A

You're listening to the Cyberwire Network powered by N2K.

B

Most environments trust far more than they should, and attackers know it. ThreatLocker solves that by enforcing default deny at the point of execution. With ThreatLocker allow listing, you stop unknown executables cold. With ring Fencing, you control how trusted applications behave, and with threatlocker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. It's powerful protection that gives CISOs real visibility, real control, and real peace of mind. ThreatLocker make zero trust attainable even for small security teams. See why thousands of organizations choose Threat Locker to minimize alert fatigue, stop ransomware at the source, and regain control over their environments. Schedule your demo@threatlocker.com N2K today. We got your patch Tuesday rundown, China sidelines Western security vendors and a critical flaw puts industrial switches at risk of remote takeover. A ransomware attack disrupts a Belgian hospital, crypto scams hit investment clients, and Eurail discloses a data breach. Analysts press Congress to go on offense in cyberspace, and Sean Planky gets another shot at leading CISA in our Threat Vector segment. David Moulton sits down with Ian Swanson, AI security leader at Palo Alto Networks, about supply chain security and an AI risk assessment cites a football match that never happened. It's Wednesday, January 14, 2026. I'm Dave Buettner and this is your Cyberwire Intel Brief. Thanks for joining us here today. It's great as always to have you with us. Microsoft's January Patch Tuesday addresses at least 113 vulnerabilities across Windows and supported software, including 8 rated critical and 1 confirmed zero day under active exploitation. The zero day affects the Windows Desktop Window Manager and is already being used in attacks. Despite a relatively low CVSS score. Researchers warn it can undermine core protections like address space layout randomization and be chained with other flaws, making rapid patching essential. Microsoft also fixed critical Office bugs exploitable via preview pane and removed legacy modem drivers linked to long known privilege escalation risks. Separately, vendors flagged a critical secure boot bypass tied to expiring certificates, urging careful remediation. Browser updates from Mozilla and pending Chrome and Edge patches add to the busy patch cycle. Adobe delivered fixes for 25 vulnerabilities across 11 products, including one critical flaw. The most severe issue is an XML external entity injection bug in Apache Tika modules that can enable remote code execution through malicious PDF files. Adobe resolved it in Cold Fusion updates and assigned a top priority rating urging immediate patching. Additional updates addressed high severity code execution flaws in Dreamweaver and multiple Creative Cloud tools. Adobe reports no evidence of active exploitation. Fortinet released patches for six vulnerabilities, including two critical flaws affecting Fortisim and fortaphone. The most serious is an unauthenticated OS command injection bug in Fortisim that could allow remote code execution and can be addressed by restricting access to a monitoring port. A second critical issue in Forta Phone could expose device configurations without authentication. Fortinet also fixed a high severity buffer overflow in fortaos and related products, plus several lower severity bugs. No active exploitation was reported. Chinese authorities have instructed domestic companies to stop using cybersecurity software from about a dozen US And Israeli vendors, citing national security concerns, according to sources briefed on the matter. An exclusive report from Reuters says the affected firms include VMware, Palo Alto Networks, Fortinet and Check Point Software. Beijing is concerned the software could collect and transmit sensitive data overseas as it accelerates efforts to replace Western technology with domestic alternatives amid rising U S China tensions. Regulators and the companies decline to comment. The move comes as both sides prepare for renewed high level diplomacy and reflects long standing Chinese concerns that foreign cybersecurity tools could enable espionage or sabotage. Moxa warned of a critical vulnerability, exposing its industrial Ethernet switches to remote unauthenticated takeover. The flaw stems from how a third party open SSH library is handled and and allows remote code execution when SSH agent forwarding is abused. Affected devices include multiple EDS and RKS switch models running older firmware. Moxa has released patched firmware and urges operators to update immediately. Until then, administrators should isolate vulnerable devices from the Internet and restrict access to trusted networks only. A ransomware attack has severely disrupted operations at Az Monica Hospital in Belgium, forcing canceled surgeries and reduced emergency services. The hospital shut down all servers across its Antwerp and Dern campuses to contain the incident, which prosecutors confirmed as a cyber attack. The Belgian Red Cross helped transfer seven critically ill patients to other hospitals after their safety could not be guaranteed. Ambulances are no longer bringing patients to Azmonica, increasing pressure on nearby facilities. Access to electronic patient records is unavailable, disrupting consultations, imaging and chemotherapy. Hospital leaders say servers were taken offline proactively to prevent patient data compromise while care continues with support from neighboring hospitals. U.S. digital Investment Advisor Betterment confirmed a breach that allowed attackers to send fraudulent crypto related emails to some customers. The incident stemmed from unauthorized access to a third party marketing platform, not Betterment's core systems. Using legitimate Betterment email infrastructure, the attacker promoted a fake rewards scam, claiming to triple Bitcoin and Ethereum deposits while no customer accounts or credentials were accessed. Exposed data included names, contact details, addresses and dates of birth. Betterment warned customers on January 9th removed the attacker's access and said there's no evidence of further compromise. Some users later reported temporary access issues. The company says they're strengthening defenses against social engineering and and that they plan a detailed post incident report. European rail pass provider Eurail, also known as Interrail, confirmed a data breach that exposed customer information with notifications sent out this week. Potentially affected data includes names, contact details, dates of birth and passport information. Customers in the Discover EU program may also have ID copies and health data and bank references exposed, according to the European Commission. Eurail says systems are secured, regulators notified and there's no evidence of misuse so far. Cyber policy analysts warned lawmakers that China and other adversaries are running persistent, large scale cyber campaigns against US Critical infrastructure at little cost or risk. Testifying before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, panelists argued current US Authorities are outdated and overly restrictive, limiting offensive cyber operations that could deter adversaries. They cited attacks on U.S. water systems and China's Volt Typhoon as evidence of growing civilian risk. Experts urged clearer interagency roles for faster information sharing with industry and a shift from reactive responses to sustained defend forward operations. Crowdstrike called for increasing the pace of infrastructure takedowns as the White House weighs a more assertive cyber posture. President Donald Trump has renominated Shawn Planky to lead the Cybersecurity and Infrastructure Security Agency, reviving a nomination that stalled in the Senate last year. Planky's earlier bid advanced out of committee but was blocked by Senate holds tied to unrelated disputes, leaving CISA without a permanent director throughout 2025. The renewed nomination signals continued White House support, though it remains unclear whether those obstacles have been resolved. Planky previously served in cybersecurity roles during Trump's first term and most recently acted as a senior advisor on Coast Guard matters. The administration says confirming Planki remains a priority, citing the need for stable leadership at the nation's lead civilian cyber defense agency. Coming up after the break on our Threat Vector segment, David Moulton sits down with Ian Swanson, AI security leader at Palo Alto Networks. They're talking supply chain security and an AI risk assessment cites a football match that never happened. Stay with us. On today's Segment from the Threat Vector Podcast. David Moulton sits down with Ian Swanson, former CEO of Protect AI and now the AI security leader at Palo Alto Networks. They're talking supply chain security.

C

Hi, I'm David Moulton, host of the Threat Vector Podcast, where we break down cybersecurity threats, resilience, and the industry trends that matter most. In this episode, I'm joined by Ian Swanson, an AI security leader at Palo Alto Networks and a founder with decades of experience building and securing machine learning systems. We're talking about the AI supply chain, where hidden risks live and why moving fast with AI without security can quietly put your entire organization at risk. This episode isn't about slowing down innovation. It's about keeping AI from going off the rails. Ian Swanson, so glad that you're here on threatvector. We've had a little bit of a, of a slow start here as we're getting started, but I'm expecting a great conversation with you today.

A

Hey, thanks, David. I really appreciate you having me on.

C

I want to ask you something. A lot of times I'll get into these nerd conversations and somebody will say, like, oh, the AI supply chain. And you just kind of nod along. You're like, I kind of have an idea what that is. But before we get into some of the deeper questions, I think it's important that we define exactly what we're referring to when we talk about something like the AI supply chain. And then if you could go a touch deeper and say, what component should CISOs or security leaders really be paying attention to in that AI supply chain?

A

Yeah, no, it's a great question. As I look at the supply chain, clearly data is the fuel to AI and machine learning. And there's been a lot of security around data for the last 10, 20 years. But what's something that is new that we really talked to CISOs about at depth is the machine learning models themselves. And so if data is the fuel, the machine learning model is the engine to an AI application. And there's a lot of these great foundational models that live in the open source environments. And so you could go to Hugging Face, which is the world's number one AI community, where there's over 2 million models that companies are able to pull in and train on their data sets and release. But there's all these various model repositories that have a really rich supply chain of building blocks that companies use as they are putting forth their AI applications. Now, what are the risks? So again, oftentimes when I meet with the ciso, I say, how many machine learning models do you have live? A common answer that I get is somewhere between 100, 150. The real answer is tens of thousands. And we have many customers that have hundreds of thousands of models that are live in production. And as we scan our team's devices, the network, the cloud, we also need to scan machine learning models for risk. We need to scan the engine that powers AI applications. And within that engine can be a lot of malicious code, unsafe operators, neural backdoors. And so that's one of the first areas that we tell companies to really look out for because they have this deployed and have had it deployed in production at quite a large scale.

C

So as you're talking about that, you're basically saying that the perception is they have a couple hundred and reality is they have tens of thousands, maybe even more. And that lack of visibility is I suppose a first problem. But then specifically, are there common AI or ML vulnerabilities that you see out there in the wild that companies are consuming today that really concern you?

A

Yes. So I think there's multiple areas in the development life cycle where there are hidden risks and important risks that CISOs need to pay attention to. As I said, if data is the fuel to AI, the engine is the machine learning model. We need to deserialize these models, look in them for risks, and we found real risks that if you deploy these in for example, your cloud environment, it's going to try to steal credentials, it's going to try to exfiltrate data. But as those engines, those models go into AI applications, we should test drive these AI applications before we put them in production. What does that mean? Test, benchmark, evaluate red team these applications and models before you put them in production, at the point of inference, let's say in customer facing applications. So throughout this development lifecycle, we need to run continuous testing and find real threats. I'll give you an example of a threat we saw within the supply chain of open source models. We found a model pretending to be from a well known healthcare life sciences company. It was a name squatting attack. It wasn't the company that put that model live, but it was an attacker, a malicious actor. And that particular model we saw was downloaded tens and tens of thousands of times. If you put that model within your AWS infrastructure and at the point of deserialization, one of its core goals was to steal and exfiltrate your credentials on your cloud. And so we see a lot of attacks that 10, 20 years ago were just in the typical software supply chain that are remanifesting themselves within the AI supply chain, specifically around data models and now agents.

C

If this got your attention, don't wait. Listen to the full episode now in your Threat Vector Podcast feed. It's called Securing the AI Supply Chain with Ian Swanson and it's live now. Oh, and one more thing. This Thursday marks the 100th episode of Threat Vector and we're featuring an in depth conversation with Nikesh Arora, Chairman and CEO of Palo Alto Networks. You don't want to miss that one. Thanks for listening. Stay secure. Goodbye for now.

B

Be sure to check out the complete Threat Vector podcast wherever you get your favorite podcasts. And finally, what began as a routine soccer security decision ended as a quiet lesson in what happens when artificial intelligence gets a little too imaginative. First, a soccer match in the UK gets flagged. Maccabee Tel Aviv fans are told they cannot attend a game against Aston Villa after the Birmingham Safety Advisory Group, with police at the table, deems it high risk based on prior unrest. Next, a key detail in the supporting report raises eyebrows. It cites trouble at a Maccabee Tel Aviv vs Westam match that awkwardly never actually happened. Then comes the cleanup tour. Twice Chief Constable Craig Guilford tells MPs that West Midlands Police do not use AI, pointing instead to social media scraping and a Google search. But then the twist ending arrives in writing In a letter released to the Home Affairs Select Committee, Guilford concedes the error came from using Microsoft Copilot. There are calls for the Chief Constable to be sacked, but the Prime Minister says that authority was stripped away years ago. At any rate, the AI promised assistance, not accuracy, and delivered exactly that. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Heltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. If you only attend one cybersecurity conference this year. Make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26. I'll see you in San Francisco.