Podcasts about cisa

The Cybersecurity Information Sharing Act (CISA) of 2015 is set to expire at the end of this month on September 30, 2025. The Act removes barriers to companies sharing information about cyber threats, addressing privacy concerns and requires the federal government to share threat information. Many consider CISA one of the foundations of U.S. cybersecurity efforts.   As Congress considers whether or not to reauthorize CISA, former Deputy Assistant Director of the FBI cyber division, Cynthia Kaiser, joins David Aaron to discuss the importance of the legislation and highlight the risks of failing to reauthorize it. Show Note: “The Next Cyber Breach Will Not Wait: Why Congress Must Reauthorize CISA 2015” by Simin Kargar for Just Security  Just Security's CISA coverage Just Security's Cybersecurity coverage

Android moving to “risk-based” security updates CISA accused of Cyber Incentive mismanagement  How security practitioners use LLMs Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.

FBI botnet disruption leaves cybercriminals scrambling to pick up the pieces. Notorious ransomware gangs announce their retirement, but don't hold your breath. Hacktivists leak data tied to China's Great Firewall. A new report says DHS mishandled a key program designed to retain cyber talent at CISA. GPUGate malware cleverly evades analysis. WhiteCobra targets developers with malicious extensions. North Korea's Kimsuky group uses AI to generate fake South Korean military IDs. My guest is Tim Starks from CyberScoop, discussing offensive cyber operations. A cyberattack leaves students hung out to dry. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined once again by Tim Starks from CyberScoop discussing offensive cyber operations. You can read Tim's article Google previews cyber ‘disruption unit' as U.S. government, industry weigh going heavier on offense for more background. Selected Reading The FBI Destroyed an Internet Weapon, but Criminals Picked Up the Pieces (Wall Street Journal) 15 ransomware gangs ‘go dark' to enjoy 'golden parachutes' (The Register) 600 GB of Alleged Great Firewall of China Data Published in Largest Leak Yet (HackRead) China Enforces 1-Hour Cybersecurity Incident Reporting (The Cyber Express) ​​DHS watchdog finds mismanagement in critical cyber talent program (FedScoop) GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe (Arctic Wolf) 'WhiteCobra' floods VSCode market with crypto-stealing extensions (Bleeping Computer) AI-Forged Military IDs Used in North Korean Phishing Attack (Infosecurity Magazine) Mitsubishi to acquire Nozomi Networks for nearly $1 billion. (N2K CyberWire Business Briefing)  Dutch students denied access to jailbroken laundry machines (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Department of Homeland Security failed to effectively implement a critical retention incentive program for cyber talent, according to a new report from the agency's inspector general, which found that federal funds meant for the Cybersecurity and Infrastructure Security Agency were used incorrectly. In 2015, the agency implemented the Cyber Incentive program. The goal, the inspector general said, was to provide extra incentives to employees that might otherwise leave the federal government. More than $100 million has been spent on the program in recent years. The program “was designed to help CISA retain mission-critical cybersecurity talent needed to execute its mission,” the report noted, and was meant to consider a series of qualifications to guide who received the retention benefit. The government hoped to keep in-demand technology experts in government. The watchdog wrote that “CISA's implementation of the program wasted taxpayer funds and invites the risk of attrition of cyber talent, thereby leaving CISA unable to adequately protect the Nation from cyber threats.” Instead of being targeted toward valuable talent likely to transition to the private sector, the payments were disbursed generally, with many ineligible employees receiving tens of thousands of dollars in payment. The Pentagon's chief information officer is undertaking yet another reform of the Defense Department's IT enterprise — this time focusing on streamlining its classified networks to enhance data sharing and interoperability. Katie Arrington, who is performing the duties of CIO, plans to introduce a new program dubbed “Mission Network-as-a-Service” that aims to reduce the number of disparate data fabrics used by combatant commands into a single, unified network. Speaking last week during the Billington Cybersecurity Summit, Arrington said the program will be key to realizing the department's vision for Combined Joint All-Domain Command and Control, or CJADC2. Broadly speaking, CJADC2 seeks to connect the U.S. military's sensors and weapons under a single network, enabling rapid data transfer between warfighting systems and domains. The Pentagon also wants to be able to quickly share relevant information with international partners and allies during conflicts, adding another layer of difficulty to realizing the construct. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

ShinyHunters hits Vietnam National Credit Information Center HybridPetya is a Petya/NotPetya copycat with UEFI Secure Boot bypass CISA seeks control over CVE Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. Find the stories behind the headlines at CISOseries.com.

Samsung patches a critical Android zero-day vulnerability. Microsoft resolves a global Exchange Online outage. CISA reaffirms its commitment to the CVE program. California passes a bill requiring web browsers to let users automatically send opt-out signals. Apple issues spyware attack warnings. The FTC opens an investigation into AI chatbots on how they protect children and teens. A hacker convicted of attempting to extort more than 20,000 psychotherapy patients is free on appeal. Our guest is Dave Lewis, Global Advisory CISO at 1Password, discussing how security leaders can protect M&A deal value and integrity. Schools face insider threats from students. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Dave Lewis, Global Advisory CISO at 1Password, discussing how security leaders can protect deal value and integrity.Selected Reading Samsung patches actively exploited zero-day reported by WhatsApp (Bleeping Computer) Microsoft fixes Exchange Online outage affecting users worldwide (Bleeping Computer) CISA looks to partners to shore up the future of the CVE Program (Help Net Security) California legislature passes bill forcing web browsers to let consumers automatically opt out of data sharing (The Record) Apple warns customers targeted in recent spyware attacks (Bleeping Computer) FTC to AI Companies: Tell Us How You Protect Teens and Kids Who Use AI Companions (CNET) Defence, Space and Cybersecurity. Why the General Assembly in Frascati matters (Decode39) DSEI Takeaways: Space and Cyber and the Invisible Front Line (Via Satellite)  Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal (The Record) Children hacking their own schools for 'fun', watchdog warns (BBC) - kicker Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — If I Were French04:35 - Anthropic 1.5 Billion © Settlement - BHIS - Talkin' Bout [infosec] News 2025-09-0805:48 - Hackers Threaten to Submit Artists' Data to AI Models If Art Site Doesn't Pay Up08:40 - Anthropic Agrees to Pay Authors at Least $1.5 Billion in AI Copyright Settlement23:58 - This Company Turns Dashcams into ‘Virtual CCTV Cameras.' Then Hackers Got In33:38 - Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps40:07 - Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack44:27 - npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack46:38 - Update on Mandiant Drift and Salesloft Application Investigations51:04 - M&S hackers claim to be behind Jaguar Land Rover cyber attack51:55 - New TP-Link zero-day surfaces as CISA warns other flaws are exploited54:52 - ChickenSec: US turns to Russia for chicken eggs for the first time in 32 years, despite sanctions to cripple its economy57:58 - Cybercriminals Exploit X's Grok AI to Bypass Ad Protections and Spread Malware to Millions

The open source community heads off a major npm supply chain attack. The Treasury Department sanctions cyber scam centers in Myanmar and Cambodia. Scammers abuse iCloud Calendar invites to send callback phishing emails. Researchers discover a new malware variant exploiting exposed Docker APIs. Phishing attacks abuse the Axios user agent and Microsoft's Direct Send feature. Plex warns users of a data breach.  Researchers flag a surge in scans targeting Cisco ASA devices. CISA delays finalizing its incident reporting rule. The GAO says federal cyber workforce figures are incomplete and unreliable. Our guest is Kevin Magee, Global Director of Cybersecurity Startups at Microsoft Security, discussing cybersecurity education going back to school. AI earns its own Darwin awards.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kevin Magee, Global Director of Cybersecurity Startups at Microsoft Security discussing cybersecurity education going back to school. Selected Reading Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack (Bleeping Computer) Open Source Community Thwarts Massive npm Supply Chain Attack (Infosecurity Magazine) US sanctions companies behind cyber scam centers in Cambodia, Myanmar (The Record) New Apple Warning, This iCloud Calendar Invite Is Actually An Attack (Forbes) New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs (HackRead) Axios User Agent Helps Automate Phishing on “Unprecedented Scale” (Infosecurity Magazine) Plex Urges Password Resets Following Data Breach (SecurityWeek) Surge in networks scans targeting Cisco ASA devices raise concerns (Bleeping Computer) CISA pushes final cyber incident reporting rule to May 2026 (CyberScoop) US government lacks clarity into its infosec workforce (The Register) AI Darwin Awards launch to celebrate spectacularly bad deployments (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Three Buddy Problem - Episode 61: We cover a pair of software supply chain breaches (Salesforce Salesloft Drift and NPM/GitHub) that raises big questions about SaaS integrations and the ripple effects across major security vendors. Plus, Apple's new Memory Integrity Enforcement in iPhone 17 and discussion on commercial spyware infections and the value of Apple notifications; concerns around Chinese hardware and surveillance equipment in US infrastructure; Silicon Valley profiting from China's surveillance ecosystem; and controversy around a Huntress disclosure of an attacker's operations after an EDR agent was mistakenly installed. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Esta semana en Linux Morning News repasamos los cambios más relevantes del ecosistema Linux: Mozilla anuncia el fin del soporte para sistemas de 32 bits en Firefox 145, previsto para 2026, mientras Linux Mint lanza la esperada versión 22.2 "Zara", repleta de novedades. Además, cubrimos vulnerabilidades críticas añadidas al catálogo KEV por la CISA, avances en el soporte de Wine con NTSYNC, mejoras para hardware en Linux 6.7-rc5, y novedades sobre el entorno COSMIC en Pop!_OS 24.04. Un episodio imprescindible para estar al día con lo más importante del software libre y el kernel.

A cyberattack disrupts Bridgestone's manufacturing operations. CISA warns of critical vulnerabilities in products used across multiple sectors. Additional cybersecurity firms confirm data exposure in the recent Salesforce–Salesloft Drift attack. A configuration vulnerability in Sitecore products leads to remote code execution. HHS promises stricter enforcement of healthcare information access rules. Texas sues an education software provider over a December 2024 data breach. A federal jury orders Google to pay $425 million over improperly collected user data. Nations unite for global guidance on SBOMs. On our Industry Voices segment, we are joined by Aron Anderson, Enterprise Security Manager of Adobe, on embracing the journey to zero trust. Chess.com gets caught in a tricky gambit. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Industry Voices On our Industry Voices segment we are joined by  Aron Anderson, Enterprise Security Manager of Adobe, as he is talking about embracing the journey to zero trust. If you want to hear the full conversation from Aron, you can check it out here. Selected Reading Tire giant Bridgestone confirms cyberattack impacts manufacturing (Bleeping Computer) CISA issues ICS advisories on hardware flaws in Honeywell, Mitsubishi Electric, Delta Electronics, rail communication protocols (Industrial Cyber) More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach (SecurityWeek) Unknown miscreants snooping around Sitecore via sample keys (The Register) HHS Says It's 'Cracking Down' on Health Information Blocking (BankInfo Security) Texas sues PowerSchool over breach exposing 62M students, 880k Texans (Bleeping Computer) Google hit with $425 million verdict in privacy class action suit (The Record) US and 14 Allies Release Joint Guidance on Software Bill of Materials (Infosecurity Magazine) Chess.com says 4,500 people had data stolen during June breach  (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

France fines Google and Shein over cookie misconduct CISA adds more TP-Link routers flaws to its KEV catalog World's largest sports piracy site shut down Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Dennis and Lindsey talk through the continuing fallout of the Salesloft Drift incident (2:05) in light of the disclosure of several new companies that are involved, including Cloudflare, which published an excellent post-mortem on the intrusion. Then they discuss the new Shared Vision of SBOM for Cybersecurity published by CISA, NSA, and many foreign government cybersecurity agencies, and talk about why  this is coming out now (17:54).

Salt Typhoon marks China's most ambitious campaign yet. A major Google outage hit Southeastern Europe.  A critical zero-day flaw in FreePBX gets patched. Scattered Lapsus$ Hunters claim the Jaguar Land Rover hack. Researchers uncover a major evolution in the XWorm backdoor campaign. GhostRedirector is a new China-aligned threat actor. CISA adds a pair of TP-Link router flaws to its Known Exploited Vulnerabilities (KEV) catalog. The feds put a $10 million bounty on three Russian FSB officers. Experts warn sweeping cuts to ODNI could cripple U.S. cyber defense. Our guest is Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation, discussing IT/OT convergence in securing critical water and wastewater systems. Google says rumors of Gmail's breach are greatly exaggerated. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire Guest Today our guest is Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation, who is talking about "IT/OT Convergence for Critical Water & Wastewater Security." Selected Reading ‘Unrestrained' Chinese Cyberattackers May Have Stolen Data From Almost Every American (The New York Times) Google Down in Eastern Europe (UPDATED) (Novinite Sofia News Agency) Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers (SecurityWeek) M&S hackers claim to be behind Jaguar Land Rover cyber attack (BBC) XWorm's Evolving Infection Chain: From Predictable to Deceptive (Trellix) GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes (welivesecurity by ESET) CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited (The Cyber Security News)  US offers $10 million bounty for info on Russian FSB hackers (Bleeping Computer) Cutting Cyber Intelligence Undermines National Security (FDD) No, Google did not warn 2.5 billion Gmail users to reset passwords (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jaguar Land Rover suffers a major cyberattack. ICE gains access to a powerful spyware tool. Researchers find Fancy Bear snuffling around a new Outlook backdoor. Cloudflare and Palo Alto Networks confirm compromised Salesforce data. A researcher discovers an unsecured Navy Federal Credit Union (NFCU) server. A new ClickFix scam spreads MetaStealer malware. Specialty healthcare providers struggle to protect sensitive patient data.  CISA appoints a new Executive Assistant Director for Cybersecurity. On Afternoon Cyber Tea, Ann Johnson and Harvard's Amy Edmondson discuss how psychological safety helps cybersecurity teams speak up, spot risks, and learn from failure. Our guest today is Tim Starks from CyberScoop discussing China's reliance on domestic firms for hacking. Hackers threaten to feed stolen art to the machines. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Afternoon Cyber Tea On our Afternoon Cyber Tea segment, host Ann Johnson is joined by Amy Edmondson⁠, Harvard Business School professor and psychological safety pioneer. Together they discuss how creating psychologically safe environments allows teams, especially in high-pressure fields like cybersecurity, to speak up about early warnings, embrace the red, and learn from failure. You can listen to Ann and Amy's full conversation here and don't miss new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. CyberWire Guest Our guest today is Tim Starks from CyberScoop discussing Top FBI official says Chinese reliance on domestic firms for hacking is a weakness. Selected Reading Jaguar Land Rover Operations ‘Severely Disrupted' by Cyberattack (Security Week) Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps (The Guardian) Russian APT28 Expands Arsenal with 'NotDoor' Outlook Backdoor (Infosecurity Magazine) Cloudflare and Palo Alto Networks Victimized in Salesloft Drift Breach (Infosecurity Magazine) Misconfigured Server Leaks 378GB of Navy Federal Credit Union Files (Hack Read) Fake AnyDesk Installer Spreads MetaStealer Through ClickFix Scam (Hack Read) Hacks on Specialty Health Entities Affect Nearly 900,000 (Bank Infosecurity) Python-based infostealer ‘Inf0s3c' combines stealth with broad data theft (SC Media) CISA Names Nicholas Andersen as Executive Assistant Director for Cybersecurity (The Cyber Express) Hackers Threaten to Submit Artists' Data to AI Models If Art Site Doesn't Pay Up (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The White House released a new executive order in July — Accelerating Federal Permitting of Data Center Infrastructure  —calling on government to develop AI-ready data centers, streamline federal permitting and encourage private investment in critical infrastructure. Federal agencies are focusing on system resilience to withstand rising environmental and cybersecurity threats as data centers continue to grow. A joint report from the Department of Energy and Lawrence Berkeley National Lab reveals that electricity usage by data centers tripled over the past decade and could double or triple again by 2028 — potentially consuming up to 12% of the nation's electricity. Federal researchers and cybersecurity experts are exploring underground thermal energy storage systems like Borehole Thermal Energy Storage (BTES) to regulate temperatures and reduce grid stress. Leaders from federal/critical infrastructure operational support and National Renewable Energy Laboratory (NREL) are exploring how geothermal solutions can keep data centers operational during extreme weather events and power outages. As the U.S. races to expand its digital infrastructure, these innovations may be key to building a secure and sustainable future.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CISA has added CVE-2025-54948, a critical vulnerability in Trend Micro Apex One, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that the flaw has been actively exploited in the wild.PyPI has introduced new security measures to detect and respond to expired domains tied to user accounts, aiming to shut down a known supply chain attack vector: domain resurrection.A recently discovered post-exploitation tool named RingReaper is gaining attention for its sophisticated evasion strategy: abusing the Linux kernel's io_uring interface to operate undetected by standard endpoint detection and response (EDR) systems.A cyberattack on the Netherlands' Openbaar Ministerie (OM), the Public Prosecution Service, has unexpectedly disrupted speed enforcement across the country.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallets and Credentials The popular open source NX build package was compromised. Code was added that uses the help of AI tools like Claude and Gemini to steal credentials from affected systems https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/ Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed the Global Espionage System Several law enforcement and cybersecurity agencies worldwide collaborated to release a detailed report on the recent Volt Typhoon incident. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a

Ever wondered where digital trust fits in your company's strategy? We live in a world that's buzzing with AI, cybersecurity, and digital innovation. Everywhere you look, there's a new app, a smarter tool, or a faster system. But in the middle of all this tech hype, there's one thing we often overlook—trust.In this insightful conversation, Punit discusses with Bruno about the crucial influence of technology, economy, and other external factors on business strategies. They delve into how companies navigate different environments, the role of digital transformation, and the importance of maintaining a balanced ecosystem approach.If you're a leader, strategist, privacy professional, or tech enthusiast trying to make sense of innovation, trust, and governance in today's world—this conversation is a must-watch.KEY CONVERSION00:02:02 What is the concept of digital trust? Was it trust enough?00:04:40 Can we expect digital trust in an emerging world of new technology in 10-20 years?00:09:15 Is the board convinced about the value of digital trust or are they still in compliance mode?00:13:15 How do we sell this concept of digital trust on the boards? 00:18:51 Linking concept of trust, security and privacy to the broader agenda 00:25:58 What is it that you can sell them with and how can they reach out?  ABOUT GUESTBruno Horta Soares is a seasoned executive advisor, professor, and keynote speaker with over 20 years of experience in Governance, Digital Transformation, Risk Management, and Information Security. He is the founder of GOVaaS – Governance Advisors as-a-Service and has worked with organizations across Portugal, Angola, Brazil, and Mozambique to align governance and technology for sustainable business value.Since 2015, Bruno has served as Leading Executive Senior Advisor at IDC Portugal, guiding C-level leaders in digital strategy, transformation, governance, and cybersecurity. He is also a professor at top Portuguese business schools, including NOVA SBE, Católica Lisbon, ISCTE, ISEG, and Porto Business School, teaching in Masters, MBA, and Executive programs on topics such as IT Governance, Cybersecurity, Digital Transformation, and AI for Leadership.He holds a degree in Management and Computer Science (ISCTE), an executive program in Project Management (ISLA), and numerous professional certifications: PMP®, CISA®, CGEIT®, CRISC™, ITIL®, ISO/IEC 27001 LA, and COBIT® Trainer. As a LEGO® SERIOUS PLAY® Facilitator, he brings creativity into strategy and leadership development.Bruno received the ISACA John Kuyers Award for Best Speaker in 2019 and is the founder and current President of the ISACA Lisbon Chapter. A frequent international speaker, he shares expertise on governance and digital innovation globally.ABOUT HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach professionals.Punit is the author of books “Be Ready for GDPR' which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts.As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe.RESOURCES Websites www.fit4privacy.com,www.punitbhatia.com, https://www.linkedin.com/in/brunohsoares/ Podcast https://www.fit4privacy.com/podcast Blog https://www.fit4privacy.com/blog YouTube http://youtube.com/fit4privacy   

The Cybersecurity and Infrastructure Security Agency is warning about another China-linked cyber espionage campaign. In a joint advisory yesterday, CISA and partner agencies said Chinese state-sponsored actors are exploiting vulnerabilities in routers used by telecommunications providers and other infrastructure operators. They say the campaign's goal is to gain long-term access to critical infrastructure networks around the world. The advisory includes several recommendations to guard against the hacking spree. The threat groups highlighted in the advisory include Salt Typhoon and other advanced persistent threat actors. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says CISA warns of actively exploited Git code execution flaw Alleged mastermind behind K-Pop celebrity stock heist extradited to South Korea Huge thanks to our sponsor, Prophet Security Your security analysts didn't sign up to chase false alarms all day. With Prophet Security's AI SOC platform, they won't have to. It works like a tireless teammate—triaging and investigating alerts around the clock. Less burnout. Better coverage. And more time for meaningful work. Learn more atprophetsecurity.ai.  

A cyberattack disrupts state systems in Nevada. A China-linked threat actor targets Southeast Asian diplomats. A new attack method hides malicious prompts inside images processed by AI systems.Experts ponder preventing AI agents from going rogue. A new study finds AI is hitting entry-level jobs hardest. Michigan's Supreme Court upholds limits on cell phone searches. Sen. Wyden accuses the judiciary of cyber negligence. CISA issues an urgent alert on a critical Git vulnerability. Hackers target Maryland's transit services for the disabled. Our guest is Cristian Rodriguez, Field CTO for the Americas from CrowdStrike, examining the escalating three-front war in AI.  A neighborhood crime reporting app gets algorithmically sketchy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Cristian Rodriguez, Field CTO, Americas from CrowdStrike, as he is examining the escalating three-front war in AI. Selected Reading  Cybercrime Government Leadership News News Briefs  Recorded Future Nevada state websites, phone lines knocked offline by cyberattack (The Record) Chinese UNC6384 Hackers Use Valid Code-Signing Certificates to Evade Detection (GB Hackers) New AI attack hides data-theft prompts in downscaled images (Bleeping Computer) How to stop AI agents going rogue (BBC) AI Makes It Harder for Entry-Level Coders to Find Jobs, Study Says (Bloomberg) Fourth Amendment Victory: Michigan Supreme Court Reins in Digital Device Fishing Expeditions (Electronic Frontier Foundation) Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence' (The Record) CISA Alerts on Git Arbitrary File Write Flaw Actively Exploited (GB Hackers) Maryland investigating cyberattack impacting transit service for disabled people (The Record) Citizen Is Using AI to Generate Crime Alerts With No Human Review. It's Making a Lot of Mistakes (404 Media) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Institute of Internal Auditors Presents: All Things Internal AuditBenito Ybarra sits down with IIA–St. Louis Chapter leaders Sarah Knox-Hansen and Steven Yashuk to discuss why volunteering matters. From being “voluntold” to leading by choice, they share how chapter work strengthens leadership skills, builds camaraderie, and keeps auditors energized. They also explore post-COVID engagement challenges, creative programming shifts, and practical advice for anyone considering raising their hand to get involved. HOST: Benito Ybarra, CIA Executive Vice President, Global Standards, Guidance, and Certifications, The IIA GUESTS:Sarah Knox-Hansen, CPA Principal, Anders Board of Governors Immediate Past President, IIA–St. Louis Chapter Steven Yashuk, CIA, CISA, CFE Senior Auditor, University of Missouri SystemSecretary, IIA–St. Louis Chapter KEY POINTS: Introduction [00:00–00:00:35] How They First Got Involved [00:00:45–00:01:30] Connecting to the Profession Through Chapter Work [00:01:51–00:02:22] Post-COVID Engagement Challenges [00:02:37–00:03:15] Leadership Skills Gained Through Volunteering [00:03:34–00:04:52] Fun and Networking in Chapter Life [00:04:57–00:05:34] Lessons Learned [00:06:03–00:06:47] Shared Chapter Struggles Across Regions [00:06:52–00:07:22] Why Volunteers Are So Essential [00:08:29–00:09:19] Personal and Professional Benefits [00:09:28–00:10:20] Final Thoughts [00:10:35–00:10:55] THE IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2025 IGNITE Conference Volunteer with your local IIA Chapter and Affiliates Emerging Leaders Mentoring Program Building a Better Auditor: Why Join the Emerging Leaders Mentoring Program? Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

