CyberWire Daily

• UK calls out Russia’s playbook.

  The UK sanctions Russian military intelligence officers tied to GRU cyber units. An AI-powered malware called LameHug targets Windows systems. Google files a lawsuit against the operators of the Badbox 2.0 botnet. A pair of healthcare data breaches impact over 3 million individuals. Researchers report a phishing attack that bypasses FIDO authentication by exploiting QR codes. A critical flaw in Nvidia’s Container Toolkit threatens managed AI cloud services. A secure messaging app is found exposing sensitive data due to outdated configurations. Meta investors settle their $8 billion lawsuit. Our guest is Will Markow, CEO of FourOne Insights and N2K CyberWire Senior Workforce Analyst, with a data-driven look at how AI is affecting jobs. Belgian police provide timely cyber tips, baked right in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we have Will Markow, CEO of FourOne Insights and N2K CyberWire Senior Workforce Analyst, discussing how AI is affecting jobs. Got cybersecurity, IT, or project management certification goals? For the past 25 years, N2K's practice tests have helped more than half a million professionals reach certification success. Grow your career and reach your goals faster with N2K’s full exam prep of practice tests, labs, and training courses for Microsoft, CompTIA, PMI, Amazon, and more at n2k.com/certify. Selected Reading Breaking: UK sanctions Russian cyber spies accused of facilitating murders (The Record) Russia Linked to New Malware Targeting Email Accounts for Espionage (Infosecurity Magazine) New “LameHug” Malware Deploys AI-Generated Commands (Infosecurity Magazine) Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet (SecurityWeek) 1.4 Million Affected by Data Breach at Virginia Radiology Practice  (SecurityWeek) Anne Arundel Dermatology Data Breach Impacts 1.9 Million People (SecurityWeek) Phishing attack abuses QR codes to bypass FIDO keys  (SC Media) Critical Nvidia Toolkit Flaw Exposes AI Cloud Services to Hacking (SecurityWeek) New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers (Hackread) Meta investors, Zuckerberg settle $8 billion privacy lawsuit tied to Cambridge Analytica scandal (The Record) Loaf and order: Belgian police launch bread-based cybersecurity campaign (Graham Cluley) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  29:53

  --------

  29:53
• When hackers become the hunted.

  Pro-Russian Hackers, scam lords, and ransomware gangs face global justice. Louis Vuitton ties customer data breaches to a single cyber incident. The White House is developing a “Zero Trust 2.0” cybersecurity strategy. OVERSTEP malware targets outdated SonicWall Secure Mobile Access (SMA) devices. An Australian political party suffers a massive ransomware breach. Our guest Jacob Oakley speaks with T-Minus Space Daily host Maria Varmazis. Jacob is Technical Director at SIXGEN and Space Lead for the DEFCON Aerospace Village. An Italian YouTuber faces a retro reckoning. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest Jacob Oakley joins us from today’s episode of T-Minus Space Daily host Maria Varmazis. Jacob is Technical Director at SIXGEN and Space Lead for the DEFCON Aerospace Village. He and Maria discuss space cybersecurity. Selected Reading Global operation targets NoName057(16) pro-Russian cybercrime network - The offenders targeted Ukraine and supporting countries, including many EU Member States (Europol) Cambodia makes 1,000 arrests in latest crackdown on cybercrime (NBC News) Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy (US Department of Justice) Italian police dismantle Romanian ransomware gang targeting nonprofits, film companies (The Record) Louis Vuitton says regional data breaches tied to same cyberattack (Bleeping Computer) Trump admin focuses on ‘zero trust 2.0,’ cybersecurity efficiencies (Federal News Network) SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware (Bleeping Computer) Clive Palmer's political parties suffer data breach affecting 'all emails ... documents and records' (Crikey) YouTuber faces jail time for showing off Android-based gaming handhelds (Ars Technica) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  33:20

  --------

  33:20
• Chrome’s high-risk bug gets squashed.

  Google and Microsoft issue critical updates. CISA warns of active exploitation of a critical flaw in Wing FTP Server. Cloudflare restores their DNS Resolver service following a brief outage. A critical vulnerability in a PHP documentation tool allows attackers to execute code on affected servers. NSA and FBI officials say they’ve disrupted Chinese cyber campaigns targeting U.S. critical infrastructure. A UK data breach puts Afghan soldiers and their families at risk. Researchers find malware hiding in DNS records. A former U.S. Army soldier pleads guilty to charges of hacking and extortion. Ben Yelin joins us with insights on the Senate Armed Services Committee’s response to rising threats to critical infrastructure.The large print giveth and the small print taketh away.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin, co host of our Caveat podcast and Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, discussing the Senate Armed Services Committee’s and Trump administration nominees’ recent conversation about rising threats to critical infrastructure. You can find the article Ben discusses here. Selected Reading Google fixes actively exploited sandbox escape zero day in Chrome (Bleeping Computer) Windows KB5064489 emergency update fixes Azure VM launch issues (Bleeping Computer) Exploited Wing file transfer bug risks ‘total server compromise,’ CISA warns (The Record) Cloudflare 1.1.1.1 incident on July 14, 2025 (Cloudflare) Critical template Injection flaw in LaRecipe Documentation Package enables remote code execution (Beyond Machines) NSA: Volt Typhoon was ‘not successful’ at persisting in critical infrastructure (The Record) Defence secretary 'unable to say' if anyone killed after Afghan data breach  (BBC News) Hackers exploit a blind spot by hiding malware inside DNS records (Ars Technica) 21-year-old former US soldier pleads guilty to hacking, extorting telecoms  (The Record) WeTransfer says files not used to train AI after backlash (BBC News) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  30:20

  --------

  30:20
• The Grok that broke the camel’s back.

  A DOGE employee leaks private API keys to GitHub. North Korea’s “Contagious Interview” campaign has a new malware loader. A New Jersey diagnostic lab suffers a ransomware attack. A top-grossing dark web marketplace goes dark in what experts believe is an exit scam. MITRE launches a cybersecurity framework to address threats in cryptocurrency and digital financial systems. Experts fear steep budget cuts and layoffs under the Trump administration may undermine cybersecurity information sharing. A Maryland IT contractor settles federal allegations of cyber fraud. Kim Jones and Ethan Cook reflect on CISO perspectives. A crypto hacker goes hero and gets a hefty reward.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today Kim Jones, host of CISO perspectives, sits down with N2K’s analyst Ethan Cook to reflect on highlights from this season of CISO Perspectives. They revisit key moments, discuss recurring themes like the cybersecurity workforce gap, and get Ethan’s outsider take on the conversations. It’s all part of a special wrap-up to close out the season finale. If you like this conversation and want to hear more from CISO Perspectives, check it out here. Selected Reading DOGE Employee exposes AI API Keys in source code, giving access to advanced xAI models (Beyond Machines) DOGE Denizen Marko Elez Leaked API Key for xAI (Krebs on Security) North Korean Actors Expand Contagious Interview Campaign with New Malware Loader (Infosecurity Magazine) Avantic Medical Lab hit by ransomware attack, data breach (Beyond Machines) Abacus Market Shutters After Exit Scam, Say Experts (Infosecurity Magazine) MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats (SecurityWeek) How Trump's Cyber Cuts Dismantle Federal Information Sharing (BankInfo Security) UK launches vulnerability research program for external experts (Bleeping Computer) Federal IT contractor to pay $14.75 fine over ‘cyber fraud’ allegations (The Record) Crypto Hacker Who Drained $42,000,000 From GMX Goes White Hat, Returns Funds in Exchange for $5,000,000 Bounty (The Daily Hodl) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  36:09

  --------

  36:09
• Taxing times for cyber fraudsters.

  British and Romanian authorities make arrests in a major tax fraud scheme. The Interlock ransomware gang has a new RAT. A new vulnerability in Google Gemini for Workspace allows attackers to hide malicious instructions inside emails. Suspected Chinese hackers breach a major DC law firm.  Multiple firmware vulnerabilities affect products from Taiwanese manufacturer Gigabyte Technology. Nvidia warns against Rowhammer attacks across its product line. Louis Vuitton joins the list of breached UK retailers. Indian authorities dismantle a cyber fraud gang. CISA pumps the brakes on a critical vulnerability in American train systems. Our guest is Cynthia Kaiser, SVP of Halcyon’s Ransomware Research Center and former Deputy Assistant Director at the FBI’s Cyber Division, with insights on Scattered Spider. Hackers ransack Elmo’s World.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Cynthia Kaiser, SVP of Halcyon’s Ransomware Research Center and former Deputy Assistant Director at the FBI’s Cyber Division, discussing "Scattered Spider and Other Criminal Compromise of Outsourcing Providers Increases Victim Attacks." You can check out more from Halcyon here. Selected Reading Romanian police arrest 13 scammers targeting UK’s tax authority (The Record) Interlock Ransomware Unleashes New RAT in Widespread Campaign (Infosecurity Magazine) Google Gemini flaw hijacks email summaries for phishing (Bleeping Computer) Chinese hackers suspected in breach of powerful DC law firm (CNN Politics) Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment (Security Week) Nvidia warns of Rowhammer attacks on GPUs (The Register) Louis Vuitton UK Latest Retailer Hit by Data Breach (Infosecurity Magazine) Indian Police Raid Tech Support Scam Call Center (Infosecurity Magazine) Security vulnerability on U.S. trains that let anyone activate the brakes on the rear car was known for 13 years — operators refused to fix the issue until now (Tom's Hardware) End-of-Train and Head-of-Train Remote Linking Protocol (CISA) Hacker Makes Antisemitic Posts on Elmo’s X Account (The New York Times) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  34:16

  --------

  34:16

More News podcasts

Trending News podcasts

About CyberWire Daily

CyberWire Daily: Podcasts in Family