CyberWire Daily - The AI arms race hits finance.
Episode Date: April 10, 2026The Treasury Secretary and Fed Chair summon bankers over AI concerns. A hacker claims more than 10 petabytes stolen from China’s National Supercomputing Center. Recalibrating the quantum timeline. R...esearchers demo prompt injection against Apple Intelligence. Payroll Pirates target Canadians. Gmail gets end-to-end encryption on mobile devices. A Chrome update fixes critical vulnerabilities. A Pennsylvania cop admits creating more than 3,000 AI-generated pornographic deepfakes. Our guest is Henry Comfort, Co-Founder and CEO of Geordie AI, winner of this year’s RSAC Innovation Sandbox. FCC floats firmer filters for fraudulent phone calls. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Dave shares coverage of the RSAC 2026 Innovation Sandbox and his conversation with Henry Comfort, Co-Founder and CEO from the winner of “Most Innovative Startup” Geordie AI. We tip our hats to this year’s finalists. Selected Reading Bessent and Powell’s A.I. Anxiety (The New York Times) Court Backs Pentagon Anthropic Ban - But the Fight Continues (GovInfo Security) A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data (CNN) Why is the timeline to quantum-proof everything constantly shrinking? (CyberScoop) Microsoft: Canadian employees targeted in payroll pirate attacks (Bleeping Computer) Google rolls out Gmail end-to-end encryption on mobile devices (Bleeping Computer) Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000 (SecurityWeek) Police corporal created AI porn from driver's license pics (Ars Technica) FCC proposes new rule to further crackdown on illegal robocalls (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
No, it's not your imagination.
Risk and regulation really are ramping up,
and these days customers expect proof of security before they'll even do business.
That's where Vanta comes in.
Vanta automates your compliance process and brings compliance, risk, and customer trust together on one AI-powered platform.
So whether you're getting ready for a SOC2 or managing an end-toe,
enterprise governance risk and compliance program, Vanta helps keep you secure and keeps your deals
moving. Companies like Ramp and Writers spend 82% less time on audits with Vanta. That means less
time chasing paperwork and more time focused on growth. For me, it comes down to this. Over 10,000
companies from startups to large enterprises trust Vanta to help prove their security. Get started at vanta.com
slash cyber.
The Treasury Secretary and Fed Chair
summoned bankers over AI concerns.
A hacker claims more than 10
petabytes stolen from China's national
supercomputing center, recalibrating the quantum
timeline, researchers demo prompt
injection against Apple intelligence,
payroll pirates target Canadians,
Gmail gets end-to-end
encryption on mobile devices,
a Chrome update fixes critical
vulnerabilities, a Pennsylvania cop
admits creating more than 3,000 AI-generated pornographic deepfakes.
Our guest is Henry Comfort, co-founder and CEO of Jordie A.I, winner of this year's RSAC
Innovation Sandbox.
And the FCC floats firmer filters for fraudulent phone calls.
It's Friday, April 10th, 2026.
I'm Dave Bittner, and this is your Cyberwire Intel briefing.
Thanks for joining us here today, and happy Friday.
a heck of a week, and it's great to have you here with us.
U.S. financial regulators are increasingly concerned that advanced artificial intelligence
could introduce new systemic cybersecurity risks to the banking sector.
Treasury Secretary Scott Besant and Federal Reserve Chair Jay Powell recently convened
top Wall Street CEOs to discuss Anthropics' latest model, Claude Mythos Preview,
and the potential threat similar tools may present.
pose if misused. While Anthropics says the model is intended to help identify and fix critical
vulnerabilities, policymakers worry that increasingly capable AI could also enable more sophisticated
cyber attacks. Industry leaders have echoed those concerns. J.P. Morgan Chase, CEO Jamie
Diamond, warned that AI may create new security weaknesses, and former Microsoft executive Craig Mundy
suggested powerful models could broaden access to advanced hacking capabilities.
The meeting reflects growing government attention to AI's dual-use nature,
as officials weigh both its defensive benefits and its potential to amplify cyber risk
across critical financial infrastructure.
Meanwhile, a federal appeals court in Washington allowed the Pentagon to keep blacklisting
anthropic from defense contracts, while legal challenges continue in other courts.
The ruling lets the military remove clawed models from defense systems and restrict contractor use,
though a California court has limited parts of the policy.
Judges emphasize national security concerns over financial harm to Anthropic.
The decision does not resolve whether the designation is lawful,
leaving broader constitutional and procurement disputes ongoing as parallel cases proceed.
A hacker using the alias flaming China claims to have stolen more than 10 petabytes of sensitive data
from China's national supercomputing center in Tangjin, potentially one of the largest alleged data
exfiltrations from the country. Samples reviewed by cybersecurity researchers appear to include
documents marked secret, along with missile schematics, aerospace research, and other defense-related
materials tied to major Chinese institutions.
Experts say the attacker may have accessed the system through a compromise VPN and quietly
extracted data over several months using distributed automated tools.
However, the data set's origin remains unverified by independent authorities.
