Episode 46

Verizon DBIR 2026: Why Vibe Coding is Fueling Exploits

May 29th, 2026

1 hr 16 mins 16 secs

Season 3

Link with Timestamp

Download MP3 (70.9 MB)

Your Hosts

About this Episode

Welcome back to the Scinary Information Nexus! While Richard Martin is away, Brazos Wortham, Joseph Hamilton, and Mario Ortiz take the helm. They crack open some Texas Meadworks blackberry melomel to break down the 2026 Verizon Data Breach Investigations Report (DBIR).

The crew talks about a massive shift in the industry: vulnerability exploitation has officially overtaken credential abuse. We also talk about "vibe coding" -- developers using AI to write code they don't fully understand. This trend causes up to 62% of AI-generated code to ship with vulnerabilities.

Plus, we debunk Hollywood myths about polymorphic AI malware and see how threat actors actually use AI to draft phishing emails and speed up attacks. We review the surprising drop in ransomware payments, noting that 69% of victims now refuse to pay.

What happens when the money dries up? The guys predict a pivot toward public website defacement and data destruction from groups like Shiny Hunters. They also share practical advice on risk-based vulnerability management.

In this episode, we discuss:

  • What the 2026 Verizon DBIR reveals about initial access vectors.
  • A disastrous DIY absinthe experiment involving wormwood and gin.
  • How "vibe coding" is flooding code repositories with vulnerabilities.
  • The truth about AI malware and how attackers actually weaponize it.
  • The patching ceiling: why organizations tap out at fixing just 30-40% of vulnerabilities in the first week.
  • Why 69% of ransomware victims refuse to pay.
  • A pro-tip for reading the DBIR without giving up your personal data.

What's your biggest takeaway from this year's DBIR? Let us know in the comments below!

Connect with Scinary Cybersecurity:
https://www.scinary.com
https://x.com/scinarycyber
https://www.linkedin.com/company/scinarycyber/

00:00 Intro
05:15 Blackberry Melomel & DIY Gin
09:45 Exploits Overtake Credential Abuse
15:30 Vibe Coding & AI Threats
33:00 The Limits of Patching
58:30 Declining Ransomware Payments

Cybersecurity #InfoSec #VibeCoding #Ransomware #DBIR #Malware #ArtificialIntelligence #DataBreach #ShinyHunters #Vulnerability