Memory leaks and login sneaks.

Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. Beware of a new ransomware group called Bert. Call of Duty goes offline after reports of RCE vulnerabilities. President Trump's spending bill allocates hundreds of millions for cybersecurity. Nearly 26 million job seekers’ resumes and personal data are leaked. CISA adds four actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. Outsmarting AI scraper bots with math.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector Segment

Cyber attackers are increasingly targeting the very tools developers trust—integrated development environments (IDEs), low-code platforms, and public code repositories. In this segment of Threat Vector, host ⁠David Moulton⁠ speaks with ⁠Daniel Frank⁠ and ⁠Tom Fakterman⁠ from Palo Alto Networks' threat research team about “Hunting Threats in Developer Environments.” You can hear David and Tyler's full discussion on Threat Vector ⁠⁠here⁠⁠ and catch new episodes every Thursday on your favorite podcast app.

Selected Reading

Public exploits released for Citrix Bleed 2 NetScaler flaw, patch now (Bleeping Computer)

Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild (SecurityWeek)

Hacker leaks Telefónica data allegedly stolen in a new breach (Bleeping Computer)

Italian police arrest Chinese national wanted by FBI for alleged industrial espionage (Reuters)

Beware of Bert: New ransomware group targets healthcare, tech firms (The Record)

Call of Duty takes PC game offline after multiple reports of RCE attacks on players (CyberScoop)

GOP domestic policy bill includes hundreds of millions for military cyber (CyberScoop)

TalentHook leaks resumes of 26 Million job seekers (Beyond Machines)

CISA Adds Four Known Exploited Vulnerabilities to Catalog (CISA)

The Open-Source Software Saving the Internet From AI Bot Scrapers (404 Media)

Audience Survey

Complete our annual audience survey before August 31.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices