Summary7 min read

CyberWire Daily – "CISA Sounds the Alarm on Cisco Flaws"

Date: September 26, 2025
Host: Dave Bittner (N2K Networks)

Main Theme

This episode centers on several high-impact cybersecurity news items, with a particular focus on CISA’s emergency directive for federal agencies to patch critical Cisco firewall vulnerabilities. The show covers breaking developments across the cybersecurity landscape, including novel supply chain attacks, major data breaches, government surveillance debates, and the growing intersection of cybersecurity and space operations.

Key Discussion Points & Insights

1. CISA’s Emergency Directive on Cisco Firewall Vulnerabilities

[00:50 – 02:40]

Key Points:
- Federal civilian agencies must patch two actively exploited Cisco Adaptive Security Appliance (ASA) firewall vulnerabilities within 24 hours.
- The flaws are easily exploitable, can be chained for greater impact, and persistence can survive reboots and upgrades.
- Cisco released fixes for the ASA 5500X series, confirming attacks in progress.
- Agencies are required not only to patch but also assess for compromise and decommission unsupported devices.
- Canada and the UK issued parallel alerts due to critical infrastructure risk.
- Attackers are potentially linked to sophisticated, state-sponsored groups behind the “Arcane Door” campaign.
Notable Quote:
“CISA warned attackers can exploit the bug with ease, chain them for greater impact and persist through reboots and upgrades.” — Dave Bittner [01:40]

2. First Known Malicious MCP Server in Supply Chain Attack

[02:41 – 04:00]

Key Points:
- COY Security discovered a malicious Model Context Protocol (MCP) server delivered via the NPM package ‘Postmark-mcp’.
- The package, widely trusted, was secretly altered to quietly blind-carbon-copy all processed emails to an attacker domain.
- Around 300 organizations were impacted, leaking thousands of sensitive emails daily, including financial records, credentials, and legal docs.
- Highlights inherent risks of MCP servers, which have privileged access but poor containment.
- Organizations urged to uninstall and rotate credentials.
Notable Quote:
“A single line of code added a blind carbon copy to every processed email, sending sensitive data to an attacker controlled domain.” — Dave Bittner [03:20]

3. New York SIM Card Threat Assessment

[04:01 – 05:30]

Key Points:
- Initial government alarm over a large SIM farm near New York (over 300 SIM servers, 100,000 SIM cards) was later questioned by experts.
- While officials cited grave national security threats, assessments showed it likely supported ordinary telecom fraud (VOIP scams, SMS fraud), not major nation-state disruption.
- The story shifted from significant sabotage to criminal activity inflated by initial reports.
Notable Quote:
“By day’s end, the narrative shifted from nation-state sabotage to overblown claims about an ordinary telecom fraud operation.” — Dave Bittner [05:22]

4. New Variant of XCSSet macOS Malware

[05:31 – 06:23]

Key Points:
- Microsoft flagged new XCSSet macOS malware, active in limited attacks via Xcode project infection.
- The variant features improved browser data theft, cryptocurrency wallet targeting, and new persistence techniques.
- Malicious code can redirect stolen funds and exfiltrate sensitive user information.
- Microsoft notified Apple and GitHub, urging scrutiny of shared Xcode projects.

5. Microsoft's Suspension of Services to Israeli Defense Division

[06:24 – 07:02]

Key Points:
- Microsoft ceased providing Azure Storage and AI services to a division of Israel’s Ministry of Defense.
- The decision followed revelations of Unit 8200’s use of Microsoft tech for surveillance and employee protest.
- Israel may migrate the affected system to AWS.

