CyberWire Daily - A checkmark for trust, a payload for theft.
Episode Date: June 9, 2026Miasma malware meddles with Microsoft. SAP fixes critical flaws, Google patches an exploited Chrome zero-day, CanisterWorm spreads through npm, Mac users face a new malvertising threat, France investi...gates a breach of its secure messaging platform, insurers rethink AI risk, the FBI launches a Most Wanted Fraudsters list, and a U.S. citizen admits to spying for China. Our guest is Steve Winterfeld, Advisory CISO from Akamai, discussing how AI-powered bots are driving financial services attacks. Unpacking a million dollar hotel fee. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Steve Winterfeld, Advisory CISO from Akamai, discussing how AI-powered bots are driving financial services attacks. Selected Reading For the 2nd time in weeks, Microsoft packages laced with credential stealer (Ars Technica) SAP Patches Critical NetWeaver, Commerce Vulnerabilities (SecurityWeek) Google fixes fifth actively exploited Chrome zero-day of 2026 (Security Affairs) CanisterWorm: How TeamPCP Turned the npm Ecosystem Into a Weapon (Picussecurity) Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor (Hackread) French govt messaging service breached in account hijacking attack (Bleeping Computer) AI Exclusions in Insurance Policies: Broad Language, Uncertain Impact (Policyholder Pulse) FBI Announces New Wanted List Dedicated to Fraudsters (FBI) American citizen pleads guilty to spying for China | brief (SC Media) Teacher’s $1 million AR hotel bill reversed after cyber-attack (WREG.com) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
Do you know how the space and cybersecurity domains connect?
T-minus space cyber briefing is your guide through the space-based systems that expand the attack surface.
I'm Maria Varmazes, host here at N2K Cyberwire, and I'm excited to share that T-minus is back.
Now, as a weekly podcast, the T-minus Space Cyber Briefing.
We have a new dedicated focus on two great things that are even better together, space and cybersecurity.
Because whether we realize it or not, we all depend on space-based systems that are, by the way, increasingly internet-enabled.
We're talking cybersecurity technologies, policies, and organizations that are securing the critical space-based infrastructure that powers, protects, and connects our lives here on Earth.
So join me for T-minus space cyber reefing, new episodes every Sunday.
Most environments trust far more than they should, and attackers know it.
Threat Locker solves that by enforcing default deny at the point of execution.
With Threat Locker Allow listing, you stop unknown executables cold.
With ring fencing, you control how trusted applications behave.
And with Threat Locker, DAC, defense against configurations, you get real assurance that your environment is free of
misconfigurations and clear visibility into whether you meet compliance standards.
Threat Locker is the simplest way to enforce zero-trust principles without the operational pain.
It's powerful protection that gives CISO's real visibility, real control, and real peace of mind.
Threat Locker make zero-trust attainable, even for small security teams.
See why thousands of organizations choose Threat Locker to minimize alert fatigue,
stop ransomware at the source and regain control over their environments.
Schedule your demo at Threatlocker.com slash N2K today.
Myasma malware medals with Microsoft.
SAP fixes critical flaws.
Google patches and exploited Chrome Zero Day.
Canister worms spreads through NPM.
Mac users face a new malvertising threat.
France investigates a breach of its secure messaging platform.
Insurers rethink AI risk.
The FBI launches a most wanted fraudsters list,
and a U.S. citizen admits to spying for China.
Our guest is Steve Winterfeld, advisory Sissau from Akamai,
discussing how AI-powered bots are driving financial services attacks,
and unpacking a million-dollar hotel fee.
It's Tuesday, June 9, 26.
I'm Dave Bittner, and this is your Cyberwire Intel briefing.
Thanks for joining us here today. It's great as always to have you with us.
Late last week, attackers compromised dozens of cryptographically verified open-source packages linked to Microsoft,
inserting sophisticated credential-stealing malware that activated when developers opened the packages in AI coding tools such as Claude Code, Gemini-Cly, Cursor, and VS Code.
Researchers identified 73 malicious packages,
before GitHub removed them, initially citing only a terms of service violation rather than
explicitly warning users of compromise.
The incident marks the second major software supply chain breach involving a Microsoft
repository account in two months.
The malware, known as Myasma and linked to the threat actor Team PCP, steals credentials
from cloud platforms, including AWS, Azure, and Google Cloud, along with Kubernetes
environments, password managers, and numerous developer tools. It can also spread laterally across
cloud infrastructures and developer systems. Researchers say the attackers abused legitimate Microsoft
publishing credentials and open ID connect tokens to create packages with valid cryptographic
provenance, allowing them to appear trustworthy and evade traditional security checks.
