Podcasts
CyberWire Daily
Ep 2574
The CyberWire Daily Podcast 6.16.26
Ep 2574 | 6.16.26

No Mythos of escape.

Show Notes
Transcript

Emergency talks fail to free Anthropic’s Fable 5. Trump moves to strengthen national security systems. Microsoft patches a critical Copilot flaw. ShinyHunters weaponize a PeopleSoft zero-day. DragonForce hides in Microsoft Teams for months. Plus, Amos Stealer targets Macs, CISA issues a three-day patch deadline, Delta avoids penalties, and researchers show just how easy it is to manipulate AI search. Our guest is Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. Consulting meets confabulation.

Today is Tuesday June 16th 2026. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

Emergency talks fail to lift Fable 5 restrictions. 

The Trump administration has decided to keep export controls in place on Anthropic’s most advanced AI models, following emergency talks over concerns that users can bypass safety restrictions built into the company’s systems.

At the center of the dispute is Claude Fable 5, a public-facing model that Anthropic says includes safeguards designed to limit access to advanced cybersecurity, biology, and chemistry capabilities. Administration officials, however, remain concerned that those guardrails can be circumvented, effectively giving users access to the more powerful capabilities of Anthropic’s Mythos model.

The issue surfaced last week after Amazon reportedly alerted administration officials to potential vulnerabilities. The concerns were serious enough that the National Security Agency was asked to review the findings. According to people familiar with the process, the NSA concluded that it was possible to remove or bypass some of Fable 5’s protections, helping drive the decision to impose export restrictions.

Anthropic strongly disagrees with that assessment. Company executives and security researchers traveled to Washington for meetings with Commerce Department officials, arguing that the administration has overstated the risks. The company says Fable 5’s safeguards remain effective and that the restrictions are unjustified.

The debate has spilled into the cybersecurity community. More than 100 security experts signed an open letter urging the government to reverse the controls. They argue that Anthropic’s models are valuable defensive tools but are not uniquely capable compared to other leading AI systems.

The dispute is now being watched closely across the AI industry. Beyond Anthropic, the episode signals that the U.S. government may be willing to intervene directly when it believes advanced AI models present national security risks. AI companies are increasingly expected to provide early visibility into major model releases and to maintain close communication with federal officials before deploying frontier systems.

Trump signs a memo aimed at strengthening cybersecurity protections for the nation’s most sensitive government networks. 

President Trump has signed National Security Presidential Memorandum 12, or NSPM-12, aimed at strengthening cybersecurity protections for the nation’s most sensitive government networks. The directive covers National Security Systems used for classified information, military operations, and intelligence missions.

The memorandum reestablishes and modernizes the Committee on National Security Systems, giving it authority to set baseline security requirements, coordinate cybersecurity efforts across agencies, and issue emergency directives. It also designates the National Security Agency as the National Manager for these systems. Agencies must maintain and regularly update inventories of their National Security Systems, while the committee is tasked with reviewing and updating cybersecurity policies over the next 90 days.

Microsoft patches a critical vulnerability in Microsoft 365 Copilot Enterprise. 

Microsoft has patched a critical vulnerability in Microsoft 365 Copilot Enterprise, tracked as CVE-2026-42824, that could allow attackers to steal sensitive organizational data through a single malicious link. Dubbed “SearchLeak,” the flaw combined prompt injection, browser rendering behavior, and a Bing server-side request mechanism to exfiltrate information from emails, files, and other corporate data sources accessible to a victim. Researchers describe it as an example of an AI-native attack that weaponizes existing web security weaknesses. Microsoft applied the fix to its cloud infrastructure earlier this month, so customers do not need to take action, though security teams are advised to monitor for suspicious Copilot Search URLs and educate users about clicking complex links.

ShinyHunters exploit an Oracle PeopleSoft zero-day. 

The cybercriminal group ShinyHunters has been linked to an active extortion campaign exploiting a previously unknown, or zero-day, vulnerability in Oracle PeopleSoft. According to researchers at Mandiant and Google Threat Intelligence Group, the attackers targeted more than 100 organizations worldwide between late May and early June, with universities and colleges accounting for nearly 70 percent of those affected.

The campaign abused a critical remote code execution flaw, tracked as CVE-2026-35273, that allowed attackers to compromise vulnerable PeopleSoft systems without authentication. Once inside, ShinyHunters deployed disguised remote management tools, mapped victim environments, and stole sensitive data for use in extortion attempts.

Several organizations successfully blocked the attacks, but others saw stolen information published on the group’s leak site. Researchers are urging organizations running Oracle PeopleSoft to immediately secure exposed systems, review logs for suspicious activity, and search for signs of unauthorized access.

The DragonForce ransomware group maintained covert access to a major U.S. services firm for as long as two months. 

Researchers at Symantec and Carbon Black say the DragonForce ransomware group maintained covert access to a major U.S. services firm for as long as two months before launching its attack. The attackers used a custom Go-based remote access trojan, dubbed Backdoor.Turn, that hid command-and-control traffic inside legitimate Microsoft Teams communications by abusing Teams relay infrastructure. This made malicious traffic appear as normal connections to Microsoft servers.

The group also used a vulnerability in a Huawei driver and made multiple system changes to maintain persistence, including creating accounts, modifying firewall rules, and weakening security settings. Researchers believe the initial intrusion likely came through a vulnerable SQL or Microsoft SQL Server. The attackers ultimately exfiltrated data and deployed DragonForce ransomware, highlighting what researchers describe as exceptionally sophisticated tradecraft and stealth capabilities.

Amos Stealer targets macOS. 

Amos Stealer continues to be a highly active macOS-focused information stealer, reflecting a broader trend of threat actors increasingly targeting Apple environments. In a recent campaign, researchers at CyberProof observed the malware using a malicious curl command to silently download and execute payloads that launch AppleScript-based data collection.

The malware harvests browser credentials, cookies, autofill data, cryptocurrency-related information, and the macOS Keychain database. It also targets developer and configuration files such as SSH keys and Kubernetes credentials. Collected data is staged, compressed into an archive, and exfiltrated to attacker-controlled infrastructure in 10 MB chunks using HTTP requests designed to blend into normal traffic.

Researchers say Amos Stealer employs validation checks, retry mechanisms, and cleanup routines to improve reliability and evade detection, underscoring the growing need for behavioral monitoring and endpoint hardening on macOS systems.

CISA gives federal agencies three days to secure an actively exploited LiteSpeed cPanel plugin. 

CISA has ordered U.S. federal agencies to secure systems affected by an actively exploited LiteSpeed cPanel plugin vulnerability within three days. The flaw, tracked as CVE-2026-48172, affects plugin versions before 2.4.8 and can allow attackers with FTP or web shell access to escalate privileges to root on vulnerable CloudLinux and CageFS servers. LiteSpeed disclosed active exploitation earlier this month and released security updates. CISA has now added the vulnerability to its Known Exploited Vulnerabilities catalog, warning that flaws like this are frequently targeted by threat actors and pose significant risks to government networks.

Delta airlines escapes penalties from the July 2024 CrowdStrike-related outage. 

The Trump administration has closed a federal investigation into Delta Air Lines’ response to the July 2024 CrowdStrike-related outage without imposing penalties. The disruption affected roughly 1.3 million customers and cost Delta an estimated $500 million. The probe, launched under the Biden administration, examined why Delta’s recovery lagged behind other major airlines. The Transportation Department concluded that affected passengers received prompt refunds, baggage assistance, and support for travelers with disabilities. Delta welcomed the decision, citing the extensive customer assistance it provided during the unprecedented industry-wide outage.

New research shows AI-powered search agents are easily manipulated. 

New research from Cornell University suggests that AI-powered search and “deep research” agents can be manipulated with surprisingly little effort. Researchers found that as few as 13 words of user-generated content on sites like Reddit, Quora, or Wikipedia can influence the responses produced by tools such as ChatGPT and Google’s AI search.

The study examined how AI systems rely on content retrieved from user-generated platforms, which account for nearly a quarter of cited sources in some queries. Researchers demonstrated that short promotional phrases inserted into otherwise ordinary posts could cause AI systems to recommend fake products, services, or businesses in their answers.

The findings highlight growing concerns around AI-engine optimization, or AEO, an emerging industry focused on influencing AI search results by seeding online communities with targeted content. Researchers warn that because these attacks can be subtle and blend into normal discussions, moderators may struggle to detect them, placing increasing pressure on AI companies to develop stronger defenses against manipulated source material.

 

Consulting meets confabulation. 

KPMG has quietly withdrawn a report on the promise of agentic AI after several organizations featured in the document said the examples attributed to them were inaccurate. The report, titled “Redefining Excellence in the Age of Agentic AI,” drew scrutiny after researchers at GPTZero identified what they described as AI-generated inaccuracies, suggesting the report may have fallen victim to one of the very technologies it was discussing.

Among those disputing the report’s claims were UBS, the U.K.’s National Health Service, Swiss Federal Railways, and Transport for London, all of which told the Financial Times that descriptions of their AI use were either misleading or simply untrue.

KPMG says it has removed the report while conducting an internal review and reiterated that employees are expected to verify AI-generated content through human oversight. The episode follows a similar incident last month, when EY withdrew a report that reportedly contained fabricated citations, adding another chapter to the growing challenge of using AI to write about AI without becoming part of the cautionary tale.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s lead producer is Liz Stokes. We’re mixed by  Tré Hester, with original music by and sound design Elliott Peltzman. Our contributing host is Maria Varmazis. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher. And I’m Dave Bittner. Thanks for listening.

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: N2K Networks, Inc.
ADVERTISEMENT
Sponsored by Island
Sponsored by Island

Island created the Enterprise Browser, a simplified workspace delighting CIOs, CISOs, and end users. It embeds core IT, security, and productivity needs into the browser, making application delivery simple, data fundamentally secure, and work smooth and natural. Learn more.