Podcasts
CyberWire Daily
Ep 2567
The CyberWire Daily Podcast 6.5.26
Ep 2567 | 6.5.26

The NSA gets an AI upgrade.

Show Notes
Transcript

Anthropic brings Mythos to the NSA. A Palantir executive emerges as a possible CISA pick. A Linux flaw is under active attack. Minecraft malware goes commercial. An npm package gets caught in the Miasma worm campaign. Researchers document the first AI-driven container escape. A browser supply-chain compromise and a university breach with unexpected victims. Our guest is Ashu Savani, Co-Founder at TryHackMe, discussing building high performing SOC & IR teams. The web becomes machine majority.

Today is Friday June 5th 2026. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

Anthropic helps the NSA deploy Mythos. 

Anthropic is reportedly helping the U.S. National Security Agency deploy its advanced AI model, Mythos, for cybersecurity purposes, including potential offensive cyber operations. According to The Financial Times, people familiar with the arrangement say Anthropic has embedded several engineers within the NSA to customize the technology and support its deployment, although it remains unclear whether they are involved in active operations.

The partnership comes amid an ongoing legal dispute between Anthropic and the Pentagon over restrictions the company sought to place on government use of its AI, including limits on mass surveillance and autonomous weapons. Despite that conflict, Mythos has attracted significant attention for its ability to identify and exploit software vulnerabilities, capabilities that could aid both cyber defense and offensive operations.

Anthropic recently expanded access to Mythos to 150 organizations across 15 countries, reflecting growing demand for advanced cyber-focused AI tools. The development highlights the increasing role of AI in national security, as governments race to integrate powerful models into cyber operations. It also coincides with broader U.S. efforts to evaluate AI cybersecurity risks and strengthen defenses, including a new federal framework for reviewing advanced AI systems before public release.

Sources say Trump is considering Palantir’s CTO to lead CISA. 

Reporting from The Record says the Trump administration is reportedly considering Shyam Sankar, chief technology officer of Palantir Technologies, to lead the Cybersecurity and Infrastructure Security Agency (CISA), according to sources familiar with the search. A White House official later disputed the report, stating that the information was not accurate at this time.

CISA has lacked a Senate-confirmed director since Jen Easterly’s departure in January 2025, and previous nominee Sean Plankey withdrew after facing confirmation delays. Homeland Security Secretary Markwayne Mullin recently told lawmakers that a nominee is expected soon.

Sankar’s potential candidacy comes as the administration increases its focus on artificial intelligence and cybersecurity. Palantir has deep ties to the administration and is a major provider of AI and defense technologies. CISA is expected to play a central role in implementing the administration’s new AI executive order, including forthcoming cybersecurity directives for federal agencies. Sankar has publicly argued that AI should streamline government operations rather than create additional bureaucracy.

A Linux kernel flaw is under active exploitation. 

CISA is warning that attackers are actively exploiting CVE-2022-0492, a Linux kernel flaw that allows container escape and full host compromise. The vulnerability affects cgroups v1 and enables attackers to execute malicious scripts with root privileges by manipulating the release_agent file. Organizations should prioritize kernel updates that patch the issue and consider migrating to cgroups v2, which removes the vulnerable feature entirely. Additional protections include enforcing AppArmor, SELinux, or Seccomp policies and avoiding the use of privileged containers or unnecessary administrative permissions.

Weedhack targets Minecraft players. 

Researchers at McAfee Labs have uncovered “Weedhack,” a large Malware-as-a-Service campaign targeting Minecraft players through fake mods, clients, and third-party tools. Active since January 2026, the operation has distributed more than 3,800 malicious files through over 240 URLs, using SEO poisoning and YouTube videos to lure victims.

The malware includes credential theft capabilities targeting browsers, cryptocurrency wallets, Discord, Steam, Telegram, and Minecraft accounts. Premium subscribers, paying as little as $5 per month, gain remote access features such as webcam control, keylogging, screen sharing, file management, and remote command execution. Researchers found the campaign has generated more than 116,000 visits and uses advanced techniques, including Ethereum-based command-and-control infrastructure. McAfee also linked the operation to a Telegram community with more than 850 members, noting that many users appear to be teenagers using the malware for cyberbullying, harassment, and surveillance of other young victims.

Researchers explore Claude for insider threats. 

DTEX researchers examined Anthropic’s Claude Cowork, Chrome plugin, and Dispatch features to assess how AI agents could enable insider threat activity. Through simulated workflows, they demonstrated how AI agents could summarize Salesforce data into Outlook drafts and archive and transfer files, highlighting potential pathways for data exfiltration. The research found that mobile-based AI agents can interact with enterprise applications, files, and cloud services using existing user permissions, often with limited visibility into prompts and actions.

Researchers identified consistent behavioral patterns, including browser plugin communications, command-line activity, and API interactions that can aid detection. Key concerns include unauthorized data access, external communications, and reduced visibility on unmanaged devices. DTEX recommends organizations improve monitoring of AI agent activity, analyze prompts and intent, attribute actions to AI versus human users, restrict unnecessary privileges and browser extensions, and implement behavior-based detection to manage emerging AI-driven insider risks.

A popular npm package falls victim to the ongoing Miasma supply-chain malware campaign. 

Researchers at Endor Labs identified four malicious versions of the popular npm package ai-sdk-ollama, published within seconds as part of the ongoing Miasma supply-chain malware campaign. The attacker left the package’s legitimate functionality intact but abused npm’s native build process through a malicious binding.gyp file, allowing code execution during installation without using traditional postinstall scripts. The malware employed layered obfuscation and downloaded additional payloads designed to steal credentials from cloud platforms, developer tools, and software registries. Researchers say the activity aligns with a self-replicating worm capable of spreading through compromised maintainer accounts, highlighting the growing sophistication of software supply-chain attacks targeting open-source ecosystems.

Researchers observed the first fully agent-driven attack to perform container escape. 

Researchers at Sysdig observed what they describe as the first fully agent-driven attack to perform container escape and Kubernetes credential theft without human intervention. Exploiting a vulnerable marimo notebook (CVE-2026-39987), the AI-powered attacker systematically probed its environment, identified a mounted Docker socket, escaped the container, accessed host files including password hashes and SSH keys, and then used a Kubernetes service account token to dump secrets from the cluster.

The operation displayed clear signs of autonomous decision-making, including testing its own payload delivery methods, adapting tactics based on results, and selecting multiple escalation paths. Sysdig warns that exposed Docker sockets and overly permissive Kubernetes service accounts can enable rapid host and cluster compromise. The company recommends patching marimo, removing Docker socket mounts, restricting container privileges, tightening Kubernetes RBAC permissions, and rotating exposed credentials.

The Hola Browser suffers a supply chain compromise. 

During routine certification testing, Sophos X-Ops discovered an undeclared executable, me.exe, being delivered alongside Hola Browser version 1.251.91.0. The file was not part of the application’s certified component list and exhibited several suspicious characteristics, including obfuscated code, lack of code signing, no timestamp, and memory-write capabilities. Researchers suspected a supply-chain issue because the file appeared inconsistently across test runs, suggesting delivery-path variation rather than a fixed installer component.

After Sophos reported the issue through AppEsteem’s certification program, Hola investigated and confirmed that me.exe was not intended to be distributed. According to the company, an internal review and independent forensic investigation by Sygnia determined the incident resulted from a supply-chain compromise that affected approximately 0.1% of users. Hola says it has rebuilt its distribution pipeline, strengthened code-signing controls, and implemented additional monitoring and access restrictions to prevent similar incidents.

A Columbia University data breach leaked unrelated social security numbers. 

An investigation by Ars Technica into Columbia University’s 2024 data breach revealed that some victims had no connection to the school, yet their Social Security numbers were exposed alongside those of students and employees. After months of inquiries, Columbia acknowledged that before 2012 it collected prospective student data, including SSNs, from testing services, scholarship programs, and recruitment databases. Although the university stopped using SSNs as student identifiers and attempted to purge old records, it inadvertently missed a legacy database that remained exposed in the breach.

The discovery has raised concerns about decades-long data retention practices and the challenges of tracking the origins of historical personal information. Columbia says it has since deleted the affected database and is responding to questions from unaffiliated victims. The incident highlights the long-term risks of retaining sensitive data and may expand legal scrutiny surrounding the breach, which exposed 1.8 million Social Security numbers.

 

The web becomes machine majority. 

The robots are no longer knocking at the door. According to Cloudflare CEO Matthew Prince, they have already moved in and taken over the guest Wi-Fi. Cloudflare reports that automated traffic now accounts for 57.5% of HTTP requests, marking the first time bots have surpassed human web traffic. Even Prince seemed surprised, admitting the milestone arrived much sooner than his prediction of 2027.

These aren’t the traditional web crawlers and spam bots of old. Increasingly, the traffic comes from AI agents acting on behalf of users, comparing prices, researching products, booking services, and gathering information for AI systems. While humans still dominate overall screen time through streaming, social media, and endless scrolling, AI agents are generating far more web requests. Cloudflare’s data suggests the internet is quietly shifting from a place humans browse directly to one increasingly navigated by software assistants, whether we realize it or not.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

And that’s the CyberWire Daily, brought to you by N2K CyberWire.

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s lead producer is Liz Stokes. We’re mixed by  Tré Hester, with original music by and sound design Elliott Peltzman. Our contributing host is Maria Varmazis. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher. And I’m Dave Bittner. Thanks for listening.

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: N2K Networks, Inc.
ADVERTISEMENT
Sponsored by TryHackMe
Sponsored by TryHackMe

The Advanced Endpoint Investigation path gives you real-world, cross-platform forensics training across Windows, Linux, macOS, mobile, memory, disk and file systems. Learn how to extract volatile evidence, reconstruct timelines, and uncover deeply hidden threats. Built for SOC and incident responder teams ready to go beyond alert triage and lead full investigations.