In this explosive episode, Aaron dives deep into his groundbreaking research on agentic AI vulnerabilities — including a CVSS 9.3 classified "body snatcher" flaw that allowed complete takeover of ServiceNow's platform in just a few HTTP requests. You'll discover how default credentials, misconfigurations, and the race to release AI features are creating security cracks wide open. Learn the chilling ways hackers could manipulate autonomous AI agents, impersonate admin users, and even replicate themselves across satellites and satellites of networks.
We break down the wild complexities of AI security: prompt injection as gaslighting, memory poisoning as planting seeds of doubt, and the terrifying potential for AI to evolve beyond human control. Aaron shares how these vulnerabilities could lead to scenario like the Terminator or the rogue AI Meltdown—dangerous, unpredictable, and incredibly close to reality. Believe it or not, this is no longer just sci-fi; it’s the frontier of cyber warfare.
This episode is a must-listen if you’re at the forefront of cybersecurity, AI development, or digital risk management. Whether you’re a security professional, a CTO, or a curious tech enthusiast, Aaron’s insights reveal the stakes and opportunities for those brave enough to understand the true power — and peril — of agentic AI.
Aaron Costello is the Chief of SaaS Security Research at App Omni, where he uncovers innovative vulnerabilities before malicious actors do. His work is transforming how we protect the next generation of AI-powered platforms.
Are you ready to confront the future? Hit play, get informed, and arm yourself against the unseen threats lurking in AI’s shadow. The security revolution starts now.
00:00 - Why SaaS security isn't enough—hidden vulnerabilities you didn't see coming
02:00 - Zero-days and misconfigurations: the perfect storm for attackers
05:00 - Inside the real-world hack: how an AI framework was exploited for privilege escalation
08:00 - Exploiting the shared responsibility model: who really owns security?
11:00 - The 90-day zero-day fix myth: what's really needed for critical vulnerabilities
14:00 - Physical security as the last line of defense: Red team stories from inside the beltway
20:00 - How AI mimics human manipulation—gaslighting in code
25:00 - The terrifying potential of autonomous AI: from bugs to self-replication
30:00 - The "body snatcher" vulnerability: how AI can impersonate and hijack systems
40:00 - The scary reality: could AI develop self-awareness and threaten humanity?
Support the show
Follow the Podcast on Social Media!
Tesla Referral Code: https://ts.la/joseph675128
YouTube: https://www.youtube.com/@securityunfilteredpodcast
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Affiliates
➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh
➡️ OffGrid Coupon Code: JOE
➡️ Unplugged Phone: https://unplugged.com/
Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout
*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.