Farmers Insurance discloses a data breach affecting over a million people. Agentic AI tools fall for common scams. A new bill in Congress looks to revive letters of marque for the digital age. Cybercriminals target macOS users with the Shamos infostealer. New Android spyware masquerades as antivirus to target Russian business executives. CISA seeks public comments on SBOM updates. A major third party electronics manufacturer reports a ransomware attack. Salesforce patches multiple vulnerabilities in its Tableau products. Over 370,000 user Grok conversations were accidentally indexed by Google. Ben Yelin examines the UK's decision to drop digital backdoor requirements. WIRED gets duped by an AI author. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies joins to discuss the U.K. dropping ‘back door' demand for Apple user data. Read the article Ben discusses. If you enjoyed this conversation and want to hear more from Ben, check out our Caveat podcast here. Selected Reading Farmers Insurance Data Breach Impacts Over 1 Million People (SecurityWeek) "Scamlexity": When Agentic AI Browsers Get Scammed (Guardio) Bill would give hackers letters of marque against US enemies (The Register) Fake macOS help sites push Shamos infostealer via ClickFix technique (Help Net Security) New Android malware poses as antivirus from Russian intelligence agency (Bleeping Computer) CISA Requests Public Feedback on Updated SBOM Guidance (SecurityWeek) Electronics manufacturer Data I/O reports ransomware attack to SEC (The Record) Salesforce patches multiple flaws in Tableau Server, at least one critical (Beyond Machines) 370,000 Grok AI chats leaked after being indexed on Google (Cyber Daily) How WIRED Got Rolled by an AI Freelancer (WIRED) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cisco warns of maximum-severity defect in firewall software UK's Colt Telecom suffers cyberattack CISA implores OT environments to lock down critical infrastructure Huge thanks to our sponsor, Conveyor Have you been personally victimized by portal security questionnaires? Conveyor is here to help. Endless clicks, bad navigation, and expanding questions stacked like Russian nesting dolls, all add up to hours of your life you'll never get back. With Conveyor's AI-powered browser extension, you can open a portal questionnaire, scan for questions, and watch it auto-populate your answers back into the portal without the copy and paste. See how at www.conveyor.com Find the stories behind the headlines at CISOseries.com.

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503

A ransomware attack exposes personal medical records of VA patients. New joint guidance from CISA and the NSA emphasizes asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform.  Phishing attacks increasingly rely on personalization. Rooting and jailbreaking frameworks pose serious enterprise risks. Fortinet warns of a critical command injection flaw in FortiSIEM. Estonian nationals are sentenced in a crypto Ponzi scheme. Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Meet the Blockchain Bandits of Pyongyang. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Their team tested open-source, underground, and commercial AI models on vulnerability research and exploit development tasks—finding high failure rates and significant limitations, even among top commercial systems. Selected Reading Medical records for 1 million dialysis patients breached in data hack of VA vendor (Stars and Stripes) NSA Joins CISA and Others to Share OT Asset Inventory Guidance (NSA.gov) CISA warns of N-able N-central flaws exploited in zero-day attacks (Bleeping Computer) U.K. Secretly Spent $3.2 Million to Stop Journalists From Reporting on Data Breach (The New York Times) From Support Ticket to Zero Day  (Horizon3.ai) Personalization in Phishing: Advanced Tactics for Malware Delivery (Cofense) The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device (Zimperium) Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild (Bleeping Computer) Estonians behind $577 million cryptomining fraud sentenced to 16 months (The Record) Someone counter-hacked a North Korean IT worker: Here's what they found (Cointelegraph) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: CISA warns about the path from on-prem Exchange to the cloud Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are Everyone and their dog seems to have a shell in US Federal Court information systems Google pays $250k for a Chrome sandbox escape Attackers use javascript in adult SVG files to … farm facebook likes?! SonicWall says users aren't getting hacked with an 0day… this time. This week's episode is sponsored by SpecterOps. Chief product officer Justin Kohler talks about how the flagship Bloodhound tool has evolved to map attack paths anywhere. Bring your own applications, directories and systems into the graph, and join the identity attacks together. This episode is also available on Youtube. Show notes CISA, Microsoft issue alerts on ‘high-severity' Exchange vulnerability | The Record from Recorded Future News Advanced Active Directory to Entra ID lateral movement techniques Consent & Compromise: Abusing Entra OAuth for Fun and Access to Internal Microsoft Applications Cartels may be able to target witnesses after major court hack Federal judiciary tightens digital security as it deals with ‘escalated cyberattacks' | The Record from Recorded Future News Citrix NetScaler flaws lead to critical infrastructure breaches | Cybersecurity Dive DARPA touts value of AI-powered vulnerability detection as it announces competition winners | Cybersecurity Dive Buttercup is now open-source! HTTP/1.1 must die: the desync endgame US confirms takedown of BlackSuit ransomware gang that racked up $370 million in ransoms | The Record from Recorded Future News North Korean cyber-espionage group ScarCruft adds ransomware in recent attack | The Record from Recorded Future News Adult sites are stashing exploit code inside racy .svg files - Ars Technica Google pays 250k for Chromium sandbox escape SonicWall says recent attack wave involved previously disclosed flaw, not zero-day | Cybersecurity Dive Two groups exploit WinRAR flaws in separate cyber-espionage campaigns | The Record from Recorded Future News Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge | The Record from Recorded Future News Hackers Hijacked Google's Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home | WIRED Malware in Open VSX: These Vibes Are Off How attackers are using Active Directory Federation Services to phish with legit office.com links Introducing our guide to phishing detection evasion techniques The State of Attack Path Management

