Episode Details

GitHub confirms a breach tied to a malicious VS Code extension. Anthropic fights a Pentagon blacklist as the White House weighs new AI security rules. Drupal scrambles to patch a critical flaw. Cisco Talos tracks the evolution of BadIIS malware-for-hire. Signal adds anti-phishing safeguards, Microsoft cracks down on malware-signing services, and China says foreign spies hijacked domestic routers for phishing operations. Wireless carriers collaborate to kill dead zones. Our guest is Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, discussing The Cloud Security Alliance’s “AI Vulnerability Storm” report. A book about misinformation contains helpful examples.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, sharing Cloud Security Alliance’s The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program.

Selected Reading

GitHub confirms breach of 3,800 repos via malicious VSCode extension (Bleeping Computer)

Trump AI executive order seeks early government access to frontier models (Axios)

DC Circuit slams Pentagon blacklisting of Anthropic as overreach (Courthouse News Service)

Drupal Issues Urgent Warning for Highly Critical Core Vulnerability (Beyond Machines)

From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat (Cisco Talos)

Signal adds security warnings for social engineering, phishing attacks (Bleeping Computer)

Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware (Microsoft)  

China’s state security authorities uncover foreign agency using domestic routers as cyberattack proxies; users notice only slower speeds (Global Times)

‘The Future of Truth’ Contains Quotes Made Up by A.I. (The New York Times)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.