App Store

Google Play

DK - Details page - Device banner - 894x1036

Nyd den ubegrænsede adgang til tusindvis af spændende e- og lydbøger - helt gratis

Lyt når som helst, hvor som helst 

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily

Today we are joined by Amanda Rousseau, Principal AI Security Researcher from Straiker, discussing their work on "The Silent Exfiltration: Zero‑Click Agentic AI Hack That Can Leak Your Google Drive with One Email." Straiker’s research found that enterprise AI agents can be silently manipulated to leak sensitive data, even without user clicks or alerts. By chaining small gaps across tools like Gmail, Google Drive, and calendars, attackers achieved zero-click exfiltration, system mapping, and even policy rewrites. The findings highlight that excessive agent autonomy creates a new attack surface, requiring least-privilege design, runtime guardrails, and continuous red-teaming to stay secure.

The research can be found here:

 The Silent Exfiltration: Zero‑Click Agentic AI Hack That Can Leak Your Google Drive with One Email

Learn more about your ad choices. Visit megaphone.fm/adchoices

Data leak without a click. [Research Saturday]

Samsung patches a critical Android zero-day vulnerability. Microsoft resolves a global Exchange Online outage. CISA reaffirms its commitment to the CVE program. California passes a bill requiring web browsers to let users automatically send opt-out signals. Apple issues spyware attack warnings. The FTC opens an investigation into AI chatbots on how they protect children and teens. A hacker convicted of attempting to extort more than 20,000 psychotherapy patients is free on appeal. Our guest is Dave Lewis, Global Advisory CISO at 1Password, discussing how security leaders can protect M&A deal value and integrity. Schools face insider threats from students.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today’s guest is Dave Lewis, Global Advisory CISO at 1Password, discussing how security leaders can protect deal value and integrity.Selected Reading

Samsung patches actively exploited zero-day reported by WhatsApp (Bleeping Computer)

Microsoft fixes Exchange Online outage affecting users worldwide (Bleeping Computer)

CISA looks to partners to shore up the future of the CVE Program (Help Net Security)

California legislature passes bill forcing web browsers to let consumers automatically opt out of data sharing (The Record)

Apple warns customers targeted in recent spyware attacks (Bleeping Computer)

FTC to AI Companies: Tell Us How You Protect Teens and Kids Who Use AI Companions (CNET)

Defence, Space and Cybersecurity. Why the General Assembly in Frascati matters (Decode39)

DSEI Takeaways: Space and Cyber and the Invisible Front Line (Via Satellite) 

Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal (The Record)

Children hacking their own schools for 'fun', watchdog warns (BBC) - kicker

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

WhatsAppened to Samsung?

The House passes a defense policy bill that includes new provisions on cybersecurity and artificial intelligence. Senator Wyden accuses Microsoft of “gross cybersecurity negligence” after a 2024 ransomware attack crippled healthcare giant Ascension. The White House shelves plans to split U.S. Cyber Command and the NSA. The Pentagon finalizes its long-awaited Cybersecurity Maturity Model Certification (CMMC 2.0) rule. Akira ransomware group targets SonicWall devices. Officials warn solar-powered highway infrastructure should be checked for hidden radios. The Atlantic Council maps the global spyware market. Researchers uncover serious flaws in Apple’s AirPlay. A European DDoS mitigation provider thwarts a record-breaking attack. My Caveat cohosts Ethan Cook and Ben Yelin unpack the cyber elements of the Big Beautiful Bill. Who fixes the vibe code? 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we have Ethan Cook joining Caveat hosts Dave Bittner and Ben Yelin for this month’s Policy Deep Dive. Together, they unpack HR1, the “Big Beautiful Bill”, and how its investments in technology, supply chain security, and defensive resiliency reflect the Trump administration’s push for long-term technological dominance. If you want to hear the full conversation, head over to Caveat.

Selected Reading

House moves ahead with defense bill that includes AI, cyber provisions (The Record)

FTC should investigate Microsoft after Ascension ransomware attack, senator says (The Record)

Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' (The Record)

Pentagon Releases Long-Awaited Contractor Cybersecurity Rule (GovInfo Security)

Akira Ransomware Group Utilizing SonicWall Devices for Initial Access (Rapid7)

Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure (Reuters)

Mythical Beasts: Diving into the depths of the global spyware market (Atlantic Council)

Remote CarPlay Hack Puts Drivers at Risk of Distraction and Surveillance (SecurityWeek)

DDoS defender targeted in 1.5 Bpps denial-of-service attack (Bleeping Computer)

The Software Engineers Paid to Fix Vibe Coded Messes (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber and AI take center stage.

Patch Tuesday. A data leak sheds light on North Korean APT Kimsuky. Apple introduces Memory Integrity Enforcement. Ransomware payments have dropped sharply in the education sector in 2025. A top NCS official warns ICS security lags behind, and a senator calls U.S. cybersecurity a “hellscape”. A Ukrainian national faces federal charges and an $11 million bounty for allegedly running multiple ransomware operations. Our guest is Jake Braun sharing the latest on Project Franklin. WhoFi makes WiFi a new spy.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Jake Braun, longtime DEF CON organizer, former White House official, and lead on DEF CON Franklin, sharing the latest on Project Franklin.

Selected Reading

Two Zero-Days Among Patch Tuesday CVEs This Month (Infosecurity Magazine)

Fortinet, Ivanti, Nvidia Release Security Updates (SecurityWeek)

ICS Patch Tuesday: Rockwell Automation Leads With 8 Security Advisories (SecurityWeek)

SAP 'wins' Patch Tuesday with worse flaws than Microsoft (The Register)

Adobe Patches Critical ColdFusion and Commerce Vulnerabilities (SecurityWeek)

Data leak sheds light on Kimsuky operations (SC Media)

Apple Unveils iPhone Memory Protections to Combat Sophisticated Attacks (SecurityWeek)

Learn about ChillyHell, a modular Mac backdoor (jamf)

Ransomware Payments Plummet in Education Amid Enhanced Resiliency (Infosecurity Magazine)

Critical infrastructure security tech needs to be as good as our smartphones, top NSC cyber official says (CyberScoop)

Sen. King: Cyber domain is a ‘hellscape’ that will be made worse by cuts (The Record)

US indicts alleged ransomware boss tied to $18B in damages (The Register)Jeremy Clarkson's pub has been 'swindled' out of £27,000 by hackers (Manchester Evening News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

86 reasons to update.

The open source community heads off a major npm supply chain attack. The Treasury Department sanctions cyber scam centers in Myanmar and Cambodia. Scammers abuse iCloud Calendar invites to send callback phishing emails. Researchers discover a new malware variant exploiting exposed Docker APIs. Phishing attacks abuse the Axios user agent and Microsoft’s Direct Send feature. Plex warns users of a data breach. Researchers flag a surge in scans targeting Cisco ASA devices. CISA delays finalizing its incident reporting rule. The GAO says federal cyber workforce figures are incomplete and unreliable. Our guest is Kevin Magee, Global Director of Cybersecurity Startups at Microsoft Security, discussing cybersecurity education going back to school. AI earns its own Darwin awards. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Kevin Magee, Global Director of Cybersecurity Startups at Microsoft Security discussing cybersecurity education going back to school.

Selected Reading

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack (Bleeping Computer)

Open Source Community Thwarts Massive npm Supply Chain Attack (Infosecurity Magazine)

US sanctions companies behind cyber scam centers in Cambodia, Myanmar (The Record)

New Apple Warning, This iCloud Calendar Invite Is Actually An Attack (Forbes)

New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs (HackRead)

Axios User Agent Helps Automate Phishing on “Unprecedented Scale” (Infosecurity Magazine)

Plex Urges Password Resets Following Data Breach (SecurityWeek)

Surge in networks scans targeting Cisco ASA devices raise concerns (Bleeping Computer)

CISA pushes final cyber incident reporting rule to May 2026 (CyberScoop)

US government lacks clarity into its infosec workforce (The Register)

AI Darwin Awards launch to celebrate spectacularly bad deployments (The Register) 

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Chalk one up for defenders.

The EU fines Google $3.5 billion over adtech abuses. Cloudflare blocks record-breaking Distributed Denial of Service (DDoS) attacks. The Salesforce-Salesloft breach began months earlier with GitHub access. Researchers say the new TAG-150 cybercriminal group has been active since March. Hackers use stolen secrets to leak more than 6,700 Nx private repositories. Subsea cable outages disrupt internet connectivity across India, Pakistan, and parts of the UAE. Monday Business Breakdown. On our Industry Voices segment Todd Moore, Global Vice President, Data Security at Thales, unpacks the perils of insider risk. Hackers claim Burger King’s security flaws are a real whopper.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Industry Voices

On our Industry Voices segment, we are joined by ⁠Todd Moore⁠, Global Vice President, Data Security at ⁠Thales⁠, discussing the biggest threat to your data has a badge, a password, and years of goodwill. Check out Todd's full conversation here. You can learn more about monitoring unstructured data at scale and enabling security teams to leverage AI & ML technologies from Thales. 

Selected Reading

EU fines Google $3.5 billion for anti-competitive ad practices (Bleeping Computer)

Cloudflare blocks massive 11.5 Tbps DDoS attack (SDxCentral)

Salesloft GitHub Account Compromised Months Before Salesforce Attack (SecurityWeek)

From CastleLoader to CastleRAT: TAG-150 Advances Operations with Multi-Tiered Infrastructure (Recorded Future)

Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack (SecurityWeek)

Red Sea cable cuts disrupt internet across Asia and the Middle East (Reuters)

⁠N2K Pro Business Briefing update⁠ (N2K Networks)

Burger King hacked, attackers 'impressed by the commitment to terrible security practices' — systems described as 'solid as a paper Whopper wrapper in the rain,’ other RBI brands like Tim Hortons and Popeyes also vulnerable (Tom’s Hardware)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Big tech, bigger fines.

Please enjoy this encore of Career Notes. 

COO and Co-Founder of Query. AI, Andrew Maloney, shares how the building blocks he learned in the military helped him get where he is today. Coming from a blue collar family with a minimal knowledge of computers, Andrew went into computer operations in the Air Force. While deployed to Oman just after the start of the Iraq War, Andrew said he got his break into security. That's where he learned the components that fit together in order to effectively secure an environment. Andrew's words of wisdom: You've got to keep pushing and you've got to believe in yourself and never sell yourself short. We thank Andrew for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Andrew Maloney: Never-ending thirst for knowledge. [COO] [Career Notes]

Today we are joined by Selena Larson, co-host of Only Malware in the Building and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at Proofpoint, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. 

These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsoft’s upcoming security changes and strengthened email, cloud, and web defenses, along with user education, are recommended to reduce these risks.

The research can be found here:

 
⁠Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing

Learn more about your ad choices. Visit megaphone.fm/adchoices

Don’t trust that app! [Research Saturday]

A cyberattack disrupts Bridgestone’s manufacturing operations. CISA warns of critical vulnerabilities in products used across multiple sectors. Additional cybersecurity firms confirm data exposure in the recent Salesforce–Salesloft Drift attack. A configuration vulnerability in Sitecore products leads to remote code execution. HHS promises stricter enforcement of healthcare information access rules. Texas sues an education software provider over a December 2024 data breach. A federal jury orders Google to pay $425 million over improperly collected user data. Nations unite for global guidance on SBOMs. On our Industry Voices segment, we are joined by Aron Anderson, Enterprise Security Manager of Adobe, on embracing the journey to zero trust. Chess.com gets caught in a tricky gambit.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Industry Voices

On our Industry Voices segment we are joined by Aron Anderson, Enterprise Security Manager of Adobe, as he is talking about embracing the journey to zero trust. If you want to hear the full conversation from Aron, you can check it out here.

Selected Reading

Tire giant Bridgestone confirms cyberattack impacts manufacturing (Bleeping Computer)

CISA issues ICS advisories on hardware flaws in Honeywell, Mitsubishi Electric, Delta Electronics, rail communication protocols (Industrial Cyber)

More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach (SecurityWeek)

Unknown miscreants snooping around Sitecore via sample keys (The Register)

HHS Says It's 'Cracking Down' on Health Information Blocking (BankInfo Security)

Texas sues PowerSchool over breach exposing 62M students, 880k Texans (Bleeping Computer)

Google hit with $425 million verdict in privacy class action suit (The Record)

US and 14 Allies Release Joint Guidance on Software Bill of Materials (Infosecurity Magazine)

Chess.com says 4,500 people had data stolen during June breach (The Record)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Wheels left spinning after cyber incident.

Salt Typhoon marks China’s most ambitious campaign yet. A major Google outage hit Southeastern Europe. A critical zero-day flaw in FreePBX gets patched. Scattered Lapsus$ Hunters claim the Jaguar Land Rover hack. Researchers uncover a major evolution in the XWorm backdoor campaign. GhostRedirector is a new China-aligned threat actor. CISA adds a pair of TP-Link router flaws to its Known Exploited Vulnerabilities (KEV) catalog. The feds put a $10 million bounty on three Russian FSB officers. Experts warn sweeping cuts to ODNI could cripple U.S. cyber defense. Our guest is Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation, discussing IT/OT convergence in securing critical water and wastewater systems. Google says rumors of Gmail’s breach are greatly exaggerated.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire Guest

Today our guest is Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation, who is talking about "IT/OT Convergence for Critical Water & Wastewater Security."

Selected Reading

‘Unrestrained’ Chinese Cyberattackers May Have Stolen Data From Almost Every American (The New York Times)

Google Down in Eastern Europe (UPDATED) (Novinite Sofia News Agency)

Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers (SecurityWeek)

M&S hackers claim to be behind Jaguar Land Rover cyber attack (BBC)

XWorm’s Evolving Infection Chain: From Predictable to Deceptive (Trellix)

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes (welivesecurity by ESET)

CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited (The Cyber Security News) 

US offers $10 million bounty for info on Russian FSB hackers (Bleeping Computer)

Cutting Cyber Intelligence Undermines National Security (FDD)

No, Google did not warn 2.5 billion Gmail users to reset passwords (Bleeping Computer)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Data leak without a click. [Research Saturday]

Lyt når som helst, hvor som helst

Other podcasts you might like ...