No more spinach for PopeyeTools.

The feds take down the PopeyeTools cybercrime market. Five alleged Scattered Spider members have been charged.  CISA warns of critical vulnerabilities in VMware’s vCenter Server. Global AI experts convene to discuss safety. MITRE updates its list of Top 25 Most Dangerous Software Weaknesses. US and Australian agencies warn critical infrastructure organizations about evolving tactics by the BianLian ransomware group. A new report looks at rising threats to the U.S. manufacturing industry. Researchers at ESET uncover the WolfsBane Linux backdoor. A pair of malicious Python packages impersonating ChatGPT went undetected for over a year. A data breach at a French hospital compromised the medical records of 750,000 patients. On our Industry Voices segment, guest Avihai Ben-Yossef, Cymulate’s Co-Founder and CTO, joins us to discuss "The Evolution and Outlook of Exposure Management." AI Pimping is the scourge of Instagram. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, guest Avihai Ben-Yossef, Cymulate’s Co-Founder and CTO, joins us to discuss "The Evolution and Outlook of Exposure Management."

Resources: 

• Security Validation Essentials
• Hertz Israel Reduced Cyber Risk by 81% within 4 Months with Cymulate
• SecOps Roundtable: Security Validation and the Path to Exposure Management
• Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD

Selected Reading

US seizes PopeyeTools cybercrime marketplace, charges administrators (Bleeping Computer)

Five Charged in Scattered Spider Case (Infosecurity Magazine)

CISA Warns of VMware VCenter Vulnerabilities Actively Exploited in Attacks (Cyber Security News)

US Gathers Allies to Talk AI Safety as Trump’s Vow to Undo Biden’s AI Policy Overshadows Their Work (SecurityWeek)

MITRE Updates List of 25 Most Dangerous Software Vulnerabilities (SecurityWeek)

BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk (Infosecurity Magazine)

Manufacturing Sector Under Siege: Industry Faces Wave of Advanced Email Attacks (Abnormal Security)