------------------------------------------------------------------

Joff Thyer - https://blackhillsinfosec.com/team/joff-thyer/

Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/

Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/

Bronwen Aker - http://blackhillsinfosec.com/team/bronwen-aker/

Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/

AI Security Ops - Why Did We Create This Podcast? | Podcast Trailer

Episode 1

mercredi 24 décembre 2025 • Duration 03:53

Join the 5,000+ cybersecurity professionals on our BHIS Discord server to ask questions and share your knowledge about AI Security.
https://discord.gg/bhis

AI Security Ops | Episode 34 – Why Did We Create This Podcast?
In this episode, the BHIS team explains the purpose behind AI Security Ops, what you can expect from future episodes, and why this show matters for anyone at the intersection of AI and cybersecurity.

Chapters

(00:00) - Intro & Welcome
(00:13) - Why We Started AI Security Ops
(00:41) - Our Mission: Stay Informed & Ahead
(00:56) - What We Cover: AI News & Insights
(01:23) - Community Q&A & Real-World Scenarios
(02:18) - Special Guests & Industry Leaders
(02:41) - Demos, How-Tos & Practical Tips
(03:07) - Who Should Listen & Why Subscribe
(03:34) - Join the Conversation & Closing

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –

Brought to you by:

Black Hills Information Security

Antisyphon Training

Active Countermeasures

Wild West Hackin Fest