AI is creeping into every part of software development — including CI/CD pipelines — and attackers are already abusing it.In this episode of the Secure Disclosure Podcast, we break down:A brand-new vulnerability class called Prompt Pwn, where prompt injection inside GitHub Actions can leak secrets and compromise supply chainsA sophisticated malvertising campaign targeting developers via GitHub Pages and Docker HubAnd the reality behind the cybersecurity job market: is there a skills shortage, a hiring freeze, or both?Featuring security researcher Rein Daelman on AI-driven CI/CD risks, and recruiter Barry Prost on how AI is reshaping cybersecurity hiring, skills, and careers.If you care about AppSec, DevOps, supply chain security, or breaking into cybersecurity in 2025, this one’s for you.More information PromptPwn - https://www.aikido.dev/blog/promptpwnd-github-actions-ai-agents Guiest Linkedin - https://www.linkedin.com/in/rein-daelman/Rent a Recruiter - https://rentarecruiter.com/Guest LinkedIn Barry Prost - https://www.linkedin.com/in/barryprost/Sponsors Aikido Security - https://aikido.devChapters00:00 – Intro02:00 – AI prompt injection in CI/CD, GitHub Actions, Prompt Pwn12:09 – Sponsor Segment12:59 – Malvertising campaigns targeting devs16:39 – Cybersecurity job market with Barry Prost

In this episode of Secure Disclosure, we break down two major cyber-security incidents shaking the industry.First, researcher Charlie Eriksen joins us to reveal how the Shai Hulud “The Second Coming” worm compromised over 800 NPM packages and triggered 30,000+ secret-filled GitHub repos and why the worm can even wipe your machine when containment fails.Then, we sit down with Jérémy Sicon and Quentin Bourgue from sekoia.io to uncover a highly sophisticated phishing campaign abusing Booking.com accounts using PureRAT malware and a sprawling criminal ecosystem.Subscribe for weekly deep dives into the threats shaping our digital world.00:00 – Introduction01:03 – Shahalude: The Second Coming17:07 – Sponsored Segment (Aikido SafeChain)17:10 – Malware-for-Hire: Booking.com Phishing Operation

In this episode of Secure Disclosure, Mackenzie Jackson digs into the surge of malicious VS Code extensions with researcher John Tuckner, founder of Secure Annex. We break down how attackers are shifting toward targeting developers themselves, explore real-world malicious extensions like Ransom Vibe and Sleepy Duck, and discuss why marketplaces like Open VSX are struggling to keep malware out.We also cover new research on secret leaks in top AI companies, and in our Leaders & Legends segment, we speak with Vangelis Stykas (CTO & co-founder of Kumio) about the growing vulnerabilities inside global energy infrastructure, OT security gaps, and the rise of AI-powered pentesting.If you want insights on software supply chain risk, AI security, and critical infrastructure threats—this episode is for you.Links:RansomVibe Technical Blog: https://secureannex.com/blog/ransomvibe/SleepyDuck Technical Blog: https://secureannex.com/blog/sleepyduck-malwareWiz Secrets Inside AI top 50 Research: https://www.wiz.io/blog/forbes-ai-50-leaking-secretsChapters 00:00 — Intro01:07 — Malicious VS Code Extensions (with John Tuckner)15:31 — Secrets Leaking in AI Repositories18:55 — Sponsor Segment19:55 — Leaders & Legends: Securing Critical Infrastructure