CyberWire Daily

Yuval Avrahami from Wiz joins to share their work on "CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild." Wiz Research uncovered “CodeBreach,” a critical supply chain vulnerability caused by a subtle misconfiguration in AWS CodeBuild pipelines that allowed attackers to take over key GitHub repositories, including the widely used AWS JavaScript SDK that powers the AWS Console.

By exploiting an unanchored regex filter, unauthenticated attackers could trigger privileged builds, steal credentials, and potentially inject malicious code into software used across a majority of cloud environments. AWS has since remediated the issue and introduced stronger safeguards, but the incident highlights a growing trend of attackers targeting CI/CD pipelines where small misconfigurations can lead to massive downstream impact.

The research can be found here:

CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild

Learn more about your ad choices. Visit megaphone.fm/adchoices

Feds take down major IoT botnets. The FBI seizes hacktivist infrastructure. A data breach hits Kaplan, while a hacker claims access to millions of law enforcement tips. Fake Zoom calls deliver malware. A crypto “security” tool turns out to be spyware. A critical AI framework flaw gets exploited in hours. An insider extortion case ends in conviction. And a streaming scam pulls in over $10 million. A look back at ten years of Cyberwire podcasts. Intern Kevin gets ready for RSAC. A cyberattack leaves breathalyzers offline. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Celebrating CyberWire Daily

Maria Varmazis leads a conversation with Peter Kilpe and Dave Bittner reflecting on the origins of the CyberWire Daily podcast as part of the 10th anniversary series, sharing behind-the-scenes insights and how it all got started.

CyberWire Guest

Today we are joined by Intern Kevin—also known as Kevin Magee—as he gets ready for RSA Conference 2026 next week.

Selected Reading

Feds disrupt IoT botnets behind record-breaking DDoS attacks (The Register)

FBI seizes Handala data leak site after Stryker cyberattack (Bleeping Computer)

Kaplan North America Reports Data Breach Impacting Nearly 195,000 Individuals (Beyond Machines)

Hacker says they compromised millions of confidential police tips held by US company (Reuters)

Fake interactive Zoom call leads to malicious ScreenConnect download | news (SC Media)

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery (Infosecurity Magazine)

Hackers Exploit Critical Langflow Bug in Just 20 Hours (Infosecurity Magazine)

Ex-data analyst stole company data in $2.5M extortion scheme (Bleeping Computer)

Musician admits to $10M streaming royalty fraud using AI bots (Bleeping Computer)

Cyberattack leaves Maine drivers with breathalyzer test systems unable to start vehicles (WGME)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Even as cybersecurity has grown and become universially accepted, the field has continued to struggle when attempting to assess and aquire talent. Oftentimes, there is a disconnect between what organizations need and what they interview for leading vague job postings and ineffective hirings.

In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Jeff Welgan, the Chief Strategist and CEO at SkillRex, to discuss how we assess talent. Throughout the conversation, Jeff and Kim will discuss the problems associated with traditional workforce management and how modernizing this approach can provide a strategic advantage.

Want more CISO Perspectives?

Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. It’s the perfect follow-up if you’re curious about the cyber talent crunch and how we can reshape the ecosystem for future professionals.
Learn more about your ad choices. Visit megaphone.fm/adchoices

DarkSword targets iPhones for indiscriminate exploitation. Cybercrime and the Iran war. The FBI confirms purchasing commercially available location data. The DHS secretary nominee gets grilled on CISA funding. A Zimbra Collaboration Suite vulnerability is being used in targeted espionage. A new Android malware targets sensitive data stored in user notes. AWS warns of ongoing Interlock ransomware activity. Tracking pixels grab more than they should. Perry Carpenter and Mason Amadeus from The FAIK Files podcast speak with Hany Farid about the real-world harms of synthetic media. Do Boomers balance breaches better? 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Perry Carpenter and Mason Amadeus, hosts of The FAIK Files podcast, speaking with Hany Farid about the real-world harms of synthetic media.

Last week, the FAIK Files team sat down with Hany Farid -- digital forensics expert, professor at UC Berkeley, and co-founder of Get Real Security ( getrealsecurity.com ) -- to discuss deepfakes, authenticity metadata (C2PA), and forensic deepfake detection approaches.

And here's a link to the youtube video:  https://www.youtube.com/watch?v=RSpmRb2O7Xc

Selected Reading

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild (WIRED)

Cybercrime has skyrocketed 245% since the start of the Iran war (The Register)

CISA official says agency has not seen uptick in cyber threats amid Iran war (The Record)

FBI is buying data that can be used to track people, Patel says (POLITICO)

DHS nominee Mullin pressed on restoring CISA staffing (The Record)

CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List (GB Hackers)

Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency (The Record)

New ‘Perseus’ Android malware checks user notes for secrets (Bleeping Computer)

AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January (Infosecurity Magazine)

The Collection of Commercial Intelligence: TikTok & Meta Ad Pixels (Jscrambler)

Forget Millennials: why those over 65 are the real cyber security pros (The Senior)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Iran’s cyber ops stay resilient. U.S. lawmakers press Big Tech on EU rules. Researchers expose a Fancy Bear server. Japan moves toward offensive cyber. CISA calls for cross-agency teamwork. New malware targets network infrastructure. AI fooled by font-based attacks. Schneider Electric warns of critical flaws. Quantum cryptography earns top honors. Guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. Smart glasses on the witness stand.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. You can dig into the details of what Bradon discussed in Gartner’s “Cybersecurity Must Block AI Browsers for Now.” You can hear the full interview here.

Selected Reading

U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued (Forbes)

US committee demands Big Tech share private comms with EU officials (POLITICO)

FancyBear Exposed: Major OPSEC Blunder Inside Russian Espionage Ops (Ctrl-Alt-Intel)

Japan to allow ‘proactive cyber-defense’ from October 1st (The Register)

CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors (CyberScoop)

New Malware Highlights Increased Systematic Targeting of Network Infrastructure (Eclypsium)

Poisoned Typeface: How Simple Font Rendering Poisons Every AI Assistant, And Only Microsoft Cares (LayerX)

Schneider Electric Patches Critical RCE Vulnerability in SCADAPack RTUs (Beyond Machines)

Turing Award Goes to Inventors of Quantum Cryptography (The New York Times)

Witness Caught Using Smartglasses in Court Blames it all on ChatGPT (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices