Episode 13: Malicious VS Code Extensions & The Future of AI Security

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/c9/a9/16/c9a9164e-d900-5027-7149-9aba9b1a8dba/mza_5797065989387187777.jpg/600x600bb.jpg

The Secure Disclosure

Mackenzie Jackson

12 episodes

6 days ago

Cyber, Sake, News, Research and more The Disclosure is a weekly cybersecurity podcast that brings the latest in news, research, and leaders into a 45-minute podcast. Hosted by Mackenzie Jackson, we bring new guests each week to share their research and expertise in the space.

Technology

RSS

All content for The Secure Disclosure is the property of Mackenzie Jackson and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/44244469/44244469-1755199569666-4c615cb139fa1.jpg

Episode 13: Malicious VS Code Extensions & The Future of AI Security

The Secure Disclosure

55 minutes 55 seconds

6 days ago

Episode 13: Malicious VS Code Extensions & The Future of AI Security

In this episode of Secure Disclosure, host Mackenzie Jackson explores the growing threat of malicious VS Code extensions with Rami McCarthy from Wiz and Charlie Eriksen from Aikido Security, diving into how leaked secrets and clever obfuscation put developers at risk. Later, Patrick Debois, the “Godfather of DevOps,” joins to discuss the rise of AI-native development, how it mirrors past DevOps shifts, and what it means for the future of secure software.Links: Original Post from Aikido: https://www.linkedin.com/feed/update/urn:li:activity:7384986044867256320Wiz Security Research on VS Code https://www.wiz.io/blog/supply-chain-risk-in-vscode-extension-marketplaces Rami McCarthy LinkedIn: https://www.linkedin.com/in/ramimac/Patrick Debois LinkedIn: https://www.linkedin.com/in/patrickdebois/Charlie Erkson Linkedin: https://www.linkedin.com/in/charlie-eriksen-a318578/Chapters00:00 — Introduction01:10 — Malicious VS Code Extensions06:00 — Leaked Secrets & Supply Chain Risk15:00 — npm Security Updates & SafeChain19:00 — The Future of AI Development