A

You're listening to the Cyberwire Network powered by N2K. These days, attackers rarely start with a bang. They start quietly. A leaked credential, a stolen session cookie, A lookalike domain that shouldn't exist. That's where Nord Stellar comes in. Nord Stellar is a threat exposure management platform that helps organizations see what attackers already know about them. Turns into an incident. It brings together data breach monitoring, dark web monitoring, attack surface management and cyber squatting detection in a single platform. That means visibility into leaked credentials and malware logs, insight into brand impersonation attempts, and a clear picture of exposed Internet facing assets and shadow it for CISOs. It's a way to reduce response costs, prioritize real risk and communicate clearly with the board. For security teams, it's real time alerts, contextual intelligence and faster investigations without the noise. Most companies only react after the damage is done. Don't wait until your data is already for sale. Protect your business today with Nord Stellar. Learn more@nordstellar.com CyberWire Daily don't forget to mention CyberWire 10 for an exclusive offer. Iran's muddy water breaches Multiple U.S. organizations the FBI probes a breach of wiretap management systems. A China linked threat actor targets South American telecoms, Cisco patches, critical firewall flaws, CISA flags actively exploited, bugs in hikvision cameras and and Rockwell industrial systems. The House Committee advances the controversial Kids Online safety bill. The FBI arrests a suspect accused of stealing millions in seized crypto from the US Marshals Service. Ben Yellen and Ethan Cook unpack the dispute between Anthropic and the Pentagon and a Wikimedia worm wreaks widespread Wiki woes. Foreign March 6, 2026 I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It's great as always to have you with us. Iranian Advanced Persistent Threat Group Muddy Water has infiltrated multiple organizations in the United States and allied regions, according to researchers at Broadcom's Symantec and Carbon Black Threat Hunting Team. The activity targeted an aerospace and defense contractor, a US bank, an airport, a software company with operations in Israel, and a non governmental organization active in the US And Canada. Researchers say the intrusions continued in recent days amid escalating tensions following US And Israeli military strikes on Iran. During the campaign, the attackers deployed two backdoors, Dindor and Fakeset, both signed with certificates linked to the names Amy Scharn and Donald Gay, the latter previously associated with muddy water operations. The group also attempted to exfiltrate data from the software company's Israeli branch. Although the observed activity has been disrupted, researchers warn the attackers existing foothold on US And Israeli networks could enable further operations. Major technology firms and policy leaders are rallying behind AI developer Anthropic as its dispute with the Pentagon intensifies. The Information Technology Industry Council, which represents companies including Google, Apple and Microsoft, warned the Defense Department that labeling Anthropic a supply chain risk over a procurement disagreement could set a dangerous precedent for the tech industry and the defense industrial base. Separately, a bipartisan group of defense intelligence and technology policy experts urged Congress to investigate the Pentagon's actions, arguing Anthropic's stance against using AI for mass domestic surveillance is reasonable. The White House has ordered agencies to phase out anthropic technology within six months while seeking alternative AI providers willing to permit broader government use. Lawmakers including Senator Ron Wyden are also pressing AI companies about safeguards around government access to Americans. Data analysts warn the dispute could complicate government systems that already rely on Anthropic models. Later in the show, Ben Yellen and Ethan Cook dig into the details of this dispute. Stick around for that. The FBI confirmed it's investigating a breach involving systems used to manage surveillance and wiretap warrants. The agency said it detected suspicious activity on its networks and has since contained the incident, though officials declined to provide details about the scope or impact. According to reporting by cnn, the compromised systems are used to process court authorized wiretapping and foreign intelligence surveillance warrants. The FBI stated it used its technical capabilities to respond after identifying the activity, but did not say who may be responsible or whether sensitive information was accessed. Authorities have not confirmed whether the incident is linked to prior intrusions. In 2024, a Chinese state backed hacking group Salt Typhoon breached US government systems involved in handling lawful wiretap requests, though investigations have not tied that activity to the current case. A China linked threat actor tracked as UAT9244 has targeted telecommunications providers across South America since 2024, compromising Windows, Linux and Network Edge devices, according to Cisco Talos researchers. The activity cluster shows strong overlaps with tactics used by the famous Sparrow and Tropic Trooper groups, though researchers track it separately. The campaign deploys three previously undocumented malware families. Turn Door is a Windows backdoor delivered through DLL sideloading that enables remote code execution and