Asaf Nakash
Context Window: AI Security Podcast
The AI security podcast. Everything worth knowing in AI security, LLM threats, and agentic AI risks — under 15 minutes. Curated by a human. Voiced by AI.
Author
Asaf Nakash
Category
Podcast website
Latest episode
Jul 6, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
#19: Every Input Is a Potential Instruction 06.07.2026 12:09
Top Story: Anthropic Put Its Strongest Model Back Online. First It Had to Add a New Lock. — Three weeks ago, the US government took a commercial AI offline by order. Opening a repo with your AI assistant can hand your machine to a stranger. — Researchers at Mozilla's 0DIN group showed a clean-looking code project that compromises a developer's computer with no malicious code anywhere in it. A plat...
#18: The Level Playing Field Is Ending 29.06.2026 12:47
Top Story: OpenAI Built Its Strongest Model Yet. Then Handed the Guest List to Washington — On Friday, June 26, OpenAI announced three new frontier models — Sol, its self-described "strongest model yet," plus Terra for everyday work and Luna as a cheaper option — and in the same breath said most people can't have them yet. The free, downloadable models are catching the paid frontier — fastest they...
#17: The Autonomous Adversary 22.06.2026 11:36
Top Story: LiteLLM, Hit Again. This Time the Whole Gateway Falls — An AI "gateway" is the traffic controller that sits between your applications and the models they call. ⚔️ Attack: SearchLeak. One booby-trapped link could have turned Microsoft 365 Copilot into a silent data thief. Microsoft has already fixed it. — Varonis demonstrated the chain (they did not find it used in the wild): a crafted,...
#16: Assume the Model Is Already Breached 15.06.2026 12:28
Top Story: A Directive at 5:21 PM, Two Frontier Models Gone by Morning — For the first time anyone can easily point to, the US government used export controls — the tool that governs missiles and advanced chips — to pull a deployed, commercial AI model off the market. The "Are you sure?" box in your AI coding assistant can lie about what you're approving. — Researchers at Adversa AI disclosed two...
#15: Jailbreak Protection Isn't Enough 08.06.2026 11:39
Top Story: Catching the Attack Isn't Enough Anymore — For two years, the standard defense against prompt injection — hiding malicious instructions in something an AI reads, so it mistakes them for orders — has leaned on a single hope: make the model smart enough to notice. Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindowsec.com/episodes/2026-06-08.html
#14: Hidden in White 01.06.2026 12:38
Top Story: Prompt Injection Goes Operational — For two years, prompt injection has mostly been a lab demo. ModelScope MS-Agent: a max-severity hole with no fix (CVE-2026-2256). — A command-injection flaw in Alibaba's widely used MS-Agent toolkit lets an attacker run arbitrary commands on the host running the agent (CVSS 9.8). LMDeploy: 13 hours from disclosure to exploitation (CVE-2026-33626). — E...
#13: The zero-day you can't patch 25.05.2026 12:46
Top Story: The Week Trust Broke Twice — Two stories landed in the same 72 hours that belong in the same frame. NVIDIA NemoClaw sandbox bypass (CVE-2026-24222). — Lasso Security demonstrated that AI agents running inside NVIDIA's NemoClaw/OpenShell sandbox can exfiltrate sensitive data through tools the sandbox explicitly allows. vm2 sandbox escape wave: 13 CVEs, CVSS 9.0–10.0. — Between May 4 and...
#12: Agentic Speed — both sides of the race just went AI 18.05.2026 10:24
Top Story: The Race at Agentic Speed — Two things happened in the same week that belong in the same sentence. TeamPCP releases Shai-Hulud source code, launches BreachForums "supply chain challenge." — The group posted the complete worm framework to GitHub (since removed, but forked) with detailed deployment instructions, and announced a contest on BreachForums offering $1,000 in Monero to anyone w...
#11: Look, an Instruction! 11.05.2026 15:26
Top Story: The Prompt Was the Payload — Two Agent-Framework RCEs in Seven Days — Two independent disclosures landed inside seven days, and they collapse to the same sentence: a model read an instruction it shouldn't have trusted, and a tool downstream did exactly what the parsed text said. Cisco announces intent to acquire Astrix Security. — Cisco's May 4 blog post by SVP Peter Bailey says Astrix...
