meta_pixel
Tapesearch Logo
Log in
CyberWire Daily

CyberWire Daily

N2K Networks, Inc.

Technology, News, Tech News, Daily News

4.81.1K Ratings

Overview

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

3731 Episodes

The AI lock comes off.

The US restores exports of Anthropic’s most advanced AI models. Adobe and Citrix rush out critical patches. RustDuck emerges as a fast-evolving DDoS threat. The Gentlemen raise the stakes with a new EDR-killing exploit. Rocket lab bets big on Iridium. Researchers unveil browser-only ransomware. New Zealand faces questions about its cyber readiness. Iran’s long-running cyber espionage campaign is back in the spotlight. Our guest is Donald Codling, CISO and senior advisor to REGO on cybersecurity and data privacy matters, to discuss the importance of tying security by design to psychological safety and digital trust. VIP backstage access, courtesy of Claude. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Donald Codling, CISO and senior advisor to REGO on cybersecurity and data privacy matters, to discuss the importance of tying security by design to psychological safety and digital trust. Selected Reading Fable and Mythos: Anthropic says US lifts export ban on its advanced AI tools (BBC) Adobe patches seven max severity ColdFusion, Campaign flaws (Bleeping Computer) RustDuck: The Botnet That's Still Small but Engineering Like It Plans to Grow (SecurityAffairs) Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack (SecurityWeek) Not very gentlemanly: Analyzing a zero-day exploit used by The Gentlemen ransomware to disable targets’ EDRs (Expel) Rocket Lab to Acquire Iridium in Historic Deal, Creating A Fully Vertically Integrated Space Powerhouse Primed for Growth (Globe Newswire) Ransomware that runs inside your browser tab, where antivirus cannot see it (Suriq) Three major cybehttps://suriq.io/blog/browser-only-ransomware-file-system-accessrattacks have raised alarms about New Zealand's security (RNZ) Arrest of Iranian Hacker Spotlights Iran’s Movement into Economic Espionage and IP Theft (Zero Day) Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 1 July 2026

The court draws a privacy line.

The Supreme Court limits geofence warrants. DHS moves to expand CISA. The State Department offers $10 million for Russian hackers. A legal theory could reshape EU-U.S. data sharing. Plus, cyberattacks hit D.C. housing, Oracle and SimpleHelp flaws face active exploitation, malware lingers on Japanese military networks, and stolen Apple supplier data surfaces online. John Cannava, CIO at Ping Identity, discusses how identity threats don't go on holiday. The Secret Service dial down the risk on BYOD.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by John Cannava, CIO at Ping Identity, as he discusses how identity threats don't go on holiday: how attackers take advantage of these high-traffic moments to blend in with normal user behavior, and what needs to change to better protect fans of major events like this summer's World Cup, and identity threats in travel at large. Selected Reading Supreme Court says police need a warrant to obtain Google location data (Washington Post) DHS Eyes 600 New Cybersecurity Hires, New Director for CISA (BankInfo Security) US posts $10 million reward over Russian cyber campaign targeting Signal, WhatsApp (The Record) US Supreme Court just blew up EU-US Data Transfers (NOYB) DC Housing Authority hit by cyberattack, website down (WJLA) Exploitation of Recent Oracle E-Business Suite Vulnerability Begins (SecurityWeek) USB drives carrying China-linked malware infected Japanese military networks for nearly a year (Bitdefender) A forged login key unlocks SimpleHelp servers, and a new stealer is raiding cloud and AI credentials (SURIQ) Apple iPhone 18 Pro supplier list, parts and photos exposed in Tata data leak (Reuters) Even the Secret Service won't use company-issued phones (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 30 June 2026

AI behind the velvet rope.

The White House keeps frontier AI models on a short leash. Russian threat actors increasingly target secure messaging platforms. DirtyClone is a high-severity Linux kernel privilege escalation flaw. An investigation claims federal websites are violating privacy rules. Microsoft dismantles a sophisticated malicious browser extension campaign. Setting up a GitHub repository could trick AI coding agents into executing malicious payloads. The DOJ shuts down illegal World Cup streamers. An Anonymous-linked hacker gets 18 months for website defacement. Monday business briefing. Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discusses cyber risk as a board concern. In healthcare AI, patient privacy needs a second opinion. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discussing cyber risk as a board concern. If you're interested in learning more about NACD, be sure to check out their Director’s Handbook on Cyber-Risk Oversight. Selected Reading Washington pushes AI into an export-control era as rivals rush to fill the gap (Metacurity) FBI and CISA Warn Russian Hackers Stealing Verification Codes and Account PINs From Signal Users (GB Hackers) 'DirtyClone' Linux Kernel Vulnerability Leads to Root Access (SecurityWeek) ‘It’s dangerous and it’s going to erode trust’: redesign of US government websites stokes surveillance fears | Trump administration (The Guardian) StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years (SecurityAffairs)  Clean GitHub repo tricks AI coding agents into running malware (Bleeping Computer) US seizes hundreds of FIFA World Cup illegal streaming domains (Bleeping Computer) Anonymous-Linked Hacktivist Aubrey Cottle Jailed Over Texas GOP Cyberattack (Hackread) Accenture acquires Dragos, runZero, and NetRise for more than $4 billion. (N2K Pro Business Briefing) Medical diagnosis AIs can be tricked into telling whose data trained them (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 29 June 2026

Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]

In this Special Edition episode, N2K CyberWire's Dave Bittner sits down with Caitlin Sarian, widely known as Cybersecurity Girl, to explore how storytelling, authenticity, and community are reshaping a more human-centered cybersecurity landscape. Recorded live at The Cyber Guild's Uniting Women in Cyber (UWIC) Event last fall, this candid conversation highlights Caitlin’s unconventional path into cybersecurity and her mission to make the industry more accessible and relatable for all.  Together, they explore how breaking down technical barriers can unlock new pathways into the field especially for those from nontraditional backgrounds. UWIC brings together industry leaders, practitioners, and emerging talent to advance the cybersecurity workforce through leadership, innovation, and inclusion. Join us on Oct 8 for UWIC 2026!  Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 28 June 2026

Space supply chain pressures. [T-Minus: Space-Cyber Briefing]

Despite the space sector seeing greater investment and attention year-over-year, the sector still remains bound by an outdated and ineffective supply chain, especially in the United States. In this week’s episode, host Maria Varmazis sits down with Doug Anderson, Partner at PwC, and Steve Jordan-Tomaszewski, Vice President of the Space Systems Division at AIA, to dive into PwC’s recent study looking at the sector’s supply chain limitations. During the conversation, they examine the supply chain’s base risks and bottlenecks, and what strategies can be utilized to address these concerns. Key sources: Strengthening America’s space supply chain Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 28 June 2026

More bark than byte. [Research Saturday]

This week we are joined by Daniel Schwalbe, Chief Information Security Officer & Head of Investigations at DomainTools, discussing their work on "ZionSiphon OT Malware First Attempts? Psyops? Both?" Researchers at DomainTools take a closer look at ZionSiphon, a purported operational technology malware sample targeting the water sector, and find that despite its alarming appearance, it lacks many of the capabilities needed to function as a credible cyber-physical weapon. They break down the malware's architecture, its operational shortcomings, and why it may be more of a prototype or proof of concept than a deployable threat. With heightened concern surrounding attacks on critical infrastructure amid the ongoing U.S.-Iran conflict, the research offers timely insight into separating genuine OT threats from overhyped malware. The research and executive brief can be found here: Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both? Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 27 June 2026

Factory reset required.

Tata Electronics and Bajaj Auto continue recovery from cyberattacks. FCC tightens undersea cable rules to bolster national security. CISA warns of actively exploited PTC vulnerability. Gamaredon expands toolkit, hides behind legitimate services. Iran-linked hackers turn public warning systems into psychological weapons. Threat actors target critical infrastructure across Southeast Asia. DCloud framework behind global scam economy. Polish police disrupt SIM-swapping gang. French statistics agency reports cyberattack affecting nearly 13,000 staff. Our guest is Michael Fanning, CISO at Splunk, discussing how AI doesn’t create problems, it exposes them. And an open-book exam for hackers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Michael Fanning, CISO at Splunk, discussing how AI doesn’t create problems, it exposes them. Selected Reading Apple supplier Tata tightens internal controls after data breach, sources say (Reuters)  Bajaj Auto resumes normal operations as cyberattack probe continues (Storyboard18)  FCC passes new cybersecurity rules for emergency systems, undersea cables (CyberScoop) U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog (SecurityAffairs)  Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances (ESET)  A Cyber-Psychological Operation: Iran-Linked Attackers Target Warning Systems (Claroty)  CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure (Unit 42) From San Pedro to Salinas: How a Chinese Framework “DCloud Uni-App” Powers a Global Scam Economy (Infoblox) Poland busts SIM-swapping gang tied to millions in crypto theft (BleepingComputer) France's statistics department reports cyberattack on staff data (Reuters) UK school’s network left wide open for invasion, student found (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 26 June 2026

Gone with the command.

International operation disrupts Amadey and StealC malware infrastructure. Australian spy chief warns nation-state hackers are prepositioning for future sabotage. Stealthy new backdoor may be tied to initial access broker. Researchers uncover "Cordyceps" supply chain flaw. Iran-linked MuddyWater disguises espionage as ransomware attack. Cal Water says Handala's hacking claims were overstated. Report says Russia continued using Cellebrite phone-cracking tools after the ban. Chinese cybersecurity firm unveils AI tools to rival Anthropic's Mythos. DraftKings hacker is sentenced to eighteen months. Our guest is Erich Kron, CISO Advisor at KnowBe4, sharing the details of the CAPY program. And more Than Meets the Eye-P. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Erich Kron, CISO Advisor at KnowBe4, sharing the details of the CAPY (Cyber Awareness Program for You) program that offers free cybersecurity training for families. Selected Reading Three ‘cybercrime as a service’ operations undercut by Microsoft, law enforcement (The Record) Scaling cybercrime disruption through innovation and AI (Microsoft) Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’ (The Register)  Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker (Security.com) Cordyceps: The Silent Parasite Consuming Your Supply Chain (Novee)  Iran-Linked MuddyWater Poses as Ransomware Gang to Mask Cyber Espionage (Infosecurity Magazine) Cal Water Finds No Evidence of OT Activity After Hackers Claimed They Could Disrupt Water Supply (SecurityWeek) Russia used Cellebrite phone-hacking tool to crack down on dissident after firm cut off country (The Record) China’s 360 says it has developed tools to match Anthropic’s Mythos (Reuters) DraftKings hacker 'Snoopy' sentenced to 18 months in prison (BleepingComputer) Nearly Half of LG Smart TV Apps Contain Residential Proxy SDKs (Spur Intelligence) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 25 June 2026

Klue me in on the breach.

LastPass says Klue breach affected customer information, but passwords remain secure. Attackers begin exploiting Cisco Unified CM vulnerability. CISA flags actively exploited Ubiquiti and Lantronix flaws, urges rapid patching. DifyTap flaws could expose private AI conversations across tenants. Researchers find AI plugin registry let unofficial tools masquerade as trusted software. xpl0itrs launches leak site, signaling shift toward full-service cyber extortion. Ransomware attack hits Indian auto giant Bajaj Auto. U.S. presses Meta to submit AI models for national security reviews. Alleged criminal marketplace administrator extradited to the US. U.S. expands sanctions against Cambodian scam network tied to cyber fraud operations. On today’s Industry Voices segment, we are joined by Mike Masciulli, Managing Director, Migration Products and Services at Semperis, discussing RC4 and AD Migration: The Break Scenarios Hiding in Your Source Domain. And a lesson in access control. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices segment, we are joined by Mike Masciulli, Managing Director, Migration Products and Services at Semperis, discussing RC4 and AD Migration: The Break Scenarios Hiding in Your Source Domain. If you enjoyed this conversation, check out the full interview here. Selected Reading Password manager maker LastPass says hackers stole customer support case data during Klue breach (TechCrunch) Klue says hackers stole credential from 2022 that led to customer data breaches (TechCrunch) Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks (BleepingComputer) U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog (SecurityAffairs)  DifyTap: Zafran discovers how attackers can silently wiretap AI data across tenants on a platform powering 1M+ apps  (Zafran)  23 ClawHub Plugins Squat Official Org Scopes (Manifold Security)  Cyber Intel Brief: xpl0itrs Leak Site Launch (Dataminr)  Indian auto giant Bajaj Auto hit by ransomware incident (The Record)  U.S. Presses Meta to Agree to A.I. Reviews as Security Concerns Rise (NY Times) Algerian Man Extradited to US for Running Cybercrime Marketplaces (SecurityWeek) US adds sanctions against accused Cambodian scammers Prince Group (Reuters) Ushering in the Next Frontier of Quantum Innovation (The White House)  Meta Exposed Data Internally From Its Controversial Employee-Tracking Program (WIRED)  Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 24 June 2026

All eyes on AI.

Five Eyes warns AI could supercharge cyberattacks within months. Tata Electronics confirms breach as stolen data allegedly includes Apple and Tesla documents. Researchers publish new analysis of FortiBleed. Gizmodo breach exposes readers to ClickFix malware campaign. BootROM exploit can bypass Apple's SecureROM. Scattered Spider members plead guilty in the UK. Attackers exploit Gravity SMTP flaw to harvest secrets From WordPress sites. Executive Order accelerates federal shift to post-quantum cryptography. Dave Bittner sits down with Ellen Boehm, the Senior Vice President of IoT Strategy & Operations at Keyfactor, to discuss NIST's progress in its PQC efforts. Keeping tabs on the tab-keepers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today Dave Bittner sits down with Ellen Boehm, the Senior Vice President of IoT Strategy & Operations at Keyfactor, to discuss NIST's progress in its PQC efforts and where more effort needs to be made to get the U.S. and its critical infrastructure quantum-ready. Selected Reading 'Five Eyes' intelligence alliance warns that new AI models pose urgent cyber risk (Reuters) Intel agencies: Frontier AI models will reshape cybersecurity faster than expected (CyberScoop) Anthropic's Mythos AI broke into almost all NSA classified systems in hours (SecurityAffairs)  Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach (TechCrunch) FortiBleed campaign used custom FortiGate sniffer to steal credentials (BleepingComputer) Gizmodo readers hit with ClickFix malware prompts after account compromise (The Register) New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones (SecurityWeek) TFL Hackers Admit Carrying Out Cyberattack That Cost £39M (Law360) Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Plugin (Wordfence)  Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration (Security Week) Madison Square Garden Made Dossier on Activists Who Opposed Facial Recognition (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 23 June 2026

The Klue is in the data trail.

Klue supply-chain attack impacts cybersecurity firms. Brand-new Prinz Eugen ransomware is surprisingly polished. ShinyHunters leak exposes sensitive data of 10,000 Council of Europe employees. Security agencies sound alarm over FortiBleed credential harvesting operation. Texas data breach affects hunting and fishing licensees. Microsoft ties Mastra AI supply chain attack to North Korean hackers. Vidar infostealer unveils new technique to defeat Chrome's encryption protections. Brazil investigates suspected hack of emergency alert system. We got your Monday business brief. On today’s Industry Voices, Dave Bittner sits down with Mike Britton, CIO of Abnormal AI, as they discuss "AI-Powered Attacks Are Now a Commodity.” And not the kind of beats you want to drop. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices, we are joined by Mike Britton, CIO of Abnormal AI, discussing "AI-Powered Attacks Are Now a Commodity — And Most Organizations Don't Know It Yet." If you enjoyed this conversation and want to hear the full interview, listen here. Selected Reading Klue OAuth breach victim list grows as Icarus hackers claim attack (BleepingComputer) Prinz Eugen ransomware: a deep dive into a new Go-based encryptor (ThreatDown) Council of Europe Data Breach: ShinyHunters Makes 10,000 Employees' Records Permanent (Tech Times) Global cybersecurity agencies warn of credential exposure in FortiBleed campaign targeting Fortinet firewalls, VPN gateways (Industrial Cyber) Everything's bigger and better in Texas – even data breaches (The Register) Microsoft links Mastra AI supply chain attack to North Korean hackers (BleepingComputer) Inside Vidar’s ABE Bypass: From Memory Scanning to APC Injections (Gen Digital) Brazil probes emergency warning system after nationwide rogue alert (The Register) Ent emerges from stealth with $100 million in seed funding. (N2K Pro Business Briefing)  Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap (Malwarebytes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 22 June 2026

Navigating the GPS threat landscape, with Brandon Karpf. [T-Minus: Space-Cyber Briefing]

Traditionally, GPS jamming attacks have been confined to the ground; however, new data shows that these attacks could be moving to target signals before they even reach the ground. In this week’s episode, host Maria Varmazis sits down with Dave Bittner and Brandon Karpf to discuss recent research that suggests the attack landscape for GPS attacks is expanding. If this research is accurate, these attacks represent a significant evolution for how defenders think about this critical technology. Key sources: Something is jamming GPS over Europe. Here's what we found. Chasing Lightning: Detecting, Characterizing, and Identifying a Powerful Space-Based GNSS Interference Source. EKS 5. Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space  Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P  T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 21 June 2026

Vulnerability response: Built for humans, outpaced by machines. [CyberWire-X]

For years, security teams had time between discovery and exploitation. Time to triage. Time to validate. Time to prioritize what to fix first. AI has compressed that window. Frontier models now discover and chain vulnerabilities faster than human analysts can confirm them, and the gap between finding and fixing is shrinking in both directions. In this episode of CyberWire-X, N2K’s ⁠Dave Bittner⁠ and Federico Kirschbaum, Head of XBOW Security Lab, explore what it actually means to run autonomous offensive security, why validation workflows built for quarterly testing cycles struggle to keep up, and how practitioners are redefining what a tested application looks like when the pace of offense has fundamentally changed. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 21 June 2026

Peeling back Banana RAT. [Research Saturday]

This week, we are joined by Tom Kellermann, Trend Micro's VP of AI Security and Threat Research, discussing their work on "Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud." Researchers from Trend Micro's MDR team uncovered the full operation behind Banana RAT, a sophisticated banking trojan they track as SHADOW-WATER-063, by analyzing both attacker infrastructure and infected victim systems. The malware uses fileless PowerShell execution, layered obfuscation, and remote-control capabilities to steal credentials, manipulate banking sessions, intercept Pix QR code payments, and facilitate financial fraud targeting Brazilian banks. The campaign appears to be operated by a Brazilian Portuguese-speaking cybercriminal group with ties to the broader Tetrade banking malware ecosystem and may be evolving toward a malware-as-a-service model. The research and executive brief can be found here: ⁠Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 20 June 2026

CyberWire Daily at 10: A decade of leaks, espionage, and influence operations. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss leaks, espionage and influence operations over the past 10 years. Together they reflect on a decade of cybersecurity developments, focusing on the pivotal year 2016 where a shift occurred. Join N2K as we cover the rise of nation-state cyber operations, major leaks like the Panama Papers and DNC email hacks, and the evolving landscape of cyber norms, trust, and threat perception. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 19 June 2026

The botnet browser blues.

International law enforcement disrupts the SocGholish botnet. The UK’s cyber chief says cybersecurity is a contest, not a risk register. Ukraine joins the EU’s cyber reserve. The Gentlemen gang sharpens its ransomware toolkit. A WordPress supply chain attack spreads malware. Critical patches land from F5, Atlassian, and Splunk. Agentjacking targets AI coding assistants. And Kodak confirms a breach claimed by ShinyHunters. Our guest is Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on the failure of FISA section 702 to reauthorize. Criminal coders face automation anxiety. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies, and coh-host of Caveat, as he discusses the failure of FISA section 702 to reauthorize. Selected Reading Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp (Bleeping Computer) Hostile States Behind 75% of Cyber-Attacks on UK CNI, NCSC Warns (Infosecurity Magazine) Cyberspace Locked in a Nation-State Contest, Says NCSC CEO (BankInfo Security) EU grants Ukraine access to cybersecurity reserve for major attacks (The Record) Killing me gently: Inside Gentlemen’s EDR killer framework (ESET) ShapedPlugin update flow hacked to infect WordPress sites (Bleeping Computer) F5 issues out-of-band patches for critical NGINX vulnerabilities (Bleeping Computer) Atlassian, Splunk Patch Critical Vulnerabilities (SecurityWeek) Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents (HackRead) Kodak Admits Data Breach After ShinyHunters Hack Claims (SecurityWeek) Cybercriminals Are Worried About AI Taking Their Jobs Too (Infosecurity Magazine) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 18 June 2026

The nominee in limbo.

President Trump halts a key intelligence nomination. The FBI warns of a new Microsoft 365 phishing threat. France cuts ties with Palantir. A new Android banking trojan emerges. Fortinet firewalls come under attack. CISA orders emergency Joomla patching. Plus, Madison Square Garden data leaks and malware hidden in Steam wallpapers. Our guest is Christy Wyatt, CEO from Absolute Security, discussing their new ebook. The DOJ claims pollution is mission-critical.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today’s Industry Voices we are joined by Christy Wyatt, CEO from Absolute Security, discussing their ebook. If you enjoyed this conversation, check out the full interview here. Selected Reading President Trump calls to delay nomination of intel pick Jay Clayton (NPR) Warner warns of CISA cuts, staffing gaps in letter to acting chief (The Record) French spies drop AI giant Palantir over US overreliance fears (The Local) Rokarolla : Android Banker with Complete Device Takeover Capabilities (Zimperium) FortiBleed: 75,000 Fortinet Firewalls Compromised: Global Enterprises Exposed – Claim Your Ethical Disclosure (InfoStealers) CISA orders feds to patch max severity Joomla plugin flaw by Friday (Bleeping Computer) Hackers Publish Knicks and Madison Square Garden Data Online (404 Media) Gamers beware: malicious wallpapers on Steam found stealing accounts (Securelist) DHS S&T Highlights New SPARTA Resources for Defending Spacecraft Against Cyberattacks (ExecutiveGov) DOJ Lawyers Argue xAI Is ‘Vital’ for National Security in NAACP Lawsuit (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 17 June 2026

No Mythos of escape.

Emergency talks fail to free Anthropic’s Fable 5. Trump moves to strengthen national security systems. Microsoft patches a critical Copilot flaw. ShinyHunters weaponize a PeopleSoft zero-day. DragonForce hides in Microsoft Teams for months. Plus, Amos Stealer targets Macs, CISA issues a three-day patch deadline, Delta avoids penalties, and researchers show just how easy it is to manipulate AI search. Our guest is Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. Consulting meets confabulation. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices, we are joined by Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. If you enjoyed this conversation, check out the full interview here.  Selected Reading Anthropic Is Still at Odds With the White House Over Claude Fable 5 (WIRED) Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher (The Register) White House Issues Memo to Bolster NSS Cybersecurity (SecurityWeek) Microsoft Patches Critical SearchLeak Vulnerability in Copilot Enterprise (Beyond Machines) ShinyHunters Hits Universities Via Oracle Zero-Day (GovInfo Security) DragonForce Ransomware Exploited Microsoft Teams to Hide Attack (Infosecurity Magazine) Inside Amos Stealer: How This Threat Targets macOS Credentials and Keychains (CyberProof) CISA warns of another cPanel plugin flaw exploited in attacks (Bleeping Computer) US closes probe into 2024 Delta Air Lines meltdown sparked by CrowdStrike outage (Reuters) It Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests (404 Media) KPMG pulls report on AI usage due to apparent hallucinations (TechCrunch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 16 June 2026

The fable ends before it begins.

Anthropic pulls Fable 5. OpenAI faces a multistate probe. Handala targets a California water utility. ShinyHunters claims another victim. The FBI and Google take down a major phishing platform. The latest cybersecurity business news. Our guest is Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, discussing a rampant global transportation smishing campaign. A deepfake detective has doubts.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, is discussing a rampant global transportation smishing campaign. You can read more about Operation Road Trap here. Selected Reading Anthropic disables access to Fable 5 and Mythos 5 to comply with government directive (CNBC) Cyber leaders defend Anthropic's banned model (Axios) State Attorneys General Are Investigating OpenAI (The New York Times) Handala Hacking Group Claims Breach of California Water Service (Hackread) Maine Takes Breach Reporting Portal Offline After Fake Entries (Infosecurity Magazine) Warner introduces bill to restore MS-ISAC funding, bolster critical infrastructure cyber defense (Industry Cyber) Infinite Campus data breach affects 137,000 school staff accounts (Bleeping Computer) FBI, Google Dismantle 'Outsider Enterprise' Phishing Service (SecurityWeek) Ex-school district employee jailed for hacks on former employer (Bleeping Computer) Cyera raises $600 million in a Series G round led by Evolution Equity Partners. (N2K Pro Business Briefing) In Age of AI, World’s Leading Deepfake Expert No Longer Trusts His Own Eyes (The New York Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 15 June 2026

Vulnerability management at AI speed. [CyberWire-X]

In large enterprise software companies, vulnerability management teams are facing unprecedented speed and scale as AI accelerates both discovery and exploitation of security issues. In this episode of CyberWire-X, N2K’s Dave Bittner is joined by Adobe’s Daniel Ventura, Senior Manager of the Vulnerability Operations Center, and Sangeeta Arora, Director of Vulnerability Management, to discuss how Adobe is evolving its vulnerability management strategy to keep pace with AI-driven threats. They share real world insights on prioritization, crossteam partnership, and how modern programs can balance speed with meaningful risk reduction. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 14 June 2026

Securing satellites already in space, with journalist Shaun Waterman. [T-Minus: Space-Cyber Briefing]

For years, space cybersecurity has been a long sought after goal, but due to operational constraints, it was largely unfeasible. In this week’s episode, host Maria Varmazis sits down with journalist Shaun Waterman to discuss his recent article “The Newest Space Race is Cyber.” As space has increasingly become a critical infrastructure component, industry leaders and security agencies alike have begun to launch new initiatives to improve capabilities both on the ground and in orbit. Key sources: The Newest Space Race is Cyber. DHS Wants Satellite Volunteers to Test New Cyber Tools. Five Teams of Hackers will Compete to Breach US Satellite in Space. Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: ⁠https://thecyberwire.com/newsletters/signals-and-space⁠  Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to ⁠space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: ⁠https://www.surveymonkey.com/r/NJYCN2P⁠  T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. ⁠N2K⁠ is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 14 June 2026

This Sparrow doesn't migrate. [Research Saturday]

Martin Zugec, Technical Solutions Director at Bitdefender, discussing their work on "FamousSparrow APT Targets Azerbaijani Oil and Gas Industry." Bitdefender researchers uncovered a sustained cyber espionage campaign by the China-linked FamousSparrow group targeting an Azerbaijani oil and gas company, highlighting the growing focus on critical energy infrastructure in the South Caucasus. The attackers repeatedly exploited the same vulnerable Microsoft Exchange server over multiple months, deploying evolving versions of Deed RAT and Terndoor malware through sophisticated DLL sideloading techniques designed to evade detection and maintain persistence. The operation underscores FamousSparrow's adaptability and persistence, demonstrating how advanced threat actors continually refine their tooling and return to compromised environments until vulnerabilities are fully remediated and access is cut off. The research and executive brief can be found here: FamousSparrow APT Targets Azerbaijani Oil and Gas Industry Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 13 June 2026

Deadline-driven defense.

CISA directs agencies to “patch smarter, not harder.” The House fails to extend FISA. Europol pulls over AudiA6. GitHub announces npm security updates. Anthropic rejects Fable 5 jailbreak claims. CISA gives feds three days to patch a critical Ivanti Sentry vulnerability. Google confirms ShinyHunters exploited a critical Oracle PeopleSoft vulnerability. FancyBear shifts part of its infrastructure to compromised edge devices. Pundits push for CyberCorps scholarship budgets. Our guest is Dr. Renée Burton, VP of Threat Intelligence at Infoblox, to discuss scams targeting the World Cup. Amazon drivers sweat through a software update.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dr. Renée Burton, VP of Threat Intelligence at Infoblox, to discuss the World Cup and fans possibly getting caught out if they use SuperBox to view it. Selected Reading CISA directive orders agencies to prioritize vulnerability patching in a new way (CyberScoop) House votes against extending controversial wiretapping law set to lapse Friday (The Washington Post) Ransomware gangs cut off from EUR 336 million ‘AudiA6’ crypto laundering pipeline - Europol analysis links the criminal service to over 15 international cybercrime investigations (Europol) GitHub to Update npm to Thwart Software Supply Chain Attacks (Infosecurity Magazine) Anthropic Disputes Fable 5 AI Jailbreak (SecurityWeek) CISA orders feds to patch actively exploited Ivanti flaw by Sunday (Bleeping Computer) Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters (SecurityWeek) GRU-Linked APT28 Uses MooBot Botnet and Compromised EdgeRouters for Cyber Operations (GB Hackers) CyberCorps is adapting to AI. The budget isn't keeping up. (CyberScoop) Software Update Automatically Turns off Amazon Delivery Drivers’ AC During Dangerous Summer Heat (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 12 June 2026

The court calls Google’s bluff.

Google faces liability for AI-generated claims. Washington pauses public AI model assessments. Anthropic ships a safer AI model. OpenAI disrupts influence operations. Ransomware operators get a powerful new backdoor. Urgent patches land for Ivanti and Veeam. PyPI supply chain attacks evolve. And a massive data breach triggers a record fine in South Korea. Our guest is Peter Barker, Chief Product Officer at Ping Identity, sharing how identity increasingly becomes the control plane for how work gets done. AI analyzes the FIFA World cup, one cliché at a time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices, we are joined by Peter Barker, Chief Product Officer at Ping Identity, sharing how identity increasingly becomes the control plane for how work gets done across humans, automation, and AI agents. You can read more from Ping Identity here. If you enjoyed this conversation, be sure to check out the full interview here. Selected Reading Landmark German ruling declares Google's AI Overviews are Google's own words and makes it liable for false answers (The Decoder) White House Reins In AI-Testing Unit as National-Security Concerns Grow (Wall Street Journal) Anthropic Releases ‘Safe’ Version of Its Mythos A.I. Technology (The New York Times) PRC-linked influence operations are targeting AI debates in the US (OpenAI) Technical Analysis of MLTBackdoor (ThreatLabz) CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry (Rapid7) Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels (Socket) Veeam Patches Critical RCE Vulnerability in Backup & Replication published: yesterday (Beyond Machines) ‘Amazon.com of South Korea’ Is Fined a Record $409 Million (The New York Times) The 2026 big soccer tournament, in clichés. (Sinch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 11 June 2026

The patch pile reaches new heights.

Patch Tuesday goes big. Congress looks to harden critical infrastructure. A new Windows zero-day drops. Mobile AI creates security blind spots. AI agents fall for phishing. Browser extensions expose millions. Spammers hide behind Google Cloud Storage. CISA crowns its cyber champions. Our guest is Joe Sykora, CEO from Coro, discussing the MSP space and how to address it. Relentless robocalls retreat. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices segment, we are joined by Joe Sykora, CEO from Coro, discussing the MSP space and how to address it. If you enjoyed this conversation be sure to check out the full interview here.  Selected Reading Microsoft’s biggest-ever Patch Tuesday fixes 206 bugs, including 3 zero-days (Malwarebytes) ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact (SecurityWeek) Adobe Patches 123 Vulnerabilities (SecurityWeek) Warner proposes overhaul of critical infrastructure cyber plans as AI threats rise (Nextgov/FCW) New Windows Zero-Day Exploit 'RoguePlanet' Released (SecurityWeek) Lookout Study Reveals 93% of CISOs Blinded by False AI Confidence as 59% of Mobile AI Traffic Flows "Dark" (Lookout) Phishing for Lobsters: How We Tricked OpenClaw into Spilling Secrets (Varonis) MaXSS & Spyder: How two Chrome extensions allow websites to compromise over 10 million browsers (Rebora) How Spammers Are Hiding Behind Google and the New York Times (Comparitech) CISA names winners of seventh annual President’s Cup cybersecurity competition (Industrial Cyber) U.S. Consumers Received Just Over 4.1 Billion Robocalls in May, According to YouMail Robocall Index (PR Newswire) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 10 June 2026

A checkmark for trust, a payload for theft.

