CyberWire Daily - The court calls Google’s bluff.
Episode Date: June 11, 2026Google faces liability for AI-generated claims. Washington pauses public AI model assessments. Anthropic ships a safer AI model. OpenAI disrupts influence operations. Ransomware operators get a powerf...ul new backdoor. Urgent patches land for Ivanti and Veeam. PyPI supply chain attacks evolve. And a massive data breach triggers a record fine in South Korea. Our guest is Peter Barker, Chief Product Officer at Ping Identity, sharing how identity increasingly becomes the control plane for how work gets done. AI analyzes the FIFA World cup, one cliché at a time. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices, we are joined by Peter Barker, Chief Product Officer at Ping Identity, sharing how identity increasingly becomes the control plane for how work gets done across humans, automation, and AI agents. You can read more from Ping Identity here. If you enjoyed this conversation, be sure to check out the full interview here. Selected Reading Landmark German ruling declares Google's AI Overviews are Google's own words and makes it liable for false answers (The Decoder) White House Reins In AI-Testing Unit as National-Security Concerns Grow (Wall Street Journal) Anthropic Releases ‘Safe’ Version of Its Mythos A.I. Technology (The New York Times) PRC-linked influence operations are targeting AI debates in the US (OpenAI) Technical Analysis of MLTBackdoor (ThreatLabz) CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry (Rapid7) Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels (Socket) Veeam Patches Critical RCE Vulnerability in Backup & Replication published: yesterday (Beyond Machines) ‘Amazon.com of South Korea’ Is Fined a Record $409 Million (The New York Times) The 2026 big soccer tournament, in clichés. (Sinch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
Do you know how the space and cybersecurity domains connect?
T-minus space cyber briefing is your guide through the space-based systems that expand the attack surface.
I'm Maria Varmazes, host here at N2K Cyberwire, and I'm excited to share that T-minus is back.
Now, as a weekly podcast, the T-minus Space Cyber Briefing.
We have a new dedicated focus on two great things that are even better together, space and cybersecurity.
Because whether we realize it or not, we all depend on space-based systems that are, by the way, increasingly internet-enabled.
We're talking cybersecurity technologies, policies, and organizations that are securing the critical space-based infrastructure that powers, protects, and connects our lives here on Earth.
So join me for T-minus space cyber reefing, new episodes every Sunday.
Most environments trust far more than they should, and attackers know it.
Threat Locker solves that by enforcing default deny at the point of execution.
With Threat Locker Allow listing, you stop unknown executables cold.
With ring fencing, you control how trusted applications behave.
And with Threat Locker, DAC, defense against configurations, you get real assurance that your environment is free of
misconfigurations and clear visibility into whether you meet compliance standards.
Threat Locker is the simplest way to enforce zero-trust principles without the operational pain.
It's powerful protection that gives CISO's real visibility, real control, and real peace of mind.
Threat Locker make zero-trust attainable, even for small security teams.
See why thousands of organizations choose Threat Locker to minimize alert fatigue,
stop ransomware at the source and regain control over their environments.
Schedule your demo at Threatlocker.com slash N2K today.
Google faces liability for AI-generated claims.
Washington pauses public AI model assessments.
Anthropic ships a safer AI model.
Open AI disrupts influence operations.
Ransomware operators get a powerful new backdoor.
We've got urgent patches for Avanti.
and VIM.
Pai supply chain attacks evolve.
A massive data breach triggers a record fine in South Korea.
Our guest is Peter Barker,
chief product officer at Ping Identity,
sharing how identity increasingly becomes
the control plane for how work gets done.
And AI analyzes the FIFA World Cup,
one cliche at a time.
It's Thursday, June 11, 2026.
I'm Dave Bittner, and this is your Cyberwire Intel Breast.
Thank you for joining us here today. It's great as always to have you with us.
A German court has ruled that Google can be held directly liable for false statements
generated by its AI search overviews, marking a significant departure from legal protections
traditionally granted to search engines. The Regional Court of Munich issued an injunction
after Google's AI falsely linked two Munich publishers to scams, subscription traps, and
other dubious business practices.
The court found that the AI had combined information from unrelated companies and created
accusations that did not appear in any of the cited sources.
Central to the ruling is the court's view that AI overviews are not merely search results.
Unlike traditional search engines which point users to third-party content, AI overviews
generate new summaries, judgments, and conclusions.
Because Google designs and controls the system, the court said it is responsible for those outputs as its own statements.
The court rejected Google's argument that users can verify AI summaries by checking linked sources,
noting that the summaries are presented as self-contained information and often contain claims not found in the sources.
It also ruled that Google cannot rely on standard search engine liability protections or digital services,
Act Host Provider Defenses. The decision could have broad implications for AI providers.
As generative systems increasingly create original summaries from web content, courts may hold
operators accountable for inaccuracies, defamation, or unsupported claims produced by their
models. Google was ordered to pay 80% of the legal costs, and the ruling may influence future
cases involving AI-generated content worldwide.
Trump administration officials have directed the Center for AI Standards and Innovation,
the federal government's primary AI testing unit, to stop publishing public assessments
of AI models while a new executive order is implemented.
The move reflects growing concern over advanced AI systems, including Anthropics Mythos
model, which officials worry could enable cyberattacks.
or support the development of biological weapons.
The order strengthens the role of national security officials in AI oversight,
a shift championed by National Cyber Director Sean Kierncross
and Treasury Secretary Scott Besant.
While the Center for AI Standards and Innovation continues internal testing
and coordination with government agencies,
suspending its public reporting has raised concerns about its future
and reduce transparency around AI risks.
The decision has exposed tensions within the administration and the AI industry.
Companies such as OpenAI support preserving the Center for AI Standards and Innovation's role,
while others warn that stricter testing and security reviews could slow innovation
and delay the deployment of advanced AI systems.
In not completely unrelated news, Anthropical,
has released Claude Fable 5, a new AI model derived from its more powerful Claude Mythos system,
which the company previously restricted because of concerns it could help hackers identify and exploit software vulnerabilities.
Fable includes additional safeguards designed to block responses related to cybersecurity, biology, and other sensitive topics,
making it safer for broad public release.
Anthropics says most potentially risk.
requests will instead be handled by its earlier Claude Opus 4.8 model. The company argues
these controls allow wider access while reducing security risks, though some researchers question
whether such guardrails are fully reliable. Mythos remains available only to a limited number
of organizations responsible for critical infrastructure, helping them identify and patch vulnerabilities
before attackers can exploit them.
The debate highlights a growing divide
over whether advanced AI capabilities
should be tightly controlled
or broadly shared
to strengthen defensive cybersecurity research.
Still, some researchers
remain unconvinced that Mythos represents
a fundamentally new level of cyber capability,
arguing that limited public access
makes it difficult to determine
whether the model's reputation
reflects a genuine breakthrough or effective marketing.
OpenAI says it has disrupted two China-linked influence campaigns
that use ChatGPT to generate social media content aimed at shaping debate around U.S. technology
and AI policy.
One campaign promoted claims that AI data centers were driving up electricity costs,
while another criticized U.S. tariffs and spread false allegations that ChatGB
user data had been compromised.
OpenAI found no evidence that either operations significantly influenced public opinion.
However, the company says the activity highlights how foreign influence actors are experimenting with
AI-generated content to amplify existing political and economic concerns, target AI infrastructure
debates, and attempt to manipulate public discussions while concealing their origins and
motives. Researchers at Z-Scaler Threat Labs have identified a new malware family called
MLT Back Door that appears designed to support ransomware operations by establishing a foothold on
compromised networks. Delivered through a multi-stage click-fix infection chain, the malware
provides basic file management capabilities, but is particularly notable for its ability to load
beacon object files, allowing operators to dynamically expand its functionality.
MLT Back Door employs extensive obfuscation techniques, including mixed bullion arithmetic and
control flow flattening, along with anti-analysis measures that complicate reverse engineering
and sandbox detection. It also uses indirect system calls, API hashing, encrypted communications,
and a domain generation algorithm to maintain contact with command and control infrastructure.
