Security Intelligence
Security Intelligence
IBM
A new take on bug bounties, AI red teams and our New Year’s resolutions
40 minutes Posted Jan 7, 2026 at 11:00 am.
-Introduction 1:11 -- Cybersecurity resolutions 6:51 -- Microsoft’s new bug bounties 14:00 -- The LastPass breach’s long tail 26:07 -- Automated red teaming 33:22 -- ClickFix-as-a-service The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Subscribe for AI and security updates → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120
0:00
40:37
Download MP3
Show notes
Explore the podcast → https://www.ibm.com/think/podcasts/security-intelligenceSay your cloud storage service gets hacked. Say the attackers broke in by exploiting a vulnerability in an open-source library your organization used to build the service. Who owns that vulnerability?  Microsoft is trying to clear some of the smog obscuring the software supply chain by expanding its bug bounty program to include some third-party code that affects it services. In this episode of Security Intelligence, panelists Jeff Crume, Nick Bradley and Claire Nuñez discuss what that move means for cybersecurity responsibility models going forward.  We also analyze how a three-year-old LastPass breach is still giving cybercriminals new credentials to steal. Turns out “harvest now, decrypt later” isn’t just a quantum concern. Plus: OpenAI fights prompt injections with an automated, AI-powered red team, hackers have a new tool to make ClickFix attacks even easier and we share the New Year’s Resolutions we hope organizations will make in 2026. All that and more on Security Intelligence. 00:00 -- Introduction 1:11 -- Cybersecurity resolutions 6:51 -- Microsoft’s new bug bounties 14:00 -- The LastPass breach’s long tail 26:07 -- Automated red teaming 33:22 -- ClickFix-as-a-service The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Subscribe for AI and security updates → https://www.ibm.com/account/reg/us-en/signup?formid=news-urx-52120