The Department of Know: GemStuffer attack, AI SBOMs, and AI-created zero-days
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “The Department of Know: GemStuffer attack, AI SBOMs, and AI-created zero-days” inside PodZeus.
This episode of Cybersecurity Headlines dives into a series of high-impact cyber threats and policy developments, starting with the 'GemStuffer' attack on RubyGems, where malicious actors used the package manager as a dead drop for exfiltrated data from UK government websites—marking a novel use of legitimate infrastructure. The discussion then shifts to AI-driven zero-day exploits, with Google uncovering a cybercrime group using LLMs to develop a sophisticated bypass of two-factor authentication in an open-source admin tool, underscoring the accelerating threat of AI-generated attacks. The panel also examines broader geopolitical and policy shifts, including the EU’s potential ban on U.S. cloud providers for sensitive government data, the launch of AI Software Bill of Materials (SBOMs), and the UK’s plan to modernize its outdated Computer Misuse Act. Both CISOs emphasize that while the AI apocalypse is real, the key to survival lies not in fear but in adaptation—rethinking security programs, embracing faster response cycles, and recognizing that traditional models are no longer sufficient in an era of AI-powered threats. The episode closes with a call to action: security teams must evolve from 'faster horses' to 'cars'—reimagining their entire approach to resilience and innovation. Key takeaways include: (1) Threat actors are increasingly abusing legitimate platforms like RubyGems and HuggingFace as covert infrastructure; (2) AI-generated zero-days are no longer theoretical—they’re already in use, and detection must evolve; (3) Policy shifts like AI SBOMs and data sovereignty laws will force architectural changes across global tech ecosystems; (4) Security teams must prioritize adaptability over speed, rethinking their programs entirely; and (5) The cost of AI tools is not the barrier for attackers—defenders must prepare for a new era of rapid, automated threats. The tone is urgent but hopeful, emphasizing that while the landscape is changing, the industry has the tools and momentum to adapt.
Threat actors are repurposing legitimate platforms like RubyGems and HuggingFace as covert data exfiltration channels, bypassing traditional detection.
AI-generated zero-day exploits are now active, with attackers using LLMs to develop sophisticated, well-documented vulnerabilities—marking a new phase in cyber warfare.
Global policy shifts like EU data sovereignty rules and AI SBOMs will force major architectural and compliance changes across organizations.
Security programs must evolve from incremental improvements to fundamental rethinking—'you don’t need a faster horse, you need a car.'
The real threat isn’t just the technology—it’s the assumption that reputation, ratings, or trust signals are reliable indicators of safety.
Opening: The AI Apocalypse & Security Realities
Host Rich kicks off the episode with a lively intro, setting the tone for the week’s cybersecurity news. He welcomes guests Gary Chan (CISO, SSM Health) and Peter Liebert (CISO, SalesLoft), emphasizing the theme of adaptation in the face of emerging threats. The discussion begins with a focus on the looming AI-driven cyber threat landscape, with Peter joking about preparing for the 'AI apocalypse' and Gary highlighting the importance of frontline IT staff knowledge.
GemStuffer Attack: Abuse of RubyGems as a Dead Drop
“It's not about the capability of the tool—it's about how it's being used. That's the new threat model.”
AI-Generated Zero-Days: Google Uncovers LLM-Powered Exploits
“The code looked too good. That should’ve been a red flag—no human engineer writes documentation like that.”
Policy Shifts: EU Data Sovereignty, AI SBOMs, and UK Law Reform
“This isn’t just about data—it’s about culture, influence, and the future of global cohesion.”
Closing: Rethinking Security in the Age of AI
The episode concludes with actionable advice from both guests. Peter urges rapid adaptation, emphasizing that existential threats are finally breaking through organizational inertia. Gary delivers a powerful metaphor: 'You don’t need a faster horse—you need a car.' The hosts wrap up with a reminder of the show’s live Friday stream and an upcoming event on AI-powered pen testing.
“You don’t need a faster horse—you need a car.”
“The code looked too good. That should’ve been a red flag—no human engineer writes documentation like that.”
“This isn’t just about data—it’s about culture, influence, and the future of global cohesion.”
Host
Guests
Peter Liebert
person
Gary Chan
person
RubyGems
product
GemStuffer
other
HuggingFace
other
Google Threat Intelligence Group
organization
CISO Series
media
European Union
organization
Department of Homeland Security
organization
OpenAI
organization
Department of Know: Axios malware, TeamPCP campaign, New Storm infostealer
Cybersecurity Headlines • 31m • 4/6/2026
The Department of Know: Mythos Mayhem, critical infrastructure targeted, NVD changes
Cybersecurity Headlines • 38m • 4/17/2026
The Department of Know: Vercel breach, a "Contagious Interview," and ghost breaches
Cybersecurity Headlines • 40m • 4/24/2026
The Department of Know: GitHub drama, AI deletes production data, Claude Security Beta
Cybersecurity Headlines • 39m • 5/1/2026
The Department of Know: AI "transformation paradox," Copy Fail chaos, hacked lawnmowers
Cybersecurity Headlines • 38m • 5/8/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “The Department of Know: GemStuffer attack, AI SBOMs, and AI-created zero-days” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime