CyberWire Daily - NetNut gets cracked.
Episode Date: July 6, 2026The FBI disrupts a major residential proxy service. Attackers exploit Fortinet firewalls to target UK officials. European lawmakers call for a spyware investigation. A new macOS infostealer masquerade...s as a clipboard manager. Prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning. Researchers trick Claude into remote code execution. AI’s strain on the power grid is complicated. Monday business briefing. Our guest is Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. Anime and AI meet adolescent antics. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. You can learn more here. Selected Reading FBI Seizes NetNut Domains as Google Disrupts 2M Device Proxy Network (HackRead) Russian hackers steal government logins (The Telegraph) Lawmaker Probing Pegasus Spyware Infected Using Same Malware (BankInfo Security) PamStealer: a Rust-based macOS infostealer that validates credentials through PAM (Jamf) Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments (SecurityWeek) Red teamers turned Claude Desktop into a double agent to do their evil bidding (The Register) How Data Centers Grid Instability Threatens Reliability (IEEE Spectrum) Quantifind has secured $200 million in a funding round led by Summit Partners. (N2K Pro Business Briefing) Japanese teen arrested for cyberattack that unsubscribed over 46,000 anime accounts (The Straits Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
Heading to this year's Black Hat USA, the N2K Cyberwire team will be on site recording from our podcast studio in the SpectorOps Kennel Club.
If you're interested in joining us for a conversation or learning more about what we're recording throughout the week, visit sponsor.com for more information.
And make sure you stop by the studio and meet the N2Siberwire.
2K Cyberwire team.
We'll see you there.
What's the one thing in business that's spreading as fast as AI?
AI risk.
Every new tool your team signs up for, every vendor that turns on AI features, every new integration.
Each one is an opportunity for something to go wrong.
And most security programs weren't built for AI's pace of growth.
Enter Vanta.
Vanta is the number one agentic trust platform, used by over 16,000.
fast-moving companies like Ramp, Cursor, and Harvey to ensure they're always audit-ready.
And now Vanta is helping companies like yours watch for the risks that show up between audits,
across your vendors, your AI tools, and your whole environment.
How?
The Vanta agent works like a 24-7 GRC engineer in the background,
finding issues, drafting fixes, and cutting vendor assessment time by up to 50%.
Whether you're a fast-growing startup or a global enterprise,
Vanta is here to help you automate your security and compliance and earn and prove trust.
Get started today at Vanta.com slash cyber.
That's V-A-T-A dot com slash cyber.
The FBI disrupts a major residential proxy service.
Attackers exploit fortinet firewalls to target UK officials.
European lawmakers call for a spyware investigation.
A new macOS info stealer masquerades as a clipboard manager,
prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning.
Researchers trick clawed into remote code execution.
AI's strain on the power grid is complicated.
We got your Monday business briefing.
Our guest is Gabby Reich, VP of Product, threat intelligence and exposure management at BITSight,
with insights on how cybercriminal activity is shifting.
and anime and AI meet adolescent antics.
It's Monday, July 6, 26.
I'm Dave Bittner, and this is your Cyberwire Intel briefing.
Thanks for joining us here today.
It is great as always to have you with us.
The FBI and IRS criminal investigation
with support from Google,
Lumen's Black Lotus Labs,
and the Shadow Server Foundation,
sees domains linked to NetNNN
Nut, disrupting a major residential proxy service.
Netnut, owned by Israel-based Alarum Technologies, provided residential proxies that routed internet
traffic through consumer devices, a service used for legitimate business purposes, but also
exploited by cybercriminals.
Google said the network relied on at least two million devices, many of them Android's
smart TVs and streaming boxes, some of which were enrolled through.
pre-installed software or hidden software development kits.
Researchers observed hundreds of threat clusters
using net-nut infrastructure for password spraying,
unauthorized access attempts, and other malicious activity.
Google disabled net-nut-related infrastructure,
shared threat intelligence, and updated play-protect to detect
to detect affected applications.
Alarum said it would cooperate with investigators
and warned investors that the disruptors
could significantly affect its business.
Researchers have also linked net-nut infrastructure to several botnet operations.
A large-scale cyber campaign targeting Fortinette firewalls has exposed login credentials
belonging to UK government officials, overseas foreign office staff, local authorities, and
organizations supporting critical infrastructure.
Researchers say attackers used previously leaked credentials to bypassed.
security controls and gain access to sensitive networks, with stolen accounts now reportedly
being sold on dark web forums.
The UK's National Cybersecurity Center confirmed an ongoing brute force campaign against
Fortnite devices and urged organizations to audit systems, isolate compromised devices,
and change reused passwords.
While the attack has been linked to Russian-speaking hackers based on technical evidence,
Officials say there's no evidence of direct Russian state involvement.
Security experts warn the stolen credentials could enable ransomware attacks against health care,
government, and other essential services if organizations fail to secure affected systems.
European lawmakers are calling for a new spyware investigation after researchers found that
former European Parliament member Stelio Kulaglao was infected with NSO Group's Pegasus
spyware while serving on the Parliament's Pega Committee, which was investigating spyware abuses.
According to Citizen Lab, KulaGlau's iPhone was compromised in October 2022 and again in early
2003 using the Pone Your Home Zero-Click exploit, with the attacks occurring during key stages
of the committee's work. Researchers urge the European Parliament to launch an immediate investigation
and expand spyware screening for members' devices.
Political groups across Parliament echoed those calls,
arguing that recommendations issued by the Pega Committee in 2023,
including stronger oversight and tighter controls on commercial spyware,
have not been fully implemented.
JAMPF Threat Labs has identified a new MacOS InfoStealer,
dubbed Pam Steeler,
disguised as the legitimate Maxiore,
maxi clipboard manager. Distributed as a compiled Apple script inside a disk image, the malware downloads
a rust-based second-stage payload that steals credentials, browser data, clipboard contents, and cryptocurrency
wallet information while establishing persistence. Its standout feature is locally validating a victim's
macOS password through the plug-able authentication modules or HAM framework before harvesting it,
reducing detectable activity.
Pam Steeler also masquerades as Finder,
encrypts communications with its command and control server,
and uses social engineering to prompt victims for full-disc access.
Researchers say the malware employs environment checks,
regional exclusions, anti-analysis techniques,
and native MacOS APIs to evade detection,
highlighting the continued evolution of stealthier MacOS-focused credential,
researchers at Z-scaler identified two prompt injection campaigns targeting AI agents through malicious
websites and search engine optimization poisoning. One campaign tricks AI agents into making
cryptocurrency payments by embedding hidden instructions within fake API documentation, while another
uses a typo-squatted website to impersonate the debank cryptocurrency platform, testing
showed several leading large language models
followed the malicious payment instructions
or misidentified the fake site as legitimate.
Z-Scaler warns that as AI agents
become more capable of browsing and completing tasks,
web content itself is emerging
as a significant new attack surface.
Researchers at Pentara Labs
demonstrated how compromising a developer's email account
could allow attackers to hijack Anthropics-Clawed
desktop and achieve remote code execution. By modifying the victim's synchronized Claude
preferences with a hidden prompt, the researchers caused the AI assistant to silently check for
command execution tools and run attacker-controlled commands. If those tools were unavailable,
Claude instead displayed convincing fake error messages that tricked users into installing
software that enabled code execution. Once compromised, the AI assistant effectively became
a persistent command and control channel capable of executing commands and exfiltrating data.
Anthropics said the attack requires an already compromised clot account
and reflects intended functionality rather than a software vulnerability,
while researchers urged organizations to treat AI desktop applications as privileged software
and closely monitor their configurations.