persistence through scheduled tasks and registry changes. PeerTime is a multi architecture Linux backdoor that uses the BitTorrent protocol for command and control communications and appears designed for telecom and embedded systems. Brute Entry is a scanning and brute force tool that converts compromised machines into proxy nodes to search for new targets. Researchers say the activity shares victim profiles with the China linked Salt Typhoon group, though no confirmed operational link has been established. Cisco has released security updates addressing 48 vulnerabilities across several firewall platforms, including Cisco Secure Firewall Adaptive Security Appliance, Secure Firewall Management center and Secure Firewall Threat Defense. The advisories include two critical flaws, both with a maximum CVSS score of 10, affecting the secure Firewall Management center management platform. One vulnerability allows authentication bypass through crafted HTTP requests, potentially granting root access. The second involves insecure deserialization that could enable remote code execution. Cisco also patched 15 high severity and 31 medium severity flaws. The company says no workarounds exist and organizations should update to the patched versions immediately. Two long standing vulnerabilities affecting hikvision cameras and Rockwell Automation Logix industrial systems are now high priority risks after being added to CISA's known exploited vulnerabilities catalog. The first flaw, with a CVSS score of 10, allows authentication bypass on certain Hikvision IP cameras, potentially exposing device credentials, configurations and images. The second, with a CVSS score of 9.8, enables attackers with network access to impersonate trusted engineering workstations in Rockwell Logix environments. CISA's Kev listing indicates active exploitation in the wild. Security teams are urged to patch vulnerable hikvision devices, reduce Internet exposure, and apply network segmentation and other compensating controls for affected industrial control system environments. The House Energy and Commerce Committee advanced the Kids, Internet and Digital Safety act in a party line vote, triggering sharp debate over how aggressively Congress should regulate online platforms. Republicans say the bill would strengthen protections by empowering parents and requiring platforms to disable recommendation algorithms for minors by default. Democrats criticize the measure as too weak, arguing it lacks a duty of care that would force companies to proactively mitigate online harms and includes a knowledge standard that could allow tech firms to avoid responsibility. They also warned that provisions preempting some state laws could could undermine ongoing legal actions against companies such as Meta and roblox. The committee also advanced Sammy's Law, which would alert parents to serious risks to children online, and the App Store Accountability act, requiring parental consent for downloads by minors. Critics say the proposals could threaten privacy and free expression. John Dea was arrested in St. Martin for for allegedly stealing more than $46 million in seized cryptocurrency from the U.S. marshals Service, according to the FBI. FBI Director Cash Patel said the arrest was carried out with assistance from France's GIGN tactical police unit. Authorities described Dagita as a government contractor, though blockchain investigators Zach XBT claims he's the son of Dean Dit, head of Command Services and Support, a contractor managing seized assets for the Marshall Service. Investigators have not publicly explained how the cryptocurrency was transferred, but ZacxBT says the activity was uncovered after a dispute on Telegram revealed wallet addresses linked to Dagita. The funds may include cryptocurrency seized after the 2016 Bitfinex hack. Following the revelations, CMDSS removed its website and social media presence while authorities launched an investigation. Coming up after the break, Ben Yellen and Ethan Cook unpack the dispute between Anthropic and the Pentagon and a Wikimedia worm wreaks widespread wiki woes. Stay with us. Maybe that's an urgent message from your CEO. Or maybe it's a deep fake trying to target your business. Doppel is the AI native social engineering defense platform fighting back against impersonation and manipulation. As attackers use AI to make their tactics more sophisticated, Doppel uses it to fight back from automatically dismantling cross channel attacks to building team resilience and more Doppel outpacing what's next in social engineering? Learn more@doppel.com that's d o p p e l.com foreign. No, it's not your imagination. Risk and regulation really are ramping up and customers expect proof of security before they'll sign that deal. That's where Vanta comes in. Vanta automates your compliance process and brings compliance, risk and customer trust together on one AI powered platform. Whether you're preparing for SoC2 or managing an enterprise governance risk and compliance program, Vanta helps keep you secure and keeps your deals moving. Companies like Ramp and RYTR spend 82% less time on audits with Vanta. That's not just faster compliance, that's more time for growth. Take it from me, if you're thinking about compliance, take the time to check out Vanta. Get started at vanta.com/cyber. Ben Yellen is my co host on the Caveat podcast where we cover all things law and policy. He's joined by our N2K lead analyst Ethan Cook to unpack the fallout between the Pentagon and Anthropic.

B

All right Ethan, it's the two of us again. We are without our fearless co host Dave Bittner, but it is with us. Yes, this is a hostile takeover. No, Dave is, I'm sure, doing much more important things somewhere. But we are lucky in that we have a Very exciting story to cover. And this is about what happened with the Pentagon and their contract with AI startup. Anthropological. I don't know if you want to start by just kind of giving us a basic overview of what happened and then we can get into the details.

C

Yeah. So obviously the Pentagon, as with many of the other government branches, contracts out with multiple AI providers, OpenAI, Anthropic, etc, using their AI services. And from what I understand, this all ties back to when the US abducted Maduro from Venezuela. And there were some internal rumblings, this wasn't public yet between Anthropic and the Pentagon, that Anthropic was not okay with some of the things that were being requested of it. Specifically the DoD's plan to use its AI services for both autonomous weapon systems as well as mass surveillance of the US citizens. And they wanted very strict stipulations put in that were not going. That their services were not going to be used for that. And apparently they were used in a way for the US incursion into Venezuela. And that started this feather rustling. And from there things kind of continued to get a little bit more stressful.

B

Yeah. So going back a little bit, Anthropic signed a deal with the Pentagon, a contract back in the summer of last year. It was worth up to $200 million. And it was the first. It was going to be the first AI lab to deploy its models on the Pentagon's classified system. So this was a big deal at the time, got a lot of news coverage. And then what you're talking about kind of was a murmur happening below the radar, kind of behind the scenes. Is that right?

C

Yeah. So they have been working together, they've been building out this relationship and this incident happened. And again, this was not public yet. This was a. There was some tension building. And then suddenly about a week ago, it really started spilling over into the public sphere with reports that the Pentagon was going to drop them and that Anthropic was not budging. And the Pentagon side of this story was that we asked them this hypothetical question whether they would let us use their services for defense, for missile defense programs to help. Like if someone launched a nuke at us or an ICBM that they could help, we could use their AI services to help coordinate a defense response effort, et cetera, which Anthropic, they. The Pentagon characterizes their response as, oh yeah, just give us a call and we might help kind of vibe. You know, it was like, we'll see what happens. And the Anthropic did not like that characterization One bit.

B

Yeah. So as with most things that happen these days, the major news came out in a post on Truth Social from the President of the United States.

C

That's where the best news comes from.

B

It is. So that post said that Anthropic was a woke company and was going to destroy, I'm paraphrasing here, but was going to destroy the war fighting powers of our Pentagon and therefore we are severing ties from Anthropic. And not only that, all federal agencies, not just the Pentagon, are prohibited from using Anthropic's technology. Anthropic, in his view, was trying to strong arm the Pentagon. He said that he would not be afraid to impose civil and criminal penalties if the company did not cooperate during their six month phase out period. So that's a key element of this. And then furthermore, later that same day, Defense Secretary slash fitness expert Pete Hegseth formerly designated Anthropic as a supply chain risk to national security. So usually if something say supply chain risk to national security, it's going to be like a Russian or Chinese company that's a cog in our supply chain where we're concerned for national security purposes that they might do something to our, to our products or services. So it's been used, for example to restrict the company Huawei, which I know we've talked about on this podcast. It has not been used for an American based company like Anthropic. So as a result of this designation, Pentagon contractors, of which there are a lot of, I'm sure you've been to Northern Virginia. It's beautiful.

C

Yeah, Contractor city.

B

Contractor city. Yeah. They all have very nice offices on the way to Dulles Airport. And we are migrating away from the AI service, Claude, which is Anthropic's baby, across our ecosystem. Anthropic was, was not happy about it. They challenged this designated designation in court and we'll, we'll see what happens there. But then the Pentagon very quickly found their replacement. Do you want to give us some information about how that happened?

C

Yeah. So like you mentioned, Pentagon, after they tried to come some deliberations that, you know, I think Hegseth put in a deadline. It was like by the end of the day Friday, if Pentagon, if Anthropic didn't recant its decision and go to along with them, they were dropping them and label them a supply chain risk. Anthropis said we're not budgeting. Pentagon subsequently dropped them. And the very next day OpenAI gets a little ring and OpenAI is, hello,

B

this is Sam Altman here.

C

Exactly, exactly. And they're, they're requested to basically fulfill that hole that they, the, the government has just made. And, you know, in walks the next person. It felt like when I was reading these stories, by the way, I was watching an episode of a Real Housewives or some reality TV show where it was, you know, I don't like you. I'm going to this person, you know, swapping. Swapping. Who, who can offer me the most. It felt very dramatic. The interesting thing that kind of came out to me was not just the swap and partnership. You know, I expected a swap. If they're going to drop Anthropic, I expected them to switch somewhere. But the thing that I thought was most interesting was the sworn statements that they would from the US government that they would not use their OpenAI's systems, ChatGPT, etc. For any mass surveillance or any weapons of automated weapons. Which that kind of then brings this kind of question into back to the anthropic side of things, which is, okay, if they're willing to sign that for OpenAI, then what's like, is that kind of a shallow thing? What is going on here? Because it seems like everyone's contradicting each other.

B

Yeah. And it just raises a bunch of questions, like, what is different about this agreement that made it acceptable to OpenAI and to the Pentagon? So there are a couple of really interesting elements to it, for one, and I am not an expert on this, and you probably know more like, I think at this point in their evolution, Claude is a better AI model than ChatGPT.

C

I would say so.

B

Now, I don't pay for the good version of either of those.

C

Neither do I.

B

Any sponsors want to help us out with that? We can give you firsthand knowledge. So that's kind of one element of it. But then this question of what exactly did OpenAI agree to and why potentially should we be suspicious? So, from what OpenAI said is they guaranteed safeguards to protect against domestic surveillance and to protect against the use of autonomous weapon systems, which, if that sounds very familiar. It is, if you read between the lines. The difference is that OpenAI is accepting a legal framework that references existing laws and Pentagon policies. They're not looking for these contractual assurances that Anthropic was looking for, which says, like, you need to come to us if you are intending to do these things, and we are going to be very protective of our models and institute our own human controls. OpenAI is just like, we promise we won't break any laws here's ChatGPT. Enjoy. And I think that level of cooperation is what the Pentagon was looking for. The fact that this happened literally within hours of the anthropic deal falling through, I can understand why people are suspicious about exactly what OpenAI may have agreed to.

C

Yeah. And I think it just also raises a stability concern for me where if we're, you know, we are, you know, back in the summer, taking a step back, Trump released his AI action plan in the summer of 2025, which a key portion of that was investing in AI companies, American AI companies, to boost innovation, secure defense, involve them in defense projects, et cetera. Right. And anthropic, as we have just said, is one of the top three and arguably the best AI developer in the States. And for us to alienate them and almost create a semi single point of failure by going after OpenAI exclusively, I would have loved to see a dynamic where we use both. Right, right.

