CyberWire Daily - AI joins the chain of command.
Episode Date: June 1, 2026Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-...old Linux bug gets its day in the sun. Today’s business update. Our guest is Heather Ceylan, CISO at Box, discussing how governed AI starts with solving the unstructured data problem. Microsoft hits refresh on research relations. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices we are joined by Heather Ceylan, CISO at Box, discussing how governed AI starts with solving the unstructured data problem. If you enjoyed this conversation, you can catch the full interview here. Selected Reading As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution (SecurityWeek) Why a surge of election-related websites could spell rising cyber threats for the midterms (PBS News) Election threats are focused on campaign systems, not voting machines (CyberScoop) Critical Windows Netlogon RCE flaw now exploited in attacks (Bleeping Computer) U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog (Security Affairs) CISA Town Halls Set Final Stage for CIRCIA Debate (BankInfo Security) Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years (The Record) 19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access (SecurityWeek) Indian Exam Board Admits to Cybersecurity Holes Found by Teen (Bloomberg) Zscaler intends to acquire identity mapping company Symmetry Systems. (N2K Pro Business Briefing) Microsoft says it will not pursue security researchers after zero-day backlash (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
Do you know how the space and cybersecurity domains connect?
T-minus space cyber briefing is your guide through the space-based systems that expand the attack surface.
I'm Maria Varmazes, host here at N2K Cyberwire, and I'm excited to share that T-minus is back.
Now, as a weekly podcast, the T-minus Space Cyber Briefing.
We have a new dedicated focus on two great things that are even better together, space and cybersecurity.
Because whether we realize it or not, we all depend on space-based systems that are, by the way, increasingly internet-enabled.
We're talking cybersecurity technologies, policies, and organizations that are securing the critical space-based infrastructure that powers, protects, and connects our lives here on Earth.
So join me for T-minus Space Cyber Reefing, new episodes every Sunday.
Maybe that's an urgent message from your CEO, or maybe it's a deep fake trying to target your business.
Doppel is the AI-native social engineering defense platform fighting back against impersonation and manipulation.
As attackers use AI to make their tactics more sophisticated, Doppel uses it to fight back.
from automatically dismantling cross-channel attacks to building team resilience and more.
Doppel. Outpacing what's next in social engineering.
Learn more at doppel.com.
That's D-O-P-P-E-L.com.
Battlefield AI sparks debate.
Election cyber threats rise.
A critical windows flaw is under active attack.
Sissau-A's new reporting rules.
Russian targets face a stealthy hacking campaign,
a 19-year-old list.
The Linux bug gets its day in the sun.
We've got today's business update.
Our guest is Heather Cillin, CISO at Box,
discussing how governed AI starts with solving the unstructured data problem.
And Microsoft hits refresh on research relations.
It's Monday, June 1st, 2026.
I'm Dave Bittner, and this is your Cyberwire Intel briefing.
Thanks for joining us here today.
It's great to have you with us.
The Trump administration is exonerated.
accelerating the use of artificial intelligence across the U.S. military, arguing it's critical
to maintaining America's strategic advantage. Defense Secretary Pete Hegeseth has pushed for rapid
AI adoption and opposed restrictions that could limit lawful military applications,
while President Trump has expressed concern that new regulations could weaken U.S. competitiveness,
particularly against China. At the same time, some military leaders and
technology companies are urging caution. Admiral Frank Bradley, head of U.S. Special Operations Command,
warned that humans must remain confident AI systems deliver force only were intended.
Military officials described AI as both a battlefield tool that speeds targeting and decision-making
and a support system that reduces administrative burdens and cognitive workload without replacing human judgment.
The debate has fueled tensions between the Pentagon and AI company Anthropic, which raised concerns about autonomous weapons and surveillance.
Despite these disputes, experts note the military generally adopts new technologies carefully,
balancing operational effectiveness with the need to avoid mistakes, civilian harm, and unintended consequences.
A new report from Checkpoint warns that the 2026,
6 U.S. midterm elections face elevated cyber threats targeting political organizations,
fundraising platforms, media outlets, and voters.
Researchers found a sharp rise in newly registered election-related domains,
many of which could later be used for fishing, impersonation, fraudulent fundraising,
or misinformation campaigns.
The report identifies phishing, AI-enabled disinformation, influence operations,
and account compromise as the most likely threats.
Email remains the primary attack vector,
accounting for 82% of malicious file attacks.
Researchers also found thousands of leaked credentials
tied to major fundraising platforms Act Blue and Wynne Red,
creating opportunities for fraud and unauthorized access.
Artificial intelligence is making scams, deepfakes,
and misinformation more convincing and easier to produce
at scale. The report also highlights ongoing influence efforts by foreign adversaries,
including Russia, China, and Iran. While voting systems themselves are not the primary target,
experts warn that attacks on communication channels, fundraising platforms, and public trust
could significantly impact the election environment.
Belgium's National Cybersecurity Agency is warning that attackers are actively exploiting a
critical Windows net log-on vulnerability patched by Microsoft back in May.
The flaw, a stack-based buffer overflow with a CVSS score of 9.8, allows unauthenticated remote
code execution on Windows domain controllers through specially crafted network requests.
It affects all supported Windows server versions, including Windows Server 2025.
While details of current attacks remain limited, the CCB is urgent.
organizations to patch immediately to protect vulnerable servers.
Elsewhere, Sisa has added a Palo Alto network's PanOS authentication bypass flaw to its
known exploited vulnerabilities catalog after reports of active attacks.
The vulnerability affects global protect portals and gateways, allowing attackers to forge
authentication cookies and establish authorized VPN access under certain configurations.
Rapid 7 observed exploitation across multiple organizations
beginning in mid-May, with some attackers gaining internal network access.
Palo Alto patched the flaw on May 13th,
and SISA has ordered federal agencies to remediate affected systems by today.
Sissau will hold a series of virtual town halls from June 15th through the 18th
to gather final industry feedback on cyber incident reporting rules required under the 2022
Cyber Incident Reporting for Critical Infrastructure Act.
The sessions are expected to help determine which critical infrastructure organizations
must report cyber incidents and ransomware payments, what qualifies as a reportable incident,
and what information must be disclosed.
Industry groups have criticized earlier proposals as overly broad and burdensome.
raising concerns about compliance costs and overlapping reporting requirements.
The meetings may also signal whether the Trump administration plans to narrow the rule
before SISA finalizes regulations that have been delayed amid extensive stakeholder feedback and debate.
Researchers at Kaspersky have uncovered a previously unknown hacking group
that quietly targeted Russian Maritime Universities,
energy organizations, diplomatic missions, government agencies, and financial institutions for nearly two years.
The campaign, active since at least 2024, used long dormant periods to avoid detection.
Recent attacks relied on the ravage penetration testing framework and began with fishing emails
containing malicious zip files disguised as Microsoft Excel configuration files.
More than half of the observed attacks targeted maritime educational institutions.
Kaspersky said the group appears well-established and highly stealthy,
but did not attribute the campaign to any known threat actor or identify its motive.
Researchers have disclosed a 19-year-old Linux privilege-escalation vulnerability,
dubbed SIF switch, that can allow low-privileged users to gain root access on affected systems.
The flaw resides in the Linux kernel's SIFs subsystem and the SIFS utiles authentication helper used for SMB network file sharing.
According to researcher Assim Valladi Oglu Manazada, attackers can manipulate authentication requests to trick the root-privileged helper into switching namespaces and executing attacker-controlled code.
The issue stems from insufficient validation of request origins and key descriptions.
several Linux distributions are vulnerable, particularly those with SIFs Utils installed by default,
though some distributions block the attack path by default or are unaffected.
Major Linux vendors have already released patches, and proof-of-concept code has been published
to help organizations test their defenses.
India's Central Board of Secondary Education said it has identified and contained vulnerabilities
in its OnMark online grading portal
after they were publicly reported
by a teenage cybersecurity researcher.
The government-run exam board stated
it has been closely monitoring the issue
and taking corrective action.
OnMark, introduced this year,
allows teachers to digitally grade
scanned copies of students' physical exam answer sheets
for one of India's most important
school-leaving examinations.
The board did not disclose additional details
about the vulnerabilities or their impact.
Turning to our Monday business breakdown,
cybersecurity investment activity remained strong last week
with several funding rounds and acquisitions announced
across the sector.
London-based Revenge AI raised $15 million in a series A round
led by the NATO Innovation Fund
to advance software supply chain security.
Canadian Identity Security Company Last Wall
secured $11.5 million to expand beyond its U.S. federal customer base,
while London-based threat intelligence startup InfraWatch
raised $3 million in precede funding.
Spain's Orbic cybersecurity obtained $2 million to support growth,
international expansion, and hiring,
and Maryland-based Provision IAM received $1.25 million in strategic investments.
Mergers and acquisitions were equal.
actively active. Z-scaler announced plans to acquire symmetry systems to strengthen identity
visibility and AI governance capabilities. Checkpoint agreed to acquire deep checks to accelerate
its AI security roadmap. Urazeo will acquire Germany's Nextron systems to expand digital forensics
capabilities, while Sycureon acquired secuvant to enhance managed detection, vulnerability management,
and compliance services.
Overall, the deals highlight
continued investor focus
on AI security,
identity management,
threat intelligence,
and digital forensics.
Coming up after the break,
my conversation
with Heather Salin,
CISO at Box.
We're discussing how
governed AI starts
with solving
the unstructured data problem.
And Microsoft
hits refresh
on research relations.
Stay with us.
What's the one thing
in business that's spreading as fast as AI? AI risk. Every new tool your team signs up for,
every vendor that turns on AI features, every new integration, each one creates another
opportunity for something to go wrong. And most security programs just weren't built for
AI's pace of growth. Enter Vanta. Vanta is the number one agenetic trust platform,
used by more than 16,000 fast-moving companies like RAM, Cursor, and Harvey to help ensure they're
always audit-ready. And now, Vanta is helping companies watch for the risks that show up between
audits, across vendors, AI tools, and their entire environment. The Vanta agent works like a 24-7
GRC engineer in the background, finding issues, drafting fixes, and cutting vendor assessment time
by up to 50%. Whether you're a fast-growing startup or a global enterprise, Vanta is here to help
you automate your security and compliance and earn and prove trust. Get started today at vanta.com
slash cyber. That's V-A-N-T-A dot com slash cyber.
Heather Sealen is Sissau at Box, and in today's sponsored industry voices conversation, we discuss how
governed AI starts with solving the unstructured data problem.
So I think enterprises for a long time have struggled to govern their unstructured data.
So when I say unstructured data, this is content that may live on users' local devices.
It may live in the cloud, in Microsoft 365, in box, in other cloud storage providers.
And you have this distributed content problem that may not be, you know, it may not be labeled,
It may not be classified correctly. It may not be permission and controlled correctly, which I think
organizations have tolerated that unstructured content governance problem for a long time because the blast radius was
limited. We were talking about humans accessing that content, not agents. Now as we're starting to talk about
agents accessing that content on such a large scale, that problem becomes much more critical to
solve. Well, let's talk about that problem. What is the issue here of providing access to this sort of
data to, say, an agentic AI? Let me start with an example, right? Let's say the legal team is working on a deal,
a new partnership deal. That's material non-public information. They have this data in their folders.
It's not classified appropriately. Access isn't properly controlled. A human that's not supposed to have
access may not find that data because they're not looking for it, right? But let's say the product
team is now using an agent to go research that same company that the legal team is doing the deal
with. And now that agent is taking the data, it's surfacing it to the product team, it's creating
roadmaps, it's actually acting on that knowledge. Now you've got a really big problem that most likely
would not have existed if it was just humans needing to access this content. Agents will go access
whatever content they can to try to solve the problem.
And the blast radius is just much bigger when you're working with agents.
So it's really kind of that insatiable desire to gobble up every piece of data that it has permission to touch.
Is that a good way to describe it?
Yeah, that's right.
And the permissions of these agents are often very vast because they need to do multiple step processes.
right? So a lot of times the agents don't have those restrictive permissions within them,
which is why it's so important to have those restrictive permissions on your content
and to have that content classified.
Well, walk me through the process then.
If I want to do a better job with this, and I want to get the data in a proper condition
before I expose it here, what sorts of things do I need to prepare for?
So this is one thing that I get really excited about because AI can actually help us
here too. It's not just part of the problem. It's part of the solution. So I think one thing that
organizations have really struggled with is the data classification piece. It's really hard to do that
manually, and it's really hard to get humans to go in and properly classify data, especially when
you're talking years and years and years of unstructured content. So AI can actually help us
classify that content, not just based on keywords or, you know, regexes like historical
DLP solutions have provided security teams in the past, but AI can actually understand what the
content is, how sensitive the content is, and it can proactively put those labels on the content
for us and automatically apply permissions based on what it thinks the content is.
So this is a great example of, you know, yes, AI causes some security challenges, but it can also
help be part of the solution to those.
help me understand here when going through this process are we making copies of the data or are we creating a roadmap to where the data is stored how exactly does it work
no you're not creating copies of the data what you're doing is the you can have an agent that actually reads and understands what's in the document and it can apply a label to that content and then once that content actually has a label attached to it it can flow with it
wherever it goes, right? Because you want the content to stay classified no matter where it's going
across your systems. And then you can apply whatever controls you deem appropriate. So let's say
you have a document that you labeled as sensitive. Let's say it's your most restrictive
setting. You can apply really strict permissions. You can say, we don't want this to be shared
with anyone outside of the organization. We don't want this to be shared publicly. And you
and apply those strict access controls based on the classification labels.
What if I'm in a business line that has compliance requirements?
I suspect this is going to help me along the way there as well.
Yes, this would definitely help with that.
I think there's a lot of compliance requirements out there that wants you to have
strict controls over access to sensitive data.
And this helps you do that.
If you don't know what data you have or where it's sitting and it's not properly classified,
it's really difficult to say that you're controlling that data appropriately.
Does this help improve the quality of the output that I could potentially get out of my AI agent?
Yes, that's another great benefit as well.
One of the struggles of agents when you have distributed content, it means the context is also distributed.
So agents do better work when they have more context to work from.
And if that context is distributed across multiple systems,
the agent may have access to one system but not another.
It may be working from different,
not a complete picture of the context that it needs.
So when you're doing this with how we've historically used AI as an assistant,
it may surface a bad answer, it may surface an incomplete answer,
a hallucination, something you're not permission to see.
but I think we're talking about a whole new level of risk when you're looking at agents operating with that.
Because an agent will go one step further and then take action based on that data, even if it's missing the context.
Can we dig into some of those risks?
I mean, I can imagine that this would be an area where if folks don't have the tools that they need or that they desire, it's going to be open to shadow AI.
Yes.
That is very real. And I think, you know, all of the security leaders that I speak with on a regular basis are working actively to try to solve this problem. So I think as security leaders and practitioners, it's really important for us to say, not to say no to AI. I think we have to equip people with the tools that they need to do their jobs in a secure, safe manner. Otherwise, they're going to go around it and you're going to have the shadow AI problem, no matter how hard you try to control.
it, people will find ways to use these tools to make them more productive. And I think, you know,
here at Box, like, that's one thing that's very important for us is we need people to use AI.
We want them to be productive. We want them to be better at their jobs. We just want to make sure
they do it securely. So I think it's really important to provide safe ways for teams to experiment
and determine, you know, if these tools are really useful before we go on and fully implement.
them. What is it like when an organization decides to go down this path? How heavy a lift is it? I can imagine
people being a little intimidated. They've been around for years and I don't know where all my stuff is,
right? Yes, it's a very real challenge, especially, you know, when you have large organizations,
they have, you know, 40, 50, 100 years even of content. You know, it's where do we start? Another thing AI can really
help with is archiving content that's no longer relevant. You don't need agents to go back and
probably search a hundred years worth of content, nor do you want to try to classify a hundred
years worth of content. So I think you have to figure out what's really critical. I think, you know,
in reality, like, it's really difficult to put all of your content into a single place,
but it's easier if you can do that. And you can have better control, better context, better governance,
all or most of your content is in a single content layer.
How do you dial in human oversight here?
Yes, I think human oversight becomes really important for critical actions.
Again, the blast radius for agents across your content is much bigger than it is for humans.
When agents are operating, in the example I mentioned at the beginning, going back to, you know,
the legal team having some very sensitive, non-public and
information for a deal they're working, if an agent is grabbing that and acting on it and taking
that information, putting it into maybe a product roadmap, slacking product leaders about this
new information it's found, your blast radius just gets so much bigger. So I think having a human
in the loop for these types of sensitive actions really is still necessary. Now, there's going to be
some low-risk things as we start to get more comfortable with agents that.
we're going to let them do on their own because we're comfortable with the controls over our content
and we're comfortable with the guardrails that we have in place for the agents. But there's going to be
some actions that are so sensitive, such as deleting whole files, sending, sharing whole folders
publicly that we may still want humans in the loop for. What are your recommendations for organizations
who feel like they want to go down this path? How do you prepare yourself? Yeah, I would say start by
knowing where all of your content is.
And as much as you can,
putting all of that content in a single storage location,
so you have all of your context and controls
and governance in a single plane.
And then once you do that,
it's understanding what data you have,
what the sensitivity is,
classifying it, applying those labels.
And again, AI can help us do that in a way
that is actually feasible now.
If we were relying on humans to do that,
that's a project that would,
you know, take years for, you know, security compliance teams to oversee. So now we can do that
much more quickly. And then once you have the data classified, making sure you apply controls based
on those classifications. So you may want to restrict permissions, you may want to restrict file
sharing, you may want to restrict agent access to that content. And then once you feel like you
have a very strong and secure content layer, then you can talk about agents operating
on that content, and then thinking about guardrails you need to have in place for those agents
to detect maybe behavioral drifts and where they might misaline from their original intent
or where they might be accessing something that maybe we don't want them to access.
That's Heather Sealen, Sissau, and Box.
And finally, after a week of turbulence with the Security Research Committee,
Microsoft is clarifying that it does not intend to take legal action.
against researchers who discover and publish vulnerabilities.
The reassurance follows backlash over a company blog post
that criticized recent uncoordinated Windows Zero Day disclosures
and warned that Microsoft's Digital Crimes Unit
would continue pursuing those who enable criminal activity.
Many researchers interpreted the message as a veiled warning
aimed at the pseudonymous researcher Nightmare Eclipse.
In a follow-up statement,
posted on social media, Microsoft effectively walked back the concern,
acknowledging that some interactions with researchers had fallen short
and emphasizing its commitment to good faith engagement.
Observers also noted the company quietly swapped the more controversial phrase
responsible disclosure for the less loaded coordinated vulnerability disclosure,
a bit of terminology housekeeping that did not go unnoticed.
Meanwhile, nightmare eclipse appears unfazed.
The researcher says others have begun sharing vulnerabilities directly and has promised another disclosure in June,
suggesting this particular chapter in the long-running vendor-researcher relationship may be ending with a handshake
or at least a slightly less tense email exchange.
And that's the Cyberwire.
For links to all of today's stories, check out our daily briefing at the Cyberwire.
We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights
that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show,
please share a rating and review in your favorite podcast app. Please also fill out the survey in the
show notes or send an email to Cyberwire at N2K.com. N2K's lead producer is Liz Stokes. We're mixed
by Trey Hester with original music and sound design by Elliot Peltzman. Our contributing
host is Maria Vermazas. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher,
and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.
Hey, y'all, it's Kelly Clarkson with Wayfair. Ever order furniture online and wonder what if? Like,
what if doesn't hold up? That sofa was four days old. You should have ordered from Wayfair.
With Wayfair, there's no what if. Just style you love and quality you can trust. Visit Wayfair.ca.