CyberWire Daily - Persistent threats in a shifting battlefield.
Episode Date: March 18, 2026Iran’s cyber ops stay resilient. U.S. lawmakers press Big Tech on EU rules. Researchers expose a Fancy Bear server. Japan moves toward offensive cyber. CISA calls for cross-agency teamwork. New malw...are targets network infrastructure. AI fooled by font-based attacks. Schneider Electric warns of critical flaws. Quantum cryptography earns top honors. Guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. Smart glasses on the witness stand. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. You can dig into the details of what Bradon discussed in Gartner’s “Cybersecurity Must Block AI Browsers for Now.” You can hear the full interview here. Selected Reading U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued (Forbes) US committee demands Big Tech share private comms with EU officials (POLITICO) FancyBear Exposed: Major OPSEC Blunder Inside Russian Espionage Ops (Ctrl-Alt-Intel) Japan to allow ‘proactive cyber-defense’ from October 1st (The Register) CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors (CyberScoop) New Malware Highlights Increased Systematic Targeting of Network Infrastructure (Eclypsium) Poisoned Typeface: How Simple Font Rendering Poisons Every AI Assistant, And Only Microsoft Cares (LayerX) Schneider Electric Patches Critical RCE Vulnerability in SCADAPack RTUs (Beyond Machines) Turing Award Goes to Inventors of Quantum Cryptography (The New York Times) Witness Caught Using Smartglasses in Court Blames it all on ChatGPT (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
AI is changing how enterprises operate and how they stay protected.
It's time to eliminate risk and protect innovation.
From March 23rd through the 26th, join Trend AI for actionable AI security insights.
Catch impactful sessions at RSC, then unwind and grab a bite at their lounge in Trapasue.
Experience industry-leading AI security.
person, engage with the experts, and get your chance to win $500,000.
San Francisco lets AI fearlessly. Learn more at trendmicro.com slash RSA.
Iran's cyber ops stay resilient. U.S. lawmakers press big tech on EU rules.
Researchers expose a fancy bear server. Japan moves toward offensive cyber. Sisa calls for
cross-agency teamwork. New malware targets network information.
infrastructure. AI gets fooled by font-based attacks. Schneider Electric warns of critical flaws.
Quantum cryptography earns top honors. Our guest is Braden Rogers, chief customer officer at Island,
discussing how to make AI browsers safe for enterprises. And smart glasses on the witness stand.
It's Wednesday, March 18, 2026. I'm Dave Bittner, and this is your Cyberwire Intel briefing.
Thanks for joining us here today. It's great as always to have you with us.
U.S. and Israeli strikes on Iran reportedly killed two individuals tied to state-backed cyber operations,
but activity from affiliated hacking groups continues.
Among those killed were Mohamed Medi Farhadi Rameen,
charged by the Justice Department in 2020 for hacking U.S. aerospace and defense firms,
and Sayyad Yaha Hoseini Panjaki,
and intelligence official linked by the FBI to cyber attacks and terror plots.
Cyber security sources say Panjaki oversaw groups like Handela.
Despite this, Handela claimed a major attack on medical device company's Stryker,
alleging large-scale data destruction.
Stryker confirmed a Microsoft system compromise, but said restoration is underway.
Additional claims targeted Verifone, which reported no breach,
while another MOIS-linked group disrupted Albania's parliament email systems.
Iran's cyber operations appear resilient and decentralized.
Groups continue operating despite leadership losses using tools like Starlink and possibly AI,
that suggests sustained cyber risk for Western organizations and allies,
even amid kinetic conflict.
The House Judiciary Committee is pressing major to,
tech firms to hand over communications with European Commission officials tied to enforcement of
EU digital rules. In letters to companies including alphabet, meta, Microsoft, TikTok, and X,
chairman Jim Jordan said firms must preserve and produce records under February subpoenas,
including messages set to auto-delete. The request follows reports that EU officials,
including Digital Services Act enforcer Prabhat Agrawal,
shifted to encrypted messaging apps like signal with disappearing messages.
The committee alleges potential censorship under the EU's Digital Services Act,
while the commission denies the claims and says it aims to reduce user risk.
The dispute highlights growing tension over platform regulation and data retention,
with potential legal and compliance risks for global tech companies,
handling cross-border communications.
Researchers say an exposed server linked to Russia's fancy bear
revealed a broad espionage campaign targeting government and military webmail
across Eastern Europe and the Balkans.
