CyberWire Daily — "Patching Can't Wait."
Date: April 6, 2026
Host: Dave Bittner (N2K Networks)

Episode Overview

This episode covers pressing cybersecurity news, with a focus on urgent vulnerabilities requiring immediate patches, evolving threats from scammers and nation states, workforce challenges, AI's growing impact, and insights from industry leaders. The program also features in-depth interviews: Kevin McGee of Microsoft for Startups discusses trends and guidance for cybersecurity entrepreneurs, while analyst Ali Mellon explores the realities of nation-state cyber operations from her new book. The episode wraps with a light-hearted note on Microsoft Copilot's “entertaining” terms of use.

Key News Highlights

1. Fortinet Urgent Vulnerability Patch

[00:48–02:15]

• Issue: Fortinet released an emergency hotfix for a critical vulnerability in FortiClient EMS impacting multiple versions; attackers are already exploiting it.
• Nature of Flaw: Unauthenticated attackers can execute code via crafted requests due to improper access control.
• Exploitation: Zero-day exploitation observed; over 2,000 servers exposed per Shadow Server.
• Impact: Unpatched management servers risk rapid enterprise compromise.
• Action: Fortinet urges immediate patching.
  • Quote: “Fortinet urges immediate hotfix installation or upgrading to the latest version.” — Dave Bittner [01:42]

2. Major Outage in Russian Banking

[02:16–03:42]

• Incident: Widespread outage crippled Russian banking apps, card payments, and ATM withdrawals, affecting regions like Moscow.
• Affected Banks: Sberbank, VTB, Alfa Bank, T Bank, Gazprom Bank.
• Consequences: Metro turnstiles stopped accepting cards — staff had to manually pass passengers.
• Possible Causes: Could be linked to regulator blocks or Sberbank internal failure.
• Broader Issue: Centralized infrastructure increases systemic disruption risk; incident reflects growing Russian internet regulation.

3. Cybersecurity Workforce Skills Gap

[03:43–05:16]

• Findings: The SANS Institute and GIAC report workforce issues are shifting from raw staffing shortages to critical skills gaps now directly causing breaches.
  • 60% of organizations lack necessary capabilities.
  • 27% link breaches to skills gaps.
  • 74% of teams feel AI is reshaping workforce structure.
• Regulatory Pressure: Jumped from influencing 40% of hiring to 95% in a year.
• Impacts: Delayed projects (57%), slower incident response (47%), technology adoption hindered (42%).
  • Quote: “Workforce capability gaps now represent a direct security risk, especially in critical infrastructure environments, the report warns.” — Dave Bittner [04:30]
• Advice: Prioritize training, certification, AI governance.

4. CyberCorps Scholars Struggle to Find Federal Jobs

[05:17–06:16]

• Issue: Many scholarship recipients can't secure required federal cybersecurity roles amid fewer agency job openings and post-freeze hiring reductions.
• Risk: Students may be forced to repay large scholarships if they can’t get jobs within 18 months.
• Trend: Some graduates consider private sector; potential long-term impact on federal cyber workforce.

5. QR Code Phishing Scams

[06:17–07:07]

• Threat: Scammers impersonate state courts, send QR code scams for fake traffic violations.
• Mechanism: Messages urge victims to scan a QR code and enter info into a fake agency site.
• Reach: Campaigns hit multiple U.S. states; helps criminals evade detection, harvest credentials.
• Warning: State agencies do NOT collect payments by text.

6. Lawsuit over AI Chat Data Privacy

[07:08–08:03]

• Development: Proposed class-action lawsuit accuses Perplexity of sharing sensitive user AI chat data (including financial, health info) with Google and Meta via ad trackers, even in incognito mode.
• Coverage: Chats between Dec 2022 – Feb 2026.
• Risk: Highlights privacy issues of conversational search tools.

7. Cambodia Outlaws Online Scam Centers

[08:04–09:01]

• Action: New law penalizes operators with 2-5 years in prison, $125k fines; harsher penalties for organized crime.
• Scope: Targets laundering, data harvesting, recruitment linked to scams.
• Context: Southeast Asia is a major cyber fraud hub; international pressure for action.

8. Physical Crypto “Wrench Attacks” in California

[09:02–10:02]

• Incidents: Series of violent home invasions targeting crypto holders in San Francisco, San Jose, Sunnyvale, and L.A.; attackers sometimes pose as delivery drivers.
• Example: One victim lost $13M in crypto after being threatened.
• Comment: “Wrench attack” refers to XKCD’s “$5 wrench” comic about physical coercion defeating sophisticated security.

9. Enterprise & Investment News

[10:03–13:38]

• Investments:
  • Census: $70M for global expansion.
  • Above Security: $50M for insider risk.
  • Variants: $21.5M for AI agents in finance.
• Acquisitions:
  • Airbus acquires Ultra Cyber (sovereign cyber).
  • Rapid7 acquires Kenzo Security (AI detection).
  • Databricks acquires Antimatter & Sift D AI (AI authentication and analytics).
• Trend: Focus on agentic AI security, zero trust, and automation-heavy architectures.

