Mackenzie Jackson

The Secure Disclosure

Cyber, Sake, News, Research and more The Disclosure is a weekly cybersecurity podcast that brings the latest in news, research, and leaders into a 45-minute podcast. Hosted by Mackenzie Jackson, we bring new guests each week to share their research and expertise in the space.

Author

Mackenzie Jackson

Category

Technology

Podcast website

podcasters.spotify.com

Latest episode

Jul 1, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Solving the Supply Chain Security & Malware Crisis w/John Amaral 01.07.2026

In this episode of the Secure Disclosure Podcast , host McKenzie sits down with John Amaral, Co-founder and CTO of Root.io. They dive deep into the increasingly complex landscape of open-source supply chain attacks , examining how threat actors like Team PCP leverage AI to weaponize entire package ecosystems. John explains how Root's agentic software factory solves cascading CVE backlogs through p...

AI is an Amplifier: Why Bad Infrastructure Gets ‘Wronger’ Faster w/ Abdel SGHIOUAR 25.06.2026

In this episode of The Secure Disclosure, Mackenzie sits down with Abdel Sghiouar, Senior Cloud Developer Advocate at Google and co-host of the Kubernetes Podcast. Together, they unpack the messy, high-stakes intersection of AI agents and Kubernetes cluster operations. Abdel breaks down the "Autonomy Catch-22", the technical paradox where an agent's capability to act independently is precisely wha...

Your Microphone Became a Keylogger w/ David vonThenen 16.06.2026

In this episode of The Secure Disclosure, we sit down in Copenhagen with David vonThenen, a keynote speaker and machine learning expert conducting groundbreaking—and terrifying—research. David breaks down his latest work on acoustic keystroke logging: training machine learning models from scratch using PyTorch to identify exactly what you are typing purely by the acoustic signature of your keyboar...

Understand the Software Supply Chain Chaos w/ Roeland Delrue 09.06.2026

Supply chain security is evolving at a terrifying pace. In this episode of The Security Disclosure, Roeland Delrue (COO and co-founder of Aikido Security) breaks down why attackers have shifted their crosshairs from cloud infrastructure directly onto the individual developer's machine. We dive deep into how malicious JavaScript packages, VS Code extensions, and Chrome extensions manage to slip...

Prompt Injection Might Never Be Solved w/ Paul Vann 28.05.2026

In this episode of Secure Disclosure, host Matt sits down with Paul Van, CEO and founder of Validia, to explore the frontier of AI security. Instead of focusing on how bad actors use AI tools, they dive deep into how to protect the AI models themselves from the inside out. From the unsolvable nature of prompt injections and the rise of distillation attacks to the reality of a "machine vs. mac...

AI Broke the Security Ecosystem w/ Chris Hughes 22.05.2026

In this episode of The Secure Disclosure, host sits down with Chris Hughes founder of Resilient Cyber, CISA Cyber Innovation Fellow, and a leading voice in cybersecurity. We dive deep into the chaotic and rapidly shifting landscape of software supply chain security, the sudden operational struggles of the National Vulnerability Database (NVD), and how AI is completely rewriting the rules of vulner...

PostHog is placing a wild bet on AI Coding w/ James Hawkins 15.05.2026

In this episode of Secure Disclosure, James Hawkins, the co-founder and co-CEO of PostHog, dives into the "radical transparency" that turned a pivoted startup into a billion-dollar open-source powerhouse. James shares his unfiltered thoughts on why most B2B software pricing is a scam, why "collaboration" is often just a form of procrastination, and how AI is fundamentally chang...

AI Panic is Driving Shadow IT w/ Noora Ahmed-Moshe 06.05.2026

In this episode, we sit down with tech veteran and behavioral science enthusiast Noora Ahmed-Moshe to tackle the growing phenomenon of Shadow AI. As employees scramble to stay relevant in an AI-driven world, many are turning to unsanctioned tools, and bringing sensitive company data with them. Noora explains why "banning" these tools is a losing game and how organizations can bridge the...

When AI Agents Change their Intent w/ Frank Vukovits 29.04.2026

AI agents are transforming cybersecurity, from how access is granted to how attacks unfold. Frank Vukovitz (Delinea) joins Secure Disclosure to unpack the rise of non-human identities, the risks of autonomous agents, and why concepts like least privilege, identity lifecycle management, and continuous monitoring are more critical than ever. The big question: will AI ultimately make us more secure,...

OWASP Top 10, Vibe Coding, and What Developers Miss w/ Tanya Janca 22.04.2026

Tanya Janca joins the podcast for a sharp, no-nonsense conversation on the OWASP Top 10, why secure coding still gets skipped, and how AI is reshaping the way developers build and review software. She breaks down why broken access control keeps topping the charts, what security teams keep getting wrong, and how to create guardrails developers will actually use. The episode also dives into vibe cod...

The Future of Hacking is Agentic w/ Jason Haddix 15.04.2026

Jason Haddix joins the podcast to break down how AI is transforming offensive security — from attacking LLM-powered applications to why he believes 90% of pentests will soon be done by AI. We dive into prompt injection, defending AI systems with layered controls, and how enterprises are (sometimes dangerously) adopting AI internally. We also explore the impact of AI on bug bounty programs, why “fi...

Open Source Malware, Supply Chain Risk, and Contagious Interviews: w/ Paul McCarty and Jenn Gile 07.04.2026

In this episode of The Secure Disclosure, Jenn Gile and Paul McCarty from Open Source Malware break down how malicious packages are evolving, why developers are now a primary target, and what security teams still get wrong about software supply chain defense. From contagious interview campaigns to registry weaknesses and response playbooks, this conversation covers the real world risks behind toda...