Miasma malware meddles with Microsoft. SAP fixes critical flaws, Google patches an exploited Chrome zero-day, CanisterWorm spreads through npm, Mac users face a new malvertising threat, France investigates a breach of its secure messaging platform, insurers rethink AI risk, the FBI launches a Most Wanted Fraudsters list, and a U.S. citizen admits to spying for China. Our guest is Steve Winterfeld, Advisory CISO from Akamai, discussing how AI-powered bots are driving financial services attacks. Unpacking a million dollar hotel fee.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Steve Winterfeld, Advisory CISO from Akamai, discussing how AI-powered bots are driving financial services attacks. Selected Reading For the 2nd time in weeks, Microsoft packages laced with credential stealer (Ars Technica) SAP Patches Critical NetWeaver, Commerce Vulnerabilities (SecurityWeek)  Google fixes fifth actively exploited Chrome zero-day of 2026 (Security Affairs) CanisterWorm: How TeamPCP Turned the npm Ecosystem Into a Weapon (Picussecurity) Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor (Hackread) French govt messaging service breached in account hijacking attack (Bleeping Computer) AI Exclusions in Insurance Policies: Broad Language, Uncertain Impact (Policyholder Pulse) FBI Announces New Wanted List Dedicated to Fraudsters (FBI) American citizen pleads guilty to spying for China | brief (SC Media) Teacher’s $1 million AR hotel bill reversed after cyber-attack (WREG.com) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our ⁠brief listener survey⁠. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at ⁠sponsor.thecyberwire.com⁠. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 9 June 2026

Meta’s recovery plan needed recovery.

Meta exposes 20,000 Instagram accounts through a support tool bug. CISA warns of active attacks on SolarWinds Serv-U. WordPress sites face takeover through a widely used plugin. A new Gafgyt variant broadens its reach. Pink extortionists steal cloud data with vishing and legitimate tools. Plus, allegations against IBM and AT&T, a dark web drug dealer gets 26 years, and the Monday business brief. Tim Starks from CyberScoop discusses the ongoing debate over staffing and budget cuts at CISA. NATO lets Ukraine play the bad guy.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Tim Starks from CyberScoop, who is discussing the ongoing debate over staffing and budget cuts at CISA, the political battles surrounding the agency's future, and what the Trump administration's plans could mean for U.S. cybersecurity efforts. Selected Reading Meta AI Bug Exposes Over 20,000 Instagram Accounts (Infosecurity Magazine) NSO Group back in Meta's crosshairs after alleged WhatsApp targeting (The Register) CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) (Help Net Security) Everest Forms Vulnerability Exploited to Hack WordPress Sites (SecurityWeek) C0XMO botnet spreads via DD-WRT router flaw, kills rival malware (Bleeping Computer) New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams (Hackread) Ex-Threat Intel Exec Accuses IBM and AT&T of Hiding Hacks (GovInfo Security)  California man sentenced to over 26 years for dark web drug trafficking (SC Media) AI observability platform Coralogix raises $200 million in a Series F round. (N2K Pro Business Briefing)   Nato narrowly beats Russia-style enemy in cyber attack simulation (Financial Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 8 June 2026

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing]

GPS constellations have become foundational in modern society supporting everything from navigation to financial services, making the impacts of GPS disruptions all the more concerning. As reliance on these systems have grown, so too have efforts by threat actors to disrupt them through techniques such as jamming and spoofing. As these attacks have become more effective, they are becoming increasingly common, especially in conflict zones where disruption and confusion can prove exceedingly valuable. Key sources: Information about GPS Jamming What is GPS Spoofing? GPS jamming: The invisible battle in the Middle East Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space  Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P  T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 7 June 2026

You've been muted...permanently. [Research Saturday]

Ismael Valenzuela, Arctic Wolf’s VP of Labs, Threat Research and Intelligence, discusses their work on "BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web3 Sector." Arctic Wolf researchers uncovered a sophisticated campaign by North Korean threat group Lazarus Group subgroup BlueNoroff that targets cryptocurrency and Web3 executives through fake Zoom and Microsoft Teams meetings, using typo-squatted links, ClickFix-style attacks, and AI-generated deepfakes to steal credentials and cryptocurrency-related data. The attackers built a self-reinforcing operation that captures victims’ webcam footage and Telegram sessions, then repurposes those assets alongside AI-generated images to create increasingly convincing fake meeting participants for future attacks. Researchers identified more than 100 victims across 20 countries, with the campaign primarily targeting CEOs, founders, investors, and senior leaders in the cryptocurrency, blockchain, and financial sectors as part of a long-running effort to steal digital assets and gain access to high-value networks. The research and executive brief can be found here: BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web3 Sector Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 6 June 2026

The NSA gets an AI upgrade.

Anthropic brings Mythos to the NSA. A Palantir executive emerges as a possible CISA pick. A Linux flaw is under active attack. Minecraft malware goes commercial. An npm package gets caught in the Miasma worm campaign. Researchers document the first AI-driven container escape. A browser supply-chain compromise and a university breach with unexpected victims. Our guest is Ashu Savani, Co-Founder at TryHackMe, discussing building high performing SOC & IR teams. The web becomes machine majority. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices segment, we are joined by Ashu Savani, Co-Founder from TryHackMe, discussing building high performing SOC & IR teams. You can listen to the full conversation here. Selected Reading US National Security Agency using Anthropic’s Mythos for cyber attacks (Financial Times) Trump considers Palantir exec to lead CISA (The Record) CISA Warns of Active Exploitation of Linux Container Escape Flaw (Beyond Machines) Game Over: WeedHack - The Rise of Minecraft Malware-as-a-Service Campaigns (McAfee Blog) Detecting Claude Cowork Insider Threat Activity (DTEX) Trojanized ai-sdk-ollama Delivers Miasma, a Self-Replicating npm Worm via binding.gyp (Endor Labs) Agentic threat actor hits the orchestration plane: AI agent-driven container escape (Sysdig) You do surprise me.exe: An unexpected executable in Hola Browser (SOPHOS) My SSN was exposed in a breach at Columbia—a school I have no connection with (Ars Technica) ‘Bots have now passed human traffic online,’ Cloudflare boss laments — says agentic traffic wasn’t expected to eclipse real people until next year (Tom's Hardware) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 5 June 2026

Not every headhunter is hiring.

The Five Eyes issue a rare joint warning on China. Jen Easterly weighs in on Trump’s AI EO. Researchers warn everyday notifications can become AI attack vectors. IronWorm is a sophisticated Rust-based infostealer targeting software developers. Cisco patches a critical vulnerability in its Unified Communications Manager platform. Anthropic maps AI-enabled cyber activity to the MITRE ATT&CK framework. Authorities dismantle an online counterfeit identity marketplace. Our guest is Jason Kikta, CTO from Automox, discussing AI vulnerabilities, real risk, and the speed problem. An extortion crew is forced to open a customer support ticket. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices segment, we are joined by Jason Kikta, CTO from Automox, who is discussing AI vulnerabilities, real risk, and the speed problem. If you enjoyed this conversation, check out the full interview here.  Selected Reading⁠ U.S. and intelligence allies issue rare joint warning about China (Washington Post) Safeguarding Our Secrets (MI5) Opinion | The Government Is Finally Taking A.I. Risk Seriously (New York Times) CISA directive for AI executive order to be released this week, Andersen says (The Record) Gemini Voice Assistant Hijacked via Messaging Notifications (SecurityWeek) IronWorm: Shai-Hulud's rustier cousin (JFrog Security Research) Cisco warns of critical Unified CM flaw with PoC exploit code (Bleeping Computer) Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator (Anthropic) Police dismantles fake ID marketplace used by migrant smugglers (Bleeping Computer) Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown (SecurityWeek)  'Dumbass' criminal breaks the 'first rule of ransomware club' (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 4 June 2026

The AI race gets a referee.

