CyberWire Daily - Trust lags behind technology.
Episode Date: April 21, 2026Anthropic’s Mythos proves irresistible despite claimed supply chain risks.Iran claims U.S. backdoors hit its networks. New Coast Guard rules target maritime OT security. A fresh NGate Android malwar...e variant emerges. Thousands of ActiveMQ servers face active exploitation risk. CISA adds eight flaws to its KEV list. Progress patches MOVEit and LoadMaster bugs. Attackers impersonate IT staff over Microsoft Teams. A ransomware negotiator admits working with BlackCat. Google Gemini asks, “May we see your photos please?” Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices Elad Koren, Vice President, Product Management, Cortex Cloud at Palo Alto Networks, discusses building AI natively into platforms, managing complexity and trust, and taking a measured, experimental approach during the industry’s “messy middle” phase. If you enjoyed this conversation, tune into the full interview here. Selected Reading The US NSA is using Anthropic's Claude Mythos despite supply chain risk (Security Affairs) Anthropic secretly installs spyware when you install Claude Desktop (That Privacy Guy) Iran claims US used backdoors in networking equipment (The Register) Maritime Cybersecurity Rules Make Waves (GovInfoSecurity) New NGate variant hides in a trojanized NFC payment app (We Live Security) Actively exploited Apache ActiveMQ flaw impacts 6,400 servers (Bleeping Computer) CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) (Help Net Security) Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster (SecurityWeek) Microsoft: Teams increasingly abused in helpdesk impersonation attacks (Bleeping Computer) Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims (United States Department of Justice) Google Starts Scanning All Your Photos As New Update Goes Live (Forbes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
No, it's not your imagination.
Risk and regulation really are ramping up,
and these days customers expect proof of security before they'll even do business.
That's where Vanta comes in.
Vanta automates your compliance process and brings compliance, risk, and customer trust together on one AI-powered platform.
So whether you're getting ready for a SOC2 or managing an end-toe,
enterprise governance risk and compliance program, Vanta helps keep you secure and keeps your deals
moving. Companies like Ramp and Writers spend 82% less time on audits with Vanta. That means less
time chasing paperwork and more time focused on growth. For me, it comes down to this. Over 10,000
companies from startups to large enterprises trust Vanta to help prove their security. Get started at vanta.com
slash cyber.
Anthropics
mythos
proves irresistible
despite claimed
supply chain risks.
Iran claims
U.S.
back doors hit its
networks.
New Coast Guard rules
target maritime
OT security.
A fresh NGate
Android malware
variant emerges.
Thousands of
active MQ servers
face active
exploitation risk.
Sisa adds
eight flaws
to the
known exploited
vulnerabilities list.
Progress,
patches,
Move It,
and Loadmaster
bugs.
attackers impersonate IT staff over Microsoft teams.
A ransomware negotiator admits working with Black Cat.
Our guest is Elad Koren,
Vice President of Product Managent for Cortex Cloud at Palo Alto Networks.
He's discussing building AI natively into platforms.
And Google Gemini asks, may we see your photos, please?
It's Tuesday, April 21st, 2026.
I'm Dave Bittner, and this is your Cyberwire,
Tell Briefing.
Thanks for joining us here today.
It's great as always to have you with us.
Axios reports that the U.S.
National Security Agency is using
Anthropics Mythos preview
model, even as the Department of
Defense labels Anthropic a
supply chain risk, highlighting
the growing tension between
AI capability and security
governance. Mythos is
especially strong at finding
software vulnerabilities, which makes
it valuable for cyber defense, but
potentially useful for offensive activity if misused. This dual-use nature reflects a broader
policy challenge. Agencies may depend on advanced AI tools despite concerns about vendor trust,
oversight, and strategic reliance. Anthropics-related Project Glasswing initiative aims to apply
mythos defensively with industry partners to secure critical infrastructure. The episode underscores
how operational urgency is pushing governments to adopt frontier AI
faster than procurement rules and risk frameworks can adapt.
Elsewhere, security researcher Alexander Hemp
reports that installing Anthropics Clodd desktop on Mac OS
automatically deployed an undocumented native messaging bridge
across multiple chromium-based browsers
without user notice or consent.
The manifest allows approved browser extensions to launch a local helper binary outside the browser sandbox with user-level privileges,
potentially enabling access to authenticated sessions, page content, and automation features if activated.
Hanf says the files were installed even for browsers not present on the system and were repeatedly reinstalled after deletion.
Anthropics documentation describes similar capabilities for its browser integration but does not document this specific bridge behavior.
The author argues the design expands a tax surface and weakens browser isolation,
raising concerns about transparency, consent, and supply chain trust in desktop AI integrations.
Iranian media claims U.S. intelligence used hidden back doors or botnets to,
disable networking equipment from vendors, including Cisco, Juniper, Fortinette, and Microtic
during recent wartime disruptions, even while Iran was largely disconnected from the global
Internet. The allegations suggest firmware-level sabotage triggered remotely, though the outages
are difficult to verify due to Iran's ongoing nationwide connectivity restrictions.
Some reports instead proposed compromise devices formed part of a pre-positioned botnet,
Chinese state media has amplified the claims, citing them as evidence of long-standing assertions
that the United States embeds surveillance capabilities in networking infrastructure.
Meanwhile, monitoring group net blocks reports Iran's internet blockade has lasted more than 50 days
with selective access granted to favored users, underscoring the limited visibility into events on the ground.
A new U.S. Coast Guard rule requiring cybersecurity controls for operational technology in ports and for large U.S. flagged vessels is expected to significantly expand the maritime cybersecurity market amid rising geopolitical risk.
Operators must appoint cybersecurity officers, conduct risk assessments, develop vessel and facility cybersecurity plans by July 27, and comply with incidents.
reporting and training requirements already in effect.
Industry experts say the rule will help security teams justify funding,
though guidance on implementation details remains limited.
The Coast Guard estimates compliance will cost about $134 million annually,
a large share of a maritime cybersecurity services market valued at $186 million
globally in 2024.
While larger firms may build internal capabilities,
abilities, smaller operators may rely on outsourcing. Enforcement capacity remains uncertain as the
Coast Guard prepares to integrate cyber checks into existing inspections. Researchers at ESET identified
a new NGATE Android malware variant that trogenizes the legitimate handy pay app to relay payment
card NFC data and steal pins for fraudulent ATM withdrawals and transactions. The campaign, active
since November of last year, targets users in Brazil through fake lottery and counterfeit Google Play
websites distributing the modified app. Researchers say the injected malicious code shows signs of
possible generative AI involvement, though this remains unconfirmed. Like earlier NGate attacks
using tools such as NFCGate, attackers modified handi-paid directly to reduce cost and suspicion.
The malware forwards card data to attacker devices and exfiltrates pins to a command and control server,
reflecting a broader rise in NFC-enabled financial fraud.
More than 6,400 Internet-exposed Apache Active MQ servers are vulnerable to active exploitation of a high-severity code injection flaw,
according to Shadow Server.
The issue, caused by improper input validation,
allows authenticated attackers to execute arbitrary code
and was reportedly identified with assistance from the clawed AI tool
after remaining undiscovered for 13 years.
Adobe patched the flaw in March, but many systems remain unpatched.
SISA has ordered federal agencies to remediate the risk by April 30th.
Speaking of SISA, they've added eight vulnerabilities to the known exploited vulnerabilities catalog,
including three affecting Cisco Catalyst SDWAN manager, which Cisco confirmed as exploited.
The update also includes flaws in paper cut, NGMF, JetBrains Team City, Kentico Experience, Quest Case
Appliances, and Sinakor-Zimbra Collaboration Suite, some link to ransomware and espionage
activity. Federal agencies must remediate all eight by April 20th.
Progress software released patches for multiple MoveIt web application firewall and loadmaster vulnerabilities
that could allow authenticated attackers to execute arbitrary commands through improperly sanitized API inputs and file uploads.
The flaws affect administrative functions in Progress ADC products.
Another issue enables specially crafted requests to bypass firewall protections.
Progress says there are no reports of active exploits.
but urges customers to update affected systems promptly.
Microsoft warns threat actors are abusing external Microsoft Teams chats to impersonate IT or help desk staff
and trick employees into granting remote access to enterprise systems.
In observed campaigns, attackers initiate support sessions using tools like Quick Assist,
then perform reconnaissance with command prompt and PowerShell, established
assistance through DLL side-loading and move laterally using Windows remote management.
They deploy additional remote tools and use utilities such as R-Clone to selectively
exfiltrate sensitive data to cloud storage. Because the activity relies heavily on legitimate
software and native administrative protocols, detection is difficult. Microsoft advises
organizations to treat external teams' messages as untrusted and restrict remote assistance
and WIN-R-M usage to reduce risk.
A Florida man and former ransomware negotiator, Angelo Martino,
pleaded guilty to conspiring with Black Cat ransomware operators
to target U.S. companies in 2023.
Prosecutors say Martino abused his role at a cyber incident response firm
to share victims' confidential negotiation strategies
and insurance limits with attackers,
helping increase ransom payments.
He also joined accomplices Ryan Goldberg and Kevin Martin
in deploying Black Cat ransomware against multiple victims,
including an attack that yielded about $1.2 million in Bitcoin.
Authorities have seized more than $10 million in assets linked to the scheme.
Martino faces up to 20 years in prison with sentencing scheduled for July.
Officials say the case highlights insider risk
within the ransomware response ecosystem.
Coming up after the break,
my conversation with Elad Koren from Palo Alto Networks.
We're discussing building AI natively into platforms.
And Google Gemini asks,
may we see your photos, please?
Quick question.
Have you watched Project Hail Mary yet?
Humanity is facing an existential threat
and racing to solve it with the clock ticking.
For security teams,
that probably hits close to home
with AI use rapidly spreading.
Everyone's using AI, marketing, sales, engineering.
Chris the intern without security even knowing about it.
That's where Nudge Security comes in.
Nudge finds Shadow AI apps,
integrations, and agents on day one
and helps you enforce policy without blocking productivity.
Try it free at Nudgesecurity.com
slash cyberwire.
Maybe that's an urgent,
message from your CEO, or maybe it's a deep fake trying to target your business.
Dopple is the AI-native social engineering defense platform fighting back against impersonation
and manipulation. As attackers use AI to make their tactics more sophisticated,
Dopple uses it to fight back, from automatically dismantling cross-channel attacks to building
team resilience and more. Doppel, outpacing what's next in social engineering. Learn more
at Dopple.com.
That's do P-P-P-E-L.com.
Elad Koren is vice president
for product management
with Cortex Cloud at Palo Alto Networks.
I caught up with him
at the 26 R-SAC Conference
for this sponsored industry voices segment
discussing building AI natively
into platforms.
I just heard a story earlier today
of someone that had
a very reliable system built
on an agent that can train for them,
but it actually invented some tickers that never existed, right?
Well, so how can you prevent something like that?
You create the right barrails and the right agents that will analyze this,
and you need a system, and this is a real building.
Well, here we are at RASAC 2026,
and it's my pleasure to welcome to the program,
Elad Koren, who is vice president for product management,
And Cortex Cloud at Palo Alto Networks, a lot.
Thanks so much for joining us.
Thank you for having.
Before we dig in here, how's the week going for you with the show?
I'd ask, are you keeping busy?
But that's sort of a rhetorical question.
Yeah, so many people here, so many meetings, interesting meetings with a lot of interesting people.
I think all in all, this is the biggest week for the cyber industry.
And definitely something we've.
fuel as well.
Yeah.
I want to dig in with you on AI, which of course is the hot topic here this year.
You may have notice.
But particularly agentic AI, which is the hottest of the hot parts of the hot topic this year.
First of all, just from a really high level, how are you and your colleagues approaching this transition to the dominance of a
in the conversation.
Yeah, I think one is
evident. It's everywhere.
It's in a conversation with
customers, organizations,
a lot of other vendors
that are
throwing this into the
mix. I think
what we're seeing now is
a race. A race to who can
add AI to
their solution, the fastest way.
We are
the way we are thinking about it
And I think, you know, there are many approaches.
Naturally, we think ours is the right one to address this.
We all agree at the baseline for everyone that you cannot really fight machines with only humans.
You need machines to come to the assistance of humans when fighting with machines,
which are the adversaries, the sprawl of AI, the hand of those that are trying to infiltrate,
breach information, et cetera.
I think what we're seeing
is that
the best approach, and this is
what resonates with many of
the organizations we are having
conversations with, is that
when we built
specifically in the vortex platform, when
we built the platform itself,
we thought of
AI as an inherent part
of the platform. It's not something
bold to go. Okay.
And what it helps with is
the access to the data,
the lake, everything exists there.
You don't need to reach out to other systems.
Everything is right there and available.
But also, it
helps a lot with
multiple agents that are trying to do
different things, right? Because
we're, as humans, we are
thinking about the, you know,
we are optimistic features, right?
We have to.
So, everyone are saying, great,
when we have a Jetty AI, all of our problems
will be solved. Oh, guess what? We were
adding complexity. We're not just removing the complexity. So our agents from different vendors
or different tasks or jobs to be done are going to interact with each other. Are they really going
to imagine a kitchen with so many cooks? What happens? Somebody gets burnt. So we are, the way we're
thinking about it is, you know, AI needs to be an integral part of the solution so that all
the agents can be an integral part of the solution so they're orchestrated well and working well
with each other.
This is our philosophy going at it, and we see that it resonates.
How is that playing out?
I mean, it strikes me as something that could be easier said than done to place appropriate guardrails on there.
I can imagine all the agents vying to be the one, the alpha.
Well, yes or no.
When you design the agents in a way that, one, bleats back and relies on the purpose.
people or the employees, the humans that created them.
And they have the right guardrails in place to make sure that they cannot do things
that are more than what the human created them can do.
So this is basic.
But also, they have a task.
They have a potential journey that they need to take.
And if you have two agents, one needs to take care of one thing and the other needs
to take of something else.
they operate as two humans.
And if the system is designed to look at potential collusions
or potential cases where they may contradict,
you think about what should happen
when such two, three, four, maybe ten regions do on the system
and how they interact with data, and you plan for this.
If you plan for this and you design the system in such a way,
then it definitely solves the problem in advance.
Does it remove all problems?
Probably not, right?
But I think this is, this is more.
I like to call this time when we are in the messy middle.
We are in the messy middle.
We are discovering that as we go along.
If somebody says that they know how it's going to look in three, four, five years,
well, either they have a crystal ball or their life.
So I think we're discovering this.
Yes, we are solving for those.
We are as an industry solving for those specific cases.
But I think generally speaking, there's a good understanding.
of how the fundamentals
work.
So it sounds to me like
you're optimistic about
the direction that we're headed and we're
going to be able to strike that
necessary balance?
Yes, yes. I think,
and it has a few aspects
to it.
One,
we still have a way to go
as it pertains to trust, right?
Let just like
people would go into a waymo,
10 years ago?
Something changed.
They trusted.
It's the same with having autonomous systems.
You cannot just jump at the autonomous system.
You have to gain this trust.
You have to start with a smaller, simpler things.
You then have to grow up and be more at more complex stuff.
Well, one or two or three agents collaborate
and bring to a resolution or mediation of something,
It can be cloud.
It can be sock.
Whatever, right?
And only then you have that trust in the system.
So this is one aspect.
But the other thing is the capabilities.
Many of the capabilities today are not quite there.
We see hallucinations.
We see, you know, I just heard a story earlier today of someone that had a very reliable
system built on an agent that can trade for them, but it actually invented some tickers that
never existed, right?
Well, so how do you prevent some?
something like that, you create the right guardrails and the right agents that will analyze this.
And you need a system.
And this is what we're building.
So it's trust, it's the right infrastructure, it's the right capabilities, it's the right guardrails.
And when you start doing all of those, you cannot design them from the get-go.
Perfect.
It's never the case.
We have to discover the problems, solve the problems, discover more problems, solve those problems and move on.
