AI meets the chain of command.

Cyber Command names a new head of AI. The UK introduces its long-delayed Cyber Security and Resilience Bill. Researchers highlight a critical Oracle Identity Manager flaw. Salesforce warns customers of a third-party data breach. Italy’s state-owned railway operator leaks sensitive information. SonicWall patches firewalls and email security devices. The US charges four individuals with conspiring to illegally export restricted Nvidia AI chips to China. The SEC drops its lawsuit against SolarWinds. NSO group claims a permanent injunction could cause irreparable and potentially existential harm. Maria Varmazis of the T-Minus Space Daily show sits down with General Daniel Karbler (Ret.) to discuss his consulting work for A House of Dynamite, the newly released Netflix film. Roses are red, violets are blue, this poem just jailbroke your AI too.

Today is Friday November 21st 2025. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

Cyber Command names a new head of AI. 

Brig. Gen. Reid Novotny has begun serving as the new Chief Artificial Intelligence Officer at U.S. Cyber Command, announcing the move in a LinkedIn post he noted was written with AI assistance. He said the United States is in a pivotal moment as artificial intelligence reshapes global competition, military operations, and how adversaries seek advantage. Novotny emphasized the need for responsible innovation, rapid integration of advanced capabilities, and strong partnerships across the Pentagon, industry, and academia. He added that adopting AI at scale will require cultural change as much as technological progress. Prior to this role, Novotny served as the National Guard Bureau’s director of intelligence and cyber effects operations and as a senior military policy adviser at the Office of the National Cyber Director.

The UK introduces its long-delayed Cyber Security and Resilience Bill. 

The UK government has introduced its long-delayed Cyber Security and Resilience Bill, a sweeping measure aimed at strengthening national defenses as cyberattacks cost the economy an estimated £14.7 billion each year. The bill broadens the range of organisations required to meet cybersecurity standards, including suppliers to critical sectors such as healthcare and water, as well as managed service providers. It grants new powers to the Technology Secretary to mandate security actions during national security threats. Experts say rising geopolitical tensions and recent high-profile breaches, including the Synnovis lab attack and incidents affecting Jaguar Land Rover, highlight the urgency. The bill aligns with plans to ban ransom payments but will not be enforced until 2027, raising concerns about regulatory capacity and readiness.

Researchers highlight a critical Oracle Identity Manager flaw. 

Searchlight Cyber disclosed a critical Oracle Identity Manager flaw, CVE-2025-61757, a pre-authentication remote code execution vulnerability chained from an authentication bypass. Oracle patched it in October 2025 and confirmed it is easily exploitable. Searchlight warned it could enable full system compromise, including access to servers handling sensitive data. SANS researchers later found signs of possible zero-day exploitation between August 30 and September 9, likely by a single actor also scanning for other vulnerabilities, including Liferay and Log4j.

Salesforce warns customers of a third-party data breach. 

Salesforce has warned customers of a data breach traced to Gainsight, a partner whose applications integrate with Salesforce environments. The company detected unusual activity in Gainsight-published apps managed directly by customers and said the issue may have enabled unauthorized access to certain Salesforce data. Salesforce stressed the breach was not caused by flaws in its own software and has revoked all access and refresh tokens tied to the affected apps, which were also removed from the AppExchange. Security experts believe more than 200 customers may be impacted and suspect the ShinyHunters group, which has previously targeted Salesforce partners. The incident highlights growing supply chain risks, echoed by IBM’s 2025 breach report noting high costs, rising prevalence, and long detection times for third-party compromises.

Italy’s state-owned railway operator leaks sensitive information. 

Data from Italy’s state-owned railway operator Ferrovie dello Stato Italiane (FS) was leaked following a breach at its IT provider Almaviva. A threat actor claimed to have stolen 2.3 TB of recent and highly sensitive material, including internal FS documents, strategic plans, defense-related contracts, employee and passenger data, financial records, and information tied to multiple FS subsidiaries. Almaviva confirmed a cyberattack on its corporate systems and said some data was taken, though critical services remained operational. The company activated its incident response procedures and notified Italian authorities, including the Public Prosecutor’s Office and the National Cybersecurity Agency. Evidence that the documents extend into Q3 2025 suggests the breach stems from a new intrusion rather than reuse of data stolen during Almaviva’s 2022 compromise.

SonicWall patches firewalls and email security devices. 

SonicWall released patches for several high-severity flaws affecting Gen7 and Gen8 firewalls and its Email Security appliances. A stack-based buffer overflow in the SonicOS SSL VPN service, tracked as CVE-2025-40601, could let remote, unauthenticated attackers crash devices. Two additional Email Security issues, including CVE-2025-40604, allow arbitrary code execution when root filesystem images are not verified. Fixes are available, and customers are urged to restrict SSL VPN access until updated. SonicWall says there is no evidence of exploitation.

The US charges four individuals with conspiring to illegally export restricted Nvidia AI chips to China. 

Four individuals in the US have been charged with conspiring to illegally export restricted Nvidia AI chips to China. Prosecutors say the group used shell companies, falsified paperwork, and routed shipments through Malaysia and Thailand to evade export controls imposed in 2022. A Tampa firm, Janford Realtor LLC, allegedly served as the front for the operation. Two shipments succeeded, sending 400 Nvidia A100 GPUs into China, while law enforcement blocked two others involving H100-powered supercomputers and 50 H200 GPUs. The defendants allegedly never sought required licenses and received nearly $3.9 million from China to fund the scheme. Officials describe the case as part of a broader effort to disrupt illicit pipelines for advanced US AI hardware. The defendants face up to 20 years in prison.

The SEC drops its lawsuit against SolarWinds. 

The SEC has dropped its 2023 lawsuit accusing SolarWinds and its CISO of misleading investors about weak cybersecurity practices. The agency offered no explanation beyond saying the move was discretionary. SolarWinds called the dismissal a vindication, noting industry concerns about the case’s chilling effect on security leaders. The decision follows a 2024 ruling that rejected most SEC claims as speculative. The suit had focused on disclosures before and after the Russian-linked 2020 breach that compromised major companies and US government agencies.

NSO group claims a permanent injunction could cause irreparable and potentially existential harm. 

NSO Group is asking a federal court to pause the permanent injunction blocking it from targeting WhatsApp while it appeals, arguing the order would cause irreparable and potentially existential harm. In a new filing, the company says the injunction would force it to destroy code that cannot be recovered, halt lawful sales of its Pegasus spyware to government customers, and leave competitors unrestricted. NSO also argues the order conflicts with the Computer Fraud and Abuse Act, which exempts authorized U.S. law enforcement and intelligence activity. The company claims a stay is in the public interest because Pegasus supports counterterrorism and criminal investigations, noting the injunction would bar any future U.S. government use. The motion follows NSO’s leadership shake-up and confirmation of new U.S. investors.

 

Coming up after our break, my colleague from T-Minus Space Daily, Maria Varmazis, has an excerpt from her exciting conversation with retired Lt. General Dan Karbler about the Netfilx film he was part of called A House of Dynamite.  

We’ll be right back

Welcome back. You can catch the full discussion about A House of Dynamite with Maria and retired Lt. General Dan Karbler on tomorrow’s episode of T-Minus Deep Space on your favorite podcast app. 

Roses are red, violets are blue, this poem just jailbroke your AI too. 

It seems the swiftest way to fool an AI

Is not through cunning hacks or coders’ craft,

But shaping every scheme in lines of verse.

A study shows that when malicious aims

Are wrapped in meter, rhythm, rhyme, and form,

The models drop their guard and let them pass.

Twelve hundred prompts they tested, prose and poem,

Across a host of systems far and wide,

And found success rose sharply when in rhyme,

From modest rates to heights near ninety-plus.

The flaw appears in filters stretched too thin,

Which falter when the input sounds like art.

Though smaller models held their footing best,

Their larger kin proved weak to lyric charm.

So let this stand as fair and wry advice:

A well-placed meter may be more than sweet,

For pretty lines can turn a prompt quite sharp.

It turns out the quickest way to fool an AI isn’t with complex exploits or elite hacking techniques… it’s with poetry. The authors of “Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models” show that turning malicious requests into verse is more than just art—it’s a surprisingly effective way to short-circuit model safety systems. They tested 1,200 harmful prompts in both standard prose and poetic form across 25 major models and found that when framed as poetry, the attack-success rate (ASR) soared from ~8 % to ~43 % on average—sometimes exceeding 90 %. The trick works across domains (cyber-offense, privacy, CBRN hazards) and providers, pointing to a systemic weakness: the models’ safety filters seem brittle when the input looks “poetic.” Smaller models were oddly more robust than their big, lyrical siblings. The takeaway: formatting your request in iambic pentameter may not just make it sound pretty—it might make it dangerous.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s senior producer is Alice Carruth. Our producer is Liz Stokes. We’re mixed by Elliott Peltzman and Tré Hester, with original music by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.