The Department of Know: NVD audit, Meta's leaky AI, Microsoft is closer to quantum

Cybersecurity Headlines36mJune 5, 2026
AI-Generated Summary

The U.S. government's cybersecurity infrastructure is under fire after a federal audit revealed the National Institute of Standards and Technology (NIST) has mismanaged its Critical Vulnerability Database (NVD) for years, with a backlog of 27,000 unprocessed flaws and only 12% accuracy in severity scoring. The audit exposed systemic failures: duplicated federal programs, poor communication, and a lack of long-term planning—highlighting a crisis of institutional efficiency. Meanwhile, Meta AI’s support chatbot was exploited to hijack high-profile Instagram accounts by spoofing location via VPN, underscoring a dangerous trade-off between convenience and security. On the AI front, Microsoft’s Majorana 2 quantum chip promises a 1,000x performance leap and a 2029 timeline for production-capable quantum computers, while its new open-source Assert framework and agent control specs aim to standardize AI governance. Yet, the real threat isn’t just technical—it’s the explosion of AI agents now generating more internet traffic than humans, demanding a new security paradigm centered on 'guardian agents' to govern autonomous systems. The episode paints a picture of a world where AI vulnerabilities are no longer isolated bugs but interconnected, AI-driven attacks that require a fundamental shift in how we think about security—away from patching and toward proactive, agentic governance.

Key Takeaways
1

The NVD backlog has grown from 13,000 to 27,000 unprocessed vulnerabilities, with only 12% of severity scores matching independent evaluations.

2

Meta AI’s support chatbot was exploited via location spoofing, enabling attackers to hijack high-profile Instagram accounts including the Obama White House and Sephora.

3

AI agents now generate more internet traffic than humans, a shift that occurred a year ahead of projections.

4

Microsoft’s Majorana 2 quantum chip offers up to 1,000x performance gains and a projected 2029 timeline for production-capable quantum computers.

5

Microsoft’s open-source Assert framework enables plain-text evaluation of AI behavior, creating a standardized way to test and score model performance.

…and 3 more takeaways available in PodZeus

Chapters
0:01
2 min

Welcome to the Department of Know

Host Rich Straffolino welcomes listeners and introduces the episode's focus on major cybersecurity developments, including NVD audit findings, Meta’s AI leak, and Microsoft’s quantum and AI advances.

2:23
2 min

OAuth Tokens Vulnerable on GitHub.dev

I think we need to have good dialogue and engagement. And I think that if we do not have that, we're going to run into much more flack and conflict that is not in our common interest.

Highlight
6:28
3 min

U.S. Cyber Force Cost and AI Tokenization Crisis

We're seeing that in real time as people are posting their calculators with, you know, we've gone from token maxing to tokenomics in like a week.

Highlight
10:21
3 min

ChatGPT Share Links Used to Deliver Malware

It's not the shadow AI is really becoming this new world for people to attack and the attackers should take advantage of, right?

Highlight
13:19
3 min

HTTP 2 Bomb: AI-Driven Vulnerability Chaining

The chaining systems start occurring more and more as we see Mythos is being expanded to many more companies, which means it's going to be expanded to many more attackers.

Highlight
High-Impact Quotes
We're saying whether you're a consumer and using OpenClaw, you need a guardian agent, right? And whether you're an organization business and you've got coding agents, you need a guardian agent, right?
David Cross34:24
And the question that I want to ask companies is, do we no longer have pessimists on steering committees? Are we not looking at this? And someone's job is to say, what is the worst thing that can happen?
Rob Dunwood25:35
Because the chaining systems start occurring more and more as we see Mythos is being expanded to many more companies, which means it's going to be expanded to many more attackers.
David Cross15:45
Speakers

Host

Rich Straffolino

Guests

Rob DunwoodDavid Cross
Topics Discussed
nvd audit95%ai agent governance92%meta ai security breach90%quantum computing progress88%vulnerability chaining85%open source ai frameworks80%security researcher disclosure75%cyber force funding70%
People & Brands

David Cross

person

20xNeutral

Microsoft

organization

18xPositive

Rob Dunwood

person

15xNeutral

NIST

organization

12xNegative

Rich Straffolino

person

10xNeutral

Meta

organization

8xNegative

CISOseries.com

product

6xNeutral

Gartner

organization

6xNeutral

GitHub.dev

product

6xNegative

Atlassian

organization

5xNeutral

Start discovering podcast insights today

Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.

No credit card required • 7-day trial • Cancel anytime