app_store_button

google_play_button

is Device Banner Block 894x1036

Stígðu inn í heim af óteljandi sögum

Hlustaðu og lestu

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily

The CBO was hacked by a suspected foreign actor. Experts worry Trump’s budget cuts weaken U.S. cyber defenses. Regulation shapes expectations. ClickFix evolves on macOS. Notorious cybercrime groups form a new “federated alliance.” Congressional leaders look to counter China’s influence in 6G networks. An EdTech firm pays $5.1 million to settle data breach claims. Nevada did not pay the ransom. Our guest is CEO and Co-Founder Ben Nunez from Evercoast, winner of the 8th Annual DataTribe Challenge. The FBI tries to uncover the archivist.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Evercoast, winner of the 8th Annual DataTribe Challenge, is redefining Training Data for Embodied AI with enriched 4D spatial data from real-world environments to better train robots. CEO and Co-Founder Ben Nunez joins Dave Bittner to discuss their win and what’s next for the company.

Selected Reading

Congressional Budget Office believed to be hacked by foreign actor (The Washington Post)

Trump budget cuts, agency gutting, leave Americans and economy at greater risk of being hacked, experts warn (CNBC)

The quiet revolution: How regulation is forcing cybersecurity accountability (CyberScoop)

ClickFix Attacks Against macOS Users Evolving (SecurityWeek)

“I Paid Twice” Phishing Campaign Targets Booking.com (Infosecurity Magazine)

Scattered Spider, LAPSUS$, and ShinyHunters form extortion alliance (SC Media)

Congressional leaders want an executive branch strategy on China 6G, tech supply chain (CyberScoop)

Ed tech company fined $5.1 million for poor data security practices leading to hack (The Record)

Nevada government declined to pay ransom, says cyberattack traced to breach in May (The Record)

FBI Tries to Unmask Owner of Infamous Archive.is Site (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Legislating in the shadow of hackers.

Zero Trust has been top of mind for years, but how is AI changing what that actually looks like in practice? In this episode of CyberWire-X, Dave Bittner is joined by Deepen Desai, Chief Security Officer at Zscaler, to discuss the transformative impact of AI on Zero Trust security frameworks. 

The discussion outlines how AI enhances threat prevention, automates data discovery, and improves user experience while addressing the practical financial implications of adopting AI in security. Hear how organizations must embrace AI to stay competitive and secure against evolving threats.

For additional resources on Zero Trust + AI, visit Zscaler's Replace Legacy Systems for Better Security.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The role of AI in Zero Trust. [CyberWire-X]

Cisco patches critical vulnerabilities in its Unified Contact Center Express (UCCX) software. CISA lays off 54 employees despite a federal court order halting workforce reductions. Gootloader malware returns. A South Korean telecom is accused of concealing a major malware breach. Russia’s Sandworm launches multiple wiper attacks against Ukraine. China hands out death sentences to scam compound kingpins. My guest is Dr. Sasha O'Connell, Senior Director for Cybersecurity Programs at Aspen Digital. Meta’s moral compass points to profit.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Dr. Sasha O'Connell, Senior Director for Cybersecurity Programs at Aspen Digital, joins us to preview her Caveat podcast interview about "10 Years of Cybersecurity Progress & What Comes Next." Listen to Sasha and Dave’s full conversation on this week’s Caveat episode. 

Selected Reading

Critical Cisco UCCX flaw lets attackers run commands as root (Bleeping Computer)

CISA plans to fire 54 employees despite court injunction (Metacurity)

CISA reports active exploitation of critical vulnerability in CentOS Web Panel (Beyond Machines)

Gootloader malware is back with new tricks after 7-month break (Bleeping Computer)

KT accused of concealing major malware infection, faces probe over customer data breach (The Korea Times)

Sandworm hackers use data wipers to disrupt Ukraine's grain sector (Bleeping Computer)

⁠China sentences 5 Myanmar scam kingpins to death ⁠(The Record)

⁠“Hackers” rig elections to IAN executive committee⁠ (Mumbai News)

Meta is earning a fortune on a deluge of fraudulent ads, documents show (Reuters)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Stomping out critical bugs.

Operation “Chargeback” takes down global fraud networks. An investigation reveals the dangers of ADINT. M&S profits plunge after a cyberattack. Google patches a critical Android flaw. Asian prosecutors seize millions from an accused Cambodian scam kingpin. Ohio residents are still guessing water bills months after a cyberattack. Houston firefighters deny blame in city data breach. Nikkei reports a slack breach exposing 17,000 records.The Google–Wiz deal clears DOJ review. Ann Johnson welcomes her Microsoft colleague Frank X. Shaw⁠ to Afternoon Cyber Tea. Norway parks its Chinese Bus in a cave, just in case. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Afternoon Cyber Tea

On this month's segment from Afternoon Cyber Tea, host Ann Johnson welcomes Frank X. Shaw⁠, Chief Communications Officer at Microsoft, to explore the critical role of communication in cybersecurity. They discuss how transparency and trust shape effective response to cyber incidents, the importance of breaking down silos across teams, and how AI is transforming communication strategies. You can listen to Ann and Frank's full conversation here, and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. 

Selected Reading

Operation Chargeback: 4.3 million cardholders affected, EUR 300 million in damages - Three criminal networks suspected of misusing credit card data from cardholders across 193 countries; 18 suspects arrested (Europol)

Databroker Files: Targeting the EU (Netzpolitik)

M&S profits almost wiped out after cyber hack left shelves empty (BBC News)

Google releases November 2025 Android patch, fixes critical zero-click flaw (Beyond Machines)

Prosecutors seize yachts, luxury cars from man accused of running Cambodia cyberscams (NPR)

Cyberattack that crippled Middletown's systems shows how hackers target smaller cities (Cincinnati.com)

Houston data breach exposes firefighters’ personal info, union says they’re being blamed (Click2Houston)

Japanese publishing company Nikkei suffers Slack compromise exposing data of over 17,000 people (Beyond Machines)

Google Clears DOJ Antitrust Hurdle for $32 Billion Wiz Deal (Bloomberg)

Dybt i et norsk fjeld blev en kinesisk bybus splittet ad. En status på vores frygt (Zetland)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

From small charges to big busts.

China-Linked hackers target Cisco firewalls. MIT Sloan withdraws controversial “AI-Driven Ransomware” paper. A new study questions the value of cybersecurity training. Hackers exploit OpenAI’s API as a malware command channel. Apple patches over 100 Security flaws across devices. A Florida-based operator of mental health and addiction treatment centers exposes sensitive patient information. OPM plans a “mass deferment” for Cybercorps scholars affected by the government shutdown. Lawmakers urge the FTC to investigate Flock Safety’s cybersecurity gaps. Cybercriminals team with organized crime for high-tech cargo thefts. Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies discussing ICE’s controversial facial scanning initiative. A priceless theft meets a worthless password. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

We are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies discussing ICE’s controversial facial scanning initiative. You can read more about Ben’s topic from 404 Media: You Can't Refuse To Be Scanned by ICE's Facial Recognition App, DHS Document Says.

Selected Reading

China-Linked Hackers Target Cisco Firewalls in Global Campaign (Hackread)

MIT Sloan shelves paper about AI-driven ransomware (The Register)

CyberSlop — meet the new threat actor, MIT and Safe Security (DoublePulsar)

Study concludes cybersecurity training doesn’t work (KPBS Public Media)

Microsoft: OpenAI API moonlights as malware HQ (The Register)

Apple Patches 19 WebKit Vulnerabilities (SecurityWeek)

Data Theft Hits Behavioral Health Network in 3 States (Bank Infosecurity)

OPM plans to give CyberCorps members more time to find jobs after shutdown ends (CyberScoop)

Lawmakers ask FTC to probe Flock Safety’s cybersecurity practices (The Record)

Cybercriminals, OCGs team up on lucrative cargo thefts (The Register)

Louvre Robbery: Security Flaws: The (Obviously) Password Was "Louvre" (L’Unione Sarda)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A storm brews behind the firewall.

When discussing privacy risks, many often look to implementing strong encryption, secure data storage practices, and data sanitization processes to help ensure sensitive information remains protected. Though these practices are good and should be prioritized, many often miss other key areas that need just as much focus. As the internet of things has only continued to grow larger and larger, so has the risk these devices inherently create as they collect and store more information than many would instinctively assume.

In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Merry Marwig, the Vice President of Global Communications & Advocacy at Privacy4Cars, to explore how privacy risks are in places many do not think to look. Together, Merry and Kim discuss why security leaders need to rethink how they approach privacy and consider how the devices we use every day could inadvertently expose our sensitive information.

This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about ⁠Meter⁠.

Want more CISO Perspectives?

Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Privacy needs where you least expect it. [CISO Perspectives]

The FCC plans to roll back cybersecurity mandates that followed Salt Typhoon. The alleged cybercriminal MrICQ has been extradited to the U.S. Ransomware negotiators are accused of conducting ransomware attacks. Ernst & Young accidentally exposed a 4-terabyte SQL Server backup. A hacker claims responsibility for last week’s University of Pennsylvania breach. The UK chronicles cyberattacks on Britain’s drinking water suppliers. Monday business brief. Our guest is Caleb Tolin, host of Rubrik's Data Security Decoded podcast. Hackers massage the truth. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Caleb Tolin, host of Rubrik's Data Security Decoded podcast, as he is introducing himself and his show joining the N2K CyberWire network. You can catch new episodes of Data Security Decoded the first and third Tuesdays of each month on your favorite podcast app. 

Selected Reading

FCC plans vote to remove cyber regulations installed after theft of Trump info from telecoms (The Record)

Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody (Krebs on Security)

Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says (Chicago Sun Times)

Ernst & Young cloud misconfiguration leaks 4TB SQL Server backup on Microsoft Azure (Beyond Machines)

Penn hacker claims to have stolen 1.2 million donor records in data breach (Bleeping Computer)

Hackers are attacking Britain’s drinking water suppliers (The Record)

JumpCloud acquires Breez. Chainguard secures $280 million in growth financing. Sublime Security closes $150 million Series C round. (N2K Pro)

Hackers steal data, extort $350,000 from massage parlor clients (Korea JoongAng Daily)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

FCC resets cyber oversight.

Risk Management and Privacy Knowledge Leader at A-LIGN, Arti Lalwani shares her story from finance to risk management and how she made the transition. Arti started her career in finance after graduating with a finance degree. Quickly learning the field was not for her, she decided to dip her toes into the tech world. She credits her mentors for helping her and said "they were able to push me up and get me there faster than I even thought." Arti says that she would like to be a part, and hopes to be apart, of the change where women are supporting women in the field. We thank Arti for sharing her story.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Arti Lalwani: Supporting and being the change. [Risk Management] [Career Notes]

Today we are joined by Dario Pasquini, Principal Researcher at RSAC, sharing the team's work on WhenAIOpsBecome “AI Oops”: Subverting LLM-driven IT Operations via Telemetry Manipulation. A first-of-its-kind security analysis showing that LLM-driven AIOps agents can be tricked by manipulated telemetry, turning automation itself into a new attack vector. 

The researchers introduce AIOpsDoom, an automated reconnaissance + fuzzing + LLM-driven telemetry-injection attack that performs “adversarial reward-hacking” to coerce agents into harmful remediations—even without prior knowledge of the target and even against some prompt-defense tools. They also present AIOpsShield, a telemetry-sanitization defense that reliably blocks these attacks without harming normal agent performance, underscoring the urgent need for security-aware AIOps design.

The research can be found here:

 
⁠When AIOps Become “AI Oops”:
Subverting LLM-driven IT Operations via Telemetry Manipulation

Learn more about your ad choices. Visit megaphone.fm/adchoices

Attack of the automated ops. [Research Saturday]

CISA says cooperation between federal agencies and the private sector remains steady. Long-standing Linux kernel vulnerability in active ransomware campaigns confirmed. A Chinese-linked group targets diplomatic organizations in Hungary, Belgium, and other European nations. A government contractor breach exposes data of over 10 million Americans. Luxury fashion brands fall victim to impersonation scams. Phishing shifts from email to LinkedIn. Advocacy groups urge the FTC to block Meta from using chatbot interactions to target ads. A man pleads guilty to selling zero-days to the Russians. Emily Austin, Principal Security Researcher at Censys, discusses why nation state attackers continue targeting critical infrastructure. When M&S went offline, shoppers hit ‘Next’.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Emily Austin, Principal Security Researcher at Censys, as she discusses why nation state attackers continue targeting critical infrastructure.

Selected Reading

Cyber info sharing ‘holding steady’ despite lapse in CISA 2015, official says (The Record)

CISA: High-severity Linux flaw now exploited by ransomware gangs (Bleeping Computer)

CISA and NSA share tips on securing Microsoft Exchange servers (Bleeping Computer)

UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities (Arctic Wolf)

More than 10 million impacted by breach of government contractor Conduent (The Record)

Luxury Fashion Brands Face New Wave of Threats in Lead-up to 2025 Holiday Shopping Season (BforeAI)

LinkedIn phishing targets finance execs with fake board invites (Bleeping Computer)

Coalition calls on FTC to block Meta from using chatbot interactions to target ads, personalize content (The Record)

Ex-L3Harris exec pleads guilty to selling zero-day exploits to Russian broker (CyberScoop)

Business rival credits cyberattack on M&S for boosting profits (The Record)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

CISA’s steady hand in a stalled senate.

This week we are joined by Phil Stokes, threat researcher at SentinelOne's SentinelLabs, discussing their work on "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed." Apple recently pushed an update to its XProtect tool, blocking several variants of the DPRK-linked Ferret malware family, which targets victims through the "Contagious Interview" campaign. 
The malware uses fake job interview processes to trick users into installing malicious software, and new variants, including FlexibleFerret, remain undetected by XProtect. SentinelOne's research reveals a deeper investigation into this malware, which uses social engineering to expand its attack vectors, including targeting developers through platforms like GitHub.

The research can be found here:
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed

Learn more about your ad choices. Visit megaphone.fm/adchoices

Caught in the contagious interview. [Research Saturday]

Hlustaðu og lestu

Other podcasts you might like ...