Masayuky

Security Shield Field

ここ最近(1ヶ月前後)の間にあったサイバーセキュリティに関するトピックについて、AI が説明します。Generative AI, IoT, プライバシーに関するトピックが多くなるかもしれません。

Auteur

Masayuky

Catégorie

News

Site du podcast

podcasters.spotify.com

Dernier épisode

24 juin 2026

Où écouter ?

Les podcasts dans l'appli Replaio Radio Bientôt disponible

Les podcasts arrivent très bientôt dans l'appli. Installe-la dès maintenant et découvre en avant-première une toute nouvelle façon de vivre les podcasts

Télécharger sur Google Play Installe-la gratuitement Android 5 M+ de téléchargements · note de 4,8 iOS bientôt

Épisodes

AIと開発基盤を襲う信頼の武器化 24.06.2026

https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk https://tanstack.com/blog/npm-supply-chain-compromise-postmortem https://www.infosecurity-magazine.com/news/agentjacking-attacks-hijack-ai/ https://www.infosecurity-magazine.com/news/github-update-npm-supply-chain/

CISA漏洩とAIを騙す手口 13.06.2026

https://www.404media.co/hackers-simply-asked-meta-ai-to-give-them-access-to-high-profile-instagram-accounts-it-worked/ https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ https://www.malwarebytes.com/blog/ai/2026/06/metas-ai-support-bot-happily-handed-instagram-accounts-to-hackers

AI でパンクする防衛の最前線 26.05.2026

https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/ https://awesomeagents.ai/news/pwn2own-berlin-2026-capacity-overflow/ https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth https://vercel.com/kb/bulletin/vercel-april-2026-security-incident https://www.meti.go.jp/shingikai/mono_info_service/ai_shakai_jisso/pdf/20260331_1...

次世代サイバーリスクの実態:悪意あるプロンプトから9秒でのデータベース消失まで 12.05.2026

- https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html?m=1 - https://blog.google/security/prompt-injections-web/ - https://www.tomshardware.com/tech-industry/artificial-intelligence/claude-powered-ai-coding-agent-deletes-entire-company-database-in-9-seconds-backups-zapped-after-cursor-tool-powered-by-anthropics-claude-goes-rogue - https://mysites.guru/blog/lets-encrypt-issua...

22秒で奪われる。Aを悪用したサイバー犯罪の急増 16.04.2026

- https://www.weforum.org/stories/2026/03/ai-global-cyber-fraud-roadmap/ - https://www.huntress.com/blog/openclaw-ai-agent-permissions-risk - https://www.govtech.com/blogs/lohrmann-on-cybersecurity/rsac-2026-highlights-from-agentic-ai-to-active-defense - https://github.com/axios/axios/issues/10636#issuecomment-4180237789

AI をスパイに変える見えないプロンプトの侵入 28.03.2026

https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-urges-endpoint-management-system-hardening-after-cyberattack-against-us-organization https://www.spiceworks.com/security/the-biggest-ai-threats-come-from-within-12-ways-to-defend-your-organization/ https://www.cybersecurity-insiders.com/hackerone-introduces-agentic-prompt-injection-testing-as-ai-security-risks-accelerate/ https://www.oasis.se...

5分で開発環境を乗っ取るAI 13.03.2026

https://safepasswordgenerator.net/blog/ai-password-security/ https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation https://cybersecuritynews.com/threat-actors-exploit-openvsx-aqua-trivy/ https://cloud.google.com/security/report/resources/cloud-threat-horizons-report-h1-2026?hl=ja

AI エージェントを狙う悪意のあるスキル 03.03.2026

- https://learn-cloudsecurity.cisco.com/2026-state-of-ai-security-report - https://snyk.io/blog/toxicskills-malicious-ai-agent-skills-clawhub/ - https://www.deloitte.com/ce/en/industries/technology/analysis/balancing-innovation-and-risk-how-ai-is-reshaping-cybersecurity.html

AIによるAWS乗っ取りとVibe-Coding OpenClaw の罠 18.02.2026

https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys https://www.theregister.com/2026/02/11/security_researcher_287_chrome_extensions_data_leak/

Social Engineering 27.01.2026

https://www.youtube.com/watch?v=X7O_S2zDzTQ https://www.youtube.com/watch?v=7KCMK-LY-WM

設定不備とシャドーAI_2026年ID管理の鍵 22.12.2025

https://www.securityboulevardchats.com/e/agentic-ai-and-the-new-cybersecurity-risk-model-security-boulevard-ep-12/ https://www.nist.gov/itl/applied-cybersecurity/special-publication-800-63 https://www.nist.gov/blogs/cybersecurity-insights/lets-get-digital-updated-digital-identity-guidelines-are-here https://aws.amazon.com/jp/blogs/security/amazon-threat-intelligence-identifies-russian-cyber-threat...

