Episode 327: Protecting the 'hands and feet' of artificial intelligence against emerging cyber threats

This episode from early 2026 explores how cybersecurity and disinformation have become pillars of modern digital culture and geopolitics. The program highlights several key security incidents, such as the exposure of IDs and payment details at Endesa's Energía 21, an Instagram bug exploited by external actors to trigger massive password reset emails, and a critical vulnerability in the N8N automation software. The core discussion focuses on the Model Context Protocol (MCP), described by guests Alfonso Muñoz and Dani García as the "hands and feet" that allow Large Language Models (LLMs) to perform actions in the real world, such as managing databases or calendars. These experts warn that while MCP enables powerful integrations, it also introduces serious risks like prompt injection and the confusion of AI reasoning with proper authorization, highlighting the need for a "red button" to stop unintended actions. Finally, the episode emphasizes the importance of "security by design" and common sense, cautioning against the trend of adding unnecessary AI to every product and reminding listeners to stay alert against simple scams like fake QR code fines. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/