CyberWire Daily

• Brute force break-in.

  SonicWall confirms a breach in its cloud backup platform. Google patches a high-severity zero-day in Chrome. Updates on the Shai-Hulud worm. Chinese phishing emails impersonate the chair of the House China Committee. The UK’s NCA takes the reins of the Five Eyes Law Enforcement Group. RevengeHotels uses AI to deliver VenomRAT to Windows systems. A major VC shares details of a recent ransomware attack. A lawsuit targets automated license plate readers. Our guest is Brock Lupton, Product Strategist at Maltego, discussing the human side of intelligence work. From mic check to malware, a crypto phishing story. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices segment, we are joined by Brock Lupton, Product Strategist at Maltego, discussing the human side of intelligence work. You can hear the full conversation with Brock here. Selected Reading SonicWall MySonicWall platform breached, firewall config files exposed (Beyond Machines) Google patches sixth Chrome zero-day exploited in attacks this year (Bleeping Computer) "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack (Palo Alto Networks) China-backed attackers spoof Congressman for US trade data (The Register) NCA Singles Out “The Com” as It Chairs Five Eyes Group (Infosecurity Magazine) New RevengeHotels attack targets Windows with VenomRAT (SC Media) VC Firm Insight Partners Notifies Victims After Ransomware Breach (Infosecurity Magazine) Police cameras tracked one driver 526 times in four months, lawsuit says (NBC) Fake Empire Podcast Invites Target Crypto Industry with macOS AMOS Stealer (HackRead) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  28:31

  --------

  28:31
• Code beneath the sand.

  A new self-replicating malware infects the NPM repository. Microsoft and Cloudflare disrupt a Phishing-as-a-Service platform. Researchers uncover a new Fancy Bear backdoor campaign. The VoidProxy phishing-as-a-service (PhaaS) platform targets Microsoft 365 and Google accounts. A British telecom says its ransomware recovery may stretch into November. A new Rowhammer attack variant targets DDR5 memory. Democrats warn proposed budget cuts could slash the FBI’s cyber division staff by half at a heated Senate Judiciary Committee hearing. On our Industry Voices segment, we are joined by Abhishek Agrawal from Material security discussing challenges of securing the Google Workspace. Pompompurin heads to prison.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Abhishek Agrawal, CEO and Co-Founder of Material Security, discussing challenges of securing the Google Workspace. You can hear Abhishek’s full conversation here. Selected Reading Self-Replicating Worm Hits 180+ Software Packages (Krebs on Security) Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader (Help Net Security) Fancy Bear attacks abuse Office macros, legitimate cloud services (SC Media) VoidProxy phishing operation targets Microsoft 365, Google accounts (SC Media) UK telco Colt’s cyberattack recovery seeps into November (The Register) Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack (The Register) Senators, FBI Director Patel clash over cyber division personnel, arrests (CyberScoop) House lawmakers move to extend two key cyber programs, for now (The Record) BreachForums founder caged after soft sentence overturned (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  31:44

  --------

  31:44
• AI chips flow east.

  A controversial Trump administration deal gives the U.A.E. access to cutting-edge U.S. AI chips. FlowiseAI warns of a critical account takeover vulnerability. A new social engineering campaign impersonates Meta account suspension notices. A macOS Spotlight 0-day flaw  bypasses Apple’s Transparency, Consent, and Control (TCC) protections. Are cost saving from outsourced IT services worth the risk? Poland boosts its cybersecurity budget after a surge in Russian-backed attacks. NTT Group joins the Comm-ISAC. Jaguar Land Rover’s global shutdown continues. A data breach affects millions of customers of top luxury brands. On today's Threat Vector segment, David Moulton⁠ speaks with⁠ Palo Alto Networks’ Spencer Thellmann about the dual challenges of securing employee use of generative AI tools and defending internally built AI models and agents. AI chatbots hustle seniors for science. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On today's segment of Threat Vector, host⁠ David Moulton⁠, Director of Thought Leadership for Unit 42, speaks with⁠ Spencer Thellmann⁠, Principal Product Manager at Palo Alto Networks. David and Spencer explore the dual challenges of securing employee use of generative AI tools and defending internally built AI models and agents. You can listen to the full conversation here, and catch new episodes of Threat Vector each Thursday in your podcast app of choice. Selected Reading In Giant Deals, U.A.E. Got Chips, and Trump Team Got Crypto Riches (The New York Times) Critical FlowiseAI password reset flaw exposes accounts to complete takeover (Beyond Machines) New FileFix attack uses steganography to drop StealC malware (Bleeping Computer) From Spotlight to Apple Intelligence (Objective- See) The Elephant in The Biz: outsourcing of critical IT and cybersecurity functions risks UK economic security | by Kevin Beaumont | Sep, 2025 (DoublePulsar) Russian hackers target Polish hospitals and city water supply (The Financial Times) NTT Group Joins the U.S. Communications-ISAC (Topics) Jaguar Land Rover says cyberattack shutdown to last 'at least' another week (The Record) Bags of info stolen from multiple top luxury brands - double check your data now (TechRadar) We wanted to craft a perfect phishing scam. AI bots were happy to help (Reuters) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  26:07

  --------

  26:07
• The return of CISO Perspectives. [CISO Perspectives]

  This season on CISO Perspectives—your host, Kim Jones is digging into the issues shaping the future of cybersecurity leadership. From the regulations every CISO needs to understand, to the unexpected places privacy risks are emerging, to the new ways fraud and identity are colliding—these conversations will sharpen your strategies and strengthen your defenses. Industry leaders join the discussion to share their insights, challenges, and hard-earned lessons. Together, we’ll connect the dots across regulation, privacy, fraud, leadership, and talent—helping you build a stronger, more resilient cybersecurity ecosystem. This is CISO Perspectives. Real conversations. Real strategies. Real impact. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  3:21

  --------

  3:21
• FBI botnet cleanup backfires.

  FBI botnet disruption leaves cybercriminals scrambling to pick up the pieces. Notorious ransomware gangs announce their retirement, but don’t hold your breath. Hacktivists leak data tied to China’s Great Firewall. A new report says DHS mishandled a key program designed to retain cyber talent at CISA. GPUGate malware cleverly evades analysis. WhiteCobra targets developers with malicious extensions. North Korea’s Kimsuky group uses AI to generate fake South Korean military IDs. My guest is Tim Starks from CyberScoop, discussing offensive cyber operations. A cyberattack leaves students hung out to dry. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined once again by Tim Starks from CyberScoop discussing offensive cyber operations. You can read Tim’s article Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense for more background. Selected Reading The FBI Destroyed an Internet Weapon, but Criminals Picked Up the Pieces (Wall Street Journal) 15 ransomware gangs ‘go dark’ to enjoy 'golden parachutes' (The Register) 600 GB of Alleged Great Firewall of China Data Published in Largest Leak Yet (HackRead) China Enforces 1-Hour Cybersecurity Incident Reporting (The Cyber Express) ​​DHS watchdog finds mismanagement in critical cyber talent program (FedScoop) GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe (Arctic Wolf) 'WhiteCobra' floods VSCode market with crypto-stealing extensions (Bleeping Computer) AI-Forged Military IDs Used in North Korean Phishing Attack (Infosecurity Magazine) Mitsubishi to acquire Nozomi Networks for nearly $1 billion. (N2K CyberWire Business Briefing)  Dutch students denied access to jailbroken laundry machines (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  29:11

  --------

  29:11

Mais podcasts de Notícias

Podcasts em tendência em Notícias

Sobre CyberWire Daily

CyberWire Daily: Podcast do grupo