AI、サプライチェーン、そして発信者番号偽装の三重脅威 01.12.2025

https://www.helpnetsecurity.com/2025/10/29/agentic-ai-security-indirect-prompt-injection/ https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomains https://www.itmedia.co.jp/news/articles/2511/21/news132.html

通信インフラを狙う脅威 05.11.2025

https://www.telecomtv.com/content/security/nokia-report-reveals-alarming-extent-of-telco-cybersecurity-threats-53994/ https://www.theregister.com/2025/10/08/telecoms_wholesaler_icuk_restores_services/ https://www.itnews.com.au/news/travel-esims-secretly-route-traffic-over-chinese-and-undisclosed-networks-study-619659

IPA: 脆弱性診断内製化ガイド(sample movie) 19.10.2025

https://www.ipa.go.jp/jinzai/ics/core_human_resource/final_project/2025/Vulnerability-assessment.html

MCPのセキュリティとDiscord のサードパーティサービスインシデント 17.10.2025

https://discord.com/press-releases/update-on-security-incident-involving-third-party-customer-service https://www.youtube.com/watch?v=BAjaQjsfI9A

AI脅威の連鎖、クラウドエッジのリスク、および令和7年上半期の国際的な犯罪情勢 02.10.2025

https://www.npa.go.jp/publications/statistics/cybersecurity/data/R7kami/R07_kami_cyber_jyosei.pdf https://www.bbc.com/news/articles/cn4w0d8zz22o https://www.helpnetsecurity.com/2025/08/27/ai-security-map-linking-vulnerabilities-real-world-impact/ https://www.darkreading.com/cloud-security/cloud-edge-new-attack-surface

AIの兵器化と8月・9月のサプライチェーン攻撃 25.09.2025

https://www.anthropic.com/news/detecting-countering-misuse-aug-2025 https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7p-598c?s=31 https://arcticwolf.com/resources/blog/wormable-malware-causing-supply-chain-compromise-of-npm-code-packages/

AI兵器化サプライチェーン攻撃、eSIMの隠れた危険、そして大規模データ窃盗の脅威 10.09.2025

https://www.securityweek.com/hackers-target-popular-nx-build-system-in-first-ai-weaponized-supply-chain-attack/ https://www.wiz.io/blog/s1ngularitys-aftermath https://www.wiz.io/blog/s1ngularity-supply-chain-attack https://www.itnews.com.au/news/travel-esims-secretly-route-traffic-over-chinese-and-undisclosed-networks-study-619659 https://cloud.google.com/blog/topics/threat-intelligence/data-theft...

AIを静かに乗っ取る「間接プロンプトインジェクション攻撃」の脅威 25.08.2025

https://futurism.com/hackers-trick-chatgpt-personal-data https://www.prnewswire.com/news-releases/zenity-labs-exposes-widespread-agentflayer-vulnerabilities-allowing-silent-hijacking-of-major-enterprise-ai-agents-circumventing-human-oversight-302523580.html https://gbhackers.com/nist-releases-new-control-overlays/#google_vignette

AI時代のソフトウェアセキュリティ動向 20.08.2025

https://github.com/microsoft/wassette https://thenewstack.io/python-exposes-phantom-dependencies-with-sbom-screening/ https://thenewstack.io/experts-split-on-ai-reviewing-its-own-code-for-security/

AIツールの新脅威から忘れられたレガシーの危険まで:デジタル環境を守るセキュリティ最前線 10.08.2025

https://www.aim.security/lp/aim-labs-curxecute-blogpost https://support.microsoft.com/en-us/topic/external-workbook-links-to-blocked-file-types-will-be-disabled-by-default-6dd12903-0592-463d-9e68-0741cf62ee58 https://isc.sans.edu/diary/32166

AIハルシネーションとCursor を悪用した仮想通貨不正窃取 20.07.2025

https://www.livescience.com/technology/artificial-intelligence/ai-hallucinates-more-frequently-as-it-gets-more-advanced-is-there-any-way-to-stop-it-from-happening-and-should-we-even-try https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908/

Let's Encrypt IPアドレス用証明書と音声フィッシング詐欺 07.07.2025

https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/ https://cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion?hl=en

Securing AI and Passkey Authentication 26.06.2025

- https://security.googleblog.com/2025/06/mitigating-prompt-injection-attacks.html - https://blog.flatt.tech/entry/passkey_security?s=31

大規模言語モデル(LLM)におけるプロンプトインジェクション攻撃と対策 16.06.2025

https://security.googleblog.com/2025/06/mitigating-prompt-injection-attacks.html https://blog.flatt.tech/entry/prompt_injection

Écoute le podcast Security Shield Field sur Replaio

La radio et les podcasts dans une seule appli - gratuite, sans inscription. Installe-la dès aujourd'hui et ne rate pas le lancement

Télécharger sur Google Play

Replaio n'est pas éditeur de podcasts ; les noms des émissions, les visuels et l'audio appartiennent à leurs auteurs et sont diffusés via des flux RSS publics