CyberWire Daily

Vlad Honyanyy, a threat intel analyst studying North Korean–linked cyber activity, and Greg Schlomer, a researcher on DPRK-aligned operations, discuss how AI is woven into attacker workflows. They cover AI-powered phishing and persona fabrication, accelerated malware development, autonomous agents building exploits, and how AI levels the playing field for less-skilled operators.

Vlad H., a Microsoft analyst studying DPRK-linked actors and AI-driven social engineering, and Greg Schlomer, a Microsoft analyst on DPRK-aligned cyber tradecraft, discuss Jasper Sleet’s operational use of AI. They cover AI across recon, malware development, persona fabrication, autonomous agents, jailbreaking, and how AI speeds and scales deception and campaign workflows.

Ben Yelin, law and policy analyst at the University of Maryland Center for Cyber Health and Hazard Strategies and Caveat cohost. He breaks down Anthropic’s lawsuit against the Pentagon and the legal questions it raises. Conversation also covers supply-chain bans, potential chilling effects on contractors, and how policy, law, and AI intersect.

Brian Baskin, Threat Researcher at Sublime Security, explains tax-season employee impersonation scams in a concise, practical chat. He walks through why tax time is a prime target. He outlines common phishing tricks, targets in HR and finance, and modern defensive checks to watch for. Short, alerting, and focused on the scamming methods you should recognize.

Dr. Lara Ferry, VP of Research at Arizona State University and cybersecurity education leader, discusses how universities design coherent cyber degree pathways. She covers balancing theory with hands-on internships. The conversation highlights industry-academia disconnects, ways companies can engage with programs, and pathways from community college to four-year degrees.

Jon France, CISO at (ISC)2 and workforce analyst, discusses findings from ISC2’s 2025 Cybersecurity Workforce Study. AI's rapid rise as the top in-demand skill gets attention. Conversations cover skills shortages, entry-level hiring challenges, the growing need for business communication, and how AI will reshape early-career roles.

A behind-the-scenes reporter’s notebook from Tallinn captures life inside NATO’s cyber exercise. Listeners get arrival impressions of the city, a look at Estonia’s IT culture, and the strict security of the NATO cyber range. The account visits operations floors, blue-team dynamics, and the fast pace of covering live cyber drills. Personal travel moments and off-the-record reflections add human texture.

Anna Belak, Director of Thought Leadership with a background in physics and materials science turned cyber storyteller. She recounts leaving academia for industry. She urges not to be limited by your degree. She champions pairing technical chops with communication to become a rare, valuable professional. She reflects on making lasting impact through relationships.

Marcelle Lee, cybersecurity consultant and threat intelligence researcher, walks through uncovering a mobile scareware campaign after a single click. She traces domains with Censys and VirusTotal, decodes device fingerprinting in URLs, and pivots to apps in the Play Store. She maps behaviors to MITRE ATT&CK and shows how free tools and AI speed practical investigations.

A rundown of Iran-linked MuddyWater intrusions and their backdoors hitting U.S. and Israeli networks. Coverage of China-associated campaigns targeting South American telecoms. Alerts about critical Cisco firewall fixes and actively exploited Hikvision and Rockwell vulnerabilities. A deep dive into the Anthropic–Pentagon fallout and the Pentagon’s pivot to OpenAI. A bizarre Wikimedia JavaScript worm incident adds unexpected chaos.