What happens when malware stops looking like code and starts looking like natural language prompts? The answer reveals a fundamental shift in how we need to approach security.
In this episode of Techzine TV, recorded at Wiz’s London Wizdom event, threat research lead Amitai Cohen unveils critical insights about the evolving cloud security landscape. The conversation reveals surprising statistics about how organizations configure their cloud environments and why vendor defaults hold far more power than most people realize.
You’ll discover why 80% of deployments use default configurations, what this means for security outcomes, and how attackers are exploiting this reality. Cohen explains the tension between supporting legacy systems and maintaining security, illustrated through real-world examples like Amazon’s IMDS versions and the ongoing challenge of public S3 buckets.
What you’ll learn from this interview
The discussion goes deep into territory that security professionals need to understand right now. Cohen reveals how different package registries have chosen dramatically different security postures, and why the npm registry became the primary target for supply chain attacks over the past year. The explanation of vendor responsibility versus customer responsibility will change how you think about security ownership.
But the most striking revelations come when the conversation turns to AI security. You’ll learn about specific attack techniques that didn’t exist a year ago, including how malware is now abusing AI command-line interfaces on developer machines. Cohen shares examples from recent npm registry attacks that demonstrate entirely new attack surfaces emerging from AI adoption.
Why this matters now
The interview addresses the uncomfortable truth about AI tooling: much of it was built for laboratory environments but is being deployed in production by people without traditional development backgrounds. HR departments deploying AI systems through “vibe coding” might sound unusual, but it’s happening at scale, and the security implications are significant.
Cohen also tackles the open source security debate, including controversial legislative attempts to assign responsibility to volunteer maintainers. The perspective offered here cuts through the noise to explain what actually works and what doesn’t in securing open source supply chains.
Key topics covered in the video:
- Why cloud security has become inseparable from all security practices
- The most common misconfigurations and why they persist despite years of awareness
- How vendors can use opinionated defaults to dramatically improve security outcomes
- The real-world consequences of different security postures across package registries
- Why AI vulnerabilities often aren’t unique to AI at all
- Specific examples of brand new attack surfaces created by AI adoption
- Why runtime detection is becoming more critical than static malware analysis
- How Wiz’s threat research team identifies and tracks emerging threats