CyberWire Daily – "A Farmers Market of Stolen Data"

Date: August 25, 2025
Host: Dave Bittner (A, N2K Networks)
Featured Guest: Ben Yellen (University of Maryland Center for Cyber Health and Hazard Strategies)

Episode Overview

This episode of CyberWire Daily delivers a rapid-fire briefing on the latest cybersecurity news, breaches, and policy moves, emphasizing the ongoing scale and sophistication of cyber threats. It also spotlights major developments—such as the staggering data breach at Farmers Insurance, the vulnerabilities of agentic AI tools, and renewed debates over encryption—in an accessible, journalistic tone. The show includes deeper analysis with expert Ben Yellen on the UK’s reversal of digital backdoor requirements for Apple devices, as well as a cautionary tale about Wired magazine falling for an AI-generated scam.

Key News & Discussion Points

1. Farmers Insurance Data Breach

[01:05]

Incident: Farmers Insurance, a major US insurer, disclosed a breach affecting over 1 million people via a third-party vendor (name undisclosed), who reported unauthorized database access on May 30.
Exposed Data: Names, addresses, dates of birth, driver's license numbers, and partial Social Security numbers.
Impact Breakdown: Farmers New World Life Insurance (40,000 impacted), Farmers Group and Affiliates (1+ million).
Response: Ongoing investigation, breach notices filed with regulators; no confirmation of ransomware involvement.
Insight: Highlights the far-reaching risks of third-party vendors in data security.

2. AI Browsers: From Innovation to Exploit Risk

[02:00]

Trend: AI-powered browsers are advancing from conceptual to operational tools, autonomously handling tasks like shopping and email.
Risks Identified (per GuardioLabs tests):
- Easily deceived by basic scams—e.g., purchasing from a fraudulent Walmart site and clicking phishing emails.
- Vulnerable to prompt injection attacks (such as "PromptFix"), which can manipulate the AI into harmful actions (e.g., unauthorized downloads, leaking data).
Quote:
- “The threat is clear. Scammers no longer need to fool people, only their AI.” – [02:54]
Takeaway: Without robust guardrails, AI browsers could magnify, not mitigate, scam risk.

3. Reviving Letters of Marque in Cyberspace

[03:10]

Legislation: Arizona Rep. David Swart proposes the Scam Farms Mark and Reprisal Authorization Act of 2025.
- Would empower the US president to issue digital "letters of marque" to privateer hackers against cybercriminals and nation-state attackers.
- Historical context: Revives an 1812-era naval tactic for the digital age.
Controversy: Praised as a faster, more aggressive defense given record $16 billion in US cyber losses last year; critics fear diplomatic escalation.
Reflection: "Can 19th century tactics work against 21st-century digital predators?" – [03:56]

4. Shamos Infostealer Targets macOS

[04:04]

Attack: Cybercriminals deploy the "Shamos" info stealer, disguised as tech support, tricking users into executing a single terminal command (abusing click-fix culture).
Spread: Through malvertising, fake GitHub pages, widespread across macOS, Windows, Linux.
Capabilities: Harvests credentials, Apple Keychain data, browser info, crypto wallets. Installs botnets, persistence mechanisms.
Notable: Success due to the ease of use and gatekeeper bypass, making it a tool of choice for both common cybercriminals and advanced persistent threat groups.

5. Android Spyware Posing as Antivirus in Russia

[05:22]

Discovery: Dr.Web identifies Android malware (masquerading as “GuardCB” or “Security FSB”), targeting Russian business execs since January.
Capabilities: Extensive permissions (SMS, contacts, logging keystrokes, mic/camera access, screen streaming). App simulates legitimacy with fake scans.
Note: Multiple evolving versions, exclusive focus on Russian-speaking targets.

6. CISA Seeks Feedback on SBoM Updates

[06:24]

Policy: CISA issues draft guidance for Software Bill of Materials (SBoM), building on NTIA’s 2021 framework.
Key Points:
- Emphasizes automation, machine-readable formats (SPDX, CycloneDX), and integration throughout development.
- Solicits public feedback until October 3.
Implications: Stresses the need for transparent, secure supply chains, particularly with the rise of cloud and AI software.

