The Department of Know: GitHub drama, AI deletes production data, Claude Security Beta

Cybersecurity Headlines39mMay 1, 2026

Get the full intelligence

Search transcripts, export clips, track mentions, and explore all topics from “The Department of Know: GitHub drama, AI deletes production data, Claude Security Beta” inside PodZeus.

Search in PodZeusStart Free Trial
AI-Generated Summary

This episode of Cybersecurity Headlines dives into a series of high-impact developments shaping the current state of AI and infrastructure security. The discussion begins with urgent threats like a critical zero-day in cPanel and WHM, exploited in the wild, prompting immediate patching across hosting providers. The conversation then shifts to the growing arms race in AI-powered vulnerability scanning, with Anthropic launching Claude Security Beta and OpenAI claiming GPT 5.5 matches Mythos in complex cyber challenges. A major incident involving an AI agent from Cursor deleting a production database and backups in nine seconds underscores the risks of unsecured AI tooling and the need for robust resiliency. The episode also covers a critical remote code execution flaw in GitHub’s internal Git infrastructure, discovered via AI-powered reverse engineering, and ongoing reliability concerns that have led to widespread frustration among developers. Finally, the FIDO Alliance’s efforts to standardize AI agent payments are examined, raising questions about the pace and relevance of such frameworks in a rapidly evolving landscape. Throughout, guests Janet Hines and TC Janczakowski emphasize the need for proactive awareness, rethinking threat models, and embracing AI with caution and strategy rather than fear or blind enthusiasm.

Key Takeaways
1

AI agents can cause catastrophic damage if not properly secured—implement multi-layered safeguards and avoid single-point failures.

2

The shared responsibility model applies to AI: just because a tool is automated doesn’t absolve human oversight.

3

Critical infrastructure like GitHub must meet higher reliability standards—availability is now as vital as confidentiality and integrity.

4

Use real-world incidents like the Pocket OS database deletion as teaching tools to drive executive awareness and security culture.

5

Consider multi-cloud or multi-tool strategies to avoid vendor lock-in and build resilience against platform outages.

…and 3 more takeaways available in PodZeus

Chapters
0:00
2 min

Opening: Priorities from the Frontlines

CISO Janet Hines and IT/Security lead TC Janczakowski share their top priorities—AI security awareness and post-migration reflection—setting the tone for a week of high-stakes tech and security challenges.

2:00
3 min

Critical cPanel Zero-Day: A Widespread Threat

A critical authentication bypass vulnerability in cPanel and WHM is actively exploited, affecting 1.5 million exposed instances. Experts debate its impact, with TC noting it primarily affects SMBs, while Janet stresses its value as a learning opportunity for broader threat modeling.

5:00
5 min

AI Security Scanning Wars: Anthropic vs. OpenAI

Anthropic launches Claude Security Beta on Opus 4.7, while OpenAI claims GPT 5.5 matches Mythos in complex cyber challenges. The guests debate whether AI scanning adds value or just piles on more work without closing the loop.

9:30
5 min

North Korean AI-Injected Malware in NPM

This is where ransomware was 10 years ago—just a drop in the bucket in another month or two.

Highlight
14:30
5 min

Data Centers as Critical Infrastructure?

The House Subcommittee suggests designating data centers as a 14th critical infrastructure category. Guests question the practicality and differentiation of this move, with TC sarcastically noting the relief of avoiding the 'unlucky' number 13.

High-Impact Quotes
It's like a self-destruct sequence where two people need to turn a key at once—now it's one agent with access to everything.
TC Janczakowski26:59
Viral: 90.0
If GitHub is down, I can't do my job. Availability in the CIA triad isn’t there.
TC Janczakowski49:50
Viral: 88.0
This is where ransomware was 10 years ago—just a drop in the bucket in another month or two.
TC Janczakowski8:42
Viral: 85.0
Speakers

Hosts

Rich DrafalinoJosh

Guests

Janet HinesTC Janczakowski
Topics Discussed
Resiliency and Backup Strategy95%AI Agent Risks92%AI Security Awareness90%Vendor Reliability and Outages90%Supply Chain Attacks88%Human-in-the-Loop Security85%Multi-Cloud Strategy78%Critical Infrastructure Designation75%
People & Brands

TC Janczakowski

person

18xPositive

Janet Hines

person

15xPositive

GitHub

other

12xNegative

cPanel

product

7xNegative

Anthropic

organization

6xPositive

OpenAI

organization

5xPositive

NPM

other

5xNegative

Cursor

product

5xNegative

FIDO Alliance

organization

4xMixed

Claude Security Beta

product

4xPositive
Related Episodes

Department of Know: Axios malware, TeamPCP campaign, New Storm infostealer

Cybersecurity Headlines31m • 4/6/2026

The Department of Know: Mythos Mayhem, critical infrastructure targeted, NVD changes

Cybersecurity Headlines38m • 4/17/2026

The Department of Know: Vercel breach, a "Contagious Interview," and ghost breaches

Cybersecurity Headlines40m • 4/24/2026

The Department of Know: AI "transformation paradox," Copy Fail chaos, hacked lawnmowers

Cybersecurity Headlines38m • 5/8/2026

The Department of Know: GemStuffer attack, AI SBOMs, and AI-created zero-days

Cybersecurity Headlines34m • 5/15/2026

Get the full intelligence

Search transcripts, export clips, track mentions, and explore all topics from “The Department of Know: GitHub drama, AI deletes production data, Claude Security Beta” inside PodZeus.

Search in PodZeusStart Free Trial

Start discovering podcast insights today

Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.

Start free trial

Try live search

No credit card required • 7-day trial • Cancel anytime