CyberWire Daily - AI behind the velvet rope.
Episode Date: June 29, 2026The White House keeps frontier AI models on a short leash. Russian threat actors increasingly target secure messaging platforms. DirtyClone is a high-severity Linux kernel privilege escalation flaw. A...n investigation claims federal websites are violating privacy rules. Microsoft dismantles a sophisticated malicious browser extension campaign. Setting up a GitHub repository could trick AI coding agents into executing malicious payloads. The DOJ shuts down illegal World Cup streamers. An Anonymous-linked hacker gets 18 months for website defacement. Monday business briefing. Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discusses cyber risk as a board concern. In healthcare AI, patient privacy needs a second opinion. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discussing cyber risk as a board concern. If you're interested in learning more about NACD, be sure to check out their Director’s Handbook on Cyber-Risk Oversight. Selected Reading Washington pushes AI into an export-control era as rivals rush to fill the gap (Metacurity) FBI and CISA Warn Russian Hackers Stealing Verification Codes and Account PINs From Signal Users (GB Hackers) 'DirtyClone' Linux Kernel Vulnerability Leads to Root Access (SecurityWeek) ‘It’s dangerous and it’s going to erode trust’: redesign of US government websites stokes surveillance fears | Trump administration (The Guardian) StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years (SecurityAffairs) Clean GitHub repo tricks AI coding agents into running malware (Bleeping Computer) US seizes hundreds of FIFA World Cup illegal streaming domains (Bleeping Computer) Anonymous-Linked Hacktivist Aubrey Cottle Jailed Over Texas GOP Cyberattack (Hackread) Accenture acquires Dragos, runZero, and NetRise for more than $4 billion. (N2K Pro Business Briefing) Medical diagnosis AIs can be tricked into telling whose data trained them (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
This episode is supported by Black Hat USA.
If you follow the research, you know a lot of it breaks on Black Hat stages.
Hundreds of peer-reviewed briefings, more than 100 hands-on trainings,
and the largest business hall in Black Hat's history.
Six days to learn the skills you'll need tomorrow.
August 1st to the 6th.
Use code Cyberwire for $200 off your briefings path,
at blackhat.com.
We'll see you in Vegas.
The White House keeps frontier AI models
on a short leash.
Russian threat actors increasingly target
secure messaging platforms.
Dirty clone is a high severity Linux
kernel privilege escalation flaw.
An investigation claims federal websites
are violating privacy rules.
Microsoft dismantles a sophisticated
malicious browser extension campaign.
Setting up a GitHub repository
could trick AI coding agents
into executing malicious payloads.
The DOJ shuts down
illegal World Cup streamers.
An anonymous linked hacker gets 18
months for website defacement.
We've got your Monday business briefing.
Our guest is Dylan Sandlin,
program manager for digital and cybersecurity
content at the National Association
of Corporate Directors. We're discussing
cyber risk as a board
concern. And in
healthcare AI, patient privacy
needs a second opinion.
It's Monday.
June 29th, 2026. I'm Dave Bittner, and this is your Cyberwire Intel briefing.
Happy Monday, everybody. It is great to be back from a very nice vacation. My thanks to Maria
Vermazes for filling in and the entire N2K Cyberwire team for making it possible.
It's great to have you here with us today. The Trump administration is taking a more
interventionalist approach to frontier artificial intelligence, treating advanced AI less like
commercial software and more like strategically important dual-use technology. Over the weekend,
officials approved limited access to Anthropics Mythos 5 for a small group of vetted U.S.
organizations while overseeing a tightly controlled preview of OpenAI's GPT 5.6 family.
The moves come as Chinese firms rapidly advance AI-powered cybersecurity capabilities, with reports suggesting
competitors are approaching Mythos' performance in vulnerability discovery. Notably, OpenAI argues
GBT 5.6 remains below the cyberrisk threshold that prompted tighter controls on Mythos.
