CyberWire Daily – "A War of Missiles and Messages"

Date: April 1, 2026
Host: Dave Bittner, N2K Networks
Guest: Christy Wyatt (CEO, Absolute Security)

Episode Overview

This episode centers on the escalating convergence of geopolitical conflict and cyber operations, with news and analysis about Iran and North Korea’s cyber campaigns, major breaches at Cisco and Anthropic’s Claude, and U.S. government challenges in adopting zero trust principles. Highlighting the practical business impacts of cyber incidents, host Dave Bittner interviews Christy Wyatt of Absolute Security on why cyber risk has evolved into a core business continuity issue. The episode also covers legal, privacy, and community surveillance developments.

Key News & Analysis

1. Iran’s Continued and Sophisticated Cyber Campaign

[01:08 – 03:10]

Thousands of Israelis received fake missile alert texts prompting them to download a spoof shelter app designed for data theft.
"Cybersecurity experts say these incidents reflect a broader online conflict among Iran, Israel and the United States, where cyber operations support military strategy and psychological warfare."
Iran’s operations involve government, contractors, and hacktivists—engaging in phishing, data theft, wiper attacks, and targeting high-value networks (companies, politicians, defense).
Despite visible disruptions (e.g., attacks at a U.S. med-tech firm), experts warn of more damaging threats if Iran’s cyber units regroup.

2. North Korean Supply Chain Attack Targets Open Source

[03:11 – 04:26]

North Korea-linked UNC 1069 targeted the popular Axios NPM package, deploying the Waveshaper V2 remote access trojan.
Compromise enables reconnaissance, command execution, persistent access via Windows Registry changes.
"Because Axios is broadly embedded across software projects, the compromise could expose large volumes of credentials and enable downstream attack…"
Urgent advice for defenders: audit dependencies, rotate secrets, block C2 infrastructure.

3. Cisco's Breach via Supply Chain Vulnerability

[04:27 – 05:32]

Attackers used credentials from the "Trivi" vulnerability scanner breach to access Cisco’s internal development systems via a malicious GitHub action.
Exposed assets: AWS access keys, 300+ code repositories, AI source code, customer data (including banks and U.S. government agencies).
Several threat actors involved; possible wider fallout due to interconnected supply chain attacks.
Cisco hasn't publicly commented as of this recording.

4. Anthropic’s Claude Leak: Deeper AI System Intrusions

[05:33 – 07:08]

Leak of Claude client source code shows it can "collect prompts, file contents, telemetry and session transcripts" and control desktops, update policies remotely, and conceal its AI authorship in open source code.
Anthropic defends its controls in classified deployments but acknowledges broader risks of data transmission outside those environments.
Researchers question long-term data exposure and experimental capabilities.

5. DoD’s Challenging Path to Zero Trust

[07:09 – 08:36]

U.S. Department of Defense (DoD) aims for zero trust cybersecurity by September 2027, amidst AI and cloud adoption.
Only 14% of activities completed as of early 2025.
"Experts caution the deadline may reflect compliance milestones rather than meaningful risk reduction, especially given persistent gaps in identity systems, data classification and network enforcement..."

6. Privacy Lawsuit: Perplexity AI Accused of Oversharing

[08:37 – 09:40]

Proposed class action alleges Perplexity secretly shared chatbot conversations with Meta and Google even in incognito mode, violating California law.
"The complaint claims data was transmitted even in incognito mode and could be used for advertising or resale..."
Perplexity says it hasn’t yet been served; Google didn't comment.

7. Google Chrome Emergency Patch

[09:41 – 10:08]

Google released fixes for an actively exploited Chrome zero day stemming from a use-after-free bug in WebGPU.
Fourth Chrome zero day fixed in 2026; limited public detail on attacks.

8. U.S. FBI Warns Against Foreign Mobile Apps

[10:09 – 10:43]

FBI advisory about privacy/national security risks in apps tied to China—potential government access, surreptitious data collection, and storage on Chinese servers.
FBI urges Americans to limit sharing, update devices, and stick to trusted app stores.

Special Segment: NASA Artemis 2 Launch

[10:43 – 11:21]

Maria Varmazes offers a space update:

"Tonight, April 1st at 6:24pm Eastern Time, NASA is planning to launch the Artemis 2 mission, which will send a crew of four around the moon...first woman, first person of color, and the first Canadian going to lunar orbit." – Maria Varmazes [10:46]

Feature Interview: Christy Wyatt (Absolute Security)

Cyber Risk as a Business Continuity Crisis

[14:12 – 26:58]

The Shift from Cybersecurity to Business Resilience

Wyatt stresses that the conversation must focus on resilience:

"This isn't really a cybersecurity conversation... The conversation we need to be having is how do we make more resilient businesses?" – Christy Wyatt [16:18]
The real cost is business downtime:

"Almost every minute that you can't take orders, can't pay your employees, can't invoice customers, your business is going to suffer and you may or may not recover." – Christy Wyatt [16:40]

The Underappreciated Aftermath of Cyber Events

Post-attack, most companies focus on "cleanup," not realizing how complex true recovery is:

"We stop the movie at the chapter where we've fixed the bad thing and now it's just like cleanup on aisle six." – Christy Wyatt [17:57]
Full recovery—from rebuilding systems to restoring process flows—requires active, cross-department rehearsals and plans.

The Practical Path to Reducing Downtime

Absolute focuses on device-level resilience:

"We have a platform that is embedded in the unflashable part of the firmware of almost every PC on the planet... If an application or security control that you care about stops working, we can fix it. If the device becomes compromised...we can rebuild it remotely." – Christy Wyatt [15:30]
Describes the "rehydrate" strategy: securely wiping and rebuilding devices remotely, minimizing lost employee time versus shipping hardware for reimaging
Real-world analogy: many companies’ backup plans assume "someone will fix it," but few are prepared for widespread remote work cases.

Investing in Prevention Pays Off

"There's always money to clean up the message...what you're advocating here is a fractional investment in prevention and making sure this is on...to prevent having to pay me later." – Dave Bittner [21:16]

Wyatt urges activation of built-in defensive features before a crisis:

"Even for those that say, I've invested so much in security and I'm sure I'm never going to be the one that has the bad day, we're saying, well, everybody says that just on the chance it might be you, maybe we do this now." – Christy Wyatt [22:41]

AI’s Impact on Security and Recovery

AI is a double-edged sword: an "amplifier...for good and for bad."
Wyatt shares Absolute’s Resilience Index: “Is AI making us more resilient? Punchline is, no, it's not, not yet...” [23:06]
Future: more fragile environments as new agents/AI overlap, heightening the speed and scope of possible outages.

Playbooks & Organizational Readiness

Advocates for a cross-functional, process-driven approach, reducing anxiety by knowing "who I would call" and "what I would do next".

"I actually think it takes a lot of anxiety out...you start to see it in practical terms." – Christy Wyatt [25:08]
The best success stories don’t make headlines:

"We never see those press releases, right...I do get thank you cards that say this really bad thing happened. Let me tell you this cool way we used your product." – Christy Wyatt [26:24]

Notable Quotes and Memorable Moments

On recovery strategy blindspots:

"We don't watch the movie to the end of the tape... I don't think we rehearse that [recovery] as intensely." – Christy Wyatt [17:56]
On speed of AI-driven change:

"Speed is the thing that works against all of us for the next little bit because it's just happening so quickly." – Christy Wyatt [24:50]
On business continuity mindset:

"It's not an if but a when. You will have a business disruption, I can almost guarantee it." – Christy Wyatt [16:54]

Community & Policy Highlights

Milpitas’ Doorbell Camera Initiative

[27:24 – 28:44]

Milpitas, CA to distribute free smart doorbells to residents, hoping for greater footage-sharing with police.
Officials stress the voluntary nature; critics warn of expanding neighborhood surveillance.

Key Timestamps

[01:08] – Cyber campaign landscape: Iran, North Korea, Israel, and the US
[14:12] – Introduction to Christy Wyatt, resilience as business continuity
[16:18] – Downtime as the key risk metric
[17:56] – Recovery planning blindspots
[23:06] – AI’s "amplifier effect," Resilience Index
[25:08] – Cross-functional planning and anxiety reduction

Summary

This episode of CyberWire Daily illustrates the intertwined nature of cybersecurity and business risk in 2026. It analyzes cutting-edge global cyber threats, leading breaches, and the difficulties of adopting zero trust at scale. Through an engaging interview, Christy Wyatt reframes cybersecurity as a business resilience problem, advocating for practical recovery strategies and preemptive activation of defensive capabilities—especially as the pace and fragility of technological change increase. The episode rounds out with legal, privacy, and community surveillance developments, making it a must-listen for technical and executive audiences alike.

CyberWire Daily – "A War of Missiles and Messages"

Date: April 1, 2026
Host: Dave Bittner, N2K Networks
Guest: Christy Wyatt (CEO, Absolute Security)

Episode Overview

Key News & Analysis

1. Iran’s Continued and Sophisticated Cyber Campaign

[01:08 – 03:10]

Thousands of Israelis received fake missile alert texts prompting them to download a spoof shelter app designed for data theft.
"Cybersecurity experts say these incidents reflect a broader online conflict among Iran, Israel and the United States, where cyber operations support military strategy and psychological warfare."
Iran’s operations involve government, contractors, and hacktivists—engaging in phishing, data theft, wiper attacks, and targeting high-value networks (companies, politicians, defense).
Despite visible disruptions (e.g., attacks at a U.S. med-tech firm), experts warn of more damaging threats if Iran’s cyber units regroup.

2. North Korean Supply Chain Attack Targets Open Source

[03:11 – 04:26]

North Korea-linked UNC 1069 targeted the popular Axios NPM package, deploying the Waveshaper V2 remote access trojan.
Compromise enables reconnaissance, command execution, persistent access via Windows Registry changes.
"Because Axios is broadly embedded across software projects, the compromise could expose large volumes of credentials and enable downstream attack…"
Urgent advice for defenders: audit dependencies, rotate secrets, block C2 infrastructure.

3. Cisco's Breach via Supply Chain Vulnerability

[04:27 – 05:32]

Attackers used credentials from the "Trivi" vulnerability scanner breach to access Cisco’s internal development systems via a malicious GitHub action.
Exposed assets: AWS access keys, 300+ code repositories, AI source code, customer data (including banks and U.S. government agencies).
Several threat actors involved; possible wider fallout due to interconnected supply chain attacks.
Cisco hasn't publicly commented as of this recording.

4. Anthropic’s Claude Leak: Deeper AI System Intrusions

[05:33 – 07:08]

Leak of Claude client source code shows it can "collect prompts, file contents, telemetry and session transcripts" and control desktops, update policies remotely, and conceal its AI authorship in open source code.
Anthropic defends its controls in classified deployments but acknowledges broader risks of data transmission outside those environments.
Researchers question long-term data exposure and experimental capabilities.

5. DoD’s Challenging Path to Zero Trust

[07:09 – 08:36]

U.S. Department of Defense (DoD) aims for zero trust cybersecurity by September 2027, amidst AI and cloud adoption.
Only 14% of activities completed as of early 2025.
"Experts caution the deadline may reflect compliance milestones rather than meaningful risk reduction, especially given persistent gaps in identity systems, data classification and network enforcement..."

6. Privacy Lawsuit: Perplexity AI Accused of Oversharing

[08:37 – 09:40]

Proposed class action alleges Perplexity secretly shared chatbot conversations with Meta and Google even in incognito mode, violating California law.
"The complaint claims data was transmitted even in incognito mode and could be used for advertising or resale..."
Perplexity says it hasn’t yet been served; Google didn't comment.

7. Google Chrome Emergency Patch

[09:41 – 10:08]

Google released fixes for an actively exploited Chrome zero day stemming from a use-after-free bug in WebGPU.
Fourth Chrome zero day fixed in 2026; limited public detail on attacks.

8. U.S. FBI Warns Against Foreign Mobile Apps

[10:09 – 10:43]

FBI advisory about privacy/national security risks in apps tied to China—potential government access, surreptitious data collection, and storage on Chinese servers.
FBI urges Americans to limit sharing, update devices, and stick to trusted app stores.

Special Segment: NASA Artemis 2 Launch

[10:43 – 11:21]

Maria Varmazes offers a space update:

"Tonight, April 1st at 6:24pm Eastern Time, NASA is planning to launch the Artemis 2 mission, which will send a crew of four around the moon...first woman, first person of color, and the first Canadian going to lunar orbit." – Maria Varmazes [10:46]

Feature Interview: Christy Wyatt (Absolute Security)

Cyber Risk as a Business Continuity Crisis

[14:12 – 26:58]

The Shift from Cybersecurity to Business Resilience

Wyatt stresses that the conversation must focus on resilience:

"This isn't really a cybersecurity conversation... The conversation we need to be having is how do we make more resilient businesses?" – Christy Wyatt [16:18]
The real cost is business downtime:

"Almost every minute that you can't take orders, can't pay your employees, can't invoice customers, your business is going to suffer and you may or may not recover." – Christy Wyatt [16:40]

The Underappreciated Aftermath of Cyber Events

Post-attack, most companies focus on "cleanup," not realizing how complex true recovery is:

"We stop the movie at the chapter where we've fixed the bad thing and now it's just like cleanup on aisle six." – Christy Wyatt [17:57]
Full recovery—from rebuilding systems to restoring process flows—requires active, cross-department rehearsals and plans.

The Practical Path to Reducing Downtime

Absolute focuses on device-level resilience:

"We have a platform that is embedded in the unflashable part of the firmware of almost every PC on the planet... If an application or security control that you care about stops working, we can fix it. If the device becomes compromised...we can rebuild it remotely." – Christy Wyatt [15:30]
Describes the "rehydrate" strategy: securely wiping and rebuilding devices remotely, minimizing lost employee time versus shipping hardware for reimaging
Real-world analogy: many companies’ backup plans assume "someone will fix it," but few are prepared for widespread remote work cases.

Investing in Prevention Pays Off

"There's always money to clean up the message...what you're advocating here is a fractional investment in prevention and making sure this is on...to prevent having to pay me later." – Dave Bittner [21:16]

Wyatt urges activation of built-in defensive features before a crisis:

"Even for those that say, I've invested so much in security and I'm sure I'm never going to be the one that has the bad day, we're saying, well, everybody says that just on the chance it might be you, maybe we do this now." – Christy Wyatt [22:41]

AI’s Impact on Security and Recovery

AI is a double-edged sword: an "amplifier...for good and for bad."
Wyatt shares Absolute’s Resilience Index: “Is AI making us more resilient? Punchline is, no, it's not, not yet...” [23:06]
Future: more fragile environments as new agents/AI overlap, heightening the speed and scope of possible outages.

Playbooks & Organizational Readiness

Advocates for a cross-functional, process-driven approach, reducing anxiety by knowing "who I would call" and "what I would do next".

"I actually think it takes a lot of anxiety out...you start to see it in practical terms." – Christy Wyatt [25:08]
The best success stories don’t make headlines:

"We never see those press releases, right...I do get thank you cards that say this really bad thing happened. Let me tell you this cool way we used your product." – Christy Wyatt [26:24]

Notable Quotes and Memorable Moments

On recovery strategy blindspots:

"We don't watch the movie to the end of the tape... I don't think we rehearse that [recovery] as intensely." – Christy Wyatt [17:56]
On speed of AI-driven change:

"Speed is the thing that works against all of us for the next little bit because it's just happening so quickly." – Christy Wyatt [24:50]
On business continuity mindset:

"It's not an if but a when. You will have a business disruption, I can almost guarantee it." – Christy Wyatt [16:54]

Community & Policy Highlights

Milpitas’ Doorbell Camera Initiative

[27:24 – 28:44]

Milpitas, CA to distribute free smart doorbells to residents, hoping for greater footage-sharing with police.
Officials stress the voluntary nature; critics warn of expanding neighborhood surveillance.

Key Timestamps

[01:08] – Cyber campaign landscape: Iran, North Korea, Israel, and the US
[14:12] – Introduction to Christy Wyatt, resilience as business continuity
[16:18] – Downtime as the key risk metric
[17:56] – Recovery planning blindspots
[23:06] – AI’s "amplifier effect," Resilience Index
[25:08] – Cross-functional planning and anxiety reduction

A war of missiles and messages.

Summary

CyberWire Daily – "A War of Missiles and Messages"

Episode Overview

Key News & Analysis

1. Iran’s Continued and Sophisticated Cyber Campaign

2. North Korean Supply Chain Attack Targets Open Source

3. Cisco's Breach via Supply Chain Vulnerability

4. Anthropic’s Claude Leak: Deeper AI System Intrusions

5. DoD’s Challenging Path to Zero Trust

6. Privacy Lawsuit: Perplexity AI Accused of Oversharing

7. Google Chrome Emergency Patch

8. U.S. FBI Warns Against Foreign Mobile Apps

Special Segment: NASA Artemis 2 Launch

Feature Interview: Christy Wyatt (Absolute Security)

Cyber Risk as a Business Continuity Crisis

The Shift from Cybersecurity to Business Resilience

The Underappreciated Aftermath of Cyber Events

The Practical Path to Reducing Downtime

Investing in Prevention Pays Off

AI’s Impact on Security and Recovery

Playbooks & Organizational Readiness

Notable Quotes and Memorable Moments

Community & Policy Highlights

Milpitas’ Doorbell Camera Initiative

Key Timestamps

Summary

Summary

CyberWire Daily – "A War of Missiles and Messages"

Episode Overview

Key News & Analysis

1. Iran’s Continued and Sophisticated Cyber Campaign

2. North Korean Supply Chain Attack Targets Open Source

3. Cisco's Breach via Supply Chain Vulnerability

4. Anthropic’s Claude Leak: Deeper AI System Intrusions

5. DoD’s Challenging Path to Zero Trust

6. Privacy Lawsuit: Perplexity AI Accused of Oversharing

7. Google Chrome Emergency Patch

8. U.S. FBI Warns Against Foreign Mobile Apps

Special Segment: NASA Artemis 2 Launch

Feature Interview: Christy Wyatt (Absolute Security)

Cyber Risk as a Business Continuity Crisis

The Shift from Cybersecurity to Business Resilience

The Underappreciated Aftermath of Cyber Events

The Practical Path to Reducing Downtime

Investing in Prevention Pays Off

AI’s Impact on Security and Recovery

Playbooks & Organizational Readiness

Notable Quotes and Memorable Moments

Community & Policy Highlights

Milpitas’ Doorbell Camera Initiative

Key Timestamps

Summary