CyberWire Daily

Deadline-driven defense. Jun 12, 2026 1701 CISA directs agencies to “patch smarter, not harder.” The House fails to extend FISA. Europol pulls over AudiA6. GitHub announces npm security updates. Anthropic rejects Fable 5 jailbreak claims. CISA gives feds three days to patch a critical Ivanti Sentry vulnerability. Google confirms ShinyHunters exploited a critical Oracle PeopleSoft vulnerability. FancyBear shifts part of its infrastructure t

The court calls Google’s bluff. Jun 11, 2026 1880 Google faces liability for AI-generated claims. Washington pauses public AI model assessments. Anthropic ships a safer AI model. OpenAI disrupts influence operations. Ransomware operators get a powerful new backdoor. Urgent patches land for Ivanti and Veeam. PyPI supply chain attacks evolve. And a massive data breach triggers a record fine in South Korea. Our guest is Peter Barker, Chief Product O

The patch pile reaches new heights. Jun 10, 2026 1939 Patch Tuesday goes big. Congress looks to harden critical infrastructure. A new Windows zero-day drops. Mobile AI creates security blind spots. AI agents fall for phishing. Browser extensions expose millions. Spammers hide behind Google Cloud Storage. CISA crowns its cyber champions. Our guest is Joe Sykora, CEO from Coro, discussing the MSP space and how to address it. Relentless robocalls retrea

A checkmark for trust, a payload for theft. Jun 9, 2026 1613 Miasma malware meddles with Microsoft. SAP fixes critical flaws, Google patches an exploited Chrome zero-day, CanisterWorm spreads through npm, Mac users face a new malvertising threat, France investigates a breach of its secure messaging platform, insurers rethink AI risk, the FBI launches a Most Wanted Fraudsters list, and a U.S. citizen admits to spying for China. Our guest is Steve Winterfeld,

Meta’s recovery plan needed recovery. Jun 8, 2026 1719 Meta exposes 20,000 Instagram accounts through a support tool bug. CISA warns of active attacks on SolarWinds Serv-U. WordPress sites face takeover through a widely used plugin. A new Gafgyt variant broadens its reach. Pink extortionists steal cloud data with vishing and legitimate tools. Plus, allegations against IBM and AT&T, a dark web drug dealer gets 26 years, and the Monday business brief. T

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing] Jun 7, 2026 1615 GPS constellations have become foundational in modern society supporting everything from navigation to financial services, making the impacts of GPS disruptions all the more concerning. As reliance on these systems have grown, so too have efforts by threat actors to disrupt them through techniques such as jamming and spoofing. As these attacks have become more effective, they are becoming increas

You've been muted...permanently. [Research Saturday] Jun 6, 2026 1262 Ismael Valenzuela, Arctic Wolf’s VP of Labs, Threat Research and Intelligence, discusses their work on "BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web3 Sector." Arctic Wolf researchers uncovered a sophisticated campaign by North Korean threat group Lazarus Group subgroup BlueNoroff that targets cryptocurrency and Web3 executives through fake Zoom a

The NSA gets an AI upgrade. Jun 5, 2026 1916 Anthropic brings Mythos to the NSA. A Palantir executive emerges as a possible CISA pick. A Linux flaw is under active attack. Minecraft malware goes commercial. An npm package gets caught in the Miasma worm campaign. Researchers document the first AI-driven container escape. A browser supply-chain compromise and a university breach with unexpected victims. Our guest is Ashu Savani, Co-Founder at

Not every headhunter is hiring. Jun 4, 2026 1827 The Five Eyes issue a rare joint warning on China. Jen Easterly weighs in on Trump’s AI EO. Researchers warn everyday notifications can become AI attack vectors. IronWorm is a sophisticated Rust-based infostealer targeting software developers. Cisco patches a critical vulnerability in its Unified Communications Manager platform. Anthropic maps AI-enabled cyber activity to the MITRE ATT&CK framewor

The AI race gets a referee. Jun 3, 2026 1863 AI oversight arrives at the White House. A Cyber Force gains momentum. Critical infrastructure comes under cyberattack. Acer faces zero-day trouble. A stock exchange executive gets spied on for months. HTTP/2 Bomb threatens web servers. Quantum’s classical side grows bigger. Britain's military chooses Starshield. Spain’s infamous hacker gets sentenced. Our guest is Benjamin Morrell, Vice President

The bugs are piling up faster than the fixes. Jun 2, 2026 1823 A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Steam comments. Researchers spot AI-assisted malware development. Attackers compromise Red Hat’s npm namespace. DriveSurge spreads malware through ClickFix and fake updates. FreePBX patches a critical fla

AI joins the chain of command. Jun 1, 2026 1788 Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-old Linux bug gets its day in the sun. Today’s business update. Our guest is Heather Ceylan, CISO at Box, discussing how governed AI starts with solving the unstructured data problem. Microsoft hits

CyberWire Daily at 10: The evolution of ransomware. [Special Edition] May 31, 2026 1364 In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape over the last decade of ransomware. Ransomware has evolved from small-scale extortion and opportunistic attacks to sprawling, sophisticated, organized crime and state-sponsored attacks. Cryptocurren

GPS: A backbone for critical infrastructure. [T-Minus: Space-Cyber Briefing] May 31, 2026 1595 Since its original creation in the 1970s, GPS has evolved from a technology primarily used by the military to a foundation for modern society. After the removal of selective availability for civilians in 2000, GPS’s value has significantly expanded. In the past two decades, nearly every critical infrastructure sector–telecommunications, transportation, energy, agriculture, emergency services, an

The skills pay the bills. [Research Saturday] May 30, 2026 1446 Today we are joined by Marco Giuliani, Vice President & Head of Research at ThreatDown, discussing their work on "GachiLoader adopts AI skill lure." Threat actors are now using fake AI agent “skills” as highly convincing social engineering lures, with a new campaign disguising the GachiLoader malware as a legitimate OpenClaw tool for automated Polymarket betting. Victims are tricked through fake

Mind the gap between IT and OT. May 29, 2026 1703 Iranian hackers hit LA transit. Chinese cyber operators target Middle East infrastructure. Dutch police take down a 17-million-device botnet. Researchers uncover a phishing risk in ChatGPT. Anthropic prepares its Mythos model for release. Chrome patches 22 critical bugs. Zapier fixes a dangerous vulnerability chain. ShinyHunters claims a Charter breach. A data broker who fueled scams against milli

The military wants to move at cyber speed. May 28, 2026 1879 Cyber Command’s new chief pushes modernization as lawmakers warn commercial location data is exposing U.S. troops. A third-party UK visa site leaks passports and selfies. Microsoft slams unpatched zero-day disclosures. Researchers uncover a new macOS malware campaign targeting crypto developers, while SEO poisoning and AI chatbots spread cryptojacking malware. Carnival confirms a massive breach ti

Breaking the GlassWorm. May 27, 2026 1695 A major takedown disrupts the GlassWorm botnet. The White House rewrites federal cyber logging rules as CISA faces cuts amid rising AI threats. Federal agencies ramp up scrutiny of so-called anti-tech extremism. GCHQ warns Russia is targeting UK infrastructure. Researchers uncover stealthy new malware, AI coding agent supply chain risks, and in-person extortion tactics targeting U.S. law firms. Eu

Attackers found a new way around MFA. May 26, 2026 1567 The FBI warns attackers are abusing Microsoft OAuth authentication. India pushes faster patching as AI speeds up cyberattacks. Iranian hackers blend phishing with SEO poisoning. Anthropic’s AI finds thousands of open source flaws, while AI also reshapes bug bounties and fuels supply-chain attacks hitting thousands of GitHub repos. Plus, a new LMS zero-day, bulletproof hosting arrests in the Nether

The Code of Honor: Paul J. Maurer and Ed Skoudis explore ethics in cybersecurity with Ben Yelin. [Special Edition] May 25, 2026 1694 Authors Paul J. Maurer and Ed Skoudis join Caveat podcast co host Ben Yelin to discuss their new book: "The Code of Honor: Embracing Ethics in Cybersecurity." The book is a comprehensive and practical framework for ethical practices in contemporary cybersecurity. Listen to Ben's discussion with Paul and Ed as they explore the ethical dimensions of cybersecurity, the influence of AI, and the respon

The current state of GPS following OCX with Dr. Sean Gorman, CEO of Zephr.xyz. [T-Minus: Space-Cyber Briefing] May 24, 2026 1304 Despite being an indispensable technology, traditional GPS remains vulnerable to exploitation and is needed for an update. In this week's episode, host Maria Varmazis sits down with Dr. Sean Gorman, CEO of Zephr.xyz, to discuss the current state of GPS. For decades, GPS has been a cornerstone technology for private, public, and military entities; however, through new technological advancements,

Ghosted by Grafana [Research Saturday] May 23, 2026 1558 Today we are joined by ⁠Sasi Levi⁠, Security Research Lead at ⁠Noma Security⁠, sharing their team's work on "GrafanaGhost: The Phantom Stealing Your Data." Researchers at Noma Security disclosed “GrafanaGhost,” a vulnerability that could allow attackers to silently exfiltrate sensitive business data from Grafana dashboards using indirect prompt injection techniques. The attack chains together mu

Too many cooks in the algorithm. May 22, 2026 1541 Trump hits pause on an AI executive order. Lawmakers sound alarms over CISA cuts. A sophisticated scareware campaign traps users in fake tech support scams. Ubiquiti patches critical UniFi flaws. The U.S. pours billions into quantum computing. Researchers uncover delayed Google API key revocation. Canadian authorities arrest the alleged Kimwolf botnet operator. Two Americans plead guilty in a glob

That shield has cracks in it. May 21, 2026 1720 Microsoft confirms active exploitation of two Defender flaws. Europol dismantles a VPN service tied to ransomware gangs. A nine-year-old Linux kernel bug exposes SSH keys and password hashes. Cisco patches a critical Secure Workload vulnerability, while Drupal fixes a highly critical SQL injection flaw. Android malware quietly signs victims up for premium SMS scams. Webworm upgrades its espionage

The cost of trusting the extension ecosystem. May 20, 2026 1648 GitHub confirms a breach tied to a malicious VS Code extension. Anthropic fights a Pentagon blacklist as the White House weighs new AI security rules. Drupal scrambles to patch a critical flaw. Cisco Talos tracks the evolution of BadIIS malware-for-hire. Signal adds anti-phishing safeguards, Microsoft cracks down on malware-signing services, and China says foreign spies hijacked domestic routers f

CISA secrets left sitting on GitHub. May 19, 2026 1582 A CISA contractor leaks GovCloud credentials on GitHub. INTERPOL cracks down on phishing infrastructure across the Middle East and North Africa. Microsoft patches a critical Authenticator flaw, while Poland moves officials off Signal after targeted phishing campaigns. A stealthier SHub macOS infostealer emerges. Universal Robots fixes a critical vulnerability. A Dark Web marketplace dumps millions

The M5 just met its memory problem. May 18, 2026 1938 Researchers crack Apple’s M5 memory protections with a kernel exploit. An IBM Security executive emerges as a possible CISA pick. Researchers uncover four malicious npm packages. AI-generated “slop” floods bug bounty programs. Major healthcare breaches hit the HHS tracker, 7-Eleven confirms a breach, and chained OpenClaw AI flaws could enable full host compromise. Santa Clara County sues Meta ove

From cyberspace to space-cyber. [T-Minus: Space-Cyber Briefing] May 17, 2026 1935 For years, in-space internet capabilities were rarely worth the hassle. Now, that’s changing. In today’s episode, Maria Varmazis and Ethan Cook sit down to discuss how internet data moves through space systems and its recent advancements. For decades, GEO satellites made up most of the marketplace; however, LEO satellites are changing the landscape improving connectivity and speeds. Key sources:

Scam papers served. [Research Saturday] May 16, 2026 1604 ⁠⁠⁠Thomas Elkins⁠⁠⁠, SOC L3 Analyst from ⁠⁠⁠BlueVoyant⁠⁠⁠, is discussing "Unpacking Augmented Marauder’s Multi-Pronged Casbaneiro Campaigns." BlueVoyant researchers uncovered a large-scale phishing campaign by a Brazil-linked threat group targeting Spanish-speaking users across Latin America and Europe, using fake judicial summons emails, WhatsApp attacks, ClickFix tactics, and email phishing to s

One email could be all it takes. May 15, 2026 1509 Microsoft sounds the alarm on a critical Exchange zero-day, OpenAI and Mistral AI deal with fallout from a widening supply-chain attack campaign, and researchers uncover a thriving underground market for unlocking stolen iPhones. A stealthy macOS infostealer spreads through ClickFix scams, healthcare braces for major HIPAA security changes, and hackers cash in big at Pwn2Own Berlin after burning t

The era of AI-powered attacks is here. May 14, 2026 1632 Google says AI-powered cybercrime has gone industrial scale. Two new Windows zero-days emerge. Signal threatens to leave Canada over lawful access legislation. Pentagon-linked influence operations shift to paid ads. Linux admins scramble to patch a new root-level flaw. FamousSparrow targets Azerbaijan’s energy sector. Cisco announces layoffs despite record revenue. An alleged Dream Market administ

Every layer needs a patch now. May 13, 2026 1508 Patch Tuesday. Global agencies update SBOM guidance. Iran-linked espionage group Seedworm breached a major South Korean electronics manufacturer. A telehealth platform breach affects 716,000. Foxconn confirms a cyberattack. Maria Varmazis has an update on orbital data centers. A lawmaker questions surveillance pricing. Brandon Karpf, friend of the show, is talking with Dave about "Japan’s space sy

China’s hackers aren’t invincible. May 12, 2026 2290 Former NSA chief says the U.S. can beat China in cyberspace. Canvas cuts a deal with hackers. The FCC proposes KYC rules for phone users. SAP patches critical flaws. A poisoned TanStack npm supply chain attack spreads malware. Humanitarian aid lures deliver spyware. Japan launches an AI-driven cyber review. Texas sues Netflix over data practices. And Harvard experts debate the future of agentic AI

Foreign routers get a longer lifeline. May 11, 2026 1744 The FCC eases restrictions on foreign-made routers. Shiny Hunters hit Canvas and Zara. SailPoint discloses unauthorized access to its GitHub repositories. TrickMo Android banking malware has more tricks up its sleeve. Polish officials warn of increased targeting of ICS and public infrastructure. A federal judge orders $10 million in restitution for stolen zero days. German authorities takedown the

Payal Chakravarty: Overcoming bias in the workplace. [Security and Risk] [Career Notes] May 10, 2026 617 Please enjoy this encore of Career Notes. Payal Chakravarty, Head of Product for Security and Risk from Coalition, sits down to share her story of working at several different organizations, including interning for IBM and Microsoft. After obtaining her master's degree, she worked with IBM a bit more closely and fell in love with one of the projects she was working on. Payal had a very interesti

CyberWire Daily at 10: The evolution of geopolitics and warfare. [Special Edition] May 10, 2026 1678 In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss cybersecurity geopolitics and warfare that have been in the news over the past 10 years. We begin our conversation around the supply chain malware from the destructive NotPetya campaign out of Russia, then Maria and Dave highlight: Olympic Destroyer disrupting the Pyeongc

The spy who logged me in. [Research Saturday] May 9, 2026 1443 Mark Kelly, Staff Threat Researcher at Proofpoint, is discussing their work on "I’d come running back to EU again: TA416 resumes European government espionage campaigns." China-linked threat group TA416 has resumed large-scale phishing and malware campaigns targeting European governments, diplomatic missions tied to the EU and NATO, and more recently Middle Eastern entities following the outbreak

The four-day race you don’t want to be in. May 8, 2026 1920 CISA orders rapid patching of actively exploited Ivanti zero-day. Canvas gets hacked during finals week. Dirty Frag is a new Linux zero-day. Researchers document a serious Claude Chrome extension bug. Meta ends Instagram encryption. PCPJack malware clean house before moving in. A new report highlights quantum-era cryptographic threats. Cloudflare announces layoffs amidst AI deployment. Sri Lankan

The backup plan needs a backup plan. May 7, 2026 1635 CISA pushes critical infrastructure to prepare for offline operations during cyberattacks. Questions grow over a shared U.S.-China AI threat. A Russian university is accused of feeding talent into GRU cyber units. Researchers warn poisoned data could quietly corrupt enterprise AI. LinkedIn faces a GDPR fight over monetizing user data. Millions downloaded fake Android call-history apps before Googl

The exploit that writes its own story. May 6, 2026 1705 CISA warns CopyFail is under active exploitation. Attackers compromise installers for a widely used disk imaging utility. MuddyWater masks cyberespionage as ransomware. Attackers spread malware through a fake OpenClaw plugin. Researchers ID a new Linux RAT. Vimeo blames a third party provider for a recent breach. Palo Alto’s Captive Portal is under attack. The FTC settles with a data broker over l

The fixes keep coming. May 5, 2026 2327 Brace for an AI-driven patch surge. Google fixes a critical Android flaw. Trellix confirms a source code breach. Apache Software Foundation ships urgent fixes. Data tied to Liberty Mutual leaks. CloudZ evolves to steal OTPs. Ouroboros persistence raises the stakes. A vishing suspect faces U.S. charges. Our guest is Markus Rauschecker, Executive Director for the University of Maryland Center for Cy

Security without a login screen. May 4, 2026 1467 Progress Software urges customers to patch a critical MOVEit authentication bypass. Washington worries about limited access to advanced AI tools. Paid influencers promote pro-American AI. CISA warns Copy Fail is under active exploitation. The Canvas educational platform suffers a data breach. The Lazarus Group uses ClickFix to target high-value enterprise users. U.S. and Chinese authorities raid s

Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO] [Career Notes] May 3, 2026 635 Please enjoy this encore of Career Notes. Kayla Williams, CISO of Devo, sits down to share her story, from graduating with a finance degree to rising to where she is now. She quickly learned that finance was not for her and changed paths, working towards gaining an information security certificate. From there she was able to excel and was offered the opportunity to move to England which changed h

Double-edged threat. [Research Saturday] May 2, 2026 165 Today we are joined by Justin Albrecht, Principal Researcher at Lookout, discussing "Attackers Wielding DarkSword Threaten iOS Users." DarkSword is a highly sophisticated iOS exploit chain discovered by Lookout that targets iPhones (iOS 18.4–18.6.2), enabling near zero-click compromise and rapid theft of sensitive data, including credentials and cryptocurrency wallet information. Likely deployed

Think before you deploy the agent. May 1, 2026 1821 Five Eyes agencies issue agentic AI guidance. A federal database leaks Social Security numbers. A stealthy worm poisons open source packages. OT firms are sidelined from frontier cyber models. The FBI warns of a surge in cyber-enabled cargo theft. Officials flag likely election interference as security programs face cuts. Researchers uncover a covert Python backdoor. Ubuntu’s site takes Iranian-li

One copy too many. Apr 30, 2026 1821 A critical Linux flaw dubbed “Copy Fail” raises alarm. The House moves to extend Section 702. The White House pushes back on expanded Mythos access. cPanel and SonicWall rush out security patches. Researchers warn AI agents may leak credentials. Smishing targets key industries. Ukrainian police arrest suspects in a massive Roblox account theft scheme. Our guest is Jamie Moles, technical manager at

A wake-up call on frontier AI. Apr 29, 2026 1716 OpenAI and Anthropic brief Congress on cyber-capable AI. The GAO flags improper DOGE access to Treasury payment systems. Greece moves to end online anonymity. CISA orders agencies to patch an exploited Windows zero-day. Researchers uncover ransomware that destroys data instead of encrypting it. State CISOs report falling confidence. Neurodivergent cyber pros cite inclusion gaps. Police arrest a 19

War hits where it hurts. Apr 28, 2026 1480 Conflict in the Middle East disrupts the circuit board supply chain. The Supreme Court considers arguments on geofence searches. A new report highlights Chinese digital transnational repression. The NCSC protects HDMI and DisplayPort links. Tennessee bans cryptocurrency ATMs. Researchers expose a financially motivated subgroup of North Korea’s Lazarus Group. Medtronic confirms a ShinyHunters data

The Three-Layer Strategy for Autonomous Agent Governance with Joe Hladik [Data Security Decoded] and Amit Malik Apr 28, 2026 1938 The race for AI dominance has created a dangerous imbalance between business velocity and cyber resilience. In this episode, host Caleb Tolin is joined by Joe Hladik, Head of Rubrik Zero Labs, and Staff Security Researcher Amit Malik to break down the findings of their latest report on agentic adoption. The discussion centers on the Agentic Paradox. This is the technical reality that tools designe

The Supreme Court sits on the geofence. Apr 27, 2026 1788 The Supreme Court weighs geofence warrants. Iran leans toward quieter cyber ops. Researchers unpack Fast16 sabotage malware. Microsoft tracks an Outlook outage. Snow malware moves deep inside networks. Itron reports a breach. SMS blasters hit Canada. Italy extradites an accused hacker to the U.S. Monday business brief. Our guest is Mick Coady, Field CTO of Elisity, on how hospitals can best defend

Adam Marrè: Learning to be a leader. [CISO] [Career Notes] Apr 26, 2026 691 Please enjoy this encore of Career Notes. Adam Marrè, CISO from Arctic Wolf, sits down to share his story of rising through the ranks. After 9/11 he decided he wanted to make a difference in the world, and so he chose to go into the FBI. There he learned the skills that got him to where he is today. In his time at the FBI, he was able to do what he loved, which was working with computers while g

A QRazy clever scam. [Research Saturday] Apr 25, 2026 1133 This week, we are joined by Juliana Testa, Senior Security Engineer from 7AI, sharing their work on "Quish Splash - When the QR Code Is the Weapon: A Multi-Wave Phishing Campaign That Slipped Past Every Filter." A large-scale “quishing” campaign used QR codes embedded in image attachments to hide phishing URLs, allowing 28 out of 33 emails to bypass SPF, DKIM, DMARC, and Microsoft Defender and lan

A digital battlefield in practice. Apr 24, 2026 1569 Locked Shields wraps another year. Open models challenge Mythos. CISA tracks FIRESTARTER inside a federal agency. The White House targets foreign AI model extraction. Microsoft lets admins remove Copilot. Treasury sanctions a Cambodian scam-compound senator. Breeze Cache rushes a patch. Researchers downplay OT malware hype, while NIST pushes for better OT visibility. Our guest is Eric Russo, Direc

Your signal is showing. Apr 23, 2026 1641 Researchers expose covert telecom surveillance campaigns. Lawmakers push new national privacy rules. China-linked actors hide inside compromised device networks. A ransomware forum leak reveals a criminal marketplace. GopherWhisper blends into cloud services for espionage. Attackers poison AI with hidden web prompts. Apple patches lingering notification data. macOS admin tools become attacker path

The leak was only a matter of time. Apr 22, 2026 2105 Mythos leaks. The DOD preps a more aggressive cyber strategy. A former FBI cyber official urges homicide charges for hospital ransomware deaths. Lotus Wiper targeted the Venezuelan energy and utilities sector. Over 1,300 SharePoint servers remain unpatched against a spoofing vulnerability. The Harvester APT group deploys a new Linux version of its GoGra backdoor. A new LOTUSLITE backdoor targets I

Trust lags behind technology. Apr 21, 2026 1762 Anthropic’s Mythos proves irresistible despite claimed supply chain risks.Iran claims U.S. backdoors hit its networks. New Coast Guard rules target maritime OT security. A fresh NGate Android malware variant emerges. Thousands of ActiveMQ servers face active exploitation risk. CISA adds eight flaws to its KEV list. Progress patches MOVEit and LoadMaster bugs. Attackers impersonate IT staff over Mi

When one weak link is enough. Apr 20, 2026 1720 Cloud platform Vercel confirms a data breach. Microsoft releases emergency updates to fix Windows Server restart loops. Bluesky gets DDoSed. Insurers keep close watch on an AI hiring discrimination suit. Cybersecurity workforce turnover rises. Scammers abuse Apple’s email notification system. A Scattered Spider member pleads guilty to SMS phishing and cryptocurrency theft. Monday business brief. O

Jaya Baloo: Don't be afraid to bounce ideas off your teammates. [CISO] [Career Notes] Apr 19, 2026 634 Please enjoy this encore of Career Notes. Jaya Baloo, a Chief Information Security Officer from Avast sits down to share her story, sharing how she got into the technology field at a younger age with being introduced to computers and games on her PS 24. She started off going to college for political science and after not knowing what to do after that, she got her first start in cybersecurity. Af

A new breed of RAT. [Research Saturday] Apr 18, 2026 1312 Today we are joined by Dr. Darren Williams, Founder and CEO of BlackFog, to discuss his team's work on "Steaelite RAT Enables Double Extortion Attacks from a Single Panel." A new remote access trojan, Steaelite, is being marketed on underground forums as an all-in-one platform that combines remote access, credential theft, surveillance, and ransomware deployment through a single browser-based dash

Temporary fix for Section 702. Apr 17, 2026 2135 The House extends Section 702, for now. Mythos raises fresh cyber risk concerns. CISA warns of reduced capacity. ZionSiphon targets Israeli water systems. Operation PowerOFF hits DDoS-for-hire networks. CISA flags an actively exploited ActiveMQ flaw. WordPress plugin supply chain attacks spread. China tests deep-sea cable-cutting tech. Our guest is Arvind Nithrakashyap, CTO and Co-Founder of Rubri

Too many flaws, not enough time. Apr 16, 2026 1884 NIST struggles with an NVD backlog. Cisco and Splunk ship critical patches. Researchers flag a systemic flaw in Anthropic’s MCP. ShinyHunters leak 13.5 million McGraw Hill accounts. Cargo theft goes cyber. A Tennessee hospital breach hits 337,000 patients. Two Americans are sentenced in a North Korean fake-IT-worker scheme. Our guest is Rob Allen, Chief Product Officer at ThreatLocker, describing

A heavy patch Tuesday lands. Apr 15, 2026 1588 Patch Tuesday. CISA directs furloughed employees back to work. Experts warn Anthropic’s Glasswing signals a new era of AI-driven vulnerability discovery. Federal prosecutors crack down on chip smuggling. Sweden says a pro-Russian cyber group attempted to disrupt power plant operations. A fake app in Apple’s App Store drains crypto wallets. Virginia bans the sale of precise geolocation data. Our g

France builds its own digital future. Apr 14, 2026 2320 France pushes digital sovereignty. Adobe rushes an Acrobat Reader patch. Booking.com confirms a targeted breach. SAP fixes a critical SQL injection bug. A sanctions-dodging fraud network resurfaces. ViperTunnel infiltrates U.S. and U.K. firms. GlassWorm spreads across developer tools. Researchers dissect Predator spyware’s kernel engine. A lawsuit challenges AI transcription in hospitals. Ted Shor

W3LL runs dry. Apr 13, 2026 1762 The FBI disrupts a multi-million-dollar phishing ring. A North Korea-linked supply chain attack hits OpenAI. Developers face a Slack phishing campaign. A critical Python notebook flaw is exploited in hours. ShinyHunters target Rockstar Games. A Japanese shipping firm reports a breach. Tracking the cybersecurity winners and losers in Trump’s 2027 budget, plus a claimed cyberattack on UAE infrastruc

Mark Logan: March towards your goals. [CEO] [Career Notes] Apr 12, 2026 105 Please enjoy this encore of Career Notes. Mark Logan, CEO of One Identity, sits down to share his story, explaining how he fit into different roles growing up in different companies. Mark has nearly two decades of C-Suite experience at an array of different organizations, finally landing on his current position as the CEO at One Identity. Sharing his different roles, he also gives a quote from S

Walking through the anatomy of a cyberattack. [CyberWire-X] Apr 12, 2026 2095 What does a modern cyberattack really look like from the inside? In this CyberWire-X episode, Dave Bittner speaks with John Anthony Smith, Founder and Chief Security Officer of Fenix24. This conversation takes us step by step as an attacker breaks into a target environment – probing for weaknesses, exploiting entry points, escalating privileges, and moving laterally until they reach their objectiv

A wolf in admin clothing. [Research Saturday] Apr 11, 2026 1484 Today we are joined by Selena Larson, Threat Researcher from Proofpoint research team and co-host of Only Malware in the Building, talking about their work on "(Don't) TrustConnect: It's a RAT in an RMM hat." Proofpoint uncovered TrustConnect, a malware-as-a-service platform posing as a legitimate remote monitoring and management (RMM) tool, but actually functioning as a remote access trojan (RAT

The AI arms race hits finance. Apr 10, 2026 1359 The Treasury Secretary and Fed Chair summon bankers over AI concerns. A hacker claims more than 10 petabytes stolen from China’s National Supercomputing Center. Recalibrating the quantum timeline. Researchers demo prompt injection against Apple Intelligence. Payroll Pirates target Canadians. Gmail gets end-to-end encryption on mobile devices. A Chrome update fixes critical vulnerabilities. A Penns

Hackers ignore the ceasefire. Apr 9, 2026 1704 Iran-linked hackers signal cyberattacks will continue despite the cease-fire. Microsoft restores access after suspending open-source developer accounts. John Deere settles its right-to-repair fight. A suspected Adobe Reader zero-day surfaces. Palo Alto Networks and SonicWall patch high-severity flaws. New macOS malware targets crypto wallets. A threat cluster abuses live chat to bypass MFA. CISA o

CyberAv3ngers unleashed. Apr 8, 2026 1439 Federal agencies warn Iranian-linked hackers are probing U.S. critical infrastructure, while the DOJ disrupts a Russian router hijacking campaign. Cyberattacks hit Minnesota government systems and force a Massachusetts hospital to divert ambulances. Anthropic limits access to its new AI bug-hunting model, hackers leak terabytes of LAPD data, and researchers warn of a rise in AI recommendation pois

Proposed cuts put CISA in focus. Apr 7, 2026 1715 CISA faces a $700 million budget cut. Russian and Iranian cyber cooperation raises concerns. New BPFDoor variants emerge. Cybercrime losses climb again. Researchers advance a GPU Rowhammer attack. Northern Ireland schools go offline after a breach. An alleged hacker-for-hire faces U.S. charges. And German police name the suspected REvil mastermind. Our guest is John Anthony Smith, Founder and Chie

Patching can't wait. Apr 6, 2026 2084 Fortinet releases an emergency update for a critical vulnerability. A major outage disrupts Russian banking apps. A new report highlights critical skills gaps. CyberCorp scholars struggle to secure jobs. Scammers use QR codes in fake traffic violation schemes. A proposed lawsuit accuses Perplexity of oversharing users’ AI transcripts. Cambodia outlaws scam centers. Scammers impersonate Harvard IT

Anjali Hansen: Cross team collaboration works best. [Privacy Counsel] [Career Notes] Apr 5, 2026 105 Please enjoy this encore of Career Notes. Anjali Hansen, a Senior Privacy Counselor from Noname Security shares her story as she climbed through the ranks to get to where she is today. When Anjali started, she wanted to do international law. She started working for the International Trade Commission after law school, where she was able to gain most of her experience and real world abilities. Work

Startup surge sparks spy interest. [Research Saturday] Apr 4, 2026 1155 This week, we are joined by Santiago Pontiroli, Threat Intelligence Research Lead from Acronis TRU team, discussing their work on "New year, new sector: Transparent Tribe targets India’s startup ecosystem." The Acronis Threat Research Unit uncovered a new campaign by Transparent Tribe showing the group has expanded beyond traditional government and defense targets to India’s startup ecosystem, esp

War comes for the cloud. Apr 3, 2026 1853 Cloud data centers come under fire in wartime. A massive dark web intelligence database is exposed. Chinese hackers exploit a video conferencing zero-day. The intelligence community rolls out cyber modernization plans. React2Shell attacks spread at scale. Iowa sues UnitedHealth over the Change Healthcare breach. France moves to bar kids from social media. Researchers warn about hidden risks in pow

The WhatsApp impostor. Apr 2, 2026 1800 A fake WhatsApp spreads spyware. The State Department pushes embassies to counter influence ops. Cisco patches critical bugs. CrystalRAT hits Telegram. A Texas hospital breach affects 250,000. HHS reshuffles IT oversight. China-linked spies target Europe. EvilTokens hijacks Microsoft accounts. Ransomware hits a North Dakota water plant. Sumedh Thakar, President and CEO of Qualys, discusses how cyb

A war of missiles and messages. Apr 1, 2026 1826 Iran’s cyber campaign continues. North Korea targets the axios NPM package. Cisco suffers a Trivy-related breach. Claude’s code leak unveils broad capabilities. The DOD’s zero-trust efforts are slow-going. A proposed class action suit accuses Perplexity of oversharing. Google patches another Chrome zero-day. The FBI warns against using foreign-developed mobile apps. Christy Wyatt, CEO from Absolut

Water sector feels the pressure. Mar 31, 2026 1604 Iranian-linked hackers warn of possible “irreparable” attacks on U.S. water systems. CISA pushes urgent fixes for a critical Citrix flaw. The Dutch Finance Ministry takes systems offline after a breach. Space Force may scrap next-gen GPS control software. Attackers exploit a Fortinet server bug. Lloyds exposes customer transaction data. AI and regulation reshape cyber careers. The FTC settles with

Inbox intrusion hits FBI chief. Mar 30, 2026 1584 Iran-linked hackers claim a breach of the FBI director’s personal email. ShinyHunters hit the European Commission. F5 and Citrix warn of actively exploited flaws. A WordPress plugin exposes hundreds of thousands of sites. Infinity Stealer targets macOS users. A Russian APT adopts a new iOS exploit kit. Treasury weighs a cyber insurance backstop. DHS clears suspended CISA staff. Our guest is Brian

David Nosibor: Taking calculated risks. [Product Lead] [Career Notes] Mar 29, 2026 1570 Please enjoy this encore of Career Notes. David Nosibor, Product Lead for SafeCyber at UL Solutions, started his career in a unique way by not letting himself be pigeonholed. Within his company, David was able to grow to the position he is in now and says that his position feels like a lot of roles tied into one. He says that on any given day he is tackling all sorts of elements, such as marketin

Episodes

Recommended

—