This is how we build complex systems, right?
Yeah, what's your advice to that person who says, I am nervous about this?
I seize the potential problems.
But at the same time, I'm afraid that if I don't jump on board, my competitors are going to outpace me.
It's just a fact and certain.
However, I think the responsible thing to do is to decide on the right risk appetite.
I can definitely see a future where someone, a vendor, that is staying still not really hasting to put in AI their solutions in waiting for like six more months.
Maybe that will prove to be the right strategy.
Let's take a different lens to look at that, that specific question.
If you try to do vibe coding a year ago with just Jet Jik-T or any other vendor out there, would it be successful?
Probably not.
Probably you'll get a lot of not that great code and probably very messy.
But then you waited and now you have so many vibe code.
solutions. I don't know
if one of our
viewers or listeners
have tried to use one of the
platforms to create an app
with vibe coding, about a year
ago, it's very different that it is today.
So if someone waits, so vendor
waits, you know, they're concerned,
great. Do your diligence. Learn.
Experiment, explore.
I always tell all of my
teams, if you
want to be at the
the edge of technology, you have to experiment.
We're not pushing that into production.
But try it. If you don't
try, you don't understand the new boundaries.
Boundaries have changed.
So this is my
advice. Try everything
that you can, experiment.
Do not add it to your product just yet
until you know what purpose
it serves. Because if you're just
adding AI for the sake of adding AI,
it means nothing. The customers will call
it out. But if you're adding something
that has true benefit,
either cutting some of the costs,
bringing solutions and bringing benefit better to the customers,
then you should know what it does, right?
And you should do the right, both education as well as learning in the process
so that you can plan it properly.
And I think that is the best thing that organizations,
not to jump into this just like for the sake of a half.
Yeah.
Well, Al-a-a-a-law, thank you so much for joining us.
Elad Koran is vice president for product management,
for Cortex Cloud at Palo Alto Networks.
Thanks so much.
Thank you.
That's Elad Corrin from Cortex Cloud at Palo Alto Networks.
Local news is in decline across Canada, and this is bad news for all of us.
With less local news, noise, rumors, and misinformation fill the void, and it gets harder to separate truth from fiction.
That's why CBC News is putting more journalists in more places across.
Canada, reporting on the ground from where you live, telling the stories that matter to all of us,
because local news is big news.
Choose news, not noise.
CBC News.
This episode is brought to you by Tell Us Online Security.
Oh, tax season is the worst.
You mean hack season?
Sorry, what?
Yeah, cybercriminals love tax forms.
But I've got Tellus Online Security.
It helps protect against identity theft and financial fraud, so I can start.
stress less during tax season, or any season.
Plans start at just $12 a month.
Learn more at talus.com slash online security.
No one can prevent all cybercrime or identity theft.
Conditions apply.
Hey, ladies and gentlemen, guess what?
You came on a great night.
Tonight is, may we see your photos, please?
There you go.
And finally, Google's latest Google Photos update invites users to let Gemini
browse their memories in the name of convenience
and possibly creativity.
By opting in to its new personal intelligence feature,
users allow the AI to scan photos of friends, family, and life events,
so it can generate more personalized images without needing detailed prompts.
In theory, this saves time.
In practice, it means your camera roll,
that quiet archive of vacations, receipts, pets, and accidental screenshots,
becomes part of Gemini's working knowledge.
Google says the system does not directly train models on private photo libraries,
though limited prompt and response data may still be used to improve performance.
The feature is optional, adjustable, and launching first in the United States.
Still, it quietly reframes the trade-off.
Fewer instructions for the AI, more access to your life.
As always, with convenience upgrades, the fine print arrives slightly after the excitement.
All right, thank you very much for playing.
May we see your photos, please.
And that's the Cyberwire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review.
in your favorite podcast app.
Please also fill out the survey in the show notes
or send an email to Cyberwire
at N2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester
with original music and sound design
by Elliot Peltzman.
Our contributing host is Maria Vermazes.
Our executive producer is Jennifer Ivan.
Peter Kilty is our publisher,
and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow.