CyberWire Daily

N2K Networks
  • 0.0 (0)
  • TECH NEWS
  • UPDATED DAILY

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

  1. 12 HR AGO

    The fixes keep coming.

    Brace for an AI-driven patch surge. Google fixes a critical Android flaw. Trellix confirms a source code breach. Apache Software Foundation ships urgent fixes. Data tied to Liberty Mutual leaks. CloudZ evolves to steal OTPs. Ouroboros persistence raises the stakes. A vishing suspect faces U.S. charges. Our guest is Markus Rauschecker, Executive Director for the University of Maryland Center for Cyber, Health and Hazard Strategies (CHHS), on the importance of the non-technical aspects of good cybersecurity preparedness and response. Our Threat Vector segment focuses on incident response. If you think UK age verification is working, I mustache you a question. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Industry Voices Markus Rauschecker, Executive Director for the University of Maryland Center for Cyber, Health and Hazard Strategies (CHHS), discussing the importance of the non-technical aspects of good cybersecurity preparedness and response. If you enjoyed this conversation check out the full interview here. Threat Vector Segment On this segment of Threat Vector by Palo Alto Networks, host David Moulton speaks with guest Steve Elovitz. In this conversation, Steve reflects on what two decades of incident response actually teaches you about the people on the other side of a breach. You can listen to the full conversation here, and catch new episodes of Threat Vector every Thursday on your favorite podcast app. Selected Reading NCSC Warns of an AI-Fuelled “Vulnerability Patch Wave” (Infosecurity Magazine) AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed (Infosecurity Magazine) Critical Remote Code Execution Vulnerability Patched in Android (SecurityWeek) Trellix Reveals Unauthorized Access to Source Code (Infosecurity Magazine) Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server (SecurityWeek) Everest Group Begins Leaking Alleged Liberty Mutual Data (GovInfo Security) CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs (Bleeping Computer) dMSA Ouroboros: Self-Sustaining Credential Extraction in Windows Server 2025 (Huntress) Western District of North Carolina | Romanian National Appears in Federal Court Following Extradition from Romania on Bank Fraud Charges Stemming From “Vishing” Scheme (United States Department of Justice) Kids can bypass some age checks with a drawn-on mustache (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    39 min

  2. 1 DAY AGO

    Security without a login screen.

    Progress Software urges customers to patch a critical MOVEit authentication bypass. Washington worries about limited access to advanced AI tools. Paid influencers promote pro-American AI. CISA warns Copy Fail is under active exploitation. The Canvas educational platform suffers a data breach. The Lazarus Group uses ClickFix to target high-value enterprise users. U.S. and Chinese authorities raid scam centers in Dubai. Monday Business Brief. On Afternoon Cyber Tea with Ann Johnson: Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security, joins Ann to discuss the accelerating pace of technology, AI, and global software dependencies. May the Fourth be with your firewall.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Afternoon Cyber Tea On this segment of Afternoon Cyber Tea with Ann Johnson: Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security, joins Ann to discuss how the accelerating pace of technology, AI, and global software dependencies are reshaping the cybersecurity landscape. To hear the full conversation, check out the episode and subscribe where you get your favorite podcasts to listen to past episodes. The show is going on hiatus. Stay tuned for the next chapter soon. Selected Reading ⁠Progress warns of critical MOVEit Automation auth bypass flaw⁠ (Bleeping Computer) ⁠What Was Discussed at Google’s White House Meeting About A.I. ⁠(The New York Times) ⁠US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems ⁠(SecurityWeek) ⁠A Dark-Money Campaign Is Paying Influencers to Frame Chinese AI as a Threat⁠ (WIRED) ⁠CISA says ‘Copy Fail’ flaw now exploited to root Linux systems⁠ (Bleeping Computer) ⁠Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats⁠ (SecurityWeek) ⁠Lazarus Targets macOS Users With New “Mach-O Man” Malware Kit⁠ (GB Hackers) ⁠US, China partner on scam center takedown in Dubai⁠ (The Record) ⁠Cloudsmith raises $72 million in Series C funding.⁠ (N2K Pro Business Briefing) Microsoft for Startups (N2K Networks) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    24 min
  3. Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO] [Career Notes]

    3 DAYS AGO ·  BONUS

    Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO] [Career Notes]

    Please enjoy this encore of Career Notes. Kayla Williams, CISO of Devo, sits down to share her story, from graduating with a finance degree to rising to where she is now. She quickly learned that finance was not for her and changed paths, working towards gaining an information security certificate. From there she was able to excel and was offered the opportunity to move to England which changed her life. Working in her new role, she really enjoys thriving with her team. She says "We really try to be the department of no problem versus the department of no." She mentions how her and her team work on a day to day basis together solving issues and yet she says not everything related to cybersecurity needs to be a fire drill. She would rather her and her team build bridges in the face of adversity and in the face of people who may be naysayers. We thank Kayla for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices

    11 min
  4. Double-edged threat. [Research Saturday]

    4 DAYS AGO ·  BONUS

    Double-edged threat. [Research Saturday]

    Today we are joined by Justin Albrecht, Principal Researcher at Lookout, discussing "Attackers Wielding DarkSword Threaten iOS Users." DarkSword is a highly sophisticated iOS exploit chain discovered by Lookout that targets iPhones (iOS 18.4–18.6.2), enabling near zero-click compromise and rapid theft of sensitive data, including credentials and cryptocurrency wallet information. Likely deployed by a Russia-linked threat actor (UNC6353) against Ukrainian users, it uses watering hole attacks on compromised websites and operates in a “hit-and-run” fashion—exfiltrating data within minutes before wiping traces. The campaign highlights a growing secondary market for advanced exploits, allowing financially motivated groups to access powerful tools once reserved for state actors, significantly expanding the mobile threat landscape. The research and executive brief can be found here: ⁠Attackers Wielding DarkSword Threaten iOS Users Learn more about your ad choices. Visit megaphone.fm/adchoices

    3 min

  5. 4 DAYS AGO

    Think before you deploy the agent.

    Five Eyes agencies issue agentic AI guidance. A federal database leaks Social Security numbers. A stealthy worm poisons open source packages. OT firms are sidelined from frontier cyber models. The FBI warns of a surge in cyber-enabled cargo theft. Officials flag likely election interference as security programs face cuts. Researchers uncover a covert Python backdoor. Ubuntu’s site takes Iranian-linked DDoS fire. Cyber pros are sentenced in a ransomware case. Our guest is Andrew Carr, Global Head of Threat Management at Booz Allen, discussing how AI is accelerating cyberattacks. OpenAI joins the invitation-only club. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices we are joined by ⁠Andrew Carr⁠, Global Head of Threat Management at ⁠Booz Allen Hamilton⁠, discussing how AI is accelerating cyberattacks and reshaping cybersecurity defenses. If you enjoyed this conversation be sure to check out the full interview here. Selected Reading Careful Adoption of Agentic AI Services (CISA)  Careful adoption of agentic AI services (Cyber.gov.au) Medicare portal exposed health providers’ Social Security numbers (The Washington Post) Open-source registries hit by 'Mini Shai-Hulud' supply chain attacks (Developer) OT Cybersecurity Frozen Out by Frontier Labs (OTToday) FBI Warns of Surge in Hacker-Enabled Cargo Theft (SecurityWeek) Breach Roundup: US Cyber Command Flags Election Threats (Gov Infosecurity) Sophisticated Deep#Door Backdoor Enables Espionage, Disruption (SecurityWeek) Pro-Iran group turns Ubuntu DDoS into shakedown (The Register) Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison (United States Department of Justice) OpenAI locks GPT-5.5-Cyber behind velvet rope (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    30 min

  6. 5 DAYS AGO

    One copy too many.

    A critical Linux flaw dubbed “Copy Fail” raises alarm. The House moves to extend Section 702. The White House pushes back on expanded Mythos access. cPanel and SonicWall rush out security patches. Researchers warn AI agents may leak credentials. Smishing targets key industries. Ukrainian police arrest suspects in a massive Roblox account theft scheme. Our guest is Jamie Moles, technical manager at ExtraHop, discussing how the pace of vibe coding is creating major AI blind spots. Honeypot hijinks get halted by curious clicks.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Jamie Moles, technical manager at ExtraHop, discussing how the pace of vibe coding is creating major AI blind spots. Selected Reading Copy Fail (Copy.Fail) House extends a controversial spy tool, but Senate path is unclear ahead of deadline (NPR) White House Opposes Anthropic’s Plan to Expand Access to Mythos Model (WSJ) Critical Authentication Vulnerability in cPanel and WHM (Beyond Machines) Security Advisory: Firmware Update Required — Gen 6, Gen 7, and Gen 8 Firewalls (Sonic Wall) Phishing the agent: Why AI guardrails aren’t enough (Okta) Phoenix Rising: Exposing the PhaaS Kit Behind Global Mass Phishing Campaigns (Group-IB Blog) Ukrainian police detain hackers suspected of stealing thousands of Roblox accounts for resale (The Record) I accidentally made law enforcement shut down their stresser honeypot (lina's blog) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    30 min

  7. 6 DAYS AGO

    A wake-up call on frontier AI.

    OpenAI and Anthropic brief Congress on cyber-capable AI. The GAO flags improper DOGE access to Treasury payment systems. Greece moves to end online anonymity. CISA orders agencies to patch an exploited Windows zero-day. Researchers uncover ransomware that destroys data instead of encrypting it. State CISOs report falling confidence. Neurodivergent cyber pros cite inclusion gaps. Police arrest a 19-year-old alleged Scattered Spider member. Our guest is Chris Boehm, Zero Networks’ Field Chief Technology Officer, on minimizing your blast radius. AI lowers the bar and lengthens the line in the courtroom.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Chris Boehm, Zero Networks’ Field Chief Technology Officer, discussing "One Compromised System and BOOM, Meet Your Blast Radius." Selected Reading OpenAI, Anthropic brief House Homeland Security on AI cyber threats (Axios) Scoop: White House workshops plan to bring back Anthropic (Axios) GAO report on DOGE payments access ‘just the tip of the iceberg’ (Federal News Network) Greece to ban anonymity on social media (Euractiv) CISA orders feds to patch Windows flaw exploited as zero-day (Bleeping Computer) Broken VECT 2.0 ransomware acts as a data wiper for large files (Bleeping Computer) State CISOs Report Lower Confidence Across the Public Sector Cyber Ecosystem, 2026 NASCIO-Deloitte Survey Finds (NASCIO) Neurodivergence in the Cybersecurity Workforce (ISC2) Teen charged in Chicago was part of international ‘Scattered Spider’ hacker group, feds say (Chicago Tribune) People Using AI to Represent Themselves in Court Are Clogging the System (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    29 min

  8. 28 APR

    War hits where it hurts.

    Conflict in the Middle East disrupts the circuit board supply chain. The Supreme Court considers arguments on geofence searches. A new report highlights Chinese digital transnational repression. The NCSC protects HDMI and DisplayPort links. Tennessee bans cryptocurrency ATMs. Researchers expose a financially motivated subgroup of North Korea’s Lazarus Group. Medtronic confirms a ShinyHunters data breach. Tim Starks, from CyberScoop discusses telecom vulnerabilities. A helpful AI deletes everything.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We welcome back Tim Starks, Senior Reporter for CyberScoop, discussing telecom vulnerabilities. Selected Reading Iran war disrupts the circuit board supply chain, raises costs for tech firms (Reuters) Iranian hackers expose personal details of thousands of US Marines in Middle East (Metro) Supreme Court signals location data searches should require a warrant (The Record) Tall Tales: How Chinese Actors Use Impersonation and Stolen Narratives to Perpetuate Digital Transnational Repression (The Citizen Lab) NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links (Security Affairs) Tennessee becomes second state to ban cryptocurrency ATMs over scam concerns (The Record) BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web3 Sector (Arctic Wolf) Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak (SecurityWeek) Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue (Tom's Hardware) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    25 min
See All (2k)

Hosts & Guests

About

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Information

  • Creator
    N2K Networks
  • Years Active
    2016 - 2026
  • Episodes
    2k
  • Rating
    Clean
  • Copyright
    © 2024 N2K Networks, Inc. 706761
  • Show Website
    CyberWire Daily

You Might Also Like