CyberWire Daily - The M5 just met its memory problem.
Episode Date: May 18, 2026Researchers crack Apple’s M5 memory protections with a kernel exploit. An IBM Security executive emerges as a possible CISA pick. Researchers uncover four malicious npm packages. AI-generated “s...lop” floods bug bounty programs. Major healthcare breaches hit the HHS tracker, 7-Eleven confirms a breach, and chained OpenClaw AI flaws could enable full host compromise. Santa Clara County sues Meta over alleged scam ads on Facebook and Instagram. Monday business breakdown. Our guest is Jason Madigan, Director of Commercial Cloud Security at Booz Allen, discussing the tension between resilience and data residency laws. A fond farewell for a security pioneer. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices segment we are joined by Jason Madigan, Director of Commercial Cloud Security at Booz Allen, discussing the tension between resilience and data residency laws. If you enjoyed this conversation, check out the full interview here. Selected Reading First public macOS kernel memory corruption exploit on Apple M5 (Calif) IBM executive floated for CISA director as concerns persist for agency (SC Media) Former CISA nominee Sean Plankey named US CEO of defense startup (CyberScoop) New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here (OX Security) ‘Never-ending’ AI slop strains corporate hacking reward schemes (Financial Times) Millions Impacted Across Several US Healthcare Data Breaches (SecurityWeek) 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand (SecurityWeek) 'Claw Chain' OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery (SecurityWeek) Santa Clara County sues Meta over alleged scam ads (San José Spotlight) Exaforce raises $125 million in Series B funding. (N2K Pro Business Briefing) Peter G. Neumann, Who Warned of Computer Security Risks, Dies at 93 (The New York Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
Do you know how the space and cybersecurity domains connect?
T-minus space cyber briefing is your guide through the space-based systems that expand the attack surface.
I'm Maria Varmazes, host here at N2K Cyberwire, and I'm excited to share that T-minus is back.
Now, as a weekly podcast, the T-minus Space Cyber Briefing.
We have a new dedicated focus on two great things that are even better together, space and cybersecurity.
Because whether we realize it or not, we all depend on space-based systems that are, by the way, increasingly internet-enabled.
We're talking cybersecurity technologies, policies, and organizations that are securing the critical space-based infrastructure that powers, protects, and connects our lives here on Earth.
So join me for T-minus space cyber reefing, new episodes every Sunday.
Quick question. Have you watched Project Hail Mary yet?
Humanity is facing an existential threat and racing to solve it with the clock ticking.
For security teams, that probably hits close to home with AI use rapidly spreading.
Everyone's using AI, marketing, sales, engineering.
Chris the intern without security even knowing about it.
That's where Nudge Security comes in.
in. Nudge finds shadow AI apps, integrations, and agents on day one, and helps you enforce policy
without blocking productivity. Try it free at nudgesecurity.com slash cyberwire.
Researchers crack Apple's M5 memory protections with a kernel exploit. An IBM security executive emerges
as a possible Sissa pick. Researchers uncover four malicious NPM packages. AI-generated
slop floods bug bounty programs.
Major health care breaches hit the HHS tracker.
7-11 confirms a breach and chained open-claw AI flaws could enable full host compromise.
Santa Clara County sues meta over alleged scam ads.
We got our Monday business breakdown.
Our guest is Jason Madigan, Director of Commercial Cloud Security at Booz Allen,
discussing the tension between resilience and data residency laws.
And a fond farewell for a security.
pioneer. It's Monday, May 18th, 2026. I'm Dave Bittner and this is your Cyberwire Intel briefing.
Thanks for joining us here today. Happy Monday. It is great as always to have you with us.
Researchers say they developed the first public macOS kernel memory corruption exploit targeting
Apple's M5 silicon, despite the company's hardware-assisted memory integrity enforcement or
MIE protections. The exploit chain targets MacOS 26.4.1 and reportedly achieves local privilege
escalation from an unprivileged user to a root shell using standard system calls. The researchers
said the chain relies on two vulnerabilities and several exploitation techniques on bare metal
M5 hardware with Colonel MIE enabled. Caliph researchers credited Mythos Preview, the AI-assisted
vulnerability research system with helping identify bugs and support exploit development.
According to their report, the exploit was built in roughly five days.
Apple designed MIEs specifically to make memory corruption attacks significantly harder.
The researchers argue the work highlights how AI-assisted vulnerability discovery may challenge
even advanced hardware security mitigations.
Cybersecurity leaders are urging the Trump administration,
to stabilize and strengthen SISA as IBM security executive Tom Parker emerges as a possible
candidate to lead the agency. Industry leaders say SISA has lost roughly one-third of its
workforce over the past year, while the administration's proposed fiscal year 27 budget would cut
another 30 percent from the agency. Security professionals warned that reduced staffing
could weaken programs like the known exploited vulnerabilities catalog
and secure-by-design initiatives,
both widely used to prioritize active threats
and improve software resilience.
Multiple experts said AI-driven vulnerability discovery
is accelerating attack timelines,
making centralized coordination and threat intelligence more critical.
Defenders increasingly rely on SISA
as a neutral source of vulnerability prioritization,
operational guidance and cross-industry coordination, as AI compresses the time between disclosure and exploitation.
Meanwhile, Sean Planky, the former nominee to lead the Cybersecurity and Infrastructure Security Agency,
is joining Defense Technology Company U-Force as its U.S. chief executive officer.
U-Force, a London-based company formed from nine Ukrainian firms, develops combat drones for air,
land and sea operations.
The company said it plans to launch U.S. made unmanned surface vessels this summer.
Planky withdrew from consideration for the Sissa director role last month after facing Senate
opposition.
He previously served in the first Trump administration and recently retired from the U.S. Coast Guard.
Researchers at OX Security have identified four malicious NPM packages containing Info-Steeler Maloney,
including what appears to be a direct non-obfuscated clone of the recently leaked
shy-halude malware source code the packages including typo-squatted names targeting
Axios users were uploaded by the same threat actor and collectively logged more
than 2,600 weekly downloads researchers said the malware variants steal information
such as cloud configurations cryptocurrency wallet data environment variables and
IP addresses. One package also reportedly turns infected systems into a distributed denial of
service botnet. Ox Security believes the cloned malware may have been inspired by a recently
leaked shy-halude code release tied to Team PCP. Researchers urged users to uninstall the packages,
rotate credentials, inspect developer tools for malicious configurations, and monitor for signs of
compromise. Companies that pay independent researchers to find software vulnerabilities are struggling
with a surge of low-quality AI-generated bug reports that security teams must manually review and verify.
Bug Bounty Platform Bug Crowd said reports quadrupled during a three-week period in March,
with most submissions proving false. Curl and Next Cloud both suspended their bug bounty programs
after what they described as an explosion of AI-generated slop reports.
Security experts say generative AI tools are lowering the barrier to entry for vulnerability research,
while also enabling automated scanning and submission systems that flood programs with inaccurate findings.
At the same time, platforms like Hacker 1 say AI is also helping experienced researchers discover legitimate flaws more efficiently.
The shift is forcing bug bounty programs to rethink validation, triage, and researcher vetting as AI reshapes vulnerability discovery economics.
Several large health care data breaches were recently added to the U.S. Department of Health and Human Services breach tracker, revealing impacts affecting hundreds of thousands of patients.
The largest confirmed incident involves New York City health and hospitals, where attackers reported,
access systems through a third-party vendor between November 2025 and February of this year,
exposing personal, medical, insurance, biometric, and financial information tied to 1.8 million individuals.
Additional breaches at Erie Family Health Centers, Florida Physicians Specialists, and other providers
collectively impacted hundreds of thousands more.
7-Eleven has confirmed a data breach after,
the Shiny Hunters hacking group claimed it stole more than 600,000 Salesforce records from the
convenience store chain. The company said it detected unauthorized access on April 8th in
systems used to store franchisee application documents. According to breach notifications filed
in Maine, unspecified personal information submitted during franchise applications was exposed.
Shiny hunters later claimed responsibility, threatening to leak the data unless a ransom was paid and offering the information for sale online.
The group has recently targeted multiple organizations through fishing, third-party integrations and misconfigurations tied to Salesforce environments.
Cybersecurity firm Sirea has disclosed four vulnerabilities in the OpenClaw AI Assistant that can be chained together to comment.
the underlying host system and establish persistent access.
The attack chain, dubbed claw chain, begins with code execution inside the open-shell sandbox
through prompt injection, malicious plug-ins, or compromised external input.
Researchers say attackers can then exploit multiple flaws, including race conditions and improper
access controls, to bypass sandbox protections, leak sensitive credentials,
privilege and ultimately right outside the sandbox boundary.
The final vulnerability carries a CVSS score of 9.6
and could allow attackers to plant back doors and maintain long-term control of affected systems.
Sayera says more than 60,000 publicly accessible open-claw instances may be exposed.
Open-claw maintainers released patches one day after disclosure.
In California, Santa Clara County has filed a lawsuit against META,
accusing the company of knowingly allowing scam advertisements to spread across Facebook and Instagram
in order to protect advertising revenue.
County officials allege META weakened its own fraud prevention efforts
and allowed fraudulent advertisers to bypass moderation systems,
despite repeated warnings about scam activity.
The lawsuit cites allegations that META maintained,
revenue guardrails, limiting enforcement actions if they threaten more than 0.15% of company revenue.
Officials referenced financial scams, cryptocurrency fraud, impersonation schemes, and fake medical
cures among the alleged deceptive ads. Meta denied the claims and said it removed more than
159 million scam ads last year, while expanding fraud prevention partnerships and tools.
The case highlights growing legal pressure on major platforms over their role in enabling online fraud and deceptive advertising.
Turning to our Monday business breakdown, several cybersecurity companies announced major funding rounds and acquisitions this week,
with investors continuing to back AI-driven security platforms and automation technologies.
Agentic Security Operations Center provider ExaForce raised 125,000,
million dollars in Series B funding to expand its AI-powered detection and response platform globally.
Frame Security emerged from stealth with $50 million for AI-focused security awareness training,
while Autonomous Cyber, White Circle, and Secludi also announced new funding tied to AI security,
model protection, and privacy technologies.
Meanwhile, industry consolidation continued with acquisitions,
involving boost security,
Sycurian, Watchguard,
and automotive cybersecurity firm
Simotive.
Multiple companies said the deals
will strengthen AI-assisted detection,
code analysis,
cloud security,
and operational defense capabilities.
The announcements reflect
continued investor confidence
in AI-centric cybersecurity platforms
as organizations race
to improve detection,
automation, and resilience
against increasingly complex threats.
Coming up after the break,
my conversation with Jason Madigan from Booz Allen
about the tension between resilience and data residency laws
and a fond farewell for a security pioneer.
Stay with us.
Jason Madigan is Director of Commercial Cloud Security at Booz Allen,
and in today's sponsored Industry Voices segment,
we discuss the tension between resilience and data residency laws.
When we're looking at cyber resilience, at the end of the day, we're really looking at your data.
In the cloud, we can always rebuild services natively.
We can always bring over images and containers.
But the data itself is the core of functionality and the ability to continue running.
And so when we look at cyber resilience, it's not just recoverability, disaster recovery.
it's also how you respond to and protect from cyber attacks,
ransomware, encryption, data exfiltration,
or now the new thing of just deleting things
and erasing all of your data and your backups.
And then understanding that you have to architect
to protect from those things.
And what makes it really interesting is now
the new laws that are occurring around data itself
is making things a lot more challenging.
Well, help me understand here.
I have understood that resilient systems usually depend on things like geographic distribution and redundancy.
You don't want to keep everything in one place.
Has that been the mindset in the past?
Generally, yes.
But as we moved towards the multi-zone for the redundant hyperscaler regions, we have seen a move away from a full geographic type of resilience.
And so what I mean by that is, yes, in the U.S., for example, folks will go live in the East Coast and then maybe have a backup setup in the West Coast, but they're still relying on the backplane of a hyperscaler and they're within the U.S.
Now, when we start speaking about international clients and we're talking about data residency and sovereignty, things get a little bit more sticky.