AI oversight arrives at the White House. A Cyber Force gains momentum. Critical infrastructure comes under cyberattack. Acer faces zero-day trouble. A stock exchange executive gets spied on for months. HTTP/2 Bomb threatens web servers. Quantum’s classical side grows bigger. Britain's military chooses Starshield. Spain’s infamous hacker gets sentenced. Our guest is Benjamin Morrell, Vice President, Security Strategy at Coro Cybersecurity, discussing the role of MSPs. Meta’s productivity panopticon pauses for personal pitstops.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices, we are joined by Benjamin Morrell, Vice President, Security Strategy at Coro Cybersecurity, discussing the role MSPs are playing in cybersecurity. If you enjoyed this conversation be sure to check out the full conversation here.  Selected Reading Trump Signs Executive Order Seeking Oversight of A.I. Models (The New York Times) New cyber force would cost up to $11 billion to start, commission says (The Record) CISA Warns of Cyberattacks Targeting U.S. Tank Gauge Systems (GB Hackers) Acer working to patch max severity zero-days in Wave 7 routers (Bleeping Computer) Espionage Campaign Targeted Stock Exchange Executive for Five Months (Security.com) 'HTTP/2 Bomb' Exploit Knocks Web Servers Offline in Seconds (SecurityWeek) The Classical Advances Needed to Make Quantum Computers Tick (IEEE) Alcasec, "Robin Hood of Spanish Hackers," Jailed for 31 Months Over Data Theft (Hackread) Exclusive: UK adopts SpaceX's Starshield for military operations, sources say (Reuters) Meta will reportedly let employees take 30-minute breaks from its tracking program (Engadget) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 3 June 2026

The bugs are piling up faster than the fixes.

A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Steam comments. Researchers spot AI-assisted malware development. Attackers compromise Red Hat’s npm namespace. DriveSurge spreads malware through ClickFix and fake updates. FreePBX patches a critical flaw. And Dashlane responds to a brute-force attack. Our guest is ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on digital health platforms. Meta’s AI support bot proves a bit too eager to help. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Maria Varmazis speaks with ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on privacy, security, and trust in digital health platforms, especially in sensitive areas like women's health. This interview is part of our partnership with Infosecurity Europe. Selected Reading Inspector general finds NIST mistakes have made vulnerability database ineffective (The Record) Google fixes one actively exploited Android zero-day, 124 flaws (Bleeping Computer) Uncovering Webloc: An Analysis of Penlink’s Ad-based Geolocation Surveillance Tech (The Citizen Lab) GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure (Security Affairs) Threat Actor Uses AI to Build EDR Evasion Tools (Infosecurity Magazine) Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets (Infosecurity Magazine) Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks (Bleeping Computer) Critical Hard-Coded Credentials Vulnerability in FreePBX User Control Panel (Beyond Machines) Dashlane password manager users locked out by brute force attacks (Bleeping Computer) Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 2 June 2026

AI joins the chain of command.

Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-old Linux bug gets its day in the sun. Today’s business update. Our guest is Heather Ceylan,  CISO at Box, discussing how governed AI starts with solving the unstructured data problem. Microsoft hits refresh on research relations.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices we are joined by Heather Ceylan,  CISO at Box, discussing how governed AI starts with solving the unstructured data problem. If you enjoyed this conversation, you can catch the full interview here. Selected Reading As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution (SecurityWeek) Why a surge of election-related websites could spell rising cyber threats for the midterms (PBS News) Election threats are focused on campaign systems, not voting machines (CyberScoop) Critical Windows Netlogon RCE flaw now exploited in attacks (Bleeping Computer) U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog (Security Affairs) CISA Town Halls Set Final Stage for CIRCIA Debate (BankInfo Security) Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years (The Record) 19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access (SecurityWeek) Indian Exam Board Admits to Cybersecurity Holes Found by Teen (Bloomberg) Zscaler intends to acquire identity mapping company Symmetry Systems. (N2K Pro Business Briefing) Microsoft says it will not pursue security researchers after zero-day backlash (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 1 June 2026

CyberWire Daily at 10: The evolution of ransomware. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape over the last decade of ransomware. Ransomware has evolved from small-scale extortion and opportunistic attacks to sprawling, sophisticated, organized crime and state-sponsored attacks. Cryptocurrency plays a pivotal role in enabling ransomware's growth by providing untraceable payment methods. Join us as we explore key incidents like WannaCry and NotPetya, the shift from street crime to organized and nation-state cyber threats, and AI's impact on the future of ransomware. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 31 May 2026

GPS: A backbone for critical infrastructure. [T-Minus: Space-Cyber Briefing]

Since its original creation in the 1970s, GPS has evolved from a technology primarily used by the military to a foundation for modern society.  After the removal of selective availability for civilians in 2000, GPS’s value has significantly expanded. In the past two decades, nearly every critical infrastructure sector–telecommunications, transportation, energy, agriculture, emergency services, and financial services–relies on GPS constellations to ensure that timing and location accuracy are precise. Though many do not see its utility in day-to-day efforts, GPS has become entrenched in modern networks and services. Key sources: Removal of selective availability. Satellite Navigation - GPS - How It Works. What can GPS do? Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 31 May 2026

The skills pay the bills. [Research Saturday]

Today we are joined by Marco Giuliani, Vice President & Head of Research at ThreatDown, discussing their work on "GachiLoader adopts AI skill lure." Threat actors are now using fake AI agent “skills” as highly convincing social engineering lures, with a new campaign disguising the GachiLoader malware as a legitimate OpenClaw tool for automated Polymarket betting. Victims are tricked through fake installation guides and polished Electron apps into downloading malware that deploys the Rhadamanthys infostealer using fileless injection and blockchain-based command-and-control infrastructure. Researchers say the campaign marks an evolution in cybercrime, turning AI skill ecosystems into a new phishing-style attack surface. The research and executive brief can be found here: ⁠GachiLoader adopts AI skill lure Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 30 May 2026

Mind the gap between IT and OT.

Iranian hackers hit LA transit. Chinese cyber operators target Middle East infrastructure. Dutch police take down a 17-million-device botnet. Researchers uncover a phishing risk in ChatGPT. Anthropic prepares its Mythos model for release. Chrome patches 22 critical bugs. Zapier fixes a dangerous vulnerability chain. ShinyHunters claims a Charter breach. A data broker who fueled scams against millions of seniors heads to prison. Maria Varmazis joins Dave Bittner for a look back at a decade of ransomware. A Google insider allegedly went from threat hunting to bet hunting. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today CyberWire hosts Maria Varmazis and Dave Bittner take a look at how ransomware has evolved over the past decade, from opportunistic attacks to today’s sprawling criminal enterprises, and discuss the tactics, trends, and turning points that shaped the threat landscape. You can catch the full conversation on Sunday in the CyberWire Daily podcast feed. We hope you’ll join us!  Selected Reading Iranian hackers behind March's LA transport cyberattack, Gambit finds (The Jerusalem Post) Chinese Hackers Exploit Iran War to Target Maritime and Energy Firms (Infosecurity Magazine) Dutch cops wrest 17M devices from mystery botnet's clutches (The Register) ChatGPT blindly trusts browser content, turning the page into a payload (The Register) Anthropic confirms Claude Mythos-class models will roll out to the public (Bleeping Computer) Chrome 148 Update Patches 151 Vulnerabilities (SecurityWeek) Zapier fixes bug chain that researchers say risked widespread account takeover (CyberScoop) Charter Communications data breach affects 4.9 million accounts (Bleeping Computer) Man sent to prison for selling data of 7 millions elderly Americans (Bleeping Computer) US charges Google security engineer with Polymarket insider trading (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our ⁠brief listener survey⁠. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at ⁠sponsor.thecyberwire.com⁠. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 29 May 2026

The military wants to move at cyber speed.

Cyber Command’s new chief pushes modernization as lawmakers warn commercial location data is exposing U.S. troops. A third-party UK visa site leaks passports and selfies. Microsoft slams unpatched zero-day disclosures. Researchers uncover a new macOS malware campaign targeting crypto developers, while SEO poisoning and AI chatbots spread cryptojacking malware. Carnival confirms a massive breach tied to ShinyHunters. Plus, the alleged VenomRAT developer is extradited to France, and a Romanian hacker is sentenced for breaching Oregon state systems. Our guest is Courtney Guss, Crisis Management Director at Semperis, discussing crisis response planning. The surveillance on the bus goes round and round. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, ⁠Daily Briefing⁠, and you’ll never miss a beat. And be sure to follow CyberWire Daily on ⁠LinkedIn⁠. Industry Voices  On our Industry Voices segment, guest ⁠Courtney Guss⁠, Crisis Management Director at ⁠Semperis⁠, discusses crisis response planning. Some resources related to today’s discussion: ⁠The State of Enterprise Cyber Crisis Readiness⁠  ⁠Rethinking Cyber Crisis Management: Why Plans Fail⁠  ⁠The Modern Model for Cyber Crisis Management⁠  ⁠The Missing Layer in Cyber Incident Response: Crisis Orchestration⁠ If you enjoyed this conversation and want to hear the full interview, tune in here. Selected Reading Rudd orders Cyber Command reviews as Pentagon presses reform agenda (The Record) Exclusive: Pentagon says US military personnel are reportedly being targeted using location data (Reuters) A Fake UK Visa Site Left 100,000 Passports Wide Open. Then Sent Lawyers Instead of a Fix. (Security Affairs) Microsoft Condemns "Uncoordinated" Zero Day Disclosures (Infosecurity Magazine) A shared responsibility: Protecting customers through Coordinated Vulnerability Disclosure (Microsoft) New Threat Actor Jinx-0164 Targets Crypto Developers on macOS (Infosecurity Magazine) GPU mining malware spreads via SEO poisoning, AI chatbots (Bleeping Computer) Carnival confirms ShinyHunters cruised off with 6M customer records after April breach (The Register) Malware seller hunted across three continents (eKathimerini.com) Romanian gets 5 years in prison for hacking Oregon govt network (Bleeping Computer) ‘BusPatrol’ Put AI Cameras in Tens of Thousands of School Buses. Now They Want to Give Cops Access (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 28 May 2026

Breaking the GlassWorm.

A major takedown disrupts the GlassWorm botnet. The White House rewrites federal cyber logging rules as CISA faces cuts amid rising AI threats. Federal agencies ramp up scrutiny of so-called anti-tech extremism. GCHQ warns Russia is targeting UK infrastructure. Researchers uncover stealthy new malware, AI coding agent supply chain risks, and in-person extortion tactics targeting U.S. law firms. Europe grabs satellite spectrum. Ben Yelin joins us to discuss the bipartisan push for more support of CISA. Hacking your way to the main stage.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our Caveat co-host and Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, Ben Yelin, joins Dave to talk about the bipartisan push for more support of CISA. Selected Reading GlassWorm Botnet Disrupted (SecurityWeek) OMB Scraps Biden-Era Cyber Logging Rules (BankInfoSecurity) US law enforcement warns of "anti-tech extremism" as AI hatred grows (Ars Technica) Russia 'relentlessly targeting' critical infrastructure and democracy, GCHQ says (BBC) Trump hobbled top cyber agency just as AI learned to hack (Axios) EU to squeeze US space tech out of prized satellite airwaves (Politico)  Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data (FortiGuard Labs) FBI warns of in-person data theft attacks from extortion gang (Bleeping Computer) ‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems (SecurityWeek) How to guarantee a speaker gig: Hack the system. Literally (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 27 May 2026

Attackers found a new way around MFA.

The FBI warns attackers are abusing Microsoft OAuth authentication. India pushes faster patching as AI speeds up cyberattacks. Iranian hackers blend phishing with SEO poisoning. Anthropic’s AI finds thousands of open source flaws, while AI also reshapes bug bounties and fuels supply-chain attacks hitting thousands of GitHub repos. Plus, a new LMS zero-day, bulletproof hosting arrests in the Netherlands, FTC action over bogus “active listening” claims, and another busy week for cyber funding and M&A. Our guest is Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation.” Please disregard all searches for disregard. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation." Selected Reading FBI warns of Kali365 phishing service targeting Microsoft 365 accounts (Bleeping Computer) India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws (Infosecurity Magazine) Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign (Infosecurity Magazine) Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects (SecurityWeek)  HackerOne takes an axe to its bug bounty rewards (The Register) Automated 'Megalodon' Campaign Spreads GitHub Repo Backdoors (GovInfo Security) Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment (SecurityWeek) Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands (SecurityWeek) FTC to Require Cox Media Group, Two Other Firms to Pay Nearly $1 Million to Settle Charges They Deceived Customers About “Active Listening” AI-Powered Marketing Service (Federal Trade Commission) Socket raises $60 million in Series C funding. (N2K Pro Business Briefing) You can no longer Google the word 'disregard' (TechCrunch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 26 May 2026

The Code of Honor: Paul J. Maurer and Ed Skoudis explore ethics in cybersecurity with Ben Yelin. [Special Edition]

Authors Paul J. Maurer and Ed Skoudis join Caveat podcast co host Ben Yelin to discuss their new book: "The Code of Honor: Embracing Ethics in Cybersecurity." The book is a comprehensive and practical framework for ethical practices in contemporary cybersecurity. Listen to Ben's discussion with Paul and Ed as they explore the ethical dimensions of cybersecurity, the influence of AI, and the responsibilities of cyber professionals. Consider joining Paul and Ed in upholding the highest standards of cybersecurity ethics by signing the Cybersecurity Code they share as part of The Code of Honor. Learn more about the book here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 25 May 2026

The current state of GPS following OCX with Dr. Sean Gorman, CEO of Zephr.xyz. [T-Minus: Space-Cyber Briefing]

Despite being an indispensable technology, traditional GPS remains vulnerable to exploitation and is needed for an update. In this week's episode, host Maria Varmazis sits down with Dr. Sean Gorman, CEO of Zephr.xyz, to discuss the current state of GPS. For decades, GPS has been a cornerstone technology for private, public, and military entities; however, through new technological advancements, companies and governments are looking to modernize this technology. Key sources: Next Generation Operational Control Systems. Why GPS III, and what comes after it, still falls short in modern war. Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space⁠  Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 24 May 2026

Ghosted by Grafana [Research Saturday]

Today we are joined by ⁠Sasi Levi⁠, Security Research Lead at ⁠Noma Security⁠, sharing their team's work on "GrafanaGhost: The Phantom Stealing Your Data." Researchers at Noma Security disclosed “GrafanaGhost,” a vulnerability that could allow attackers to silently exfiltrate sensitive business data from Grafana dashboards using indirect prompt injection techniques. The attack chains together multiple bypasses, including protocol-relative URLs and AI guardrail manipulation, to trick Grafana into sending sensitive data to attacker-controlled servers without requiring user interaction. Researchers say the flaw highlights growing risks tied to AI-integrated enterprise platforms, where attackers increasingly target AI behavior and weak security controls instead of traditional software bugs. The research and executive brief can be found here: ⁠GrafanaGhost: The Phantom Stealing Your Data⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 23 May 2026

Too many cooks in the algorithm.

Trump hits pause on an AI executive order. Lawmakers sound alarms over CISA cuts. A sophisticated scareware campaign traps users in fake tech support scams. Ubiquiti patches critical UniFi flaws. The U.S. pours billions into quantum computing. Researchers uncover delayed Google API key revocation. Canadian authorities arrest the alleged Kimwolf botnet operator. Two Americans plead guilty in a global tech support fraud scheme. Our guest is Ankit Kumar Honey, Senior Engineering Manager for Dependabot at GitHub, discussing closing the agentic gap between alert and patch at a global scale. AI generated reports still come up short.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ankit Kumar Honey, Senior Engineering Manager for Dependabot at GitHub, joins us to discuss closing the agentic gap between alert and patch at a global scale. Selected Reading Why Trump's AI executive order was pulled (Axios) Restoring CISA is one issue many lawmakers can agree on (Federal News Network) U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog (Security Affairs) Threat Spotlight: CypherLoc, an advanced browser-locking scareware targeting millions (Barracuda Networks Blog) Ubiquiti patches three max severity UniFi OS vulnerabilities (Bleeping Computer) Department of Commerce Announces Letters of Intent With 9 Companies for $2 Billion to Accelerate U.S. Leadership in Quantum Computing (NIST) Google API keys keep working after you delete them (Akido) Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada (Krebs on Security) Two Americans plead guilty to assisting India-based tech support scam centers (The Record) AI-generated reporting: Lessons learned from Cisco Talos Incident Response (Cisco) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 22 May 2026

That shield has cracks in it.

Microsoft confirms active exploitation of two Defender flaws. Europol dismantles a VPN service tied to ransomware gangs. A nine-year-old Linux kernel bug exposes SSH keys and password hashes. Cisco patches a critical Secure Workload vulnerability, while Drupal fixes a highly critical SQL injection flaw. Android malware quietly signs victims up for premium SMS scams. Webworm upgrades its espionage toolkit with Discord and Microsoft Graph backdoors. Plus, China and Russia deepen cooperation on AI, cybersecurity, and satellite systems. Our guest is Jake Moore, Global Cybersecurity Advisor for ESET, sharing a glimpse into his Infosecurity Europe keynote "The Deepfake Interview." Greg doesn’t even work here anymore… Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Maria Varmazis speaks with Jake Moore, Keynote speaker for the upcoming Infosecurity Europe conference and Global Cybersecurity Advisor for ESET, getting a glimpse into his session "The Deepfake Interview: Breaking In From the Inside." This interview is part of our partnership with Infosecurity Europe.  Selected Reading Microsoft Defender vulnerabilities exploited in the wild (Help Net Security) Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator (Hackread) Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes (Infosecurity Magazine) Cisco Patches Critical Vulnerability in Secure Workload (SecurityWeek) Android Malware Spotted Subscribing Victims to Paid Services Without Consent (Hackread) Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking (SecurityWeek) Webworm: New burrowing techniques (We Live Security) Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems (The Record) Zombie user account let hackers control the city’s water (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 21 May 2026

The cost of trusting the extension ecosystem.

GitHub confirms a breach tied to a malicious VS Code extension. Anthropic fights a Pentagon blacklist as the White House weighs new AI security rules. Drupal scrambles to patch a critical flaw. Cisco Talos tracks the evolution of BadIIS malware-for-hire. Signal adds anti-phishing safeguards, Microsoft cracks down on malware-signing services, and China says foreign spies hijacked domestic routers for phishing operations. Wireless carriers collaborate to kill dead zones. Our guest is Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, discussing The Cloud Security Alliance’s “AI Vulnerability Storm” report. A book about misinformation contains helpful examples. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, sharing Cloud Security Alliance’s The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program. Selected Reading GitHub confirms breach of 3,800 repos via malicious VSCode extension (Bleeping Computer) Trump AI executive order seeks early government access to frontier models (Axios) DC Circuit slams Pentagon blacklisting of Anthropic as overreach (Courthouse News Service) Drupal Issues Urgent Warning for Highly Critical Core Vulnerability (Beyond Machines) From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat (Cisco Talos) Signal adds security warnings for social engineering, phishing attacks (Bleeping Computer) Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware (Microsoft)   China’s state security authorities uncover foreign agency using domestic routers as cyberattack proxies; users notice only slower speeds (Global Times) ‘The Future of Truth’ Contains Quotes Made Up by A.I. (The New York Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 20 May 2026

CISA secrets left sitting on GitHub.

A CISA contractor leaks GovCloud credentials on GitHub. INTERPOL cracks down on phishing infrastructure across the Middle East and North Africa. Microsoft patches a critical Authenticator flaw, while Poland moves officials off Signal after targeted phishing campaigns. A stealthier SHub macOS infostealer emerges. Universal Robots fixes a critical vulnerability. A Dark Web marketplace dumps millions of stolen payment cards. Echo Protocol loses $76 million in a synthetic Bitcoin breach. Our guest is Chris Cochran, Field CISO & Vice President of AI Security at SANS, discussing their AI maturity model. Nathan Detroit rolls malware snake eyes.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Chris Cochran, Field CISO & Vice President of AI Security at SANS, discussing their SANS AI Security Maturity Model™. Selected Reading CISA Admin Leaked AWS GovCloud Keys on Github (Krebs on Security) INTERPOL Operation Ramz: 201 Apprehended in MENA Cybercrime Disruption (TechNadu) Microsoft Patches Critical Token Theft Vulnerability in Authenticator App (Beyond Machines) Poland shifts away from Signal following cyberattacks on officials’ accounts (Security Affairs) SHub macOS infostealer variant spoofs Apple security updates (Bleeping Computer) Critical Vulnerability Exposes Industrial Robot Fleets to Hacking (SecurityWeek) B1ack's Stash Releases 4.6 Million Stolen Credit Cards for Free (SOC Radar) Echo Protocol Hit by $76M eBTC Minting Exploit (SOC Radar) Chanhassen Dinner Theatres cancels more Guys and Dolls performances due to illness and cyberattack (KARE11) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 19 May 2026

The M5 just met its memory problem.

Researchers crack Apple’s M5 memory protections with a kernel exploit. An IBM Security executive emerges as a possible CISA pick. Researchers uncover four malicious npm packages.  AI-generated “slop” floods bug bounty programs. Major healthcare breaches hit the HHS tracker, 7-Eleven confirms a breach, and chained OpenClaw AI flaws could enable full host compromise. Santa Clara County sues Meta over alleged scam ads on Facebook and Instagram. Monday business breakdown. Our guest is Jason Madigan, Director of Commercial Cloud Security at Booz Allen, discussing the tension between resilience and data residency laws. A fond farewell for a security pioneer.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices segment we are joined by Jason Madigan, Director of Commercial Cloud Security at Booz Allen, discussing the tension between resilience and data residency laws. If you enjoyed this conversation, check out the full interview here. Selected Reading First public macOS kernel memory corruption exploit on Apple M5 (Calif) IBM executive floated for CISA director as concerns persist for agency (SC Media) Former CISA nominee Sean Plankey named US CEO of defense startup (CyberScoop) New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here (OX Security) ‘Never-ending’ AI slop strains corporate hacking reward schemes (Financial Times) Millions Impacted Across Several US Healthcare Data Breaches (SecurityWeek) 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand (SecurityWeek) 'Claw Chain' OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery (SecurityWeek) Santa Clara County sues Meta over alleged scam ads (San José Spotlight) Exaforce raises $125 million in Series B funding. (N2K Pro Business Briefing) Peter G. Neumann, Who Warned of Computer Security Risks, Dies at 93 (The New York Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 18 May 2026

From cyberspace to space-cyber. [T-Minus: Space-Cyber Briefing]

For years, in-space internet capabilities were rarely worth the hassle. Now, that’s changing. In today’s episode, Maria Varmazis and Ethan Cook sit down to discuss how internet data moves through space systems and its recent advancements. For decades, GEO satellites made up most of the marketplace; however, LEO satellites are changing the landscape improving connectivity and speeds. Key sources: In-space relay and WiFi services. Space Development Agency On Orbit. Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space  Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcribed - Published: 17 May 2026

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Copyright © Tapesearch 2026.