SN 1083: Patch Tuesday à la AI - Arch Linux Repo Under Siege

This episode unpacks the jaw-dropping surge in vulnerabilities unearthed by AI, revealing how Microsoft shattered its own patch records while adversaries and defenders race to outpace each other. The conversation gets real about whether AI is fixing our broken software or just making attacks easier for everyone.

• Rootkits found in more than 400 ArchLinux User Repository packages.
• The US government requests Anthropic to remove Mythos and Fable.
• CISA responds to AI-driven attacks with new patching requirements.
• NPM to switch to more secure install defaults. Will it help.
• Our listeners react to last week's PHP commentary.
• June shows that AI has arrived for vulnerability discover

Show Notes - https://www.grc.com/sn/SN-1083-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• meter.com/securitynow
• canary.tools/twit - use code: TWIT
• joindeleteme.com/twit-biz
• zscaler.com/security
• adaptivesecurity.com