Not every headhunter is hiring.

The Five Eyes issue a rare joint warning on China. Jen Easterly weighs in on Trump’s AI EO. Researchers warn everyday notifications can become AI attack vectors. IronWorm is a sophisticated Rust-based infostealer targeting software developers. Cisco patches a critical vulnerability in its Unified Communications Manager platform. Anthropic maps AI-enabled cyber activity to the MITRE ATT&CK framework. Authorities dismantle an online counterfeit identity marketplace. Our guest is Jason Kikta, CTO from Automox, discussing AI vulnerabilities, real risk, and the speed problem. An extortion crew is forced to open a customer support ticket.

Today is Thursday June 4th 2026. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

The Five Eyes issue a rare joint warning on China. 

The United States and its Five Eyes intelligence partners, including the United Kingdom, Canada, Australia, and New Zealand, have issued a rare joint warning that China is using LinkedIn and other professional networking platforms to recruit individuals with access to sensitive government and military information. Officials say Chinese intelligence services increasingly rely on fake profiles, fraudulent job postings, and potentially AI-enabled tactics to target military personnel, intelligence officers, and security professionals.

According to the advisory, operatives often pose as recruiters, consultants, or think tank employees to attract candidates who may have access to classified information. Individuals who engage with these offers can face growing pressure to provide nonpublic information, often in exchange for payment disguised as compensation for research or consulting work.

The warning marks the first time all Five Eyes members have jointly addressed this threat publicly. Officials say those caught in such schemes have faced criminal investigations, job loss, and revoked security clearances. The alert comes amid ongoing concerns about Chinese espionage activities targeting Western governments and institutions.

Jen Easterly weighs in on Trump’s AI EO. 

In a New York Times opinion piece, former CISA director and current RSAC CEO Jen Easterly argues that President Trump’s new executive order on artificial intelligence is an important first step toward addressing the growing national security risks posed by advanced AI systems. The order creates a voluntary framework that gives the government early access to review powerful AI models before public release and establishes a federal clearinghouse to coordinate cybersecurity vulnerability discovery and remediation.

Easterly contends that AI is rapidly transforming cybersecurity by enabling the discovery of previously unknown software vulnerabilities at unprecedented scale. While these capabilities could help defenders improve software security, they could also provide adversaries with powerful offensive tools if released without safeguards. She points to recent decisions by leading AI companies to limit access to advanced cyber-focused models as evidence that the risks are being taken seriously.

While supporting the executive order, Easterly argues that voluntary measures are insufficient and calls on Congress to establish durable requirements for testing, security, and deployment controls on the most advanced AI systems.

CISA Acting Director Nick Andersen said Wednesday that the agency expects to issue guidance by the end of the week outlining the steps federal agencies must take to implement the president’s artificial intelligence executive order.

Researchers warn everyday notifications can become AI attack vectors. 

SafeBreach researchers disclosed a now-patched vulnerability in Google’s Gemini voice assistant that could have allowed attackers to manipulate the AI through malicious instructions hidden in messaging notifications from apps like WhatsApp, Slack, and SMS. The attack, dubbed “Fake Context Alignment,” used indirect prompt injection techniques that Gemini could process without the user’s awareness. Researchers demonstrated potential impacts including controlling smart home devices, launching Zoom calls, sending deceptive messages, and poisoning the assistant’s long-term memory. Google patched the flaw in November 2025 with improved content classifiers. SafeBreach says the research highlights the growing risks of prompt injection attacks as AI assistants become more deeply integrated into everyday devices and services.

IronWorm is a sophisticated Rust-based infostealer targeting software developers. 

Researchers at JFROG Security report a malicious npm package uncovered “IronWorm,” a sophisticated Rust-based infostealer that targets software developers, particularly those in crypto and Web3 ecosystems. The malware spreads through compromised npm packages that execute a hidden binary during installation, then steals credentials, cloud tokens, AI API keys, cryptocurrency wallet data, and GitHub access. Using stolen credentials, it modifies repositories, inserts malicious code into software packages, and republishes infected versions to npm, creating a self-propagating supply-chain attack.

The malware includes advanced features such as per-string encryption, Tor-based command and control, and an eBPF rootkit that hides processes and network activity on Linux systems. Researchers linked the campaign to compromised GitHub accounts across multiple organizations and identified dozens of backdated malicious commits designed to appear legitimate. Despite its sophistication, operational mistakes, including embedded debugging artifacts and a hardcoded cryptocurrency wallet recovery phrase, provided valuable insight into the malware’s capabilities and operator.

Cisco patches a critical vulnerability in its Unified Communications Manager platform. 

Cisco has patched a critical vulnerability in its Unified Communications Manager platform that could allow remote attackers to gain root privileges. The flaw, tracked as CVE-2026-20230, stems from a server-side request forgery vulnerability that can be exploited through crafted HTTP requests, enabling attackers to write files to the underlying operating system and potentially escalate privileges. Cisco is aware of public proof-of-concept exploit code but has not observed active exploitation. The issue only affects systems with the WebDialer service enabled, which is disabled by default. Administrators are urged to apply the latest security updates or disable WebDialer until patching can be completed.

Anthropic maps AI-enabled cyber activity to the MITRE ATT&CK framework. 

Anthropic has published a new analysis mapping AI-enabled cyber activity to the MITRE ATT&CK framework, based on 832 malicious accounts banned from Claude between March 2025 and March 2026. The study found attackers used AI across all 14 ATT&CK tactics and 482 techniques, with medium- and high-risk actors increasing from 33% to 56% over the year. Most threat actors used AI for malware development, defense evasion, and data collection, but the highest-risk actors leveraged AI for post-compromise activities such as credential dumping, lateral movement, and web shell deployment.

Researchers argue that traditional measures of attacker sophistication are becoming less useful as AI lowers technical barriers. Instead, the greatest risk comes from “agentic” systems that autonomously chain together attack stages. Anthropic says existing threat frameworks do not adequately capture these AI-driven behaviors and is working with industry partners to develop new methods for tracking and defending against increasingly autonomous cyber operations.

Authorities dismantle an online counterfeit identity marketplace. 

French and Spanish authorities have dismantled an online marketplace that allegedly supplied counterfeit identity documents to migrant smuggling networks across Europe. The operation led to the arrest of a suspect in Alicante, Spain, and the seizure of equipment used to produce fake documents, along with roughly 800 forged European identity cards and permits. Investigators say the platform sold both physical and digital fraudulent documents that helped migrants evade border controls and obtain residence rights. Europol noted that document fraud remains a key enabler of migrant smuggling and other criminal activities, supporting illicit networks operating throughout the European Union and the Schengen Area.

Elsewhere, a coordinated operation involving law enforcement agencies and major technology companies disrupted more than 1.4 million accounts and infrastructure linked to scam networks operating across Southeast Asia. The effort, known as Disruption Week, targeted fraud compounds in Cambodia, Laos, and Burma that allegedly used trafficked workers to conduct online scams. Authorities arrested 63 individuals, dismantled servers and network infrastructure, disrupted social media, Microsoft, and Starlink accounts, and froze more than $3.8 million in cryptocurrency tied to criminal operations. Officials said the operation demonstrates the impact of collaboration between governments and the private sector in combating large-scale online fraud.

An extortion crew is forced to open a customer support ticket. 

A ransomware affiliate recently learned one of cybercrime’s unwritten rules the hard way: don’t target organizations in the Commonwealth of Independent States. After an affiliate tied to the RAlord-linked Nova ransomware operation reportedly compromised Eriell Group, an oilfield services company headquartered in Uzbekistan, the victim contacted the gang to point out the mistake. Nova responded with an unusual public apology, banned the affiliate, promised free recovery assistance, and pledged not to leak any stolen data.

The incident highlights a long-standing reality of the ransomware ecosystem, where many Russian-speaking groups avoid targeting organizations in Russia and neighboring CIS countries. Threat researchers say local authorities often tolerate financially motivated cybercrime, provided domestic organizations are left alone.

The episode also serves as a reminder that cybercriminals are not always criminal masterminds. Recent blunders have included hackers falling into honeypots, ransomware developers hardcoding encryption keys into malware, and coding mistakes that rendered victims’ files unrecoverable, even after paying. Sometimes the villains defeat themselves, saving defenders the trouble.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

And that’s the CyberWire Daily, brought to you by N2K CyberWire.

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s lead producer is Liz Stokes. We’re mixed by  Tré Hester, with original music by and sound design Elliott Peltzman. Our contributing host is Maria Varmazis. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher. And I’m Dave Bittner. Thanks for listening.