CyberWire Daily

Cyber weapons knock out Iranian air defenses during strikes on nuclear sites. ShinyHunters dump more than a million stolen records from Harvard and Penn. Betterment confirms a breach exposing data from roughly 1.4 million accounts. Researchers uncover a sprawling scam network impersonating law firms. Italy blocks cyberattacks aimed at Olympics infrastructure. Critical bugs put n8n and Google Looker servers at risk of full takeover. A state-backed Shadow Campaign hits governments worldwide. OpenClaw shows how AI-powered attacks are becoming faster, cheaper, and harder to stop. Our guest is Tony Scott, CEO of Intrusion and former federal CIO, sharing his perspective on evolving regulation and the realities behind critical policy shifts. Your smartphone may testify against you.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest today comes as a segment from our Caveat podcast. Tony Scott, CEO of Intrusion and former federal CIO, joins Dave Bittner to share his perspective on evolving regulation and the realities behind critical policy shifts. You can listen to Tony and Dave’s full conversation on this week’s episode of Caveat, and catch new episodes of Caveat every Thursday on your favorite podcast app.

Selected Reading

Exclusive: US used cyber weapons to disrupt Iranian air defenses during 2025 strikes (The Record)

Personal data stolen during Harvard and UPenn data breaches leaked online - over a million details, including emails, home addresses and more, all published (TechRadar)

Data breach at fintech firm Betterment exposes 1.4 million accounts (Bleeping Computer)

Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign (SecurityWeek)

Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says (SecurityWeek)

n8n security woes roll on as new critical flaws bypass December fix (The Register)

LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem) (Tenable)

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries (SecurityWeek)

The Rise of OpenClaw (SECURITY.COM)

Smartphones Now Involved in Nearly Every Police Investigation (Infosecurity Magazine)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The White House preps a major overhaul of U.S. cybersecurity policy. A key Commerce security office loses staff as regulatory guardrails weaken. Lawmakers Press AT&T and Verizon after months of silence on Salt Typhoon. A vulnerability in the React Native Metro development server is under active exploitation. Amaranth Dragon leverages a WinRAR flaw. A coordinated reconnaissance campaign targets Citrix NetScaler infrastructure. CISA warns a SolarWinds Web Help Desk flaw is under active exploitation. Zach Edwards, Senior Threat Researcher at Silent Push, is discussing a hole in the kill chain leaving law enforcement empty-handed. Cops in Northern Ireland get an unwanted data breach encore. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Zach Edwards, Senior Threat Researcher at Silent Push, discussing a hole in the kill chain leaving law enforcement empty-handed. You can read more from Zach’s team here.

Selected Reading

White House Cyber Director Charts New Course for Digital Defense Through Private Sector Partnership (Web Pro News)

Another Misstep in U.S.-China Tech Security Policy (Lawfare)

Cantwell claims telecoms blocked release of Salt Typhoon report (Cyberscoop)

Hackers exploit critical React Native Metro bug to breach dev systems (Bleeping Computer)

New Amaranth Dragon cyberespionage group exploits WinRAR flaw (Bleeping Computer)

Wave of Citrix NetScaler scans use thousands of residential proxies (Bleeping Computer)

Fresh SolarWinds Vulnerability Exploited in Attacks (SecurityWeek)

‘It defies belief’: Names of PSNI officers published on court website in new breach (Belfast Telegraph)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

French police raid X’s Paris offices. The Feds take over $400 million from a dark web cryptocurrency mixer. The NSA says zero-trust goes beyond authentication. Researchers warn of a multi-stage phishing campaign targeting Dropbox credentials. A new GlassWorn campaign targets macOS developers. Critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile are under active exploitation. Researchers disclose a major data exposure on Moltbook, a social network built for AI agents. States bridge the gaps in election security. Nitrogen ransomware has a fatal flaw that permanently destroys data. Supersize your passwords — you want fries with that?

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector

Aaron Isaksen leads AI Research and Engineering at Palo Alto Networks, where he advances state-of-the-art AI in cybersecurity while overseeing Cortex Xpanse's teams automating attack surface management across some of the world's largest networks. In this episode of Threat Vector, host David Moulton sits down with Dr. Aaron Isaksen to explore why engineering excellence must precede ethical AI debates, how adversarial AI is reshaping cybersecurity, and what it actually takes to build AI systems resilient enough to operate in hostile environments.

Selected Reading

French cops raid X's Paris office in algorithmic bias probe (The Register)

US seizes over $400 million in assets from dark web money laundering operation Helix (SC Media)

NSA Tells Feds: Zero Trust Must Go Beyond Login (GovInfo Security)

New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials (Infosecurity Magazine)

New GlassWorm attack targets macOS via compromised OpenVSX extensions (Bleeping Computer)

Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack (Hackread)

Vibe-Coded Moltbook Exposes User Data, API Keys and More (Infosecurity Magazine)

As feds pull back, states look inward for election security support (CyberScoop)

Nitrogen Ransomware: ESXi malware has a bug! (Coveware)

McDonald's is not lovin' your bigmac, happymeal, and mcnuggets passwords (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of CISO Perspectives.

In this mid-season episode, Kim takes a step back to reflect on the journey so far—revisiting key conversations, standout moments, and recurring themes that have shaped the season. During the episode, Kim sits down with N2K's own Ethan Cook to connect the dots across episodes, uncovering deeper patterns and takeaways. Whether you're catching up or tuning in weekly, this episode offers a thoughtful recap and fresh perspective on where we've been—and what's still to come.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Poland says weak security left parts of its power grid exposed. A Russian-linked hacker alliance threatens Denmark with a promised cyber offensive. Fancy Bear moves fast on a new Microsoft Office flaw, hitting Ukrainian and EU targets. Researchers find a sprawling supply chain attack buried in the ClawdBot AI ecosystem. A new report looks at how threats are shaping the work of journalists and security researchers. A stealthy Windows malware campaign blends Pulsar RAT with Stealerv37. A former Google engineer is convicted of stealing AI trade secrets for China. The latest cybersecurity funding and deal news. On our Afternoon Cyber Tea segment, Microsoft’s Ann Johnson chats with Dr. Lorrie Cranor from Carnegie Mellon about security design. The AI dinosaur that knew too much. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Afternoon Cyber Tea

Dr. Lorrie Cranor⁠, Director of the CyLab Security and Privacy Institute at Carnegie Mellon University joins Ann Johnson, Corporate Vice President, Microsoft, on this month's segment of Afternoon Cyber Tea to discuss the critical gap between security design and real-world usability. They explore why security tools often fail users, the ongoing challenges with passwords and password less authentication, and how privacy expectations have evolved in an era of constant data collection. You can listen to Ann and Lorrie's full conversation here, and catch new episodes Afternoon Cyber Tea every other Tuesday on your favorite podcast app.

Selected Reading

Russian hackers breached Polish power grid thanks to bad security, report says (TechCrunch)

Newly Established Russian Hacker Alliance Threatens Denmark (Truesec)

Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks (Infosecurity Magazine)

Notepad++ Hijacked by State-Sponsored Hackers (Notepad++)

ClawdBot Skills Just Ganked Your Crypto (OpenSource Malware Blog)

Under Pressure: Exploring the effect of legal and criminal threats on security researchers and journalists (DataBreaches.Net)

Windows Malware Uses Pulsar RAT for Live Chats While Stealing Data (Hackread)

U.S. convicts ex-Google engineer for sending AI tech data to China (Bleeping Computer)

Upwind secures $250 million in a Series B round. (N2K Pro Business Briefing) 

Don't Buy Internet-Connected Toys For Your Kids (Blackout VPN)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices