
LLMs writing exploits, engineers losing skills, and a case for the generative OS
From Three Buddy Problem by Security Conversations
April 3, 2026 · 2h 20m
About this episode
The episode discusses ransomware incident response, the implications of AI in security, and the future of vulnerability research.
( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows. ) Three Buddy Problem - Episode 92 : Costin walks through real-world ransomware incident response while Juanito makes the case for AI-generated operating systems that never run anyone else's code. Plus, debates on whether vulnerability research is cooked, why nobody should pay ransoms, and what the security industry looks like after the massive AI flood. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . 0:00 – Introductory banter 2:00 – Costin's ransomware incident response work 3:30 – How attackers break in: Fortinet vulnerabilities everywhere 6:30 – Hunting for ransomware decryption keys 9:00 – Breaking into ransomware C2s and monitoring leak sites 12:00 – The ransom payment debate: should you ever pay? 16:00 – Why "don't pay the ransom" is overgeneralized 21:00 – How ransomware gangs price their demands 24:00 – The AI-pilling of…
People in this episode
Host: Juan Andres Guerrero-Saade
Guests: Costin Raiu, Ryan Naraine
Topics covered
- ransomware
- AI in security
- vulnerability research
- incident response
- generative operating systems
Keywords
- ransomware
- AI-generated OS
- vulnerability research
- incident response
- threat intelligence
Sponsors
TLPBLACK
Mentioned in this episode
Organizations: Microsoft, Apple
Books & works: Cognitive Rust Belt
More episodes of Three Buddy Problem
- Mythos, Fable, and Anthropic's Big Trust Problem · June 12, 2026 · 1h 59m
- Fast16, Fanny, and Stuxnet: Cyber Paleontology Redux · June 5, 2026 · 2h 24m
- Microsoft Threatens Vuln Researchers; Shadow Brokers Revisited · May 30, 2026 · 1h 60m
- Aaron Portnoy on Pwn2Own, the End of Easy Bugs, and AI-Fueled Offense · May 27, 2026 · 40 min
- Perri Adams on Proof Engines, LLMs, and the New Era of Verifiable Code · May 26, 2026 · 40 min
- Find 50,000 Bugs, Fix Zero: Gabriel Bernadett-Shapiro on the AI Vuln Trap · May 26, 2026 · 50 min
Explore listener stats, chart rankings, contacts and more on the Three Buddy Problem podcast page.