Afleveringen
-
The FBI disrupts a major residential proxy service. Attackers exploit Fortinet firewalls to target UK officials. European lawmakers call for a spyware investigation. A new macOS infostealer masquerades as a clipboard manager. Prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning. Researchers trick Claude into remote code execution. AI’s strain on the power grid is complicated. Monday business briefing. Our guest is Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. Anime and AI meet adolescent antics.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. You can learn more here.
Selected Reading
FBI Seizes NetNut Domains as Google Disrupts 2M Device Proxy Network (HackRead)
Russian hackers steal government logins (The Telegraph)
Lawmaker Probing Pegasus Spyware Infected Using Same Malware (BankInfo Security)
PamStealer: a Rust-based macOS infostealer that validates credentials through PAM (Jamf)
Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments (SecurityWeek)
Red teamers turned Claude Desktop into a double agent to do their evil bidding (The Register)
How Data Centers Grid Instability Threatens Reliability (IEEE Spectrum)
Quantifind has secured $200 million in a funding round led by Summit Partners. (N2K Pro Business Briefing)
Japanese teen arrested for cyberattack that unsubscribed over 46,000 anime accounts (The Straits Times)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Over the past two decades, the space industry has changed dramatically, evolving from a largely government led effort to one that is now rooted in private enterprises driving growth and innovation.
In this week’s episode, host Maria Varmazis sits down with Damian DiPippa, CEO of Auria Space, to discuss how the commercialization of the space industry is driving new changes. During the conversation, they explore the future of command and control, cyber resilience, and the growing partnership between commercial and national security space.
Like what you heard? Be sure to subscribe to our free Signals and Space Briefing, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space
Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to [email protected]. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P
T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Zijn er afleveringen die ontbreken?
-
While we take a break this 4th of July weekend, please enjoy this encore of AI Security Brief.
Your enterprise AI strategy isn’t as far along as you think. The reality for most organizations today is that AI is disrupting existing processes more than it’s delivering outcomes… so far. And according to Dr. Grace Trinidad, Research Director at IDC, that’s how it should be.
In this episode, host Johnny Hand sits down with Dr. Grace to discuss how AI adoption follows the same pattern as almost every major digital transformation, and why this disruption phase we’re in is messy, yet critically important.
What we cover:
How history demonstrates that automation across industries created disruption well before delivering value
Why your AI adoption strategy is much more than simple tool deployment
What business and technology leaders need to consider as they integrate AI into operational workflows
How token consumption and AI FinOps are the emerging security and cost risk
How AI ontologies will be the next real business differentiator
Why stick around:
If you’ve been wondering if your organization’s AI adoption strategy is ahead of the curve, Dr. Grace will give you a much clearer picture of where you really stand.
Episode resources:
Dr. Grace Trinidad on LinkedIn
Securing the AI Enterprise: 5 Key Steps for Business Leaders
Closing the Governance Gap in Agentic AI
Johnny Hand on LinkedIn
TrendAI on LinkedIn
About AI Security Brief
AI Security Brief is where security and technology leaders come to get ahead. Join us for real conversations on the AI trends, threats, and decisions that can't wait.
About TrendAI™
TrendAI™ empowers organizations to lead the future of AI with proactive security designed to inspire innovation and eliminate risk. TrendAI™. AI Fearlessly.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss 10 years of vulnerabilities, zero‑days, and hardware flaws. Together they reflect on the last decade of cybersecurity vulnerabilities, exploring key shifts, landmark incidents like WannaCry and Log4Shell, and the evolving landscape shaped by hardware issues and AI.
Join Maria and Dave as they discuss how these changes impacted security practices and the importance of vigilance in a rapidly interconnected world.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
OpenAI considers an equity plan to share AI wealth with the public. Cisco confirms active exploitation of its unified CM platform. Researchers discover autonomous ransomware. The Vect ransomware operation partners with TeamPCP. The FortiBleed credential-harvesting campaign is linked to ransomware attacks. Veil#Drop stealthily deploys the PureLog Stealer. Scammers target small businesses with fake law enforcement emails. Apple’s Hide My Email feature…doesn’t. An alleged Scattered Spider member is extradited to the United States. Our guest is Ben Yelin, Dave's Caveat cohost, on the Supreme Court’s geofence warrants ruling. Microsoft’s quantum claims leave physicists in two states at once.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies discussing the Supreme Court ruling on geofence warrants. If you enjoyed this conversation, you can check out Ben on Caveat.
Selected Reading
OpenAI in talks to give Trump administration a 5% stake in the company, FT reports (CNN Business)
Cisco finally confirms attackers exploiting Unified CM flaw (Bleeping Computer)
Sysdig Details JADEPUFFER, the First Documented Agentic Ransomware Operation (HackRead)
Vect and TeamPCP partner for ransomware campaigns (Sophos)
FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks (SecurityWeek)
VEIL#DROP: Blogspot-Hosted PowerShell Loader (Secureonix)
Fake Interpol investigation emails target small businesses with ransomware (Bitdefender)
Apple ‘Hide My Email’ Vulnerability Reveals Peoples’ Real Email Addresses (404 Media)
Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to the United States (U.S. Department of Justice, Office of Public Affairs)
Is there a new quantum processor or is Microsoft lying? (Mathew Ingram)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The US restores exports of Anthropic’s most advanced AI models. Adobe and Citrix rush out critical patches. RustDuck emerges as a fast-evolving DDoS threat. The Gentlemen raise the stakes with a new EDR-killing exploit. Rocket lab bets big on Iridium. Researchers unveil browser-only ransomware. New Zealand faces questions about its cyber readiness. Iran’s long-running cyber espionage campaign is back in the spotlight. Our guest is Donald Codling, CISO and senior advisor to REGO on cybersecurity and data privacy matters, to discuss the importance of tying security by design to psychological safety and digital trust. VIP backstage access, courtesy of Claude.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Donald Codling, CISO and senior advisor to REGO on cybersecurity and data privacy matters, to discuss the importance of tying security by design to psychological safety and digital trust.
Selected Reading
Fable and Mythos: Anthropic says US lifts export ban on its advanced AI tools (BBC)
Adobe patches seven max severity ColdFusion, Campaign flaws (Bleeping Computer)
RustDuck: The Botnet That's Still Small but Engineering Like It Plans to Grow (SecurityAffairs)
Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack (SecurityWeek)
Not very gentlemanly: Analyzing a zero-day exploit used by The Gentlemen ransomware to disable targets’ EDRs (Expel)
Rocket Lab to Acquire Iridium in Historic Deal, Creating A Fully Vertically Integrated Space Powerhouse Primed for Growth (Globe Newswire)
Ransomware that runs inside your browser tab, where antivirus cannot see it (Suriq)
Three major cybehttps://suriq.io/blog/browser-only-ransomware-file-system-accessrattacks have raised alarms about New Zealand's security (RNZ)
Arrest of Iranian Hacker Spotlights Iran’s Movement into Economic Espionage and IP Theft (Zero Day)
Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival (WIRED)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Supreme Court limits geofence warrants. DHS moves to expand CISA. The State Department offers $10 million for Russian hackers. A legal theory could reshape EU-U.S. data sharing. Plus, cyberattacks hit D.C. housing, Oracle and SimpleHelp flaws face active exploitation, malware lingers on Japanese military networks, and stolen Apple supplier data surfaces online. John Cannava, CIO at Ping Identity, discusses how identity threats don't go on holiday. The Secret Service dial down the risk on BYOD.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by John Cannava, CIO at Ping Identity, as he discusses how identity threats don't go on holiday: how attackers take advantage of these high-traffic moments to blend in with normal user behavior, and what needs to change to better protect fans of major events like this summer's World Cup, and identity threats in travel at large.
