Memory leaks and login sneaks.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 8 July 2025

⏱️ 26 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. Beware of a new ransomware group called Bert. Call of Duty goes offline after reports of RCE vulnerabilities. President Trump's spending bill allocates hundreds of millions for cybersecurity. Nearly 26 million job seekers’ resumes and personal data are leaked. CISA adds four actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. Outsmarting AI scraper bots with math. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment Cyber attackers are increasingly targeting the very tools developers trust—integrated development environments (IDEs), low-code platforms, and public code repositories. In this segment of Threat Vector, host ⁠David Moulton⁠ speaks with ⁠Daniel Frank⁠ and ⁠Tom Fakterman⁠ from Palo Alto Networks' threat research team about “Hunting Threats in Developer Environments.” You can hear David and Tyler's full discussion on Threat Vector ⁠⁠here⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading Public exploits released for Citrix Bleed 2 NetScaler flaw, patch now (Bleeping Computer) Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild (SecurityWeek) Hacker leaks Telefónica data allegedly stolen in a new breach (Bleeping Computer) Italian police arrest Chinese national wanted by FBI for alleged industrial espionage (Reuters) Beware of Bert: New ransomware group targets healthcare, tech firms (The Record) Call of Duty takes PC game offline after multiple reports of RCE attacks on players (CyberScoop) GOP domestic policy bill includes hundreds of millions for military cyber (CyberScoop) TalentHook leaks resumes of 26 Million job seekers (Beyond Machines) CISA Adds Four Known Exploited Vulnerabilities to Catalog (CISA) The Open-Source Software Saving the Internet From AI Bot Scrapers (404 Media) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:09.7	And now a word from our sponsor, Cloud Range.
0:17.4	At Cloud Range, they believe cybersecurity readiness starts with people, not just technology.
0:22.9	That's why their proactive simulation-based training helps security teams build confidence and
0:28.1	skill from day one. By turning potential into performance, they empower SOC and incident response
0:34.4	teams to respond quickly, smartly, and in sync with evolving threats.
0:39.5	Learn how Cloud Range is helping organizations
0:41.9	stay ahead of cyber risks at www.com.
0:47.3	Thank you. Researchers release proof-of-concept exploits for Citrix bleed to Grafana patches four high-severity vulnerabilities.
1:09.0	A hacker claims to have breached Spanish telecom giant
1:12.2	telephonica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial
1:17.8	espionage. Beware a new ransomware group called Burt. Call of duty goes offline after reports of
1:24.8	RCE vulnerabilities. President Trump's spending bill allocates hundreds of
1:28.8	millions for cybersecurity. Nearly 26 million job seekers' resumes and personal data are leaked.
1:35.2	SISA adds four actively exploited vulnerabilities to the known exploited vulnerabilities catalog.
1:40.7	For threat vector, host David Moulton speaks with Daniel Frank and Tom Focterman from Palo Alto Network's threat research team about hunting threats in developer environments and outsmarting AI scraper bots with math.
1:59.0	It's Tuesday, July 8th, 2025.
2:05.8	I'm Dave Bittner, and this is your Cyberwire Intel briefing. Thanks for joining us here today. It's great to have you with us.
2:25.9	Researchers have released proof-of-concept exploits for Citrix bleed 2, a critical flaw in Citrix,
2:33.0	net-scaler AD ADC and gateway devices.
2:36.5	The bug lets attackers steal user session tokens by sending malformed post-login requests,
2:43.5	revealing memory contents. Citrix bleed 2 is similar to the 2023 Citrix bleed flaw
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.