Browser‑in‑the‑browser attacks on Facebook users

Stolen Target source code looks real. CISA pulls the plug on Gogs. SAP rushes patches for critical flaws. A suspected Russian spy emerges in Sweden, while Cloudflare threatens to walk away from Italy. Researchers flag a Wi-Fi chipset bug, a long-running Magecart skimming campaign, and a surge in browser-in-the-browser phishing against Facebook users. Mandiant releases a new Salesforce defense tool, and NIST asks how to secure agentic AI before it secures itself. Our guests are Christine Blake and Madison Farabaugh from Inside the Media Minds. Plus, a Dutch court says seven years is still the going rate for a USB-powered cocaine plot.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Christine Blake and Madison Farabaugh from W2 Communications and hosts of Inside the Media Minds podcast on their show joining the N2K CyberWire network. You can listen to the latest episode of Inside the Media Minds today and catch new installments every month on your favorite podcast app.

Selected Reading

Target employees confirm leaked code after ‘accelerated’ Git lockdown (Bleeping Computer)

Fed agencies urged to ditch Gogs as zero-day makes CISA list (The Register)

SAP's January 2026 Security Updates Patch Critical Vulnerabilities (SecurityWeek)

Sweden detains ex-military IT consultant suspected of spying for Russia (The Record)

Cloudflare CEO threatens to pull out of Italy  (The Register)

One Simple Trick to Knock Out the Wi-Fi Network (GovInfo Security)

Google's Mandiant releases free Salesforce access control checker (iTnews)

Global Magecart Campaign Targets Six Card Networks (Infosecurity Magazine)

Facebook login thieves now using browser-in-browser trick (Bleeping Computer)

NIST Calls for Public to Help Better Secure AI Agents (GovInfo Security)

Appeal fails for hacker who opened port to coke smugglers (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices