Cheap, AI-generated zero-days and the real meaning of ‘advanced’ malware

(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.)

Three Buddy Problem - Episode 82: We parse news that China-linked VoidLink is a malware framework created entirely by AI and the collapsing line between elite APT operations and everyday threat actors.

Plus, a new Sean Heelan essay on low-cost exploit generation and why “AI guardrails” are mostly a comforting myth; AI slop overwhelming bug bounty programs; CISA's new Brickstorm YARA rules; and fresh research on a wiper-malware found in Russian attacks against Poland's electricity sector.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Transcript (unedited, AI-generated)
• Material Security (use cases)
• Sean Heelan on the coming industrialisation of exploit generation with LLMs
• VoidLink Shows AI-Generated Malware Has Begun
• LLMs in the SOC: Why Benchmarks Fail Security Operations Teams
• CISA advisory on BRICKSTORM backdoor
• Node.js — New HackerOne Signal Requirement
• AI slop security reports submitted to cURL
• Arctic Wolf on FortiGate attacks via SSO accounts
• New Cisco Remote Code Execution Vulnerability
• From Protest to Peril: Cellebrite Used Against Jordanian Civil Society
• Microsoft on multi‑stage AiTM phishing and BEC campaign abusing SharePoint
• Microsoft Gave FBI BitLocker Encryption Keys
• The Mastermind: Drugs. Empire. Murder. Betrayal
• Kim Zetter: Cyberattack on Poland’s energy grid used a wiper
• ESET on 'DynoWiper' malware