Promptware, cloud security trends for 2026, and what the Xbox One hack means for cybersecurity

Mar 25, 2026

Guest

Kimmie Farrington

Guest

Seth Glasgow

Guest

Ian Molloy

Kimmie Farrington, a security detection engineer focused on telemetry and IAM; Seth Glasgow, a cyber range advisor on incident response and cloud tradecraft; and Ian Molloy, a security research lead in offensive and defensive analysis. They cover promptware and expanding the LLM attack kill chain. They unpack cloud attacks targeting ecosystems, ransomware living off the land, OT’s aging risks, and the Xbox One hardware breach.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Indirect Prompt Injection Enables Mass Amplification

Indirect prompt injections let attackers seed documents that compromise models at scale without repeated interaction.
One compromise can amplify across models and agents, enabling fast automated reconnaissance and pivoting.

ADVICE

Log AI Conversations And Lock Agent Identities

Improve telemetry and logging of model inputs and agent activity so defenders can see where injections occur.
Lock down agent identities, track which model/version an agent uses, and enforce least privilege on agent accounts.

INSIGHT

Cloud Attacks Target Ecosystems Not Infrastructure

Attackers now target cloud ecosystems (identities, APIs, integrations) rather than core infrastructure, exploiting implicit trust between components.
This makes breaches scalable: compromise one token or integration and pivot through federated services.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence

Someone finally cracked the Xbox One after 13 years. Here’s why security pros should care.

On this episode of Security Intelligence, panelists Ian Molloy, Seth Glasgow and Kimmie Farrington discuss the Xbox One hack presented at RE//verse 2026. More than just a neat story of one hacker’s ingenuity, there are some important takeaways for practitioners here.

But before that, we get into promptware, a new model for understanding attacks on LLMs that goes beyond the basics of prompt injections. Formulated by a handful of prominent cybersecurity researchers, including Bruce Schneier, promptware urges defenders to start thinking about the full AI attack kill chain, not just the front door.

Then we dive into a new analysis of cloud attack trends from IBM X-Force's Omari Jones, which finds that cybercriminals are targeting cloud ecosystems rather than cloud infrastructure. How do we need to shift our own mindsets to counter this?

Meanwhile, Google Threat Intelligence Group and Coveware find ransomware gangs increasingly ditching their flashy external tools in favor of PowerShell and other built-in system utilities—making detection significantly harder.

And Chuck Everette's Dark Reading op-ed raises a question that doesn't get enough airtime: With everyone focused on cutting-edge AI tech, what about the downright ancient OT systems and PLCs that underpin large swaths of American critical infrastructure?

All that and more on Security Intelligence.

In this episode:

00:00 – Introduction

1:01 -- From prompt injection to promptware

11:15 -- Cloud security trends 2026

19:59 -- Ransomware attackers live off the land

28:53 -- OT security: cybersecurity’s “rusting edge”

34:41 -- The Xbox One hack

The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity.

Cloud attacks are evolving: What 2025 trends mean for defenders in 2026 → https://www.ibm.com/think/x-force/cloud-attacks-evolving-what-2025-trends-mean-defenders-2026