CyberWire Daily

Iranian-linked hackers warn of possible “irreparable” attacks on U.S. water systems. CISA pushes urgent fixes for a critical Citrix flaw. The Dutch Finance Ministry takes systems offline after a breach. Space Force may scrap next-gen GPS control software. Attackers exploit a Fortinet server bug. Lloyds exposes customer transaction data. AI and regulation reshape cyber careers. The FTC settles with a dating app over data sharing. Sam Rubin, SVP, Palo Alto Networks Unit 42 Consulting and Threat Intelligence, discusses Iran's shift to identity weaponization. Wikipedia wrestles with a wayward writer.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

We will be sharing a series of interviews we held at RSAC 2026 over the next few weeks. Sam Rubin, SVP, Palo Alto Networks Unit 42 Consulting and Threat Intelligence, discussing Iran's shift to identity weaponization. If you enjoyed this conversation, tune in here to listen to the full conversation.

Selected Reading

Iranian Cyberthreats Test US Infrastructure Defenses (BankInfo Security)

CISA tells federal agencies to patch Citrix NetScaler bug by Thursday (The Record)

Dutch Ministry of Finance takes treasury systems offline amid cyber incident investigation (Security Affairs)

After 16 years and $8 billion, the military's new GPS software still doesn't work (Ars Technica)

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins (SecurityWeek)

Lloyds IT Glitch Exposed Data of Nearly 500,000 Banking Customers (Infosecurity Magazine)

SANS Research: The Cybersecurity Talent Shortage Narrative Is Wrong. The Real Crisis Is Skills, and AI Just Rewrote the List. (Yahoo Finance)

FTC Takes Action Against Match and OkCupid for Deceiving Users by Sharing Personal Data with Third Party (FTC)

Business Briefing (N2K Pro) 

An AI Agent Was Banned From Creating Wikipedia Articles, Then Wrote Angry Blogs About Being Banned (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of CISO Perspectives.

In the season finale of CISOP, Kim Jones is joined by N2K’s own Ethan Cook to reflect on the conversations that shaped this season. Together, they revisit standout moments from Kim’s interviews, unpacking their significance and getting Ethan’s fresh perspective on the cybersecurity workforce challenge—as someone viewing the industry from the outside.

Since the mid-season reflection, Kim has explored a wide range of workforce issues, including skills mapping, talent identification, and the evolving strategies needed to close cybersecurity’s talent gap.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Iran-linked hackers claim a breach of the FBI director’s personal email. ShinyHunters hit the European Commission. F5 and Citrix warn of actively exploited flaws. A WordPress plugin exposes hundreds of thousands of sites. Infinity Stealer targets macOS users. A Russian APT adopts a new iOS exploit kit. Treasury weighs a cyber insurance backstop. DHS clears suspended CISA staff. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing deepfake job hires and the new identity attack surface. Bureaucrats bless a black-box behemoth.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

We will be sharing a series of interviews we held at RSAC 2026 over the next few weeks. Today, Dave Bittner is joined by Brian Long, CEO and Co-Founder of Adaptive Security, discussing deepfake job hires and the new identity attack surface. AI-generated identities are turning the hiring process into a new entry point for attackers. The solution isn’t spotting perfect fakes — it’s building stronger identity verification into hiring. Tune into the full conversation here.

Selected Reading

Iran-linked hackers breach FBI director's personal email, publish photos and documents

European Commission confirms data breach after Europa.eu hack

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

Critical Citrix NetScaler Vulnerability Exploited in the Wild - Infosecurity Magazine

File read flaw in Smart Slider plugin impacts 500K WordPress sites

New Infinity Stealer malware grabs macOS data via ClickFix lures

Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit - SecurityWeek

US Treasury Weighs Cyber Insurance Backstop - GovInfoSecurity

DHS drops investigation into former acting CISA chief’s failed polygraph exam - Nextgov/FCW

Federal Cyber Experts Thought Microsoft’s Cloud Was “a Pile of Shit.” They Approved It Anyway

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Career Notes.

David Nosibor, Product Lead for SafeCyber at UL Solutions, started his career in a unique way by not letting himself be pigeonholed. Within his company, David was able to grow to the position he is in now and says that his position feels like a lot of roles tied into one. He says that on any given day he is tackling all sorts of elements, such as marketing, operations, working with the engineering team, figuring out ways to acquire customers, retain them, and also working on sales and business development capabilities. He also says that constantly learning and getting new opportunities was how he ended up being where he is today. David states that staying focused and being on the lookout for ways to accomplish the mission is the best way for him in his company to democratize product security. He quotes the famous singer Sean Carter in saying that he firmly believes in taking calculated risks to get where you need to be going. We thank David for sharing his story.
Learn more about your ad choices. Visit megaphone.fm/adchoices

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss the biggest breaches over the past 10 years.

The foundational 2014 Sony hack kicks off our conversation, then Maria and Dave highlight:

the 2015 OPM breach, which exposed sensitive security-clearance data and was attributed to long-term access by China amid outdated government systems and security

2017’s WannaCry and NotPetya's global disruption and Equifax's ongoing fallout

the 2020 SolarWinds breach underscored supply-chain risks and raised concerns about potential personal criminal liability for CISOs.

The conversation illustrates two main threat-actor categories—nation-state espionage and financially motivated criminals—and the increasingly blurred lines between them. Join us as we reflect on how the industry and cybercrime have evolved over the past decade.
Learn more about your ad choices. Visit megaphone.fm/adchoices