Featured Interview: Kevin McGee, Microsoft for Startups

[15:22–25:06]

Emerging Trends for Cybersecurity Startups

• Navigating Ecosystems:

  • Startups partnering with hyperscalers (Microsoft, AWS) need organizational “scaffolding” and scale.
  • Even Microsoft insiders can’t keep up with the pace of new products.
  • Quote: “It can be very difficult sometimes to figure out and navigate Microsoft. I often find out about new products we’re releasing from customers because we’re doing so many different things and releasing so many things so quickly.” — Kevin McGee [15:40]

• Finding & Supporting Startups:

  • Prep work before conferences is key to finding innovative, often under-the-radar startups.
  • Startups seldom have big booths; introductions and research are critical.

• Microsoft’s Startup Programs:

  • Multiple tiers—anything from “two folks in a dorm room” to enterprise growth support.
  • Historical note: McGee himself used Microsoft’s BizSpark program as a founder in the 1990s.
  • Quote: “It was not just access to the software … it was the access to customers, the support, the brand association.” — Kevin McGee [18:07]

• Dominant Themes: AI, Agentic AI:

  • AI is everywhere—if you’re not showing an AI angle, “you’re not even allowed in the door.”
    — Kevin McGee [19:18]
  • Predicts “lagging surge” of startups that build solutions to problems AI adoption creates.
  • Cites major acquisitions (Wiz) as end of one era and start of another.

• Advice to Cybersecurity Startups:

  • Know if you’re building a feature or a product; focus on the ideal customer profile (ICP).
  • “Do things that don’t scale at first to learn … whoever learns faster wins.”
  • Quote: “Are you building a feature or product? … Know your ideal customer profile. … The best companies are teams.” — Kevin McGee [20:40–23:55]

• Common Pitfalls:

  • Avoid vague pitches—get to the point, show the demo, deliver the “aha moment.”
  • Quote: “Every pitch is not about a VC pitch … What problem are you solving? … Show me the demo, show me the POV.” — Kevin McGee [22:11]

• Team Matters:

  • Investors bet on teams with real entrepreneurial experience; co-founder teams are stronger.

• Startup Support from Microsoft:

  • Brand association, access to enterprise customers, platform support.
  • Microsoft prefers a partner-first approach; only builds when partnership is unavailable.

Featured Interview: Ali Mellon, Author of "Code: How Nations Hack, Spy, and Shape the Digital Battlefield"

[25:50–30:42]

Key Insights on Nation-State Cyber Operations

• Myth-busting:

  • Nation-state cyber threats aren’t just targeted at largest organizations; small businesses are often used as attack vectors (e.g., NotPetya via Ukrainian tax software).
  • Quote: “The supply chain is everything … The scale that you can get with those attacks is everything.” — Ali Mellon [26:15]

• Most Dangerous Misconception:

  • Belief that “it won’t happen to me,” especially among SMBs.
  • Everyone’s connected; everyone’s at risk.

• National Identity in Cyber Activity:

  • Cyber operations reflect doctrine, culture, even social contracts.
  • U.S.: Quiet, clandestine ops—expectation to act discreetly.
  • Russia: Overt, bombastic attacks—competition for attention from leadership.
  • North Korea: Cyberattacks for resource generation (cryptocurrency).
  • Quote: “In Russia … everyone is vying for some type of attention from Putin, it makes it so much more difficult to execute … attacks in a coordinated way.” — Ali Mellon [28:23–30:42]

Closing Note: Microsoft Copilot’s Entertaining Terms of Use

[32:04–32:40]

• Observation: Copilot’s terms plainly say it’s for “entertainment purposes,” may fail spectacularly, and isn’t to be trusted with serious decisions.
• Industry-wide Caution: Comparable disclaimers reinforce that even pro-tier AI tools shouldn’t be blindly trusted.
• Quote: “AI assistants can be useful, occasionally impressive and confidently wrong in equal measure. As the great philosopher Tom Waits stated, the large print giveth and the small print taketh away.” — Dave Bittner [32:28]

Notable Quotes & Moments

• On startup growth:
  • “If you sold to just Midwest credit unions and you own that market, that’s a great base to build from.” — Kevin McGee [21:35]
• On myth-busting cyberwar:
  • “You strip away the mythology about cyber war … it’s not chaotic, mysterious, or driven by shadowy geniuses.” — Ann Johnson [25:50]
• On supply-chain risk:
  • “The supply chain is everything. It is the way in for so many threat actors …” — Ali Mellon [26:15]

Timestamps for Key Segments

| Segment | Time | |-----------------------------|----------------| | Fortinet Emergency Patch | 00:48–02:15 | | Russia Banking Outage | 02:16–03:42 | | Workforce Skills Gap | 03:43–05:16 | | CyberCorps Job Struggles | 05:17–06:16 | | QR Code Phishing | 06:17–07:07 | | AI Data Privacy Lawsuit | 07:08–08:03 | | Cambodia Scam Crackdown | 08:04–09:01 | | Crypto Wrench Attacks | 09:02–10:02 | | Business/Investment News | 10:03–13:38 | | Interview: Kevin McGee | 15:22–25:06 | | Interview: Ali Mellon | 25:50–30:42 | | Microsoft Copilot Terms | 32:04–32:40 |

Summary Tone

Factual and engaging, with a steady delivery of news and commentary that blends urgency (patch vulnerabilities now!), real-world insight (startups, skills gaps), and wit (AI “entertainment purposes only”).

This episode is a must-listen (or read) for professionals seeking the latest in cyber risk, guidance on startup challenges, industry investment trends, and nuanced analysis of global cyber threats.