B

Take advantage of American ingenuity.

C

Exactly. And also make the two compete against each other. There's this dynamic where, you know, if and who knows, maybe that this whole relationship becomes positive again and in, in six months, anthropics back into where they were or whatever happens, that would be great. But if it doesn't, I, I kind of sit here and walk away going, the only group this really hurts is the US as a whole. It doesn't help competition, it doesn't advance innovation. It creates some really ethically gray zones with how the Defense Department can create use AI because we're not really solving the problem. And it seems a little bit more like Vibes law, to borrow from Vibes coding. It's like, well, maybe it's illegal rather than really kind of honing and ironing out these questions and these relationships. And I sit here and I wonder, and I'm curious if you, if, have any similar thoughts of where does this leave other AI companies who aren't OpenAI and aren't anthropic?

B

I mean, I think it puts the entire industry in a really difficult place. You are torn between wanting to win big government contracts, which all of them want to win, and your own stated ethical principles. And companies have tried to toe this line forever. And generally, you know, there have been some hiccups here and there, but it's worked out. I mean, government agencies are able to come up with agreements that ensure the ethical use of these products. Here, though, we're talking about two very serious things, mass domestic surveillance and in case you were not conscious during the Edward Snowden exposure era, that's something that's never. Yeah. That's never quite controversial in this country. And then using autonomous weapons systems like

C

that is also would never.

B

Yeah, I mean, and that's like very, very serious business. So you saw that there was a. A bit of a revolt in the industry across the AI sector. So within these big companies, you saw 60 OpenAI employees who voluntarily resigned because they backed the anthropic's original stance. You saw people from employees from other companies writing open letters, standing up for Anthropic and expressing their dismay at what happened with OpenAI. So you also might be creating this divide within the industry between the people who write the contracts and the developers, the people who are building these products who don't want to see the fruits of their work used to autonomously kill people in foreign conflicts or for mass domestic surveillance. And if you see a revolt on a large scale, then I think that could be extremely problematic for the industry.

C

Yeah, it feels like this is almost a race to the bottom, that now that OpenAI has opened this door. Right. It's like, okay, who's willing to cut corners and bend to military demands the most to get the contract? Rather than having that established set of principles of we won't engage in surveillance, like, we're just not going to. Or if it's surveillance, it has to be Congress approved and, you know, legislative. We have to go through this whole process. And it feels like because there's such a lack of. That's the right word for it, maybe lack of existing laws having AI stipulations built into them. It feels like, you know, this is the prime time for someone who wants to take advantage of that lack of framework to do so. And that feels like what the guy. And I wouldn't be surprised if the, the military has done that. I mean, like, I, you know, I'm not. This is not like a pro or against, but the military takes the advantages that it's given. And if that is the. This feels like a perfect opportunity to use open AI for whatever or any AI system for that, because they can walk away being, well, look, there was a law that prevented us. There was nothing that said that we couldn't use this. There's. We did nothing illegal, you know, kind of a free blank check, so to speak.

B

Yeah. And they're doing that under the color of the law, basically saying, like, we agree only to provide services in, in a lawful manner consistent with the Pentagon's current laws and policies. That gets problematic for a couple of reasons. One, I mean, do we actually trust them, considering that they made this agreement to really push back if they're given some type of illegal order, given that they were able to come to this deal within hours of the anthropic deal falling through. And then also there are just a lot of gray areas, as you said, like this is an area of the law that's just not very developed. So they might say now that we're going to comply with all laws, but there are a lot of edge cases and if their main goal is maintaining the status of their very lucrative contract, that creates a pretty perverse incentive structure, in my opinion.

C

It sends a message to, you know, and if, if I'm happy to see people are resigning and standing up because like to me, I sit there from the AI community and this something has to be that come from internal rather than external. It needs to almost rebuke this because the law is as I'm sure you're aware. You know Ben, in your your days working both state and federal, it moves a little slow sometimes.

