Your house might be a botnet, your devs are leaking secrets and poems are breaking your AI guardrails


One of the most common tips for avoiding online scams is to only shop at reputable retailers. But what happens when those very retailers are turned into social engineering vectors? In this week’s episode of Security Intelligence, host Matt Kosinski and panelists Bryan Clark, Michelle Alvarez and Dave Bales talk about the streaming devices that promise to let you watch all your favorite shows for free—so long as you don’t mind turning your house into a botnet, that is. And to make matters worse, they’re often sold through legitimate online marketplaces.

We also cover:

  1. The Shai-Hulud worm is back and wreaking havoc on the software supply chain
  2. Developers leaking secrets and PII to unsecured, publicly available dev tools
  3. What the Gainsight data breach teaches us about cyberattack timelines
  4. How to jailbreak an AI model with the power of poetry
Chapters:
    • 00:00 – Intro
    • 1:34 - Shai-Hulud returns
    • 10:50 - Developers can’t keep a secret
    • 16:17 - Gainsight data breach hits 200 companies
    • 22:39 - Is your house a botnet?
    • 35:35 - Malicious poems break AI guardrails

    The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. 
    Wed, 10 December, 2025 10:00 AM CST (11:00 AM ET)

