CyberWire Daily - Archive

Iran-linked hackers signal cyberattacks will continue despite the cease-fire. Microsoft restores access after suspending open-source developer accounts. John Deere settles its right-to-repair fight. A suspected Adobe Reader zero-day surfaces. Palo Alto Networks and SonicWall patch high-severity flaws. New macOS malware targets crypto wallets. A threat cluster abuses live chat to bypass MFA. CISA orders urgent Ivanti patching. Researchers track a stealthy DDoS-for-hire botnet. Our guest is Edgard Capdevielle, CEO of Nozomi Networks, sharing insights on threats posed by nation-states and AI on OT security. macOS has a 49 day time limit.

Federal agencies warn Iranian-linked hackers are probing U.S. critical infrastructure, while the DOJ disrupts a Russian router hijacking campaign. Cyberattacks hit Minnesota government systems and force a Massachusetts hospital to divert ambulances. Anthropic limits access to its new AI bug-hunting model, hackers leak terabytes of LAPD data, and researchers warn of a rise in AI recommendation poisoning. Our guest is Benny Czarny, Founder and CEO of OPSWAT, discussing his book "Cybersecurity Upside Down: Rethink Your Cybersecurity Strategy." Japan trades red tape for training data. Remember to leave us a 5-star rating

CISA faces a $700 million budget cut. Russian and Iranian cyber cooperation raises concerns. New BPFDoor variants emerge. Cybercrime losses climb again. Researchers advance a GPU Rowhammer attack. Northern Ireland schools go offline after a breach. An alleged hacker-for-hire faces U.S. charges. And German police name the suspected REvil mastermind. Our guest is John Anthony Smith, Founder and Chief Security Officer at Fenix24, explaining why more technology hasn't made us more secure. A frustrated researcher drops the hammer. Remember to leave us a 5-star rating and review in your favorite podcast

Fortinet releases an emergency update for a critical vulnerability. A major outage disrupts Russian banking apps. A new report highlights critical skills gaps. CyberCorp scholars struggle to secure jobs. Scammers use QR codes in fake traffic violation schemes. A proposed lawsuit accuses Perplexity of oversharing users’ AI transcripts. Cambodia outlaws scam centers. Scammers impersonate Harvard IT staff. With “wrench attack” threats of violence, life imitates art. Kevin Magee from Microsoft for Startups describes emerging trends. On Afternoon Cyber Tea with Ann Johnson, Ann speaks with Allie Mellen about her new book

Please enjoy this encore of Career Notes. Anjali Hansen, a Senior Privacy Counselor from Noname Security shares her story as she climbed through the ranks to get to where she is today. When Anjali started, she wanted to do international law. She started working for the International Trade Commission after law school, where she was able to gain most of her experience and real world abilities. Working with online fraud and abuse, she shares, concerned her, because it felt like governments could not protect organizations from threats occurring, which is how

This week, we are joined by Santiago Pontiroli, Threat Intelligence Research Lead from Acronis TRU team, discussing their work on "New year, new sector: Transparent Tribe targets India’s startup ecosystem." The Acronis Threat Research Unit uncovered a new campaign by Transparent Tribe showing the group has expanded beyond traditional government and defense targets to India’s startup ecosystem, especially cybersecurity and OSINT-focused firms. The attackers use startup-themed lures delivered via ISO files and malicious shortcuts to deploy Crimson RAT, a highly obfuscated tool capable of surveillance, data theft, and system control. Despite

Cloud data centers come under fire in wartime. A massive dark web intelligence database is exposed. Chinese hackers exploit a video conferencing zero-day. The intelligence community rolls out cyber modernization plans. React2Shell attacks spread at scale. Iowa sues UnitedHealth over the Change Healthcare breach. France moves to bar kids from social media. Researchers warn about hidden risks in power regulation. An insider extortion plot locks admins out of hundreds of servers. Our guest Brandon Karpf, friend of the show, with insights on the war in Iran. Espresso exploit exposes executive emails.

A fake WhatsApp spreads spyware. The State Department pushes embassies to counter influence ops. Cisco patches critical bugs. CrystalRAT hits Telegram. A Texas hospital breach affects 250,000. HHS reshuffles IT oversight. China-linked spies target Europe. EvilTokens hijacks Microsoft accounts. Ransomware hits a North Dakota water plant. Sumedh Thakar, President and CEO of Qualys, discusses how cybersecurity is shifting toward managing real business risk. Tales of a tortoise's termination have been greatly exaggerated. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for

Iran’s cyber campaign continues. North Korea targets the axios NPM package. Cisco suffers a Trivy-related breach. Claude’s code leak unveils broad capabilities. The DOD’s zero-trust efforts are slow-going. A proposed class action suit accuses Perplexity of oversharing. Google patches another Chrome zero-day. The FBI warns against using foreign-developed mobile apps. Christy Wyatt, CEO from Absolute Security, discussing why cyber risk is now a business continuity problem. A city circulates cameras to cultivate crime control. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode?

Iranian-linked hackers warn of possible “irreparable” attacks on U.S. water systems. CISA pushes urgent fixes for a critical Citrix flaw. The Dutch Finance Ministry takes systems offline after a breach. Space Force may scrap next-gen GPS control software. Attackers exploit a Fortinet server bug. Lloyds exposes customer transaction data. AI and regulation reshape cyber careers. The FTC settles with a dating app over data sharing. Sam Rubin, SVP, Palo Alto Networks Unit 42 Consulting and Threat Intelligence, discusses Iran's shift to identity weaponization. Wikipedia wrestles with a wayward writer. Remember to

Please enjoy this encore of CISO Perspectives. In the season finale of CISOP, Kim Jones is joined by N2K’s own Ethan Cook to reflect on the conversations that shaped this season. Together, they revisit standout moments from Kim’s interviews, unpacking their significance and getting Ethan’s fresh perspective on the cybersecurity workforce challenge—as someone viewing the industry from the outside. Since the mid-season reflection, Kim has explored a wide range of workforce issues, including skills mapping, talent identification, and the evolving strategies needed to close cybersecurity’s talent gap. Learn more about your

Iran-linked hackers claim a breach of the FBI director’s personal email. ShinyHunters hit the European Commission. F5 and Citrix warn of actively exploited flaws. A WordPress plugin exposes hundreds of thousands of sites. Infinity Stealer targets macOS users. A Russian APT adopts a new iOS exploit kit. Treasury weighs a cyber insurance backstop. DHS clears suspended CISA staff. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing deepfake job hires and the new identity attack surface. Bureaucrats bless a black-box behemoth. Remember to leave us a 5-star rating

Please enjoy this encore of Career Notes. David Nosibor, Product Lead for SafeCyber at UL Solutions, started his career in a unique way by not letting himself be pigeonholed. Within his company, David was able to grow to the position he is in now and says that his position feels like a lot of roles tied into one. He says that on any given day he is tackling all sorts of elements, such as marketing, operations, working with the engineering team, figuring out ways to acquire customers, retain them, and also

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss the biggest breaches over the past 10 years. The foundational 2014 Sony hack kicks off our conversation, then Maria and Dave highlight: the 2015 OPM breach, which exposed sensitive security-clearance data and was attributed to long-term access by China amid outdated government systems and security 2017’s WannaCry and NotPetya's global disruption and Equifax's ongoing fallout the 2020 SolarWinds breach underscored supply-chain risks and raised concerns about potential personal criminal liability for CISOs. The

Omer Ninburg, CTO of Novee Security, joins us on this episode of Research Saturday to discuss their work on "From PDF to Pwn: Scalable 0day Discovery in PDF Engines and Services Using Multi-Agent LLMs." Historically, Portable Document Formats – the immutable, localized PDF – was once considered a “safe” component inside enterprise environments. That is no longer the case. To demonstrate how PDF services and engines can be exploited, the team at Novee used their proprietary, multi-agent LLM system to uncover vulnerability patterns, and systematically scale them into a broad discovery

CISA warns of actively exploited Langflow vulnerability. CISA flags critical PTC Windchill vulnerability. Phishing activity surges amid war in Iran. Google moves up their post-quantum timeline. Alleged RedLine infostealer developer faces thirty years in a US prison. Bearlyfy hacktivists launch disruptive ransomware campaign in Russia. FCC moves to crack down on robocallers and foreign call centers. Anti-piracy group takes down AnimePlay streaming platform. N2K’s Maria Varmazis and Dave Bittner are previewing the biggest breaches in the past 10 years. And what happens when hackers call the game? Remember to leave us

As the emphasis on improving cybersecurity has continued to grow, so has the number of vendors offering a range of cybersecurity services. However, despite the value many of these vendors bring, the relationship between vendors and clients has become strained. In this episode, Kim explores this relationship, offering his thoughts on this relationship and what both sides can do to better to improve this dynamic. Want more CISO Perspectives? Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and

RSAC wraps. CISA warns shutdown furloughs are weakening cyber defenses. China-linked actors burrow into global telecom infrastructure. Iran’s Pay2Key resurfaces. India probes suspected Pakistan-linked CCTV spying. Florida suspends a firm over offshore medical data exposure. Cisco patches fresh flaws. Russian police arrest the alleged LeakBase operator. Intern Kevin files his latest man-on-the street report. Google gets grabby with your homepage. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat.

The UK’s cyber security chief urges a “full court press” against threats. RSAC highlights. The U.S. State Department has launched a Bureau of Emerging Threats. The TeamPCP cybercriminal group targets an open source library. TP-Link patches multiple router vulnerabilities. A critical vulnerability hits Windchill and FlexPLM platforms. A phishing campaign impersonates Palo Alto Networks recruiters. Malicious Chrome extensions are harvesting users’ conversations with AI tools. Intern Kevin files his latest report from the RSAC show floor. Your “private” zoom call may already have a podcast deal. Remember to leave us a

RSAC spotlights public-private partnership gaps. DarkSword leaks to GitHub. The FCC blocks new foreign-made routers. Citrix patches a critical NetScaler flaw. DOE rolls out an energy-sector cyber strategy. CanisterWorm spreads through npm. Researchers flag suspected KACE SMA exploitation. QualDerm reports a 3.1-million-record breach. A Russian access broker gets 81 months. Intern Kevin checks in from RSAC. Maria Varmazis speaks with Jake Braun, longtime DEF CON organizer and former White House official about the DEF CON 33 Hackers' Almanack. Slow down, you vibe too fast. Remember to leave us a 5-star rating

Despite being adopted and prioritized by many organizations, cybersecurity still faces a significant challenge where leaders still cannot articulate their needs, and find and develop talent. Rather, organizations oftentimes follow the same strategy many others are utilizing, which involves poaching talent with enticing salaries. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Ed Vasko, the CEO at High Wire Networks, to discuss this approach and the impacts it is having on the cyber talent ecosystem. Throughout the conversation, Ed and Kim discuss their experience when assessing talent

The White House rolls out its AI legislative framework. The FBI warns Iranian actors are using Telegram for command and control, while Russian operators phish Signal users. Authorities dismantle a massive fake CSAM network, Tycoon 2FA rebounds after disruption, VoidStealer debuts a stealthy Chrome key-theft trick, QNAP patches Pwn2Own flaws, and CISA orders urgent fixes for a critical Cisco firewall bug. Plus, our Monday business breakdown. Brandon Karpf and Maria Varmazis ponder the practicality of orbital data centers. One radio to rule the range. Remember to leave us a 5-star rating

Please enjoy this encore of Career Notes. Roya Gordon, a Security Research Evangelist at ICS cybersecurity firm Nozomi Networks, started her career as an intelligence specialist in the U.S. Navy. After her time serving, Roya spent time as a Control Systems Cybersecurity Analyst at the Idaho National Laboratory and then took the role of Cyber Threat Intelligence Manager at Accenture. She shares her story after the NSA accepted her and then quickly diverted, creating a new path for Roya to follow. She shares the jobs she went after along the way,

In this special edition of CyberWire Daily’s 10th anniversary series, Maria Varmazis hosts a thoughtful and engaging conversation with N2K CyberWire CEO Peter Kilpe and CyberWire Daily host Dave Bittner, exploring the origin story of the podcast that started it all. From early ambitions to behind-the-scenes turning points, they trace how the show found its voice and evolved from a startup experiment into a trusted cornerstone of the cybersecurity community. Along the way, they share candid anecdotes, hard-earned lessons, and reflections on how both the industry and CyberWire Daily have transformed

Yuval Avrahami from Wiz joins to share their work on "CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild." Wiz Research uncovered “CodeBreach,” a critical supply chain vulnerability caused by a subtle misconfiguration in AWS CodeBuild pipelines that allowed attackers to take over key GitHub repositories, including the widely used AWS JavaScript SDK that powers the AWS Console. By exploiting an unanchored regex filter, unauthenticated attackers could trigger privileged builds, steal credentials, and potentially inject malicious code into software used across a majority of cloud environments.