#10: Signed by Claude, Written by a Worm 04.05.2026 11:16
Top Story: TeamPCP Returns — "Mini Shai-Hulud" Hits Two Ecosystems Simultaneously — After a 26-day pause, TeamPCP is back. Curator's Corner: When Trust Is the Exploit Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindowsec.com/episodes/2026-05-04.html
#9: Three Layers, Three Attack Surfaces, One Agent 27.04.2026 14:18
Top Story: MCP STDIO RCE — The Connector Layer Has an Authority Problem — On April 23, the Cloud Security Alliance — an independent industry research body — and OX Security, an established Israeli software-supply-chain security vendor (founded 2021, $34M seed from Insight Partners and Team8), jointly disclosed an architectural vulnerability in the Model Context Protocol's STDIO transport — the mos...
#8: Every Consultancy Is a Honey Pot Now 20.04.2026 14:47
Top Story: Comment and Control — Three Coding Agents, One Bug Class, Zero CVEs — On April 15, researcher Aonan Guan — working with Johns Hopkins University's Zhengyu Liu and Gavin Zhong — published the first cross-vendor demonstration of a prompt-injection pattern that turns GitHub itself into the command-and-control channel for stealing runner credentials out of AI coding agents. Curator's Corner...
#7: Ninety Days to Patch the World 13.04.2026 13:32
Top Story: Claude Mythos Preview + Project Glasswing — AI Reaches the Zero-Day Threshold — On April 7, Anthropic announced Claude Mythos Preview alongside Project Glasswing — the most consequential AI security development of 2026, and arguably of the decade.. Curator's Corner: Anthropic's Oppenheimer Moment Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindows...
#6: Instructions Are Not Guardrails 12.04.2026 14:16
Anthropic accidentally published Claude Code's entire source code to npm — 512,000 lines of TypeScript, including an autonomous daemon called KAIROS that nobody was supposed to know about. North Korea compromised the Axios npm package through AI-assisted social engineering. Mercor, a $10B AI startup, got breached via the LiteLLM supply chain — 4TB exfiltrated. Plus: Microsoft open-sources the Agen...
#5: From Zero Day to Zero Second 05.04.2026 14:04
Your vulnerability scanner just published malware. One threat actor — TeamPCP — hit five ecosystems in ten days: Trivy, Checkmarx KICS, LiteLLM, Telnyx, and npm via CanisterWorm. A supply chain worm that completes a full compromise cycle in under sixty seconds. Plus: RSA Conference drops its agent security agenda, Claude gets jailbroken, and Curator's Corner on why security tools became the attack...
#4: AI Sandboxes Are Broken — Two Platform Escapes in One Week 29.03.2026 14:06
Two major AI platform sandbox escapes dropped this week on the eve of RSA Conference. AWS Bedrock's "isolated" sandbox leaks DNS queries — researchers built a full reverse shell. Snowflake's Cortex Code CLI got jailbroken through a GitHub README. Plus: MCP rug pulls, VoidLink (88K lines of AI-generated malware), the biggest pre-RSA funding window ever, and Curator's Corner on why AI didn't create...
#3: An AI Agent Hacked McKinsey's Chatbot in Under 2 Hours 22.03.2026 14:45
A red-team agent compromised a Big Four consultancy's customer-facing chatbot in under two hours. The Chrome Gemini hijack lets browser extensions take over Google's built-in AI. Plus the biggest M&A week in AI security history — Google closed the $32B Wiz deal, OpenAI bought Promptfoo, and three stealth startups emerged with a quarter-billion in combined funding. Curated by Asaf Nakash. Voices by...
#2: AI Security Gets Real — Breaches, Budgets, and the Agent Problem 08.03.2026 14:21
The week AI security shifted from theoretical to operational. Major breaches, new funding rounds, and the emerging challenge of securing autonomous AI agents. Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindowsec.com/episodes/2026-03-08.html
#1: Welcome to Context Window 07.03.2026 11:59
The pilot episode of Context Window — your weekly AI security briefing in under 15 minutes. Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindowsec.com/episodes/2026-03-01.html
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.