Read the Threat Intelligence Index 2026 | Download the report

Exploits of public-facing apps are surging. Why?

For years, stolen credentials were king—the hacker’s attack vector of choice. Until now. The 2026 IBM X-Force Threat Intelligence Index reveals a surge in the exploitation of public-facing applications, overtaking identity-based attacks as the top initial access vector. Why are threat actors changing their tactics so dramatically—and what does it mean for defenders? 
 
In this episode of Security Intelligence, panelists Claire Nuñez, Chris Caridi and Joe Xatruch break down the biggest findings from the latest Threat Intelligence Index, plus:

  • Infostealers that grab AI agents’ “souls”
  • Compromised packages that drop AI agents as malware
  • The AI infrastructure flaws we can’t seem to fix
  • Why threat intelligence is so siloed—and what we can do about it

All that and more—on Security Intelligence.

  • 00:00 - Intro
  • 1:17 - Threat Intelligence Index 2026 
  • 16:22 - Stealing AI agents’ souls 
  • 28:03 - AI infrastructure flaws 
  • 36:36 - Threat intelligence made human

The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.
Watch all the episodes
Subscribe now on your favorite platform YouTube Spotify Apple Podcasts Casted
IBM X-Force 2026 Threat Intelligence Index

In this episode of Security Intelligence, panelists Claire Nuñez, Chris Caridi and Joe Xatruch break down the biggest findings from the latest Threat Intelligence Index.

Explore more episodes

Security Intelligence Podcast
Romance scams: How they work, how they win and what we do about it
Security Intelligence Podcast
OpenClaw and Claude Opus 4.6: Where is AI agent security headed?
Security Intelligence Podcast
What cybersecurity pros need to know about OpenClaw and Moltbook
Security Intelligence Podcast
John Henry vs. the chatbot: Can humans outsmart AI scam artists?
Security Intelligence Podcast
The newest AI malware vs. 40 years of hacker culture
Security Intelligence Podcast
Most cybersecurity training doesn’t work. Can we change that?
Security Intelligence Podcast
Ransomware whack-a-mole, AI agents as insider threats and how to hack a humanoid robot
Security Intelligence Podcast imagery for promotional purposes
A new take on bug bounties, AI red teams and our New Year’s resolutions
Security Intelligence Podcast
Why it costs so much to get hacked in America
Security Intelligence Podcast
Cybersecurity’s year in review: ClickFix attacks, vibecoding vulnerabilities, shadow agents and more

You might also like

Weekly Mixture of Experts podcast
Google’s Gemini 3: AI agents, reasoning and search mode
Transformers Podcast cover
AI & cyber resilience: What every C-Suite must know
Techsplainers thumbnail
Whats is a data breach?
Techsplainers thumbnail
Techsplainers thumbnail
Techsplainers thumbnail
Related resources Explore the Threat Intelligence Index 2026 The 2026 Guide to Cybersecurity Cost of a Data Breach Report 2025

Take the next step in your cybersecurity journey

IBM Guardium

Secure critical enterprise data from both current and emerging risks, wherever it lives.

 Explore IBM Guardium
Data security and protection solutions

Protect enterprise data across its lifecycle and simplify compliance requirements               

 Explore security solutions
The 2026 Guide to Cybersecurity

Explore every facet of cybersecurity, from basic principles and attack types to cutting-edge tools and developing cyberthreats.  

 Learn more about cybersecurity
Take the next step!

Become an expert in all things cybersecurity and tech with IBM

 Subscribe to the Think newsletter Explore The 2026 Guide to Cybersecurity
Cyber security concept and internet privacy data protection Modern showing padlock protecting business and financial data to protect persona
Follow us on your preferred platform Apple podcasts Spotify YouTube