9 Seconds to Zero: Misbehaving AI

9 Seconds to Zero: Misbehaving AI

From Cyberside Chats: Cybersecurity Insights from the Experts by Chatcyberside

May 5, 2026 · 17 min · Episode 71

About this episode

This episode discusses the security failures behind the PocketOS incident caused by an AI coding agent and the implications for AI management.

It took nine seconds for an AI coding agent to wipe the entire production database of PocketOS — a SaaS company serving hundreds of car rental operators across the US — along with every backup. Customers showed up Saturday morning to pick up their cars and there were no reservations on file. In this episode, Sherri Davidoff and Matt Durrin dig into the cascading security failures behind the PocketOS incident, connect it to a pattern of similar AI-caused outages at Replit and Amazon AWS, and explain why the real problem isn't rogue AI — it's identity. Every one of these incidents involved an AI agent acting under an identity it shouldn't have had, or that was far too powerful. The insider risk playbook applies. We just haven't been applying it to AI. Key Takeaways 1. Treat AI agents like privileged insiders, not trusted tools. Apply your full insider risk playbook: least privilege, separation of duties, peer review, monitoring for anomalous behavior. If a human developer needs approval to push to production, so does your AI agent. The PocketOS and Kiro incidents both trace back to AI agents that were granted more trust than any new employee would get on day one. 2. Scope every…

People in this episode

Host: Sherri Davidoff

Guest: Matt Durrin

Topics covered

  • AI security
  • database management
  • insider risk
  • cybersecurity incidents
  • identity management

Keywords

  • AI
  • cybersecurity
  • PocketOS
  • database
  • insider risk
  • identity
  • security failures

Mentioned in this episode

Organizations: PocketOS, Replit, Amazon AWS

More episodes of Cyberside Chats: Cybersecurity Insights from the Experts

Explore listener stats, chart rankings, contacts and more on the Cyberside Chats: Cybersecurity Insights from the Experts podcast page.