Feds take down major IoT botnets. The FBI seizes hacktivist infrastructure. A data breach hits Kaplan, while a hacker claims access to millions of law enforcement tips. Fake Zoom calls deliver malware. A crypto “security” tool turns out to be spyware. A critical AI framework flaw gets exploited in hours. An insider extortion case ends in conviction. And a streaming scam pulls in over $10 million. A look back at ten years of Cyberwire podcasts. Intern Kevin gets ready for RSAC. A cyberattack leaves breathalyzers offline. Remember to leave us a

Even as cybersecurity has grown and become universially accepted, the field has continued to struggle when attempting to assess and aquire talent. Oftentimes, there is a disconnect between what organizations need and what they interview for leading vague job postings and ineffective hirings. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Jeff Welgan, the Chief Strategist and CEO at SkillRex, to discuss how we assess talent. Throughout the conversation, Jeff and Kim will discuss the problems associated with traditional workforce management and how modernizing this approach can

DarkSword targets iPhones for indiscriminate exploitation. Cybercrime and the Iran war. The FBI confirms purchasing commercially available location data. The DHS secretary nominee gets grilled on CISA funding. A Zimbra Collaboration Suite vulnerability is being used in targeted espionage. A new Android malware targets sensitive data stored in user notes. AWS warns of ongoing Interlock ransomware activity. Tracking pixels grab more than they should. Perry Carpenter and Mason Amadeus from The FAIK Files podcast speak with Hany Farid about the real-world harms of synthetic media. Do Boomers balance breaches better? Remember

Iran’s cyber ops stay resilient. U.S. lawmakers press Big Tech on EU rules. Researchers expose a Fancy Bear server. Japan moves toward offensive cyber. CISA calls for cross-agency teamwork. New malware targets network infrastructure. AI fooled by font-based attacks. Schneider Electric warns of critical flaws. Quantum cryptography earns top honors. Guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. Smart glasses on the witness stand. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our

The EU imposes sanctions after cyberattacks. DHS boosts surveillance spending. AI firms recruit weapons-risk experts. Stryker disruption, no patient impact. LeakNet leans on ClickFix. Sears chatbot data spills. A Chinese security firm leaks a private key. Tech giants team up on scams. Teens sue xAI over alleged AI-generated abuse. On today’s Threat Vector segment, David Moulton and guest Erica L. Shoemate, founder of The EN Strategy Group, explore how AI is fundamentally reshaping the security landscape. Cyber crooks cause a complimentary curbside convenience. Remember to leave us a 5-star rating and

In this mid-season episode, Kim takes a step back to reflect on the journey so far—revisiting key conversations, standout moments, and recurring themes that have shaped the season. During the episode, Kim sits down with N2K's own Ethan Cook to connect the dots across episodes, uncovering deeper patterns and takeaways. Whether you're catching up or tuning in weekly, this episode offers a thoughtful recap and fresh perspective on where we've been—and what's still to come. Learn more about your ad choices. Visit megaphone.fm/adchoices

Drone strikes hit a key chip supply chain. China-linked hackers target Southeast Asian militaries. Attackers race ahead with AI. ShinyHunters claim a massive Telus breach. Microsoft issues a hotpatch. Malware turns up on Steam. Fileless attacks grow. Airline miles become cybercrime currency. Monday business breakdown. Tim Starks from CyberScoop unpacks the Stryker attack and the nebulous nature of Iranian cyber activity. AI playmates puzzle preschoolers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and

Please enjoy this encore of Career Notes. Christian Lees, CTO at Resecurity, shares his story and insight on coming into the cybersecurity world. He considers himself a late bloomer because he did not go to college until he was 23. He wasn’t sure of what he wanted to do, and a family friend gave him a computer and the rest was history, he says. He fell in love with computers and started working at different companies trying to get ahead. He says it's not always textbook, and sometimes you just need

This week, we are joined by Or Eshed, Co-Founder and CEO from LayerX Security, discussing their work on "How We Discovered A Campaign of 16 Malicious Extensions Built to Steal ChatGPT Accounts." Researchers uncovered a coordinated campaign of 16 malicious browser extensions posing as ChatGPT productivity tools while secretly stealing user accounts. The extensions intercept ChatGPT session authentication tokens and send them to attacker-controlled servers, allowing threat actors to impersonate users and access their conversations, files, and connected services like Google Drive or Slack. The findings highlight how AI-focused browser extensions

Europol dismantles the SocksEscort proxy service. Cyber operations highlight imbalance in the war in Iran. Google rushes Chrome zero-day patches. Veeam fixes critical backup flaws. A former incident responder faces ransomware charges. Thomson Reuters staff push back on an ICE contract. Attackers abuse backup tools for data theft. CISA flags a critical n8n vulnerability. Maria Varmazis is joined by Jack R. Bialik, engineer and author, to discuss the hidden risks of a fully-digital society, and talk about his book "In Lost in Time: Our Forgotten and Vanishing Knowledge." A Phony photo

Show Notes: As cybersecurity has matured, the field has become more formalized within businesses with CISOs leading the way. However, despite the value of the CISO and its widespread adoption, the role has continued to lose agency with other board members. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Patty Ryan, the CISO at QuidelOrtho, to assess the value of the role. Throughout the conversation, Patty and Kim will discuss the challenges facing CISOs, why the role has lost its agency, and what can be done to

Iran threatens tech firms as hackers strike Stryker. The EU advances efforts toward digital sovereignty. A foreign hacker stumbles upon the FBI’s Epstein files. DOGE used ChatGPT to cull humanities grants. Meta claims increased efforts against scams. A Wisconsin ambulance provider discloses a data breach. CISA shortens the patch deadline for a critical SolarWinds vulnerability. We preview this year’s RSAC 2026 Innovation Sandbox with Cecilia Marinier and Paul Kocher. Dangerous digital diets miss the mark. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Greg Schlomer and Vlad Honyanyy to discuss new research on Jasper Sleet, a North Korean–aligned threat actor incorporating AI into active operations. The conversation examines how AI is being integrated across the attack lifecycle — from highly tailored phishing lures and fabricated job applicant personas to accelerating malware development and refining operational workflows. Rather than treating AI as a novelty, Jasper Sleet is using it to increase speed, scale, and adaptability while reducing many of the

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Greg Schlomer and Vlad H. to discuss new research on Jasper Sleet, a North Korean–aligned threat actor incorporating AI into active operations. The conversation examines how AI is being integrated across the attack lifecycle — from highly tailored phishing lures and fabricated job applicant personas to accelerating malware development and refining operational workflows. Rather than treating AI as a novelty, Jasper Sleet is using it to increase speed, scale, and adaptability while reducing many of the

Rudd takes the helm at NSA and Cyber Command. A watchdog probes alleged Social Security data mishandling. Patch Tuesday lands. Governments brace for cyber fallout from Iran. BeatBanker spreads via a fake Starlink app. InstallFix targets developers. ZombieZIP hides malware in archives. And DHS reassigns CBP officials in a FOIA secrecy dispute. Ben Yelin unpacks Anthropic’s lawsuit against the Pentagon. AI eyewear leads to awkward exposures. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing,

Russian hackers target Signal and WhatsApp. Permit scammers impersonate local officials. Anthropic sues over a Pentagon blacklist. The White House moves to restore fraud victims. ShinyHunters target Salesforce data. Ericsson reports a breach. macOS users face ClickFix malware. AWS credentials are phished. And CISA warns of an exploited Ivanti flaw. Our guest is Brian Baskin, Threat Researcher at Sublime Security, discussing tax season employee impersonation scams. Who fact-checks the fact-checkers? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily

Show Notes: Cybersecurity has continued to grow and mature as a field over the past decade which has given rise to numerous degree pathways across dozens of collegiate institutions; however, the value of these degrees has continued to be a topic of debate. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Dr. Lara Ferry, the Vice President of Research at Arizona State University, to explore higher education's role in cyber. Throughout the conversation, Lara and Kim will discuss the challenges facing degree programs, the disconnects between organizations

Israel claims a strike on Iran’s cyber warfare headquarters. The Trump administration releases a new national cyber strategy. DHS shakes up its IT and cybersecurity leadership. Velvet Tempest uses ClickFix to drop loaders and RATs. Researchers uncover a Linux cryptocurrency clipboard hijacker. The DOJ brings a Ghanaian romance scammer to justice. Online advertising enables government tracking. Monday business breakdown. Our guest is Jon France, CISO from ISC2, sharing some insights and findings from their 2025 ISC2 Cybersecurity Workforce Study. An Apple II app gets audited by AI. Remember to leave us

In this special Reporter’s Notebook, Maria Varmazis⁠⁠⁠⁠, host here at N2K CyberWire, takes listeners behind the scenes of our three-part series on Cyber Coalition 2025 in Tallinn, Estonia. After exploring real-time incident response, cross-border coordination, and the broader stakes of collective cyber defense, this episode offers a more personal, behind-the-scenes look at how the reporting came together. Hosted by the NATO Cooperative Cyber Defense Centre of Excellence, the exercise brought together allied military, government, and industry teams inside NATO’s secure cyber range. Here, Maria reflects on moments that didn’t make the

Please enjoy this encore of Career Notes. Anna Belak, Director of Thought Leadership at Sysdig, shares her story from physics to cyber. Anna explains how she went into college with the thinking of getting a physics degree and then for her PhD decided to switch to material science and engineering. Both were not something she enjoyed and ultimately decided to go into cyber. She shares some advice on how you should never limit yourself to your degree, as well as always learning new skills and honing in on skills you already

This week we are joined by Marcelle Lee, cybersecurity consultant and researcher, discussing "CTI tradecraft: Investigating a mobile scareware campaign." She details how a routine click on a Google News story led to a mobile scareware pop-up—and a deeper investigation into a broader campaign. Using free tools like Censys, URLScan, VirusTotal, and CyberChef, she pivoted from two domains to uncover more than 100 related domains, shared infrastructure, and links to questionable antivirus apps in the Google Play Store. The findings are mapped to the MITRE ATT&CK framework, showing how freely available

Iran’s MuddyWater breaches multiple U.S. organizations. The FBI probes a breach of wiretap management systems. A China-linked threat actor targets South American telecoms. Cisco patches critical firewall flaws. CISA flags actively exploited bugs in Hikvision cameras and Rockwell industrial systems. A House committee advances the controversial KIDS online safety bill. The FBI arrests a suspect accused of stealing millions in seized crypto from the U.S. Marshals Service. Ben Yelin and Ethan Cook unpack the dispute between Anthropic and the Pentagon. Wikimedia worm wreaks widespread wiki woes. Remember to leave us a

Show Notes: As the cybersecurity industry has grown, the field has struggled to answer the question: do certifications matter? In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with N2K's own, ⁠Simone Petrella, to answer this question and discuss why the value of certifications continue to be debated. Throughout the conversation, Simone and Kim will discuss the challenges associated with certifications, and how the industry can adjust the ways it sees and utilizes them. Got cybersecurity, IT, or project management certification goals? For the past 25 years, N2K's practice

Unit 42 is tracking more than 60 active hacktivist groups and Iran-linked threat actors right now. What are they actually doing, what should you believe, and what should you do about it? In this episode of Threat Vector, David Moulton sits down with Justin Moore, Senior Manager of Threat Intelligence Research at Unit 42, and Andy Piazza, Senior Director of Threat Intelligence at Unit 42, to walk through the Unit 42 Iran Threat Brief and what the observed activity means for defenders. You'll learn: - What Unit 42 is actually observing

Hacktivist activity surges in the Middle East. Defense tech firms distance themselves from Claude. International law enforcement take down the Leakbase cybercrime forum. A pair of Cisco SD-WAN vulnerabilities are under active exploitation. Google releases an urgent Chrome security update. Age-verification is put under the microscope. TikTok is leaving end-to-end encryption out of your DMs. Our guest is Daniel Barbu, Director of EMEA Security from Adobe, discussing fostering a human‑centered, enablement‑driven, and collaborative approach to AI. Clever code catches cardiac clues. Remember to leave us a 5-star rating and review in

A suspected U.S. exploit kit shows up in global iOS attacks. Facebook goes down briefly worldwide. A critical help-desk flaw enables remote code execution. Juniper PTX routers face a major bug. LastPass warns of phishing. Telegram becomes a cybercrime marketplace. Healthcare groups fight relaxed IT rules. A stolen Gemini API key runs up massive bills. CISA’s CIO departs. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing how AI is reshaping social engineering. The problem of posthumous profiles. CyberWire Guest Today on our Industry Voices segment we are

GPS jamming hits the Strait of Hormuz. An Iran linked threat actor uses AI to target Iraqi government officials. Hacktivists leak thousands of DHS contract records. A Hawaii cancer center suffers a data breach. Google patches over a hundred Android vulnerabilities. A new report tallies the scale of third party breaches. An MS-Agent AI framework flaw allows full system compromise. On today's Threat Vector segment, Evan Gordenker, Director of AI Security and DPRK Operations at Unit 42, joins David Moulton to unpack North Korea’s hiring scams. Tire tech turns tattletale. Remember

Show Notes: As cybersecurity matures, one area still lags: diversity. In this thought-provoking episode of CISO Perspectives, host Kim Jones takes the mic solo to address a topic that remains both critical and controversial. Kim explores the current state of diversity in the cybersecurity field, why progress has been slow, and how inclusive teams drive greater innovation and resilience. Tune in for an honest conversation that challenges the status quo and pushes the industry forward. Want more CISO Perspectives?: Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook,

Cyberwar shadows the US Israel attack on Iran. Hackers hijack Pakistani news broadcasts. President Trump orders all federal agencies to stop using AI technology from Anthropic. The Health Care Cybersecurity and Resiliency Act clears a hurdle. A new RAT streamlines double extortion attacks against Windows systems. CISA updates warnings on a zero-day targeting Ivanti Connect Secure devices. A North Korea-linked group targets air-gapped systems. Monday business breakdown. On our Afternoon Cyber Tea segment from Microsoft Security, host Ann Johnson speaks with Rob Suárez, Vice President and Chief Information Security Officer at

In the final installment of our three-part series on ⁠Cyber Coalition 2025⁠⁠, ⁠⁠Maria Varmazis⁠⁠⁠, host here at N2K CyberWire, and ⁠⁠⁠Liz Stokes, CyberWire Producer, step back from the cyber range to reflect on what their time in Tallinn really meant. This episode moves beyond the mechanics of the exercise and into the broader stakes of collective cyber defense in an increasingly uncertain geopolitical moment. Recorded two months after their visit, the conversation blends field tape and personal reflections — from standing outside the Russian Embassy in Old Town to recalling the

Please enjoy this encore of Career Notes. Larry Cashdollar, Principal Security Intelligence Response Engineer at Akamai Technologies, sits down with Dave Bittner to discuss his life leading up to working at Akamai. He shares his story from his beginnings to now, describing what college life was like as a young computer enthusiast. He says "If you look at my 1986 yearbook, I think it was my sixth grade class, it says computer scientist for my career path. So I had a love of computers when I was really young. I guess

This week we are joined by Dr. Renée Burton, Vice President of Infoblox Threat Intel, discussing "Parked Domains and Direct Search: An Underreported Security Risk." Parked domains are no longer harmless ad pages — new research finds that in today’s “direct search” or zero-click parking ecosystem, more than 90% of visits to certain parked lookalike domains lead to scams, malware, or deceptive content, often hidden behind layers of traffic distribution systems and device fingerprinting. The report details three previously unpublished domain portfolio actors who weaponize typosquatting, DNS manipulation — including rare

CISA’s acting director exits. Trump’s pick to lead the NSA hits Senate headwinds. The Pentagon pressures Anthropic over AI guardrails. A new WiFi attack sidesteps encryption. CISA flags flaws in EV chargers. Juniper patches a critical router bug. ManoMano discloses a massive breach. Europol cracks down on The Com. Greece delivers verdicts in Predatorgate. An alleged carding kingpin lands in U.S. custody. Jeff Williams, Founder of OWASP and Co-Founder/CTO of Contrast Security, shares how NIST is rethinking its role in analyzing software vulnerabilities as EU launches GCVE. Meta’s mischievous monocles meet

Five Eyes flags active exploitation of Cisco SD-WAN flaws. Ransomware incidents surge, but fewer victims are paying. The FTC eases its stance on COPPA to encourage age verification. Authorities in Poland and Germany charge 11 in a Facebook credential harvesting scheme. Top UK news outlets unite on AI licensing standards, as the UK touts gains in cyber resilience. Researchers say a hacker abused Anthropic’s Claude to breach Mexican government networks. Gamers revolt over AI in game development. On our Industry Voices, we are joined by Linda Gray Martin, Chief of Staff

Trump tells diplomats to fight digital sovereignty. DeepSeek allegedly trains on banned Nvidia chips. Google knocks out Gallium. Hackers tamper with patient records in New Zealand. Popular mental health apps leak risk. Wynn confirms a ShinyHunters breach. Telecoms dodge New York cyber rules. Russia targets Telegram’s founder. And a defense insider heads to prison for selling cyber weapons to Moscow. Andrew Dunbar, CISO of Shopify, discusses how identity and trust become the new perimeter and how commerce needs both. Barking backlash brews beneath big-game broadcast. Remember to leave us a 5-star

SolarWinds patches four critical remote code execution vulnerabilities. A ransomware attack on Conduant puts the data of over 25 million Americans at risk. RoguePilot enables Github repository takeovers. ZeroDayRat targets Android and iOS devices. North Korea’s Lazarus group deploy Medusa ransomware against organizations in the U.S. and the Middle East. Attackers’ breakout times drop to under half an hour. CISA maintains its mission despite staffing challenges. Russian satellites draw fresh scrutiny. Two South Korean teenagers are charged with breaching Seoul’s public bike service. Krishna Sai, CTO at SolarWinds, discusses why leaders

A senior FBI cyber official warns Salt Typhoon remains an ongoing threat. Data protection authorities issue a joint statement raising serious concerns about AI image creation. A Japanese semiconductor equipment maker confirms a ransomware attack. New number formats seek to reduce AI overhead. A low-skilled Russian-speaking threat actor compromised more than 600 Fortinet FortiGate firewalls. Spanish authorities have arrested four alleged members of Anonymous. CISA tags a pair of Roundcube Webmail flaws. Cybersecurity stocks fell sharply on news of a new security feature in Claude AI. Monday business breakdown. Brandon Karpf,

In this second installment of our three-part series on ⁠⁠Cyber Coalition 2025⁠⁠, ⁠⁠Maria Varmazis⁠⁠⁠, host of ⁠⁠⁠T-Minus⁠⁠⁠ Space Daily and CyberWire Producer ⁠⁠⁠Liz Stokes,⁠⁠ take listeners inside a single day at NATO’s cyber headquarters in Tallinn, Estonia — focusing on the human side of cyber defense. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence and led by NATO Allied Command Transformation, Cyber Coalition is a defensive-only exercise built around collaboration, coordination, and information sharing across allied nations. This episode highlights how that plays out in practice, from legal teams

Please enjoy this encore of Career Notes. Mary Writz, Vice President of Product Strategy at ForgeRock, shares how each career path she has taken has led her to where she is now. Mary describes how she has been a woman working in a male dominated field for most of her career and how she had to take charge, and she had to get the men to take charge with her. She says "I was often leading people, mostly men older than me, potentially smarter than me, more well paid than me.

Today we have Tomer Bar, VP of Security Research at SafeBreach Labs, discussing their work on "Prince of Persia: A Decade of Iranian Nation-State APT Campaign Activity under the Microscope". In this first installment of SafeBreach’s deep dive into the Iranian-linked APT known as “Prince of Persia,” originally exposed by Palo Alto Networks Unit 42, researchers reveal that the group never truly went dark after 2022—but instead evolved. Led by Tomer, the investigation uncovers new variants of Foudre and Tonnerre malware, expanded campaign scale, active C2 infrastructure through late 2025, and

Dutch authorities warn Russia is escalating hybrid operations across Europe. Ransomware shuts down the University of Mississippi Medical Center. PayPal notifies customers of a data breach. The FBI says ATM jackpotting is on the rise. An FBI confidential informant had a hand in online fentanyl sales. TrustConnect malware masquerades as a legitimate remote monitoring and management tool. Researchers uncover the first Android malware to integrate generative AI. A critical zero-day hits Grandstream VOIP phones. The IRS slashes IT staff and technology executives. Our guest is James Turgal, a 22-year FBI vet

Starkiller represents a significant escalation in phishing infrastructure. A blockchain lender breach affects nearly a million users. The Kimwolf botnet disrupts a peer-to-peer privacy network. Researchers identifiy vulnerabilities in widely used Visual Studio Code extensions. DEF CON bans three men named in the Epstein files. Texas sues TP-Link over supply chain security. Experts question the impact of cyber versus kinetic damage in Venezuela. African law enforcement arrest hundreds of suspected scammers. Tim Starks from CyberScoop explains CISA’s upcoming town hall meetings over ICS reporting rules. Warsaw walls off Wi-Fi-wired wheels. Remember

A China-linked group exploits a critical Dell zero-day for 18 months. A Microsoft 365 Copilot bug risks sensitive email oversharing. A new Linux botnet leans on old-school IRC for command and control. Switzerland tightens critical infrastructure rules with mandatory cyber reporting. AstarionRAT emerges as a custom post-exploitation implant. Researchers find serious flaws in popular PDF platforms. A suspected Iranian-aligned campaign targets protest supporters. Notepad++ rolls out a “double-lock” update fix. And a Spanish court orders NordVPN and ProtonVPN to block illegal football streams. Our guest is Keith Mularski, Former FBI Special

The government shutdown leaves CISA at reduced capacity. Ransomware and misconfigured AI threaten cyber-physical infrastructure. Operation DoppelBrand targets Fortune 500 financial and technology firms. Researchers uncover infostealers targeting OpenClaw AI. Identity-based attacks accounted for nearly two-thirds of initial intrusions last year. Researchers compromise popular cloud-based password managers. Authorities have arrested a man suspected of links to Phobos ransomware. Monday business breakdown. On Threat Vector, host David Moulton talks with Steve Elovitz about the 750 major breaches his team analyzed in a single year. Digital detour delivers a Dutchman to detention. Remember

In this three-part series, ⁠Maria Varmazis⁠, host of ⁠T-Minus⁠ Space Daily and CyberWire Producer ⁠Liz Stokes⁠, take you inside NATO’s flagship cyber defense exercise, ⁠Cyber Coalition 2025⁠. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia, the exercise brings together military, government, and industry teams from across the alliance to respond to realistic, high-pressure cyberattack scenarios targeting critical infrastructure and operational networks. Throughout the series, Maria and Liz will guide you through what they witnessed on the ground — from real-time threat detection and incident response to

Please enjoy this encore of Career Notes. Mike Arrowsmith, Chief Trust Officer at NinjaOne, leads the organization’s IT, security, and support infrastructure to ensure they meet customers’ security and data privacy demands as it scales. Mike discusses how his career path has led him to the position he currently holds and how exciting the world of cybersecurity can be. He mentioned how he mentored students in college thinking of going into the field, and he used a metaphor to help describe the industry, saying "We are working against adversaries that are

Today we have Ziv Mador, VP of Security Research from LevelBlue SpiderLabs discussing their work on "SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp." Researchers at LevelBlue SpiderLabs have identified a new Brazilian banking Trojan dubbed Eternidade Stealer, spread through WhatsApp hijacking and social engineering campaigns that use a Python-based worm to steal contacts and distribute malicious MSI installers. The Delphi-compiled malware targets Brazilian victims, profiles infected systems, dynamically retrieves its command-and-control server via IMAP email, and deploys banking overlays to harvest credentials from financial institutions and cryptocurrency platforms. The campaign

Global leaders call for collaboration at the Munich Cyber Security Conference. Phishing campaigns exploit fake video conference invitations. Italian authorities say cyber attacks on the Winter Olympics have met overall mitigation. AI reshapes the economics of ransomware attacks. CISA tags a critical Microsoft Configuration Manager vulnerability. Foxveil is a new malware loader targeting legitimate platforms. Researchers examine macOS infostealers. California fines Disney $2.75 million for violating the Consumer Privacy Act. Maria Varmazis, host of T-Minus space daily and CyberWire Producer Liz Stokes preview their coverage of the NATO Cyber Coalition 2025

Malicious Chrome extensions pose as AI tools. Google says nation-states are increasingly abusing its Gemini artificial intelligence tool. Data extortion group World Leaks deploys a new malware tool called RustyRocket. An Atlanta healthcare provider data breach affects over 625,000. Apple patches an iOS zero-day that’s been around since version 1.0. A government shutdown would furlough more than half of CISA’s staff. Dutch police arrest the alleged seller of the JokerOTP phishing automation service. Our guest is Simon Horswell, Senior Fraud Specialist at Entrust, discussing evolving romance scams for Valentine's Day. Fun

Patch Tuesday. Preliminary findings from the European Commission come down on TikTok. Switzerland’s military cancels its contract with Palantir. Social engineering leads to payroll fraud. Google hands over extensive personal data on a British student activist. Researchers unearth a global espionage operation called “The Shadow Campaigns.” Notepad’s newest features could lead to remote code execution. Our guest is Hazel Cerra, Resident Agent in Charge of the Atlantic City Office for the United States Secret Service. Ring says it’s all about dogs, but critics hear the whistle. Remember to leave us a

ZeroDayRAT delivers full mobile compromise on Android and iOS. The UK warns infrastructure operators to act now as severe cyber threats mount. Russia moves to block Telegram. The FTC draws a line on data sales to foreign adversaries. Researchers unpack DeadVax, a stealthy new malware campaign, while an old-school Linux botnet resurfaces. BeyondTrust fixes a critical flaw. And in AI, are we moving too fast? One mild training prompt may be enough to knock down safety guardrails. Our guest is Omer Akgul, Researcher at RSA Conference, discussing his work on "The

Please enjoy this encore of CISO Perspectives. In the season finale of CISOP, Kim Jones is joined by N2K’s own Ethan Cook to reflect on the conversations that shaped this season. Together, they revisit standout moments from Kim’s interviews, unpacking their significance and getting Ethan’s fresh perspective on the cybersecurity workforce challenge—as someone viewing the industry from the outside. Since the mid-season reflection, Kim has explored a wide range of workforce issues, including skills mapping, talent identification, and the evolving strategies needed to close cybersecurity’s talent gap. Survey: We want to

Ivanti zero-days trigger emergency warnings around the globe. Singapore blames a China-linked spy crew for hitting all four major telcos. DHS opens a privacy probe into ICE surveillance. Researchers flag a zero-click RCE lurking in LLM workflows. Ransomware knocks local government payment systems offline in Florida and Texas. Chrome extensions get nosy with your URLs. BeyondTrust scrambles to patch a critical RCE. A Polish data breach suspect is caught eight years later. It’s the Monday Business Breakdown. Ben Yelin gives us the 101 on subpoenas. And federal prosecutors say two Connecticut

Simone Petrella, CEO of cybersecurity training workforce firm CyberVista, spent her career in the Department of Defense as a threat intelligence analyst before founding CyberVista. She says that running a company has a new set of challenges each day thrown at you. She explains that the way she finds the most success is by letting her team contribute to each matter, and having a say in the decisions made as they pertain to each department. Simone says "I would say is I am a firm firm believer in the idea of

Piotr Wojtyla, Head of Threat Intel and Platform at Abnormal AI, is discussing their work on "InboxPrime AI: New Phishing Kit Fueling Scalable, AI-Powered Cybercrime." A new AI-powered phishing kit called InboxPrime AI is rapidly gaining traction in underground forums, automating the creation and delivery of highly believable phishing emails that mimic legitimate business communications and leverage Gmail’s web interface to evade detection. First spotted in October 2025, the kit combines AI-generated content, template variation, sender identity spoofing, and built-in spam checks to maximize inbox placement and dramatically lower the barrier

CISA cracks down on aging edge devices. Congress looks to sure up energy sector security. DHS facial recognition software may fall short. Romania’s national oil pipeline operator suffers a cyberattack. The European Commission may fine TikTok for being addictive. DKnife is a China-linked threat actor operating a long-running adversary-in-the-middle framework. Researchers say OpenClaw is being abused at scale. Our guest is Mike Carr, Field CTO at Xona, talking about how Italy should be thinking about protecting the 2026 Winter Olympics. A BASE jumper attempts a daring AI alibi. Remember to leave

Cyber weapons knock out Iranian air defenses during strikes on nuclear sites. ShinyHunters dump more than a million stolen records from Harvard and Penn. Betterment confirms a breach exposing data from roughly 1.4 million accounts. Researchers uncover a sprawling scam network impersonating law firms. Italy blocks cyberattacks aimed at Olympics infrastructure. Critical bugs put n8n and Google Looker servers at risk of full takeover. A state-backed Shadow Campaign hits governments worldwide. OpenClaw shows how AI-powered attacks are becoming faster, cheaper, and harder to stop. Our guest is Tony Scott, CEO of

The White House preps a major overhaul of U.S. cybersecurity policy. A key Commerce security office loses staff as regulatory guardrails weaken. Lawmakers Press AT&T and Verizon after months of silence on Salt Typhoon. A vulnerability in the React Native Metro development server is under active exploitation. Amaranth Dragon leverages a WinRAR flaw. A coordinated reconnaissance campaign targets Citrix NetScaler infrastructure. CISA warns a SolarWinds Web Help Desk flaw is under active exploitation. Zach Edwards, Senior Threat Researcher at Silent Push, is discussing a hole in the kill chain leaving law

French police raid X’s Paris offices. The Feds take over $400 million from a dark web cryptocurrency mixer. The NSA says zero-trust goes beyond authentication. Researchers warn of a multi-stage phishing campaign targeting Dropbox credentials. A new GlassWorn campaign targets macOS developers. Critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile are under active exploitation. Researchers disclose a major data exposure on Moltbook, a social network built for AI agents. States bridge the gaps in election security. Nitrogen ransomware has a fatal flaw that permanently destroys data. Supersize your passwords — you

Please enjoy this encore of CISO Perspectives. In this mid-season episode, Kim takes a step back to reflect on the journey so far—revisiting key conversations, standout moments, and recurring themes that have shaped the season. During the episode, Kim sits down with N2K's own Ethan Cook to connect the dots across episodes, uncovering deeper patterns and takeaways. Whether you're catching up or tuning in weekly, this episode offers a thoughtful recap and fresh perspective on where we've been—and what's still to come. Learn more about your ad choices. Visit megaphone.fm/adchoices

Poland says weak security left parts of its power grid exposed. A Russian-linked hacker alliance threatens Denmark with a promised cyber offensive. Fancy Bear moves fast on a new Microsoft Office flaw, hitting Ukrainian and EU targets. Researchers find a sprawling supply chain attack buried in the ClawdBot AI ecosystem. A new report looks at how threats are shaping the work of journalists and security researchers. A stealthy Windows malware campaign blends Pulsar RAT with Stealerv37. A former Google engineer is convicted of stealing AI trade secrets for China. The latest

Please enjoy this encore of Career Notes. Richard Melick, Director of Threat Reporting for Zimperium, talks about his journey, from working in the military to moving up to the big screens. He shares that he's been in the business of solving unique cybersecurity problems for so long that he has found his own path that works very well for him. He says, "if I go to a unique problem and try to solve it, I find that I'm solving it the same way that I would've solved it five years ago,

A popular chatbot exposes millions of private user messages. The White House rescinds Biden-era federal software security guidance. A senior Secret Service official urges more scrutiny of domain registration. The President’s NSA pick champions section 702. France looks to reduce reliance on U.S. digital infrastructure. CISA shares guidance on insider threats. Hugging Face infrastructure was abused to distribute an Android RAT. Ivanti discloses a pair of critical zero-days. Popular dating sites suffer a data breach. Our guest is Tim Starks from CyberScoop, discussing how the US looks to push its view

Google dismantles a huge residential proxy network. Did the FBI take down the notorious RAMP cybercrime forum? A long running North Korea backed cyber operation has splintered into three specialized threat groups. U.S. military cyber operators carried out a covert operation to disrupt Russian troll networks ahead of the 2024 elections. Phishing campaigns target journalists using the Signal app. SolarWinds patches vulnerabilities in its Web Help Desk product. Amazon found CSAM in its AI training data. Initial access brokers switch up their preferred bot. China executes scam center kingpins. Our guest

CISA’s interim director uploaded sensitive government material into the public version of ChatGPT. The cyberattack on Poland’s power grid compromised roughly 30 energy facilities. The EU and India sign a new partnership that includes expanded cyber cooperation. Meta rolls out enhanced WhatsApp security features. Researchers uncover a campaign targeting LLM service endpoints. Fortinet and OpenSSL patch multiple vulnerabilities. A high-severity WinRAR vulnerability continues to see widespread exploitation six months after it was patched. The SoundCloud data breach affected nearly 30 million users. Ben Yelin explains the California lawsuit accusing social media

Microsoft rushes an emergency fix for an actively exploited Office zero-day. A suspected cyberattack halts rail service in Spain. The FBI probes Signal chats in Minnesota. The UK moves to overhaul policing for the cyber age. Romania investigates a hitman-for-hire site. A UK court awards $4.1 million in a Saudi spyware case. Google agrees to a voice assistant settlement. CISA maps post-quantum crypto readiness. Prosecutors charge an Illinois man over a Snapchat hacking scheme targeting hundreds of women. Our guest today is Cynthia Kaiser, SVP of the Ransomware Research Center at

Please enjoy this encore of CISO Perspectives. We're sharing a episode from another N2K show we thought you might like. It's the third episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy! Show Notes: While the cybersecurity industry has expanded and grown in recent years, newcomers still struggle to gain relevant "experience" before officially beginning their cyber careers. In this episode of CISO Perspectives, host Kim Jones sits down with Kathleen Smith, the Chief Outreach Officer at clearedjobs.net and the co-host of Security Cleared Jobs: Who’s

Microsoft granted the FBI access to laptops encrypted with BitLocker. The EU opens an investigation into Grok’s creation of sexually explicit images. Glimmers of access pierce Iran’s internet blackout. Koi Security warns npm fixes fall short against PackageGate exploits. Some Windows 11 devices fail to boot after installing the January Patch Tuesday updates. CISA warns of active exploitation of multiple vulnerabilities across widely used enterprise and developer software. ESET researchers have attributed the cyberattack on Poland’s energy sector to Russia’s Sandworm. This week's business breakdown. Brandon Karpf joins us to talk

Please enjoy this encore of Career Notes. Lauren Van Wazer, Vice President, Global Public Policy and Regulatory Affairs for Akamai Technologies, shares her story as she followed her own North Star and landed where she is today. She describes her career path, highlighting how she went from working at AT&T to being able to work in the White House. She shares how she is a coach and a leader to the team she works with now, saying "my view is I've got their back, if they make a mistake, it's my

Today we have Andrew Northern, Principal Security Researcher at Censys, discussing "From Evasion to Evidence: Exploiting the Funneling Behavior of Injects". This research explains how modern web malware campaigns use multi-stage JavaScript injections, redirects, and fake CAPTCHAs to selectively deliver payloads and evade detection. It shows that these attack chains rely on stable redirect and traffic-distribution chokepoints that can be monitored at scale. Using the SmartApe campaign as a case study, the report demonstrates how defenders can turn those chokepoints into high-confidence detection and tracking opportunities. The research can be found

At long last, a TikTok deal. Officials urge lawmakers to keep an eye on the quantum ball. Fortinet confirms active exploitation of a critical authentication bypass flaw. Ireland plans to authorize spyware for law enforcement. Okta warns customers of sophisticated vishing kits. Under Armour investigates data breach claims. CISA adds a Zimbra Collaboration Suite flaw to the known exploited vulnerabilities list. Poor OpSec enables recovery of data stolen by the INC ransomware gang. The DOJ deports a pair of Venezuelans convicted of ATM jackpotting. Our guest is Chris Nyhuis, Founder and

CISA’s acting director assures Congress the agency has “stabilized”. Google and Cisco patch critical vulnerabilities. Fortinet firewalls are being hit by automated attacks that create rogue accounts. A global spam campaign leverages unsecured Zendesk support systems. LastPass warns of attempted account takeovers. Greek authorities make arrests in a sophisticated fake cell tower scam. Executives at Davos express concerns over AI. Pwn2Own Automotive proves profitable. Our guest is Kaushik Devireddy, AI data scientist at Fable Security, with insights on a fake ChatGPT installer. New password, same as the old password. Remember to

DOGE staff face scrutiny over possible Hatch Act violations. GitLab fixes a serious 2FA bypass. North Korean hackers target macOS developers through Visual Studio Code. Researchers say the VoidLink malware may be largely AI-built. MITRE rolls out a new embedded systems threat matrix. Oracle drops a massive patch update. Minnesota DHS reports a breach affecting 300,000 people. Germany looks to Israel for cyber defense lessons. A major illicit marketplace goes dark. Our guest is Ashley Jess, Senior Intelligence Analyst from Intel 471, with a “crash course” on underground cyber markets. And

Authorities pursue Black Basta. British authorities launch a new national service to fight fraud and cybercrime. LinkedIn private messages get infected with RATs. Researchers uncover a new malicious extension that intentionally crashes the browser. Ingram Micro discloses a ransomware-related data breach. A Jordanian man pleads guilty to selling stolen access to corporate networks. Business Breakdown. Tim Starks from CyberScoop discusses Sean Plankey's renomination to lead CISA. Grave oversight in the funeral biz. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for

Please enjoy this encore of CISO Perspectives. We're sharing a episode from another N2K show we thought you might like. It's the second episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy! Show Notes: Cybersecurity has an identity problem where the industry as a whole is struggling to determine whether it is a trade or a profession. In this episode of CISO Perspectives, host Kim Jones sits down with Larry Whiteside Jr., the Chief Advisory Officer for The CISO Society, to discuss this identity crisis and