More The Secure Disclosure episodes

LLMs Will Never Be Fully Secure w/ Brooks McMillin thumbnail

LLMs Will Never Be Fully Secure w/ Brooks McMillin

Published 9 Mar 2026

Duration: 00:25:38

Security oversights in AI/MCP server development, mirroring historical flaws like SQL injection, include unsafe practices such as `eval` usage and weak authorization, risking remote code execution and data leaks, while stressing the need for layered defenses against AI-amplified exploits in untested ecosystems.

Episode Description

Were back in the wild west only this time, the apps can be social engineered at machine speed. Live from CactusCon, Brooks McMillin breaks down malici...

Overview

The podcast discusses recurring security issues in AI and related technologies, drawing parallels between modern challenges and historical vulnerabilities such as SQL injection and broken access control. It emphasizes that lessons from past mistakeslike insecure APIs or misconfigurationshave not been adequately applied to new systems, such as MCP (Malicious Model Context Protocol) servers, which act as intermediaries for LLMs to interact with backend tools. Concerns are raised about the vulnerabilities in MCP servers, including the use of insecure practices (e.g., eval on third-party input) leading to risks like remote code execution and inadequate access control, which could allow unauthorized manipulation of data or permissions. The discussion also highlights the persistent problem of broken access control, a long-standing issue that remains critical in AI systems despite repeated warnings.

A central theme is the amplification of security flaws by AI and LLMs, which can exploit vulnerabilities faster and more creatively than humans, effectively serving as "magnifying glasses" for existing gaps. Prompt injection is identified as a novel threat akin to SQL injection but harder to mitigate due to its reliance on social engineering. The podcast underscores the need for robust security measures, such as logical controls, anomaly detection, and strict authorization checks, while balancing innovation with caution. It stresses that AI integration requires careful implementationstarting with limited access and incorporating safeguards like multi-factor authentication, logging, and human verification for sensitive actions. However, the rapid deployment of tools like OpenClaw, without sufficient testing, and the prevalence of malicious packages in repositories highlight ongoing risks in the ecosystem.

The conversation also touches on the challenges of testing LLM-driven systems, including the unpredictability of their behavior and the limitations of traditional security frameworks. Solutions proposed include using LLMs themselves to simulate attacks, dynamic testing, and layered defenses. A recurring caution is the tension between the speed of innovation and the need for thorough security hardening, with a call for embedding security expertise in AI development. Ultimately, the dialogue reflects a concern that, despite the transformative potential of AI, the field risks repeating historical security missteps unless lessons from the past are systematically applied.

Recent Episodes of The Secure Disclosure

16 Jun 2026 Your Microphone Became a Keylogger w/ David vonThenen

Machine learning analyzes keystroke acoustic signatures to infer typed characters over remote platforms, highlighting high accuracy with known keyboards, privacy risks from surveillance, and challenges in noise and variability, while proposing defenses and noting AI's dual-use implications.

9 Jun 2026 Understand the Software Supply Chain Chaos w/ Roeland Delrue

Rapidly evolving supply chain security threats, including malicious open-source components and AI-driven malware, demand advanced AI-powered solutions like Akito Securitys self-securing software and tailored tools to address vulnerabilities in developer environments and package repositories.

28 May 2026 Prompt Injection Might Never Be Solved w/ Paul Vann

The text details AI security threats like prompt injection, jailbreak attacks, and distillation attacks, along with vulnerabilities such as AI bias and autonomous agent risks, highlighting detection challenges, emerging malware, supply chain exploits, and the industry's struggle to keep pace with rapidly evolving AI technologies.

22 May 2026 AI Broke the Security Ecosystem w/ Chris Hughes

Evolving cybersecurity challenges include supply chain threats, AI vulnerabilities, and outdated tools, highlighting the need for systemic reforms like developer incentives, regulatory clarity, and industry-government collaboration to address gaps in vulnerability management and the dual risks of AI's role in both threat detection and exploitation.

15 May 2026 PostHog is placing a wild bet on AI Coding w/ James Hawkins

Recommended: Should you go open source?

PostHog's open-source analytics platform prioritizes transparency, developer autonomy, and AI integration while critiquing corporate norms, emphasizing price clarity, building in public, and balancing automation with security governance in product development.

More The Secure Disclosure episodes