CyberWire Daily

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

  1. 10 hr ago

    Who you gonna call?

    GhostApproval puts AI coding assistants under the microscope. Microsoft fixes the RoguePlanet zero-day. More than 70 cybersecurity firms back a new AI Charter. An Ohio county may have paid a $1 million ransom. AssuranceAmerica discloses a breach affecting nearly seven million people. Australia bricks thousands of broadband routers. Israeli fintech Nayax reports a cyber incident. KDDI confirms a massive telecom data breach. A global anti-fraud operation leads to thousands of arrests. Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies explains the EU Cloud and AI Development Act. Slopfix fights fire with fire.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies discussing the EU Cloud and AI Development Act. Selected Reading GhostApproval Flaw Hits Six Major AI Coding Assistants (Infosecurity Magazine) Microsoft Patches RoguePlanet Defender Zero-Day That Grants SYSTEM Access (Daily CyberSecurity) New AI Security Charter Backed by Over 70 Cyber Firms  (Infosecurity Magazine) County Government Reportedly Paid $1 Million to Cyber Extortion Group (SecurityWeek) AssuranceAmerica data breach exposes records of 6.9 million drivers (Bleeping Computer) Aussie gov't tells volunteers to throw out thousands of functioning test routers (Ars Technica) Nayax shares slide after fintech company reveals cloud security breach (Ctech) 12 Million Impacted by Data Breach at Japanese Telco KDDI (SecurityWeek) Chinese-Funded Interpol Cybercrime Crackdown Leads to 5,800 Arrests (Infosecurity Magazine) 'Slopfix' software team charges $10,000 a week to delete AI-generated code bloat — ironically, the team uses AI agents to trim messy repositories by up to 65% (Tom's Hardware) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    24 min
  2. 1 day ago

    Azure you concerned?

    Accenture confirms a data breach. An Australian telecom investigates a nationwide outage. It’s shields up for the UK. CISA eyes September for its critical infrastructure reporting rule. NewsJunkie fakes CTV ad traffic. Agentic AI triggers EDR. CISA taps Mythos for vulnerability scans. Meta faces trillion dollar fines in state lawsuits. Our guest is Russ Anderson, COO and co-founder of RapidFort, sharing a coordinated industry effort to harden the world’s most critical open source software against AI-enabled cyber threats. When it comes to breaches, mum’s the word.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Russ Anderson, COO and co-founder of RapidFort, is sharing the Linux Foundation's Akrites initiative, a coordinated industry effort to harden the world’s most critical open source software against AI-enabled cyber threats. Selected Reading Accenture confirms breach after hacker offers stolen data for sale (Bleeping Computer) Nationwide Telstra outage disrupts thousands, raises questions of foreign launched cyberattack (The Nightly) Britain plans to build autonomous AI 'Cyber Shield' to defend nation (The Record) CISA Eyes September Date for Final Cyber Incident Reporting Rule (MeriTalk) HUMAN Security Disrupts CTV Device Spoofing Operation "NewsJunkie" (Globe Newswire) When AI agents look like attackers: what behavioral telemetry tells us (SOPHOS) Space Force adds Relativity, Impulse Space to national security launch program. (Space News)  CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code (Security Affairs) Mark Zuckerberg’s biggest legal nightmare yet could cost Meta $1.4 trillion (The Independent) Most cybersecurity workers have been told to conceal a breach, report finds (Cybersecurity Dive) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    27 min
  3. 2 days ago

    Welcome home, hacker.

    CERT/CC warns of an unpatched Tenda router backdoor. Adobe races to patch an actively exploited ColdFusion flaw. Canada pulls back the curtain on offensive cyber operations. Anthropic quietly removes hidden tracking from Claude Code. Chinese AI gains momentum as U.S. providers sweeten the deal. U.S. cloud firms challenge South Korea’s new security rules. Microsoft’s device telemetry helps unmask an alleged Scattered Spider hacker. And Spanish police arrest an alleged pro-Russia hacktivist.Orla Daly, CIO at Skillsoft, discusses if AI is already bypassing its own guardrails and why most organizations aren't ready. The stochastic parrot is back, and it’s tired of being misquoted. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Orla Daly, CIO at Skillsoft, discusses if AI is already bypassing its own guardrails and why most organizations aren't ready. Selected Reading Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available (Security Affairs) Hackers Exploit Maximum Severity Adobe ColdFusion Flaw (Infosecurity Magazine) Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year (TechCrunch) Secret Claude tracker shocks users after Anthropic’s anti-surveillance stance (Ars Technica) Chinese AI models are gaining ground with U.S. companies as OpenAI, Anthropic costs surge (CNBC) AI Giants Are Handing Out Tons of Free Computing Power to Grab Startup Share (Wall Street Journal) U.S. Big Tech raises concerns over Seoul's proposed cloud security rules (Korea JoongAng Daily) Microsoft device telemetry key to unmasking alleged Scattered Spider hacker (iTnews) Spain collars alleged pro-Russia hacktivist after FBI tip-off (The Register) What Emily Bender Really Meant by "Stochastic Parrots" (IEEE Spectrum) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    28 min
  4. 3 days ago

    NetNut gets cracked.

    The FBI disrupts a major residential proxy service. Attackers exploit Fortinet firewalls to target UK officials. European lawmakers call for a spyware investigation. A new macOS infostealer masquerades as a clipboard manager. Prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning. Researchers trick Claude into remote code execution. AI’s strain on the power grid is complicated. Monday business briefing. Our guest is Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. Anime and AI meet adolescent antics.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. You can learn more here. Selected Reading FBI Seizes NetNut Domains as Google Disrupts 2M Device Proxy Network (HackRead) Russian hackers steal government logins (The Telegraph) Lawmaker Probing Pegasus Spyware Infected Using Same Malware (BankInfo Security) PamStealer: a Rust-based macOS infostealer that validates credentials through PAM (Jamf) Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments (SecurityWeek) Red teamers turned Claude Desktop into a double agent to do their evil bidding (The Register) How Data Centers Grid Instability Threatens Reliability (IEEE Spectrum) Quantifind has secured $200 million in a funding round led by Summit Partners. (N2K Pro Business Briefing)  Japanese teen arrested for cyberattack that unsubscribed over 46,000 anime accounts (The Straits Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    28 min
  5. Is your enterprise AI strategy delivering ROI yet? [AI Security Brief]

    5 days ago ·  Bonus

    Is your enterprise AI strategy delivering ROI yet? [AI Security Brief]

    While we take a break this 4th of July weekend, please enjoy this encore of AI Security Brief. Your enterprise AI strategy isn’t as far along as you think. The reality for most organizations today is that AI is disrupting existing processes more than it’s delivering outcomes… so far. And according to Dr. Grace Trinidad, Research Director at IDC, that’s how it should be. In this episode, host Johnny Hand sits down with Dr. Grace to discuss how AI adoption follows the same pattern as almost every major digital transformation, and why this disruption phase we’re in is messy, yet critically important.  What we cover: How history demonstrates that automation across industries created disruption well before delivering value Why your AI adoption strategy is much more than simple tool deployment What business and technology leaders need to consider as they integrate AI into operational workflows How token consumption and AI FinOps are the emerging security and cost risk How AI ontologies will be the next real business differentiator Why stick around:  If you’ve been wondering if your organization’s AI adoption strategy is ahead of the curve, Dr. Grace will give you a much clearer picture of where you really stand. Episode resources: Dr. Grace Trinidad on LinkedIn Securing the AI Enterprise: 5 Key Steps for Business Leaders Closing the Governance Gap in Agentic AI ⁠Johnny Hand on LinkedIn TrendAI on LinkedIn About AI Security Brief AI Security Brief is where security and technology leaders come to get ahead. Join us for real conversations on the AI trends, threats, and decisions that can't wait. About TrendAI™ TrendAI™ empowers organizations to lead the future of AI with proactive security designed to inspire innovation and eliminate risk. TrendAI™. AI Fearlessly. Learn more about your ad choices. Visit megaphone.fm/adchoices

    24 min
  6. 2 Jul

    The people's AI?

    OpenAI considers an equity plan to share AI wealth with the public. Cisco confirms active exploitation of its unified CM platform. Researchers discover autonomous ransomware. The Vect ransomware operation partners with TeamPCP. The FortiBleed credential-harvesting campaign is linked to ransomware attacks. Veil#Drop stealthily deploys the PureLog Stealer. Scammers target small businesses with fake law enforcement emails. Apple’s Hide My Email feature…doesn’t. An alleged Scattered Spider member is extradited to the United States. Our guest is Ben Yelin, Dave's Caveat cohost, on the Supreme Court’s geofence warrants ruling. Microsoft’s quantum claims leave physicists in two states at once. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies discussing the Supreme Court ruling on geofence warrants. If you enjoyed this conversation, you can check out Ben on Caveat. Selected Reading OpenAI in talks to give Trump administration a 5% stake in the company, FT reports (CNN Business) Cisco finally confirms attackers exploiting Unified CM flaw (Bleeping Computer) Sysdig Details JADEPUFFER, the First Documented Agentic Ransomware Operation (HackRead) Vect and TeamPCP partner for ransomware campaigns (Sophos) FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks (SecurityWeek) VEIL#DROP: Blogspot-Hosted PowerShell Loader (Secureonix) Fake Interpol investigation emails target small businesses with ransomware (Bitdefender) Apple ‘Hide My Email’ Vulnerability Reveals Peoples’ Real Email Addresses (404 Media) Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to the United States (U.S. Department of Justice, Office of Public Affairs) Is there a new quantum processor or is Microsoft lying? (Mathew Ingram) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

    27 min

About

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

You Might Also Like