Myasma further complicates detection by generating unique
encrypted payloads for each infection.
Security experts warned that anyone who interacted with the affected packages should assume
credential compromise and immediately investigate their systems and cloud environments.
SAP's June 26 Patch Day addresses 15 security issues, including four critical vulnerabilities
affecting NetWeaver, ABAP platform, Commerce Cloud, and Data Hub.
The most severe is an XML signature wrapping flaw that could allow authenticated attackers to tamper with identity information and gain unauthorized access to sensitive data.
Other critical fixes address memory corruption, HTTP header handling weaknesses tied to spring security, and a directory traversal flaw, enabling unauthenticated access to sensitive files or denial of service conditions.
SAP also patched multiple high-severity vulnerabilities,
including Apache Tomcat flaws and authorization issues.
Google has released emergency updates to fix a zero-day vulnerability in Chrome's V8 JavaScript engine
that is already being exploited in the wild.
The flaw involves an out-of-bounds memory access issue,
which can potentially lead to application crashes, privilege escalation,
or remote code execution.
Google confirmed active exploitation
but has not disclosed
technical details about the attacks.
This is the fifth Chrome Zero Day
known to have been exploited in the wild
and patched by Google so far in 2026.
Researchers at Picus
analyze canister worm,
a self-propagating malware campaign
linked to Team PCP
that emerged in March 26
after attackers compromised Aqua Securities Trivi Vulnerability Scanner
and stole NPM publishing credentials.
Using those credentials, the attackers infected more than 60 NPM packages within a day,
targeting developers who installed packages from several affected namespaces.
The malware operates in three stages,
a Node.js post-install dropper, a stealthy Python back door,
and a worm component that harvests NPM tokens and republishes compromised packages.
It steals cloud, SSH, Kubernetes, GitHub, and CICD credentials,
establishes persistence, and can hijack GitHub actions secrets.
Researchers warn that developers using affected packages or compromised trivia releases
should assume credential exposure, rotate secrets, and audit systems and package
repositories for unauthorized changes.
Researchers at Palo Alto Networks Unit 42 have uncovered Operation Flutterbridge, a large-scale
malvertising campaign targeting Mac users since late 2025.
The operation linked to the Cybercrime Group CLCRI 1089 uses fake Google search ads purchased
through shell companies to distribute trojanized applications disguised.
as podcast players and PDF tools.
The malware, called Flutter Shell, functions as a backdoor
capable of executing commands, accessing files, and stealing system information.
It can hijack Chrome browser settings, redirect users through attacker-controlled websites,
and silently exfil-trate uploaded documents through fake AI-powered features.
Researchers observed multiple evolving versions of the malware,
suggesting active development.
The campaign evaded detection by using legitimate developer signatures and fake business entities
to obtain verified advertising accounts.
Although Google has suspended the identified advertiser accounts,
researchers warn that the threat actors rapidly launch new variants,
indicating the operation remains active and ongoing.
France's Digital Affairs Directorate, Dinam, has disclosed a breach of T-CHAP, the French government's
encrypted messaging platform, after attackers gained access through a compromised user account.
The incident was detected by ANSI, France's cybersecurity agency, which said the malicious account
was quickly blocked while investigators assess what data may have been accessed or exfiltrated.
T-CHAP, built on the Matrix.
protocol and used by more than 300,000 monthly users across the French public sector may have
exposed information shared in public chat rooms, which are not end-to-end encrypted. A threat actor
claimed the breach resulted from a social engineering attack and alleged access to hundreds of
thousands of messages, account details, and shared files. Dinam has notified France's Data
Protection Authority and warned users against sharing sensitive information,
and public channels while the investigation continues.
As AI adoption accelerates,
insurers are increasingly adding exclusions
to liability policies to limit coverage
for AI-related lawsuits and regulatory actions.
The shift comes as businesses face growing legal exposure
from claims involving copyright infringement,
privacy violations, antitrust concerns,
algorithmic bias, and alleged misrepresentation,
about AI capabilities.
Some insurers have introduced broad exclusions that seek to deny coverage for claims arising from
AI development, deployment, disclosures, or compliance obligations.
However, legal experts note that courts often interpret exclusions narrowly and may still
require insurers to defend claims containing both AI-related and non-AI allegations.
Policyholders may also challenge over-a-I.
broad exclusions if they effectively eliminate coverage for core business operations, creating
illusory insurance. Experts advise organizations to carefully review policy language, negotiate narrower
exclusions where possible, and evaluate older policies issued before AI-specific exclusions
became common, as they may provide broader coverage for current AI-related claims.
The FBI has launched a new most wanted fraudsters list to publicly identify and help capture individuals accused of major fraud schemes who have evaded arrest.
The initiative is part of a broader federal anti-fraud effort established by a March 26 executive order, creating the task force to eliminate fraud, chaired by Vice President J.D. Vance.
The FBI says the listed suspects are charged with causing significant financial harm to victims and communities.
The Bureau is encouraging the public to submit tips anonymously through its website, hotline, or local field offices to assist in locating and apprehending the fugitives.
Thomas Weir-Palkin II, a 50-year-old U.S. citizen, has pleaded guilty to acting as an agent for China and helping collect sensitive U.S.
information. According to court documents, Paukin worked with individuals he believed were Chinese
intelligence operatives, receiving more than $100,000 and travel expenses in exchange for gathering
information and producing reports on U.S. technology and government matters. The FBI said he also
attempted to infiltrate U.S. political circles on behalf of China's Ministry of State Security.
Halkin faces up to 10 years in prison with sentencing scheduled for September 1st of this year.
Coming up after the break, my conversation with Steve Winterfeld, advisory Sissau from Akamai,
discussing how AI-powered bots are driving financial services attacks,
and unpacking a million-dollar hotel fee.
Stay with us.
When it comes to mobile application security, good enough is a risk.
A recent survey shows that 72% of organizations reported at least one mobile application security incident last year,
and 92% of responders reported threat levels have increased in the past two years.
Guard Square delivers the highest level of security for your mobile apps without compromising performance, time-to-market, or user experience.
Discover how Guard Square provides industry-leading security for your Android and iOS apps at W-Dubrower.
www.gardesquare.com.
Steve Winterfeld is advisory Sissau at Akamai.
I recently caught up with him to discuss how AI-powered bots are driving financial services attacks.
AI-powered bots are really focused on a few things,
but, you know, we've seen a 147 percent surge in advanced bot activity.
And in one case, staggering 96 percent of all the...
traffic was identified as malicious.
And so, you know, this has a couple impacts.
One is, you know, as a CISO is this cyber threat, but then the CIO is just bandwidth consumption
and cost of these things.
And so, you know, that first one was a scraping bot.
We're also dealing with training bots and fetcher bots and ATO, I'm sorry, account
takeover or credential stuffing type of bot.
hoarding and scalping bots.
And these are just the kind of bots that we do research on
because it's within our protective infrastructure.
And then on the other side is the whole, you know,
Turbo Mori DDoS bots.
So, you know, when we talk about all these bots,
it is a matter of scale and speed.
How are organizations prioritizing their defenses
against these sorts of things?
You know, I think there's a lot of difference across industries.
Financing commerce are two of the most heavily hit.
On the DDoS side, because, again, Turbo Mirai and what it's been able to do to the new scales,
we've definitely seen on that side people, you know, as the CSO, I've got to relook at my risk portfolio.
What's the largest attack I could, you know, weather, and then make sure that I'm meeting the new.
peaks that I'm seeing or the new records I'm seeing.
And then on the other, for me, it's about visibility.
I really think the key here is, you know, and this is all coming back to APIs,
because that's where a lot of this engagement is happening.
And so do I have visibility on my APIs?
Do I have, you know, the ability to monitor and mitigate in real time?
And that's what we're seeing most of my peers and our customers that,
for MacMai, our focus on is, first of all, that visibility and second of all, that ability
to meet their board's risk appetite.
What does visibility look like these days?
So what sorts of things can be seen?
Well, I mean, the first is, for me, discovery.
You know, going back to APIs, I've got marketing introducing an API in my infrastructure for
analytics.
I've got, you know, pick a department entering some kind of API.
Then, you know, I've got developers pushing out new APIs.
And for most large companies, it's not one platform.
I've got APIs in my, you know, data center.
I've got APIs in the cloud.
Can I have one shield in front of all of that?
Or do I have a different shield in front of the cloud than I do in my data center?
which adds complexity, which I feel is the enemy of security.
So I think that first piece is discovery.
Then the second piece is that integrated view.
So I can answer the question to the leadership.
What is our current risk in a uniform way?
Well, I mean, you mentioned the leadership,
the folks sitting on the board.
What are the types of conversations that are being had these days?
What does the back and forth sound like?
So it really depends on whether or not the board feels like their engagement with their customers is web-centric.
And so for banks, you know, APIs are becoming, you know, the engagement level, you know, the new front line.
I will tell you, we're working on a commerce report right now.
And our statement is the API is a new storefront.
and in some cases that's true for a lot of the companies.
So in the case where we're seeing more and more engagement with customers move online,
then I think the board is having those discussions because the risk is real.
You know, the chance of a material impact is much higher than, say, somebody in manufacturing.
Well, getting back to the report that Akamai recently put out,
Again, this is the attack trends in financial services.
What are some of the other things in this report that caught your eye?
So for me, I mean, I always want to say, where can I take action?
You know, as a CISO, I want to know what things that I should be actually thinking about.
So like we said, the first is understanding what's hitting our edge where we engage with our customers.
The second was around those denial of service attacks.
And we talked about those layer three and four, that infrastructure attacks.
And those could be bits per seconds or packets per seconds.
There's also that, you know, DNS or queries per second.
So we have a section in there that really talks about, you know,
be careful that your name system or what I call the GPS of the Internet is protected as well.
You know, as far as APIs, I'm surprised.
you know, 96% of the global respondents of our survey
have said they have at least one incident in the last 12 months.
Now, again, that's an incident, not necessarily a major crisis,
but it is just showing that APIs and in many cases,
large language models, Gen AI, are really becoming the way we interact with our customers
and our clients.
And so I think those were not earth-shattering, but certainly real.
The last part is more and more we're talking about agentic AI.
So a large language model is answering a question.
Agentic AI is making a decision.
And we really tried to put out the new mitre tool around the top 10 for agentic AI framework
as a way for CISOs to look and understand about how to protect the
those. And again, this is all tied back to things we're doing.
To what degree do you think the financial sector is meeting this challenge?
So, I mean, you say the financial sector and we're protecting globally, you know,
and so I think really some of the more aggressive attacks are tied to geo-conflicts.
So some of the wars are causing financial institutions to get, you know, attacked based on state-sponsored, you know, cybercriminals that are now becoming hacktivist.
And so I would say that's probably one of the biggest, you know, banks are almost collateral damage to these larger conflicts.
And that's been a trend we've seen for a while now.
And so they are doing a good job of making sure that while the tax are growing, the impacts are not huge.
The other is, you know, just around how dynamic this is and looking at all the compliance requirements.
We see more and more coming through on being at either the EU laws or the state laws in the United States or China and pick your country.
we're also seeing a lot more compliance being introduced here,
which is another bit of complexity as I manage my risk portfolio.
That's Steve Winterfeld from Akamai.
Rises knows a thing or two about great combinations.
Chocolate and peanut butter, obviously, but there's more than one way to Rises.
From indulgent Riesus Big Cups with caramel to crunchy Ries' pieces and Rises miniatures,
there's a delicious Rises for every moon.
It's the same combo you love, just with more ways to enjoy it.
So, whether you're snacking, sharing, or just treating yourself, nothing else is Reese's.
Performance Auto Group's 37th annual sale event is back.
Now for three days.
Lease or finance from 0% plus loyalty incentives and maximum trade in value.
Shop thousands of in-stock new, pre-owned, and demonstrator vehicles.
June 11th to 13th across all Performance Auto Group retailers.
Make your move this summer.
Performance Auto Group's three-day sale.
72 hours of savings.
Shot now at performance.ca slash three-day sale.
Driven by Performance Auto Group.
If I had a million dollars,
if I had a million dollars,
well, I'd buy you a house.
And finally, middle school teacher Matthew Spencer
can finally sleep a little easier.
After a mysterious $1,2852
and 82-802-0.82 hotel charge,
vanished from his bank account. For five days, Spencer watched his finances with understandable
concern after a one-night stay at America's Best Value Inn in in Blytheville, Tennessee,
somehow resulted in a seven-figure charge. Hotel management says the culprit appears to be a
cyber attack affecting card processing systems, not an unusually ambitious room rate.
General manager Maid Ramon demonstrated that the hotel's payment terminal cannot even accept a million-dollar transaction,
then provided transaction records showing no such charge was processed through the property.
With the charges now dropped, Spencer says he feels significantly better.
The hotel, meanwhile, is eager to reassure travelers that it would much rather collect room fees
than accidental millionaire-sized payments and continues investigating.
how the bogus charge appeared in the first place.
Yes, sir.
You'll need a major credit card upon checking.
Credit card, you got it.
And that's the Cyberwire.
For links to all of today's stories,
check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights
that keep you a step ahead
in the rapidly changing world of cybersecurity.
If you like our show,
please share a rating and review
in your favorite podcast app.
also fill out the survey in the show notes or send an email to Cyberwire at N2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester with original music and sound designed by Elliot Peltzman.
Our contributing host is Maria Vermazis.
Our executive producer is Jennifer Ibin.
Peter Kilpy is our publisher, and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow.