SN 1077: A Browser AI API? - End of Bug Bounties?
Security Now (Audio)
Leo Laporte
4.6 • 2.3K Ratings
🗓️ 5 May 2026
⏱️ 155 minutes
🧾️ Download transcript
Summary
Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web.
- Hackers AI-code a portal, forget to add authentication.
- The UK's NCSC issues a Mythos warning. Where's CISA?
- Another (of many) Linux local privilege escalations.
- AI may be spelling the end of bug bounties.
- Anthropic releases "Claude Security" mini-Mythos.
- ChatGPT gets very serious about login security.
- Syncthing's SyncTrayzor v1 abandoned; v2 created.
- Google drops an AI API into Chrome; Mozilla objects
Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit
Sponsors:
Transcript
Click on a timestamp to play from that location
| 0:00.0 | It's cybersecurity now. |
| 0:01.1 | Steve Gibson is here. |
| 0:03.4 | He is armed with the knowledge that Google is now downloading 4.7 gigabytes when you download Chrome. |
| 0:09.7 | What is it? |
| 0:10.5 | A local AI model. |
| 0:11.9 | Steve talks about its implications next on Security Now. |
| 0:16.7 | This episode is brought to you by OutSystems, a leading AI development platform for the enterprise. |
| 0:22.4 | Organizations all over the world are creating custom apps and AI agents on the OutSystems platform and with good reason. |
| 0:28.7 | Build, run, and govern apps and agents on one unified platform. |
| 0:33.1 | Innovate at the speed of AI without compromising quality or control. |
| 0:38.0 | Trusted by thousands of enterprises worldwide for mission-critical apps. |
| 0:41.9 | Teams of any size and technical depth can use out systems to build, deploy, and manage |
| 0:47.0 | AI apps and agents quickly and effectively without compromising reliability and security. |
| 0:53.1 | Without systems, you can accelerate ideas from concept to completion. |
| 0:57.1 | It's the leading AI development platform that's unified, agile, and enterprise proven, |
| 1:02.3 | allowing you to build your agenic future with AI solutions deeply integrated into your architecture. |
| 1:08.8 | OutSystems. Build your agentic future. Learn more at outSystems.com slash twit. That's OutSystems. Build your agenic future. Learn more at outsystems.com |
| 1:13.2 | slash twit. That's outsystems.com slash twit. |
| 1:19.2 | Podcasts you love from people you trust. This is Twit. |
| 1:28.8 | This is Security Now with Steve Gibson. |
| 1:31.4 | Episode 1777 recorded Tuesday, May 5th, 2026. |
| 1:37.3 | A browser AI API? |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Leo Laporte, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Leo Laporte and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.