CyberWire Daily

Anthropic pulls Fable 5. OpenAI faces a multistate probe. Handala targets a California water utility. ShinyHunters claims another victim. The FBI and Google take down a major phishing platform. The latest cybersecurity business news. Our guest is Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, discussing a rampant global transportation smishing campaign. A deepfake detective has doubts. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, is discussing a rampant global transportation smishing campaign. You can read more about Operation Road Trap here.

Selected Reading

Anthropic disables access to Fable 5 and Mythos 5 to comply with government directive (CNBC)

Cyber leaders defend Anthropic's banned model (Axios)

State Attorneys General Are Investigating OpenAI (The New York Times)

Handala Hacking Group Claims Breach of California Water Service (Hackread)

Maine Takes Breach Reporting Portal Offline After Fake Entries (Infosecurity Magazine)

Warner introduces bill to restore MS-ISAC funding, bolster critical infrastructure cyber defense (Industry Cyber)

Infinite Campus data breach affects 137,000 school staff accounts (Bleeping Computer)

FBI, Google Dismantle 'Outsider Enterprise' Phishing Service (SecurityWeek)

Ex-school district employee jailed for hacks on former employer (Bleeping Computer)

Cyera raises $600 million in a Series G round led by Evolution Equity Partners. (N2K Pro Business Briefing)

In Age of AI, World’s Leading Deepfake Expert No Longer Trusts His Own Eyes (The New York Times)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

In large enterprise software companies, vulnerability management teams are facing unprecedented speed and scale as AI accelerates both discovery and exploitation of security issues. In this episode of CyberWire-X, N2K’s Dave Bittner is joined by Adobe’s Daniel Ventura, Senior Manager of the Vulnerability Operations Center, and Sangeeta Arora, Director of Vulnerability Management, to discuss how Adobe is evolving its vulnerability management strategy to keep pace with AI-driven threats. They share real world insights on prioritization, crossteam partnership, and how modern programs can balance speed with meaningful risk reduction.
Learn more about your ad choices. Visit megaphone.fm/adchoices

For years, space cybersecurity has been a long sought after goal, but due to operational constraints, it was largely unfeasible.

In this week’s episode, host Maria Varmazis sits down with journalist Shaun Waterman to discuss his recent article “The Newest Space Race is Cyber.” As space has increasingly become a critical infrastructure component, industry leaders and security agencies alike have begun to launch new initiatives to improve capabilities both on the ground and in orbit.

Key sources:


The Newest Space Race is Cyber.


DHS Wants Satellite Volunteers to Test New Cyber Tools.


Five Teams of Hackers will Compete to Breach US Satellite in Space.

Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: ⁠https://thecyberwire.com/newsletters/signals-and-space⁠ 

Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to ⁠space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: ⁠https://www.surveymonkey.com/r/NJYCN2P⁠ 

T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. ⁠N2K⁠ is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Martin Zugec, Technical Solutions Director at Bitdefender, discussing their work on "FamousSparrow APT Targets Azerbaijani Oil and Gas Industry." Bitdefender researchers uncovered a sustained cyber espionage campaign by the China-linked FamousSparrow group targeting an Azerbaijani oil and gas company, highlighting the growing focus on critical energy infrastructure in the South Caucasus. The attackers repeatedly exploited the same vulnerable Microsoft Exchange server over multiple months, deploying evolving versions of Deed RAT and Terndoor malware through sophisticated DLL sideloading techniques designed to evade detection and maintain persistence. The operation underscores FamousSparrow's adaptability and persistence, demonstrating how advanced threat actors continually refine their tooling and return to compromised environments until vulnerabilities are fully remediated and access is cut off.

The research and executive brief can be found here:

FamousSparrow APT Targets Azerbaijani Oil and Gas Industry

Learn more about your ad choices. Visit megaphone.fm/adchoices

CISA directs agencies to “patch smarter, not harder.” The House fails to extend FISA. Europol pulls over AudiA6. GitHub announces npm security updates. Anthropic rejects Fable 5 jailbreak claims. CISA gives feds three days to patch a critical Ivanti Sentry vulnerability. Google confirms ShinyHunters exploited a critical Oracle PeopleSoft vulnerability. FancyBear shifts part of its infrastructure to compromised edge devices. Pundits push for CyberCorps scholarship budgets. Our guest is Dr. Renée Burton, VP of Threat Intelligence at Infoblox, to discuss scams targeting the World Cup. Amazon drivers sweat through a software update. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Dr. Renée Burton, VP of Threat Intelligence at Infoblox, to discuss the World Cup and fans possibly getting caught out if they use SuperBox to view it.

Selected Reading

CISA directive orders agencies to prioritize vulnerability patching in a new way (CyberScoop)

House votes against extending controversial wiretapping law set to lapse Friday (The Washington Post)

Ransomware gangs cut off from EUR 336 million ‘AudiA6’ crypto laundering pipeline - Europol analysis links the criminal service to over 15 international cybercrime investigations (Europol)

GitHub to Update npm to Thwart Software Supply Chain Attacks (Infosecurity Magazine)

Anthropic Disputes Fable 5 AI Jailbreak (SecurityWeek)

CISA orders feds to patch actively exploited Ivanti flaw by Sunday (Bleeping Computer)

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters (SecurityWeek)

GRU-Linked APT28 Uses MooBot Botnet and Compromised EdgeRouters for Cyber Operations (GB Hackers)

CyberCorps is adapting to AI. The budget isn't keeping up. (CyberScoop)

Software Update Automatically Turns off Amazon Delivery Drivers’ AC During Dangerous Summer Heat (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices