CyberWire Daily

This week we are joined by Dr. Renée Burton, Vice President of Infoblox Threat Intel, discussing "Parked Domains and Direct Search: An Underreported Security Risk." Parked domains are no longer harmless ad pages — new research finds that in today’s “direct search” or zero-click parking ecosystem, more than 90% of visits to certain parked lookalike domains lead to scams, malware, or deceptive content, often hidden behind layers of traffic distribution systems and device fingerprinting.

The report details three previously unpublished domain portfolio actors who weaponize typosquatting, DNS manipulation — including rare “double fast flux” techniques highlighted in a 2025 advisory from Cybersecurity and Infrastructure Security Agency — and even misconfigured name server records to evade detection and funnel real users toward malicious advertisers. Beyond malvertising, some parked lookalike domains collect misdirected email, fuel business email compromise, and exploit outdated links — including those surfaced by generative AI — underscoring how a simple typo can expose users and enterprises to significant risk.

The research can be found here:

Parked Domains Become Weapons with Direct Search Advertising

Learn more about your ad choices. Visit megaphone.fm/adchoices

CISA’s acting director exits. Trump’s pick to lead the NSA hits Senate headwinds. The Pentagon pressures Anthropic over AI guardrails. A new WiFi attack sidesteps encryption. CISA flags flaws in EV chargers. Juniper patches a critical router bug. ManoMano discloses a massive breach. Europol cracks down on The Com. Greece delivers verdicts in Predatorgate. An alleged carding kingpin lands in U.S. custody. Jeff Williams, Founder of OWASP and Co-Founder/CTO of Contrast Security, shares how NIST is rethinking its role in analyzing software vulnerabilities as EU launches GCVE. Meta’s mischievous monocles meet their match. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we have Jeff Williams, Founder of OWASP and Co-Founder/CTO of Contrast Security, sharing how NIST is rethinking its role in analyzing software vulnerabilities as EU launches GCVE. If you enjoyed this conversation, you can hear the full interview over on the Caveat podcast.

Selected Reading

Gottumukkala out, Andersen in as acting CISA director (CyberScoop)

Senator seeks to block Trump’s NSA pick, citing civil liberties concerns (The Washington Post)

Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline (SecurityWeek)

New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises (Ars Technica)

Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation (Beyond Machines)

Juniper Networks PTX Routers Affected by Critical Vulnerability (SecurityWeek)

38 Million Allegedly Impacted by ManoMano Data Breach (SecurityWeek)

‘Project Compass’ Cracks Down on ‘The Com’: 30 Members Arrested (Infosecurity Magazine)

Greek court sentences Predator spyware gang (POLITICO)

Chilean Carding Shop Operator Extradited to US (SecurityWeek)

This App Warns You if Someone Is Wearing Smart Glasses Nearby  (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Five Eyes flags active exploitation of Cisco SD-WAN flaws. Ransomware incidents surge, but fewer victims are paying. The FTC eases its stance on COPPA to encourage age verification. Authorities in Poland and Germany charge 11 in a Facebook credential harvesting scheme. Top UK news outlets unite on AI licensing standards, as the UK touts gains in cyber resilience. Researchers say a hacker abused Anthropic’s Claude to breach Mexican government networks. Gamers revolt over AI in game development. On our Industry Voices, we are joined by Linda Gray Martin, Chief of Staff and SVP, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2026. In Moscow, a man is accused of impersonating an FSB officer to shake down the Conti ransomware gang. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today on our Industry Voices, we are joined by Linda Gray Martin, Chief of Staff and SVP, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2026.

Selected Reading

Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning (TechNadu)

Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis (The Record)

FTC Softens Enforcement of Rule Protecting Children Online, Ostensibly to Protect Children Online (Gizmodo)

Poland Cybercrime Unit Uncovers Scheme Stealing 100,000 Facebook Logins (The 420)

UK news giants form 'NATO for news' group to control AI scraping (Press Gazette)

Government cuts cyber-attack fix times by 84% and launches new profession to protect public services (GOV.UK)

Hacker Used Anthropic’s Claude to Steal Sensitive Mexican Data (Bloomberg)

AI Mistakes Are Infuriating Gamers as Developers Seek Savings (Bloomberg)

Moscow man accused of posing as FSB officer to extort Conti ransomware gang (The Record)

AIs can’t stop recommending nuclear strikes in war game simulations (New Scientist)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Trump tells diplomats to fight digital sovereignty. DeepSeek allegedly trains on banned Nvidia chips. Google knocks out Gallium. Hackers tamper with patient records in New Zealand. Popular mental health apps leak risk. Wynn confirms a ShinyHunters breach. Telecoms dodge New York cyber rules. Russia targets Telegram’s founder. And a defense insider heads to prison for selling cyber weapons to Moscow. Andrew Dunbar, CISO of Shopify, discusses how identity and trust become the new perimeter and how commerce needs both. Barking backlash brews beneath big-game broadcast.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Andrew Dunbar, CISO of Shopify, to discuss how identity and trust become the new perimeter and how commerce needs both to be engineered into the platform.

Selected Reading

Exclusive: US orders diplomats to fight data sovereignty initiatives (Reuters)

Exclusive: China's DeepSeek trained AI model on Nvidia's best chip despite US ban, official says (Reuters)

Google disrupts Chinese-linked hackers that attacked 53 groups globally (Reuters)

Patient data changed as major NZ health app MediMap hacked (RNZ News)

Android mental health apps with 14.7M installs filled with security flaws (Bleeping Computer)

Wynn Resorts Confirms Cyberattack & Extortion Threat, Claims Data Deleted (Casino.org)

Verizon successfully dodged data security rules from state regulators (Times Union)

Russia opens probe of Telegram chief, claiming app has been used for terrorism (Washington Post) 

Former Defense Contractor Sentenced to 87 Months in Prison for Selling Secrets to Russia: Peter Williams Trade Secrets Case Concludes (TechNadu)

$10,000 bounty offered if you can hack Ring cameras to stop them sharing your data with Amazon (Bitdefender)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

SolarWinds patches four critical remote code execution vulnerabilities. A ransomware attack on Conduant puts the data of over 25 million Americans at risk. RoguePilot enables Github repository takeovers. ZeroDayRat targets Android and iOS devices. North Korea’s Lazarus group deploy Medusa ransomware against organizations in the U.S. and the Middle East. Attackers’ breakout times drop to under half an hour.  CISA maintains its mission despite staffing challenges. Russian satellites draw fresh scrutiny. Two South Korean teenagers are charged with breaching Seoul’s public bike service. Krishna Sai, CTO at SolarWinds, discusses why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI’s tangible contributions. The Pope pushes prayerful priests past predictable programs. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Krishna Sai, CTO at SolarWinds, discussing why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI’s tangible contributions.

Selected Reading

Critical SolarWinds Serv-U flaws offer root access to servers (Bleeping Computer)

Massive Conduent Data Breach Exfiltrates 8 TB Affects Over 25 Million Americans (GB Hackers)

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover (SecurityWeek)

New ZeroDayRAT Malware Claims Full Monitoring of Android and iOS Devices (Hackread)

North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East (The Record)

CrowdStrike says attackers are moving through networks in under 30 minutes (CyberScoop)

Shutdown at D.H.S. Extends to Cyber Agency, Adding to Setbacks (The New York Times)

From Cold War interceptors to Ukraine: how Russia came to park spy satellites next to the West’s most sensitive tech in orbit (Meduza)

Korean cops charge two teens over Seoul bike hire breach (The Register)

Pope tells priests to use their brains, not AI, to write homilies (EWTN News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices