New sheriff in cyber town.
The Senate confirms a new national cyber director. A new commission explores the establishment of a separate Cyber Force. Cybercriminals exploit link wrapping to launch sophisticated phishing attacks. AI agents are hijacked, cameras cracked, and devs phished. Gene sequencers and period trackers settle allegations of oversharing personal data and inadequate security. Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. OpenAI scrambles after a chat leak fiasco.
Today is Monday August 4th 2025. I’m Dave Bittner. And this is your CyberWire Intel Briefing.
The Senate confirms a new national cyber director.
Sean Cairncross, a former Republican National Committee official and Trump adviser, was confirmed by the Senate as the new national cyber director in a 59-35 vote. Despite having no background in cybersecurity, Cairncross gained bipartisan support and endorsements from senior cyber experts. He now leads the Office of the National Cyber Director (ONCD), which shapes federal cybersecurity policy. At his Senate hearing, he admitted limited cyber knowledge but emphasized his management experience. He voiced strong support for collaboration and offensive cyber efforts. Cairncross backed two key bipartisan bills: the Cybersecurity Information Sharing Extension Act and the Rural Hospital Cybersecurity Enhancement Act. He succeeds Harry Coker, a former NSA official, and follows Chris Inglis, the ONCD’s first director. Cairncross pledged to deliver results for national security.
A new commission explores the establishment of a separate Cyber Force.
A new commission has launched to design how the U.S. could establish a separate Cyber Force, aiming to influence next year’s defense bill. Formed by the Center for Strategic and International Studies and the Cyberspace Solarium Commission 2.0, the 17-member group includes top former military and civilian cyber leaders. Co-chaired by retired Lt. Gen. Ed Cardon and Josh Stiefel, the panel assumes presidential support for a Cyber Force and is focused on how to build it. This comes amid delays in reforming U.S. Cyber Command and growing frustration over unprepared cyber troops. Critics, including retired Lt. Gen. Charles Moore, argue the commission may undercut a separate, congressionally mandated feasibility study. Still, the commission says it’s ready with a detailed blueprint should the President demand a new cyber service.
Cybercriminals exploit link wrapping to launch sophisticated phishing attacks.
Cybercriminals are exploiting email security tools like Proofpoint and Intermedia’s link wrapping to launch sophisticated phishing attacks, according to Cloudflare. By compromising protected accounts, attackers send emails containing malicious links. These links are automatically rewritten by the security provider’s trusted domains, making them appear safe. Victims are then lured to fake Microsoft 365 login pages to steal credentials. Attackers use URL shorteners and multiple redirects to evade detection, with phishing emails disguised as voicemails or shared documents. This tactic reflects a broader trend of misusing trusted tech tools—like AI and security platforms—for cybercrime.
AI agents are hijacked, cameras cracked, and devs phished.
Aim Labs discovered a critical vulnerability—dubbed “CurXecute”—in the Cursor IDE developer environment, allowing full remote code execution (RCE) via prompt injection. The flaw, tracked as CVE-2025-54135 with a severity score of 8.6, affects all versions before 1.3. Exploiting it requires only a poisoned prompt delivered through an external service like Slack, which rewrites ~/.cursor/mcp.json and executes attacker commands without user consent. Because Cursor runs with developer-level privileges, attackers could steal data, deploy ransomware, or manipulate AI behavior. This mirrors past threats like EchoLeak, which showed how untrusted content can hijack AI workflows. The core issue lies in AI agents’ reliance on external data, making runtime guardrails essential. Cursor patched the bug on July 8, 2025, but the attack pattern signals a wider, persistent threat across developer AI tools.
Elsewhere, researchers at Pangea Labs have uncovered a new cyberattack method called “LegalPwn,” which manipulates generative AI models into misclassifying malware as safe code. The technique hides malicious code inside fake legal disclaimers, exploiting AI’s tendency to respect legal-sounding language. Tested across twelve major AI models—including ChatGPT, Gemini, and Llama—most were vulnerable, while only a few, like Claude 3.5 and Microsoft’s Phi 4, resisted. In real-world tools like GitHub Copilot and Gemini CLI, the attack tricked systems into recommending dangerous commands like reverse shells. LegalPwn is a form of prompt injection, similar to “Man in the Prompt” attacks. The research emphasizes the need for human oversight in AI security decisions and recommends guardrails and manual review to prevent such manipulations from compromising systems.
Additionally, Bitdefender has identified two critical security flaws—CVE-2025-31700 and CVE-2025-31701—in Dahua’s [DAH-wah] Hero C1 and other security camera models. These bugs allow unauthenticated attackers to remotely execute code via buffer overflows in the ONVIF protocol and file upload handler. The flaws give full control over the device and affect widely deployed cameras in homes and businesses. Dahua patched the issues on July 7, 2025. Users should immediately update firmware or secure devices by disabling UPnP and isolating them from public networks.
Mozilla has issued a warning about a phishing campaign targeting developer accounts on its AMO (addons.mozilla.org) platform, which hosts over 60,000 extensions. Attackers are sending fake emails impersonating the AMO team, urging developers to update their accounts to retain access to development features. Developers are advised to avoid clicking suspicious links, verify sender domains and email authentication, and log in only via official Mozilla websites. At least one developer reported falling victim. Mozilla is monitoring the situation and promises updates.
Gene sequencers and period trackers settle allegations of oversharing personal data and inadequate security.
Gene sequencing firm Illumina will pay $9.8 million to settle allegations it sold genomic systems with known cybersecurity flaws to U.S. federal agencies from 2016 to 2023. The DOJ claims Illumina lacked a proper security program, failed to patch vulnerabilities, and falsely claimed its software met cybersecurity standards. CISA and the FDA had previously issued alerts about critical flaws in Illumina’s products that could allow remote takeovers. A whistleblower lawsuit triggered the case, with the informant receiving $1.9 million from the settlement.
Developers of the period-tracking app Flo have settled a class-action lawsuit alleging it shared sensitive reproductive data from millions of users with Meta and others, despite promises of privacy. The terms weren’t disclosed, but the case involved up to 38 million women and could have led to billions in damages. The lawsuit claims Flo let Meta access menstruation data via an SDK for ad targeting. Meta denies receiving such data. Flo previously settled with the FTC in 2021, agreeing to obtain user consent for future data sharing.
OpenAI scrambles after a chat leak fiasco.
And finally, OpenAI quietly pulled a ChatGPT feature that left some users’ deeply personal chats—think family drama, mental health confessions, and sexcapades—floating around in Google search results. Fast Company rang the alarm, revealing that users who clicked “Share” and ticked a vaguely labeled box had unintentionally made their chats searchable. OpenAI initially claimed the warning text was clear (ish), but soon admitted the “Make this chat discoverable” setup was ripe for accidental oversharing. Their Chief InfoSec Officer called it a “short-lived experiment,” which, as Oxford ethicist Carissa Véliz put it, sounds a lot like “we tested this on you and hoped no one noticed.” Now OpenAI is working to vanish the indexed content and clean up the mess. The kicker? This comes just as the company’s fighting a court order to keep all deleted chats—yes, even the mortifying ones.
And that’s the CyberWire.
For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.
We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com
We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.
N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry. Learn how at n2k.com.
We'd love to hear from you. We're conducting our annual audience survey to learn more about our listeners. We're collecting your insights until August 31, 2025. There's a link in the show notes.
N2K’s senior producer is Alice Carruth. Our producer is Liz Stokes. We’re mixed by Elliott Peltzman and Tré Hester, with original music by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.