A good example would be in Bahrain.
They have laws that your data must stay within that country's borders.
And the type of data that you're talking about would have to fit within those laws.
But generally your application data would have to stay within that area.
And when you're looking at a single region for, say, AWS, and we're looking at the Connecticut attacks that occurred during the war, that definitely can affect you if, say, there's four zones.
within Bahrain and three of them went down from that attack,
did you have your infrastructure built in that fourth zone?
Or was your data striped and backed up to that fourth zone?
Or did you lose data?
Or what is the answer is the problem we're seeing
to being in a country with a singular deployment of a hyperscaler
without two separate areas within that country?
For example, we have U.S. East 1,
and we have U.S. West too.
But do they have that in those countries with the data residency laws or do they not?
And then what is your answer there?
What data can move?
How do you identify the data that you have to maybe find an on-premise private cloud to back up to just for recoverability's sake?
So when we're talking about these data residency laws, what are the governments setting out to do here?
What's their goal?
What are they trying to protect?
that's a good question.
In some cases, it's that their citizens data is what they're trying to protect.
They're trying to make sure that their citizens data itself is not leaving the country,
as well as thinking about how there's possibly an adversarial type relationship with the United States.
So if you're in a country where there's a possible adversarial relationship,
they have to be concerned that, one, the data is being exfiltrated to possibly someone in the U.S.
Or another nation state actor.
Or the other option or concern would be such as what happened during the conflict with Russia and Ukraine,
where the Azure platform had to say, hey, everybody out, or it's limited what you can do,
or the national data that existed within that platform was now at risk of possibly United States actors,
gaining access to it for some reason.
And so they had to come out of that cloud.
So these are the types of things that we are seeing as a question
from different industries that we're attempting to solve.
So at what point do these resilience requirements
start to conflict with the data residency requirements?
And that is the point of where we're at.
We are seeing that to begin to collide
where generally folks are now at a cloud-first mindset
and the hyperscalers don't always have the multi-region support in certain countries
or they possibly don't have a data sovereign region for a customer to leverage such as Singapore, right?
They partnered with a hyperscaler to build a sovereign region to overcome some of these questions
and concerns that may have existed for the Singapore government.
Other countries don't always have that ability to deploy a sovereign region.
And even then when you have a sovereign region and such as what happened in Bahrain, you still need to think through, is this data so critical that if a kinetic attack occurred, I can't recover from losing all of that data from a physical attack?
So what do I do? Do we start looking at some of these smaller private clouds? Do I just go get a closet in a COLO?
But then in that case, is that data center the exact physical location that the hyperscaler is existing in as well?
So things are getting very challenging to understand what an impact of a kinetic attack would be to your uptime and resiliency or even recoverability.
So are these strict localization requirements unintentionally creating potential single points of failure?
I don't know if it would be single points of failure.
as much as a catastrophic event.
And so in that case,
you're not going to concern yourself
with these possible outcomes for every platform and app,
but you will have to understand
which data types or which platform
will cause you the biggest issue,
regulatory-wise, or it could just be loss of reputation
to customers, because downtime
or what clients remember.
Customers remember downtime.
They don't remember always slowness.
They don't always remember functionality.
But many of them in this environment
will remember when your platform went down.
So understanding what that impact would be
at case-by-case basis
will really help you understand
where you need to spend time and focus
to address those concerns or architect around it.
So what sort of compromises to organizations need to make
to satisfy both sides of this?
the resilience goals and their residency obligations?
A lot of it is going to come down to time and effort and cost.
And right, cost is what can tell you how much time and effort you can spend.
So identifying where what can be called crown jewels or your most critical data exists
or where you start looking first.
And then you start understanding what the impact would be from certain events.
and then what you can handle for downtimes
or efforts to recover from those events.
In many cases, we won't really see issues for most clients.
It will be a unique event today for you to have these concerns.
But as we move forward,
we are seeing that this has to be understood
in a future state for these clouds
or hyperscalers that exist in other countries,
that you really should understand what data is out there,
what data you're trying to protect,
and what data needs to be recoverable
because I can recover services,
I can recover architectures,
I can rebuild servers and applications all day.
But if I don't have that data on the back end,
I might not be able to provide the end user,
the experience that they are expecting,
and then becomes loss of reputation.
And then on top of that,
When I look at all those different levels and the data and what can be recovered,
I need to be sure that if it is data that I need for my business itself,
analytics, planning purposes,
because agentic AI is driving the need for data so heavily that I need to also know is,
even though it may not provide the back-end support for an app,
I may need it to make my decisions for the next one, two, three, four years for a device,
a product or just my business.
So the data is extremely important when it comes to this
when we're looking at how to architect around it.
But I would also state that data is also the most important thing
to making money nowadays because it allows you to make correct decisions
about where your business is going to go.
And then knowing where that data exists
and how you're going to recover from it is very important.
What about the regulators themselves?
I mean, do they generally recognize?
recognize or even sympathize with the resilience risks and that maybe localization requirements can
introduce some of those risks? I think that's a great question, and I think it will be country by
country. And it just depends on what the continued relationship is with the U.S. We're seeing a
little bit of a change out in the world based on questions that our clients are asking internationally.
and I think that time will tell how regulators will pivot based on just the example I gave in Bahrain.
I have a client, they got impacted, what does that mean?
And what is their next step?
Thankfully, it wasn't critical and they kept their data.
But going forward, there should be a conversation with some of these countries for the larger enterprises of,
I need another place to store my data.
And it may not be in country.
It may be a partner country that they're very secure with.
But those questions will have to be answered as we move forward.
Where do you suppose we're headed from here?
Is this a temporary tension that's going to become kind of the new normal?
Or where do you suppose things are going?
That's a really good question.
We look at the Cloud Act and we haven't really seen the outcomes
fully occur across the board
or we look at some of the GDPR rule sets
about data that can leave Europe.
I think that we are going to see
different countries look at
those specific new regulatory
requirements coming in and make decisions on their own
of whether they want to keep their data
or allow it to go into different geographical regions.
But for the most part,
because I can't tell where we're headed.
We are seeing the movement of each individual country or governing body make a decision for the data within their country.
And then we're just going to have to pivot and address that in a secured manner to make sure that we are adherent to their rules.
There was a time where we were doing medical workloads in Europe.
but when we were operating within France itself,
we had to work out of a physical Kolo.
So we couldn't use a hyperscaler due to their rules.
I can see something like that happening,
and it does increase efforts to support it.
I would build things in code for the AWS Cloud.
We would use Cloudformation,
but the moment that we wanted to do the same thing in France,
I had to write everything in Puppet
and bring it directly to the servers there
and work through the environment.
So that is another possibility that we may see
is understanding how to still keep infrastructure
and patching and all that through code,
but in multiple different systems on the back end.
That's Jason Madigan,
Director of Commercial Cloud Security at Booz Allen.
And finally, Peter G. Newman,
one of the most respected voices in computer security research,
has died at the age of 93.
Colleagues remembered him not only for his technical brilliance, but for decades of thoughtful
warnings about insecure software, weak privacy protections, and the long-term risks of short-term
thinking in technology. Newman spent more than 50 years at SRI International and remained
active in security research until his death. He helped pioneer secure computing concepts
through projects like Multics, Emerald, and the DARPA-funded Sherry program, which developed
hardware-based protections against common software vulnerabilities. He also edited the influential
risks forum for decades, documenting computer failures and security flaws with insight and humor.
Friends and colleagues described Newman as generous, deeply curious, and quietly influential,
a researcher more focused on solving problems than seeking recognition.
And that's The CyberWire.
For links to all of today's stories,
check out our daily briefing at thecyberwire.com.
Don't forget to check out the Grumpy Old Geeks podcast
where I contribute to a regular segment on Jason and Brian's show every week.
You can find Grumpy Old Geeks where all the fine podcasts are listed.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights
that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes or send an email to Cyberwire at n2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester with original music and sound designed by Elliot Peltzman.
Our contributing host is Maria Vermazas.
Our executive producer is Jennifer Ibin.
Peter Kilpe is our publisher.
and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow.