CyberWire Daily

The FBI warns attackers are abusing Microsoft OAuth authentication. India pushes faster patching as AI speeds up cyberattacks. Iranian hackers blend phishing with SEO poisoning. Anthropic’s AI finds thousands of open source flaws, while AI also reshapes bug bounties and fuels supply-chain attacks hitting thousands of GitHub repos. Plus, a new LMS zero-day, bulletproof hosting arrests in the Netherlands, FTC action over bogus “active listening” claims, and another busy week for cyber funding and M&A. Our guest is Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation.” Please disregard all searches for disregard.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Kurtis Minder, author, joining us to discuss his book "Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation."

Selected Reading

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts (Bleeping Computer)

India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws (Infosecurity Magazine)

Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign (Infosecurity Magazine)

Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects (SecurityWeek) 

HackerOne takes an axe to its bug bounty rewards (The Register)

Automated 'Megalodon' Campaign Spreads GitHub Repo Backdoors (GovInfo Security)

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment (SecurityWeek)

Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands (SecurityWeek)

FTC to Require Cox Media Group, Two Other Firms to Pay Nearly $1 Million to Settle Charges They Deceived Customers About “Active Listening” AI-Powered Marketing Service (Federal Trade Commission)

Socket raises $60 million in Series C funding. (N2K Pro Business Briefing)

You can no longer Google the word 'disregard' (TechCrunch)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Authors Paul J. Maurer and Ed Skoudis join Caveat podcast co host Ben Yelin to discuss their new book: "The Code of Honor: Embracing Ethics in Cybersecurity." The book is a comprehensive and practical framework for ethical practices in contemporary cybersecurity. Listen to Ben's discussion with Paul and Ed as they explore the ethical dimensions of cybersecurity, the influence of AI, and the responsibilities of cyber professionals. Consider joining Paul and Ed in upholding the highest standards of cybersecurity ethics by signing the Cybersecurity Code they share as part of The Code of Honor. Learn more about the book here.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Despite being an indispensable technology, traditional GPS remains vulnerable to exploitation and is needed for an update.

In this week's episode, host Maria Varmazis sits down with Dr. Sean Gorman, CEO of Zephr.xyz, to discuss the current state of GPS. For decades, GPS has been a cornerstone technology for private, public, and military entities; however, through new technological advancements, companies and governments are looking to modernize this technology.

Key sources:


Next Generation Operational Control Systems.


Why GPS III, and what comes after it, still falls short in modern war.

Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space⁠ 

Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to [email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P

T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we are joined by ⁠Sasi Levi⁠, Security Research Lead at ⁠Noma Security⁠, sharing their team's work on "GrafanaGhost: The Phantom Stealing Your Data." Researchers at Noma Security disclosed “GrafanaGhost,” a vulnerability that could allow attackers to silently exfiltrate sensitive business data from Grafana dashboards using indirect prompt injection techniques.

The attack chains together multiple bypasses, including protocol-relative URLs and AI guardrail manipulation, to trick Grafana into sending sensitive data to attacker-controlled servers without requiring user interaction. Researchers say the flaw highlights growing risks tied to AI-integrated enterprise platforms, where attackers increasingly target AI behavior and weak security controls instead of traditional software bugs.

The research and executive brief can be found here:


⁠GrafanaGhost: The Phantom Stealing Your Data⁠

Learn more about your ad choices. Visit megaphone.fm/adchoices

Trump hits pause on an AI executive order. Lawmakers sound alarms over CISA cuts. A sophisticated scareware campaign traps users in fake tech support scams. Ubiquiti patches critical UniFi flaws. The U.S. pours billions into quantum computing. Researchers uncover delayed Google API key revocation. Canadian authorities arrest the alleged Kimwolf botnet operator. Two Americans plead guilty in a global tech support fraud scheme. Our guest is Ankit Kumar Honey, Senior Engineering Manager for Dependabot at GitHub, discussing closing the agentic gap between alert and patch at a global scale. AI generated reports still come up short. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Ankit Kumar Honey, Senior Engineering Manager for Dependabot at GitHub, joins us to discuss closing the agentic gap between alert and patch at a global scale.

Selected Reading

Why Trump's AI executive order was pulled (Axios)

Restoring CISA is one issue many lawmakers can agree on (Federal News Network)

U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog (Security Affairs)

Threat Spotlight: CypherLoc, an advanced browser-locking scareware targeting millions (Barracuda Networks Blog)

Ubiquiti patches three max severity UniFi OS vulnerabilities (Bleeping Computer)

Department of Commerce Announces Letters of Intent With 9 Companies for $2 Billion to Accelerate U.S. Leadership in Quantum Computing (NIST)

Google API keys keep working after you delete them (Akido)

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada (Krebs on Security)

Two Americans plead guilty to assisting India-based tech support scam centers (The Record)

AI-generated reporting: Lessons learned from Cisco Talos Incident Response (Cisco)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices