app_store_button

google_play_button

DK - Details page - Device banner - 894x1036

Nyd den ubegrænsede adgang til tusindvis af spændende e- og lydbøger - helt gratis

Lyt når som helst, hvor som helst 

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily

Patch Tuesday fallout, China sidelines Western security vendors, and a critical flaw puts industrial switches at risk of remote takeover. A ransomware attack disrupts a Belgian hospital, crypto scams hit investment clients, and Eurail discloses a data breach. Analysts press Congress to go on offense in cyberspace, and Sean Plankey gets another shot at leading CISA. In our Threat Vector segment, David Moulton sits down with Ian Swanson, AI Security Leader at Palo Alto Networks about supply chain security. And, an AI risk assessment cites a football match that never happened.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector Segment

AI security is no longer optional, it’s urgent. In this segment of Threat Vector, David Moulton sits down with Ian Swanson, former CEO of Protect AI and now the AI Security Leader at Palo Alto Networks. Ian shares how securing the AI supply chain has become the next frontier in cybersecurity and why every enterprise building or integrating AI needs to treat it like any other software pipeline—rife with dependencies, blind spots, and adversaries ready to exploit them. You can catch the full conversation here and listen to new episodes of Threat Vector every Thursday on your favorite podcast app. 

Selected Reading

Patch Tuesday, January 2026 Edition (Krebs on Security)

Adobe Patches Critical Apache Tika Bug in ColdFusion (SecurityWeek)

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities (SecurityWeek)

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM (SecurityWeek)

Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say (Reuters)

Critical OpenSSH flaw exposes Moxa industrial switches to remote takeover (Beyond Machines)

Cyberattack forces Belgian hospital to transfer critical care patients (The Record)

Betterment confirms data breach after wave of crypto scam emails (Bleeping Computer)

Passports, bank details compromised in Eurail data breach (The Register)

Lawmakers Urged to Let US Take on 'Offensive' Cyber Role (Bank InfoSecurity)

Sean Plankey re-nominated to lead CISA (CyberScoop)

Police chief admits misleading MPs after AI used in justification for banning Maccabi Tel Aviv fans (BBC News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

CVEs don’t sleep.

Stolen Target source code looks real. CISA pulls the plug on Gogs. SAP rushes patches for critical flaws. A suspected Russian spy emerges in Sweden, while Cloudflare threatens to walk away from Italy. Researchers flag a Wi-Fi chipset bug, a long-running Magecart skimming campaign, and a surge in browser-in-the-browser phishing against Facebook users. Mandiant releases a new Salesforce defense tool, and NIST asks how to secure agentic AI before it secures itself. Our guests are Christine Blake and Madison Farabaugh from Inside the Media Minds. Plus, a Dutch court says seven years is still the going rate for a USB-powered cocaine plot.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Christine Blake and Madison Farabaugh from W2 Communications and hosts of Inside the Media Minds podcast on their show joining the N2K CyberWire network. You can listen to the latest episode of Inside the Media Minds today and catch new installments every month on your favorite podcast app.

Selected Reading

Target employees confirm leaked code after ‘accelerated’ Git lockdown (Bleeping Computer)

Fed agencies urged to ditch Gogs as zero-day makes CISA list (The Register)

SAP's January 2026 Security Updates Patch Critical Vulnerabilities (SecurityWeek)

Sweden detains ex-military IT consultant suspected of spying for Russia (The Record)

Cloudflare CEO threatens to pull out of Italy (The Register)

One Simple Trick to Knock Out the Wi-Fi Network (GovInfo Security)

Google's Mandiant releases free Salesforce access control checker (iTnews)

Global Magecart Campaign Targets Six Card Networks (Infosecurity Magazine)

Facebook login thieves now using browser-in-browser trick (Bleeping Computer)

NIST Calls for Public to Help Better Secure AI Agents (GovInfo Security)

Appeal fails for hacker who opened port to coke smugglers (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Source code in the wild aisle.

The FBI warns of Kimsuky quishing. Singapore warns of a critical vulnerability in Advantech IoT management platforms. Russia’s Fancy Bear targets energy research, defense collaboration, and government communications. Malaysia and Indonesia suspend access to X. Researchers warn a large-scale fraud operation is using AI-generated personas to trap mobile users in a social engineering scam. BreachForums gets breached. The NSA names a new Deputy Director. Monday Biz Brief. Our guest is Sasha Ingber, host of the International Spy Museum's SpyCast podcast. The commuter who hacked his scooter. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Sasha Ingber, host of the International Spy Museum's SpyCast podcast, on the return of SpyCast to the N2K CyberWire network.

Selected Reading

North Korea–linked APT Kimsuky behind quishing attacks, FBI warns (Security Affairs) 

Advantech patches maximum-severity SQL injection flaw in IoT products (Beyond Machines)

Russia's APT28 Targeting Energy Research, Defense Collaboration Entities (SecurityWeek)

Malaysia and Indonesia block X over deepfake smut (The Register)

New OPCOPRO Scam Uses AI and Fake WhatsApp Groups to Defraud Victim (Hackread)

BreachForums hacking forum database leaked, exposing 324,000 accounts (Bleeping Computer)

Former NSA insider Kosiba brought back as spy agency’s No. 2 (The Record)

Vega raises $120 million in a Series B round led by Accel.

Reverse engineering my cloud-connected e-scooter and finding the master key to unlock all scooters (Rasmus Moorats)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A picture worth a thousand breaches.

Please enjoy this encore of Career Notes. 

Laura Hoffner, Executive Vice President at Concentric, shares her story about her time working as a Naval Intelligence Officer and supporting special operations around the globe for 12 years, to now, where she transitioned to the Naval Reserves and joined the Concentric team. Laura has known since she was in the seventh grade that she wanted to work with SEALs and work in intelligence, so she set her goals high and achieved them shortly after graduating college. She credits being a Naval Intelligence Officer to helping her get to where she is today and says how much she is enjoying working with Concentric, saying she's "ultimately just incredibly benefiting from unbelievable mentors at the company itself." We thank Laura for sharing her story.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Laura Hoffner: Setting your sights high. [Intelligence] [Career Notes]

This week, we are joined by Martin Zugec, Technical Solutions Director from Bitdefender, sharing their work and findings on "EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company." Built for long-term espionage, the campaign uses DLL sideloading, in-memory execution, and abused Windows services to stay stealthy and persistent.

We walk through how the multi-stage framework delivers a powerful backdoor with reconnaissance, lateral movement, data theft, and keylogging capabilities—and what this operation reveals about the evolving tactics defenders need to watch for.

The research can be found here:

 EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company

Learn more about your ad choices. Visit megaphone.fm/adchoices

Walking on EggStremes. [Research Saturday]

The NSA reshuffles its cybersecurity leadership. A new report unmasks ICE’s latest surveillance system. CISA marks a milestone by retiring ten Emergency Directives. Trend Micro patches a critical vulnerability. Grok dials back the nudes, a bit. Cambodia extradites a cybercrime kingpin to China. Ghost Tap malware intercepts payment card data. Researchers disrupt a highly sophisticated VMware ESXi hypervisor exploit. European law enforcement arrest dozens of suspects linked to the international cybercriminal group Black Axe. Our guest is Sonali Shah, CEO of Cobalt, who says 2026 is the year AI stops being a concept and becomes the central battleground of cybersecurity. After firing the experts, DOGE hangs a help wanted sign.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today on our Industry Voices, we are joined by Sonali Shah, CEO of Cobalt, talking about 2026 is the year AI stops being a concept and becomes the central battleground of cybersecurity. Tune into the full conversation here.

Selected Reading

NSA cyber directorate gets new acting leadership (The Record)

Inside ICE’s Tool to Monitor Phones in Entire Neighborhoods (404 Media)

CISA Retires Ten Emergency Directives, Marking an Era in Federal Cybersecurity (CISA.gov)

Trend Micro warns of critical Apex Central RCE vulnerability (Bleeping Computer)

X pulls Grok images after UK ban threat over undress tool (The Register)

Alleged cyber scam kingpin arrested, extradited to China (The Record)

Chinese Hackers Use NFC-Enabled Android Malware to Steal Payment Information (GB Hackers)

The Great VM Escape: ESXi Exploitation in the Wild (Huntress)

Europol Leads Global Crackdown on Black Axe Cybercrime Gang, 34 Arrest (Infosecurity Magazine)

US DOGE Service is hiring following mass workforce losses across the government (Gov Exec)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Is interim the new permanent?

