CyberWire Daily - NetNut gets cracked.

Episode Date: July 6, 2026

The FBI disrupts a major residential proxy service. Attackers exploit Fortinet firewalls to target UK officials. European lawmakers call for a spyware investigation. A new macOS infostealer masquerade...s as a clipboard manager. Prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning. Researchers trick Claude into remote code execution. AI’s strain on the power grid is complicated. Monday business briefing. Our guest is Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. Anime and AI meet adolescent antics.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. You can learn more here. Selected Reading FBI Seizes NetNut Domains as Google Disrupts 2M Device Proxy Network (HackRead) Russian hackers steal government logins (The Telegraph) Lawmaker Probing Pegasus Spyware Infected Using Same Malware (BankInfo Security) PamStealer: a Rust-based macOS infostealer that validates credentials through PAM (Jamf) Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments (SecurityWeek) Red teamers turned Claude Desktop into a double agent to do their evil bidding (The Register) How Data Centers Grid Instability Threatens Reliability (IEEE Spectrum) Quantifind has secured $200 million in a funding round led by Summit Partners. (N2K Pro Business Briefing)  Japanese teen arrested for cyberattack that unsubscribed over 46,000 anime accounts (The Straits Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 You're listening to the Cyberwire Network, powered by N2K. Heading to this year's Black Hat USA, the N2K Cyberwire team will be on site recording from our podcast studio in the SpectorOps Kennel Club. If you're interested in joining us for a conversation or learning more about what we're recording throughout the week, visit sponsor.com for more information. And make sure you stop by the studio and meet the N2Siberwire. 2K Cyberwire team. We'll see you there. What's the one thing in business that's spreading as fast as AI? AI risk.
Starting point is 00:00:53 Every new tool your team signs up for, every vendor that turns on AI features, every new integration. Each one is an opportunity for something to go wrong. And most security programs weren't built for AI's pace of growth. Enter Vanta. Vanta is the number one agentic trust platform, used by over 16,000. fast-moving companies like Ramp, Cursor, and Harvey to ensure they're always audit-ready. And now Vanta is helping companies like yours watch for the risks that show up between audits, across your vendors, your AI tools, and your whole environment.
Starting point is 00:01:30 How? The Vanta agent works like a 24-7 GRC engineer in the background, finding issues, drafting fixes, and cutting vendor assessment time by up to 50%. Whether you're a fast-growing startup or a global enterprise, Vanta is here to help you automate your security and compliance and earn and prove trust. Get started today at Vanta.com slash cyber. That's V-A-T-A dot com slash cyber. The FBI disrupts a major residential proxy service.
Starting point is 00:02:20 Attackers exploit fortinet firewalls to target UK officials. European lawmakers call for a spyware investigation. A new macOS info stealer masquerades as a clipboard manager, prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning. Researchers trick clawed into remote code execution. AI's strain on the power grid is complicated. We got your Monday business briefing. Our guest is Gabby Reich, VP of Product, threat intelligence and exposure management at BITSight,
Starting point is 00:02:53 with insights on how cybercriminal activity is shifting. and anime and AI meet adolescent antics. It's Monday, July 6, 26. I'm Dave Bittner, and this is your Cyberwire Intel briefing. Thanks for joining us here today. It is great as always to have you with us. The FBI and IRS criminal investigation with support from Google,
Starting point is 00:03:44 Lumen's Black Lotus Labs, and the Shadow Server Foundation, sees domains linked to NetNNN Nut, disrupting a major residential proxy service. Netnut, owned by Israel-based Alarum Technologies, provided residential proxies that routed internet traffic through consumer devices, a service used for legitimate business purposes, but also exploited by cybercriminals. Google said the network relied on at least two million devices, many of them Android's
Starting point is 00:04:16 smart TVs and streaming boxes, some of which were enrolled through. pre-installed software or hidden software development kits. Researchers observed hundreds of threat clusters using net-nut infrastructure for password spraying, unauthorized access attempts, and other malicious activity. Google disabled net-nut-related infrastructure, shared threat intelligence, and updated play-protect to detect to detect affected applications.
Starting point is 00:04:45 Alarum said it would cooperate with investigators and warned investors that the disruptors could significantly affect its business. Researchers have also linked net-nut infrastructure to several botnet operations. A large-scale cyber campaign targeting Fortinette firewalls has exposed login credentials belonging to UK government officials, overseas foreign office staff, local authorities, and organizations supporting critical infrastructure. Researchers say attackers used previously leaked credentials to bypassed.
Starting point is 00:05:20 security controls and gain access to sensitive networks, with stolen accounts now reportedly being sold on dark web forums. The UK's National Cybersecurity Center confirmed an ongoing brute force campaign against Fortnite devices and urged organizations to audit systems, isolate compromised devices, and change reused passwords. While the attack has been linked to Russian-speaking hackers based on technical evidence, Officials say there's no evidence of direct Russian state involvement. Security experts warn the stolen credentials could enable ransomware attacks against health care,
Starting point is 00:05:59 government, and other essential services if organizations fail to secure affected systems. European lawmakers are calling for a new spyware investigation after researchers found that former European Parliament member Stelio Kulaglao was infected with NSO Group's Pegasus spyware while serving on the Parliament's Pega Committee, which was investigating spyware abuses. According to Citizen Lab, KulaGlau's iPhone was compromised in October 2022 and again in early 2003 using the Pone Your Home Zero-Click exploit, with the attacks occurring during key stages of the committee's work. Researchers urge the European Parliament to launch an immediate investigation and expand spyware screening for members' devices.
Starting point is 00:06:51 Political groups across Parliament echoed those calls, arguing that recommendations issued by the Pega Committee in 2023, including stronger oversight and tighter controls on commercial spyware, have not been fully implemented. JAMPF Threat Labs has identified a new MacOS InfoStealer, dubbed Pam Steeler, disguised as the legitimate Maxiore, maxi clipboard manager. Distributed as a compiled Apple script inside a disk image, the malware downloads
Starting point is 00:07:24 a rust-based second-stage payload that steals credentials, browser data, clipboard contents, and cryptocurrency wallet information while establishing persistence. Its standout feature is locally validating a victim's macOS password through the plug-able authentication modules or HAM framework before harvesting it, reducing detectable activity. Pam Steeler also masquerades as Finder, encrypts communications with its command and control server, and uses social engineering to prompt victims for full-disc access. Researchers say the malware employs environment checks,
Starting point is 00:08:04 regional exclusions, anti-analysis techniques, and native MacOS APIs to evade detection, highlighting the continued evolution of stealthier MacOS-focused credential, researchers at Z-scaler identified two prompt injection campaigns targeting AI agents through malicious websites and search engine optimization poisoning. One campaign tricks AI agents into making cryptocurrency payments by embedding hidden instructions within fake API documentation, while another uses a typo-squatted website to impersonate the debank cryptocurrency platform, testing showed several leading large language models
Starting point is 00:08:49 followed the malicious payment instructions or misidentified the fake site as legitimate. Z-Scaler warns that as AI agents become more capable of browsing and completing tasks, web content itself is emerging as a significant new attack surface. Researchers at Pentara Labs demonstrated how compromising a developer's email account
Starting point is 00:09:13 could allow attackers to hijack Anthropics-Clawed desktop and achieve remote code execution. By modifying the victim's synchronized Claude preferences with a hidden prompt, the researchers caused the AI assistant to silently check for command execution tools and run attacker-controlled commands. If those tools were unavailable, Claude instead displayed convincing fake error messages that tricked users into installing software that enabled code execution. Once compromised, the AI assistant effectively became a persistent command and control channel capable of executing commands and exfiltrating data. Anthropics said the attack requires an already compromised clot account
Starting point is 00:09:57 and reflects intended functionality rather than a software vulnerability, while researchers urged organizations to treat AI desktop applications as privileged software and closely monitor their configurations. A new report from the IEEE spectrum says, the rapid growth of AI infrastructure is creating new challenges for electrical grids that extend beyond rising energy consumption. While attention has focused on the amount of electricity required by hyper-scale data centers, researchers argue that AI workloads introduce highly dynamic and unpredictable demand patterns that differ from traditional industrial loads. AI training
Starting point is 00:10:42 and inference can cause abrupt changes in power consumption, placing additional strain on grid balancing, frequency control, transmission systems, and local infrastructure. These effects are amplified in regions with dense concentrations of data centers where synchronized compute and cooling demands can create localized reliability and power quality issues. Utilities and grid operators are exploring demand response programs, battery storage, and updated planning modules, but electrical issues. infrastructure expands far more slowly than AI computing capacity. The article concludes that future grid planning must account not only for total energy use, but also for demand volatility, workload
Starting point is 00:11:30 synchronization, and geographic concentration as AI infrastructure continues to scale. Turning to our Monday business briefing, cybersecurity and AI companies announced several major funding rounds and acquisitions last week. Quantafined raised $200 million in growth funding, bringing its total funding to $320 million to expand its AI-powered risk intelligence platform internationally. Agentic AI security startup Stryker secured $64 million to accelerate product development, threat research, and global expansion, while AI governance platform run layer raised $30 million to grow its engineering and go-to-market teams. Contextual security company Nebulaoc closed a $25 million Series A, and Security Architecture Automation Startup Dongard added $3.3 million
Starting point is 00:12:29 to support product development and international growth. On the acquisition front, F5 acquired AI governance firm SurePath AI to strengthen its enterprise AI security platform, identity verification company in code acquired Identic to enhance fraud detection, and Belgian IT firm Sejika acquired cybersecurity specialist three point to expand its capabilities supporting defense, intelligence,
Starting point is 00:12:59 and critical infrastructure organizations. Be sure to check out our business briefing on the Cyberwire website. That is part of Cyberwire Pro. Coming up after the break, my conversation with Geper. Abby Reich from BitSight. We're discussing how cybercriminal activity is shifting, and anime and AI need adolescent antics. Stick around. AI is making fishing attacks faster, more convincing, and harder for people to spot, and traditional security awareness and fishing training weren't designed for this level of attack.
Starting point is 00:13:54 Hawkshunt helped security teams prepare employees for the attacks they face every day, with personalized fishing training, that adapts to each employee and reduces risky behavior over time. For IT and security leaders looking to strengthen their human layer of defense, without adding more manual work, visit hoxhunt.com slash cyberwire to learn more. That's h-o-x-h-U-N-T.com slash cyberwire. This episode is supported by Black Hat USA. If you follow the research, you know a lot of it breaks on Black Hat stages. Hundreds of peer-reviewed briefings, more than 100 hands-on trainings,
Starting point is 00:14:41 and the largest business hall in Black Hat's history. Six days to learn the skills you'll need tomorrow. August 1st to the 6th. Use code Cyberwire for $200 off your briefings pass at blackhat.com. We'll see you in Vegas. Gabby Reich is VP for Product Threat Intelligence and Exposure Management at Bitsite. We recently got together to discuss how CyberCorp, criminal activity is shifting.
Starting point is 00:15:20 The report, it's an annual report that we generate, which is based on our ability to cover a lot of insights and lots of intelligence that we're collecting from multiple sources, especially sources related to the dark web. And what we've done in this report is we're collecting insights and information related to trends that we're seeing, year over year as related to threat actor activity, related to ransomware trends, different cyber attacks, for example, hacktivism, what we're seeing in the world of vulnerabilities,
Starting point is 00:16:02 the emerging of AI and how AI is contributing to the threat landscape, and other areas like that. Well, one of the provocative things that you presented in the report is this notion that the threat landscape isn't getting quieter, it's reorganizing. What does that mean in practical terms? Yeah, so I think that what's interesting is that threat actors, what we've seen from the report, are becoming more specialized maybe and more geopolitically aligned. When we say specialized, these days you can identify specific trends where specific threat actors are focused on specific interests rates and sectors and the same thing related to geopolitical. So if in the past, threat actors were very opportunistic, spray and prey and activities, these days it's a lot more deliberate targeting based on industry, geography, and strategic values. These days, it's a lot more deliberate targeting based on industry, geography, and strategic value that will gain on that. So the landscape may be more fragmented, more geopolitically driven, more harder to track on one hand, but on the other side we also see specific trends as related to specialization.
Starting point is 00:17:22 And the last thing here that I'm sure that we'll talk a lot about is also AI coming into the threat landscape also. Well, before we get to that, one of the things that the report highlights is what you all have been tracking when it comes to ransomware. Can you share some of that information with us? Ransomware, the market dynamics to some extent have shifted. What I think is different is that it's more distributed. As I said, I also said before, it's more geopolitically motivated. It's sometimes less about the payment. It's more about the leverage.
Starting point is 00:18:03 So there's a couple of things that we've seen. There are about top five groups that are counting for over 40% of all attacks. Many of them are Russian-linked or Russian-speaking. We see that there are different numbers, but the median payment, has jumped to about almost more than 300% today's, where it's interesting, on one hand, many times victims are getting better at refusing to pay, but on other hand, what we're seeing is that attackers are,
Starting point is 00:18:40 I would like to say, calibrating their operational ways of actually getting more leverage and what they're doing. Another thing that maybe is worth mentioning, related to ransomware, what we're seeing is that there's a shift on the threat actors. They're shifting the pressure from ransomware demands to payment related to operational disruption, reputational damage, and legal leverage. So the shift is, and on one hand, payments are questionable. Sometimes we saw that the total payments fell to about 60% in 66%, which tells that victims are pushing
Starting point is 00:19:21 back. But the operational disruption pressure is growing with new ways of new mechanics that the threat actors are looking at. Well, AI has become part of nearly every cybersecurity conversation these days. What are some of the issues that you and your colleagues are tracking when it comes to that? I think that the way we look at AI is that AI is not theoretical anymore. We're looking at the threats. Mainstream AI tools are, so it's not about novel AI-related attacks, but the main aspect that we're seeing is that mainstream AI tools,
Starting point is 00:20:04 everything from cursor to chat GPT, cloud, whatever, are used and becoming embedded in underground conversations tied to malware development, planning attacks, reconnaissance. So what we're seeing is that the threat actors are using the most traditional classic AI tools that each one of us using,
Starting point is 00:20:28 but they're using it for malicious activities, as I mentioned before, from development to planning. We see in the report, we mentioned that the underground forms are flooded with AI-rated discussions on how to you different tools. We gave some numbers.
Starting point is 00:20:44 There's about 5.1 million Gemini mentions of uses of Gemini and so on and so on. And it's just one example. So this adoption of pattern is interesting. So attackers are not using AI to write novel malware. They're using it to everything around the actual attack. And they're using it for the research, to understanding technology stacks, to analyze vulnerabilities. And this is a super interesting aspect there.
Starting point is 00:21:15 The main thing that I would like to say about that is that the AI technology isn't just about scaling the attackers and helping the attackers. It should also be scaling us, the defenders. I strongly believe, and many like me in the industry believe that this is a fight that we can win and with the technology. So the usage of the AI technology is not only in the hands of the attackers, it's also in the hands. it's also in the hand of defenders, and we should be using the same tools and better to be able to defend ourselves, protect ourselves against it. Well, broadly speaking, based on the information
Starting point is 00:21:57 that you and your colleagues have gathered, what are your recommendations for the defenders in our audience? Yeah. So another, we're talking about AI and to your question. There's all kinds of new AI models that are helping helping us on one hand, but also bringing a lot of concern with these frontier AI models. And the question, what's changing right now in the vulnerabilities and exploitation of these vulnerabilities is the velocity and the skills and the scale, sorry, of these attacks.
Starting point is 00:22:35 And what it means to us, I think the key thing to me is, and for any security leader, that is listening to us, I think, to this conversation. So any security leader listening to the conversation is that prioritization, threat-informed prioritization is the most important thing right now. It's not about having a good vulnerability management program. It's about more than that. It's having good intelligence, good insights, and to be able to prioritize what matters. It's not about having the better tools.
Starting point is 00:23:15 It's not having more people faster patching cycles. It's all, and I will repeat again, it's about prioritization. And here's why. Because in the world of AI with the velocity of AI and the scales of AI-driven attacks, you can't patch everything. You can't monitor anything, everything. You can't block everything. The volume is just too large.
Starting point is 00:23:41 So what you can do is understand what are the vulnerabilities that matter most to your organization, which threat actors actually could target you, which vendors that you're working with in your supply chain, have the more exposure that could cascade to you. And as a result of that, how do you take the action on the issues that matter? When talking about risk, it's about what should I decide that I want to fix and what are the things that I am accepting as risk. I'll give you just one example. Klop, the ransomware group, decided to attack specific organizations a year ago. And Klop as a ransomware group didn't breach organizations for the sake of breaching specific organizations.
Starting point is 00:24:35 What they did was they leveraged a specific software, move it. And what they did was they went through a shared platform. Once you're exposed, they were cascading the impact. So my point is that you need to be able to prioritize what is important to you. And every organization is different. Understanding your threat context, what sector, what industry you're in, what are your geopolitical risks? How does your attack surface look?
Starting point is 00:25:02 what are the places in your organization from an attack surface which is more important to your business? And based on that, taking the right decisions and understanding how to prioritize accordingly. That's Gabby Reich, VP of Product, Threat Intelligence and Exposure Management at Bitsite. As organizations grow, so does complexity. New applications are deployed, vendors are granted temporary access, and remote support tools are installed. of them never go away. In my recent conversation at RSAC 2026 with Rob Allen, chief product officer at Threat Locker, he explains how these forgotten tools create hidden pathways into enterprise environments and why attackers increasingly exploit what's already inside the network instead of trying to break through the
Starting point is 00:26:05 perimeter. Learn how to reduce lingering access, shrink your attack surface, and implement zero trust more effectively by listening to the full conversation at explore.thecyberwire.com slash threat locker. And finally, a 15-year-old student from Japan's Sayatama prefecture has been arrested for allegedly launching a cyber attack that disrupted Bandai Channel, an anime streaming service operated by Bandai Namco Filmworks. Police say the teenager used a program he developed with assistance from chat GPT to exploit a vulnerability in the company's systems, sending false data that led to the unauthorized cancellation of over 46,000 subscription accounts.
Starting point is 00:27:04 The attack temporarily disrupted operations, with full service not restored until months later. Investigators believe the student uncovered the flaw himself and used it to access account information. He reportedly admitted to the incident, explaining that he had been teaching himself computers since elementary school and bore no ill will toward the company. It's a reminder that just because you've watched every episode of Ghost in the Shell doesn't mean you're supposed to recreate the plot. Sometimes the most powerful move is logging off before your origin story turns into a police report. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing at the Cyberwire.com.
Starting point is 00:28:01 We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to Cyberwire at N2K.com. N2K's lead producer is Liz Stokes. We're mixed by Trey Hester with original music and sound designed by Elliot Peltzman, our contributing. host is Maria Vermazas. Our executive producer is Jennifer Ivan. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Hey, y'all, it's Kelly Clarkson with Wayfair. Ever order furniture online and wonder what if? Like, what if it doesn't hold up? That sofa was four days old. You should have ordered from Wayfair.
Starting point is 00:29:06 With Wayfair, there's no what if. Just style you love and quality you can trust. Visit Wayfair.ca. Wayfair, every style, every home. What happens when AI agents gain access to the same systems, applications, and credentials as your employees? According to Arvind Nithrakeshiap, CTO and co-founder of Rubrik, that reality is already here. As AI agents proliferate across enterprise environments, organizations face a growing challenge. How do you govern systems that operate at machine speed? To learn more about AI sprawl, the risk it creates, and how, organizations can prepare, visit explore.
Starting point is 00:29:49 TheCyberwire.com slash rubric to hear the full conversation.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.