CyberWire Daily

Every layer needs a patch now.

Patch Tuesday. Global agencies update SBOM guidance. Iran-linked espionage group Seedworm breached a major South Korean electronics manufacturer. A telehealth platform breach affects 716,000. Foxconn confirms a cyberattack. Maria Varmazis has an update on orbital data centers. A lawmaker questions surveillance pricing. Brandon Karpf, friend of the show, is talking with Dave about "Japan’s space systems face growing cybersecurity threats." Robotic lawnmowers on the cutting edge. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. CyberWire Guest Today Brandon Karpf, [https://www.linkedin.com/in/brandon-karpf/] friend of the show, is talking with Dave about "Japan’s space systems face growing cybersecurity threats. [https://instituteofgeoeconomics.org/en/research/2026050101/]" Selected Reading Microsoft Fixes 17 Critical Flaws in May Patch Tuesday [https://www.infosecurity-magazine.com/news/microsoft-17-critical-flaws-may/] (Infosecurity Magazine) Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises [https://www.securityweek.com/microsoft-patches-critical-zero-click-outlook-vulnerability-threatening-enterprises/] (SecurityWeek) Adobe Patches 52 Vulnerabilities in 10 Products [https://www.securityweek.com/adobe-patches-52-vulnerabilities-in-10-products/] (SecurityWeek) Fortinet, Ivanti Patch Critical Vulnerabilities [https://www.securityweek.com/fortinet-ivanti-patch-critical-vulnerabilities/] (SecurityWeek) Chipmaker Patch Tuesday: Intel and AMD   70 Vulnerabilities [https://www.securityweek.com/chipmaker-patch-tuesday-intel-and-amd-patch-70-vulnerabilities/] (SecurityWeek) ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA [https://www.securityweek.com/ics-patch-tuesday-new-security-advisories-from-siemens-schneider-cisa/] (SecurityWeek) Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks [https://www.infosecurity-magazine.com/news/new-sboms-for-ai-guidance-2026/] (Infosecurity Magazine) Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign [https://www.security.com/threat-intelligence/iran-seedworm-electronics] (SECURITY.COM) 716,000 Impacted by OpenLoop Health Data Breach [https://www.securityweek.com/716000-impacted-by-openloop-health-data-breach/] (SecurityWeek) Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files [https://www.theregister.com/cyber-crime/2026/05/12/foxconn-confirms-cyberattack-after-nitrogen-claims-apple-nvidia-data-theft/5239144] (The Register) Congressman launches inquiry into how food retailers use surveillance pricing [https://therecord.media/congressman-launches-inquiry-into-food-retail-surveillance] (The Record) Orbital Inference Data Center Bets On Space GPUs [https://spectrum.ieee.org/orbital-inference-data-center] (IEEE Spectrum) Cowboy Space raises $275 million to launch AI data centers on brand-new rocket [https://www.space.com/technology/cowboy-space-raises-usd275-million-to-launch-ai-data-centers-on-brand-new-rocket] (Space.com) Yarbo responds to robot flaws that could mow down their owners [https://www.malwarebytes.com/blog/news/2026/05/yarbo-responds-to-robot-flaws-that-could-mow-down-their-owners] (Malwarebytes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey [https://www.surveymonkey.com/r/NCFFCZJ]. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com [http://sponsor.thecyberwire.com/]. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

China’s hackers aren’t invincible.

Former NSA chief says the U.S. can beat China in cyberspace. Canvas cuts a deal with hackers. The FCC proposes KYC rules for phone users. SAP patches critical flaws. A poisoned TanStack npm supply chain attack spreads malware. Humanitarian aid lures deliver spyware. Japan launches an AI-driven cyber review. Texas sues Netflix over data practices. And Harvard experts debate the future of agentic AI security. On our Threat Vector segment David Moulton welcomes, Assaf Keren, CSO at Qualtrics and author of Lessons from the Frontlines. Our guest is Tim Starks from CyberScoop discussing changes to the CyberCorps Scholarship program. The Gentleman’s guide to awful OPSEC.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. Threat Vector AI is the most powerful tool defenders have ever had. It's also the most dangerous weapon attackers have ever had. Assaf Keren [https://www.linkedin.com/in/assafkeren/], CSO at Qualtrics [https://www.qualtrics.com/] and author of Lessons from the Frontlines, has seen AI reshape both sides of the threat equation. In this conversation, he gets specific about what happens when powerful tools fall into the wrong hands, and what leaders need to do before they get caught off-guard. You can listen to the full conversation here [https://thecyberwire.com/podcasts/threat-vector/116/notes], and catch new episodes of Threat Vector [https://thecyberwire.com/podcasts/threat-vector] with host David Moulton [https://www.linkedin.com/in/davidrmoulton/] every Thursday on your favorite podcast app. CyberWire Guest Today we are joined by Tim Starks [https://www.linkedin.com/in/tstarks/] from CyberScoop [https://cyberscoop.com/] discussing changes to the CyberCorps Scholarship program. You can read more in Tim’s article “Trump officials are steering a cybersecurity scholarship program toward AI [https://cyberscoop.com/sfs-scholarship-program-trump-administration-ai-shift/].” Selected Reading I Ran the N.S.A. This Is How to Defeat China’s Hacker Army. [https://www.nytimes.com/2026/05/11/opinion/international-world/i-ran-the-nsa-this-is-how-to-defeat-chinas-hacker-army.html] (The New York Times) Canvas hack: company pays criminals to delete students' stolen data [https://www.bbc.co.uk/news/articles/cdepzg83x87o] (BBC News) FCC Attempts to Solve Robocall Problem by Potentially Creating Even Bigger Privacy Problem [https://gizmodo.com/fcc-attempts-to-solve-robocall-problem-by-potentially-creating-even-bigger-privacy-problem-2000756762] (Gizmodo) SAP Patches Critical S/4HANA, Commerce Vulnerabilities [https://www.securityweek.com/sap-patches-critical-s-4hana-commerce-vulnerabilities/] (SecurityWeek) Cache-poisoning caper turns TanStack npm packages toxic [https://www.theregister.com/cyber-crime/2026/05/12/cache-poisoning-caper-turns-tanstack-npm-packages-toxic/5238650] (The Register) Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware [https://hackread.com/operation-humanitarianbait-fake-aid-docs-python-spyware/] (Hackread) Japan’s PM orders cybersecurity review to stop Mythos going full CyberZilla [https://www.theregister.com/security/2026/05/12/japans-pm-orders-cybersecurity-review-to-defend-against-anthropic-mythos/5238501] (The Register) Texas sues Netflix over alleged data practices that create ‘surveillance machinery’ without user consent [https://therecord.media/texas-sues-netflix-over-data-practices-surveillance] (The Record) Time for government, business leaders to figure out AI cybersecurity regulation [https://news.harvard.edu/gazette/story/2026/04/time-for-government-business-leaders-to-figure-out-ai-cybersecurity-regulation/] (Harvard Gazette) Tables Turned: Gentlemen Ransomware Group Suffers Data Leak [https://www.bankinfosecurity.com/tables-turned-gentlemen-ransomware-group-suffers-data-leak-a-31654] (BankInfo Security) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey [https://www.surveymonkey.com/r/NCFFCZJ]. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com [http://sponsor.thecyberwire.com/]. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

Foreign routers get a longer lifeline.

The FCC eases restrictions on foreign-made routers. Shiny Hunters hit Canvas and Zara. SailPoint discloses unauthorized access to its GitHub repositories. TrickMo Android banking malware has more tricks up its sleeve. Polish officials warn of increased targeting of ICS and public infrastructure. A federal judge orders $10 million in restitution for stolen zero days. German authorities takedown the Crimenetwork marketplace, again. Monday business breakdown. Dan Lorenc, Chainguard CEO and co-founder, is talking about a recent wave of supply chain attacks. Malware gets signed, sealed and delivered.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. CyberWire Guest Dan Lorenc [https://www.linkedin.com/in/danlorenc/], Chainguard [https://www.linkedin.com/company/chainguard-dev/] CEO and co-founder, is talking about how the recent wave of supply chain attacks is fundamentally different – and more dangerous –than previous incidents, as well as immediate steps organizations should take as this continues to unfold. Selected Reading US: FCC Relaxes Foreign-Made Router Ban to Allow for Security Updates [https://www.infosecurity-magazine.com/news/us-fcc-relaxes-foreign-router-ban/] (Infosecurity Magazine) ShinyHunters Escalates Canvas Extortion [https://www.infosecurity-magazine.com/news/shinyhunters-escalates-canvas/] (Infosecurity Magazine) Zara Data Breach Impacts Nearly 200,000 Customers [https://www.infosecurity-magazine.com/news/zara-data-breach-impacts-200000/] (Infosecurity Magazine) SailPoint Discloses GitHub Repository Hack [https://www.securityweek.com/sailpoint-discloses-github-repository-hack/] (SecurityWeek) TrickMo Android banker adopts TON blockchain for covert comms [https://www.bleepingcomputer.com/news/security/trickmo-android-banker-adopts-ton-blockchain-for-covert-comms/] (Bleeping Computer) Polish ABW warns cyberattacks shifting from espionage and data theft toward physical disruption of critical infrastructure [https://industrialcyber.co/reports/polish-abw-warns-cyberattacks-shifting-from-espionage-and-data-theft-toward-physical-disruption-of-critical-infrastructure/] (Industrial Cyber) Trenchant Exec Who Sold Zero Days to Russian Buyer Ordered to Pay $10 Million in Restitution to Former Employers [https://www.zetter-zeroday.com/trenchant-exec-who-sold-zero-days-to-russian-buyer-ordered-to-pay-10-million-in-restitution-to-former-employers/] (Zero Day) Resurrected 'Crimenetwork' Marketplace Taken Down, Administrator Arrested [https://www.securityweek.com/resurrected-crimenetwork-marketplace-taken-down-administrator-arrested/] (SecurityWeek) XBOW secures an additional $35 million in Series C funding. [https://thecyberwire.com/newsletters/business-briefing/8/18] (N2K Pro Business Briefing) Hackers Trick DigiCert Into Issuing Certificates Used to Sign Malware [https://hackread.com/hackers-digicert-issue-certificates-sign-malware/] (Hackread) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey [https://www.surveymonkey.com/r/NCFFCZJ]. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com [http://sponsor.thecyberwire.com/]. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

Payal Chakravarty: Overcoming bias in the workplace. [Security and Risk] [Career Notes]

Please enjoy this encore of Career Notes. Payal Chakravarty, Head of Product for Security and Risk from Coalition, sits down to share her story of working at several different organizations, including interning for IBM and Microsoft. After obtaining her master's degree, she worked with IBM a bit more closely and fell in love with one of the projects she was working on. Payal had a very interesting career path going from physical to virtual, virtual to cloud now, cloud to containers. She says that there is still some bias she has dealt with as a woman in her field, she says, "I think the way you handle it is you negotiate or you kind of calmly handle the situation, there's no ego involved." Payal shares that in working in this field you need to be in love with it, giving the advice that don't just choose a job because of the money or because it's cool, but because you feel connected to it as a profession. We thank Payal for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

CyberWire Daily at 10: The evolution of geopolitics and warfare. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis [https://www.linkedin.com/in/varmazis] and Dave Bittner [https://www.linkedin.com/in/dave-bittner-27231a4] discuss cybersecurity geopolitics and warfare that have been in the news over the past 10 years. We begin our conversation around the supply chain malware from the destructive NotPetya campaign out of Russia, then Maria and Dave highlight: Olympic Destroyer disrupting the Pyeongchang Games, CozyBear's SolarWinds espionage campaign, the Colonial Pipeline ransomware disruption, Russia’s full invasion of Ukraine paired with Viasat hack, Iranian hackers attacking ICS devices at water treatment plants in Israel, and China's VoltTyphoon and SaltTyphoon intrusions in critical sectors. Join us as we reflect on the escalation from election interference and disruption, to espionage and ransomware as national security crises, to integration in kinetic war,and now expansion into space, with AI-driven defenses and NATO codifying cyber as a collective defense domain. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]