A checkmark for trust, a payload for theft.
6/9/202627 min
Miasma malware meddles with Microsoft. SAP fixes critical flaws, Google patches an exploited Chrome zero-day, CanisterWorm spreads through npm, Mac users face a new malvertising threat, France investigates a breach of its secure messaging platform, insurers rethink AI risk, the FBI launches a Most Wanted Fraudsters list, and a U.S. citizen admits to spying for China. Our guest is Steve Winterfeld, Advisory CISO from Akamai, discussing how AI-powered bots are driving financial services attacks. Unpacking a million dollar hotel fee. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Steve Winterfeld, Advisory CISO from Akamai, discussing how AI-powered bots are driving financial services attacks. Selected Reading For the 2nd time in weeks, Microsoft packages laced with credential stealer (Ars Technica) SAP Patches Critical NetWeaver, Commerce Vulnerabilities (SecurityWeek) Google fixes fifth actively exploited Chrome zero-day of 2026 (Security Affairs) CanisterWorm: How TeamPCP Turned the npm Ecosystem Into a Weapon (Picussecurity) Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor (Hackread) French govt messaging service breached in account hijacking attack (Bleeping Computer) AI Exclusions in Insurance Policies: Broad Language, Uncertain Impact (Policyholder Pulse) FBI Announces New Wanted List Dedicated to Fraudsters (FBI) American citizen pleads guilty to spying for China | brief (SC Media) Teacher’s $1 million AR hotel bill reversed after cyber-attack (WREG.com) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Clips
Transcript preview
First 90 secondsSpeaker 10:00
[intro jingle] You're listening to the CyberWire network, powered by N2K.
Maria Varmazis0:05
Do you know how the space and cybersecurity domains connect? T-Minus Space Cyber Briefing is your guide through the space-based systems that expand the attack surface. I'm Maria Varmazis, host here at N2K CyberWire, and I'm excited to share that T-Minus is back now as a weekly podcast, the T-Minus Space Cyber Briefing. We have a new dedicated focus on two great things that are even better together, space and cybersecurity. Because whether we realize it or not, we all depend on space-based systems that are, by the way, increasingly internet-enabled. We're talking cybersecurity technologies, policies, and organizations that are securing the critical space-based infrastructure that powers, protects, and connects our lives here on Earth. So join me for T-Minus Space Cyber Briefing, new episodes every Sunday.
Dave Bittner· Host1:04
[on-hold music] Most environments trust far more than they should, and attackers know it. ThreatLocker solves that by enforcing default deny at the point of execution. With ThreatLocker allowlisting, you stop unknown executables cold. With ring fencing, you control how trusted applications behave.