AppSec News Roundup on Claude Code Leak, Axios NPM Compromise, Secure Design - Idan Plotnik, Raj Mallempati - ASW #377

from Application Security Weekly (Audio)

Security problems aren't changing very much even though security teams are. We catch up on the implications of the Claude Code source leak, the very human lessons from the axios NPM compromise, and what secure design looks like when it involves agents, humans, or both. AppSec has always celebrated interesting and impactful vulns. And LLMs are now a favored tool for finding flaws. We shouldn't forget the success and effectiveness of fuzzers like OSS-Fuzz, which has improved security for over 1,000 projects and found over 50,000 bugs. But we can't ignore the ease of prompting an agent to go find -- and exploit -- a vuln when the UX and overhead of doing so is hardly more than writing some markdown. The SDLC Blind Spot: Why Breaches Start with Identity, Not Code Developers have access to source code, CI/CD pipelines, and cloud infrastructure — and attackers know it. Target lost 860GB of source code through a single compromised credential. Recruitment fraud campaigns have pivoted from a compromised developer to cloud admin in under 10 minutes. As agents join human developers, contractors, and service accounts in the SDLC, the attack surface is expanding faster than static security tools can track. Security teams need real-time visibility beyond code and into who has access and what they're actually doing. This segment is sponsored by Apiiro. To lean more, visit https://securityweekly.com/apiirorsac. How AI-Driven Development is Reshaping the Application Risk Landscape Agent coding assistants are accelerating software development, generating more code and more change than security teams were built to handle. In this interview, Idan Plotnik discusses how AI-driven development is reshaping the application risk landscape and why traditional vulnerability management models can't keep up. Make sure to schedule a free SDLC Risk Assessment with BlueFlag Security - 30 minutes to deploy. 48 hours to results. Please visit https://securityweekly.com/blueflagrsac. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-377

NOW PLAYING

0:00 1:08:42

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

Beating loneliness by bridging the generation gap

Apr 21, 2026 ·13m

Robotics and the Future of Aged Care

Apr 19, 2026 ·16m

The Purpose Paradox: Why Baby Boomers Delay Retirement

Apr 17, 2026 ·13m

A Growing Movement Aims to Prepare All Physicians to Care for Older Adults

Apr 15, 2026 ·12m

Defeating Recurring Charges on Cancelled Credit Cards

Apr 13, 2026 ·11m

If Your Dad Has These 11 Odd Habits, He's More Lonely Than He Admits

Apr 11, 2026 ·16m

Similar Podcasts

That Hoarder: Overcome Compulsive Hoarding That Hoarder Hoarding disorder is stigmatised and people who hoard feel vast amounts of shame. This podcast began life as an audio diary, an anonymous outlet for somebody with this weird condition. That Hoarder speaks about her experiences living with compulsive hoarding, she interviews therapists, academics, researchers, children of hoarders, professional organisers and influencers, and she shares insight and tips for others with the problem. Listened to by people who hoard as well as those who love them and those who work with them, Overcome Compulsive Hoarding with That Hoarder aims to shatter the stigma, share the truth and speak openly and honestly to improve lives. Wild WinsDay Wild WinsDay Pump the hump with WILD WINSday 🐪💪: Your 3-minute weekly video boost for leadership, sales, marketing, and business breakthroughs to WIN the day! Modern Day Modern Day Weekly convos between Emma Lembke and Jules Terpak Why That with Wyatt Wyatt Your semi-weekly source for fun facts and deep dives into different topics! Please follow the show and share the link with anyone who doesn’t already listen!

Frequently Asked Questions

How long is this episode of Application Security Weekly (Audio)?

This episode is 1 hour and 8 minutes long.

When was this Application Security Weekly (Audio) episode published?

This episode was published on April 7, 2026.

What is this episode about?

Can I download this Application Security Weekly (Audio) episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.

URL copied to clipboard!