7. Ransomware Attack at DataIO

[07:32]

Victim: DataIO, a technology manufacturer for automotive and consumer electronics, supplies Tesla, Panasonic, Amazon, Microsoft.
Impact: Manufacturing and shipping disrupted; company notifies SEC; material financial impacts anticipated.
Industry Trend: Part of a surge in attacks and SEC disclosures for the manufacturing sector.

8. Salesforce Tableau Vulnerabilities

[08:25]

Disclosure: Salesforce patches multiple critical flaws in Tableau Server/Desktop (type confusion, path traversal, arbitrary file writes).
Action: Urgent customer upgrades recommended to prevent account takeover and malware attacks.

9. Grok Data Exposed by Google Indexing

[09:08]

Incident: Over 370,000 user conversations from xAI’s Grok were indexed by Google due to inadequate safeguards on its sharing feature.
Data Exposed: Included names, files, spreadsheets, passwords, even illicit content.
Quote:
- “The feature was intended for private sharing via link, but did not warn users their content could be exposed... The issue mirrors similar incidents, including ChatGPT conversations... becoming searchable.” – [09:45]
Reflection: Underscores persistent risks around link-based “share” features in cloud platforms.

Deep Dive: The UK Abandons Digital Backdoor Requirements (with Ben Yellen)

[14:08–19:02]

Background & Timeline

Earlier in 2025, the UK issued a secret order mandating that Apple provide access to all user content uploaded to its iCloud service—complemented by a gag order preventing Apple from even acknowledging it.
Pushback was immediate and global, with bipartisan concern in the US about impacts on US data and privacy.

Key Discussion Points

Policy Reversal: The UK has now publicly abandoned its attempt to enforce a digital backdoor in Apple’s encryption.
- Quote:
  - "Another victory for privacy advocates in the encryption wars... Apple, which prides itself on its privacy features, pushes back hard and they're coming out on top."
    — Ben Yellen, [16:38]
Privacy Implications:
- UK’s retreat signals privacy wins can be achieved in Western democracies, but also raises questions about hidden practices elsewhere.
- Quote:
  - “Apple again, we don’t know everything that it does or how it responds to every order of this type. But just given their history... customers, your data is safe even from us because of our encryption…”
    — Ben Yellen, [17:40]
- Some skepticism warranted, especially considering Apple’s past concessions in China.
Broader Significance:
- “Feather in the cap of privacy advocates... If we believe in data privacy, this should not be happening in a country like the UK and the UK apparently responded.”
  — Ben Yellen, [18:22]

Memorable Moments

Humor:
- "Parades in the streets in privacy land." — Ben Yellen, [14:18]
- "Yeah, take the W. Exactly. Don't ask too many questions, Dave." — Ben Yellen, [18:47]

Wired Magazine Duped by AI Author

[20:45]

Incident: WIRED published an article (“Do You Take This Discord Server? The Rise of Hyper-Niche Internet Weddings”) that was AI-generated with a fake byline after being pitched by a scammer.
Discovery: Suspicion arose after the "writer" couldn't clear WIRED's payment system and insisted on PayPal or a paper check—ultimately leading to the discovery of the scam.
Editorial Reaction: WIRED retracted the story and posted a public editor’s note about the mistake.
Reflection:
- “The irony was hard to miss. A leading watchdog of AI misinformation fell victim to the very thing it warns about.” — Dave Bittner, [21:30]
- Takeaway: No organization is immune, and transparency in addressing mistakes is vital.

Notable Quotes

On AI Browser Risk:
- “The threat is clear. Scammers no longer need to fool people, only their AI.” — Dave Bittner, [02:54]
On Letters of Marque Proposal:
- “Can 19th-century tactics work against 21st-century digital predators?” — Dave Bittner, [03:56]
On UK Encryption Rollback:
- “Another victory for privacy advocates in the encryption wars... Apple, which prides itself on its privacy features, pushes back hard and they're coming out on top.” — Ben Yellen, [16:38]
- “Yeah, take the W. Exactly. Don't ask too many questions, Dave.” — Ben Yellen, [18:47]
On Wired Getting Scammed by AI:
- “The irony was hard to miss. A leading watchdog of AI misinformation fell victim to the very thing it warns about.” — Dave Bittner, [21:30]

Important Timestamps

[01:05] Farmers Insurance data breach details
[02:00] AI browser scams and risks
[03:10] Congressional bill on cyber "letters of marque"
[04:04] Shamos infostealer campaign against macOS
[05:22] Android spyware targets Russian execs
[06:24] CISA SBoM guidance update call for comments
[07:32] DataIO ransomware attack
[08:25] Salesforce Tableau vulnerabilities
[09:08] xAI Grok data exposed via Google
[14:08–19:02] Deep Dive: The UK and Apple encryption (Ben Yellen)
[20:45] Wired magazine scammed by AI-generated story

Tone & Style

Journalistic and accessible, with humor and empathy woven into urgent news coverage.
Strong focus on actionable insights and broader policy implications for privacy, AI, and emerging threats.
Embodies CyberWire’s signature daily briefing format—fast-paced, authoritative, and infused with lightly wry commentary.

For a complete rundown of links and sources, check out the daily briefing at thecyberwire.com.

Transcript

A (0:02)

You're listening to the Cyberwire network. Powered by N2K, the DMV has established itself as a top tier player in the global cyber industry. DMV Rising is the premier event for cyber leaders and innovators to engage in meaningful discussions and celebrate the innovation happening in and around the Washington D.C. area. Join us on Thursday, September 18th to connect with the leading minds shaping our field and experience firsthand why the Washington D.C. region is the beating heart of cyber innovation. Visit DMVRising.com to secure your spot. Risk and compliance shouldn't slow your business down. Hyperproof helps you automate controls, integrate real time risk workflows and build a centralized system of trust so your teams can focus on growth, not spreadsheets. From faster audits to stronger stakeholder confidence, Hyperproof gives you the business advantage of Smarter compliance. Visit www.hyperproofio to see how leading teams are transforming their GRC programs. Farmers Insurance discloses a data breach affecting over a million people Agentic AI tools fall for common scams A new bill in Congress looks to revive letters of mark for the digital age. Cybercriminals target macOS users with the Shamos info stealer New Android spyware masquerades as antivirus to target Russian business executives. CISA seeks public comments on SBOM updates A major third party electronics manufacturer reports a ransomware attack Salesforce patches multiple vulnerabilities in its tableau products. Over 370,000 user Grok conversations were accidentally indexed by Google. Ben Yellen examines the UK's decision to drop digital backdoor requirements and Wired gets duped by an AI author. Foreign August 25, 2025 I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It's great as always to have you with us. Farmers Insurance disclosed a data breach affecting more than 1 million people after a third party vendor reported unauthorized access to its database on May 30. The company, which serves about 10 million US households, confirmed that attackers stole customer data, including names, addresses, dates of birth, driver's license numbers and partial Social Security numbers. Farmers New World Life Insurance reported 40,000 impacted individuals, while Farmers Group and Affiliates reported over a million. The insurer clarified it was not directly targeted but was affected through its vendor. Farmers, a subsidiary of Zurich Insurance Group, has not disclosed the vendor's identity or whether ransomware was involved. The investigation is ongoing and the company has filed breach notifications with state regulators. AI powered browsers are moving from concept to reality, with agentic AI tools going beyond search and automation performing tasks like shopping and handling emails autonomously. But convenience comes with major risks. AI browsers inherit AI's weaknesses. They act without skepticism, trust too easily, and can be manipulated. Tests by Guardiolabs on Comet showed it falling for basic scams buying from a fake Walmart site and clicking phishing links from bogus bank emails, sometimes even auto filling payment data. More advanced risks stem from prompt injection attacks like PromptFix, where hidden instructions trick the AI into harmful actions such as downloads or data leaks. The threat is clear. Scammers no longer need to fool people, only their AI. Without built in guardrails, AI browsing turns everyday convenience into a new scam attack. Surface A new bill in Congress would revive an old naval practice for the digital age. Arizona Republican David Swart introduced the Scam Farms Mark and Reprisal Authorization act of 2025, which would let the president issue letters of marque to commission U.S. cyber privateers. Once used during the War of 1812 to authorize private ships against British vessels, these letters would now target cybercriminals and even foreign governments behind online attacks. Sweikart argues current defenses lag behind fast growing cybercrime, which cost Americans over $16 billion last year, the highest in 25 years. His office says sanctioned hackers could seize assets, defend infrastructure, and deter future attacks. Critics caution foreign governments may see this as an escalation. The bill's future is uncertain, but it raises a provocative Can 19th century tactics work against 21st century digital predators? Cybercriminals are targeting macOS users with the Shamos infosteeler disguised as technical help, according to CrowdStrike. Attackers ran a campaign from June through August of this year using malvertising and fake support sites. Victims searching for fixes were tricked into running a one line terminal command, a click fix technique that bypasses Apple's gatekeeper protections. Once installed, Chamos collects credentials, Apple notes keychain data, browser info, and cryptocurrency wallets, exfiltrating them in a Zip archive. It also installs a spoofed ledger wallet, a botnet module, and persistence mechanisms. In a parallel campaign, Shamos was spread via A fake GitHub page offering iTerm2ClickFix, first seen in late 2024, has surged in popularity across macOS, Windows, and Linux due to its simplicity and reliability, making it a favored tool for both cybercriminals and APT groups. A new Android spyware is masquerading as an antivirus app to target Russian business executives, according to Dr. Webb. Active since January, the malware mimics tools branded as GuardCB or Security FSB falsely link to Russia's FSB. Once installed, it requests extensive permissions, enabling it to exfiltrate SMS contacts and FIL log keystrokes, activate the camera or mic and stream the screen. The fake app simulates scans to appear legitimate. Researchers note continuous development with multiple versions designed exclusively for Russian speaking victims. CISA has released draft guidance updating the minimum elements for a software bill of materials and is seeking public comment until October 3rd. Building on the 2021 NTIA framework, the update reflects advances in software supply chain security and transparency. Sboms lists software components enabling organizations to spot vulnerabilities and manage risks. The guidance defines three key data fields, automation support and practices and processes, and emphasizes machine readable formats like SPDX and CycloneDx. It also covers SBoM use in cloud and AI software and stresses integrating SBoMs into development life cycles. DataIO, a Redmond based electronics manufacturer, reported a ransomware attack that began Aug. 16 disrupting shipping, manufacturing and production systems. The company, which supplies tech for vehicles, charging stations and consumer devices serving clients like Tesla, Panasonic, Amazon and Microsoft, filed notice with the SEC warning of potential material financial impact. Containment steps include taking systems offline while a third party investigates. No restoration timeline has been set. DataIO is the second firm in the last week to disclose ransomware to the SEC amid rising attacks on the manufacturing sector. Salesforce has patched multiple vulnerabilities in Tableau Server and Tableau Desktop, including a critical type confusion flaw that could let attackers execute malicious code. Other flaws allow path traversal and arbitrary file rights, potentially leading to full compromise of Tableau instances. Multiple versions are affected. Salesforce urges all customers, especially those with external facing servers, to upgrade immediately to protect against account hijacking, insider threats and malware driven attacks. Forbes reports that 370,000 user conversations were accidentally indexed by Google and made publicly searchable due to the Share feature in xai's grok. The feature was intended for private sharing via link, but did not warn users their content could be exposed to search engines like Google or Bing. Some conversations contained personal data such as names, files, spreadsheets and even a password. Others included prohibited requests from drug recipes to malware coding. Google clarified that publishers, not search engines, control indexation. XAI prohibits using GROK for harmful purposes, though violations were evident. The issue mirrors similar incidents, including ChatGPT conversations and Google Drive documents becoming searchable and through public link sharing, highlighting ongoing risks in how share features handle user data. Coming up after the break, Ben Yellen examines the UK's decision to drop digital backdoor requirements and Wired gets duped by an AI author. Stay with us. Compliance regulations, third party risk and customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you're thinking there has to be something more efficient than spreadsheets, screenshots and all those manual processes, you're right. GRC can be so much easier and it can strengthen your security posture while actually driving revenue for your business. You know, one of the things I really like about Vanta is how it takes the heavy lifting out of your GRC program. Their trust management platform automates those key compliance, internal and third party risk, and even customer trust so you're not buried under spreadsheets and endless manual tasks. Vanta really streamlines the way you gather and manage information across your entire business. And this isn't just theoretical. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. That's a pretty impressive number. So what does it mean for you? It means you get back more time and energy to focus on what actually matters, like strengthening your security posture and scaling your business. Vanta GRC Just imagine how much easier trust can be. Visit vanta.com cyber to sign up today for a free demo that's V A N T A.com Cyber Mint is still $15 a month for premium wireless and if you haven't made the switch yet, here are 15 reasons why you should 1. It's $15 a month. 2. Seriously, it's $15 a month. 3. No big contracts. 4. I use it. 5. My mom uses it. Are you. Are you playing me off? That's what's happening, right? Okay, give it a try@mintmobile.com Switch upfront payment of $45 per three month plan $15 per month equivalent required New customer offer first three months only, then full price plan options available, taxes and fees extra. See mintmobile.com, it is always my pleasure to welcome back to the show Ben Yellen. He is from the University of Maryland center for Cyber Health and Hazard Strategies and also my co host on the Caveat podcast. Ben, welcome back.

CyberWire Daily – "A Farmers Market of Stolen Data"

Date: August 25, 2025
Host: Dave Bittner (A, N2K Networks)
Featured Guest: Ben Yellen (University of Maryland Center for Cyber Health and Hazard Strategies)

Episode Overview

Key News & Discussion Points

1. Farmers Insurance Data Breach

[01:05]

Incident: Farmers Insurance, a major US insurer, disclosed a breach affecting over 1 million people via a third-party vendor (name undisclosed), who reported unauthorized database access on May 30.
Exposed Data: Names, addresses, dates of birth, driver's license numbers, and partial Social Security numbers.
Impact Breakdown: Farmers New World Life Insurance (40,000 impacted), Farmers Group and Affiliates (1+ million).
Response: Ongoing investigation, breach notices filed with regulators; no confirmation of ransomware involvement.
Insight: Highlights the far-reaching risks of third-party vendors in data security.

2. AI Browsers: From Innovation to Exploit Risk

[02:00]

Trend: AI-powered browsers are advancing from conceptual to operational tools, autonomously handling tasks like shopping and email.
Risks Identified (per GuardioLabs tests):
- Easily deceived by basic scams—e.g., purchasing from a fraudulent Walmart site and clicking phishing emails.
- Vulnerable to prompt injection attacks (such as "PromptFix"), which can manipulate the AI into harmful actions (e.g., unauthorized downloads, leaking data).
Quote:
- “The threat is clear. Scammers no longer need to fool people, only their AI.” – [02:54]
Takeaway: Without robust guardrails, AI browsers could magnify, not mitigate, scam risk.

3. Reviving Letters of Marque in Cyberspace

[03:10]

Legislation: Arizona Rep. David Swart proposes the Scam Farms Mark and Reprisal Authorization Act of 2025.
- Would empower the US president to issue digital "letters of marque" to privateer hackers against cybercriminals and nation-state attackers.
- Historical context: Revives an 1812-era naval tactic for the digital age.
Controversy: Praised as a faster, more aggressive defense given record $16 billion in US cyber losses last year; critics fear diplomatic escalation.
Reflection: "Can 19th century tactics work against 21st-century digital predators?" – [03:56]

4. Shamos Infostealer Targets macOS

[04:04]

Attack: Cybercriminals deploy the "Shamos" info stealer, disguised as tech support, tricking users into executing a single terminal command (abusing click-fix culture).
Spread: Through malvertising, fake GitHub pages, widespread across macOS, Windows, Linux.
Capabilities: Harvests credentials, Apple Keychain data, browser info, crypto wallets. Installs botnets, persistence mechanisms.
Notable: Success due to the ease of use and gatekeeper bypass, making it a tool of choice for both common cybercriminals and advanced persistent threat groups.

5. Android Spyware Posing as Antivirus in Russia

[05:22]

Discovery: Dr.Web identifies Android malware (masquerading as “GuardCB” or “Security FSB”), targeting Russian business execs since January.
Capabilities: Extensive permissions (SMS, contacts, logging keystrokes, mic/camera access, screen streaming). App simulates legitimacy with fake scans.
Note: Multiple evolving versions, exclusive focus on Russian-speaking targets.

6. CISA Seeks Feedback on SBoM Updates

[06:24]

Policy: CISA issues draft guidance for Software Bill of Materials (SBoM), building on NTIA’s 2021 framework.
Key Points:
- Emphasizes automation, machine-readable formats (SPDX, CycloneDX), and integration throughout development.
- Solicits public feedback until October 3.
Implications: Stresses the need for transparent, secure supply chains, particularly with the rise of cloud and AI software.

7. Ransomware Attack at DataIO

[07:32]

Victim: DataIO, a technology manufacturer for automotive and consumer electronics, supplies Tesla, Panasonic, Amazon, Microsoft.
Impact: Manufacturing and shipping disrupted; company notifies SEC; material financial impacts anticipated.
Industry Trend: Part of a surge in attacks and SEC disclosures for the manufacturing sector.

8. Salesforce Tableau Vulnerabilities

[08:25]

Disclosure: Salesforce patches multiple critical flaws in Tableau Server/Desktop (type confusion, path traversal, arbitrary file writes).
Action: Urgent customer upgrades recommended to prevent account takeover and malware attacks.

9. Grok Data Exposed by Google Indexing

[09:08]

Incident: Over 370,000 user conversations from xAI’s Grok were indexed by Google due to inadequate safeguards on its sharing feature.
Data Exposed: Included names, files, spreadsheets, passwords, even illicit content.
Quote:
- “The feature was intended for private sharing via link, but did not warn users their content could be exposed... The issue mirrors similar incidents, including ChatGPT conversations... becoming searchable.” – [09:45]
Reflection: Underscores persistent risks around link-based “share” features in cloud platforms.

Deep Dive: The UK Abandons Digital Backdoor Requirements (with Ben Yellen)

[14:08–19:02]

Background & Timeline

Earlier in 2025, the UK issued a secret order mandating that Apple provide access to all user content uploaded to its iCloud service—complemented by a gag order preventing Apple from even acknowledging it.
Pushback was immediate and global, with bipartisan concern in the US about impacts on US data and privacy.

Key Discussion Points

Policy Reversal: The UK has now publicly abandoned its attempt to enforce a digital backdoor in Apple’s encryption.
- Quote:
  - "Another victory for privacy advocates in the encryption wars... Apple, which prides itself on its privacy features, pushes back hard and they're coming out on top."
    — Ben Yellen, [16:38]
Privacy Implications:
- UK’s retreat signals privacy wins can be achieved in Western democracies, but also raises questions about hidden practices elsewhere.
- Quote:
  - “Apple again, we don’t know everything that it does or how it responds to every order of this type. But just given their history... customers, your data is safe even from us because of our encryption…”
    — Ben Yellen, [17:40]
- Some skepticism warranted, especially considering Apple’s past concessions in China.
Broader Significance:
- “Feather in the cap of privacy advocates... If we believe in data privacy, this should not be happening in a country like the UK and the UK apparently responded.”
  — Ben Yellen, [18:22]

Memorable Moments

Humor:
- "Parades in the streets in privacy land." — Ben Yellen, [14:18]
- "Yeah, take the W. Exactly. Don't ask too many questions, Dave." — Ben Yellen, [18:47]

Wired Magazine Duped by AI Author

[20:45]

Incident: WIRED published an article (“Do You Take This Discord Server? The Rise of Hyper-Niche Internet Weddings”) that was AI-generated with a fake byline after being pitched by a scammer.
Discovery: Suspicion arose after the "writer" couldn't clear WIRED's payment system and insisted on PayPal or a paper check—ultimately leading to the discovery of the scam.
Editorial Reaction: WIRED retracted the story and posted a public editor’s note about the mistake.
Reflection:
- “The irony was hard to miss. A leading watchdog of AI misinformation fell victim to the very thing it warns about.” — Dave Bittner, [21:30]
- Takeaway: No organization is immune, and transparency in addressing mistakes is vital.

Notable Quotes

On AI Browser Risk:
- “The threat is clear. Scammers no longer need to fool people, only their AI.” — Dave Bittner, [02:54]
On Letters of Marque Proposal:
- “Can 19th-century tactics work against 21st-century digital predators?” — Dave Bittner, [03:56]
On UK Encryption Rollback:
- “Another victory for privacy advocates in the encryption wars... Apple, which prides itself on its privacy features, pushes back hard and they're coming out on top.” — Ben Yellen, [16:38]
- “Yeah, take the W. Exactly. Don't ask too many questions, Dave.” — Ben Yellen, [18:47]
On Wired Getting Scammed by AI:
- “The irony was hard to miss. A leading watchdog of AI misinformation fell victim to the very thing it warns about.” — Dave Bittner, [21:30]

Important Timestamps

[01:05] Farmers Insurance data breach details
[02:00] AI browser scams and risks
[03:10] Congressional bill on cyber "letters of marque"
[04:04] Shamos infostealer campaign against macOS
[05:22] Android spyware targets Russian execs
[06:24] CISA SBoM guidance update call for comments
[07:32] DataIO ransomware attack
[08:25] Salesforce Tableau vulnerabilities
[09:08] xAI Grok data exposed via Google
[14:08–19:02] Deep Dive: The UK and Apple encryption (Ben Yellen)
[20:45] Wired magazine scammed by AI-generated story

Tone & Style

Journalistic and accessible, with humor and empathy woven into urgent news coverage.
Strong focus on actionable insights and broader policy implications for privacy, AI, and emerging threats.
Embodies CyberWire’s signature daily briefing format—fast-paced, authoritative, and infused with lightly wry commentary.

For a complete rundown of links and sources, check out the daily briefing at thecyberwire.com.

A farmers market of stolen data.

Summary

CyberWire Daily – "A Farmers Market of Stolen Data"

Episode Overview

Key News & Discussion Points

1. Farmers Insurance Data Breach

2. AI Browsers: From Innovation to Exploit Risk

3. Reviving Letters of Marque in Cyberspace

4. Shamos Infostealer Targets macOS

5. Android Spyware Posing as Antivirus in Russia

6. CISA Seeks Feedback on SBoM Updates

7. Ransomware Attack at DataIO

8. Salesforce Tableau Vulnerabilities

9. Grok Data Exposed by Google Indexing

Deep Dive: The UK Abandons Digital Backdoor Requirements (with Ben Yellen)

Background & Timeline

Key Discussion Points

Memorable Moments

Wired Magazine Duped by AI Author

Notable Quotes

Important Timestamps

Tone & Style

Transcript

Summary

CyberWire Daily – "A Farmers Market of Stolen Data"

Episode Overview

Key News & Discussion Points

1. Farmers Insurance Data Breach

2. AI Browsers: From Innovation to Exploit Risk

3. Reviving Letters of Marque in Cyberspace

4. Shamos Infostealer Targets macOS

5. Android Spyware Posing as Antivirus in Russia

6. CISA Seeks Feedback on SBoM Updates

7. Ransomware Attack at DataIO

8. Salesforce Tableau Vulnerabilities

9. Grok Data Exposed by Google Indexing

Deep Dive: The UK Abandons Digital Backdoor Requirements (with Ben Yellen)

Background & Timeline

Key Discussion Points

Memorable Moments

Wired Magazine Duped by AI Author

Notable Quotes

Important Timestamps

Tone & Style