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA issues an Emergency Directive to urgently patch a critical vulnerability in Microsoft Exchange hybrid configurations. SoupDealer malware proves highly evasive. Google patches a Gemini calendar flaw. A North Korean espionage group pivots to financial crime. Russia's RomCom exploits a WinRAR zero-day. Researchers turn Linux-based webcams into persistent threats. The Franklin Project enlists volunteer hackers to strengthen cybersecurity at U.S. water utilities. DoD announces the winner of DARPA's two-year AI Cyber Challenge. The U.S. extradites Ghanaian nationals for their roles in a massive fraud ring. Our guest is Steve Deitz, President of MANTECH's Federal Civilian Sector, with a look at cell-based Security Operations Centers (SOC). AI advice turns dinner into a medical mystery. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices, we are joined by Steve Deitz, President of MANTECH's Federal Civilian Sector, as he is  discussing  the cell-based Security Operations Center (SOC) approach. Check out the full conversation from Steve here. Selected Reading Understanding and Mitigating CVE-2025-53786: A Critical Microsoft Exchange Vulnerability (The DefendOps Diaries) CISA Issues Urgent Advisory to Address Microsoft Exchange Flaw (GB Hackers) SoupDealer Malware Evades Sandboxes, AVs, and EDR/XDR in Real-World Attacks (GB Hackers) Google Calendar invites let researchers hijack Gemini to leak user data (Bleeping Computer) North Korean Group ScarCruft Expands From Spying to Ransomware Attacks (Hackread) Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada (SecurityWeek) BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats (SecurityWeek) DEF CON hackers plug security holes in US water systems (The Register) DARPA announces $4 million winner of AI code review competition at DEF CON (The Record) 'Chairmen' of $100 million scam operation extradited to US (Bleeping Computer) Guy Gives Himself 19th Century Psychiatric Illness After Consulting With ChatGPT (404 Media)  Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.At Black Hat USA in Las Vegas, three security researchers demonstrated how Google's Gemini AI could be hijacked to take control of smart home devices using a novel form of indirect prompt injection.Two separate security teams - NeuralTrust and SPLX - have conducted red teaming evaluations of the newly released GPT-5, and both report serious deficiencies in the model's security posture.Another Black Hat story, security researchers Milenko Starcik and Andrzej Olchawa from VisionSpace Technologies presented a compelling case that hacking satellites is not only more cost-effective than deploying anti-satellite missiles, but alarmingly easy due to widespread software vulnerabilities.Our final Black Hat story, Cisco Talos researchers disclosed five critical vulnerabilities in Broadcom's BCM5820X series chips, used in Dell's ControlVault3 secure enclave hardware.CISA and FEMA have jointly announced over $100 million in cybersecurity grant funding for the 2025 fiscal year, targeting state, local, and tribal governments.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Researchers uncover multiple vulnerabilities in a popular open-source secrets manager. Software bugs threaten satellite safety. Columbia University confirms a cyberattack. Researchers uncover malicious NPM packages posing as WhatsApp development tools.A new EDR killer tool is being used by multiple ransomware gangs. Home Improvement stores integrate AI license plate readers into their parking lots. The U.S. federal judiciary announces new cybersecurity measures after cyberattacks compromised its case management system. CISA officials reaffirm their commitment to the CVE Program. Our guest is David Wiseman, Vice President of Secure Communications at BlackBerry, discussing the challenges of secure communications. AI watermarking breaks under spectral pressure. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by David Wiseman, Vice President of Secure Communications at BlackBerry, who is discussing the challenges and misconceptions around secure communications. Selected Reading HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks (GB Hackers) Yamcs v5.8.6 Vulnerability Assessment (VisionSpace) Columbia University says hacker stole SSNs and other data of nearly 900,000 (The Record) Fake WhatsApp developer libraries hide destructive data-wiping code (Bleeping Computer) New EDR killer tool used by eight different ransomware groups (Bleeping Computer) Home Depot and Lowe's Share Data From Hundreds of AI Cameras With Cops (404 Media) US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks (Infosecurity Magazine) CISA pledges to continue backing CVE Program after April funding fiasco  (The Record) CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits (GB Hackers) AI Watermark Remover Defeats Top Techniques  (IEEE Spectrum) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Two Chinese nationals are arrested for allegedly exporting sensitive Nvidia AI chips. A critical security flaw has been discovered in Microsoft's new NLWeb protocol. Vulnerabilities in Dell laptop firmware could let attackers bypass Windows logins and install malware. Trend Micro warns of an actively exploited remote code execution flaw in its endpoint security platform. Google confirms a data breach involving one of its Salesforce databases. A lack of MFA leaves a Canadian city on the hook for ransomware recovery costs. Nvidia's CSO denies the need for backdoors or kill switches in the company's GPUs. CISA flags multiple critical vulnerabilities in Tigo Energy's Cloud Connect Advanced (CCA) platform. DHS grants funding cuts off the MS-ISAC. Helicopter parenting officially hits the footwear aisle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Sarah Powazek from UC Berkeley's Center for Long-Term Cybersecurity (CLTC) discussing her proposed nationwide roadmap to scale cyber defense for community organizations. Black Hat Women on the street Live from Black Hat USA 2025, it's a special “Women on the Street” segment with Halcyon's Cynthia Kaiser, SVP Ransomware Research Center, and CISO Stacey Cameron. Hear what's happening on the ground and what's top of mind in cybersecurity this year. Selected Reading Two Arrested in the US for Illegally Exporting Microchips Used in AI Applications to China (TechNadu) Microsoft's plan to fix the web with AI has already hit an embarrassing security flaw  (The Verge) ReVault flaws let hackers bypass Windows login on Dell laptops (Bleeping Computer) Trend Micro warns of Apex One zero-day exploited in attacks (Bleeping Computer) Google says hackers stole its customers' data in a breach of its Salesforce database (TechCrunch) Hamilton taxpayers on the hook for full $18.3M cyberattack repair bill after insurance claim denied (CP24) Nvidia rejects US demand for backdoors in AI chips (The Verge) Critical vulnerabilities reported in Tigo Energy Cloud connect advanced solar management platform (Beyond Machines) New state, local cyber grant rules prohibit spending on MS-ISAC (StateScoop) Skechers skewered for adding secret Apple AirTag compartment to kids' sneakers — have we reached peak obsessive parenting? (NY Post) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.More than 90 state and local government organizations have been targeted in a recent wave of cyberattacks exploiting a vulnerability in Microsoft SharePoint, according to the Center for Internet Security (CIS).Traditional cyber attack methodologies - exploiting endpoints, moving laterally, escalating privileges - are increasingly outdated as enterprise IT shifts toward SaaS and browser-based access.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-2533 - a high-severity Cross-Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF print management software - to its Known Exploited Vulnerabilities (KEV) catalog.Researchers at Nozomi Networks have disclosed over a dozen security flaws in Tridium's Niagara Framework, a vendor-agnostic building management platform used in sectors ranging from industrial automation to energy and smart infrastructure.Between April 2024 and April 2025, ransomware attacks on the oil and gas industry increased by an unprecedented 935%, according to new research from cybersecurity firm Zscaler.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

A critical vulnerability in SUSE [SOO-suh] Manager allows attackers to run commands with root privilege. A joint CISA and U.S. Coast Guard threat hunt at a critical infrastructure site reveals serious cybersecurity issues. Healthcare providers across the U.S. report recent data breaches. Cybercriminals infiltrate a bank by physically planting a Raspberry Pi on a network switch. Russian state-backed hackers target Moscow diplomats to deploy ApolloShadow malware. Luxembourg investigates a major telecom outage tied to Huawei equipment. China's cyberspace regulator summons Nvidia over alleged security risks linked to its H20 AI chips. A new report examines early indicators of system compromise. Today we are joined by Ryan Whelan, Managing Director and Global Head of Accenture Cyber Intelligence, with their analysis of Scattered Spider. Pwn2Own puts a million dollar bounty on WhatsApp zero-clicks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire GuestOur guest today is Ryan Whelan, Managing Director and Global Head of Accenture Cyber Intelligence, discussing the possibilities of Scattered Spider. Selected Reading Critical flaw in SUSE Manager exposes enterprise deployments to compromise (Beyond Machines) CISA identifies OT configuration flaws during cyber threat hunt at critical infrastructure organization, lists cyber hygiene (Industrial Cyber) CISA Issues ICS Advisories for Rockwell Automation Using VMware, and Güralp Seismic Monitoring Systems (Cyber Security News) Florida Internal Medicine Practices Discloses November 2024 Data Breach (HIPAA Journal) Cybercrooks use Raspberry Pi to steal ATM cash (The Register) Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft (SecurityWeek) Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage (The Record) Nvidia summoned by China's cyberspace watchdog over risks in H20 chips (CGTN) Hackers Regularly Exploit Vulnerabilities Before Public Disclosure (Infosecurity Magazine) Pwn2Own hacking contest pays $1 million for WhatsApp exploit (Bleeping Computer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Scattered Spider Related Domain Names A quick demo of our domain feeds and how they can be used to find Scattered Spider related domains https://isc.sans.edu/diary/Scattered+Spider+Related+Domain+Names/32162 Excel External Workbook Links to Blocked File Types Will Be Disabled by Default Excel will discontinue allowing links to dangerous file types starting as early as October. https://support.microsoft.com/en-us/topic/external-workbook-links-to-blocked-file-types-will-be-disabled-by-default-6dd12903-0592-463d-9e68-0741cf62ee58 CISA Releases Thorium CISA announced that it released its malware analysis platform, Thorium, as open-source software. https://www.cisa.gov/news-events/alerts/2025/07/31/thorium-platform-public-availability

A sweeping malware campaign by North Korea's Lazarus Group targets open source ecosystems. President Trump announces a new electronic health records system. A new report reveals deep ties between Chinese state-sponsored hackers and Chinese tech companies. Researchers describe a new prompt injection threat targeting LLMs via browser extensions. Palo Alto Networks' Unit 42 proposes a new Attribution Framework. Honeywell patches six vulnerabilities in its Experion Process Knowledge System. Researchers track the rapid evolution of a sophisticated Android banking trojan. Scattered Spider goes quiet following recent arrests. Our guests are Jermaine Roebuck and Ann Galchutt from CISA, discussing "Open-Source Eviction Strategies Tool for Cyber Incident Response." A Polish trainmaker sues hackers for fixing trains. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Jermaine Roebuck, Associate Director for Threat Hunting at CISA and Ann Galchutt, Technical Lead at CISA, who will be discussing "Open-Source Eviction Strategies Tool for Cyber Incident Response." Selected Reading Sonatype uncovers global espionage campaign in open source ecosystems (Sonatype) Trump administration is launching a new private health tracking system with Big Tech's help (AP News) Report Links Chinese Companies to Tools Used by State-Sponsored Hackers (SecurityWeek) Top 5 GenAI Tools Vulnerable to Man-in-the-Prompt Attack, Billions Could Be Affected (LayerX) Introducing Unit 42's Attribution Framework (Unit42) Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes (SecurityWeek) Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed Cybercriminals ‘Spooked' After Scattered Spider Arrests (Infosecurity Magazine) Polish Train Maker Is Suing the Hackers Who Exposed Its Anti-Repair Tricks (iFixit) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Officials in St. Paul, Minnesota declare a state of emergency following a cyberattack. Hackers disrupt a major French telecom. A power outage causes widespread service disruptions for cloud provider Linode. Researchers reveal a critical authentication bypass flaw in an AI-driven app development platform. A new study shows AI training data is chock full of PII. Fallout continues for the Tea dating safety app. Hackers are actively exploiting a critical SAP NetWeaver vulnerability to deploy malware. CISA and the FBI update their Scattered Spider advisory. A Florida prison exposes personal information of visitors to all of its inmates. Our guest today is Keith Mularski, Chief Global Ambassador at Qintel, retired FBI Special Agent, and co-host of Only Malware in the Building. CISA and Senator Wyden come to terms —mostly— over the long-buried US Telecommunications Insecurity Report.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Keith Mularski, Chief Global Ambassador at Qintel, retired FBI Special Agent, and co-host of Only Malware in the Building discussing what it's like to be the new host on the N2K CyberWire network and giving a glimpse into some upcoming episodes. You can catch Keith and his co-hosts Selena Larson, Staff Threat Researcher and Lead, Intelligence Analysis and Strategy at Proofpoint, and our own Dave Bittner the first Tuesday of each month on your favorite podcast app with new episodes of Only Malware. Selected Reading Major cyberattack hits St. Paul, shuts down many services (Star Tribune) French telecom giant Orange discloses cyberattack (Bleeping Computer) Power Outage at Newark Data Center Disrupts Linode, Took LWN Offline (FOSS Force) Critical authentication bypass flaw reported in AI coding platform Base44 (Beyond Machines) A major AI training data set contains millions of examples of personal data (MIT Technology Review) Dating safety app Tea suspends messaging after hack (BBC) Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware (Bleeping Computer) CISA and FBI Release Tactics, Techniques, and Procedures of the Scattered Spider Hacker Group (gb hackers) Florida prison data breach exposes visitors' contact information to inmates (Florida Phoenix) CISA to release long-buried US telco security report (The Register) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Things get worse in the Tea dating app breach. CISA adds three vulnerabilities to its Known Exploited Vulnerabilities catalog. Researchers uncover a critical flaw in Google's AI coding assistant. A Missouri Health System agrees to a $9.25 million settlement over claims it used web tracking tools. “Sploitlight” could let attackers bypass Apple's TCC framework to steal sensitive data. Malware squeaks its way into a mouse configuration tool. Threat actors hide the Oyster backdoor in popular IT tools. The FBI nabs over $2.4 million in Bitcoin from the Chaos ransomware gang. Our guest is Jaeson Schultz, Technical Leader for Cisco Talos Security Intelligence & Research Group, to talk about their work on the security of PDF files.  The unintended privacy paradox of data brokers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Jaeson Schultz, Technical Leader for Cisco Talos Security Intelligence & Research Group, to talk about their work on "PDFs: Portable documents, or perfect deliveries for phish?" Selected Reading A Second Tea Breach Reveals Users' DMs About Abortions and Cheating (404 Media) CISA warns of active exploitation of critical PaperCut flaw, mandates immediate patching (Beyond Machines) CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine (Infosecurity Magazine) Researchers flag flaw in Google's AI coding assistant that allowed for ‘silent' code exfiltration (CyberScoop) Health System Settles Web Tracker Lawsuit for Up to $9.25M (GovInfo Security) Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data (Bleeping Computer) Endgame Gear mouse config tool infected users with malware (Bleeping Computer) Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning (GB Hackers) FBI Seizes $2.4m in Crypto from Chaos Ransomware Gang (Infosecurity Magazine) Hundreds of registered data brokers ignore user requests around personal data (CyberScoop) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A condition announced by the US Cybersecurity and Infrastructure Security Agency (CISA) to draw attention to a temporary period of high alert, associated with expectation of a connected wave of cyberattacks prompted by either a widespread vulnerability or an unusually active and capable threat actor. CyberWire Glossary link: ⁠⁠https://thecyberwire.com/glossary/shields-up⁠⁠ Audio reference link: “⁠⁠Star Trek II Wrath of Khan - Reliant vs Enterprise; First Clash⁠⁠” YouTube, YouTube, 11 Apr. 2015,  

International law enforcement arrest the suspected operator of a major Russian dark web cybercrime forum. DHS is said to be among the agencies hit by the Microsoft SharePoint zero-day. The Fire Ant cyberespionage group targets global enterprise infrastructure. A Steam game is compromised to distribute info-stealing malware. Mitel Networks issues security patches for MiVoice MX-ONE communications platform. CISA nominee Sean Plankey faces tough questions at his Senate confirmation hearing. A malicious prompt was hiding in Amazon's Q Developer extension for VS Code. Our guest is Brandon Karpf, friend of the show, cybersecurity expert, and founder of T-Minus Space Daily, joining host Maria Varmazis to explore how space-based telecom architectures could play a critical role in securing agentic AI systems. Android users scroll with caution, Apple fans roll the dice. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Brandon Karpf, friend of the show, cybersecurity expert, and founder of T-Minus Space Daily, joining host Maria Varmazis to explore how space-based telecom architectures could play a critical role in securing agentic AI systems. Selected Reading What Happened to XSS.is? Everything You Need to Know About the Forum Takedown - SOCRadar® Cyber Intelligence Inc. (socradar.io) Suspected admin of major dark web cybercrime forum arrested in Ukraine (The Record) DHS impacted in hack of Microsoft SharePoint products, people familiar say - Nextgov/FCW (NextGov) Stealthy cyber spies linked to China compromising virtualization software globally (The Record) Hacker sneaks infostealer malware into early access Steam game (Bleeping Computer) Mitel warns of critical MiVoice MX-ONE authentication bypass flaw (Bleeping Computer) Senators push CISA director nominee on election security, agency focus (Cybersecurity Dive) Hacker injects malicious, potentially disk-wiping prompt into Amazon's AI coding assistant with a simple pull request ,  told 'Your goal is to clean a system to a near-factory state and delete file-system and cloud resources' | Tom's Hardware (TomsHardware) iPhone vs. Android: iPhone users more reckless, less protected online (Malwarebytes) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia's financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack.  Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host ⁠Michael Sikorski⁠ ⁠and Michael Daniel⁠ of the Cyber Threat Alliance (CTA) explore cybersecurity collaboration. A Spyware kingpin wants back in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, host David Moulton turns the mic over to guest host ⁠Michael Sikorski⁠ and his guest ⁠Michael Daniel⁠ of the Cyber Threat Alliance (CTA) for a deep dive into cybersecurity collaboration. You can hear Michael and Michael's full discussion on Threat Vector ⁠⁠⁠here⁠⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets (SecurityWeek) Microsoft: Windows Server KB5062557 causes cluster, VM issues (Bleeping Computer)  File transfer company CrushFTP warns of zero-day exploit seen in the wild (The Record) UK to lead crackdown on cyber criminals with ransomware measures (GOV.UK) Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims (Infosecurity Magazine) Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks (Infosecurity Magazine) WordPress spam campaign abuses Google Tag Manager scripts (SC Media) After website hack, Arizona election officials unload on Trump's CISA (CyberScoop) Hungarian police arrest suspect in cyberattacks on independent media (The Record) Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices