Daily Cyber & AI Briefing with Michael Housch. This episode was published automatically and includes the assembled audio plus full transcript.
Today’s cyber and AI risk landscape is defined by rapid change, persistent threats, and a growing gap between innovation and governance. Across industries, organizations are accelerating their adoption of AI, integrating it into business processes, customer engagement, and even critical infrastructure. Yet, as these technologies proliferate, so do the risks—many of which remain hidden beneath the surface.
Let’s start with a stark statistic from a recent Lenovo study: 70% of enterprise AI is currently uncontrolled. What does “uncontrolled” mean in this context? Essentially, these are AI systems and tools operating outside of formal governance frameworks. They might be embedded in third-party applications, spun up by business units without IT involvement, or even integrated by employees through shadow IT. The implications are significant. Without oversight, these AI assets can introduce data leakage risks, compliance violations, and operational inefficiencies. They can also drive up costs and slow down return on investment, as organizations struggle to manage and optimize what they can’t see.
For security and risk leaders, this is a call to action. Inventorying and monitoring all AI assets—whether internally developed, purchased, or hidden within third-party tools—must become a top priority. If organizations fail to address uncontrolled AI, they risk regulatory penalties, reputational damage, and the loss of trust among customers and partners. The message is clear: you can’t secure what you don’t know exists.
While organizations grapple with hidden AI, threat actors are evolving their tactics as well. One recent example is the Silver Fox malware campaign. This campaign stands out for its use of highly convincing phishing emails, masquerading as tax audit alerts or urgent software updates. The attackers are leveraging social engineering to bypass traditional email defenses, luring both individuals and organizations into downloading malicious payloads. The sophistication of these lures means that even well-trained users can be caught off guard.
The practical takeaway here is twofold. First, user awareness training remains essential, but it must be ongoing and adaptive to new threat vectors. Second, technical controls—such as advanced email filtering and rapid incident response capabilities—are critical to containing the damage when, inevitably, someone clicks. Silver Fox is a reminder that phishing campaigns continue to be a primary entry point for attackers, and that layered defenses are more important than ever.
But phishing isn’t the only game in town. Attackers are also exploiting technical vulnerabilities at a rapid pace. A newly discovered zero-click vulnerability in Windows, for example, allows attackers to bypass Microsoft Defender SmartScreen protections without any user interaction. This means malware can be delivered simply by visiting a compromised website or opening a malicious file—no clicks required. The risk of drive-by infections and targeted attacks increases significantly in this scenario.
For organizations, the response must be proactive. Patch management is critical—vulnerabilities like this are often exploited within days of disclosure. Monitoring for suspicious activity at the endpoint level, and deploying layered defenses that go beyond a single security control, can help reduce exposure to zero-day threats. The reality is that attackers are always looking for the path of least resistance, and zero-click exploits are among the most dangerous tools in their arsenal.
Visibility is a recurring theme in today’s risk environment, and it’s not just a technical issue. Recent research shows that two-thirds of UK organizations lack visibility into what their staff are sharing with AI systems. With the w
