CyberWire Daily
Recent Episodes
Chaos and security concerns continue in Washington. Spanish authorities arrest a man suspected of hacking NATO, the UN, and the US Army. A major U.S. hiring platform exposes millions of resumes. Another British engineering firm suffers a cyberattack. Cisco patches multiple vulnerabilities. Cybercriminals exploit SVG files in phishing attacks. SparkCat SDK targets cryptocurrency via Android and iOS apps. CISA directs federal agencies to patch a high-severity Linux kernel flaw. Thailand leaves scamming syndicates in the dark. Positive trends in the fight against ransomware. Our guest is Cliff Crosland, CEO and Co-founder at Scanner.dev, discusses the evolution of security data lakes and the "bring your own" model for security tools. Don’t eff with the FCC.
The DOGE team faces growing backlash. The Five Eyes release guidance on protecting edge devices. A critical macOS kernel vulnerability allows privilege escalation, memory corruption, and kernel code execution. Google and Mozilla release security updates for Chrome and Firefox. Multiple Veeam backup products are vulnerable to man-in-the-middle attacks. Zyxel suggests you replace those outdated routers. A former Google engineer faces multiple charges for alleged corporate espionage. CISA issues nine new advisories for ICS vulnerabilities. A house Republican introduces a cybersecurity workforce scholarship bill. On our CertByte segment, a look at ISC2’s CISSP exam. Google updates its stance on AI weapons.
DOGE’s unchecked access to federal networks sparks major cybersecurity fears. Senator Hawley’s AI ban targets China and raises free speech concerns. Apple service ticket portal vulnerability exposed millions of users’ data. North Korean ‘FlexibleFerret’ malware targets macos via job scams and fake zoom apps. February 2025 android security update fixes 48 vulnerabilities, including exploited zero-day. Grubhub data breach exposes customer and driver information. Abandoned cloud infrastructure creates major security risks. Texas to launch its own Cyber Command amid rising cyber threats. Dell PowerProtect vulnerabilities pose critical security risks. On our Threat Vector segment, David Moulton and his guests look at the potential dangers of DeepSeek. U.S. Government is quietly altering the Head Start database. And a moment of inspiration from a spacefaring poet.
Federal agencies in power struggle crossfire.
Federal agencies become battlegrounds in an unprecedented power struggle. XE Group evolves from credit-card skimming to exploiting zero-day vulnerabilities. WhatsApp uncovers a zero-click spyware attack linked to an Israeli firm.Texas expands its ban on Chinese-backed AI and social media apps. Data breaches expose the personal and medical information of over a million people.NVIDIA patches multiple critical vulnerabilities. Arm discloses critical vulnerabilities affecting its Mali GPU Kernel Drivers and firmware. The UK government aims to set the global standard for securing AI. Tim Starks from CyberScoop has the latest from Senate confirmation hearings. The National Cryptologic Museum rights a wrong.
The end of a cybercrime empire.
Authorities dismantle a Pakistan-based cybercrime network. Lawmakers question the feasibility of establishing a U.S. Cyber Force as a standalone military branch. The DOJ sues to block HPE’s acquisition of Juniper Networks. Tangerine Turkey deploys cryptomining malware. Major healthcare providers send breach notifications. Norwegian police seize a Russian-crewed ship suspected of damaging a communications cable. Researchers discover critical vulnerabilities in GitHub Copilot. D-Link patches a critical router vulnerability. CISA and the FDA have warned U.S. healthcare organizations of severe security vulnerabilities in Chinese-made patient monitors. Pauses in funding create confusion for federal cybersecurity vendors. We bid a fond farewell to a pair of N2K colleagues. The case of the disappearing government data.