B

It doesn't.

C

You don't say it's not the most updated. We've had AI for years now and we still have no federal AI framework from a, from a legislative standpoint. So you know, we have these massive holes that aren't anywhere close to getting formed and probably won't get formed for the next at least two years. And this is the time where if you're gonna kind of walk that gray zone where you're like, oh well I technically not doing anything illegal. I feel like if you have to caveat with the technically, it's really concerning. And I feel like that's where we're heading to right now with this OpenAI deal. And I'm, I, I hope that the rest of the AI community doesn't really engage in this dynamic.

A

There is much more to this conversation between Ben Yellen and Ethan Cook. You can find that on the latest episode of Caveat wherever you get your favorite podcast. When it comes to mobile application security, good enough is a risk. A recent Survey shows that 72% of organizations reported at least one mobile application security incident last year and 92% of responders reported threat levels have increased in the past two years. Guard Square delivers the highest level of security for your mobile apps without compromising performance, performance time to market or user experience. Discover how Guard Square provides industry leading security for your Android and iOS apps at www.guardsquare.com. Ever wished you could rebuild your network from scratch to make it more secure, scalable and simple? Meet meter the company reimagining enterprise networking from the ground up. Meter builds full stack zero trust networks, including hardware, firmware and software, all designed to work seamlessly together. The result? Fast, reliable and secure connectivity without the constant patching, vendor juggling, or hidden costs. From wired and wireless to routing, switching, firewalls, DNS security and vpn, every layer is integrated and continuously protected in one unified platform. And since it's delivered as one predictable monthly service, you skip the heavy capital costs and endless upgrade cycles. Meter even buys back your old infrastructure to make switching effortless, transform complexity into simplicity, and give your team time to focus on what really matters, helping your business and customers thrive. Learn more and book your demo@meter.com cyberwire that's M E T E R.com cyberwire. And finally, the Wikimedia foundation had a brief but lively security scare when a self propagating JavaScript worm began rewriting user scripts and vandalizing pages on meta Wiki. Editors first noticed the chaos on Wikipedia's Village Pump as automated edits quietly slipped hidden loaders and oversized images onto random pages, a digital graffiti spree with surprisingly good uptime. The culprit appears to be a dormant script uploaded in 2024 and accidentally activated during a staff security review. Once executed, it behaved much like the mischievous worms of cybersecurity lore, echoing the propagation tricks of the Morris Worm in 1988 and the more flamboyant spread of Code Web and SQL slammer decades later. The script copied itself into user and global JavaScript files, ensuring anyone loading the wiki might unknowingly help it travel further. Engineers quickly locked down, editing, reverted changes, and removed the code. The worm ran for about 23 minutes, altered roughly 4000 pages, and infected around 85 user scripts. Cleanup is ongoing, And that's the CyberWire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's lead producer is Liz Stokes, were mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our contributing host is Maria Vermazes our executive producer is Jennifer Ibin, Peter Kilpe is our publisher and I'm Dave Bittner thanks for listening. We'll see you back here next week. If you only attend one cybersecurity conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26 I'll see you in San Francisco. Most security conferences talk about Zero Trust Zero Trust World puts you inside this is a hands on cybersecurity event designed for practitioners who want real skills, not just theory. You'll take part in live hacking labs where you'll attack real environments, see how modern threats actually work, and learn how to stop them before they turn into incidents. But Zero Trust World is more than labs. You'll also experience expert led sessions, practical case studies and technical deep dives focused on real world implementation. Whether your Blue team, Red team or responsible for securing an entire organization, the content is built to be immediately useful. You'll earn CPE credits, connect with peers across the industry and leave with strategies you can put into action right away. Join us March 4th through the 6th in Orlando, Florida. Register now at ztw.com and take your zero trust strategy from theory to execution.