CISA secrets left sitting on GitHub.

CyberWire Daily

N2K Networks, Inc.

Technology, Tech News, Daily News, News

4.8 • 1.1K Ratings

🗓️ 19 May 2026

⏱️ 26 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

A CISA contractor leaks GovCloud credentials on GitHub. INTERPOL cracks down on phishing infrastructure across the Middle East and North Africa. Microsoft patches a critical Authenticator flaw, while Poland moves officials off Signal after targeted phishing campaigns. A stealthier SHub macOS infostealer emerges. Universal Robots fixes a critical vulnerability. A Dark Web marketplace dumps millions of stolen payment cards. Echo Protocol loses $76 million in a synthetic Bitcoin breach. Our guest is Chris Cochran, Field CISO & Vice President of AI Security at SANS, discussing their AI maturity model. Nathan Detroit rolls malware snake eyes. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Chris Cochran, Field CISO & Vice President of AI Security at SANS, discussing their SANS AI Security Maturity Model™. Selected Reading CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) INTERPOL Operation Ramz: 201 Apprehended in MENA Cybercrime Disruption (TechNadu) Microsoft Patches Critical Token Theft Vulnerability in Authenticator App (Beyond Machines) Poland shifts away from Signal following cyberattacks on officials’ accounts (Security Affairs) SHub macOS infostealer variant spoofs Apple security updates (Bleeping Computer) Critical Vulnerability Exposes Industrial Robot Fleets to Hacking (SecurityWeek) B1ack's Stash Releases 4.6 Million Stolen Credit Cards for Free (SOC Radar) Echo Protocol Hit by $76M eBTC Minting Exploit (SOC Radar) Chanhassen Dinner Theatres cancels more Guys and Dolls performances due to illness and cyberattack (KARE11) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:08.7	Do you know how the space and cybersecurity domains connect?
0:13.7	T-minus space-cyber briefing is your guide through the space-based systems that expand the attack surface.
0:20.2	I'm Maria Varmazis, host here at N2K Cyberwire,
0:23.9	and I'm excited to share that T-minus is back.
0:27.3	Now as a weekly podcast, the T-minus Space Cyber Briefing.
0:31.8	We have a new dedicated focus on two great things that are even better together,
0:36.9	space and cybersecurity.
0:39.3	Because whether we realize it or not, we all depend on space-based systems that are, by the way, increasingly Internet-enabled.
0:48.3	We're talking cybersecurity technologies, policies, and organizations that are securing the critical space-based infrastructure
0:55.2	that powers, protects, and connects our lives here on Earth. So join me for T-minus Space Cyber
1:01.9	Reefing, new episodes every Sunday.
1:15.9	Quick question. Have you watched Project Hail Mary yet?
1:21.7	Humanity is facing an existential threat and racing to solve it with the clock ticking.
1:45.7	For security teams, that probably hits close to home with AI use, rapidly spreading. Everyone's using AI, marketing, sales, engineering. Chris the intern without security even knowing about it. That's where Nudge security comes in. Nudge finds shadow AI apps, integrations, and agents on day one and helps you enforce policy without blocking productivity.
2:06.6	Try it free at nudgesecurity.com slash cyberwire. A Sisa contractor leaks GovCloud credentials on GitHub. Interpol cracks down on fishing infrastructure across the Middle East and North Africa.
2:11.6	Microsoft patches a critical authenticator flaw, while Poland moves officials off signal.
2:20.9	A stealthier S-Hub Mac OS Info-Steeler emerges.
2:24.1	Universal Robots fixes a critical vulnerability.
2:28.1	A dark web marketplace dumps millions of stolen payment cards.
2:33.2	Echo Protocol loses $76 million in a synthetic Bitcoin breach.
2:36.1	Our guest is Chris Cochran, Field Sissau,
	...

Transcript will be available on the free plan in 12 days. Upgrade to see the full transcript now.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.