The broader trend suggests governments may increasingly regulate frontier AI like export-controlled
technology, even as foreign competitors continue developing comparable systems that could outpace
regulatory efforts. U.S. cybersecurity officials are warning that Russian intelligence-linked threat
actors are increasingly targeting secure messaging platforms, particularly signal through sophisticated
fishing campaigns that steal verification codes and account pins. In a joint advisory,
SISA and the FBI said attackers impersonate trusted contacts, service providers, or security
teams to trick users into surrendering authentication credentials, allowing them to hijack accounts
despite signals end-to-end encryption remaining secure. The campaign primarily targets government
personnel, military members, journalists, and activists, but officials warned the tactics could
affect any user. The agencies recommend enabling signals registration lock, never sharing
verification codes or pins, verifying unexpected requirements.
through secondary channels, and staying alert to malicious links and spoofed websites.
The advisory underscores that nation-state actors increasingly exploit user trust rather than
encryption flaws.
J-Frog has released technical details and a proof-of-concept for Dirty Clone, a high-severity
Linux kernel privilege escalation flaw.
The vulnerability is part of the Dirty Fragg family.
and exploits flaws in how the kernel handles shared memory between the page cache and networking buffers,
allowing local users to gain root privileges.
Systems missing the full chain of related patches remain vulnerable, particularly Debian, Fedora, and Ubuntu.
J-Frog warns the flaw poses significant risk to multi-tenant cloud environments,
Kubernetes clusters, and containerized workloads.
An investigation by The Guardian alleges that the White House's National Design Studio, created in 2025 and staffed largely by former Doge personnel, has quietly rebuilt several federal websites handling passports, voter registration, prescription drug pricing, and children's savings accounts.
The report claims the sites used commercial tracking software without required federal privacy disclosures,
and operated outside normal government oversight with no publicly documented funding or contracting records.
Privacy advocates argue the arrangement could violate federal law
and concentrate sensitive citizen data under White House control.
The White House said National Design Studio personnel comply with all legal requirements
and are improving public access to government services.
Following the Guardian's inquiries, the reported tracking software,
was reportedly removed from some sites.
Questions about the office's oversight, funding, and data handling remain unresolved.
Microsoft has dismantled Steggo ad, a sophisticated malicious browser extension campaign
that operated on the Edge Adon store for at least two years,
infecting roughly 2.6 million users through 119 seemingly legitimate extensions.
The malware remained dormant for days after installation and concealed its payload using steganography,
hiding malicious JavaScript inside images and font files to evade detection.
Once activated, the extensions performed ad fraud, hijacked affiliate commissions,
stole Google and WordPress credentials, and provided attackers with a remote code execution backdoor.
Microsoft observed the campaign continually evolving its,
evasion techniques as defenses improved. While Microsoft is not attributed the operation,
Koi Security has linked related infrastructure to the Chinese threat group Dark Specter.
Users are advised to remove affected extensions immediately and reset potentially compromised credentials.
Researchers at Mozilla's Zero Day Investigative Network, or Odin, have demonstrated a proof-of-concept
attack showing how AI coding agents, such as
Claude code could be tricked into executing a hidden malicious payload while setting up an otherwise
benign GitHub repository. The technique requires no malicious code in the repository itself. Instead,
the AI follows standard setup instructions, automatically runs an initialization command to resolve an error,
then executes a shell script that retrieves a command from an attacker-controlled DNS record. The result is an interactive
shell running with the developer's privileges, potentially exposing API keys,
configuration files, and other sensitive data.
While currently theoretical, researchers warn the method could be distributed through fake job
postings or tutorials and recommend AI agents disclose the complete execution chain for all
set up commands, including dynamically fetched code.
The U.S. Justice Department has seized nearly four.
400 domains used to illegally stream 2026 FIFA World Cup matches as part of Operation Offsides,
a coordinated international enforcement effort.
Working with law enforcement agencies in multiple countries and partners, including FIFA,
and the Alliance for Creativity and Entertainment,
authorities targeted piracy infrastructure across Europe and Latin America.
Officials said the illegal streaming sites not only violated copyright laws,
but also exposed users to malware and other cybersecurity risks.
The C's domains now display law enforcement notices.
Anonymous-linked hacker Aubrey Cottle has been sentenced in Canada to 18 months in prison
after pleading guilty to charges related to the 2021 defacement of the Texas Republican Party website.
The attack carried out after compromising web hosting provider Epic replaced the site.
replaced the site's homepage with protest content opposing a Texas abortion law
and involved the theft of 180 gigabytes of sensitive data,
which Cottle later shared online.
Cottle, a former security researcher, has already served much of his sentence in pretrial custody,
but still faces possible extradition to the United States,
where separate federal charges could carry an additional five-year prison term.
In court, Cottle expressed remorse and said he plans to complete his education and start a cybersecurity company.
Turning to our Monday business briefing, cybersecurity companies attracted significant investment and deal activity last week,
led by Israeli operational technology security firm Dream, which raised $260 million at a $3 billion valuation to expand its sovereign AI,
and national cyber defense platforms globally.
Spanish AI security startup neural trust secured $20 million in seed funding
to advance its agentic AI security platform and expand across Europe,
while India's Mitagata raised $15 million to grow its cybersecurity compliance and resilience platform.
Mergers and acquisitions were equally active.
Accenture acquired a majority stake in Dragos and fully.
acquired Run Zero and NetRise in deals valued at roughly $4.2 billion, integrating the companies into
Dregos' industrial security platform. Elsewhere, Francisco Partners acquired efficient IP.
Cisco announced plans to buy Identity Security startup Widefield Security. Francis Idocto acquired
Stelho and Workforce Training Firm M3 purchased cybersecurity education provider.
caps lock.
Be sure to check out our complete business briefing that is on our website.
It's part of Cyberwire Pro.
Coming up after the break, my conversation with Dylan Sandlin from the National Association
of Corporate Directors.
We're discussing cyber risk as a board concern.
And in healthcare AI, patient privacy needs a second opinion.
Stay with us.
This spring, Denham gets a soft.
lighter update. Introducing Old Navy's drapey denim wide leg, a new fit that moves with you.
It's everything you want denim to feel like for summer. Easy, breathable, and effortlessly cool.
With a fit that creates natural movement and a wide leg that feels modern, not overwhelming.
Plus, that signature, wait, for this price, moment. Old Navy's drapey denim wide leg.
Dylan Sandlin is program manager for digital and cybersecurity content at the National Association.
Association of Corporate Directors.
We got together to discuss cyber risk as a board concern.
You know, Dave, I would say that the biggest change is a cultural shift among the boardroom
community, one where technology is not seen so much as either a cost center or as purely
operational, but it's really taken on strategic significance.
And with that, an understanding that if we're going to deliver value to the business with
technology, we need to be able to secure it as well. So I think there's really been a ramping up in how
boards are approaching cybersecurity more standardized, more routinized, and they're applying a lot
more rigor in how they are approaching this risk category specifically with the recognition that the
ultimate goal is driving business value from the technology investments they're making.
Well, I know you've said it's important to distinguish between awareness and preparedness. What does that gap look like
in practice?
Looking specifically at awareness, right, that deals most heavily with board's education,
right?
So how are individual directors making themselves aware of the specific threats that are facing
their organizations?
One of the things we're seeing is that directors are individually pursuing more educational
opportunities on their own so that they can be more prepared for those cybersecurity
conversations in their board meetings.
However, when we think that.
about preparedness, we're talking about translating that additional education and knowledge about
cybersecurity into specific boardroom practices, right? So delegating authority to appropriate committees,
setting up agenda time, focused on the most critical topics, not necessarily looking backwards
so much at backward-looking metrics, but really bringing the conversation into that strategic
arena so that the conversation is really at a level where boards can provide value on the
strategy and not so much just a compliance checklist.
Well, of course, we have to touch on AI, which I think it's fair to say is a board level issue
these days.
What are directors trying to do to balance between that business opportunity, potential
return on investment, but also the growing risk of AI-enabled attacks?
You know, David, this is really where the conversation these days is meeting, the rubber is
meeting the road in the boardroom when it comes to cybersecurity.
It's all around AI.
I think from my perspective, the conversation around Mythos really broke through in a way that I hadn't previously seen.
I think a lot of board directors heading into this year anticipated artificial technologies or artificial intelligence technologies to contribute to overall business growth.
But there wasn't necessarily so much of an emphasis on the risk side of things.
And that was seen in our survey data.
But now what we're seeing in the second quarter of this year is that cybersecurity risks have really done.
jump back into the conversation because there is an understanding that these new technologies and
these new capabilities offer a really significant risk to the business, whether it's through
offensive cyber capabilities, as well as getting a greater understanding of the latent risk
within the organization's tech stack by using it to uncover previously unknown vulnerabilities.
So board directors now have a much clearer understanding of the risk that exists.
within their organization if they're leveraging these AI technologies.
But the real test will be if directors are able to use this additional awareness of the risk
within the organization to actually drive better prioritization of where they're going to allocate
resources, what risks they're going to tolerate, what risks they're going to have to mitigate.
So that's where really we're looking to see how boards are responding to AI moving forward.
I'm curious, you know, what kind of things that you all are seeing here,
both in your survey data and also the folks that you interact with.
Are you seeing more hesitation these days,
or does it still seem to be full speed ahead when it comes to AI?
David, I think it's still full speed ahead.
And I think one of the things that I'm really focusing on
is as understanding how this push to really achieve the return on investment
that companies have made in these technologies,
how that's balanced with how much risk are we willing to adopt.
to achieve that, right?
And so, you know, you're seeing in some other survey data where, you know, CEOs are talking
about how cyber risk is now their top risk category right now.
And I think that has to be looked at in the context of the fact that the boardroom community
is expecting these technologies to pay off, right?
They're expecting to receive a return on the investments that they've made.
But I think what needs to reenter the conversation is, do we understand as a board and as management
team, do we understand the actual risks that these technologies are introducing? And if now that we have a
greater awareness of what these tools can do, right, or now with these new capabilities that we're
aware of, what assumptions might we need to rethink about how much value we can anticipate
or where might we need to rededicate resources in order to mitigate some of that risk that we
didn't necessarily understand that we were taking on to begin with?
Have you been seeing any sort of shift in the types of people that organizations?
organizations are looking to put on their boards? In other words, is more of awareness and
knowledge of this particular area more desirable? I would see there's definitely an effort to
identify specific cybersecurity or more broadly technology expertise for many boards.
There's clearly an understanding that technology is going to be a driver of business model
success moving forward. And so making sure that,
the right people around the table have that expertise as essential to making sure that,
you know, your strategic priorities, that your business objectives are achievable,
and that you're able to provide a healthy skepticism to what management is telling you
about their progress on these fronts. So there definitely is an effort to bring in more
additional cybersecurity expertise from director candidates, but there's also an effort to
uplift the entire board's fluency, as well as engaging third-party expertise to make sure that
you're getting a third-party perspective so that you can maintain that independent perspective.
I know you and your colleagues there at NACD recently updated your cyber handbook.
Can you give us a little preview of what folks can expect to find within that?
Sure. I think one of the things that we've really endeavored to do is to ground the cybersecurity
conversation in the organizational strategic conversation, right?
Recognizing that cyber risk is an enterprise risk and that any successful strategy in today's
world is going to necessarily have a technology and cybersecurity component attached to it.
Within the handbook, we've really structured it to try to give boards specific activities
that they can do along with specific success indicators that they can use to evaluate that.
So again, grounding the conversation and strategy, as well as focusing on the first of
fact that reporting around cybersecurity is getting much more standardized, as well as it's becoming
data-backed and data-informed, right? And so we're trying to incorporate the conversation around
quantifying cyber risk and financial terms so that the language that's being spoken between
management teams and board members is one and the same, so that the board can be better informed
to make those strategic decisions, to make those resource allocation and capital allocation decisions
at a much more informed manner.
Do you have any advice or words of wisdom for directors, CISOs, executive leaders, just the types of things that they should understand about cyber governance, things that are going to matter most over the next few years?
Yes, so I think in terms of what's going to matter over the next couple of years, I think one of the things to always make sure that any conversation that security leaders are having with the board always is grounded in strategy, right?
A clear understanding of how what the cybersecurity.
team is doing relates to the overall business's objectives. So when CSOs or other technology
leaders are presenting to the board, I think it's very helpful to understand exactly how what
the security program is doing relates back to the business strategy, as well as having clear
KPIs and KRIs. That link back to an agreed upon risk appetite statement, right? That's quantified
where it's possible so that, again, board members can be better informed and that you're speaking
those board members language and how they are evaluating cybersecurity.
I think another thing to look out for on the horizon is making sure that when CSOs come and present
to boards or when security leaders are interacting with board members, that they have a clear
understanding that board members are always looking on the horizon.
They're always looking to what are the next emerging technologies, whether that's quantum
computing, whether that's new AI capabilities, and they want to know what your perspective is.
And they also want to understand that you've been thinking about this in a strategic manner.
That gives them a lot of confidence that those within the organization are approaching these
developments with security risks or new technology capabilities in a manner that moves the
organization forward and has strategy front and center in everyone's mind.
That's Dylan Sandlin from the National Association of Corporate Directors.
What happens when AI agents gain access to the same systems, applications, and credentials as your employees?
According to Arvind Nithrkashyip, CTO and co-founder of Rubrik, that reality is already here.
As AI agents proliferate across enterprise environments, organizations face a growing challenge.
How do you govern systems that operate at machine speed?
To learn more about AI sprawl, the risk it creates,
and how organizations can prepare, visit explore.thecyberwire.com slash rubric to hear the full
conversation.
And finally, medical AI may be good at spotting disease, but it also appears surprisingly good at
remembering who taught it.
Researchers in Germany found that so-called membership inference attacks can identify
with near-perfect accuracy whether an individual's medical data was used to train
diagnostic AI models. That could expose sensitive information about a patient's medical history,
even when training data sets are anonymized. The risk is especially high for underrepresented groups
whose data stands out more in training sets. Attackers need only partial patient data, such as blood
test results, to probe a model's confidence and inferm membership. Given the frequency of
health care data breaches, researchers argue the threat
is far from theoretical.
They recommend stronger privacy protections,
including differential privacy techniques,
broader representation in training datasets,
and privacy audits that measure risks to individual patients,
not just overall data sets.
It turns out AI isn't just learning from patients,
it's remembering them.
In healthcare, that's one diagnosis nobody wants.
And that's the Cyberwire for links to.
to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights
that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show,
please share a rating and review in your favorite podcast app. Please also fill out the survey
and the show notes or send an email to Cyberwire at n2k.com. Don't forget to check out
the grumpy old geeks podcast where I contribute to a regular
segment on Jason and Brian's show every week. You can find grumpy old geeks where all the fine
podcasts are listed. N2K's lead producer is Liz Stokes. We're mixed by Trey Hester with original
music and sound design by Elliot Keltzman. Our contributing host is Maria Vermazas. Our executive
producer is Jennifer Ivan. Peter Kilpie is our publisher, and I'm Dave Bittner. Thanks for listening.
We'll see you back here tomorrow.
One of those media strategy people
Clicking through slides
scrolling spreadsheets
Yes? Good. This is for you.
Because on Spotify there's an audience that's different.
Locked in. Loyal. Invested.
They're called fans.
Fans don't just listen to music.
They feel seen by it like it belongs to them.
So when your brand shows up on Spotify,
that's who you're talking to.
And you're right next to artists like me, Lizzo.
So, are you ready to talk to fans?
Spotify Advertising.
You're a mom.
fans.
