CyberWire Daily

Emergency talks fail to free Anthropic’s Fable 5. Trump moves to strengthen national security systems. Microsoft patches a critical Copilot flaw. ShinyHunters weaponize a PeopleSoft zero-day. DragonForce hides in Microsoft Teams for months. Plus, Amos Stealer targets Macs, CISA issues a three-day patch deadline, Delta avoids penalties, and researchers show just how easy it is to manipulate AI search. Our guest is Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. Consulting meets confabulation.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices, we are joined by Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. If you enjoyed this conversation, check out the full interview here. 

Selected Reading

Anthropic Is Still at Odds With the White House Over Claude Fable 5 (WIRED)

Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher (The Register)

White House Issues Memo to Bolster NSS Cybersecurity (SecurityWeek)

Microsoft Patches Critical SearchLeak Vulnerability in Copilot Enterprise (Beyond Machines)

ShinyHunters Hits Universities Via Oracle Zero-Day (GovInfo Security)

DragonForce Ransomware Exploited Microsoft Teams to Hide Attack (Infosecurity Magazine)

Inside Amos Stealer: How This Threat Targets macOS Credentials and Keychains (CyberProof)

CISA warns of another cPanel plugin flaw exploited in attacks (Bleeping Computer)

US closes probe into 2024 Delta Air Lines meltdown sparked by CrowdStrike outage (Reuters)

It Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests (404 Media)

KPMG pulls report on AI usage due to apparent hallucinations (TechCrunch)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Anthropic pulls Fable 5. OpenAI faces a multistate probe. Handala targets a California water utility. ShinyHunters claims another victim. The FBI and Google take down a major phishing platform. The latest cybersecurity business news. Our guest is Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, discussing a rampant global transportation smishing campaign. A deepfake detective has doubts. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, Bogdan Botezatu,  Senior Director, Threat Research and Reporting at Bitdefender, is discussing a rampant global transportation smishing campaign. You can read more about Operation Road Trap here.

Selected Reading

Anthropic disables access to Fable 5 and Mythos 5 to comply with government directive (CNBC)

Cyber leaders defend Anthropic's banned model (Axios)

State Attorneys General Are Investigating OpenAI (The New York Times)

Handala Hacking Group Claims Breach of California Water Service (Hackread)

Maine Takes Breach Reporting Portal Offline After Fake Entries (Infosecurity Magazine)

Warner introduces bill to restore MS-ISAC funding, bolster critical infrastructure cyber defense (Industry Cyber)

Infinite Campus data breach affects 137,000 school staff accounts (Bleeping Computer)

FBI, Google Dismantle 'Outsider Enterprise' Phishing Service (SecurityWeek)

Ex-school district employee jailed for hacks on former employer (Bleeping Computer)

Cyera raises $600 million in a Series G round led by Evolution Equity Partners. (N2K Pro Business Briefing)

In Age of AI, World’s Leading Deepfake Expert No Longer Trusts His Own Eyes (The New York Times)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

In large enterprise software companies, vulnerability management teams are facing unprecedented speed and scale as AI accelerates both discovery and exploitation of security issues. In this episode of CyberWire-X, N2K’s Dave Bittner is joined by Adobe’s Daniel Ventura, Senior Manager of the Vulnerability Operations Center, and Sangeeta Arora, Director of Vulnerability Management, to discuss how Adobe is evolving its vulnerability management strategy to keep pace with AI-driven threats. They share real world insights on prioritization, crossteam partnership, and how modern programs can balance speed with meaningful risk reduction.
Learn more about your ad choices. Visit megaphone.fm/adchoices

For years, space cybersecurity has been a long sought after goal, but due to operational constraints, it was largely unfeasible.

In this week’s episode, host Maria Varmazis sits down with journalist Shaun Waterman to discuss his recent article “The Newest Space Race is Cyber.” As space has increasingly become a critical infrastructure component, industry leaders and security agencies alike have begun to launch new initiatives to improve capabilities both on the ground and in orbit.

Key sources:


The Newest Space Race is Cyber.


DHS Wants Satellite Volunteers to Test New Cyber Tools.


Five Teams of Hackers will Compete to Breach US Satellite in Space.

Like what you heard? Be sure to subscribe to our free Signals and Space Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: ⁠https://thecyberwire.com/newsletters/signals-and-space⁠ 

Is there a topic or person you’d like to hear on our show? You can send your questions and feedback to ⁠space@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. You can also fill our our audience survey: ⁠https://www.surveymonkey.com/r/NJYCN2P⁠ 

T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. ⁠N2K⁠ is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Martin Zugec, Technical Solutions Director at Bitdefender, discussing their work on "FamousSparrow APT Targets Azerbaijani Oil and Gas Industry." Bitdefender researchers uncovered a sustained cyber espionage campaign by the China-linked FamousSparrow group targeting an Azerbaijani oil and gas company, highlighting the growing focus on critical energy infrastructure in the South Caucasus. The attackers repeatedly exploited the same vulnerable Microsoft Exchange server over multiple months, deploying evolving versions of Deed RAT and Terndoor malware through sophisticated DLL sideloading techniques designed to evade detection and maintain persistence. The operation underscores FamousSparrow's adaptability and persistence, demonstrating how advanced threat actors continually refine their tooling and return to compromised environments until vulnerabilities are fully remediated and access is cut off.

The research and executive brief can be found here:

FamousSparrow APT Targets Azerbaijani Oil and Gas Industry

Learn more about your ad choices. Visit megaphone.fm/adchoices