Bugcrowd Founder Casey Ellis: AI Slop, and the Future of Hacking 02.04.2026

Casey Ellis, founder of Bugcrowd, joins the show to talk about the evolution of bug bounty, how hackers went from outsiders to strategic assets, and why AI-generated bug reports are putting pressure on security teams. We also get into VDPs vs public bounties, pentesting, vulnerability economics, and where security research is headed over the next five years.

Are Humans the Weakest Link in Security? w/ Sean Juroviesky 25.03.2026

In this episode of the Secure Disclosure Podcast, we dive into the human side of security with Sean Juroviesky. From why people remain the biggest challenge in cybersecurity to how organizations can build effective security cultures, this conversation explores identity, access management, and the risks introduced by shadow IT and AI. We unpack how to make the secure path the easiest path, how to d...

AI Agents Must Have Identity & Access Control w/ Johannes Keienburg 17.03.2026

AI agents are here, and they’re already transforming how we work. But beneath the hype lies a massive, unsolved security problem. In this episode, Mackenzie Jackson sits down with Johannes Keienburg to unpack the reality of autonomous agents: why they’re so powerful, why they’re so dangerous, and why access control is about to become the biggest challenge in cybersecurity. From broken authorizatio...

The Creator of Curl on Why AI Is Breaking Bug Bounties w/ Daniel Stenberg 16.03.2026

Daniel Stenberg, creator of curl, explains how a small open source tool became core internet infrastructure. The conversation covers curl’s origin, maintainer pressure, AI-generated bug bounty spam, the future of vulnerability reporting, and how AI is changing software engineering and security.

LLMs Will Never Be Fully Secure w/ Brooks McMillin 09.03.2026

We’re back in the “wild west” — only this time, the apps can be social engineered at machine speed. Live from CactusCon, Brooks McMillin breaks down malicious MCP servers, why we’re repeating the same security mistakes (hello again, broken access control), and why prompt injection probably isn’t going away. We get practical on what to lock down, how to roll out AI tooling safely, and why “AI lipst...

Leaking or Spying? The Truth About Browser Extensions 26.02.2026

In this week’s news brief, Mackenzie explores a comprehensive new report investigating data leakage and potential surveillance behavior in popular browser extensions. The researchers examined how extensions collect and transmit data, conducted behavioral payload analysis, and deployed honey URLs to detect suspicious activity. The episode highlights a critical distinction. Some extensions may unint...

Is AI Changing Cybersecurity, Or Just Exposing It? w/ Lester Godsey 25.02.2026

Recorded live at Cactus Con, ASU CISO Lester Godsey joins Secure Disclosure to unpack what’s truly new in AI security, and what’s just old problems getting fresh attention. From prompt injection and agentic AI to data classification and privacy, this episode explores how enterprise leaders should think about AI risk in a world where banning it simply isn’t an option.

Will AI Replace Pen Testers? w/ Paul Petefish 19.02.2026

AI is taking over the boring stuff — recon, noise, and tier-one work — but when it comes to real-world pentesting, business logic flaws, weird edge cases, and creative thinking still belong to humans. In this episode, Paul Petefish (Evolve Security) and Mackenzie dig into what AI is actually changing in offensive security, why prompt injection is getting weirder, and how “man + machine” is quickly...

AI Slop Is Killing Bug Bounties 12.02.2026

AI is overwhelming bug bounty programs with convincing but useless reports — and some major projects are shutting theirs down entirely. In this week’s news brief, we break down the economics behind “AI slop,” why curl pulled the plug on its program, and what this means for ethical hackers. Then we revisit OpenClaw, where security researchers are shifting from criticism to collaboration — and even...

Can AI Really Fix Security Bugs? Inside Modern Autofix Systems | Frederick Ryckbosch 10.02.2026

AI is transforming application security, not just by finding vulnerabilities but by fixing them safely. In this episode, sit down with Frederick Ryckbosch and dive into how AI understands code flow, remediates real security issues, and builds trust through testing and feedback loops. A practical look at autofix, dependencies, and the future of secure software development. Read more about AI Autofi...

OpenClaw & ClawHub Is a Malware Nightmare: Inside the AI Agent Supply Chain Crisis 05.02.2026

OpenClaw is a powerful new open-source AI agent — and a massive security risk. In this episode, security researcher Paul McCarty joins the show to break down how ClawHub, OpenClaw’s skill registry, is already flooded with malware. We explore how 386 malicious skills were discovered, why AI agents are more dangerous than traditional package managers like npm, how attackers are gaming download stats...

The Security Risk Hiding in AI w/ Matthias Feys 03.02.2026

In this episode of Cyber and Saki , Mackenzie sits down with AI expert Matthias Feys from ML6 to chat about how artificial intelligence has gone from niche machine learning projects to the generative AI explosion we see everywhere today. They dig into what’s changed over the last decade, why tools like ChatGPT have been such a game changer, and what people still get wrong when they treat AI as a m...

News Brief: Inside the Honey Browser Extension Scandal with The Engineer Who Broke It Open 29.01.2026

In this episode of Secure Disclosure, we go behind the scenes of the infamous Honey browser extension scandal with special guest J3lte, the engineer who uncovered the data that helped expose what was really happening. From affiliate link manipulation to massive user tracking across thousands of stores, J3lte breaks down how he reverse-engineered Honey, what he discovered, and why browser extension...

Listen to the The Secure Disclosure podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.