6. Major Auto Insurance Claims Data Exposure

[07:03 – 08:06]

Key Points:
- Researcher Jeremiah Fowler identified 5.1 million files—10 TB—exposed by auto claims platform ClaimPix.
- Data included registration documents, repair invoices, signed legal documents, and PII (names, addresses, emails).
- Leak could facilitate identity theft, insurance fraud, VIN cloning.
- Issue was reported and quickly secured; unclear how long it was exposed.
Notable Quote:
“Experts warn the leak could enable identity theft, insurance fraud OR VIN cloning.” — Dave Bittner [07:51]

7. Amazon’s $2.5 Billion FTC Settlement on Dark Patterns

[08:07 – 08:44]

Key Points:
- Amazon to pay $2.5 billion (with $1B civil penalty and $1.5B in refunds) for misusing “dark patterns” to enroll and retain Prime users.
- FTC highlighted manipulative user flows and “Iliad,” a designed-to-confuse cancellation process.
Notable Quote:
“Amazon knowingly designed manipulative enrollment flows and a cancellation system codenamed Iliad to deter users.” — Dave Bittner [08:25]

8. North Korea’s Hybrid Cybercrime and Insider Threat Playbook

[08:45 – 09:59]

Key Points:
- ESET links “Deceptive Development” to Wagemol, both North Korea-aligned entities.
- They target software developers with social engineering, malware-laden projects, and fake jobs, blending espionage with financial crime.
- Use tools (Beavertail, Tsunamikit, etc.) and employ stolen identities, AI-powered manipulation for global job placements.
Memorable Moment:
“Together, these groups illustrate a hybrid model that blends financial crime, espionage and insider risk.” — Dave Bittner [09:53]

9. Surge in Exploitation of Hikvision Camera Flaw

[10:00 – 11:12]

Key Points:
- SANS Institute notes a surge in attacks targeting an 8-year-old, harshly rated (CVSS 10) Hikvision camera flaw.
- Attackers use basic HTTP requests with weak credentials for device takeover.
- Many Hikvision models, including rebrands, remain exposed; urgent patches recommended.

Interview: Space Cybersecurity with Dan Trujillo (AFRL Space Vehicles Directorate)

[15:34 – 21:43]

Background and Role

Dan Trujillo leads the Space Cyber Resiliency Technical Area, responsible for R&D in securing US space vehicles from cyber threats.
The Space Vehicles Directorate straddles Air Force and Space Force, supporting a broad range of cyber R&D for spacecraft.
- “Our motto is one lab serving two services. And that's what we do… The goal is to secure our space vehicles from cyber attack.” — Dan Trujillo [15:47]

Unique Challenges of Space Cybersecurity

Space systems must function perfectly in remote, low-resource environments.
Integration of raw cybersecurity tech often requires intensive lab adaptation before deployment in space.
- “These things have to work, especially when you're talking about a space vehicle that's in space and it's gotta work and it's gotta work in this low swap environment.” — Dan Trujillo [16:45]

Career Advice: Getting Into Space Cyber

Dan describes his path as “a dream job” rooted in curiosity, R&D freedom, and mission-driven work.
He recommends:
- Internships via the AFRL Space Scholars program (HS through PhD)
- Being open to both government and rapidly growing commercial space sectors.
Early career exposure should emphasize learning and lab experience, not just outputs.
- “The things that we solve don't take months, they take years...all we want to do is just show [students] what the lab environment is and understand the freedom to do cool things.” — Dan Trujillo [17:57]
Explosive growth in the space sector mirrors the dot-com era, with abundant opportunities in both established industry leaders and startups.

Notable Quotes & Memorable Moments

On Absolute Security:
“Absolute security by definition is an oxymoron. I can secure you absolutely if you shutter your doors, wipe your computers, wrap them in Lucite and drop them …but then again, you ain't gonna make no money.” — Dan Trujillo [12:12]
On the Future of Space Industry:
“If you look at the .com industry in the 90s, how it exploded, now we move to the space industry and that's going to explode as well and probably dwarf .com thing.” — Dan Trujillo [20:55]

Additional Stories & Segments

[23:57] Recount of the “Doge” government modernization debacle, critiquing Silicon Valley’s failed reform attempts in federal agencies with a humorous, biting tone.
- “Wired asked federal workers for the inside story of DOGE, the Department of Government Efficiency, which stormed into federal agencies with all the grace of a toddler with a chainsaw.” — Dave Bittner [23:57]
- “Was this modernization or just government by Meme stock?” — Dave Bittner [24:54]

Timestamps for Important Segments

| Segment | Timestamp | |---------------------------------------------------------|-------------| | CISA Directive on Cisco Vulnerabilities | 00:50–02:40 | | Malicious MCP Server – Supply Chain Attack | 02:41–04:00 | | New York SIM Farm / SIM Card Threat | 04:01–05:30 | | XCSSet macOS Malware Variant | 05:31–06:23 | | Microsoft Suspends Services to Israeli Defense | 06:24–07:02 | | ClaimPix Auto Insurance Data Leak | 07:03–08:06 | | Amazon FTC Dark Patterns Settlement | 08:07–08:44 | | North Korea Hybrid Playbook | 08:45–09:59 | | Hikvision Camera Flaw Exploits | 10:00–11:12 | | Interview: Dan Trujillo (Space Vehicle Cybersecurity) | 15:34–21:43 | | Federal “DOGE” Modernization Satire | 23:57–24:54 |

Conclusion

This fast-paced CyberWire Daily episode distills new threats, cyber policy shifts, and space age vulnerabilities facing security teams, with a clear warning on patching high-priority flaws and an inspiring look at careers protecting the technologies that shape the future.

Loading summary

Transcript23 lines

[00:02]
Maria Vermazes
You're listening to the CyberWire network powered by N2K.
[00:12]
Dave Bittner
AI adoption is exploding and security teams are under pressure to keep up. That's why the industry is coming together at the Data SEC AI Conference, the premier event for cybersecurity, data and AI leaders. Hosted by data security leader ciara. Built for the industry by the industry, this two day conference conference is where real world insights and bold solutions take center stage. Datasec AI25 is happening November 12th and 13th in Dallas. There's no cost to attend, just bring your perspective and join the conversation. Register now@datasecai2025.com CyberWire CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug Researchers uncover the first known malicious MCP server used in a supply chain attack the New York SIM card threat may have been overblown. Microsoft tags A new variant of the XCSSet macOS malware, an exposed auto insurance claims database puts PII at risk. Amazon will pay $2.5 billion to settle dark pattern allegations. Researchers uncovered North Korea' hybrid playbook of cybercrime and insider threats. An old hikvision security camera vulnerability rears its ugly head. Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate joins Maria Vermazes, host of the T Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats and DOGE delivers dysfunction, disarray and disappoint foreign September 26, 2025 I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. Happy Friday. It is great to have you with us. Federal civilian agencies have until later today to patch two actively exploited Cisco firewall vulnerabilities under a new emergency directive from cisa. The flaws affect Cisco adaptive security appliances, widely used by governments and large enterprises. CISA warned attackers can exploit the bug with ease, chain them for greater impact and persist through reboots and upgrades. Cisco released fixes Thursday and confirmed attacks targeting ASA 5500X series devices. Agencies must patch, assess for compromise and decommission unsupported hardware. Canada and the UK issued parallel alerts citing risks to critical infrastructure. Cisco linked the activity to sophisticated actors behind last year's Arcane Door campaign previously associated with state sponsored interests. Researchers at COY Security uncovered the first known malicious model Context protocol server, or mcp, used in a supply chain attack. A MCP server is a component of the MCP ecosystem that acts as a bridge between AI assistance or large language models and external systems tools or data sources. In this case, the NPM package Postmark mcp, once trusted by hundreds of developers, was altered by its maintainer to secretly exfiltrate emails. A single line of code added a blind carbon copy to every processed email, sending sensitive data to an attacker controlled domain. Researchers estimate about 300 organizations were affected, with thousands of emails stolen daily, including credentials, financial records and legal documents. The incident highlights a fundamental weakness in MCP servers. They inherit full privileges from AI assistants but lack containment or verification safeguards. Koi Security urges organizations to uninstall compromised versions and rotate exposed credentials. Earlier this week, we reported the US Secret Service announcement that they dismantled a network of more than 300 SIM servers and and 100,000 SIM cards near New York, describing it as an imminent threat to protective operations. During the UN General assembly, officials warned the infrastructure could disable cell towers and support nation state communications, citing links to swatting attacks against members of Congress. However, experts quickly cast doubt, suggesting the setup was instead a large SIM farm used for voiceover IP scams and SMS fraud, a common criminal scheme worldwide. Commenters noted the described equipment was unlikely to disrupt regional cellular networks. By day's end, the narrative shifted from nation state sabotage to overblown claims about an ordinary telecom fraud operation. Microsoft Threat Intelligence has identified a new variant of the XCSSet macOS malware active in limited attacks. XCSSet, which spreads by infecting Xcode projects, now includes enhanced browser targeting, updated clipboard hijacking to steal cryptocurrency, and new persistence methods such as launch daemon entries and fake system settings app. The malware can exfiltrate notes, crypto wallets and browser data, redirecting funds to attacker controlled addresses. Microsoft has notified Apple and GitHub, urging developments to scrutinize shared XCODE projects carefully elsewhere. Microsoft said it has stopped providing certain cloud and AI services to a division of Israel's Ministry of Defense after finding evidence supporting reports that Unit 8200 used Microsoft technology to track Palestinians phone calls. The move follows employee protests over Israel's use of Microsoft software during its Gaza invasion. President Brad Smith confirmed the suspension involved Azure Storage in the Netherlands and AI Services. The Guardian reported Israel may shift the surveillance system to Amazon Web Services. Security researcher Jeremiah Fowler discovered an unprotected database containing 5.1 million files totaling 10 terabytes linked to Illinois based Claim Picks, a platform used for managing auto insurance claims nationwide. The exposed data included vehicle