AI Security Ops cover art

AI Security Ops

AI Security Ops

By: Black Hills Information Security
Listen for free

About this listen

 Join in on weekly podcasts that aim to illuminate how AI transforms cybersecurity—exploring emerging threats, tools, and trends—while equipping viewers with knowledge they can use practically (e.g., for secure coding or business risk mitigation).© 2025 Black Hills Information Security Politics & Government
Episodes
  • A.I. Frameworks and Databases | Episode 37

    A.I. Frameworks and Databases | Episode 37
    Jan 30 2026

    In Episode 37 of AI Security Ops, the team breaks down the most important AI security frameworks and vulnerability databases used to track risks in machine learning and large language models. The discussion covers emerging AI vulnerability databases, the OWASP Top 10 for LLMs, CVE challenges, and frameworks like MITRE ATLAS, highlighting why standardizing AI threats is still difficult. This episode is a practical guide for security professionals looking to stay ahead of AI vulnerabilities, attack techniques, and defensive resources in a fast-moving landscape.

    Chapters

    • (00:00) - Episode 37 – AI Frameworks & Databases
    • (01:39) - A.I. vulnerability tracking is still young
    • (02:44) - Should A.I. get its own vulnerability database?
    • (07:33) - The benefit of multiple vulnerability databases
    • (15:58) - The what is the definition of a vulnerability?
    • (17:54) - Final Thoughts

    Brought to you by:

    Black Hills Information Security

    https://www.blackhillsinfosec.com


    Antisyphon Training

    https://www.antisyphontraining.com/


    Active Countermeasures

    https://www.activecountermeasures.com


    Wild West Hackin Fest

    https://wildwesthackinfest.com

    🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
    https://poweredbybhis.com

    Show More Show Less
    19 mins
  • AI News Stories | Episode 36

    AI News Stories | Episode 36
    Jan 22 2026
    This week on AI Security Ops, the team breaks down how attackers are weaponizing AI and the tools around it: a critical n8n zero-day that can lead to unauthenticated remote code execution, prompt-injection “zombie agent” risks tied to ChatGPT memory, a zero-click-style indirect prompt injection scenario via email/URLs, and malicious Chrome extensions caught siphoning ChatGPT/DeepSeek chats at scale. They close with a reminder that the tactics are often “same old security problems,” just amplified by AI—so lock down orchestration, limit browser extensions, and keep sensitive data out of chat tools.Key stories discussed1) n8n (“n-eight-n”) zero-day → unauthenticated RCE riskhttps://thehackernews.com/2026/01/critical-n8n-vulnerability-cvss-100.htmlThe hosts discuss a critical flaw in the n8n workflow automation platform where a workflow-parsing HTTP endpoint can be abused (via a crafted JSON payload) to achieve remote code execution as the n8n service account. Because automation/orchestration platforms often have broad internal access, one compromise can cascade quickly across an organization’s automation layer. ai-news-stories-episode-36Practical takeaway: don’t expose orchestration platforms directly to the internet; restrict who/what can talk to them; treat these “glue” systems as high-impact targets and assess them like any other production system. ai-news-stories-episode-362) “Zombie agent” prompt injection via ChatGPT Memoryhttps://www.darkreading.com/endpoint-security/chatgpt-memory-feature-prompt-injectionThe team talks about research describing an exploit that stores malicious instructions in long-term memory, then later triggers them with a benign prompt—leading to potential data leakage or unsafe tool actions if the model has integrations. The discussion frames this as “stored XSS vibes,” but harder to solve because the “feature” (following instructions/context) is also the root problem. ai-news-stories-episode-36User-side mitigation themes: consider disabling memory, keep chats cleaned up, and avoid putting sensitive data into chat tools—especially when agents/tools are involved. ai-news-stories-episode-363) “Zero-click” agentic abuse via crafted email/URL (indirect prompt injection)https://www.infosecurity-magazine.com/news/new-zeroclick-attack-chatgpt/Another story describes a crafted URL delivered via email that could trigger an agentic workflow (e.g., email summarization / agent actions) to export chat logs without explicit user interaction. The hosts largely interpret this as indirect prompt injection—a pattern they expect to keep seeing as assistants gain more connectivity. ai-news-stories-episode-36Key point: even if the exact implementation varies, auto-processing untrusted content (like email) is a persistent risk when the model can take actions or access history. ai-news-stories-episode-364) Malicious Chrome extensions stealing ChatGPT/DeepSeek chats (900k users)https://thehackernews.com/2026/01/two-chrome-extensions-caught-stealing.htmlTwo Chrome extensions posing as AI productivity tools reportedly injected JavaScript into AI web UIs, scraped chat text from the DOM, and exfiltrated it—highlighting ongoing extension supply-chain risk and the reality that “approved store” doesn’t mean safe. ai-news-stories-episode-36Advice echoed: minimize extensions, separate browsers/profiles for sensitive activities, and treat “AI sidebar” tools with extra skepticism. ai-news-stories-episode-365) APT28 credential phishing updated with AI-written lureshttps://thehackernews.com/2026/01/russian-apt28-runs-credential-stealing.htmlThe closing story is a familiar APT pattern—phishing emails with malicious Office docs leading to PowerShell loaders and credential theft—except the lure text is AI-generated, making it more consistent/convincing (and harder for users to spot via grammar/tone). ai-news-stories-episode-36The conversation stresses that “don’t click links” guidance is oversimplified; verification and layered controls matter (e.g., disabling macros org-wide). ai-news-stories-episode-36Chapter Timestamps(00:00) - Intro & Sponsors(01:16) - 1) n8n zero-day → unauthenticated RCE(09:00) - 2) “Zombie agent” prompt injection via ChatGPT Memory(19:52) - 3) “Zero-click” style agent abuse via crafted email/URL (indirect prompt injection)(23:41) - 4) Malicious Chrome extensions stealing ChatGPT/DeepSeek chats (~900k users)(29:59) - 5) APT28 phishing refreshed with AI-written lures(34:15) - Closing thoughts: “AI genie is out of the bottle” + safety remindersBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com
    Show More Show Less
    35 mins
  • 2026 Predictions | Episode 35

    2026 Predictions | Episode 35
    Jan 8 2026

    AI Security Ops | Episode 35 – 2026 Predictions

    In this episode, the BHIS panel looks into the crystal ball and shares bold predictions for AI in 2026—from energy constraints and drug development breakthroughs to agentic AI risks and cybersecurity threats.

    Chapters

    • (00:00) - Intro & Sponsor Shoutouts
    • (01:14) - Prediction: Grid Power Becomes the Bottleneck
    • (10:27) - Prediction: FDA Qualifies AI Drug Development Tools
    • (15:45) - Prediction: Nation-State Threat Actors Weaponize AI
    • (17:33) - Prediction: Agentic AI Dominates App Development
    • (23:07) - Closing Thoughts: Jobs, Risk & Opportunity

    🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –

    https://poweredbybhis.com



    Brought to you by:

    Black Hills Information Security

    https://www.blackhillsinfosec.com


    Antisyphon Training

    https://www.antisyphontraining.com/


    Active Countermeasures

    https://www.activecountermeasures.com


    Wild West Hackin Fest

    https://wildwesthackinfest.com


    ----------------------------------------------------------------------------------------------

    Joff Thyer - https://blackhillsinfosec.com/team/joff-thyer/

    Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/

    Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/

    Bronwen Aker - http://blackhillsinfosec.com/team/bronwen-aker/

    Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/
    Show More Show Less
    25 mins
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.