App Store

Google Play

is Device Banner Block 894x1036

Stígðu inn í heim af óteljandi sögum

Hlustaðu og lestu

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily

CISA warns a Windows SMB privilege escalation flaw is under Active exploitation. Microsoft issues an out of band fix for a WinRE USB input failure. Nation state hackers had long term access to F5. Envoy Air confirms it was hit by the zero-day in Oracle’s E-Business Suite. A nonprofit hospital system in Massachusetts suffers a cyberattack. Russian’s COLDRiver group rapidly retools its malware arsenal. GlassWorm malware hides malicious logic with invisible Unicode characters. European authorities dismantle a large-scale Latvian SIM farm operation. Myanmar’s military raids a notorious cybercrime hub. Josh Kamdjou, from Sublime Security discusses how teams should get ahead of Scattered Spider's next move. Eagle Scouts are soaring into cyberspace.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Josh Kamdjou, CEO and co-founder of Sublime Security and former DOD white hat hacker, is discussing how teams should get ahead of Scattered Spider's next move.

Selected Reading

CISA warns of active exploitation of Windows SMB privilege escalation flaw (Beyond Machines)

Windows 11 KB5070773 emergency update fixes Windows Recovery issues (Bleeping Computer)

Hackers Had Been Lurking in Cyber Firm F5 Systems Since 2023 (Bloomberg)

Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p (Hackread)

Cyberattack Disrupts Services at 2 Massachusetts Hospitals (BankInfo Security)

Russian Coldriver Hackers Deploy New ‘NoRobot’ Malware (Infosecurity Magazine)

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries (Bleeping Computer)

Police Shutter SIM Farm Provider in Latvia, Bust 7 Suspects (Data Breach Today)

Myanmar Military Shuts Down Major Cybercrime Center and Detains Over 2,000 People (SecurityWeek)

Scouts will now be able to earn badges in AI and cybersecurity (CNN Business)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The SMB slip-up.

On this episode, host Kim Jones is joined by Ethan Cook, N2K’s lead analyst and editor, for a deeper, more reflective conversation on cybersecurity regulation, privacy, and the future of policy. This episode steps back from the news cycle to connect the dots and explore where the regulatory landscape is heading — and why it matters.

Ethan, who will join the show regularly this season to provide big-picture analysis after major policy conversations, shares his perspective on the evolving balance between government oversight, innovation, and individual responsibility.

This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about Meter.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Regulation takeaways with Ethan Cook. [CISO Perspectives]

An AWS outage sparks speculation. An F5 exposure and breach raise patching and supply-chain concerns. Salt Typhoon breaches a European telecom via a Netscaler flaw. A judge bans NSO Group from Whatsapp. China alleges “irrefutable evidence” of NSA hacking. Connectwise patches adversary in the middle risks. A Dolby decoder flaw enables zero-click remote code execution on Android. A Cyber M&A and funding surge signals a busy consolidation cycle. Our guest Jeff Collins, CEO of WanAware, sharing how hospital consolidations are reshaping IT asset visibility and what it takes to close these gaps. One man’s quest to make AI art legit. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Jeff Collins, CEO of WanAware, sharing how hospital consolidations are reshaping IT asset visibility and what it takes to close these gaps.

Selected Reading

Cyberattack: Did China just bring Amazon down, along with Robinhood, Snapchat - what happened? Here's what experts are saying (The Economic Times)

F5 breach exposes 262,000 BIG-IP systems worldwide (Security Affairs)

Salt Typhoon Uses Citrix Flaw in Global Cyber-Attack (Infosecurity Magazine)

Israeli spyware company blocked from WhatsApp (Courthouse News Service)

China Says It Found Evidence of US Cyber Attack on State Agency (Bloomberg)

ConnectWise Patches Critical Flaw in Automate RMM Tool (SecurityWeek)

Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks (SecurityWeek)

NSO Group acquired by American investors. LevelBlue to acquire Cybereason. (N2K Pro Business Briefing)

Creator of Infamous AI Painting Tells Court He's a Real Artist (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The day the cloud got foggy.

Please enjoy this encore of Career Notes. 

Cybersecurity Associate Consultant at BARR Advisory, Kristin Strand, shares her journey from the military to teaching and now to cybersecurity. Kristin shares how she'd wanted to be a teacher since she was young. She joined the Army to help pay for college and throughout her career has taken advantage of programs to help her move on to her next challenge. From teaching, Kristin decided to transition to IT and came to cybersecurity through a Department of Labor program. She's also currently training to be a drill sergeant. Kristin advises you stand firm to your goals and know what you want. It will come around. We thank Kristin for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Kristin Strand: Be firm in your goals. [Consultant] [Career Notes]

Eclypsium researchers Jesse Michael and Mickey Shkatov to share their work on "BadCam - Now Weaponizing Linux Webcams." Eclypsium researchers disclosed “BadCam,” a set of vulnerabilities in certain Lenovo USB webcams that run Linux and do not validate firmware signatures, allowing attackers to reflash the devices and turn them into BadUSB-style tools. 

An adversary who supplies a backdoored camera or who gains remote code execution on a host can weaponize the webcam to emulate human-interface devices, inject keystrokes, deliver payloads, and maintain persistence — even re-infecting systems after OS reinstalls. The findings were presented at DEF CON 2025, Lenovo issued updated firmware/tools in coordination with SigmaStar, and researchers warn the same vector could affect other Linux-based USB peripherals, underscoring the need for firmware signing and stronger device attestation.

The research can be found here:

 BadCam: Now Weaponizing Linux Webcams

Learn more about your ad choices. Visit megaphone.fm/adchoices

Smile for the malware. [Research Saturday]

Prosper data breach reportedly affected more than 17 million accounts. Microsoft revokes certificates used in Rhysida ransomware operation. Threat actors exploit Cisco flaw to deploy Linux rootkits. Europol disrupts cybercrime-as-a-service operation. BeaverTail and OtterCookie merge and display new functionality. Singapore cracks down on social media. On our Industry Voices segment, we are joined by Danny Jenkins who is talking about defending against AI. And who let the bots out?

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we are joined by Danny Jenkins, CEO and Co-Founder of ThreatLocker, talking about defending against AI. You can tune into Danny’s full conversation here.

Selected Reading

Have I Been Pwned: Prosper data breach impacts 17.6 million accounts (BleepingComputer)

Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign (SecurityWeek)

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits (Trend Micro)

Critical ConnectWise Vulnerabilities Allow Attackers To Inject Malicious Updates (Cybersecurity News)

European police bust network selling thousands of phone numbers to scammers (The Record)

North Korean operatives spotted using evasive techniques to steal data and cryptocurrency (CyberScoop)

New Singapore law empowers commission to block harmful online content (Reuters) 

Niantic’s Peridot, the Augmented Reality Alien Dog, Is Now a Talking Tour Guide (WIRED)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Prosper’s not so prosperous week.

F5 discloses long-term breach tied to nation-state actors. PowerSchool hacker receives a four-year prison sentence. Senator scrutinizes Cisco critical firewall vulnerabilities. Phishing campaign impersonates LastPass and Bitwarden. Credential phishing with Google Careers. Reduce effort, reuse past breaches, recycle into new breach. Qilin announces new victims. Manoj Nair, from Snyk, joins us to explore the future of AI security and the emerging risks shaping this rapidly evolving landscape. And AI faces the facts.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Manoj Nair, Chief Innovation Officer at Snyk, joins us to explore the future of AI security and the emerging risks shaping this rapidly evolving landscape. In light of the recent high-severity vulnerability in Cursor, Manoj discusses how threats like tool poisoning, toxic flows, and MCP vulnerabilities are redefining what secure AI-driven development means—and why organizations must move faster to keep up.

Selected Reading

F5 disclosures breach tied to nation-state threat actor (CyberScoop)

CISA Directs Federal Agencies to Mitigate Vulnerabilities in F5 Devices (CISA)

ED 26-01: Mitigate Vulnerabilities in F5 Devices (CISA) 

PowerSchool hacker sentenced to 4 years in prison (The Record) 

Cisco faces Senate scrutiny over firewall flaws (The Register)

Fake LastPass, Bitwarden breach alerts lead to PC hijacks (Bleeping Computer) 

Google Careers impersonation credential phishing scam with endless variation (Sublime Security) 

Elasticsearch Leak Exposes 6 Billion Records from Scraping, Old and New Breaches (HackRead) 

Qilin Ransomware announced new victims (Security Affairs) 

When Face Recognition Doesn’t Know Your Face Is a Face (WIRED)

Semperis Announces Midnight in the War Room: A Groundbreaking Cyberwar Documentary Featuring the World's Leading Defenders and Reformed Hackers (PR Newswire)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

When hackers go BIG in cyber espionage.

A record-breaking Bitcoin seizure. Patch Tuesday notes. Capita fined for unlawful access to personal data. Unity site skimmed by malicious script. Vietnam Airlines breached potentially exposing 20 million passengers. An automotive giant experiences a third-party breach. Tim Starks from CyberScoop is discussing how Sen. Peters tries another approach to extend expired cyber threat information-sharing. In our latest Threat Vector, David Moulton⁠ sits down with⁠ Harish Singh about hybrid work. And inside North Korea's blueprints for deception.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Tim Starks from CyberScoop is discussing how Sen. Peters tries another approach to extend expired cyber threat information-sharing law.

Threat Vector

Hybrid work has changed the game, but has your security kept up? In this segment of Threat Vector, David Moulton⁠ sits down with⁠ Harish Singh⁠, Vice President and Global Head of Infrastructure and Application Management at Wipro, to unpack the evolving cybersecurity landscape at the intersection of digital transformation, SaaS expansion, and AI-powered operations. You can listen to their full discussion here, and catch new episodes every Thursday on your favorite podcast app.

Selected Reading

Feds Seize Record-Breaking $15 Billion in Bitcoin From Alleged Scam Empire (WIRED)

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws (Bleeping Computer) 

Patch Tuesday, October 2025 ‘End of 10’ Edition (Krebs on Security)

Capita Fined £14m After 2023 Breach that Hit 6.6 Million People (Infosecurity Magazine) 

Malicious Code on Unity Website Skims Information From Hundreds of Customers (SecurityWeek)

Airline with over 20 million passengers a year involved in customer data breach (Daily Mail)

Information Regarding Customer Data Breach (Vietnam Airlines)

Auto giant Stellantis discloses data breach affecting North American customers (Top Class Actions)

North Korean Scammers Are Doing Architectural Design Now (WIRED)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Prince of fraud loses crown.

Fortra confirms an exploitation of the maximum-severity GoAnywhere flaw. Harvard investigates a claim of a breach. Banking Trojan targets Brazilian WhatsApp users. Reduction-in-force hits CISA. SimonMed says 1.2 million hit by Medusa ransomware. Netherlands invokes the Goods Availability Act against a Chinese company. We have our Business Breakdown. On today’s Industry Voices, we are joined by Mickey Bresman sharing insights on hybrid identity security. And, beware of the shuffler.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices, we are joined by Mickey Bresman, Semperis CEO, sharing insights on hybrid identity security and their HIP Conference. Mickey joined us as their 2025 Hybrid Identity Protection (HIP) Conference wrapped up. If you want to hear the full conversation, you can tune in here.

Selected Reading

Fortra cops to exploitation of GoAnywhere file-transfer service defect (CyberScoop)

Harvard Investigating Security Breach After Cybercrime Group Threatens To Release Stolen Data (The Crimson)

WhatsApp Worm Targets Brazilian Banking Customers (Sophos News) 

Government Shutdown Fallout: RIF Notices Hit CISA as Cyber Threats Rise (ClearanceJobs)

SimonMed says 1.2 million patients impacted in January data breach (Bleeping Computer) 

Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia (The Record)

UK fines 4chan over noncompliance with Online Safety Act (The Record) 

Synechron acquires RapDev, Calitii, and Waivgen. (N2K Pro Business Briefing) 

Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating (WIRED)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

When GoAnywhere goes wrong.

While the N2K team is observing Indigenous Peoples' Day, we thought you'd enjoy this episode of the Threat Vector podcast from our N2K Cyberwire network partner, Palo Alto Networks. 

New episodes of Threat Vector release each Thursday. We hope you will explore their catalog and subscribe to the show. 

Join David Moulton, Senior Director of Thought Leadership for Unit 42, as he sits down with Kyle Wilhoit,Technical Director of Threat Research at Unit 42, for an intimate conversation about the evolution of hacker culture and cybersecurity. From picking up 2600: The Hacker Quarterly magazines at Barnes & Noble and building beige boxes to leading threat research at Palo Alto Networks, Kyle shares his personal journey into the security community. This conversation explores how AI and automation are lowering barriers for attackers, the professionalization of cybersecurity, and what's been lost and gained in the industry's maturation. Kyle offers practical advice for newcomers who don't fit the traditional mold, emphasizing the importance of curiosity, soft skills, and intellectual humility. 

Kyle Wilhoit is a seasoned cybersecurity researcher, with more than 15 years of experience studying cybercrime and nation-state threats. He's a frequent speaker at global conferences like Black Hat, FIRST, and SecTor, and has authored two industry-respected books: Hacking Exposed Industrial Control Systems and Operationalizing Threat Intelligence.

As a long-standing member of the Black Hat US Review Board and an adjunct instructor, Kyle is deeply involved in shaping both cutting-edge research and the next generation of cybersecurity professionals. 

 Connect with Kyle on LinkedIn

Previous appearances on Threat Vector: 

 
Inside DeepSeek’s Security Flaws (Mar 31, 2025) https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-deepseeks-security-flaws

 
War Room Best Practices (Nov 07, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-war-room-best-practices 

 
Cybersecurity in the AI Era: Insights from Unit 42's Kyle Wilhoit, Director of Threat Research (Jan 11, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-cybersecurity-in-the-ai-era-insights-from-unit-42s-kyle-wilhoit-director-of-threat-research 

Learn more about Unit 42's threat research at https://unit42.paloaltonetworks.com/. 

Related episodes: For more conversations about AI's impact on cybersecurity, career development in security, and insights from Unit 42 researchers, explore past episodes at https://www.paloaltonetworks.com/podcasts/threat-vector.

Join the conversation on our social media channels:

 
Website: http://www.paloaltonetworks.com/

 
Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠

 
Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠

 
LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/

 
YouTube: ⁠⁠⁠⁠@paloaltonetworks

 
Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠

About Threat Vector

Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠
Learn more about your ad choices. Visit megaphone.fm/adchoices

What Happened to Hacker Culture? [Threat Vector]

This week, Dave Bittner is joined by Juan Andres Guerrero-Saade (JAGS) from SentinelOne's SentinelLabs to discuss the work his team and Tinexta Cyber did on "Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels." 

Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. Based on the malware, infrastructure, techniques used, victimology, and the timing of the activities, we assess that it is highly likely these attacks were conducted by a China-nexus threat actor with cyberespionage motivations.

The relationships between European countries and China are complex, characterized by cooperation, competition, and underlying tensions in areas such as trade, investment, and technology. Suspected China-linked cyberespionage groups frequently target public and private organizations across Europe to gather strategic intelligence, gain competitive advantages, and advance geopolitical, economic, and technological interests.

The research can be found here:
Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

Learn more about your ad choices. Visit megaphone.fm/adchoices

A Digital Eye on supply-chain-based espionage attacks. [Research Saturday]

Hlustaðu og lestu

Other podcasts you might like ...