CyberWire Daily

Five Eyes flags active exploitation of Cisco SD-WAN flaws. Ransomware incidents surge, but fewer victims are paying. The FTC eases its stance on COPPA to encourage age verification. Authorities in Poland and Germany charge 11 in a Facebook credential harvesting scheme. Top UK news outlets unite on AI licensing standards, as the UK touts gains in cyber resilience. Researchers say a hacker abused Anthropic’s Claude to breach Mexican government networks. Gamers revolt over AI in game development. On our Industry Voices, we are joined by Linda Gray Martin, Chief of Staff and SVP, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2026. In Moscow, a man is accused of impersonating an FSB officer to shake down the Conti ransomware gang. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today on our Industry Voices, we are joined by Linda Gray Martin, Chief of Staff and SVP, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2026.

Selected Reading

Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning (TechNadu)

Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis (The Record)

FTC Softens Enforcement of Rule Protecting Children Online, Ostensibly to Protect Children Online (Gizmodo)

Poland Cybercrime Unit Uncovers Scheme Stealing 100,000 Facebook Logins (The 420)

UK news giants form 'NATO for news' group to control AI scraping (Press Gazette)

Government cuts cyber-attack fix times by 84% and launches new profession to protect public services (GOV.UK)

Hacker Used Anthropic’s Claude to Steal Sensitive Mexican Data (Bloomberg)

AI Mistakes Are Infuriating Gamers as Developers Seek Savings (Bloomberg)

Moscow man accused of posing as FSB officer to extort Conti ransomware gang (The Record)

AIs can’t stop recommending nuclear strikes in war game simulations (New Scientist)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Trump tells diplomats to fight digital sovereignty. DeepSeek allegedly trains on banned Nvidia chips. Google knocks out Gallium. Hackers tamper with patient records in New Zealand. Popular mental health apps leak risk. Wynn confirms a ShinyHunters breach. Telecoms dodge New York cyber rules. Russia targets Telegram’s founder. And a defense insider heads to prison for selling cyber weapons to Moscow. Andrew Dunbar, CISO of Shopify, discusses how identity and trust become the new perimeter and how commerce needs both. Barking backlash brews beneath big-game broadcast.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Andrew Dunbar, CISO of Shopify, to discuss how identity and trust become the new perimeter and how commerce needs both to be engineered into the platform.

Selected Reading

Exclusive: US orders diplomats to fight data sovereignty initiatives (Reuters)

Exclusive: China's DeepSeek trained AI model on Nvidia's best chip despite US ban, official says (Reuters)

Google disrupts Chinese-linked hackers that attacked 53 groups globally (Reuters)

Patient data changed as major NZ health app MediMap hacked (RNZ News)

Android mental health apps with 14.7M installs filled with security flaws (Bleeping Computer)

Wynn Resorts Confirms Cyberattack & Extortion Threat, Claims Data Deleted (Casino.org)

Verizon successfully dodged data security rules from state regulators (Times Union)

Russia opens probe of Telegram chief, claiming app has been used for terrorism (Washington Post) 

Former Defense Contractor Sentenced to 87 Months in Prison for Selling Secrets to Russia: Peter Williams Trade Secrets Case Concludes (TechNadu)

$10,000 bounty offered if you can hack Ring cameras to stop them sharing your data with Amazon (Bitdefender)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

SolarWinds patches four critical remote code execution vulnerabilities. A ransomware attack on Conduant puts the data of over 25 million Americans at risk. RoguePilot enables Github repository takeovers. ZeroDayRat targets Android and iOS devices. North Korea’s Lazarus group deploy Medusa ransomware against organizations in the U.S. and the Middle East. Attackers’ breakout times drop to under half an hour.  CISA maintains its mission despite staffing challenges. Russian satellites draw fresh scrutiny. Two South Korean teenagers are charged with breaching Seoul’s public bike service. Krishna Sai, CTO at SolarWinds, discusses why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI’s tangible contributions. The Pope pushes prayerful priests past predictable programs. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Krishna Sai, CTO at SolarWinds, discussing why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI’s tangible contributions.

Selected Reading

Critical SolarWinds Serv-U flaws offer root access to servers (Bleeping Computer)

Massive Conduent Data Breach Exfiltrates 8 TB Affects Over 25 Million Americans (GB Hackers)

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover (SecurityWeek)

New ZeroDayRAT Malware Claims Full Monitoring of Android and iOS Devices (Hackread)

North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East (The Record)

CrowdStrike says attackers are moving through networks in under 30 minutes (CyberScoop)

Shutdown at D.H.S. Extends to Cyber Agency, Adding to Setbacks (The New York Times)

From Cold War interceptors to Ukraine: how Russia came to park spy satellites next to the West’s most sensitive tech in orbit (Meduza)

Korean cops charge two teens over Seoul bike hire breach (The Register)

Pope tells priests to use their brains, not AI, to write homilies (EWTN News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A senior FBI cyber official warns Salt Typhoon remains an ongoing threat. Data protection authorities issue a joint statement raising serious concerns about AI image creation. A Japanese semiconductor equipment maker confirms a ransomware attack. New number formats seek to reduce AI overhead. A low-skilled Russian-speaking threat actor compromised more than 600 Fortinet FortiGate firewalls. Spanish authorities have arrested four alleged members of Anonymous. CISA tags a pair of Roundcube Webmail flaws. Cybersecurity stocks fell sharply on news of a new security feature in Claude AI. Monday business breakdown. Brandon Karpf, friend of the show discussing sovereignty in space and cyber. Digital disruption drains drumsticks.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today Dave sits down with Brandon Karpf, friend of the show, and Maria Varmazis, host of T-Minus, as they are discussing sovereignty in space and cyber.

Selected Reading

FBI: Threats from Salt Typhoon are ‘still very much ongoing’ (CyberScoop)

Joint Statement on AI-Generated Imagery and the Protection of Privacy (International Enforcement Cooperation Working Group (IEWG))

Japanese chip-testing toolmaker Advantest suffers ransomware attack (Help Net Security)

AI's Math Tricks Don't Work for Scientific Computing (IEEE)

Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls (Infosecurity Magazine)

Suspected Anonymous members cuffed in Spain over DDoS attack (The Register)

CISA: Recently patched RoundCube flaws now exploited in attacks (Bleeping Computer)

Anthropic Unveils 'Claude Code Security,' Sending Cyber Stocks Lower (Bloomberg)

RSAC Innovation Sandbox finalists secure $5 million each. (N2K Pro Business Briefing)

Cyber attack takes major chicken processor Hazeldenes offline leaving businesses without meat (ABC News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

In this second installment of our three-part series on ⁠⁠Cyber Coalition 2025⁠⁠, ⁠⁠Maria Varmazis⁠⁠⁠, host of ⁠⁠⁠T-Minus⁠⁠⁠ Space Daily and CyberWire Producer ⁠⁠⁠Liz Stokes,⁠⁠ take listeners inside a single day at NATO’s cyber headquarters in Tallinn, Estonia — focusing on the human side of cyber defense.

Hosted by the NATO Cooperative Cyber Defence Centre of Excellence and led by NATO Allied Command Transformation, Cyber Coalition is a defensive-only exercise built around collaboration, coordination, and information sharing across allied nations. This episode highlights how that plays out in practice, from legal teams working through cross-border policy questions to military defenders coordinating with civilian infrastructure partners inside NATO’s secure cyber range.

In case you missed the first episode of this three part series, check it out ⁠here⁠.
Learn more about your ad choices. Visit megaphone.fm/adchoices