If confirmed, analysts say the volume and sensitivity of the material could make it highly
valuable to foreign intelligence services and highlight ongoing cybersecurity.
weaknesses in parts of China's critical infrastructure.
Google's decision to accelerate its shift to quantum-resistant encryption
reflects growing concern that quantum computers capable of breaking today's cryptography
may arrive sooner than expected.
New research from the California Institute of Technology,
Oratomic, and the University of California suggest
such systems could require as few as 10,000 cubits,
far fewer than earlier estimates of millions.
Google researchers also reported reduced hardware requirements for breaking widely used encryption.
Officials and experts warn this raises the risk of Harvest Now-decrypt later campaigns
and highlights rapid advances, including Chinese investment in quantum technology.
Some analysts say the timeline for quantum threats now overlaps with currently deployed systems,
especially blockchain infrastructure.
However, other cryptography experts remain skeptical that practical quantum attacks are imminent,
arguing large-scale fault-tolerant quantum computers may still be decades away.
Researchers at the RSAC Research Lab demonstrated a prompt injection attack
that could hijack Apple intelligences on-device large language model
by combining a neural-exec adversarial input with a Unicode right-to-left override technique to bypass Apple's input and output filters.
The method allowed attackers to force the model to execute arbitrary tasks with a reported 76% success rate across test prompts.
Before Apple patched the issue in iOS 26.4 and MacOS 26.4, attackers could potentially access sensitive data
available to apps using the local model, including health or personal media content.
Researchers estimated between 100,000 and 1 million users may have been exposed through affected apps.
Apple has since deployed mitigations, and researchers report no evidence of exploitation in the wild.
Users running earlier operating system versions are advised to update to the latest versions.
A financially motivated threat actor tracked as Storm 2755 is conducting payroll pirate attacks that redirected Canadian employees' salary payments after hijacking their accounts.
The group uses adversary in the middle fishing pages disguised as Microsoft 365 sign-in portals to capture authentication tokens and session cookies, allowing them to bypass multi-factor authentication without needing password.
or codes. After gaining access, attackers hide HR-related emails using inbox rules and contact payroll
staff to request changes to direct deposit details. When social engineering fails, they log directly
into HR platforms such as Workday to alter payment information. Microsoft advises organizations to deploy
fishing-resistant MFA, block legacy authentication, revoke compromised sessions, and remove malicious
inbox rules. Payroll diversion schemes are a form of business email compromise, which the FBI says
caused more than $3 billion in losses last year. Google has expanded Gmail end-to-end encryption
to Android and iOS, allowing Enterprise users to send and read encrypted emails directly
within the mobile app without extra tools. Messages can be delivered to Gmail recipients normally,
while others can access them through a browser. The feature relies on client-side encryption,
meaning organizations control encryption keys stored outside Google's servers.
available to Enterprise Plus users with assured controls add-ons,
the update supports regulatory compliance,
and extends encrypted messaging across platforms and email providers.
Google has released Chrome 147 with fixes for 60 vulnerabilities,
including two critical flaws in the WebML component used to run machine learning models in the browser.
The issues, a heap buffer overflow, and an issue,
integer overflow could enable sandbox escape or remote code execution.
Fourteen additional high-severity bugs affect components such as WebRTC, V8, Blink, and Skiya.
Google says none are known to be exploited in the wild.
The update also introduces stronger session cookie protections to reduce account-compromise
risks.
A Pennsylvania state police corporal has pleaded guilty to multiple crimes.
including creating more than 3,000 AI-generated pornographic deepfakes
using images taken from state databases such as driver's license records.
Authorities say Stephen Kamnick misused Commonwealth systems for years,
generating explicit material involving numerous women,
including a district court judge,
sometimes on state-owned devices at police barracks.
Investigators discovered the activity in 2024,
unusual internet usage triggered a review of his workstation,
leading to the seizure of devices containing illicit content,
including child sexual abuse material.
Kamnik also secretly filmed individuals,
accessed restricted databases in violation of policy,
possessed a stolen firearm,
and broke into a women's locker room at the barracks.
The case reflects broader concerns
about the growing accessibility of AI DeepFake Tool.
pools, which have also been used in recent incidents involving students in eastern Pennsylvania high schools.
Hamnick is scheduled for sentencing in July.
Coming up after the break, my conversation with Henry Comfort, co-founder and CEO of Jordy A.I.
Winner of this year's RSAC Innovation Sandbox.
And the FCC floats firmer filters for fraudulent phone calls.
Stay with us.
Maybe that's an urgent message.
from your CEO, or maybe it's a deep fake trying to target your business.
Dopple is the AI-native social engineering defense platform fighting back against impersonation and
manipulation. As attackers use AI to make their tactics more sophisticated, Dopple uses it to
fight back, from automatically dismantling cross-channel attacks to building team resilience and more.
Dople, outpacing what's next in social engineering. Learn more at
doppel.com. That's
do p-p-p-el.com.
This episode is brought to you by Tellus Online Security.
Oh, tax season is the worst.
You mean hack season?
Sorry, what?
Yeah, cybercriminals love tax forms.
But I've got Tellus Online Security.
It helps protect against identity theft and financial fraud
so I can stress less during tax season, or any season.
Plan started just $12 a month.
Learn more at tellus.com slash online security.
No one can prevent all cybercrime or identity theft.
Conditions apply.
One of the highlights of RSAC is always the innovation sandbox.
And this year, after the announcement of the winner,
I got to speak with Henry Comfort,
co-founder and CEO of Jordie A.I.
This year's winner.
The winner of the RSAC,
most innovative starry.
No.
2026, drum roll please.
So here we are at the Innovation Sandbox and congratulations on winning this year.
You just came off the stage.
How do you feel?
It feels amazing.
It's really a bit of a dream.
Last year we came to RSA and we just started our company and I remember speaking to some of our
investors and they said, are you going to go for a sandbox next year?
And you took a second and you went, yeah, we're going to go for it.
So to now be here winning it is an incredibly proud moment,
but more significantly a moment where we just one step to reflect upon the fact
that we've already built a product that's helping companies
understand their agendasic operations and manage the risk.
We've built an amazing team who have worked so hard over the past year to make it happen.
And we have such great aspirations and ambitions for the future.
So this is a really powerful moment for us,
and we look forward to building upon it.
One of the things I found inspiring about your story was the name
itself, the Jordi light. Give us the description of that. Yeah, I mean, we drew a parallel back
when we were starting the company between what was possible with agents and the first industrial
revolution. All of a sudden we have access to all this operational leverage we didn't have
before as a result of technology. But just as we have right now, during the industrial revolution,
there were invisible risks that teams had to deal with. And at the time, the teams were mining
coal mines and the invisible gases were released in the process. And it was very, very dangerous.
but we developed mining lamps to help us manage that risk.
An example of this was the Geordie Lump,
had a small candle inside.
And at the moment the gas is built up,
the candle went out,
gave the workers at the timeline of sight to this new risk.
And we do the same for the agentic era,
and we took a real thought,
went into the name and the story,
because we really do feel that we're as significant a moment
in technological development,
and we want to play as significant a role
in helping companies unlock the benefits
by managing the risks.
Well, give us the elevator speech.
What does the product do?
Yeah, so we help you understand your authentic footprint
across the various different service areas
that agents operate in.
We give you a deep understanding
of how they're configured, their posture,
and their runtime observability of their actual operations.
Then we help you manage the risk
and understand it.
Right now, a lot of security teams
are struggling to get their heads around agentric risk.
And then finally, we help you remediate it,
but we don't take a legacy approach.
We use context engineering to steer agents
towards better pathways
and then block the ones you lease.
want. And from that, it's quite a holistic approach to a genetic risk management and governance
that's benefiting our customers today. Why choose to do the sandbox? Startups, you don't have a lot of
free time. This takes a lot of time. For you, it paid off. But what was the equation that made you
decide this was something you wanted to pursue? We see sandbox as an amazing catalyst for companies,
really spotlighting the most innovative solutions, the most game-changing future companies.
companies and we wanted to be part of that. So every moment spent on this was a moment well
spent. And I think everyone who was a finalist or even who tried to become a finalist would
say the same thing. This is, one of my investors described it to us as the, I think it was the Oscars
for cybersecurity. And we treat it like that. You know, this means an incredible amount to
us as a company as it did to all the other finalists. So it's a privilege to be part of it and
an absolute honor to win. What's next for you and your team? Continue helping more customers.
ultimately understand their urgent operations and help them manage the risks so that they can unlock
innovation. That's what we're here to do. So we'll continue to grow our team and continue to work
with customers to make sure that they're equipped in this new era. Well, congratulations and best of luck
to you. Thanks so much. That's Henry Comfort, co-founder and CEO of Jordie A.I, winner of this year's
RSAC Innovation Sandbox. And finally, the Federal Communications Commission is, once a
again, sharpening its tools against robocalls, this time by proposing stricter know-your-customer
rules for phone service providers who appear, in the agency's view, to have been asking far too
few questions of suspicious callers. Under the proposal, originating carriers would need to
collect more identifying details, verify them more carefully, and face penalties calculated per
illegal call rather than per violation, which could make nuisance dialing a more expensive hobby.
High-volume callers would also have to explain why they're calling so many people in the first place,
a question consumers have been quietly asking for years.
Providers might even be required to keep identity records for four years after customers depart,
presumably just in case the calls keep coming anyway.
The FCC argues stronger rules would help.
help law enforcement trace crimes tied to illegal calling.
Meanwhile, robocalls, stubborn as ever, continue ringing through.
And that's the Cyberwire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
Be sure to check out this weekend's research Saturday in my conversation with Selina Larson,
threat researcher from ProofPoint's research team.
The research is titled Don't Trust Connect.
It's a rat in an RMM hat.
That's Research Saturday. Check it out.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes or send an email to Cyberwire at n2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester with original music and sound designed by Elliot Pets.
Peltzman. Ethan Cook is our lead analyst. Our contributing host is Maria Vermazis.
Our executive producer is Jennifer Ibn. Peter Kilpe is our publisher, and I'm Dave Bittner.
Thanks for listening. We'll see you back here next week.