Selected Reading
Supreme Court says police need a warrant to obtain Google location data (Washington Post)
DHS Eyes 600 New Cybersecurity Hires, New Director for CISA (BankInfo Security)
US posts $10 million reward over Russian cyber campaign targeting Signal, WhatsApp (The Record)
US Supreme Court just blew up EU-US Data Transfers (NOYB)
DC Housing Authority hit by cyberattack, website down (WJLA)
Exploitation of Recent Oracle E-Business Suite Vulnerability Begins (SecurityWeek)
USB drives carrying China-linked malware infected Japanese military networks for nearly a year (Bitdefender)
A forged login key unlocks SimpleHelp servers, and a new stealer is raiding cloud and AI credentials (SURIQ)
Apple iPhone 18 Pro supplier list, parts and photos exposed in Tata data leak (Reuters)
Even the Secret Service won't use company-issued phones (The Register)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The White House keeps frontier AI models on a short leash. Russian threat actors increasingly target secure messaging platforms. DirtyClone is a high-severity Linux kernel privilege escalation flaw. An investigation claims federal websites are violating privacy rules. Microsoft dismantles a sophisticated malicious browser extension campaign. Setting up a GitHub repository could trick AI coding agents into executing malicious payloads. The DOJ shuts down illegal World Cup streamers. An Anonymous-linked hacker gets 18 months for website defacement. Monday business briefing. Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discusses cyber risk as a board concern. In healthcare AI, patient privacy needs a second opinion.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discussing cyber risk as a board concern. If you're interested in learning more about NACD, be sure to check out their Director’s Handbook on Cyber-Risk Oversight.
Selected Reading
Washington pushes AI into an export-control era as rivals rush to fill the gap (Metacurity)
FBI and CISA Warn Russian Hackers Stealing Verification Codes and Account PINs From Signal Users (GB Hackers)
'DirtyClone' Linux Kernel Vulnerability Leads to Root Access (SecurityWeek)
‘It’s dangerous and it’s going to erode trust’: redesign of US government websites stokes surveillance fears | Trump administration (The Guardian)
StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years (SecurityAffairs)
Clean GitHub repo tricks AI coding agents into running malware (Bleeping Computer)
US seizes hundreds of FIFA World Cup illegal streaming domains (Bleeping Computer)
Anonymous-Linked Hacktivist Aubrey Cottle Jailed Over Texas GOP Cyberattack (Hackread)
Accenture acquires Dragos, runZero, and NetRise for more than $4 billion. (N2K Pro Business Briefing)
Medical diagnosis AIs can be tricked into telling whose data trained them (The Register)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Despite the space sector seeing greater investment and attention year-over-year, the sector still remains bound by an outdated and ineffective supply chain, especially in the United States.
In this week’s episode, host Maria Varmazis sits down with Doug Anderson, Partner at PwC, and Steve Jordan-Tomaszewski, Vice President of the Space Systems Division at AIA, to dive into PwC’s recent study looking at the sector’s supply chain limitations. During the conversation, they examine the supply chain’s base risks and bottlenecks, and what strategies can be utilized to address these concerns.
Key sources:
Strengthening America’s space supply chain
Like what you heard? Be sure to subscribe to our free Signals and Space Briefing, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space
Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to [email protected]. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P
T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this Special Edition episode, N2K CyberWire's Dave Bittner sits down with Caitlin Sarian, widely known as Cybersecurity Girl, to explore how storytelling, authenticity, and community are reshaping a more human-centered cybersecurity landscape.
Recorded live at The Cyber Guild's Uniting Women in Cyber (UWIC) Event last fall, this candid conversation highlights Caitlin’s unconventional path into cybersecurity and her mission to make the industry more accessible and relatable for all.
Together, they explore how breaking down technical barriers can unlock new pathways into the field especially for those from nontraditional backgrounds.
UWIC brings together industry leaders, practitioners, and emerging talent to advance the cybersecurity workforce through leadership, innovation, and inclusion. Join us on Oct 8 for UWIC 2026!
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week we are joined by Daniel Schwalbe, Chief Information Security Officer & Head of Investigations at DomainTools, discussing their work on "ZionSiphon OT Malware First Attempts? Psyops? Both?" Researchers at DomainTools take a closer look at ZionSiphon, a purported operational technology malware sample targeting the water sector, and find that despite its alarming appearance, it lacks many of the capabilities needed to function as a credible cyber-physical weapon.
They break down the malware's architecture, its operational shortcomings, and why it may be more of a prototype or proof of concept than a deployable threat. With heightened concern surrounding attacks on critical infrastructure amid the ongoing U.S.-Iran conflict, the research offers timely insight into separating genuine OT threats from overhyped malware.
The research and executive brief can be found here:
Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both?
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Tata Electronics and Bajaj Auto continue recovery from cyberattacks. FCC tightens undersea cable rules to bolster national security. CISA warns of actively exploited PTC vulnerability. Gamaredon expands toolkit, hides behind legitimate services. Iran-linked hackers turn public warning systems into psychological weapons. Threat actors target critical infrastructure across Southeast Asia. DCloud framework behind global scam economy. Polish police disrupt SIM-swapping gang. French statistics agency reports cyberattack affecting nearly 13,000 staff. Our guest is Michael Fanning, CISO at Splunk, discussing how AI doesn’t create problems, it exposes them. And an open-book exam for hackers.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Michael Fanning, CISO at Splunk, discussing how AI doesn’t create problems, it exposes them.
Selected Reading
Apple supplier Tata tightens internal controls after data breach, sources say (Reuters)
Bajaj Auto resumes normal operations as cyberattack probe continues (Storyboard18)
FCC passes new cybersecurity rules for emergency systems, undersea cables (CyberScoop)
U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog (SecurityAffairs)
Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances (ESET)
A Cyber-Psychological Operation: Iran-Linked Attackers Target Warning Systems (Claroty)
CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure (Unit 42)
From San Pedro to Salinas: How a Chinese Framework “DCloud Uni-App” Powers a Global Scam Economy (Infoblox)
Poland busts SIM-swapping gang tied to millions in crypto theft (BleepingComputer)
France's statistics department reports cyberattack on staff data (Reuters)
UK school’s network left wide open for invasion, student found (The Register)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
International operation disrupts Amadey and StealC malware infrastructure. Australian spy chief warns nation-state hackers are prepositioning for future sabotage. Stealthy new backdoor may be tied to initial access broker. Researchers uncover "Cordyceps" supply chain flaw. Iran-linked MuddyWater disguises espionage as ransomware attack. Cal Water says Handala's hacking claims were overstated. Report says Russia continued using Cellebrite phone-cracking tools after the ban. Chinese cybersecurity firm unveils AI tools to rival Anthropic's Mythos. DraftKings hacker is sentenced to eighteen months. Our guest is Erich Kron, CISO Advisor at KnowBe4, sharing the details of the CAPY program. And more Than Meets the Eye-P.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Erich Kron, CISO Advisor at KnowBe4, sharing the details of the CAPY (Cyber Awareness Program for You) program that offers free cybersecurity training for families.
Selected Reading
Three ‘cybercrime as a service’ operations undercut by Microsoft, law enforcement (The Record)
Scaling cybercrime disruption through innovation and AI (Microsoft)
Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’ (The Register)
Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker (Security.com)
Cordyceps: The Silent Parasite Consuming Your Supply Chain (Novee)
Iran-Linked MuddyWater Poses as Ransomware Gang to Mask Cyber Espionage (Infosecurity Magazine)
Cal Water Finds No Evidence of OT Activity After Hackers Claimed They Could Disrupt Water Supply (SecurityWeek)
Russia used Cellebrite phone-hacking tool to crack down on dissident after firm cut off country (The Record)
China’s 360 says it has developed tools to match Anthropic’s Mythos (Reuters)
DraftKings hacker 'Snoopy' sentenced to 18 months in prison (BleepingComputer)
Nearly Half of LG Smart TV Apps Contain Residential Proxy SDKs (Spur Intelligence)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
LastPass says Klue breach affected customer information, but passwords remain secure. Attackers begin exploiting Cisco Unified CM vulnerability. CISA flags actively exploited Ubiquiti and Lantronix flaws, urges rapid patching. DifyTap flaws could expose private AI conversations across tenants. Researchers find AI plugin registry let unofficial tools masquerade as trusted software. xpl0itrs launches leak site, signaling shift toward full-service cyber extortion. Ransomware attack hits Indian auto giant Bajaj Auto. U.S. presses Meta to submit AI models for national security reviews. Alleged criminal marketplace administrator extradited to the US. U.S. expands sanctions against Cambodian scam network tied to cyber fraud operations. On today’s Industry Voices segment, we are joined by Mike Masciulli, Managing Director, Migration Products and Services at Semperis, discussing RC4 and AD Migration: The Break Scenarios Hiding in Your Source Domain. And a lesson in access control.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On today’s Industry Voices segment, we are joined by Mike Masciulli, Managing Director, Migration Products and Services at Semperis, discussing RC4 and AD Migration: The Break Scenarios Hiding in Your Source Domain. If you enjoyed this conversation, check out the full interview here.