A new report from the IEEE spectrum says,
the rapid growth of AI infrastructure is creating new challenges for electrical grids that extend
beyond rising energy consumption. While attention has focused on the amount of electricity
required by hyper-scale data centers, researchers argue that AI workloads introduce highly dynamic
and unpredictable demand patterns that differ from traditional industrial loads. AI training
and inference can cause abrupt changes in power consumption,
placing additional strain on grid balancing, frequency control, transmission systems, and local
infrastructure. These effects are amplified in regions with dense concentrations of data centers
where synchronized compute and cooling demands can create localized reliability and power
quality issues. Utilities and grid operators are exploring demand response programs,
battery storage, and updated planning modules, but electrical issues.
infrastructure expands far more slowly than AI computing capacity. The article concludes that future grid
planning must account not only for total energy use, but also for demand volatility, workload
synchronization, and geographic concentration as AI infrastructure continues to scale.
Turning to our Monday business briefing, cybersecurity and AI companies announced several major
funding rounds and acquisitions last week. Quantafined raised $200 million in growth funding,
bringing its total funding to $320 million to expand its AI-powered risk intelligence platform
internationally. Agentic AI security startup Stryker secured $64 million to accelerate product
development, threat research, and global expansion, while AI governance platform run layer raised
$30 million to grow its engineering and go-to-market teams. Contextual security company Nebulaoc
closed a $25 million Series A, and Security Architecture Automation Startup Dongard added $3.3 million
to support product development and international growth. On the acquisition front, F5 acquired
AI governance firm SurePath AI to strengthen its enterprise AI security platform, identity
verification company in code acquired
Identic to enhance fraud detection,
and Belgian IT firm Sejika
acquired cybersecurity specialist three point
to expand its capabilities
supporting defense, intelligence,
and critical infrastructure organizations.
Be sure to check out our business briefing
on the Cyberwire website.
That is part of Cyberwire Pro.
Coming up after the break,
my conversation with Geper.
Abby Reich from BitSight. We're discussing how cybercriminal activity is shifting, and anime and AI need adolescent antics. Stick around.
AI is making fishing attacks faster, more convincing, and harder for people to spot, and traditional security awareness and fishing training weren't designed for this level of attack.
Hawkshunt helped security teams prepare employees for the attacks they face every day, with personalized fishing training,
that adapts to each employee and reduces risky behavior over time.
For IT and security leaders looking to strengthen their human layer of defense,
without adding more manual work, visit hoxhunt.com slash cyberwire to learn more.
That's h-o-x-h-U-N-T.com slash cyberwire.
This episode is supported by Black Hat USA.
If you follow the research, you know a lot of it breaks on Black Hat stages.
Hundreds of peer-reviewed briefings, more than 100 hands-on trainings,
and the largest business hall in Black Hat's history.
Six days to learn the skills you'll need tomorrow.
August 1st to the 6th.
Use code Cyberwire for $200 off your briefings pass at blackhat.com.
We'll see you in Vegas.
Gabby Reich is VP for Product Threat Intelligence and Exposure Management at Bitsite.
We recently got together to discuss how CyberCorp,
criminal activity is shifting.
The report, it's an annual report that we generate,
which is based on our ability to cover a lot of insights
and lots of intelligence that we're collecting from multiple sources,
especially sources related to the dark web.
And what we've done in this report is we're collecting insights
and information related to trends that we're seeing,
year over year as related to threat actor activity, related to ransomware trends, different cyber
attacks, for example, hacktivism, what we're seeing in the world of vulnerabilities,
the emerging of AI and how AI is contributing to the threat landscape, and other areas like that.
Well, one of the provocative things that you presented in the report is this notion that the threat landscape isn't getting quieter, it's reorganizing.
What does that mean in practical terms?
Yeah, so I think that what's interesting is that threat actors, what we've seen from the report, are becoming more specialized maybe and more geopolitically aligned.
When we say specialized, these days you can identify specific trends where specific threat actors are focused on specific interests rates and sectors and the same thing related to geopolitical.
So if in the past, threat actors were very opportunistic, spray and prey and activities, these days it's a lot more deliberate targeting based on industry, geography, and strategic values.
These days, it's a lot more deliberate targeting based on industry, geography, and strategic value that will gain on that.
So the landscape may be more fragmented, more geopolitically driven, more harder to track on one hand, but on the other side we also see specific trends as related to specialization.
And the last thing here that I'm sure that we'll talk a lot about is also AI coming into the threat landscape also.
Well, before we get to that, one of the things that the report highlights is what you all have been tracking when it comes to ransomware.
Can you share some of that information with us?
Ransomware, the market dynamics to some extent have shifted.
What I think is different is that it's more distributed.
As I said, I also said before, it's more geopolitically motivated.
It's sometimes less about the payment.
It's more about the leverage.
So there's a couple of things that we've seen.
There are about top five groups that are counting for over 40% of all attacks.
Many of them are Russian-linked or Russian-speaking.
We see that there are different numbers, but the median payment,
has jumped to about almost more than 300% today's,
where it's interesting, on one hand,
many times victims are getting better at refusing to pay,
but on other hand, what we're seeing is that attackers are,
I would like to say, calibrating their operational ways of actually getting more leverage
and what they're doing.
Another thing that maybe is worth mentioning,
related to ransomware, what we're seeing is that there's a shift on the threat actors.
They're shifting the pressure from ransomware demands to payment related to operational
disruption, reputational damage, and legal leverage.
So the shift is, and on one hand, payments are questionable.
Sometimes we saw that the total payments fell to about 60% in 66%, which tells that victims are pushing
back.
But the operational disruption pressure is growing with new ways of new mechanics that the threat actors are looking at.
Well, AI has become part of nearly every cybersecurity conversation these days.
What are some of the issues that you and your colleagues are tracking when it comes to that?
I think that the way we look at AI is that AI is not theoretical anymore.
We're looking at the threats.
Mainstream AI tools are, so it's not about novel AI-related attacks,
but the main aspect that we're seeing is that mainstream AI tools,
everything from cursor to chat GPT, cloud, whatever,
are used and becoming embedded in underground conversations tied to malware development,
planning attacks,
reconnaissance.
So what we're seeing is that
the threat actors are using
the most traditional classic AI tools
that each one of us using,
but they're using it for malicious activities,
as I mentioned before,
from development to planning.
We see in the report,
we mentioned that the underground forms
are flooded with AI-rated discussions
on how to you different tools.
We gave some numbers.
There's about 5.1 million
Gemini mentions of uses of Gemini and so on and so on.
And it's just one example.
So this adoption of pattern is interesting.
So attackers are not using AI to write novel malware.
They're using it to everything around the actual attack.
And they're using it for the research, to understanding technology stacks, to analyze vulnerabilities.
And this is a super interesting aspect there.
The main thing that I would like to say about that is that the AI technology isn't just about scaling the attackers and helping the attackers.
It should also be scaling us, the defenders.
I strongly believe, and many like me in the industry believe that this is a fight that we can win and with the technology.
So the usage of the AI technology is not only in the hands of the attackers, it's also in the hands.
it's also in the hand of defenders,
and we should be using the same tools and better
to be able to defend ourselves, protect ourselves against it.
Well, broadly speaking, based on the information
that you and your colleagues have gathered,
what are your recommendations for the defenders in our audience?
Yeah.
So another, we're talking about AI and to your question.
There's all kinds of new AI models that are helping
helping us on one hand, but also bringing a lot of concern with these frontier AI models.
And the question, what's changing right now in the vulnerabilities and exploitation of these
vulnerabilities is the velocity and the skills and the scale, sorry, of these attacks.
And what it means to us, I think the key thing to me is, and for any security leader,
that is listening to us, I think, to this conversation.
So any security leader listening to the conversation is that prioritization, threat-informed
prioritization is the most important thing right now.
It's not about having a good vulnerability management program.
It's about more than that.
It's having good intelligence, good insights, and to be able to prioritize what matters.
It's not about having the better tools.
It's not having more people faster patching cycles.
It's all, and I will repeat again, it's about prioritization.
And here's why.
Because in the world of AI with the velocity of AI and the scales of AI-driven attacks,
you can't patch everything.
You can't monitor anything, everything.
You can't block everything.
The volume is just too large.
So what you can do is understand what are the vulnerabilities that matter most to your organization,
which threat actors actually could target you, which vendors that you're working with in your supply chain,
have the more exposure that could cascade to you.
And as a result of that, how do you take the action on the issues that matter?
When talking about risk, it's about what should I decide that I want to fix and what are the things that I am accepting as risk.
I'll give you just one example.
Klop, the ransomware group, decided to attack specific organizations a year ago.
And Klop as a ransomware group didn't breach organizations for the sake of breaching specific organizations.
What they did was they leveraged a specific software, move it.
And what they did was they went through a shared platform.
Once you're exposed, they were cascading the impact.
So my point is that you need to be able to prioritize what is important to you.
And every organization is different.
Understanding your threat context, what sector, what industry you're in,
what are your geopolitical risks?
How does your attack surface look?
what are the places in your organization from an attack surface which is more important to your business?
And based on that, taking the right decisions and understanding how to prioritize accordingly.
That's Gabby Reich, VP of Product, Threat Intelligence and Exposure Management at Bitsite.
As organizations grow, so does complexity.
New applications are deployed, vendors are granted temporary access, and remote support tools are installed.
of them never go away. In my recent conversation at RSAC 2026 with Rob Allen, chief product officer at Threat Locker,
he explains how these forgotten tools create hidden pathways into enterprise environments and why attackers
increasingly exploit what's already inside the network instead of trying to break through the
perimeter. Learn how to reduce lingering access, shrink your attack surface, and implement
zero trust more effectively by listening to the full conversation at
explore.thecyberwire.com slash threat locker.
And finally, a 15-year-old student from Japan's Sayatama prefecture has been arrested for
allegedly launching a cyber attack that disrupted Bandai Channel, an anime streaming service
operated by Bandai Namco Filmworks. Police say the teenager used a program he developed
with assistance from chat GPT to exploit a vulnerability in the company's systems,
sending false data that led to the unauthorized cancellation of over 46,000 subscription accounts.
The attack temporarily disrupted operations, with full service not restored until months later.
Investigators believe the student uncovered the flaw himself and used it to access account
information. He reportedly admitted to the incident,
explaining that he had been teaching himself computers since elementary school and bore no ill will toward the company.
It's a reminder that just because you've watched every episode of Ghost in the Shell doesn't mean you're supposed to recreate the plot.
Sometimes the most powerful move is logging off before your origin story turns into a police report.
And that's the Cyberwire.
For links to all of today's stories, check out our daily briefing at the Cyberwire.com.
We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes or send an email to Cyberwire at N2K.com.
N2K's lead producer is Liz Stokes. We're mixed by Trey Hester with original music and sound designed by Elliot Peltzman, our contributing.
host is Maria Vermazas. Our executive producer is Jennifer Ivan. Peter Kilpe is our publisher,
and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.
Hey, y'all, it's Kelly Clarkson with Wayfair. Ever order furniture online and wonder what if? Like,
what if it doesn't hold up? That sofa was four days old. You should have ordered from Wayfair.
With Wayfair, there's no what if. Just style you love and quality you can trust. Visit Wayfair.ca.
Wayfair, every style, every home.
What happens when AI agents gain access to the same systems, applications, and credentials as your employees?
According to Arvind Nithrakeshiap, CTO and co-founder of Rubrik, that reality is already here.
As AI agents proliferate across enterprise environments, organizations face a growing challenge.
How do you govern systems that operate at machine speed?
To learn more about AI sprawl, the risk it creates, and how,
organizations can prepare, visit explore.
TheCyberwire.com slash rubric to hear the full conversation.