Building on Hunt I.O.'s March 11th analysis,
Control Alt-Intel says it found a second open directory on the same server
containing command and control code, payloads, telemetry lines,
and exfiltrated data.
The researchers report more than 2,800 stolen emails,
240 credential sets,
140 forwarding rules,
and over 11,000 harvested contact addresses.
Victims include entities in Ukraine, Romania, Bulgaria, Greece, Serbia, and North Macedonia.
The report also describes a previously unreported
Squirrel Mail cross-site scripting payload.
According to the analysis,
the same server had been tied to earlier CERT-U-A reporting
and remained active for more than 500 days.
The exposure shows both the reach and persistence of the operation.
It also suggests that simple operational security failures
can give defenders unusual insight into sophisticated state-linked tradecraft.
Japan will allow its self-defense forces to conduct offensive cyber operations
beginning October 1st, marking a notable shift in national security policy.
Chief Cabinet Secretary Manuru Qahari said,
the move reflects a worsening threat environment
and the growing impact of cyberattacks on daily life and the economy.
A government cyber management committee will approve or reject operations.
If authorized, police and the self-defense forces can attack and disable infrastructure
used in cyber attacks, with protections for the security.
for citizen privacy.
This expands Japan's interpretation of self-defense into cyberspace and signals a more proactive
posture against digital threats.
A senior SISA official says the U.S. government should take a more flexible approach
when leading cybersecurity efforts across critical infrastructure sectors.
Speaking at an event hosted by Auburn University's McCrary Institute, acting CISA director
Nick Anderson said rigid adherence to sector risk management agency roles can slow effective response.
Instead, agencies should defer to whichever organization has the strongest relationship with affected
operators, whether that's SISA, the Department of Energy, the FBI, or others.
Anderson pointed to past coordination challenges, including responses tied to Guam incidents
linked by Microsoft to Volt Typhoon.
lawmakers have also questioned SISA's capacity
following telecom-focused activities attributed to another group, Salt Typhoon.
Effective incident response may depend less on formal roles
and more on trusted partnerships,
especially as threats grow in scale and complexity.
New malware samples highlight a growing trend of threat actors
targeting network infrastructure to gain access and scale attacks.
Researchers at Eclipse
identified two previously undocumented strains. One, a CondiBot variant derived from the Maribotnet,
turns compromised Linux devices into DDoS nodes. The other, Monaco, Root forces secure shell
credentials to deploy crypto mining malware across servers, routers, and IoT devices. The report says
these tools are multi-architecture and not limited to specific vendors. Supporting data for
Verizon and Google indicate a sharp rise in exploitation of network devices, often with little
delay between vulnerability disclosure and attack. Network infrastructure offers attackers
persistent, low-visibility access and a foothold for broader compromise across enterprise
environments. Researchers say a simple custom font technique can trick AI assistance into missing
malicious instructions hidden in webpages.
Layer X demonstrated a proof of concept where harmless text appears in the underlying HTML,
while browser-rendered content shows instructions leading to a reverse shell.
The attack uses custom fonts and CSS to alter visible meaning without changing the document object model that AI tools analyze.
In testing, multiple assistants failed to detect the threat and judge the page safe.
The technique requires no exploit.
or JavaScript and relies on a gap between what AI systems parse and what users see.
Attackers can exploit AI-assisted workflows for social engineering,
potentially leading to harmful user actions or data exposure.
Schneider Electric has issued a critical advisory for a vulnerability affecting its
SCADA-pack remote terminal units and remote connect software.
With a CVSS score of 9.8, the flaw involves impromptory.
proper input validation in Modbus TCP communications.
The company says attackers can exploit it with crafted network packets
to execute arbitrary code with system level privileges
or cause denial of service and data compromise.
Multiple versions and products are affected.
Schneider Electric urges immediate updates
and recommends network segmentation and access controls
where patching is delayed.
Charles Bennett and Gilles Brassard have been awarded the Turing Award for developing quantum
cryptography, a breakthrough that's helped redefine how sensitive data is protected.
Their work in the 1980s included the BB-84 protocol, which uses photons to generate
encryption keys that reveal any interception attempt.
Because measuring quantum particles changes their state, eavesdropping leaves detectable
traces. The researchers later expanded into quantum teleportation, demonstrating secure data transfer
using entanglement. At the time, these ideas were largely theoretical. Today, they're gaining
traction as companies like Google and Microsoft advanced quantum computing, which experts believe
could break widely used encryption methods developed in the 1970s. Experts say organizations
may need to transition to quantum-resistant approaches.
Quantum cryptography offers a model
where security is rooted in physics,
not computational difficulty,
as the threat landscape evolves.
Coming up after the break,
my conversation with Braden Rogers from Island,
we're discussing making AI browsers safe for enterprises,
and smart glasses on the witness stand.
Stay with us.
No, it's not your imagination.
risk and regulation really are ramping up, and these days customers expect proof of security
before they'll even do business. That's where Vanta comes in. Vanta automates your compliance process
and brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're
getting ready for a SOC2 or managing an enterprise governance risk and compliance program, Vanta
helps keep you secure and keeps your deals moving.
Companies like Ramp and writers spend 82% less time on audits with Vanta.
That means less time chasing paperwork and more time focused on growth.
For me, it comes down to this.
Over 10,000 companies from startups to large enterprises trust Vanta to help prove their security.
Get started at vanta.com slash cyber.
Most security conferences talk about zero trust.
Zero trust world puts you inside.
This is a hands-on cybersecurity event designed for practitioners who want real skills, not just theory.
You'll take part in live hacking labs, where you'll attack real environments, see how modern threats actually work,
and learn how to stop them before they turn into incidents.
But Zero Trust World is more than labs.
You'll also experience expert-led sessions, practical case studies, and technical deep dives focused on real-world implementation.
Whether your blue team, red team, or responsible for securing an entire organization,
the content is built to be immediately useful.
You'll earn CPE credits, connect with peers across the industry,
and leave with strategies you can put into action right away.
Join us, March 4th through the 6th in Orlando, Florida.
Register now at ZTW.com and take your zero-trust strategy from theory to execution.
Braden Rogers is chief customer officer at Ireland,
and in today's sponsored industry voices segment,
we discuss making AI browsers safe for enterprises.
As you think about the arrival of AI,
kind of on the mainstream scene several years ago,
the natural interface our users have used for many years,
that they're quite familiar with.
You think the most common pervasive interface
the users know in an environment, it's a browser.
You don't have to train your end users on how to use a browser,
they know what it looks like and they see it,
they know exactly what to do with it.
And along comes AI,
and you see just a few years ago,
the core natural habitat for AI
it began in the browser interface.
And the result is a lot of really cool stuff
that's happened in, you know,
it's past almost three years now at this point,
I guess three years or so.
But what's interesting is the core of that universe
for the end users continued to be browser-centric.
So as you start thinking about the browser we've all used,
you kind of have to go back many, many years.
The world began to move to web-based apps very heavily.
Obviously, your SaaS universe is entirely a browser-based universe.
And yet the browser we all used is a consumer-grade piece of technology,
specifically built for a different purpose.
And there's nothing wrong with it.
It's serving billions of users around the world very readily and healthy ways for many years.
But yet, the needs of the organization differ.
And so as you start thinking about the requirements for an enterprise environment,
you need to have some basic things, basically blocking and tackling things like data protection elements.
You've got orgs that have compliance mandates they have to live up to.
They've got applications and resources that are on the inside of the environment.
As you think about the evolution of the browser, you know, at Ireland in particular,
we said it would make a lot of sense.
What if the browser that we use that familiar interface where we don't have to train end user
and we transform that into something
that's more enterprise ready, more enterprise grade.
Built services natively into protect data
to keep the users safe.
To make sure users had access to the right applications
and resources, they need to do their job
and use the browsers as an actual application delivery environment.
Create a purpose-built browser,
but at the end of the day,
let the users use it the way they've been using it for years,
but actually convert it to the purpose
that actually we're needing it for today,
which is delivery of apps.
And then along comes AI,
in the conversation a minute ago,
and it just slip streams perfectly into the user's workflow in the world of Ireland in particular,
but obviously you get your consumer browsers.
That's a whole different ball of wax at the end of the day.
You've got these consumer browsers that have been there for years.
Now users are engaging AI there.
And then now you get some of these AI providers go, well, you know what?
It's a brilliant idea.
Maybe we should just build our own browser for the consumers and give the users access to our AI via our browser.
And so now you're seeing browsers with AI capabilities built into them.
They call them Miogenic browser.
I'm sure we'll talk more about that in a bit.
But now you get this wave of additional browsers
to come to the table, but all coming from it
with a very consumer-centric angle.
And the orgs need more.
They didn't abandon their requirements of data protection,
all the things I mentioned before, Dave.
So the evolution of the browser and the rush
toward more and more browser-centric stuff
is being accelerated by AI.
And then obviously a lot of the AI providers
are delivering their own agentic browsers now as a result too.
Well, help me understand here.
I mean, is it splitting hairs or is it a fair thing to say that there are browsers that include some enterprise functionality, some enterprise tools, but that's different from a true enterprise browser built from the ground up. Is that a fair thing to say?
Yeah, I definitely agree with what you said there. I think, you know, many of our existing browsers, they've wedged in the ability to create some basic enterprise settings.
Let's call them what they are.
other basic settings, but the idea that we would transform the browser into something where we
manage true actual policy and leverage, you know, what we call the last mile, but we'll take
advantage of the presentation layer of the engagement and, you know, take AI aside for the moment,
but be able to do things like redact certain data for certain audiences of users and very basic
blocking and tackling elements to let the browser actually have an understanding contextually
of what it's engaging, both in terms of the identity of the user or the device, and I say both,
many other things as well.
The application, the tenant and tenancy recognition is very important.
We can talk more about that in the universe of AI as well because, you know,
users have their personal stuff they're using for personal chat, GPT and personal grok
and other stuff like that.
And then the organizations are adopting their own enterprise versions of that.
So tenancy recognition is super important at the end of the day.
But at the end of the day, it all goes right back to the core that a browser is at the center
of that universe and what you talked about before, your existing browsers.
By and large, funded and built for the consumer need, with some of them,
having some capabilities of centralized control.
And I'd call them a managed browser at best in that case.
You know, I think it was back in December.
I saw a report from Gartner and one of their takeaways,
they said cybersecurity must block AI browsers for now.
So they were being very hesitant about this.
Is that where we stand right now?
Yeah, we couldn't agree more with Gartner when it comes to the consumer grade
AI browsers that are in the market at the moment.
Never was it more apparent.
I don't know if you saw the Super Bowl ads where one of the specific AI providers
was banging on all the other providers about being consumer-centric.
They were funny ads.
They were hilarious and they were literally spot on.
But the general focus around the universe of AI has been a very consumer-centric approach
because they're monetizing at the end of the day.
And the ads were making fun of the fact that AI is being built for targeted advertising
and monetize there.
But if you go back to what we need to do, if we want to use it in an enterprise environment,
we've got to make it enterprise grade, got to make an enterprise ready.
And that's where the convergence of what we see with the enterprise browser has so much power
when you take the consumer AI stuff, you could turn and make any AI environment,
make it an enterprise grade AI environment when you leverage it in the context of an enterprise browser.
Well, explain to me how that works.
I mean, how do you combine those two things, the powerful functionality,
the potential of AI with a browser that's pre-equipped to be able to handle it and make it safe?
Yeah, there's a number of things.
First of all, it's contextual understanding when you're talking about a user's own decision of what they engage,
just like today, you know, if you were to load up a tab in your browser and go to a destination,
you're making decisions about what you engage.
When the users engage something, first of all, at its core, an enterprise browser difference
from a consumer browser and that it contextually actually understands the disposition of someone
engaging. It knows that when you went to that tab and you went to personal Chad GPD,
it knows that that tenant that you're going to is not the corporate tenant is personal.
So basic elements of contextual understanding of what's being engaged is a starting. It's a very,
very important starting point. For basic blocking and tackling, we call it AI protection at the
end of the day. That's for building very simple policies and for simple for us, but very complex
for many, most other status quo providers, but recognizing tendency, letting users freely have
access to personal stuff. This is a very, you know, historically controversial topic, but most
providers in cybersecurity in particular, if you talk to them about their AI strategy, the provider's
strategy is a series of block pages. Let's block the user from getting to this and block them from
getting to that and block. And that, we don't believe that's a necessity. The end of the day,
if I can contextually understand what the user is going to, and at the core of the mechanics of the
browser, recognize that's personal versus this being corporate and treat them with different
policies, let the user freely use personal stuff without company data spilling beyond the boundary
and the personal stuff, then that takes my philosophy to a different place than we've ever taken
it before.
And we call it say yes.
