App Store

Google Play

Device Banner Block-copy 894x1036

Astu lugude lõputusse maailma

Loe ja kuula

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily

Fortra confirms an exploitation of the maximum-severity GoAnywhere flaw. Harvard investigates a claim of a breach. Banking Trojan targets Brazilian WhatsApp users. Reduction-in-force hits CISA. SimonMed says 1.2 million hit by Medusa ransomware. Netherlands invokes the Goods Availability Act against a Chinese company. We have our Business Breakdown. On today’s Industry Voices, we are joined by Mickey Bresman sharing insights on hybrid identity security. And, beware of the shuffler.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices, we are joined by Mickey Bresman, Semperis CEO, sharing insights on hybrid identity security and their HIP Conference. Mickey joined us as their 2025 Hybrid Identity Protection (HIP) Conference wrapped up. If you want to hear the full conversation, you can tune in here.

Selected Reading

Fortra cops to exploitation of GoAnywhere file-transfer service defect (CyberScoop)

Harvard Investigating Security Breach After Cybercrime Group Threatens To Release Stolen Data (The Crimson)

WhatsApp Worm Targets Brazilian Banking Customers (Sophos News) 

Government Shutdown Fallout: RIF Notices Hit CISA as Cyber Threats Rise (ClearanceJobs)

SimonMed says 1.2 million patients impacted in January data breach (Bleeping Computer) 

Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia (The Record)

UK fines 4chan over noncompliance with Online Safety Act (The Record) 

Synechron acquires RapDev, Calitii, and Waivgen. (N2K Pro Business Briefing) 

Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating (WIRED)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

When GoAnywhere goes wrong.

While the N2K team is observing Indigenous Peoples' Day, we thought you'd enjoy this episode of the Threat Vector podcast from our N2K Cyberwire network partner, Palo Alto Networks. 

New episodes of Threat Vector release each Thursday. We hope you will explore their catalog and subscribe to the show. 

Join David Moulton, Senior Director of Thought Leadership for Unit 42, as he sits down with Kyle Wilhoit,Technical Director of Threat Research at Unit 42, for an intimate conversation about the evolution of hacker culture and cybersecurity. From picking up 2600: The Hacker Quarterly magazines at Barnes & Noble and building beige boxes to leading threat research at Palo Alto Networks, Kyle shares his personal journey into the security community. This conversation explores how AI and automation are lowering barriers for attackers, the professionalization of cybersecurity, and what's been lost and gained in the industry's maturation. Kyle offers practical advice for newcomers who don't fit the traditional mold, emphasizing the importance of curiosity, soft skills, and intellectual humility. 

Kyle Wilhoit is a seasoned cybersecurity researcher, with more than 15 years of experience studying cybercrime and nation-state threats. He's a frequent speaker at global conferences like Black Hat, FIRST, and SecTor, and has authored two industry-respected books: Hacking Exposed Industrial Control Systems and Operationalizing Threat Intelligence.

As a long-standing member of the Black Hat US Review Board and an adjunct instructor, Kyle is deeply involved in shaping both cutting-edge research and the next generation of cybersecurity professionals. 

 Connect with Kyle on LinkedIn

Previous appearances on Threat Vector: 

 
Inside DeepSeek’s Security Flaws (Mar 31, 2025) https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-deepseeks-security-flaws

 
War Room Best Practices (Nov 07, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-war-room-best-practices 

 
Cybersecurity in the AI Era: Insights from Unit 42's Kyle Wilhoit, Director of Threat Research (Jan 11, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-cybersecurity-in-the-ai-era-insights-from-unit-42s-kyle-wilhoit-director-of-threat-research 

Learn more about Unit 42's threat research at https://unit42.paloaltonetworks.com/. 

Related episodes: For more conversations about AI's impact on cybersecurity, career development in security, and insights from Unit 42 researchers, explore past episodes at https://www.paloaltonetworks.com/podcasts/threat-vector.

Join the conversation on our social media channels:

 
Website: http://www.paloaltonetworks.com/

 
Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠

 
Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠

 
LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/

 
YouTube: ⁠⁠⁠⁠@paloaltonetworks

 
Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠

About Threat Vector

Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠
Learn more about your ad choices. Visit megaphone.fm/adchoices

What Happened to Hacker Culture? [Threat Vector]

Please enjoy this encore of Career Notes. 

Founder and CTO of ShiftLeft, Chetan Conikee shares his story from computer science to founding his own company. When choosing a career, Chetan notes that "the liking and doing has to matter and be in conjunction with each other." Explaining the parallels in his home country of India and where he studied his for his masters in the US, Chetan stresses the need to find someone who inspires you to follow and learn from. On being an entrepreneur, he says, "The entrepreneurial mindset is a sum total of many sufferings that lead to success." Chethan advises you take time out to write narratives so that you are remembered and so that others following a similar path may learn from you. We thank Chetan for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Chetan Conikee: Create narratives of your journey. [CTO] [Career Notes]

John Fokker, Head of Threat Intelligence at Trellix is discussing "Gang Wars: Breaking Trust Among Cyber Criminals." Trellix researchers reveal how the once-organized ransomware underworld is collapsing under its own paranoia. 

Once united through Ransomware-as-a-Service programs, gangs are now turning on each other — staging hacks, public feuds, and exit scams as trust evaporates. With affiliates jumping ship and rival crews sabotaging each other, the RaaS model is fracturing fast, signaling the beginning of the end for ransomware’s criminal empires.

The research can be found here:

 
⁠⁠⁠⁠Gang Wars: Breaking Trust Among Cyber Criminals

Learn more about your ad choices. Visit megaphone.fm/adchoices

No honor among thieves. [Research Saturday]

International law enforcement take down the Breachforums domains. Researchers link exploitation campaigns targeting Cisco, Palo Alto Networks, and Fortinet. Juniper Networks patches over 200 vulnerabilities. Apple and Google update their bug bounties. Evaluating AI use in application security (AppSec) programs. Microsegmentation can contain ransomware much faster and yield better cyber insurance terms. The new RondoDox botnet exploits over 50 vulnerabilities. Researchers tag 13 unpatched Ivanti Endpoint Manager flaws. Our guest is Jason Manar, CISO of Kaseya, sharing his insight into how the private and public sectors can work together for national security. Hackers mistake a decoy for glory. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by ⁠Jason Manar⁠, CISO of ⁠Kaseya⁠, sharing his insight into how the private and public sectors can/must work together for national security.

Selected Reading

FBI takes down BreachForums portal used for Salesforce extortion (Bleeping Computer)

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign (SecurityWeek)

Juniper Networks Patches Critical Junos Space Vulnerabilities (OffSeq) 

Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits (WIRED)

Google Launches AI Bug Bounty with $30,000 Top Reward (Infosecurity Magazine)

In AI We Trust? Increasing AI Adoption in AppSec Despite Limited Oversight (Fastly)

Reducing Risk: Microsegmentation Means Faster Incident Response, Lower Insurance Premiums for Organizations (Akamai)

RondoDox Botnet Takes ‘Exploit Shotgun’ Approach (SecurityWeek)

ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities (SecurityWeek)

Pro-Russian hackers caught bragging about attack on fake water utility (The Record)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

When the breachers get breached.

DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its telecom data breach disclosure rule. Experts warn of teen recruitment in pro-Russian hacking operations. Ukraine’s parliament approves the establishment of Cyber Forces. Troy Hunt criticizes data breach injunctions as empty gestures. Our guest is Sarah Graham from the Atlantic Council’s Cyber Statecraft Initiative (CSI) discussing their report, "Mythical Beasts: Diving into the depths of the global spyware market." And, Spy Dog’s secret site goes off leash.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Sarah Graham from the Atlantic Council’s Cyber Statecraft Initiative (CSI) discussing their work and findings on "Mythical Beasts: Diving into the depths of the global spyware market."

Selected Reading

Homeland Security Cyber Personnel Reassigned to Jobs in Trump’s Deportation Push (Bloomberg)

Massive DDoS Attack Knocks Out Steam, Riot, and Other Services (Windows Report)

Hackers claim Discord breach exposed data of 5.5 million users (Bleeping Computer)

The Evolution of Chaos Ransomware: Faster, Smarter, and More Dangerous (FortiGuard Labs)

The Crown Prince, Nezha: A New Tool Favored by China-Nexus Threat Actors (Huntress)

Court Pauses FCC Data Breach Rules as Agency Takes New Look | Regulation (Cablefax)

Arrests Underscore Fears of Teen Cyberespionage Recruitment (Data Breach Today)

Ukraine's parliament backs creation of cyber forces in first reading (The Kyiv Independent)

Troy Hunt: Court Injunctions are the Thoughts and Prayers of Data Breach Response (Troy Hunt)

Spy Dog: Children's books pulled over explicit weblink (BBC News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber defenders pulled into deportation duty.

Chinese hackers infiltrate a major U.S. law firm. The EU Commission President warns Russia is waging a hybrid war against Europe. Researchers say LoJax is the latest malware from Russia’s Fancy Bear. Salesforce refuses ransom demands. London Police arrest two teens over an alleged ransomware attack on a preschool. Microsoft tightens Windows 11 setup restrictions. SINET and DataTribe spotlight 2025 cybersecurity innovators. On our Industry Voices segment, we are joined by Sean Deuby, Semperis Principal Technologist, discussing identity system security and the growth of the HIP Conference. Employees overshare with ChatGPT. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we are joined by ⁠Sean Deuby⁠, ⁠Semperis⁠ Principal Technologist, discussing identity system security and the growth of the ⁠HIP Conference⁠ while highlighting some of the keynotes and presentations. If you want to hear the full conversation, you can tune in here.

Selected Reading

Chinese Hackers Said to Target U.S. Law Firms (The New York Times)

Russia is at ‘hybrid war’ with Europe, warns EU chief, calling for members ‘to take it very seriously’ (The Record)

What you need to know about “LoJax”, the new, stealthy malware from Fancy Bear (ESET)

Salesforce refuses to pay ransom over widespread data theft attacks (Bleeping Computer)

Teens arrested in London preschool ransomware attack (The Register)

Microsoft kills more Microsoft Account bypasses in Windows 11 (Bleeping Computer)

SINET Announces the 2025 SINET16 Innovator Awards (BusinessWire)

DataTribe Announces Finalists for Eighth Annual Cybersecurity Startup Challenge (DataTribe) 

Employees regularly paste company secrets into ChatGPT (The Register)

One-man spam campaign ravages EU ‘chat control’ bill (POLITICO)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Chinese hackers serve up espionage.

On this episode, host Kim Jones is joined by Ethan Cook, N2K’s lead analyst and editor, for a deeper, more reflective conversation on cybersecurity regulation, privacy, and the future of policy. This episode steps back from the news cycle to connect the dots and explore where the regulatory landscape is heading — and why it matters.

Ethan, who will join the show regularly this season to provide big-picture analysis after major policy conversations, shares his perspective on the evolving balance between government oversight, innovation, and individual responsibility.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Regulation takeaways with Ethan Cook. [CISO Perspectives]

Microsoft tags a critical vulnerability in Fortra’s GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to China’s MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based vision care firm will pay $5 million to settle phishing-related data breach claims. “Trinity of Chaos” claims to be a new ransomware collective. LinkedIn files a lawsuit against an alleged data scraper. This year’s Nobel Prize in Physics recognizes pioneering research into quantum mechanical tunneling. On today’s Industry Voices segment, we are joined by Alastair Paterson from Harmonic Security, discussing shadow AI and the new era of work. Australia’s AI-authored report gets a human rewrite.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices segment, we are joined by Alastair Paterson, CEO and Co-Founder of Harmonic Security, discussing shadow AI and the new era of work. You can hear the full conversation with Alastair here.

Selected Reading

Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Camp (Infosecurity Magazine)

Redis warns of critical flaw impacting thousaRends of instances (Bleeping Computer)

BIETA: A Technology Enablement Front for China's MSS (Recorded Future)

Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882) (Labs)

EyeMed Agrees to Pay $5M to Settle Email Breach Litigation (Govinfo Security)

Ransomware Group “Trinity of Chaos” Launches Data Leak Site (Infosecurity Magazine)

LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data (Bleeping Computer)

The Nobel Prize for physics is awarded for discoveries in quantum mechanical tunneling (NPR)

Deloitte refunds Australian government over AI in report (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire Daily podcast is a production of N2K Networks, your source for critical industry insights, strategic intelligence, and performance-driven learning products. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Critical GoAnywhere bug fuels ransomware wave.

A critical zero-day in Oracle E-Business Suite is under active exploitation. ICE plans a major expansion of its social media surveillance operations. Discord confirms a third-party data breach. A critical vulnerability in the Unity game engine could allow arbitrary code execution. New variants of the XWorm remote access trojan spread through phishing campaigns. Researchers uncover a critical command injection flaw in Dell UnityVSA storage appliances. There’s been a sharp surge in reconnaissance scans targeting Palo Alto Networks login portals. A new hacking competition offers $4.5 million in prizes for exploits targeting major cloud and AI software. Monday Business Brief. On our Afternoon Cyber Tea segment with Microsoft’s Ann Johnson, Ann and guest Volker Wagner⁠, Chief Information Security Officer at BASF, share some Lessons from the Frontlines of Industrial Security. Don’t spend that ParkMobile settlement all in one place. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Afternoon Cyber Tea Segment

Today we are highlighting Afternoon Cyber Tea with Ann Johnson. Ann and guest Volker Wagner⁠, Chief Information Security Officer at BASF, share some Lessons from the Frontlines of Industrial Security. You can listen to Ann and Volker's full conversation⁠ here⁠ and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app.

Selected Reading

PoC Exploit Released for Remotely Exploitable Oracle E-Business Suite 0-Day Vulnerability (Cyber Security News)

ICE Wants to Build Out a 24/7 Social Media Surveillance Team (WIRED)

Discord blames third-party support outfit for data breach (The Register)

Android and Windows gamers worldwide potentially affected by bug in Unity game engine (The Record)

XWorm malware resurfaces with ransomware module, over 35 plugins (Bleeping Computer)

Patch Now: Dell UnityVSA Flaw Allows Command Execution Without Login (HackRead)

Scanning of Palo Alto Portals Surges 500% (Infosecurity Magazine)

$4.5 Million Offered in New Cloud Hacking Competition (SecurityWeek)

Accenture acquires Japanese AI and DX provider, Aidemy Inc. (N2K Pro Business Briefing)

ParkMobile pays... $1 each for 2021 data breach that hit 22 million (Bleeping Computer)

Vote for Dave!

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our ⁠brief listener survey⁠. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Oracle zero-day serves up persistent access.

Today we are joined by Nati Tal, Head of Guardio Labs, discussing their work “CAPTCHAgeddon” or unmasking the viral evolution of the ClickFix browser-based threat. CAPTCHAgeddon — Shaked Chen’s deep dive into the ClickFix fake-captcha wave — reveals how a red-team trick morphed into a dominant, download-free browser threat that tricks users into pasting clipboard PowerShell/shell commands and leverages trusted infrastructure, including Google Scripts.
Guardio’s DBSCAN-based payload clustering exposes distinct attacker toolkits and distribution paths — from malvertising and compromised WordPress to social posts and Git repos — and argues defenders need behavioral, intelligence-driven protections, not just signatures.

The research can be found here:

 “CAPTCHAgeddon” Unmasking the Viral Evolution of the ClickFix Browser-Based Threat

Learn more about your ad choices. Visit megaphone.fm/adchoices

Browser attacks without downloads. [Research Saturday]

Loe ja kuula

Muud podcastid, mis võivad sulle meeldida ...