Podcasts
CyberWire Daily
Ep 2396
The CyberWire Daily Podcast 9.19.25
Ep 2396 | 9.19.25

The email that tricked an AI.

Show Notes
Transcript

OpenAI patches a ChatGPT flaw that could have exposed Gmail data. CISA documents malware exploiting two Ivanti Endpoint Manager Mobile (EPMM) flaws. WatchGuard patches a critical flaw in its Firebox firewalls. MI6 launches a dark web snitch site. The DoD looks to cut its cybersecurity job hiring time just 25 days. Researchers trick ChatGPT agents into solving CAPTCHAs. A UK teen faces accusations of being part of the Scattered Spider gang. The Senate confirms a new assistant secretary of defense for cyber policy. A former CIA officer is accused of selling classified information to private clients. Karin Ophir Zimet, Torq's Chief People Officer, is speaking with N2K Senior Workforce Analyst Will Markow about their internship program for upleveling AI skills. Russia’s AI propaganda goes prime time.

Today is Friday September 19th 2025. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

OpenAI patches a ChatGPT flaw that could have exposed Gmail data. 

OpenAI has patched a security flaw in its ChatGPT “Deep Research” agent that could have exposed Gmail data, according to Radware researchers. The tool, launched in February, helps users analyze large data sets and can connect to Gmail accounts if authorized. Radware discovered that attackers could exploit the feature by embedding hidden instructions in emails. The agent could then be tricked into extracting personal or corporate information, like names and addresses, and sending it to a malicious web address, all without the user’s interaction. While no evidence shows the flaw was exploited, the risk highlighted how AI agents themselves can be abused. OpenAI fixed the issue on September 3 and emphasized its commitment to improving model security with help from external researchers.

CISA documents malware exploiting two Ivanti Endpoint Manager Mobile (EPMM) flaws. 

CISA has released technical details on malware used in attacks exploiting two Ivanti Endpoint Manager Mobile (EPMM) flaws, CVE-2025-4427 and CVE-2025-4428. Disclosed on May 13, the vulnerabilities, a 5.3-rated authentication bypass and a 7.2-rated remote code execution bug, were quickly abused after proof-of-concept exploits appeared. China-linked UNC5221 was later tied to the campaigns. The flaws, found in open-source libraries within EPMM, can be chained for unauthenticated RCE. CISA analyzed malware deployed on a compromised EPMM server, revealing two sets of tools designed for persistence and arbitrary code execution. These included loaders, listeners, and a Java object manager to inject malicious classes into Apache Tomcat. CISA urges organizations to patch EPMM immediately, strengthen MDM monitoring, and adopt best security practices.

WatchGuard patches a critical flaw in its Firebox firewalls. 

WatchGuard has patched a critical flaw, CVE-2025-9242, in its Firebox firewalls that could let remote attackers take control without authentication. Rated 9.3/10 in severity, the bug stems from an out-of-bounds write in Fireware OS’s IKEv2 VPN process, potentially enabling arbitrary code execution. A wide range of Firebox models are affected, including T, M, and Cloud series. While no attacks are known yet, WatchGuard urges immediate updates to fixed versions such as 12.5.13, 12.11.4, and 2025.1.1. Researcher “btaol” reported the issue.

MI6 launches a dark web snitch site. 

The UK’s Secret Intelligence Service (MI6) has launched “Silent Courier,” a dark-web portal for would-be informants to securely share secrets. Announced with a statement quoting Foreign Secretary Yvette Cooper, the program aims to recruit sources “in Russia and around the world.” MI6 posted an eight-language YouTube video with step-by-step guidance: access Silent Courier via Tor (the provided .onion address), or ,  if Tor is blocked ,  use a short VPN trial and a throwaway email. Advisories stress using a clean, patched device, incognito browsing, and avoiding any identifying payment or personal details. MI6 says it will “carefully consider” submitted intelligence. Commentators note the risk of trolls or hostile actors flooding the service, and suggest the portal might also be used to expose foreign tradecraft.

The DoD looks to cut its cybersecurity job hiring time just 25 days. 

The Department of Defense is aiming to cut its cybersecurity job hiring time from 70 days to just 25 as it struggles with a shortfall of nearly 20,000 cyber professionals. Mark Gorak, who leads the DOD’s cyber workforce efforts, outlined the challenge at FedTalks, noting the department’s cyber component numbers about 245,000 within a total force of 4 million. Nationwide, the cyber talent gap is estimated at 500,000–700,000. To close the gap, the DOD is shifting to skills-based hiring, using short cyber range assessments to test applicants’ technical ability rather than requiring advanced degrees or certifications. The department is also updating cyber work roles every 90 days to keep pace with AI-driven changes. Collaboration with industry, academia, and other partners is seen as critical to success.

Researchers trick ChatGPT agents into solving CAPTCHAs. 

Researchers at SPLX showed that prompt injections can trick ChatGPT agents into solving CAPTCHAs, despite built-in safeguards. By first priming the model in a regular chat to treat CAPTCHAs as “fake,” then pasting that conversation into an agent session, they bypassed restrictions. The agent proceeded to solve reCAPTCHA V2 and Click CAPTCHA, even adjusting its cursor to mimic human behavior. SPLX warned this highlights vulnerabilities to context poisoning, raising doubts about CAPTCHA’s effectiveness and exposing risks of data leaks or security bypasses.

A UK teen faces accusations of being part of the Scattered Spider gang. 

UK teenager Thalha Jubair, accused of being part of the Scattered Spider gang, allegedly helped extort over $115 million from more than 100 organizations. Arrested alongside another teen, Jubair now faces US charges for 120 intrusions, including against the federal court system, where attackers stole staff data and accessed a magistrate judge’s inbox. Investigators tied him to ransom wallets after he used the same server to buy gaming and food gift cards linked to his residence. Evidence also came from chats where Jubair bragged about multimillion-dollar payments. Scattered Spider, known for social engineering and ransomware since 2022, has targeted retailers, casinos, and critical infrastructure. Authorities seized $36 million in crypto from Jubair’s server. Analysts say his arrest delivers a major blow to the gang’s global operations.

The Senate confirms a new assistant secretary of defense for cyber policy. 

The Senate has confirmed Katherine Sutton as the Pentagon’s new assistant secretary of defense for cyber policy, filling a critical vacancy after recent leadership departures. Sutton, only the second person to hold the role since its 2023 creation, was confirmed in a 51-47 vote. A former adviser at U.S. Cyber Command and Senate Armed Services Committee staff leader, she pledged to strengthen U.S. cyber defenses against China and other adversaries. She replaces acting chief Laurie Buckhout, who recently left, while other senior cyber policy posts remain vacant.

A former CIA officer is accused of selling classified information to private clients. 

Former CIA officer Dale Britt Bendler, 68, has been accused of abusing his clearance as a contractor to sell classified information to private clients. Prosecutors say that between 2017 and 2020, Bendler earned about $360,000 while treating CIA systems as his “personal Google.” He worked for a foreign national under investigation for embezzling sovereign wealth funds, receiving $20,000 per month to search CIA databases and shape a lobbying campaign with classified insights. He also aided another foreign national accused of laundering money for a terrorist group, again using CIA systems to gather intelligence. Court filings reveal he passed SECRET//NOFORN information to a U.S. lobbying firm, violating oaths and national security protocols. Prosecutors argue his misuse of secrecy as both cover and leverage highlights the need for a strong deterrent.

Russia’s AI propaganda goes prime time. 

Russia’s Ministry of Defense TV channel Zvezda has unveiled PolitStacker, a weekly “AI-generated” show that feels like Saturday Night Live got lost in a Soviet candy factory. Hosted by “Natasha,” an AI avatar modeled after a real journalist, the program claims its neural network chooses the week’s “political nonsense,” then serves it up as jokes, deepfakes, and surreal skits. Cue Emmanuel Macron in curlers, Donald Trump pitching golden toilets as foreign policy, and Ursula von der Leyen crooning Soviet pop while manning a factory line.

The production quality hovers somewhere between “Instagram filter gone wrong” and “uncanny valley chic,” but that hasn’t stopped Russia from bragging it’s the world’s first state-backed AI news parody. Whether it’s parody or propaganda is up for debate, but as data scientist Kalev Leetaru points out, this is a milestone: a national broadcaster openly dabbling in AI deepfakes. Candy-coated or not, Moscow’s digital experiments may just be the start.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

And that’s the CyberWire Daily, brought to you by N2K CyberWire.

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s senior producer is Alice Carruth. Our producer is Liz Stokes. We’re mixed by Elliott Peltzman and Tré Hester, with original music by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: CyberWire, Inc.