Secure Code and AI - Paul McCarty & Sooraj Shah on Securing AI Code

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/c9/a9/16/c9a9164e-d900-5027-7149-9aba9b1a8dba/mza_5797065989387187777.jpg/600x600bb.jpg

The Secure Disclosure

Mackenzie Jackson

17 episodes

5 days ago

Cyber, Sake, News, Research and more The Disclosure is a weekly cybersecurity podcast that brings the latest in news, research, and leaders into a 45-minute podcast. Hosted by Mackenzie Jackson, we bring new guests each week to share their research and expertise in the space.

Technology

RSS

All content for The Secure Disclosure is the property of Mackenzie Jackson and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/44244469/44244469-1755199569666-4c615cb139fa1.jpg

Secure Code and AI - Paul McCarty & Sooraj Shah on Securing AI Code

The Secure Disclosure

22 minutes 12 seconds

2 months ago

Secure Code and AI - Paul McCarty & Sooraj Shah on Securing AI Code

In this episode of The Secure Disclosure, host Mackenzie Jackson dives deep into the evolving intersection of AI, security, and development.First, Paul McCarty from Git Safety breaks down his recent discovery of a malicious npm package that impersonated the Claude CLI tool, hijacking developer workflows and acting as a man-in-the-middle for AI API calls. You can read Paul’s full breakdown here: “Malicious Claude Code Package Analysis” – https://www.getsafety.com/blog-posts/malicious-claude-code-packageNext, Sooraj Shah from Aikido Security joins to unpack findings from the State of AI in Security & Development 2026 Report, which surveyed 450 CISOs about how AI-generated code is reshaping security accountability, visibility, and optimism in the field. Check out the full report here: https://www.aikido.dev/state-of-ai-security-development-2026This episode explores real-world AI supply chain threats, systemic vulnerabilities in npm, and what organizations must do to stay ahead as AI reshapes modern development.Follow the guests:Follow Mackenzie: https://www.linkedin.com/in/advocatemack/Follow Paul: https://www.linkedin.com/in/mccartypaul/Follow Sooraj: https://www.linkedin.com/in/soorajshah/Chapters00:00 Introduction01:19 Paul McCarty on the malicious Claude npm package04:30 How AI tools are creating new attack paths08:06 Systemic issues and trust problems in npm10:44 Sooraj Shah on the State of AI in Security & Development14:01 Accountability, optimism, and the future of AI security