Podcasts
CyberWire Daily
Ep 2565
The CyberWire Daily Podcast 6.3.26
Ep 2565 | 6.3.26

The AI race gets a referee.

Show Notes
Transcript

AI oversight arrives at the White House. A Cyber Force gains momentum. Critical infrastructure comes under cyberattack. Acer faces zero-day trouble. A stock exchange executive gets spied on for months. HTTP/2 Bomb threatens web servers. Quantum’s classical side grows bigger. Britain's military chooses Starshield. Spain’s infamous hacker gets sentenced. Our guest is Benjamin Morrell, Vice President, Security Strategy at Coro Cybersecurity, discussing the role of MSPs. Meta’s productivity panopticon pauses for personal pitstops.

Today is Wednesday June 3rd 2026. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

President Trump signs an executive order on AI oversight. 

President Trump signed an executive order that marks the administration’s most significant move toward regulating artificial intelligence. The order asks technology companies to voluntarily give the federal government up to 30 days to review advanced AI models before public release, a scaled-back version of a previously proposed 90-day review period that was abandoned last month after industry pushback.

The decision follows months of internal debate over AI’s impact on national security and cybersecurity. The order also directs the Treasury Department to establish an AI cybersecurity clearinghouse to assess vulnerabilities identified by AI systems. Administration officials described the policy as a way to balance innovation with security concerns.

The move represents a shift from Trump’s earlier hands-off approach, which prioritized helping U.S. companies compete with China. Major technology firms, including Microsoft, OpenAI, Google, and Anthropic, publicly supported the revised order, calling it a reasonable balance between safety and innovation. However, some industry leaders remain concerned that government oversight could slow development and eventually lead to stricter regulations.

Growing concerns about AI-enabled cyber threats, public skepticism about AI, and pressure from security advocates helped drive the administration toward a formal oversight process. While the reviews remain voluntary, supporters argue that companies are likely to comply because of the order’s political significance. Critics, meanwhile, continue to push for mandatory safety testing and government vetting of advanced AI systems.

A bipartisan commission urges the creation of a dedicated U.S. Cyber Force. 

A bipartisan commission is urging the creation of a dedicated U.S. Cyber Force, arguing that the military needs a standalone service focused on digital warfare as cyber threats from adversaries such as Russia and China continue to grow. The proposed force would cost between $6 billion and $11 billion to establish, employ roughly 30,000 military personnel, 5,000 National Guard members, and up to 6,000 civilians, and could become operational within 12 to 18 months.

The Commission on Cyber Force Generation, a joint effort by CSIS and FDD, contends that current military branches have struggled to provide enough cyber-ready personnel to U.S. Cyber Command. Supporters argue a dedicated service would create a sustainable pipeline of cyber talent and improve long-term readiness. The proposal arrives as Congress prepares its annual defense legislation, with some lawmakers already signaling support for measures that would advance the concept.

CISA warns of ongoing cyberattacks targeting automatic tank gauge systems. 

CISA and several other federal agencies have issued a joint warning about ongoing cyberattacks targeting internet-exposed automatic tank gauge (ATG) systems used across critical infrastructure sectors. Attackers are exploiting weak security controls, default credentials, authentication bypasses, and software vulnerabilities to gain remote access and manipulate system settings. A successful compromise could disrupt operations, disable alarms, falsify tank readings, and increase safety and environmental risks. Agencies are urging operators to remove ATG systems from direct internet exposure, strengthen authentication, apply patches, enable monitoring, and report suspected incidents.

Acer discloses two critical zero-day router vulnerabilities. 

Acer has disclosed two critical zero-day vulnerabilities affecting Wave 7 mesh routers. One flaw allows unauthenticated attackers to access log files containing plaintext web and Telnet credentials, while the second involves a hardcoded encryption key that could enable attackers to modify backups and establish persistent backdoor access. Security researcher Gergo Pap reported both issues. Acer says patches are in development and expected by the end of June 2026. Until then, users should disable remote management or restrict remote access to trusted IP addresses to reduce exposure.

A targeted espionage campaign compromises the mailbox of a senior executive at a major global stock exchange. 

Researchers at Symantec and Carbon Black uncovered a highly targeted espionage campaign that compromised the Outlook mailbox of a senior executive at a major global stock exchange for five months, enabling attackers to steal email data in small, incremental batches. The attackers used disguised system services, scheduled tasks, and a custom tool built on the legitimate Aspose library to repeatedly extract Outlook mailbox data while maintaining persistence on the victim’s device.

To avoid detection, the stolen data was exfiltrated through legitimate cloud services, primarily Dropbox and later OneDrive Personal, making malicious traffic appear routine. The attackers also used public tools, masquerading filenames, and hardcoded Microsoft IP addresses to minimize visibility. Researchers found no evidence linking the activity to a known threat group, but the operational focus, long dwell time, and exclusive targeting of a senior executive’s mailbox strongly indicate an espionage motive aimed at gathering sensitive business intelligence and strategic information.