You can say yes to anything, but company data just won't spill over to these personal areas.
Now, that's a very basic element.
Then it begins to get more advanced, Dave.
I started about thinking about, you know, well, I want, certainly I want users to be able to open
a tab and go to their favorite AI thing.
And if it's a corporate environment, great.
We handle it one way.
If it's personally, handle it differently.
but I also want mechanics introduced into the process,
mechanics that allow me to bring any AI provider of choice
and build it into the mechanics of the browser
with simple stuff like buttons where the user can just simply launch
built into the browser of side panels and other panels
that launch them right into the sanction environment we want,
really easy access to the sanction stuff,
but then taking it further and bringing in contextual understanding,
contextual understanding beyond what we talked about before,
but understanding the role of the user,
the specifics of the workflows they engage in learning the profile
of what this user does day to day.
And as we learn those things,
we can then learn to make recommendations for prompts
that make them more effective at their job.
And all of a sudden on the screen,
prompts start popping up,
recommended prompts you could click on that engage the application
that you're working on the left
and the sanctioned AI on the right
where they're working interchangeably with each other
to make the user more productive.
And at the end of the day, for us,
there's a core philosophy.
Number one is the say yes philosophy
I've taught it about before,
but also we can take any AI provider and make them enterprise ready by building their mechanics into the browser,
which already has your data protection policies, your access to personal resources,
and you know, access to the internal resources with private access and access to your credential management and things like that.
But every time AI comes to the table, comes to the table being built in to the existing policies you already have,
not a consumer grade experience.
So therefore, that enterprise or that consumer AI becomes enterprise ready.
And then obviously taking it a step further into the areas where people really, really are interested in going, back to the heart of the Gardner conversation, which was the agentic aspects, letting agents run amok.
You know, you give an agent inside of a browser or in an AI environment, I should be clear, given instructions, and then it starts going, goes and does a job.
And that job could be open for interpretation by the AI, number one, depending on the instruction is given, but also could be subject to things that it bumps into that could be interpreted as instructions.
call this prompt injection.
You probably heard the term before.
But this is the concerns that the Gardner paper brought up is the agent running amok
and doing things outside the boundaries of your existing policies and existing controls
and specifically controls that understand, oh, that's an agentic workflow that's happening
versus an actual end user.
Be able to distinguish those two things.
It's out of the reach of most of your traditional cybersecurity providers.
But at the end of the day, letting agentic workflows work in the confines of a very tightly
governed and sanctioned policy so that they don't run amok.
they actually do the job they're intended.
And then also on the back end, most importantly,
measuring the benefit you're getting from it.
So as our users get the ability to have automation resources,
how often are they using them?
What are the ones that are providing the org the most value?
How much time is it saving in the process as well?
All very, very important elements of an agenic browser universe
that's built for the enterprise,
converse of the consumer experience that we were talking about
and that Gartner cautions very heavily against.
I'd love to dig into this notion of managing the agentic AI,
I mean, I think for me, it is both, it's simultaneously exciting and terrifying, right,
to be able to turn over this kind of control, this level of control to a browser or to the agent itself,
because on the one hand, it's sort of the thing we've all dreamt of computers doing for us from the very beginning.
But on the other hand, I think we can all envision it's spinning out of control very quickly at computer speed.
So how do you balance that?
How do you not get in the way of what everybody wants to do the promise of this,
but also keeping it secure?
The best employees in your future will not be the ones that are absent in the organization
who've all been removed by AI.
Some things in orgs will be affected by AI, no doubt about it, and jobs will evolve.
But your best employee in the org is going to be one that is empowered,
that their superpower is to how to use AI most effectively in their job.
And those people will be able to run circles around someone who doesn't use AI.
Honestly, it's one of my gripes about the educational system right now.
It's punitive in a lot of ways for kids using AI in the environment.
And I've got to be honest, when you're making a hire in the modern workspace,
you care about somebody that knows how to use AI.
And maybe a little bit less about somebody who knows where a comma goes in a sentence.
And I know it's probably controversial, different topic.
But at the end of the day, that's the kind of people that the workforce will be looking to employ in the few
future. And my view of it is that can be the best of both worlds. The AI can be a, for lack of a better
phrase, a Jiminy Cricket sitting over the shoulder of the employee helping guide them, helping steer them,
helping them speed tasks up at the end of the day. But again, all of that should be bound. The employee
today is abound by policies. You want the employee to be governed and shepherded to the right
resources at the end of the day when the employees engage in much the same way you want the agentic
workflows to be guarded and not human intervention be able to take control anytime. And when decisions have
be made prompt for human intervention. Human being, you got to look at this. Review this email
before it gets sent. Review this transaction before it happens in this treasury service environment,
etc. So an enterprise environment doesn't just let AI run a muck. It forces guardrails around AI
and lets humans intervene where they need to, again, you think about health care. Probably don't
want AI just writing prescriptions willy-nilly. Probably want AI doing the right research,
recommending prescriptions, maybe doing the work to get it ready, but a human,
comes over the top to look at the possible prescription and goes, all right, cool, I'm in
agreement with that at the end of the day. So the human eye is always coming in the process.
But you just save the human from having to do all this extra manual labor in the process.
And then the most important part is where their skills are very necessary.
And by the way, they get better at their job because AI is also making sure the human doesn't
make mistakes in the same way either. So both can work hand in hand very effectively.
That's Braden Rogers from Ireland. We'll have a link to Gartner's Cybersecurity Must Block
AI browsers for now report. That'll be in our show notes. Ever wished you could rebuild your
network from scratch to make it more secure, scalable, and simple? Meet Meter, the company
reimagining enterprise networking from the ground up. Meter builds full-stack, zero-trust networks,
including hardware, firmware, and software, all designed to work seamlessly together. The result? Fast,
reliable and secure connectivity without the constant patching, vendor juggling, or hidden costs.
From wired and wireless to routing, switching firewalls, DNS security, and VPN,
every layer is integrated and continuously protected in one unified platform.
And since it's delivered as one predictable monthly service,
you skip the heavy capital costs and endless upgrade cycles.
Meter even buys back your old infrastructure to make switching effortless.
transform complexity into simplicity and give your team time to focus on what really matters,
helping your business and customers thrive.
Learn more and book your demo at meter.com slash cyberwire.
That's M-E-T-E-R dot com slash cyberwire.
When cyber threats strike, minutes matter.
Booz Allen brings the same battle-tested expertise trusted to protect national security
to defend today's leading global organizations.
They safeguard their data, strengthen enterprise resilience,
and mobilize in minutes across energy, health care, financial services, and manufacturing.
Their teams don't just respond, they anticipate, outthink, and stay ahead of evolving threats.
This is powerful protection for commercial leaders, only from Booz Allen.
See how your organization can prepare today at Booz Allen.com slash commercial.
And finally, in a courtroom in the UK, an insolvency case took an unexpected turn
when a witness appeared to receive live coaching through smart glasses,
then blame the disruption on chat GPT.
Judge Agnello K.C. said the witness paused repeatedly during questioning,
prompting suspicion from opposing counsel and even the court interpreter
who reported hearing voices.
The situation became harder to ignore,
when a connected mobile phone began broadcasting a live voice mid-hearing.
Call logs showed repeated contacts from a mysterious named source,
abracadabra, which the witness said was a taxi driver.
He denied any coaching and later suggested the audio may have come from chat GPT.
The case highlights a growing challenge for courts,
distinguishing credible testimony from tech-assisted improvisation,
especially as consumer devices blur the line between memory and messaging.
And that's the Cyberwire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes or send an email.
email to Cyberwire at N2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester with original music and sound design by Elliot Peltzman.
Our contributing host is Maria Vermazas.
Our executive producer is Jennifer Ibin.
Peter Kilpe is our publisher, and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow.
If you only attend one cybersecurity conference this year, make it RASAC 2020.
It's happening March 23rd through the 26th in San Francisco,
bringing together the global security community for four days of expert insights,
hands-on learning, and real innovation.
I'll say this plainly, I never miss this conference.
The ideas and conversations stay with me all year.
Join thousands of practitioners and leaders tackling today's toughest challenges
and shaping what comes next.
Register today at rsacconference.com slash cyberwire, 27.
I'll see you in San Francisco.
When it comes to mobile application security, good enough is a risk.
A recent survey shows that 72% of organizations reported at least one mobile application security incident last year,
and 92% of responders reported threat levels have increased in the past two years.
Guard Square delivers the highest level of security for your mobile apps
without compromising performance, time to market,
or user experience.
Discover how Guard Square
provides industry-leading security
for your Android and iOS apps
at www.gardesquare.com.