CyberWire Daily - Welcome home, hacker.
Episode Date: July 7, 2026CERT/CC warns of an unpatched Tenda router backdoor. Adobe races to patch an actively exploited ColdFusion flaw. Canada pulls back the curtain on offensive cyber operations. Anthropic quietly removes ...hidden tracking from Claude Code. Chinese AI gains momentum as U.S. providers sweeten the deal. U.S. cloud firms challenge South Korea’s new security rules. Microsoft’s device telemetry helps unmask an alleged Scattered Spider hacker. And Spanish police arrest an alleged pro-Russia hacktivist.Orla Daly, CIO at Skillsoft, discusses if AI is already bypassing its own guardrails and why most organizations aren't ready. The stochastic parrot is back, and it’s tired of being misquoted. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Orla Daly, CIO at Skillsoft, discusses if AI is already bypassing its own guardrails and why most organizations aren't ready. Selected Reading Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available (Security Affairs) Hackers Exploit Maximum Severity Adobe ColdFusion Flaw (Infosecurity Magazine) Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year (TechCrunch) Secret Claude tracker shocks users after Anthropic’s anti-surveillance stance (Ars Technica) Chinese AI models are gaining ground with U.S. companies as OpenAI, Anthropic costs surge (CNBC) AI Giants Are Handing Out Tons of Free Computing Power to Grab Startup Share (Wall Street Journal) U.S. Big Tech raises concerns over Seoul's proposed cloud security rules (Korea JoongAng Daily) Microsoft device telemetry key to unmasking alleged Scattered Spider hacker (iTnews) Spain collars alleged pro-Russia hacktivist after FBI tip-off (The Register) What Emily Bender Really Meant by "Stochastic Parrots" (IEEE Spectrum) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
If you are heading to Blackhead USA this year, make plans to visit the SpectorOps Kennel Club.
As the creators of Bloodhound, the SpectorOps team will host talks, workshops, and hands-on sessions aimed at helping you understand AI accelerated attack paths, the latest identity tradecraft, and how to build your own OpenGraph collector.
Visit specterops.io to pre-register and learn more.
While you're at the SpectorOps Kennel Club, visit the N2K Cyberwire podcast studio,
where we'll be capturing expert perspectives and conversations from across Black Hat.
We'll see you there.
What's the one thing in business that's spreading as fast as AI?
AI risk.
Every new tool your team signs up for, every vendor that turns on AI features, every new integration,
Each one is an opportunity for something to go wrong.
And most security programs weren't built for AI's pace of growth.
Enter Vanta.
Vanta is the number one agentic trust platform,
used by over 16,000 fast-moving companies like Ramp, Cursor, and Harvey
to ensure they're always audit-ready.
And now Vanta is helping companies like yours watch for the risks that show up between audits,
across your vendors, your AI tools, and your whole environment.
How? The Vanta agent works like a 24-7 GRC engineer in the background, finding issues, drafting fixes, and cutting vendor assessment time by up to 50%. Whether you're a fast-growing startup or a global enterprise, Vanta is here to help you automate your security and compliance and earn and prove trust. Get started today at Vanta.com slash cyber. That's V-A-N-T-A-com slash cyber.
CERT CC warns of an unpatched Tenda router back door.
Adobe highlights an actively exploited cold fusion flaw.
Canada pulls back the curtain on offensive cyber operations.
Anthropic quietly removes hidden tracking from Claude Code.
Chinese AI gains momentum as U.S. providers sweeten the deal.
U.S. cloud firms challenge South Korea's new security rules.
Microsoft's device telemetry helps unmask an alleged scatterers.
spider hacker, Spanish police arrest an alleged pro-Russia hacktivist.
Our guest is Orla Daly, CIO at Skillsoft, discussing if AI is already bypassing its own guardrails.
And the stochastic parrot is back, and it's tired of being misquoted.
It's Tuesday, July 7, 26.
I'm Dave Bittner, and this is your Cyberwire Intel briefing.
Thanks for joining us here today.
It's great as always to have you with us.
CERTC is warning of an unpatched authentication backdoor affecting multiple Tenda router firmware versions.
The flaw allows anyone with a hidden password to bypass normal authentication and gain full administrative access through the router's web interface,
regardless of the configured username or password.
According to the advisory, the firmware checks an undocumented password stored in the device configuration after normal authentication.
fails, and any username will be accepted if the backdoor password matches.
Successful exploitation enables complete device takeover, including changing network settings,
disabling security features, and compromising connected systems.
Tenda has not responded or released a patch.
CERTC recommends disabling remote management and changing the default LAN IP address
to reduce exposure until a firmware update becomes available.
Adobe is urging cold fusion customers to apply the latest security updates immediately
after researchers reported active exploitation of a maximum severity path traversal flaw
that can lead to remote code execution.
The vulnerability is one of six critical bugs addressed in Adobe's June 30th bulletin
With hundreds of internet-exposed cold fusion instances still online,
organizations are advised to patch without delay.
Adobe recently announced it will move to a twice-monthly security advisory schedule,
citing AI-driven vulnerability discovery and the need to accelerate patch releases.
Canada's Communications Security Establishment, the CSE,
revealed it conducted three state-authorized offensive cyber.
operations last year, targeting threats to national security. The agency said it disrupted
overseas brokers supplying chemicals used to produce fentanyl, undermined and extremist groups online
recruitment and propaganda efforts, and dismantled a ransomware-as-a-service operation by rendering
its infrastructure inoperable and deleting much of its data. CSE also carried out technical
disruptions against 10 major ransomware groups targeting Canada and conducted one defensive cyber
operation that disrupted a fishing campaign aimed at Canadian government institutions and other critical
systems. While the agency withheld operational details and locations to protect its methods,
the report offers a rare public look at how Canadian intelligence uses offensive cyber capabilities
to counter cybercrime, extremism, and other foreign threats.
Anthropic removed hidden tracking code from its clawed code developer tool
after a security researcher discovered it was quietly identifying users potentially connected to China
by monitoring signals such as time zones and proxy use.
Anthropic engineer Tarek Shiapar said the code was introduced as a March experiment
to combat account abuse and AI model distillation
and was removed because stronger protections are now in place.
Privacy advocates criticize the undisclosed tracking as a breach of user trust,
arguing it should have been transparent.
The incident comes amid growing tensions over Chinese AI companies
allegedly distilling U.S. models.
Following reports of the tracker,
Alibaba banned employees from using Claude Citing Security Security,
concerns. Anthropic maintains that large-scale distillation poses a significant threat to AI security
and competitiveness. Chinese AI models are rapidly gaining adoption among U.S. companies as they
deliver competitive performance as significantly lower cost than leading American systems.
Platforms such as OpenRouter report Chinese models now account for more than 30 percent of
weekly token usage by U.S. developers, driven by offerings from companies including DeepSeek and
ZAI. Some businesses have migrated workloads from premium U.S. models, citing dramatic cost
savings while maintaining acceptable performance for many applications. Industry observers say Chinese
open source and open-weight models are closing the capability gap with top U.S. systems,
while costing 60 to 90% less for certain workloads.
The trend highlights growing pressure on U.S. AI companies
as organizations increasingly prioritize affordability and flexibility
alongside cutting-edge performance when selecting AI models.
OpenAI, Anthropic, and major cloud providers
are aggressively offering startups millions of dollars
in AI compute and token credits to attract long-term customers.
According to the Wall Street Journal, some startups have received competing offers exceeding $3 million,
while companies like Google Cloud, Microsoft, and Amazon Web Services are also providing generous incentives.
The competition comes as AI vendors face pressure to grow revenue ahead of potential IPOs and fend off lower-cost rivals.
The incentives are designed to lock startups into their platforms before they establish last
infrastructure and development workflows.
Major U.S. cloud providers are urging Washington to challenge South Korea's proposed
overhaul of its public sector cloud security certification program, arguing the changes could
unfairly disadvantage foreign providers and violate the Korea-U.S. free trade agreement.
The companies are particularly concerned that revised rules could require physical network
separation, forcing providers such as Amazon Web Services, Microsoft Azure, and Google Cloud
to build dedicated infrastructure in South Korea at significant cost.
South Korea says the overhaul is intended to strengthen national security and streamline
approvals under the National Intelligence Service not discriminate against foreign firms.
The dispute adds to broader U.S.-S.-South Korea tensions over digital regulation,
with U.S. officials and lawmakers closely monitoring the proposed rules
and their potential impact on trade and broader bilateral security cooperation.
Court documents allege that 19-year-old Peter Stokes
and American Estonian accused of involvement with the Scattered Spider Cybercrime Group
was linked to an alleged $8 million ransomware demand
through Microsoft's Global Device Identifier, or G-Did.
According to an FBI affidavit, Microsoft provided device telemetry that allowed investigators to correlate a unique Windows device identifier with NGROC access records, despite Stokes's use of a VPN.
The G-Did was then matched with IP addresses linked to his Snapchat, Apple, and Facebook accounts across multiple countries, strengthening the attribution.
Stokes faces six charges, including four related to the alleged ransomware scheme and two conspiracy counts tied to scattered spider.
His prosecution is part of the FBI's broader Operation Riptide, targeting the prolific cybercriminal group.
Spanish police have arrested a man accused of supporting several pro-Russia hacktivist groups linked to cyber attacks against critical national infrastructure.
Authorities allege the suspect, arrested in March, following an FBI tip,
maintained close ties to cyber army of Russia reborn, Z-Pentest, and No-Name-5-716,
helping coordinate activities and provide logistical support.
Investigators also claim he assisted a car member's escape to Russia in 2025
and seized computer equipment and cryptocurrency assets believed to be connected.
to cybercrime. The arrest is part of the FBI's Operation Red Circus, which targets Russia-aligned
hacktivist networks. Western intelligence agencies have warned that while these groups often rely on
distributed denial of service attacks, they have also been linked to more serious intrusions
targeting critical infrastructure, including water and energy systems.
Coming up after the break, my conversation with Orla Daly from Skillsoft, we're to
discussing if AI is already bypassing its own guardrails.
And the stochastic parrot is back, and it's tired of being misquoted.
Stay with us.
AI is making fishing attacks faster, more convincing, and harder for people to spot,
and traditional security awareness and fishing training weren't designed for this level of attack.
Hawkshunt helped security teams prepare employees for the attacks they face every day,
with personalized fishing training that a day.
to each employee and reduces risky behavior over time.
For IT and security leaders looking to strengthen their human layer of defense without adding more manual work, visit hoxhunt.com slash cyberwire to learn more.
That's H-O-X-H-U-N-T.com slash Cyberwire.
This episode is supported by Black Hat USA.
If you follow the research, you know a lot of it breaks on Black Hat stages.
hundreds of peer-reviewed briefings, more than 100 hands-on trainings,
and the largest business hall in Black Hat's history.
Six days to learn the skills you'll need tomorrow, August 1st to the 6th.
Use code Cyberwire for $200 off your briefings pass at blackhat.com.
We'll see you in Vegas.
Orla Daily is CIO at SkillSoft.
We recently got together to discuss if AI is already bypassing its own guardrails,
and why many organizations aren't ready.
So I think when we look at the media,
we can see that there's obviously a number of examples
of where AI is breaking beyond the guardrails
and seeing that with different examples.
And I think what it's really just highlighting is a few things.
One, around governance, there's been a lot of focus on AI governance,
but I think what this is proving is that governance cannot just stop at policy.
And it's just critical that those governing elements are built into our processes to as much as to an extent as possible.
As we think about governance, I would say, you know, there's definitely that tension with AI.
It's new. We're looking to be innovative.
We want to move fast.
And therefore, how do you put guardrails in place that allow you to move fast responsibly, but not slow you down?
So I think that's one element.
Secondly, I would say observability is clearly becoming key because in a number of these cases where AI has broken the guardrails, you know, it's difficult or it takes a while to spot that and therefore you can only ultimately manage what we know.
And I think there's always going to be a risk, especially at the pace that this is developing, that something goes sideways.
and therefore how do you make sure that you can see that as quickly as possible to be able to then respond and react?
And obviously as we think about this from a skill soft perspective, it really is then about how do you make sure that your employees are educated?
They understand the potential risks and are really on top of that in terms of just applying judgment
in terms of how we continue to leverage AI responsibly.
How much is this a new paradigm?
For both the security professionals and, as you say, the users themselves,
I think many people, when they think about computers and how computers work,
that it's generally binary, right?
But these AI systems, is it fair to say they're a lot fuzzier?
I think that's a really good way of putting it.
And I think it is different, right, for those in tech that are used to and maybe comfortable with binary.
And, you know, having a sense of control where you provided certain inputs, you understand how those inputs were going to be processed.
And then ultimately what type of output you were going to get.
This is a very different game and a very different time.
And that does require us to think about how we're leveraging AI differently because we don't necessarily know what,
the output's going to look like, which then just requires a different level of skills in terms of
judgment, you know, how do we get at that transparency? And just, I guess it's requiring just a
level of being alert and more alert than we've had to be in the past. It reminds me of
when my wife and I had to childproof our home against a toddler, you know. That is true.
And they still manage to get into those corners that you hadn't predicted. That's right. That's right.
Well, seriously, though, I mean, what are your recommendations?
What should organizations be doing to effectively come at this?
So I think it starts with, you know, controlling what you can control
and determining how to put the right guardrails in place.
You do have to start with the basics.
And while they may not be sufficient, they're still very important
and having those foundations in place.
So what is your governance policy?
making sure that that's well understood across the organization.
As I said, just embedding that into your operational processes as much as possible,
again, striking the right balance by putting controls in place so people can't get themselves into trouble,
but also allowing some leeway for experimentation.
And I think this is where, you know, the answer for every group is not the same.
And there needs to be some level of flexibility, just depending on how those groups are,
trying to leverage AI, but also their level of maturity around understanding what AI can or can't do.
Then I think there is something around just that level of observability and understanding what AI you have in your landscape.
And therefore, where are the potential exposures and the potential risk?
Again, certain parts of the business, you can take more risk than others.
And I think this is where, you know, we're seeing that shift with leadership, just having to be much more in tune.
with the company's overall appetite for risk,
and then how do you manage and put in place the right controls aligned to that?
Yeah, I think that's a really interesting point.
Do you suppose that this is an opportunity for companies
to take a fresh look at their risk appetite?
Because while there's certainly lots of benefits here,
I mean, even the folks who aren't directly dealing with the AI,
they may have to deal with some of the new types of risk
that it could introduce to the organization.
No, I think that's a really good point.
And I think, you know, we've all had risk matrix and enterprise risk management frameworks for the longest time.
But I think there was, maybe we had got a little bit passive around those because, to be honest, there wasn't always a huge pressure on the risk elements.
And then now that's shifted.
And therefore, we certainly had skills off.
We looked at our enterprise risk management framework and adapted that in the context.
context of AI and I think that is important for companies to do. And then equally, I think the
education piece is key. And we've seen that even with traditional security activities where,
you know, we'd send out the spam emails and eventually people start to see the passion and
less and less people clicked over time. And that repetitive education was key. I think with AI,
it's no different and taking a similar approach to making sure that there is a level of just
repetitiveness in the message that's going out there, but then also just keeping it updated
based on just the pace at which AI is evolving.
Do you have any specific examples of how you and your colleagues at SkillSoft have come at
this challenge to balance the need for innovation with the need to protect the organization as well?
So I think, you know, what's been helpful for us beyond just, you know, the standard activities
that a lot of companies are doing is we have now an AI Connect,
which we started within the digital and IT organization,
but then have made a company-wide forum every approximately three weeks.
And that is an invitation that goes out to the full company.
Anybody is welcome to join.
And we usually use the session giving an update on some key AI topics,
and that could be how to use some of the tools that we have,
or it could be an update when we refreshed our governance policy
in terms of what that means.
But it's equally providing a forum for people to bring their questions
and to share what they are doing with AI,
which allows us to get a better pulse of what's happening across the organisation,
but then also brings questions to the forefront that we may not have thought of.
You know, a certain use case that someone's looking at that may expose a risk
that they hadn't thought about.
So that's been super helpful just in keeping an open dialogue across the organization for us to understand how people are leaning in and adopting AI,
but then also it provides them at a forum to bring their question when they're not sure of how to move forward.
Have there been any common elements that you've been able to track when you see organizations who are being successful here?
Are there common things that they're doing?
A couple of themes that have emerged as I've talked to my peers.
In addition to just having the basics covered again around the governance and the policies,
it's having a discrete focus and having a group of individuals that are maybe tasked with advancing AI
or at least are seen as the group that maybe are further along in terms of understanding
how the company wants to apply AI and what the guardrails are that you want to operate within.
So having that level of accountability and making an investment in upskilling a core group of
individuals who can then help translate what's happening to the rest of the organization,
I think, is working well, it seems, for a number of companies, mainly because things are happening
so fast. It is impossible for everyone in addition to their day job, I think, to keep up
and therefore having a smaller group of individuals who have a little bit more capacity to do that is helpful.
Or perhaps it's just, you know, in the nature of their role, they're able to leverage AI more actively.
And therefore are also really getting behind what it's capable of doing and what some of the pitfalls are and then being able to share that more broadly.
That's Orla Daily, CIO at Skillsoft.
As organizations grow, so does complexity.
New applications are deployed, vendors are granted temporary access,
and remote support tools are installed.
Many of them never go away.
In my recent conversation at RSAC 2026 with Rob Allen,
chief product officer at Threat Locker,
he explains how these forgotten tools create hidden pathways into enterprise environments
and why attackers increasingly exploit what's already inside the network
instead of trying to break through the perimeter.
Learn how to reduce lingering access, shrink your attack surface,
and implement zero trust more effectively
by listening to the full conversation at explore.thecyberwire.com
slash threat locker.
And finally, five years after the influential stochastic parrots paper
landed in the middle of an AI firestorm,
its lead author, Computational Linguist Emily Bender,
says many people still misunderstand its central point.
The paper argued that large language models generate fluent text
by predicting statistically likely word sequences,
not by understanding language or meaning.
In other words, they're remarkably good at sounding
like they know what they're talking about,
which, as history reminds us, is not a uniquely machine problem.
Bender says the stochastic parrot metaphor
was never intended as an insult, only as a concise explanation of how these systems produce
synthetic text. She also argues that the catch-all term artificial intelligence
lumps together fundamentally different technologies, making public debate and regulation harder.
Looking back, Bender says she would expand the paper to address another major issue,
the exploitative labor practices and widespread use of creators' work that underpinned
many modern AI systems.
It's a good reminder that humans remain remarkably willing to mistake confidence for comprehension,
whether it comes from a chatbot or across the conference table.
What?
Polly wants a token.
And that's the Cyberwire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the end.
insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey and the show notes or send an email to Cyberwire at
N2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester with original music and sound designed by Elliot Peltzman.
Our contributing host is Maria Vermazas.
Our executive producer is Jennifer Ibin.
Peter Kilpe is our publisher, and I'm Dave Bittner.
Thanks for listening. We'll see you back here tomorrow.
What happens when AI agents gain access to the same systems, applications, and credentials as your employees?
According to Arvind Nithrakeshyap, CTO and co-founder of Rubrik, that reality is already here.
As AI agents proliferate across enterprise environments, organizations face a growing challenge.
How do you govern systems that?
operate at machine speed.
To learn more about AI sprawl, the risk it creates,
and how organizations can prepare,
visit explore.thecyberwire.com slash rubric
to hear the full conversation.