Britain's military chooses Starshield. 

Britain is reportedly moving some of its military communications onto Starshield, the government-focused satellite network built by SpaceX as a more secure counterpart to Starlink. The shift could make the UK one of the first countries outside the United States to adopt the service for operational military use. Maria Varmazis files this report. 

Thank you Dave.

Reuters is reporting that the UK's military has begun using SpaceX's Starshield, which is the version of SpaceX's Starlink satellite constellation specifically built for military and government intelligence use. It is not currently publicly known how much the UK military paid for Starshield access or how much military data is being routed through the service, but Reuters says operational traffic started flowing through Starshield earlier this year. 

There is increasing urgency for greater data sovereignty, especially in the UK and in Europe, as governments seek to move away from using US-based services like Starshield. That said, the practical reality is that there aren't many options for military-harded satellite communications in low earth orbit. That is at least, for now. For example, in the EU, work continues on the EU's own secure low-earth-orbit constellation, the IRIS2. In the meantime, starting earlier this year five EU nations began routing sensitive data through eight satellites owned by EU member states via the EU's GOVSATCOM, a patchwork solution making use of existing orbital infrastructure until the purpose-built IRIS2 comes online, currently projected to occur in 2027. 

For the CyberWire Daily, I'm Maria Varmazis from T-Minus: Space-Cyber Briefing. Back to you Dave.

HTTP/2 Bomb crashes web servers in seconds. 

Researchers at Calif have disclosed a new denial-of-service technique called HTTP/2 Bomb that combines several known vulnerabilities into a powerful attack capable of crashing major web servers within seconds. The exploit chains an HPACK compression bomb with Slowloris-style memory exhaustion techniques, allowing attackers to consume large amounts of server memory while preventing it from being released. Calif estimates the issue could affect more than 880,000 websites running default configurations of NGINX, Apache HTTPD, Microsoft IIS, Envoy, or Cloudflare Pingora. NGINX and Apache have already released fixes, but patches were not yet available for IIS, Envoy, or Pingora. Researchers noted that OpenAI’s Codex helped identify how previously known flaws could be combined into a novel and effective attack.

Hybrid quantum computers take shape. 

As the quantum computing industry pushes toward larger and more capable systems, researchers say the often-overlooked classical computing infrastructure required to operate them is becoming a critical challenge. Quantum computers rely heavily on classical hardware and software for tasks such as qubit calibration and quantum error correction, both of which grow more demanding as qubit counts increase.

An article from the IEEE says companies including NVIDIA, IBM, Google Quantum AI, Riverlane, and Q-CTRL are developing automated and AI-assisted tools to manage these processes. AI shows promise for speeding calibration and decoding errors, though concerns remain about latency and computational overhead. Experts expect future quantum systems to be highly hybrid, combining quantum processors with substantial classical computing resources. As quantum computers scale toward thousands or millions of qubits, researchers say entirely new approaches to calibration, error correction, and supporting infrastructure will likely be required.

A notorious Spanish hacker faces jail time. 

Spanish hacker José Luis Huertas, known online as Alcasec, has been sentenced to two years and seven months in prison after pleading guilty to stealing banking data belonging to more than 574,000 people. Prosecutors reduced the sentence after the 22-year-old cooperated with investigators and provided access credentials. Two accomplices also received prison sentences, and authorities seized cash and cryptocurrency linked to the operation.

According to prosecutors, Huertas gained access to Spanish government systems using a stolen digital certificate and phishing techniques that captured court employee credentials. He then infiltrated judicial networks, stole banking records, and sold the data through online platforms. Police traced cryptocurrency transactions tied to the scheme, recovering more than $543,000 in digital assets. The conviction ends a series of high-profile cybercrime activities that had made Huertas one of Spain’s most notorious young hackers.

 

Meta’s productivity panopticon pauses for personal pitstops. 

Meta has slightly softened its controversial employee-monitoring program, though not enough to make anyone mistake it for a privacy initiative. Under the company’s Model Capability Initiative, software records employees’ mouse clicks and keystrokes to help train AI systems. Following employee backlash, Meta now says workers can pause tracking for up to 30 minutes when handling personal matters, and a limited group of employees can request exemptions under specific circumstances.

For most workers, however, the digital observer remains on duty. Meta has also improved the software’s battery performance, suggesting that if your computer is going to watch everything you do, it should at least do so efficiently.

CEO Mark Zuckerberg defended the effort, arguing that AI can learn by observing how highly skilled employees use computers. He emphasized that the data is intended for AI training rather than performance monitoring, while adding that if the approach proves successful, Meta may expand similar programs in the future. In other words, the company has offered employees a brief intermission, but the show goes on.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s lead producer is Liz Stokes. We’re mixed by  Tré Hester, with original music by and sound design Elliott Peltzman. Our contributing host is Maria Varmazis. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher. And I’m Dave Bittner. Thanks for listening.

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: N2K Networks, Inc.