registrations, repair invoices, images of damaged cars with visible VINs and nearly 16,000 signed powers of attorney granting legal authority over vehicles. Sensitive personal information such as names, addresses, phone numbers and emails was also visible alongside internal business documents. Fowler reported the issue, and access was restricted soon after. It remains unclear how long the data was exposed or if it was accessed by others. Experts warn the leak could enable identity theft, insurance fraud OR VIN cloning. ClaimPix confirms the findings and says it updated policies and code to remediate the flaw. Amazon has agreed to pay $2.5 billion to settle federal Trade Commission claims that it used deceptive dark patterns to push millions into unwanted prime subscriptions and obstruct cancellations. The deal includes a $1 billion civil penalty and $1.5 billion in refunds for 35 million customers. The FTC said Amazon knowingly designed manipulative enrollment flows and a cancellation system codenamed Iliad to deter users. The settlement follows the FTC's 2023 lawsuit alleging prime subscription traps violated federal consumer protection laws. Researchers at ESET have detailed links between Deceptive Development, a North Korea aligned cybercrime group, and Wagemol, a cluster of North Korean IT workers. Deceptive Development targets software developers, especially in cryptocurrency and web3, using fake recruiter profiles and social engineering scams such as Trojanized coding challenges and the click fix technique. Its malware arsenal includes Beavertail, Invisible Ferret, Weasel Store and the complex tsunamikit toolkit, along with links to Lazarus Group malware Like Tropador and Acdor. T wage mole operators exploit stolen identities and AI driven tools to pose as remote job seekers, sometimes using proxy interviews or manipulated video to secure roles abroad. Their earnings and access provide both financial resources and insider footholds for North Korea. Together, these groups illustrate a hybrid model that blends financial crime, espionage and insider risk. SANS researchers report a sharp increase in exploitation attempts targeting an 8 year old critical authentication bypass flaw in Hikvision security cameras with a CVSS score of 10. Attackers send crafted HTTP requests, often using weak credentials to gain access. Once compromised, cameras can be locked against legitimate users, have configurations altered and be leveraged for lateral movement. Stolen configuration files use weak encryption and can be decrypted to harvest credentials. A wide range of hikvision models remain vulnerable, with hundreds of thousands still exposed online. The risk is compounded by rebranding practices where hikvision hardware is sold under other names. SANS urges organizations to patch immediately, enforce strong passwords and restrict management interface access to trusted networks. Coming up after the after the break, Maria Vermazes speaks with Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate, discussing how his team is securing satellites and Doge delivers dysfunction, disarray and disappointment. Stick around.
[11:40]
Ethan Cook
CISO Perspectives is back with an all new season. This season is all about change. Whether it be emerging technologies like AI, shifting governmental roles or evolving threats, we are sitting down with security experts and getting their insights to help you make sense of these changes. We are part of a larger ecosystem.
[11:58]
Dave Bittner
And if you look at the largest cyber incidents, they have massive downstream effects.
[12:03]
Ethan Cook
I'm Ethan Cook, Editor of ciso Perspectives at N2K CyberWire. I'm this week host Kim Jones with his first guest Ben Yellen to discuss the current state of regulation.
[12:13]
Dan Trujillo
Absolute security by definition is an oxymoron. I can secure you absolutely if you shutter your doors, wipe your computers, wrap them in Lucite and drop them in Madness trash. But then again, you ain't gonna make no money.
[12:26]
Ethan Cook
CISO perspectives is an N2K Pro exclusive show, but for this season we're sharing the first two episodes free on the Cyberwire Daily. To hear the full season, visit TheCyberWire.com and click on subscribe now to become an N2K Pro Member.
[12:42]
Dave Bittner
@ Thales, they know cybersecurity can be tough and you can't protect everything. But with Thales, you can secure what matters most. With Thales industry leading platforms, you can protect critical applications, data and identities anywhere and at scale with the highest roi. That's why the most trusted brands and largest banks, retailers and healthcare companies in the world rely on Thales to protect what matters most applications, data and identity. That's Thales. T H A L E S learn more@talasgroup.com cyber compliance regulations, third party risk and customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you're thinking there has to be something more efficient than spreadsheets, screenshots and all those manual processes, you're right. GRC can be so much easier and it can strengthen your security posture while actually driving revenue for your business. You know, one of the things I really like about Vanta is how it takes the heavy lifting out of your GRC program. Their trust management platform automates those key compliance, internal and third party risk, and even customer trust so you're not buried under spreadsheets and endless manual tasks. Vanta really streamlines the way you gather and manage information across your entire business. And this isn't just theoretical. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. That's a pretty impressive number so what does it mean for you? It means you get back more time and energy to focus on what actually matters, like strengthening your security posture and scaling your business. Vanta GRC Just imagine how much easier trust can be. Visit vanta.com cyber to sign up today for a free demo that's V-A-N-T a.com cyber My N2K colleague, Maria Vermazes, host of the T minus Space Daily podcast, recently sat down with Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate to discuss how his team is securing satellites and space systems from cyber threats.
[15:34]
Dan Trujillo
So my name is Joseph D. Trujillo and my dad was Joseph as well. I'm second, so I actually go by Dan, my middle name, so people know me by Dan Trujillo. And so my current job is I lead the space cyber resiliency technical area for the Air Force Research Labs in the Space Vehicles Directorate. Now what's interesting about that is I always say Air Force Research Labs, but I actually work for the US Space Force because we're a little bit of a carve out because of the Space Vehicles Directorate. Our motto is one lab serving two services. And that's what we do. That's my current job. I lead a team of scientists and engineers and we do research and development into essentially the goal is to secure our space vehicles from cyber attack. And so we do a lot of research in taking raw technology, visions, concepts, maturing it in the lab because a lot of these are just cyber technologies that we want to bump up or integrate into space systems. And so we do a lot of that work too.
[16:45]
Dave Bittner
Right?
[16:45]
Dan Trujillo
Because these things have to work, especially when you're talking about a space vehicle that's in space and it's gotta work and it's gotta work in this low swap environment. Right. So we do things like that.
[16:55]
Maria Vermazes
That is so awesome. Dan. Well, first of all, thank you for joining me. You have a really fascinating background and I gotta say, you also based on the conversations I've had with a lot of people in the cyber world, you have a lot of people's dream job. So a lot of people who really wanna be in space cyber who are in the cyber world right now, who are like, how do I get there? So I really hope they're listening to this interview because you've sort of la a bunch of awesome possibilities there. And I feel like I maybe should ask what is your advice to people who want to do what you do, even though it's not part of what we were going to talk about today. Now I'm like, I got to know. What do you tell people?
[17:30]
Dan Trujillo
Well, first of all, you write. It is a dream job. Like I said, I started off with writing software in the 90s. And I don't want to say it's the Wild west, but it was because people were just. Companies were just starting to implement software. So it was really cool because all these ideas were flowing. There's a lot of companies being created and bought up by Microsoft, and it was just a really cool world. The job that I'm in now is R and D. And so we get to really just think outside the box and we get to really just play with whatever vision or idea that we have. So that is really, really awesome. I say I work for the government. Obviously you can make a lot more in the commercial world, but you get to really, truly build your vision up here. And how you get into something like this. Well, I think one of the best ways is if you're in high school or you're in college, come to our internships. We have the Space Scholars AFRL Space Scholars program. And that is where all of our scientists and engineers will actually create several topics and areas of research that they're working on. There's probably a hundred, and it's not just at Kirtland Air Force Base in New Mexico, but it's in Maui. We have places in California. We have a lot of places in Dayton where our headquarters are. But there's just a whole bunch of technology and topics to be able to. To work on. And so you go to this website and you see these topics and then you can be able to sign up for them and, and start working in those. Now, if you're a high school. You know, a lot of times we get high schoolers and they think, oh, my God, I got to come in and I have to start solving and producing things. Right? But we work in the lab, and it's research and development. The things that we solve don't take months, they take years. So a lot of times the high schoolers will come in and all we want to do is just show them what the lab environment is and understand the freedom to be able to do cool things, right. And then if they're in college, maybe bachelor's, then they're getting a little bit more experience. And if PhD, they might have something that they're very interested in that's in space Cyber, for example, and just bring that project over to AFRL and be able to have all the lab resources in order to be able to do what they want to do with that. I think that's a good way to start. Otherwise, you know, we are always looking for people. I mean, we have slots available for space cyber at afrl rv and we also have people working cislunar sda. We have people working autonomy. There's just a whole bunch of opportunities at AFRL to be able to do those things.
[20:24]
Maria Vermazes
That's so cool. Yeah. I cannot tell you how many, you know, at events or, you know, hall con, lobbycon type conversations I've had with people who are, you know, either in school, as you've mentioned, people who are trying to figure out how to make this their career, or people who are looking to make a lateral move. You know, it practitioners, cyber practitioners who are going, I really love space. I hear there's a need for space cyber folks. I just, I have the cyber side. I don't know how on earth to get to the space side, but you've given me. I hope they people are again, I hope people are listening to this because like you've given a lot of different options there that are really fascinating.
[20:56]
Dan Trujillo
So yeah, I mean space is if, if you look at the.com industry in the 90s, how it exploded, now we move to the space industry and that's going to explode as well and probably dwarf.com thing. So there's a lot of commercial companies getting into space, small startups. There's the primes at Northrop, Grumman and Lockheed. But yeah, I mean, if you want to work in the government, you can come through afrl. If you want to get in through these commercial companies, then you know, they're looking for people because that industry is just going to explode.
[21:36]
Maria Vermazes
Yeah, absolutely. So, Dan, thank you so much for all that you do and all that you and the team work on and I wish you all the best.
[21:44]
Dave Bittner
That's Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate speaking with Maria Vermazes, host of the T Minus Space Daily. Be sure to check out the T Minus Space Daily wherever you get your favorite podcasts. Investigating is hard enough. Your tools shouldn't make it harder. Maltego brings all your intelligence into one platform and gives you curated data along with a full suite of tools to handle any digital investigation. Plus, with on demand courses and live training, your team won't just install the platform, they'll actually use it and connect the dots so fast cybercriminals won't realize they're already in cuffs. Maltego is trusted by Global Law enforcement, financial institutions and security teams worldwide. See it in action now@maltego.com.
[22:52]
Eczema Relief Advertiser
Eczema isn't always obvious, but it's real, and so is the relief from EBGLIS. After an initial dosing phase, about 4 in 10 people taking EVGLIS achieved itch relief and clear or almost clear skin at 16 weeks, and most of those people maintain skin that's still more clear at one year with monthly dosing.
[23:10]
Eglis Lebricizumab Advertiser
Eglis Lebricizumab, LBKZ, a 250 milligram PER2 milliliter injection, is a prescription medicine used to treat adults and children 12 years of age and older who weigh at least 88 pounds or 40 kilograms with moderate to severe eczema, also called atopic dermatitis that is not well controlled with prescription therapies used on the skin or topicals, or who cannot use topical therapies. Ebglis can be used with or without topical corticosteroids. Don't use if you're allergic to Eglis. Allergic reactions can occur that can be severe. Eye problems can occur. Tell your doctor if you have new or worsening eye problems. You should not receive a live vaccine when treated with Epglis. Before starting Epglis, tell your doctor if you have a parasitic infection searching for real relief.
[23:45]
Eczema Relief Advertiser
Ask your doctor about eglis and visit ebgliss.lilly.com or call 1-800-LilyRx or 1-800-54559.
[23:58]
Dave Bittner
And finally, Wired asked federal workers for the inside story of doge, the Department of Government Efficiency, which stormed into federal agencies with all the grace of a toddler with a chainsaw. Ostensibly created to modernize government, it quickly became a Musk fueled circus of Silicon Valley interns asking seasoned civil servants why AI couldn't just do their jobs. Emails that looked like phishing flooded inboxes, capped off by the infamous Fork in the Road memo, which read like a parody of Musk's Twitter ultimatum. Meanwhile, 300,000 workers took Doge's incentives to quit, and those who stayed faced chaos. Surveillance projects gutted offices and managers, suggesting gratitude exercises as childcare collapsed. The promised efficiency never materialized, but the damage did, leaving behind fewer staff, more distrust, and a lingering question. Was this modernization or just government by Meme stock? And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com be sure to check out this weekend's research Saturday and my conversation with Martin Zujic, technical solutions director at bitdefender the research we're discussing is titled Curly Comrades, A New Threat Actor Targeting Geopolitical Hotbeds. That's Research Saturday. Do check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes were mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Buettner. Thanks for listening. We'll see you back here next week.
[26:37]
Dan Trujillo
Foreign.
[26:44]
Dave Bittner
Cyber Innovation Day is the premier event for cyber startups, researchers and top VC firms building trust into tomorrow's digital world. Kick off the day with unfiltered insights and panels on securing tomorrow's technology. In the afternoon, the 8th annual DataTribe Challenge takes center stage as elite startups pitch for exposure, acceleration and funding. The Innovation Expo runs all day, connecting founders, investors and researchers around breakthroughs in cybersecurity. It all happens November 4th in Washington, D.C. discover the startups building the future of cyber. Learn more@cid.datatribe.com.