CyberWire Daily

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss leaks, espionage and influence operations over the past 10 years.

Together they reflect on a decade of cybersecurity developments, focusing on the pivotal year 2016 where a shift occurred.

Join N2K as we cover the rise of nation-state cyber operations, major leaks like the Panama Papers and DNC email hacks, and the evolving landscape of cyber norms, trust, and threat perception.
Learn more about your ad choices. Visit megaphone.fm/adchoices

International law enforcement disrupts the SocGholish botnet. The UK’s cyber chief says cybersecurity is a contest, not a risk register. Ukraine joins the EU’s cyber reserve. The Gentlemen gang sharpens its ransomware toolkit. A WordPress supply chain attack spreads malware. Critical patches land from F5, Atlassian, and Splunk. Agentjacking targets AI coding assistants. And Kodak confirms a breach claimed by ShinyHunters. Our guest is Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on the failure of FISA section 702 to reauthorize. Criminal coders face automation anxiety.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies, and coh-host of Caveat, as he discusses the failure of FISA section 702 to reauthorize.

Selected Reading

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp (Bleeping Computer)

Hostile States Behind 75% of Cyber-Attacks on UK CNI, NCSC Warns (Infosecurity Magazine)

Cyberspace Locked in a Nation-State Contest, Says NCSC CEO (BankInfo Security)

EU grants Ukraine access to cybersecurity reserve for major attacks (The Record)

Killing me gently: Inside Gentlemen’s EDR killer framework (ESET)

ShapedPlugin update flow hacked to infect WordPress sites (Bleeping Computer)

F5 issues out-of-band patches for critical NGINX vulnerabilities (Bleeping Computer)

Atlassian, Splunk Patch Critical Vulnerabilities (SecurityWeek)

Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents (HackRead)

Kodak Admits Data Breach After ShinyHunters Hack Claims (SecurityWeek)

Cybercriminals Are Worried About AI Taking Their Jobs Too (Infosecurity Magazine)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

President Trump halts a key intelligence nomination. The FBI warns of a new Microsoft 365 phishing threat. France cuts ties with Palantir. A new Android banking trojan emerges. Fortinet firewalls come under attack. CISA orders emergency Joomla patching. Plus, Madison Square Garden data leaks and malware hidden in Steam wallpapers. Our guest is Christy Wyatt, CEO from Absolute Security, discussing their new ebook. The DOJ claims pollution is mission-critical. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today’s Industry Voices we are joined by Christy Wyatt, CEO from Absolute Security, discussing their ebook. If you enjoyed this conversation, check out the full interview here.

Selected Reading

President Trump calls to delay nomination of intel pick Jay Clayton (NPR)

Warner warns of CISA cuts, staffing gaps in letter to acting chief (The Record)

French spies drop AI giant Palantir over US overreliance fears (The Local)

Rokarolla : Android Banker with Complete Device Takeover Capabilities (Zimperium)

FortiBleed: 75,000 Fortinet Firewalls Compromised: Global Enterprises Exposed – Claim Your Ethical Disclosure (InfoStealers)

CISA orders feds to patch max severity Joomla plugin flaw by Friday (Bleeping Computer)

Hackers Publish Knicks and Madison Square Garden Data Online (404 Media)

Gamers beware: malicious wallpapers on Steam found stealing accounts (Securelist)

DHS S&T Highlights New SPARTA Resources for Defending Spacecraft Against Cyberattacks (ExecutiveGov)

DOJ Lawyers Argue xAI Is ‘Vital’ for National Security in NAACP Lawsuit (WIRED)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Emergency talks fail to free Anthropic’s Fable 5. Trump moves to strengthen national security systems. Microsoft patches a critical Copilot flaw. ShinyHunters weaponize a PeopleSoft zero-day. DragonForce hides in Microsoft Teams for months. Plus, Amos Stealer targets Macs, CISA issues a three-day patch deadline, Delta avoids penalties, and researchers show just how easy it is to manipulate AI search. Our guest is Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. Consulting meets confabulation.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices, we are joined by Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. If you enjoyed this conversation, check out the full interview here. 

Selected Reading

Anthropic Is Still at Odds With the White House Over Claude Fable 5 (WIRED)

Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher (The Register)

White House Issues Memo to Bolster NSS Cybersecurity (SecurityWeek)

Microsoft Patches Critical SearchLeak Vulnerability in Copilot Enterprise (Beyond Machines)

ShinyHunters Hits Universities Via Oracle Zero-Day (GovInfo Security)

DragonForce Ransomware Exploited Microsoft Teams to Hide Attack (Infosecurity Magazine)

Inside Amos Stealer: How This Threat Targets macOS Credentials and Keychains (CyberProof)

CISA warns of another cPanel plugin flaw exploited in attacks (Bleeping Computer)

US closes probe into 2024 Delta Air Lines meltdown sparked by CrowdStrike outage (Reuters)

It Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests (404 Media)

KPMG pulls report on AI usage due to apparent hallucinations (TechCrunch)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Anthropic pulls Fable 5. OpenAI faces a multistate probe. Handala targets a California water utility. ShinyHunters claims another victim. The FBI and Google take down a major phishing platform. The latest cybersecurity business news. Our guest is Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, discussing a rampant global transportation smishing campaign. A deepfake detective has doubts. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, is discussing a rampant global transportation smishing campaign. You can read more about Operation Road Trap here.

Selected Reading

Anthropic disables access to Fable 5 and Mythos 5 to comply with government directive (CNBC)

Cyber leaders defend Anthropic's banned model (Axios)

State Attorneys General Are Investigating OpenAI (The New York Times)

Handala Hacking Group Claims Breach of California Water Service (Hackread)

Maine Takes Breach Reporting Portal Offline After Fake Entries (Infosecurity Magazine)

Warner introduces bill to restore MS-ISAC funding, bolster critical infrastructure cyber defense (Industry Cyber)

Infinite Campus data breach affects 137,000 school staff accounts (Bleeping Computer)

FBI, Google Dismantle 'Outsider Enterprise' Phishing Service (SecurityWeek)

Ex-school district employee jailed for hacks on former employer (Bleeping Computer)

Cyera raises $600 million in a Series G round led by Evolution Equity Partners. (N2K Pro Business Briefing)

In Age of AI, World’s Leading Deepfake Expert No Longer Trusts His Own Eyes (The New York Times)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices