CyberWire Daily

Iranian hackers hit LA transit. Chinese cyber operators target Middle East infrastructure. Dutch police take down a 17-million-device botnet. Researchers uncover a phishing risk in ChatGPT. Anthropic prepares its Mythos model for release. Chrome patches 22 critical bugs. Zapier fixes a dangerous vulnerability chain. ShinyHunters claims a Charter breach. A data broker who fueled scams against millions of seniors heads to prison. Maria Varmazis joins Dave Bittner for a look back at a decade of ransomware. A Google insider allegedly went from threat hunting to bet hunting.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today CyberWire hosts Maria Varmazis and Dave Bittner take a look at how ransomware has evolved over the past decade, from opportunistic attacks to today’s sprawling criminal enterprises, and discuss the tactics, trends, and turning points that shaped the threat landscape. You can catch the full conversation on Sunday in the CyberWire Daily podcast feed. We hope you’ll join us! 

Selected Reading

Iranian hackers behind March's LA transport cyberattack, Gambit finds (The Jerusalem Post)

Chinese Hackers Exploit Iran War to Target Maritime and Energy Firms (Infosecurity Magazine)

Dutch cops wrest 17M devices from mystery botnet's clutches (The Register)

ChatGPT blindly trusts browser content, turning the page into a payload (The Register)

Anthropic confirms Claude Mythos-class models will roll out to the public (Bleeping Computer)

Chrome 148 Update Patches 151 Vulnerabilities (SecurityWeek)

Zapier fixes bug chain that researchers say risked widespread account takeover (CyberScoop)

Charter Communications data breach affects 4.9 million accounts (Bleeping Computer)

Man sent to prison for selling data of 7 millions elderly Americans (Bleeping Computer)

US charges Google security engineer with Polymarket insider trading (Bleeping Computer)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our ⁠brief listener survey⁠. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at ⁠sponsor.thecyberwire.com⁠.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Command’s new chief pushes modernization as lawmakers warn commercial location data is exposing U.S. troops. A third-party UK visa site leaks passports and selfies. Microsoft slams unpatched zero-day disclosures. Researchers uncover a new macOS malware campaign targeting crypto developers, while SEO poisoning and AI chatbots spread cryptojacking malware. Carnival confirms a massive breach tied to ShinyHunters. Plus, the alleged VenomRAT developer is extradited to France, and a Romanian hacker is sentenced for breaching Oregon state systems. Our guest is Courtney Guss, Crisis Management Director at Semperis, discussing crisis response planning. The surveillance on the bus goes round and round.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, ⁠Daily Briefing⁠, and you’ll never miss a beat. And be sure to follow CyberWire Daily on ⁠LinkedIn⁠.

Industry Voices 

On our Industry Voices segment, guest ⁠Courtney Guss⁠, Crisis Management Director at ⁠Semperis⁠, discusses crisis response planning. Some resources related to today’s discussion:


⁠The State of Enterprise Cyber Crisis Readiness⁠ 


⁠Rethinking Cyber Crisis Management: Why Plans Fail⁠ 


⁠The Modern Model for Cyber Crisis Management⁠ 


⁠The Missing Layer in Cyber Incident Response: Crisis Orchestration⁠

If you enjoyed this conversation and want to hear the full interview, tune in here.

Selected Reading

Rudd orders Cyber Command reviews as Pentagon presses reform agenda (The Record)

Exclusive: Pentagon says US military personnel are reportedly being targeted using location data (Reuters)

A Fake UK Visa Site Left 100,000 Passports Wide Open. Then Sent Lawyers Instead of a Fix. (Security Affairs)

Microsoft Condemns "Uncoordinated" Zero Day Disclosures (Infosecurity Magazine)

A shared responsibility: Protecting customers through Coordinated Vulnerability Disclosure (Microsoft)

New Threat Actor Jinx-0164 Targets Crypto Developers on macOS (Infosecurity Magazine)

GPU mining malware spreads via SEO poisoning, AI chatbots (Bleeping Computer)

Carnival confirms ShinyHunters cruised off with 6M customer records after April breach (The Register)

Malware seller hunted across three continents (eKathimerini.com)

Romanian gets 5 years in prison for hacking Oregon govt network (Bleeping Computer)

‘BusPatrol’ Put AI Cameras in Tens of Thousands of School Buses. Now They Want to Give Cops Access (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A major takedown disrupts the GlassWorm botnet. The White House rewrites federal cyber logging rules as CISA faces cuts amid rising AI threats. Federal agencies ramp up scrutiny of so-called anti-tech extremism. GCHQ warns Russia is targeting UK infrastructure. Researchers uncover stealthy new malware, AI coding agent supply chain risks, and in-person extortion tactics targeting U.S. law firms. Europe grabs satellite spectrum. Ben Yelin joins us to discuss the bipartisan push for more support of CISA. Hacking your way to the main stage. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our Caveat co-host and Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, Ben Yelin, joins Dave to talk about the bipartisan push for more support of CISA.

Selected Reading

GlassWorm Botnet Disrupted (SecurityWeek)

OMB Scraps Biden-Era Cyber Logging Rules (BankInfoSecurity)

US law enforcement warns of "anti-tech extremism" as AI hatred grows (Ars Technica)

Russia 'relentlessly targeting' critical infrastructure and democracy, GCHQ says (BBC)

Trump hobbled top cyber agency just as AI learned to hack (Axios)

EU to squeeze US space tech out of prized satellite airwaves (Politico) 

Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data (FortiGuard Labs)

FBI warns of in-person data theft attacks from extortion gang (Bleeping Computer)

‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems (SecurityWeek)

How to guarantee a speaker gig: Hack the system. Literally (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The FBI warns attackers are abusing Microsoft OAuth authentication. India pushes faster patching as AI speeds up cyberattacks. Iranian hackers blend phishing with SEO poisoning. Anthropic’s AI finds thousands of open source flaws, while AI also reshapes bug bounties and fuels supply-chain attacks hitting thousands of GitHub repos. Plus, a new LMS zero-day, bulletproof hosting arrests in the Netherlands, FTC action over bogus “active listening” claims, and another busy week for cyber funding and M&A. Our guest is Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation.” Please disregard all searches for disregard.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation."

Selected Reading

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts (Bleeping Computer)

India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws (Infosecurity Magazine)

Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign (Infosecurity Magazine)

Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects (SecurityWeek) 

HackerOne takes an axe to its bug bounty rewards (The Register)

Automated 'Megalodon' Campaign Spreads GitHub Repo Backdoors (GovInfo Security)

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment (SecurityWeek)

Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands (SecurityWeek)

FTC to Require Cox Media Group, Two Other Firms to Pay Nearly $1 Million to Settle Charges They Deceived Customers About “Active Listening” AI-Powered Marketing Service (Federal Trade Commission)

Socket raises $60 million in Series C funding. (N2K Pro Business Briefing)

You can no longer Google the word 'disregard' (TechCrunch)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Authors Paul J. Maurer and Ed Skoudis join Caveat podcast co host Ben Yelin to discuss their new book: "The Code of Honor: Embracing Ethics in Cybersecurity." The book is a comprehensive and practical framework for ethical practices in contemporary cybersecurity. Listen to Ben's discussion with Paul and Ed as they explore the ethical dimensions of cybersecurity, the influence of AI, and the responsibilities of cyber professionals. Consider joining Paul and Ed in upholding the highest standards of cybersecurity ethics by signing the Cybersecurity Code they share as part of The Code of Honor. Learn more about the book here.
Learn more about your ad choices. Visit megaphone.fm/adchoices