Insights

""

Taking Down the Botnet Doesn’t Answer the Harder Question

/in /by

CrowdStrike and Google’s Glassworm takedown is a genuine win. Two years of coordinated supply chain attacks, 300+ poisoned GitHub repositories, four command-and-control channels knocked offline. Real work, real results, and the teams involved deserve the credit.

Here’s what the story also reveals, though.

The Glassworm attackers didn’t break encryption or exploit a zero-day. They hijacked developer accounts that already had trusted status in the ecosystem. They published malicious extensions to marketplaces developers use daily. They paid for search results that looked like legitimate tooling. Once they had a foothold in a trusted repo, the software supply chain carried the rest. Downstream organizations pulled those dependencies the same way they pull any other dependency: because they had every reason to trust them.

That’s the part worth sitting with.

The pattern showing up everywhere right now

Glassworm ran for two years. Last week, the Mini Shai-Hulud campaign compromised dozens of popular open-source packages and caught at least one OpenAI developer in the process. In March, a suspected North Korean actor hijacked Axios, the HTTP client that millions of developers depend on. Three separate campaigns, same basic approach: find something trusted, compromise it upstream, let the supply chain handle distribution.

The approach keeps working because enterprise security is very good at telling you where code came from. It’s much less equipped to tell you what that code is going to do before it runs.

Signing confirms a publisher. It doesn’t confirm behavior. An SBOM tells you what’s inside a package. It doesn’t tell you what the package will do in your environment. An EDR catches suspicious execution, but it catches it after the artifact has already started running. Sandboxes can detonate a file, but they’re slow, they get bypassed by evasive samples, and the output is raw log data that takes an analyst to interpret.

None of those controls answer the question that supply chain attacks keep exploiting: should this artifact be allowed to run in the first place?

What Zero Trust for Code actually means

Zero Trust started as a network principle: don’t assume that traffic inside your perimeter is safe. Verify before you grant access, regardless of origin. That thinking eventually extended to identity and to devices.

It hasn’t been applied to software execution.

The default today is still: if the code came from a trusted source with a valid signature, it runs. That’s the assumption Glassworm was built around. And it works, repeatedly, because the trust model for software execution hasn’t caught up to how attackers actually operate.

Zero Trust for Code means no artifact gets a free pass based on where it came from. Every artifact gets evaluated for what it will actually do, against policy, before it executes. The output is a decision: allow, block, restrict, quarantine, or require review. With behavioral evidence behind it, documented, auditable, ready for the analyst or the regulator.

This isn’t a pitch for a product category. It’s a description of a control that the industry hasn’t built yet but increasingly needs.

What security teams should be asking today

The botnet is down. The technique it used is still viable.

The organizations best positioned against the next campaign won’t be the ones waiting for another takedown. They’ll be the ones that have an answer, at every point where code enters and executes in their environment, to the question: do we actually know what this is going to do?

Endpoint, CI/CD pipeline, email gateway, artifact repository: each of those is a place where untrusted code can arrive looking completely legitimate. Each of them needs a control that evaluates behavioral intent before execution, not after.

That’s the work. CrowdStrike did their part. Now it’s time for the rest of the industry to close the loop.

CodeHunter Security Brief cover for Vibe Hacking, May 2026, for the regulated-enterprise CISO

Security Brief: Vibe Hacking and the Case for Pre-Execution Defense

/in , /by

secbriefsection the claim

AI agents are now capable of dynamically generating custom hacking tools and scripts during an active intrusion, allowing attackers to bypass traditional detection methods that rely on known
signatures. Zero Trust for Code addresses this by enforcing what code and actions are permitted to execute, regardless of how they are generated.

secbriefsection the threat

Threat actors are now using AI agents to generate custom hacking tools dynamically during intrusions, replacing reliance on prebuilt malware or known frameworks. This is known as “vibe
hacking”.

These AI-generated scripts support reconnaissance, exploitation, and lateral movement, with each instance differing enough to evade signature-based detection.

This approach speeds up the attack process and enables continuous adaptation, allowing threat actors to iterate tooling and tactics in real time while remaining operationally stealthy.

secbriefsection the problem

  • Detection Collapse: Signature-based tools lose effectiveness when malware and scripts are dynamically generated each time.
  • Operational Speed: AI drastically accelerates the time between reconnaissance, exploitation, and persistence making it hard for to defense to keep up.
  • Tool Obsolescence: Traditional “known bad tool” detection is bypassed meaning tools no longer need to exist before they are used.
  • Lower Barrier to Entry: Attackers can generate sophisticated attacks without deep technical expertise.
  • Adaptive Users: AI enables attackers to modify tactics in real time, evading static defenses.

Zero Trust for Code lens: Authentication verifies identity and security tools detect known threats, but neither fully control what dynamically generated code is allowed to execute in real time.

The real breakdown is not that defenses fail, but rather that modern controls assume threats are pre-existing and identifiable. AI-driven attacks invalidate that assumption entirely.

secbriefsection the impact

  • Attack pace compresses to near real-time.
  • Signature- and IOC-based detection loses relevance.
  • SOCs face noise from highly variable artifacts, reducing confidence.
  • Control effectiveness evidence weakens.
  • Unknown, one-off tools execute outside policy validation, increasing operational exposure.

secbriefsection whattowatchfor

  • Rapidly changing scripts or binaries executing in environments.
  • Legitimate sessions generating previously unseen commands or behaviors.
  • High-frequency experimentation patterns (trial-and-error execution).
  • Activity without known tool signatures but with clearly malicious outcomes.
  • Indicators of on-the-fly tool or script generation.

A consistent pattern is the disconnect between what is executed and what is recognized. Legitimate sessions now produce behaviors that deviate from historical norms, often driven by dynamically generated scripts with minimal forensic consistency. Detection must evolve to assess not just access, but what that access enables systems to do. Without this visibility, anomalous activity blends with legitimate use, reducing detection efficacy and delaying response.

secbriefsection zt4c value

Zero Trust for Code introduces runtime enforcement over all generated and executed artifacts, regardless of origin. It ensures that only actions within clearly defined behavioral boundaries are allowed to run, while dynamically generated scripts are evaluated before execution.

Any unauthorized or anomalous activity is blocked in real time, rather than just being detected after impact, shifting control to defense the moment it matters most.

This approach directly addresses the core gap exposed by AI-driven attacks: the inability to govern code that did not exist until execution.

By moving from reactive detection to pre-execution decisioning, organizations can regain control over unpredictable AI-generated attack methods, which are becoming more prevalent by the day.

Trust but verify.

secbriefsection ciso action brief

  • Define behavioral execution policies for critical systems (what actions are allowed, not just who can act).
  • Implement pre-execution control points to evaluate scripts and commands before they run.
  • Augment detection with behavioral and intent-based analytics, not signatures.
  • Prioritize controls that operate at machine speed, matching AI-driven attackers.

CISOs should shift from access control to action control by defining acceptable system behaviors and enforcing pre-execution validation. Detection must evolve toward behavioral analytics, reducing reliance on signatures. At the same time, organizations should invest in high-speed controls to keep pace with AI-driven threats and prevent anomalous activity before execution.

methodology & sources

Dark Reading (May 2026) reporting on AI-generated hacking tools, Trend Micro TrendAI research, and CodeHunter analysis of AI-driven attack evolution

Download the PDF

Digital brain formed from circuitry representing AI-driven behavioral analysis used to understand what software code will do before execution

The Good, The Bad, and The Ugly of AI: Why Zero Trust for Code Is the Executive Answer

/in /by

AI is the shiny new tool that promises to revolutionize everything from your morning coffee order to high-level business decisions. It is fast, efficient, and it can genuinely help your organization do more with the resources you already have. But like most things that seem too good to be true, there is a catch. Let us break it down: the good, the bad, and the downright ugly of AI in today’s workplace.

The Good: AI as a Genuine Force Multiplier

AI is like that rare hire who actually wants to do the tedious work everyone else avoids. Need to comb through enormous data sets? Automate customer service queues? Generate reports in half the time? AI handles all of it without complaint.

The efficiency gains are documented and real. Studies show AI tools improve employee productivity by as much as 66%. People get time back for the strategic, mission-critical work that actually requires human judgment. For security teams specifically, AI assists with pattern recognition across massive log volumes, accelerates analysis of workflows, and helps analysts get to what matters faster. The productivity argument for AI adoption is not hype. It is real, and the pressure to adopt is legitimate.

The Bad: AI Introduces Code That Nobody Reviewed

Here is where the conversation shifts for security leaders. AI does not just automate tasks. It generates code, and that code enters your environment whether or not anyone evaluated what it is capable of doing before it ran.

AI coding assistants now produce executable artifacts at a volume and speed that no manual review process can match. A developer accepts a suggestion, commits it; the pipeline runs, and the code deploys. Somewhere in that sequence, the question of what this code will do never gets asked. Organizations rushing to adopt AI tools without thinking through how AI-generated code gets vetted are introducing unreviewed executable artifacts into production environments at scale, and that is not a productivity problem. It is an execution governance problem.

The Ugly: AI-Generated Code as an Attack Vector

The same AI capabilities that make your developers more productive are available to threat actors. Generative AI has lowered the barrier to producing functional malicious code to nearly zero. A credential harvester, persistence mechanism, and a lateral movement script: any of these can be generated by a capable model in response to a basic prompt.

recent study from the University of Illinois Urbana-Champaign found that GPT-4 successfully exploited 87% of zero-day vulnerabilities it was given access to, autonomously, using only CVE descriptions. Most open-source scanners detected none of them. AI is moving faster than most organizations have built governance to handle, and when it reaches your production environment without verification, it brings whatever behavioral capabilities it was designed with.

Zero Trust for Code: The Executive Framework

Geoffrey Hinton, often called the Godfather of AI, has warned that the most important part of AI implementation is carefully defining its guidelines. That observation applies directly to AI-generated code in enterprise environments.

The answer is not to slow down AI adoption. The competitive and productivity case is real, and the decision is largely made across most industries. The answer is to build the execution governance layer that AI adoption requires. Zero Trust for Code holds that every artifact is untrusted by default, regardless of how or where it was generated. Trust is earned through behavioral verification: a pre-execution analysis that evaluates what the artifact is designed to do and produces a deterministic Allow, Block, Contain, or Escalate verdict before execution is authorized.

Treat AI like fire. It can do remarkable things, and it requires governance to commensurate with its capability. Find out how CodeHunter brings Zero Trust for Code to AI-generated executable artifacts in your environment.

CodeHunter logo representing Zero Trust for Code and pre-execution control over what software is allowed to run

2025 Cybersecurity Predictions: The Year Zero Trust for Code Becomes Unavoidable

/in /by

2024 was a defining year for cybersecurity, with significant breaches, meaningful defense wins, and a threat landscape that continued shifting faster than most organizations could track. The MOVEit vulnerability demonstrated how a single flaw in widely used software can cascade across hundreds of organizations simultaneously. Coordinated government action disrupted several prominent criminal operations. The lessons from both sides of that ledger are shaping what 2026 demands from security teams.

Like the threats it defends against, this industry is always moving. Here is what the current trajectory points toward.

AI-Generated Code Risk Becomes a Board-Level Governance Question

Generative AI has changed the threat landscape in two directions at once. For attackers, it has lowered the barrier to producing functional malicious code to nearly nothing. AI-generated variants that carry no prior signature arrive continuously, and they evade detection tools built around recognition. For defenders, AI assists with pattern recognition, accelerates analysis, and helps security teams process volumes of data that would otherwise overwhelm them.

The governance gap sits between those two realities. AI coding tools generate executable artifacts that enter development pipelines faster than any manual review process can evaluate them. In 2026, that gap reaches the board level. Executives and compliance teams will begin asking for documented, policy-backed answers about what AI-generated artifacts are running in their environments and what standard governs their authorization.

Behavioral Intent Analysis Replaces Signature-Dependent Approaches

Signature-based detection identifies what it has already seen. AI-generated code, novel variants, and purpose-built payloads are specifically designed to be things that have not been seen before, and that structural mismatch between a recognition-based defense and a novelty-based offense is not going to resolve in favor of signatures.

Behavioral intent analysis asks a different question: what is this artifact designed to do? It does not require prior knowledge of the threat, deconstructs the artifact itself to surface behavioral capability before execution is authorized, and produces a deterministic verdict rather than a probability score. The combination of pre-execution behavioral analysis and automated artifact deconstruction is what allows SOC teams to move quickly between identification, containment, and response without being overwhelmed by volume.

Agentic Workflows Emerge as a Distinct Security Category

Agentic workflows, AI systems that autonomously generate and execute code without a human authorization step, are creating a supply chain risk category that existing controls were not designed to govern. An agentic pipeline that retrieves an external package and executes it. An AI coding tool that generates a script and runs it immediately. A development pipeline where AI-generated contributions are merged and deployed without a behavioral verification gate. Each of these scenarios introduces executable artifacts into production environments through trusted internal channels, without any behavioral verification step, and agentic supply chain risk will surface as a distinct security category in 2025.

Pre-Execution Enforcement Becomes the Practical Answer to Detection Overload

SOC teams are not going to scale their way out of the volume problem. Adding analysts does not keep pace with the rate at which AI generates new, signature-free threats. Moving enforcement upstream, to the execution layer, is the answer that scales. When artifacts are evaluated and a verdict issued before they run, fewer alerts are generated downstream, and the SOC receives genuine escalations rather than noise from code that should never have been authorized to execute in the first place.

Automation empowers security teams to operate at the speed of modern threats demand. Zero Trust for Code is the framework that makes that automation purposeful. Find out how CodeHunter applies to your existing security stack.

Alert-saturated security screen highlighting the limits of reactive monitoring and the need to control software execution before risk escalates

AI-Generated Malware and the Case for Zero Trust for Code 

/in /by

A recent study from the University of Illinois Urbana-Campaign reveals that widely available AI agents had an 87% success rate exploiting zero-day vulnerabilities. Researchers gave OpenAI’s GPT-4 access to a database of zero-day vulnerabilities without existing patches. Armed with nothing more than CVE descriptions and embedded reference links, the model autonomously exploited the flaws. Most open-source scanners could not detect the same vulnerabilities at all.

That number is worth sitting with. 87%, without custom tooling, without deep technical expertise, with a description and a capable enough model. Generative AI has not just lowered the barrier to exploitation. It has functionally removed it for anyone with access to a sufficiently advanced model.

When Open Information Becomes a Vulnerability

The CVE database was built to enable collaborative defense. Making knowledge of specific threats available across the industry helps security teams respond faster and share critical context that would otherwise stay siloed. That model has genuine value.

The UIUC study exposes a real tension in that approach. The precise, structured information that makes CVE entries useful for defenders is exactly the information a large language model can use to generate a working exploit. Collaboration infrastructure designed to strengthen defense is also infrastructure that can be handed to an AI and turned into an offense engine.

The Gap GPT-3.5 Reveals

GPT-3.5 achieved a 0% success rate given the same inputs as GPT-4. The jump from 0% to 87% happened in a single model generation, and as models grow more capable and more accessible, the democratization of zero-day exploitation is not a future risk. It is an accelerating present one.

Signature-based detection is a catalog of what has already been observed. AI-generated malicious code is, by design, something that has not been observed before. Every variant is new, and every payload can be structurally different from its predecessor while doing the same thing. Writing signatures fast enough to keep up with AI-generated novelty is not a strategy that scales.

Behavioral Capability Does Not Care About Code Origin

What makes pre-execution behavioral intent analysis the right control for AI-generated threats is that it does not depend on recognizing the code. A credential harvester generated by GPT-4 still harvests credentials. A persistence mechanism written by an AI still installs persistence. A lateral movement script produced by a language model still attempts lateral movement. The behavioral capability is present in the artifact regardless of whether any human authored it or whether any prior version has ever been seen.

Pre-execution analysis deconstructs the artifact to surface those capabilities before execution is authorized. The verdict is deterministic, Allow, Block, Contain, or Escalate, and it is applied equally to human-authored and AI-generated code alike, because the artifact does not advertise how it was made. Only what it will do.

Zero Trust for Code as the AI Defense

The industry needed Zero Trust for identity when identity became the primary attack vector. The same logic applies now to code execution. AI has shifted the threat model in a way that makes pre-execution enforcement the practical necessity it always was in theory.

CodeHunter uses automation to defend against automation. Our pre-execution behavioral intent analysis evaluates AI-generated executable code on behavioral capability, not origin or resemblance to known threats. The verdict is issued before the code runs, backed by forensic evidence, and mapped to MITRE ATT&CK so security teams have the context to act immediately.

Every artifact is untrusted by default. Trust is earned through behavioral verification. Stop chasing alerts. Start enforcing trust.