The US withdraws from global cybersecurity institutions. A maximum-severity vulnerability called Ni8mare allows full compromise of a workflow automation platform. Cisco patches ISE. Researchers uncover a sophisticated multi-stage malware campaign targeting manufacturing and government organizations in Italy, Finland, and Saudi Arabia. The growing rift of defining AI risk. Microsoft gives 365 admins a one-month deadline to enable MFA. The Illinois Department of Human Services inadvertently exposed personal and protected health information of more than 700,000 residents. An Illinois man is charged with hacking Snapchat accounts to steal nudes. Our guest is Caitlin Clarke, Senior Director for Cybersecurity Services at Venable, with insights on CISA 2015. Facial recognition that’s bear-ly controversial. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Caitlin Clarke, Senior Director for Cybersecurity Services at Venable, for a conversation on CISA 2015 and its role in today’s cybersecurity and policy landscape. If you enjoyed this conversation, be sure to tune into the full interview on the next Caveat. 

Selected Reading

US announces withdrawal from dozens of international treaties (The Record)

US To Leave Global Forum on Cyber Expertise (Infosecurity Magazine)

Max severity Ni8mare flaw lets hackers hijack n8n servers (Bleeping Computer)

Cisco warns of Identity Service Engine flaw with exploit code (Bleeping Computer)

CISA tags max severity HPE OneView flaw as actively exploited (Bleeping Computer)

Threat Actors Exploit Commodity Loader in Targeted Email Campaigns Against Organizations (GB Hackers)

Are Copilot prompt injection flaws vulnerabilities or AI limits? (Bleeping Computer)

Microsoft to enforce MFA for Microsoft 365 admin center sign-ins (Bleeping Computer)

Illinois state agency exposed personal data of 700,000 people (The Record)

Oswego man Kyle Svara, 26, allegedly hired by college coach Steve Waithe to get Snapchat access codes from nearly 600 women: FBI (ABC7 Chicago)

How facial recognition for bears can help ecologists manage wildlife (The Conversation)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

America goes solo on cyber.

Jaguar Land Rover reveals the fiscal results of last year’s cyberattack. A Texas gas station chain suffers a data spill. Taiwan tracks China’s energy-sector attacks. Google and Veeam push patches. Threat actors target obsolete D-Link routers. Sedgwick Government Solutions confirms a data breach. The U.S. Cyber Trust Mark faces an uncertain future. Google looks to hire humans to improve AI search responses. Our guest is Deepen Desai, Chief Security Officer of Zscaler, discussing what’s powering enterprise AI in 2026. AI brings creative cartography to the weather forecast.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices, we are joined by Deepen Desai, Chief Security Officer of Zscaler, discussing what’s powering enterprise AI in 2026. To learn more on this topic, be sure to check out Zscaler’s report here. Listen to the full conversation here. 

Selected Reading

Jaguar Land Rover wholesale volumes plummet 43% in cyberattack aftermath (The Register)

Major Data Breach Hits Company Operating 150 Gas Stations in the US (Hackread)

Taiwan says China's attacks on its energy sector increased tenfold (Bleeping Computer)

Google Patches High-Severity Chrome WebView Flaw CVE-2026-0628 in the Tag Component (Tech Nadu)

Several Code Execution Flaws Patched in Veeam Backup & Replication (SecurityWeek)

New D-Link flaw in legacy DSL routers actively exploited in attacks (Bleeping Computer)

Sedgwick confirms breach at government contractor subsidiary (Bleeping Computer)

FCC Loses Lead Support for Biden-Era IoT Security Labeling (GovInfoSecurity)

Google Search AI hallucinations push Google to hire "AI Answers Quality" engineers (Bleeping Computer)

‘Whata Bod’: An AI-generated NWS map invented fake towns in Idaho (The Washington Post)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyberattack in the fast lane.

Grok’s non-consensual imagery draws scrutiny from the European Commission. Researchers link several major data breaches to a single threat actor. The UK unveils a new Cyber Action Plan. A stealthy ClickFix campaign targets the hospitality sector. VVS Stealer malware targets Discord users. Covenant Health and AFLAC report data leaks. Google silences a critical Dolby flaw. Ilona Cohen, Chief Legal and Policy Officer at HackerOne discusses “What the SolarWinds Dismissal Really Means for CISOs: Less Personal Risk, More Scrutiny on Disclosures.” UK students enjoy a digital snow day. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Ilona Cohen, Chief Legal and Policy Officer at HackerOne and former senior lawyer to President Obama, as she is discussing “What the SolarWinds Dismissal Really Means for CISOs: Less Personal Risk, More Scrutiny on Disclosures.”

Selected Reading

EU looking ‘very seriously’ at taking action against X over Grok (The Record)

Grok's AI CSAM Shitshow (404 Media)

Dozens of Major Data Breaches Linked to Single Threat Actor (SecurityWeek)

UK Launches New Cyber Unit to Bolster Defences Against Cyber Threats (Infosecurity Magazine)

Sophisticated ClickFix Campaign Targeting Hospitality Sector (SecurityWeek)

New VVS Stealer Malware Targets Discord Users via Fake System Errors (Hackread)

Covenant Health Notifying 480K Patients of 2025 Data Theft (Infosecurity)

Aflac Notifies 22.6 Million People of June Data Theft Attack (Infosecurity)

Critical Dolby leak in Android patched by Google (Techzine Global)

Students bag extended Christmas break after cyber hit on school IT (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

X marks the violation.

Venezuela blames physical attacks for blackout as cyber questions swirl. Trump reverses a chip technology sale over national security issues, and removes sanctions linked to Predator spyware. Greek officials say an air traffic shutdown was not a cyberattack. The U.S. Army launches a new officer specialization in AI and machine learning. The Kimwolf botnet infects more than two million devices worldwide. ZoomStealer uses browser extensions to grab sensitive online meeting data. The European Space Agency confirms a cybersecurity incident. Former lawmakers and cyber policy leaders warn that U.S. cyber defenses are slipping. On today’s Afternoon Cyber Tea host Ann Johnson welcomes Troy Hunt, founder of Have I Been Pwned. A researcher swipes left on white supremacy.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On this segment of Afternoon Cyber Tea with host Ann Johnson, Ann is joined by Troy Hunt, founder of Have I Been Pwned, to explore what billions of breached records reveal about attacker behavior, human weakness, and the state of breach disclosure. To listen to Ann and Troy's full conversation, visit the episode page. You can catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. 

Selected Reading

Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes (POLITICO)

US Action in Venezuela Provokes Cyberattack Speculation (GovInfosecurity)

COMUNICADO | CORPOELEC denuncia ataque perpetrado contra el Sistema Eléctrico Nacional (MPPEE)

President Trump Orders Divestment in $2.9 Million Chips Deal to Protect US Security Interests (SecurityWeek)

Treasury removes sanctions for three executives tied to spyware maker Intellexa (The Record)

Greece says a radio failure that grounded flights is unlikely to be a cyberattack (WRAL.com)

US Army to Establish AI Officer Corps for High-Tech Military Management (ForkLog)

The Kimwolf Botnet is Stalking Your Local Network (Krebs on Security)

Zoom Stealer browser extensions harvest corporate meeting intelligence (Bleeping Computer)

European Space Agency Confirms Server Breach (Infosecurity Magazine)

Time to restore America’s cyberspace security system (CyberScoop)

Researcher Wipes White Supremacist Dating Sites, Leaks Data on okstupid.lol (Hackread)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A city goes dark as cyber questions multiply.

Eclypsium researchers Jesse Michael and Mickey Shkatov to share their work on "BadCam - Now Weaponizing Linux Webcams." Eclypsium researchers disclosed “BadCam,” a set of vulnerabilities in certain Lenovo USB webcams that run Linux and do not validate firmware signatures, allowing attackers to reflash the devices and turn them into BadUSB-style tools. 

An adversary who supplies a backdoored camera or who gains remote code execution on a host can weaponize the webcam to emulate human-interface devices, inject keystrokes, deliver payloads, and maintain persistence — even re-infecting systems after OS reinstalls. The findings were presented at DEF CON 2025, Lenovo issued updated firmware/tools in coordination with SigmaStar, and researchers warn the same vector could affect other Linux-based USB peripherals, underscoring the need for firmware signing and stronger device attestation.

The research can be found here:

 BadCam: Now Weaponizing Linux Webcams

Learn more about your ad choices. Visit megaphone.fm/adchoices

Smile for the malware. [Research Saturday]

Lyt når som helst, hvor som helst

Other podcasts you might like ...