The Cybersecurity Defenders Podcast
The Cybersecurity Defenders Podcast
The Cybersecurity Defenders Podcast·Jul 3, 2026·33m·Episode #336

Intel Chat: Hijacked AI backends, billboard hacks, Cursor DuneSlide & Claude export controls [336]

Show notes

Intel Chat with Matt Bromiley and Chris Luft.

Matt and Chris break down four stories from the week in threat intel:

• Zenity researchers observed three campaigns where attackers hijacked internet-exposed AI inference endpoints (Ollama, LiteLLM) as free model backends for offensive operations — including the Strix and HexStrike-AI pentesting frameworks and a Codex agent posing as a "security auditor" — enabled by no-auth defaults and placeholder API keys.

https://www.darkreading.com/cloud-security/attackers-hijack-exposed-ai-endpoints-power-offensive-ops

• A CISA advisory on Daktronics controllers behind scoreboards, digital billboards and highway signs: unauthenticated path traversal, arbitrary file upload and default admin credentials chaining to root-level control, found and responsibly disclosed by a Princeton undergrad.

https://www.securityweek.com/new-controller-flaws-expose-highway-signs-and-billboards-to-remote-hacking/

• Cato's "DuneSlide" (CVE-2026-50548 / CVE-2026-50549) — two critical Cursor flaws where a single prompt injection escapes the terminal sandbox and executes arbitrary commands on a developer's machine; patched in Cursor 3.0.

https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html

• Anthropic restoring worldwide Claude Fable 5 access after the US Commerce Department lifted emergency export controls triggered by a jailbreak — plus what it means for AI governance, open-source model catch-up and the data center debate.

https://thehackernews.com/2026/07/anthropic-restores-claude-fable-5-after.html

Chapters:

0:00 Intro & catching up

1:17 Attackers hijacking exposed AI backends (Ollama & LiteLLM)

9:18 CISA advisory: billboard & highway sign controllers

13:46 Cursor "DuneSlide" prompt-injection sandbox escape

20:34 Claude Fable 5 export controls lifted

28:17 Data centers, nuclear déjà vu & the AI race

33:39 Wrap-up

The Cybersecurity Defenders Podcast — a podcast about cybersecurity and the people that keep the internet safe. New episodes drop weekly.

Learn more about LimaCharlie: https://limacharlie.io

#cybersecurity #infosec #threatintel #AIsecurity #promptinjection