According to Threat Labs, the malware's combination of stealth, resiliency, and modular BOF support
makes it a capable post-exploitation framework that could facilitate lateral movement
and other ransomware-related activity within victim environments.
Avanti has disclosed two critical vulnerabilities affecting Avanti's sentry,
including a remote unauthenticated command injection flaw
that allows attackers to execute code as root,
and an authentication bypass that enables the creation of rogue administrator accounts.
A public proof-of-concept exploit was released shortly after disclosure,
increasing the likelihood of real-world attacks.
Although Avanti says it has not observed,
active exploitation, security researchers warn organizations should patch immediately.
Fixed versions are available, and Rapid 7 recommends updating affected systems outside normal patching cycles
due to the severity of the flaws and the ease of exploitation.
Researchers at Socket have identified 23 additional malicious Pi Pi Package artifacts
linked to the broader mini-shihaloud, Myasma, and Hades Software Supply Chain campaign,
bringing the total known impact to 471 compromised packages across NPM and Pi-Pi.
The latest wave shows attackers rapidly evolving their tactics
using a mix of Python startup hooks, trojanized native extensions,
and new loader techniques to execute an obfuscated JavaScript Steeler.
The malware targets developer workstations and CICD environments seeking credentials, cloud secrets,
package registry tokens, SSH keys, and other sensitive data.
Researchers also observed anti-analysis techniques, including fake prompt injection content
designed to confuse AI-assisted security tools.
According to Socket, the campaign demonstrates an increasingly sophisticated and adaptable threat
that continues to shift delivery methods to evade detection and compromise software development ecosystems.
VIME has patched a critical remote code execution vulnerability affecting backup and replication version 12.
The flaw with a CVSS rating of 9.4 allows an authenticated domain user to execute arbitrary commands on domain-joined backup servers.
Successful exploitation could give attackers control of,
backup infrastructure, enabling them to delete, encrypt, or steal backup data, a common objective
in ransomware attacks. The issue affects multiple versions but does not impact version 13.
Organizations are urged to upgrade, implement hardened backup configurations, and restrict
domain user access while enforcing multi-factor authentication to reduce risk.
South Korea has imposed a record $409 million fine on coupang, the country's largest online retailer,
over a massive data breach and the unlawful collection of user information.
Regulators said the company exposed personal data from 33 million customer accounts and 4 million non-members,
while also improperly gathering online activity data from 11 million users across third-party websites and apps.
The Personal Information Protection Commission attributed the incident to inadequate security controls
rather than sophisticated cyber attacks.
Hupang often called the Amazon of South Korea has apologized and pledged to improve its data protection practices,
but plans to challenge the ruling in court.
The case has also become a diplomatic flashpoint,
with some U.S. lawmakers accusing South Korea of unfairly targeting an American Incorporated
company, while South Korean officials maintain the investigation followed standard legal procedures.
Coming up after the break, my conversation with Peter Barker from Ping Identity, we're discussing
how identity increasingly becomes the control plane for how work gets done. And AI analyzes the FIFA
World Cup one cliche at a time. Stick around. When it comes to mobile applications,
security, good enough, is a risk. A recent survey shows that 72% of organizations reported at
least one mobile application security incident last year, and 92% of responders reported threat levels
have increased in the past two years. Guard Square delivers the highest level of security for
your mobile apps without compromising performance, time to market, or user experience. Discover
how Guard Square provides industry-leading security for your Android.
Android and iOS apps at www.gardesquare.com.
Peter Barker is Chief Product Officer at Ping Identity, and in today's sponsored industry
voices segment, he shares how identity increasingly becomes the control plane for how work gets
done.
The history of identity was there to really help secure and enable access to applications,
primarily for employees of companies.
And it's expanded dramatically since then to be a larger scope of overall digital identity
where everyone, whether you're an employee, you're a customer, you're a partner,
and now AI agents need access.
And digital identity is the mechanism that really facilitates that access securely and safely,
but also in a way, hopefully, that makes it easy for people to get their job done.
Well, I think it's fair to say that, again, looking back, identity systems pretty much assumed that it was a human operator somewhere in the workflow.
I guess that assumption worked for a long time, but things have changed now.
Thanks, as you say, to these AI agents, it's kind of a different world.
It's a completely different world now.
And not to diminish the importance of the human element, and we'll come back to that.
But you're absolutely right. There's a new actor in the system, which are these AI agents.
And AI agents are pretty unique as compared to our traditional human actors.
In some ways, they resemble the humans that they're interacting with systems very similarly to how humans do.
But in other ways, they can be a lot more unpredictable as well.
And so it does require some new ways of looking at the situation than we've done historically.
also there are some traditional ways we've treated identity that also apply to agents.
Well, let's dig into that. What are some of the ways that the old system no longer applies?
And where do we stand today?
Yeah, so historically and traditionally, identity effectively stopped at login, meaning to say that we
would assess all of the conditions. When a human is logging into a system, we assess all of the
conditions, maybe what device they're logging into and what network are they coming from,
are they authenticating successfully? And we'd make a decision about allowing access for the human
based on those conditions. In many ways, that's where identities stopped. It stopped at login.
But with agents, what changes is, you know, agents are entities that can now act and they can make
decisions. And sometimes those decisions and those actions don't necessarily align with the original
intent that they were chartered to do, like the prompt that they were given. And so what's really
important is the perimeter of identity needs to move from login to the point of decision or the
point of action. Help me understand this term I've heard called headless identity. What does that
actually mean in practical terms?
That is applying identity to AI agents.
And then if we shift gears into the concept of headless,
so the people who the practitioners who manage and administer and operate the identity
platforms that deliver all of those things we talked about a bit ago,
they have a really hard job because they need to integrate the identity platform
into a variety of applications and systems that exist in the enterprise.
They need to configure it so that you get that balance of friction and security just right.
So you get the right user experience with the right security.
You have to configure it so that you don't have security exposure.
And so it's a really hard job that requires a pretty high skill set in order to do that.
The concept of headless identity is,
is the notion that how the administrators that interact with the system,
how they interact with it is evolving.
And it's evolving from UIs and clicking around in UIs to configure
to using agents and assistance to actually do that work on your behalf.
And so having an identity platform that's headless enables that interaction model now.
What about the notion that identity should be programmable?
What does that mean?
Yeah, so what's really interesting is everyone today is becoming a builder.
If you can download and install cloud code and you can prompt it to do something,
you're in the process of building.
And administering software like identity platforms is no different.
And so what it really means is that the administrators now can use these external agents and these coding agents to now interact with the system and to configure it and to make it do all of the things without requiring deep knowledge of how the platform works itself.
Can we talk about things like security and governance and control?
as we see these machines interacting directly with the systems within an enterprise,
how does that change the security conversation?
It does change the security conversation in many ways.
I guess one final comment I'll make on headless,
and then I'll come to that,
is that the, I mentioned the skill set required for people to administer identity platforms.
Ultimately, there are complex systems that,
can be configured to be very, do very good things and also misconfigured to do bad things.
And so I think the other opportunity that Headless really presents is that we can greatly reduce
the skill set needed to administer these platforms so that you get the results you're looking for
without the exposure or the weaknesses of misconfiguration.
And so that's the big opportunity.
And I think that kind of transitions into the question you asked about, you know, governance
and security because the larger opportunity around agents overall is that we want to harness the full
potential and the full power of these things in the enterprise. But the reality is if you don't
keep them on the rails and if you don't have proper guardrails in place, you might in fact
be exposing your company to a lot more risk than is appropriate. And so where identity comes in
is being able to really harness that power, enable that power,
but keep things on the rails at the end of the day.
I'm curious from your own personal experience,
the folks that you've worked with,
the organizations that are finding success here,
who are operationalizing AI in a way that's really benefiting the organization
on the leading edge,
are there common elements that these organizations share,
that's helping them get to this ahead of the pack?
Yeah, I do think so.
What we're seeing is that many companies are very excited to take advantage of the opportunity of AI agents.
And many times the executive teams inside these companies are asking their employees to just go do AI, right?
But at the same time, you have inside those same organizations groups like the,
enterprise security group, the IT group, who are very worried about, well, how do we enable
the organization? How do we unleash the organization to be able to safely adopt AI in our
environment? And so the organizations that we see that are really making strong strides are
ones that have established clear governance guidelines on how they can enable AI for their
employees, rather than just sort of leaving it up to the employees to try to figure it out
on their own and then creating this chaotic environment that I described before.
By establishing some of these simple guardrails around how agents can safely interact, how
employees can adopt these technologies and leverage them, those are the companies that we're
starting to see are going much faster.
because typically what we've seen is these organizations have sort of denied access in general as blocked access for AI because they're concerned about what might happen.
And so those who figure out how to implement the governance process and the security process for them is able to open them up to go much faster.
What is your sense of where we're headed here?
As you look toward the future, what do you think identity platforms are going to look like?
How are they going to evolve as these AI agents become more of a standard part of enterprise operations?
A couple of things that they're going to evolve too.
One is that the identity platform needs to understand all of the actors that are involved now.
So it's not just the humans, it's also the AI agents.
And then very, very importantly, needs to understand the relationship between those two things
so that trust can be brokered between the human world and the agent world,
and that we can maintain control and trust of the agents
under proper supervision of the humans.
So that's one big element, one big aspect.
Another is what we talked about earlier,
which is that where the perimeter of security and identity is established
needs to move to the point of action, the point of decision.
And so moving to a much more continuous posture in the flow, inserted directly in the flow, is a really important evolution as well.
And then finally, the concept of headless as well is really, really important here because being able to configure and manage and operate digital identity at the speed of AI is going to require us to enable AI to also help administer the process.
platform itself, and that's where the headless interfaces come in.
And importantly, also providing the skills that those agents need to successfully administer
the platform as co-pilots, if you will, to their human administrators.
So several big evolutions of where the identity platform is going to just become that
trust layer of Agentic for the Agentic enterprise, as well as continuing to broker trust
and manage trust.
in the humans that are interacting as well.
That's Peter Barker, Chief Product Officer at Ping Identity.
It's been too long, Cowboy, from Disney and Pixar.
Hi there, I'm...
So that's the device.
Me and the toys have been working to try and get Bonnie to make friends.
Well-la, friend-made.
What just happened?
Lillipad made Bonnie a friend in like...
Fifteen seconds, I was counting.
On June 19th.
Our time ain't over yet.
Bonnie still needs us.
Come on, Bullseye.
Wait for us.
Disney and Pixar's Toy Story 5, only in theaters June 19th.
Tickets available now.
Are you one of those media strategy people clicking through slides, scrolling spreadsheets?
Yes?
Good.
This is for you.
Because on Spotify, there's an audience that's different.
Locked in.
Loyal, invested.
They're called fans.
Fans don't just listen to music.
They feel seen by it like it belongs to them.
So when your brand shows up on Spotify, that's who you're talking to.
And you're right next to artists like me.
Lizzo, so are you ready to talk to fans?
Spotify advertising. You're among fans.
And finally, with the FIFA World Cup kicking off in Mexico City,
communications platform provider, Sinch, has launched the expected cliche tracker,
an AI-powered project that applies football's love of analytics
to an entirely different metric, manager press conference platitudes.
inspired by expected goals, the tracker introduces XC or expected cliches,
a score designed to measure how often national team coaches rely on familiar football phrases
instead of offering genuine insight.
Once the tournament begins, the site will analyze every pre-and-past-match press conference
from all 48 national team managers, ranking the most original and least original speakers,
tracking the tournament's most used clichés and comparing coaches across countries and styles.
The project promises daily storylines, head-to-head coaching comparisons,
and a heat map of football's favorite conversational habits.
In other words, while teams compete for trophies on the pitch,
managers will quietly compete for the far more elusive honor of avoiding phrases like,
one game at a time.
And that's the Cyberwire.
For links to all of today's stories,
check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights
that keep you a step ahead
in the rapidly changing world of cybersecurity.
If you like our show,
please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes
or send an email to Cyberwire at n2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester
with original music and sound design by Elliot Peltzman.
Our contributing host is Maria Vermazas.
Our executive producer is Jennifer Ibin.
Peter Kilpe is our publisher,
and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow.