AI models keep getting more powerful, but are we actually more secure, or just more confident? And what happens when the same tools defenders use become available to every attacker on the planet?

In this episode, Armando sits down with Eran Medan, CTO of Arnica, to talk about what the Mythos release really means for cybersecurity, why supply chain attacks are still dangerously easy to pull off, and what vibe coders can do right now to protect themselves.

In this conversation, you will learn:

• Why the Mythos benchmarks deserve healthy skepticism and how models can game their own evaluations
• How the Axios supply chain attack worked and why transitive dependencies keep developers exposed
• Two simple NPM/PNPM config changes that block 99% of supply chain attacks
• Why MCPs are often unnecessary overhead when you already have a CLI and a well-documented API
• How AI is democratizing both attacking and defending, and why cybersecurity companies will be needed more than ever
• Why the current moment is a rare window for non-engineers to build real businesses before the playing field levels out
• The practical security checklist for anyone shipping vibe-coded apps to production

If this episode helped you think differently about AI and security, like and subscribe so you catch the next conversation.

Guest Contact:

• Arnica: https://arnica.io
• DepsGuard (free, open source): https://depsguard.com