Selected Reading
Password manager maker LastPass says hackers stole customer support case data during Klue breach (TechCrunch)
Klue says hackers stole credential from 2022 that led to customer data breaches (TechCrunch)
Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks (BleepingComputer)
U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog (SecurityAffairs)
DifyTap: Zafran discovers how attackers can silently wiretap AI data across tenants on a platform powering 1M+ apps (Zafran)
23 ClawHub Plugins Squat Official Org Scopes (Manifold Security)
Cyber Intel Brief: xpl0itrs Leak Site Launch (Dataminr)
Indian auto giant Bajaj Auto hit by ransomware incident (The Record)
U.S. Presses Meta to Agree to A.I. Reviews as Security Concerns Rise (NY Times)
Algerian Man Extradited to US for Running Cybercrime Marketplaces (SecurityWeek)
US adds sanctions against accused Cambodian scammers Prince Group (Reuters)
Ushering in the Next Frontier of Quantum Innovation (The White House)
Meta Exposed Data Internally From Its Controversial Employee-Tracking Program (WIRED)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Five Eyes warns AI could supercharge cyberattacks within months. Tata Electronics confirms breach as stolen data allegedly includes Apple and Tesla documents. Researchers publish new analysis of FortiBleed. Gizmodo breach exposes readers to ClickFix malware campaign. BootROM exploit can bypass Apple's SecureROM. Scattered Spider members plead guilty in the UK. Attackers exploit Gravity SMTP flaw to harvest secrets From WordPress sites. Executive Order accelerates federal shift to post-quantum cryptography. Dave Bittner sits down with Ellen Boehm, the Senior Vice President of IoT Strategy & Operations at Keyfactor, to discuss NIST's progress in its PQC efforts. Keeping tabs on the tab-keepers.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today Dave Bittner sits down with Ellen Boehm, the Senior Vice President of IoT Strategy & Operations at Keyfactor, to discuss NIST's progress in its PQC efforts and where more effort needs to be made to get the U.S. and its critical infrastructure quantum-ready.
Selected Reading
'Five Eyes' intelligence alliance warns that new AI models pose urgent cyber risk (Reuters)
Intel agencies: Frontier AI models will reshape cybersecurity faster than expected (CyberScoop)
Anthropic's Mythos AI broke into almost all NSA classified systems in hours (SecurityAffairs)
Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach (TechCrunch)
FortiBleed campaign used custom FortiGate sniffer to steal credentials (BleepingComputer)
Gizmodo readers hit with ClickFix malware prompts after account compromise (The Register)
New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones (SecurityWeek)
TFL Hackers Admit Carrying Out Cyberattack That Cost £39M (Law360)
Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Plugin (Wordfence)
Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration (Security Week)
Madison Square Garden Made Dossier on Activists Who Opposed Facial Recognition (404 Media)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Klue supply-chain attack impacts cybersecurity firms. Brand-new Prinz Eugen ransomware is surprisingly polished. ShinyHunters leak exposes sensitive data of 10,000 Council of Europe employees. Security agencies sound alarm over FortiBleed credential harvesting operation. Texas data breach affects hunting and fishing licensees. Microsoft ties Mastra AI supply chain attack to North Korean hackers. Vidar infostealer unveils new technique to defeat Chrome's encryption protections. Brazil investigates suspected hack of emergency alert system. We got your Monday business brief. On today’s Industry Voices, Dave Bittner sits down with Mike Britton, CIO of Abnormal AI, as they discuss "AI-Powered Attacks Are Now a Commodity.” And not the kind of beats you want to drop.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On today’s Industry Voices, we are joined by Mike Britton, CIO of Abnormal AI, discussing "AI-Powered Attacks Are Now a Commodity — And Most Organizations Don't Know It Yet." If you enjoyed this conversation and want to hear the full interview, listen here.
Selected Reading
Klue OAuth breach victim list grows as Icarus hackers claim attack (BleepingComputer)
Prinz Eugen ransomware: a deep dive into a new Go-based encryptor (ThreatDown)
Council of Europe Data Breach: ShinyHunters Makes 10,000 Employees' Records Permanent (Tech Times)
Global cybersecurity agencies warn of credential exposure in FortiBleed campaign targeting Fortinet firewalls, VPN gateways (Industrial Cyber)
Everything's bigger and better in Texas – even data breaches (The Register)
Microsoft links Mastra AI supply chain attack to North Korean hackers (BleepingComputer)
Inside Vidar’s ABE Bypass: From Memory Scanning to APC Injections (Gen Digital)
Brazil probes emergency warning system after nationwide rogue alert (The Register)
Ent emerges from stealth with $100 million in seed funding. (N2K Pro Business Briefing)
Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap (Malwarebytes)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Traditionally, GPS jamming attacks have been confined to the ground; however, new data shows that these attacks could be moving to target signals before they even reach the ground.
In this week’s episode, host Maria Varmazis sits down with Dave Bittner and Brandon Karpf to discuss recent research that suggests the attack landscape for GPS attacks is expanding. If this research is accurate, these attacks represent a significant evolution for how defenders think about this critical technology.
Key sources:
Something is jamming GPS over Europe. Here's what we found.
Chasing Lightning: Detecting, Characterizing, and Identifying a Powerful Space-Based GNSS Interference Source.
EKS 5.
Like what you heard? Be sure to subscribe to our free Signals and Space Briefing, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space
Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to [email protected]. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P
T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
For years, security teams had time between discovery and exploitation. Time to triage. Time to validate. Time to prioritize what to fix first. AI has compressed that window. Frontier models now discover and chain vulnerabilities faster than human analysts can confirm them, and the gap between finding and fixing is shrinking in both directions.
In this episode of CyberWire-X, N2K’s Dave Bittner and Federico Kirschbaum, Head of XBOW Security Lab, explore what it actually means to run autonomous offensive security, why validation workflows built for quarterly testing cycles struggle to keep up, and how practitioners are redefining what a tested application looks like when the pace of offense has fundamentally changed.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Tom Kellermann, Trend Micro's VP of AI Security and Threat Research, discussing their work on "Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud." Researchers from Trend Micro's MDR team uncovered the full operation behind Banana RAT, a sophisticated banking trojan they track as SHADOW-WATER-063, by analyzing both attacker infrastructure and infected victim systems.
The malware uses fileless PowerShell execution, layered obfuscation, and remote-control capabilities to steal credentials, manipulate banking sessions, intercept Pix QR code payments, and facilitate financial fraud targeting Brazilian banks. The campaign appears to be operated by a Brazilian Portuguese-speaking cybercriminal group with ties to the broader Tetrade banking malware ecosystem and may be evolving toward a malware-as-a-service model.
The research and executive brief can be found here:
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss leaks, espionage and influence operations over the past 10 years.
Together they reflect on a decade of cybersecurity developments, focusing on the pivotal year 2016 where a shift occurred.
Join N2K as we cover the rise of nation-state cyber operations, major leaks like the Panama Papers and DNC email hacks, and the evolving landscape of cyber norms, trust, and threat perception.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Laat meer zien