CyberWire Daily – "Source code in the wild aisle."
Date: January 13, 2026
Host: Dave Bittner (N2K Networks)
Guests: Christine Blake & Madison Faribaugh (Inside the Media Minds Podcast)
Episode Overview
This episode delivers a fast-moving roundup of the day’s top cybersecurity headlines, focusing on a major source code leak at Target, critical vulnerabilities in popular platforms like Gogs and SAP, and rising threats from sophisticated phishing and skimming campaigns. The show also features an interview with Christine Blake and Madison Faribaugh of the "Inside the Media Minds" podcast, who discuss media relations in cybersecurity and announce their show joining the CyberWire network. The episode wraps with a report on a Dutch court’s verdict regarding cyber-enabled drug smuggling.
Key News Stories & Insights
1. Target Source Code Leak
- Summary:
Multiple Target employees confirm the authenticity of a source code and documentation leak shared by a threat actor. The incident has prompted immediate security changes by Target, including restricting access to its internal Git server. - Details:
- Employees recognized proprietary platforms, project names, and unique tooling.
- Breach source remains unconfirmed; InfoStealer malware was reported on a compromised workstation, but direct links to the leak have not been established.
- The dataset is said to be 860 GB in size.
- Implications:
- Raises serious concerns about potential exposure.
- Target responded proactively once alerted by media inquiries.
- Notable Quote:
"Multiple current and former employees at Target have confirmed... the source code and documentation recently shared by a threat actor appear to be authentic and tied to real internal systems." (00:32)
2. CISA Flags Critical Gogs Vulnerability
- Summary:
CISA instructs federal agencies to stop using or lock down Gogs, an open-source self-hosted Git service. - Details:
- Vulnerability: Path traversal bug enabling authenticated users to overwrite arbitrary files, leading to remote code execution.
- Hundreds of compromised Gogs servers found, with no fix yet available.
- Mitigations include disabling registrations and restricting access.
- Implications:
- High risk for federal systems and organizations running exposed Gogs instances.
3. SAP Releases Emergency Security Patches
- Summary:
SAP issues 17 security notes, addressing four critical vulnerabilities, including a severe SQL injection flaw and code execution bugs. - Details:
- Vulnerabilities affect S4HANA and Wily Intrascope.
- Exposed SAP systems remain attractive targets.
- Urgent patching recommended.
4. Russian Espionage Allegations in Sweden
- Summary:
A former IT consultant to the Swedish armed forces is detained on charges of spying for Russia. - Details:
- Activities may trace back to 2022.
- Suspect led a cybersecurity company.
- Few public details; case heightens Europe’s concern about Russian espionage.
5. Cloudflare Threatens Withdrawal from Italy over Anti-Piracy Law
- Summary:
Cloudflare is considering leaving Italy after a €14 million fine for not complying with anti-piracy requirements. - Details:
- The fine equals about 1% of global revenue.
- Cloudflare argues the “Piracy Shield” system risks censorship.
- CEO Matthew Prince threatens to remove services, including those for the Olympics.
- Notable Quote:
"[The] system incompatible with democratic values... could withdraw free services, remove Italian servers and halt support for the upcoming Winter Olympics if the dispute is not resolved." (08:17)
6. Broadcom Wi-Fi Chipset Vulnerability
- Summary:
Flaw in Broadcom chipsets allows attackers to disable 5 GHz Wi-Fi on affected routers via a single malformed frame—no authentication needed. - Implications:
- Broadcom has released a patch, but the flaw highlights risks that operate below the application layer.
7. Mandiant’s Aura Inspector for Salesforce Security
- Summary:
Mandiant releases an open-source tool, Aura Inspector, to help organizations spot misconfigurations in Salesforce’s Aura UI framework. - Key Points:
- Focuses on access control vulnerabilities that could expose sensitive data or allow API abuse.
- Provides remediation guidance in a read-only tool.
8. Long-Running Magecart Digital Skimming Campaign
- Summary:
Silent Push researchers uncover a years-long JavaScript skimming operation stealing credit card data from checkout pages across multiple payment networks. - Details:
- Attackers use bulletproof hosting.
- Skimmers masquerade as legitimate payment forms.
- Mitigation:
- Stronger content security policies and active monitoring are recommended.
9. Browser-in-the-Browser Phishing Targeting Facebook
- Summary:
Trellix reports a surge in phishing using fake login popups that closely mimic real ones, targeting Facebook accounts. - Tactics:
- Iframes, cloud hosting, shortened links.
- Advice:
- Go to sites directly, avoid embedded links, enable multi-factor authentication.
10. Securing Emerging Agentic AI Systems (NIST Initiative)
- Summary:
NIST solicits public input on guidelines for securing AI agents that combine generative models with autonomous planning and action. - Risks Identified:
- Hijacking, data poisoning, prompt injection, hidden backdoors, weak governance.
- Goal:
- Create standards before widespread government deployment.
[13:15] Interview: Christine Blake & Madison Faribaugh
(Hosts of the "Inside the Media Minds" Podcast)
Introduction & Show Announcement
- Announcement:
"Inside the Media Minds" podcast is joining the CyberWire network. - Purpose of the Podcast:
- Flips the script on journalism by interviewing media insiders covering cybersecurity and technology.
- Seeks to help PR professionals, vendors, and the broader cyber community understand how to communicate effectively with reporters.
- Origin Story:
"We started the podcast in 2018... to talk to the reporters and the people who cover the industry, really figure out what they're interested in." – Christine Blake [13:59]
Notable Past Guests & Episodes
- Highlighted interviewees:
- Marina Korolov (discussing AI’s impact on journalism)
- A roundtable on election security with journalists from CyberScoop, Politico, and InformationWeek
- Memorable Quote:
"Some of the more recent ones that come to mind... our election security episode... definitely wonderful folks. All of them had great insights to share." – Madison Faribaugh [14:40]
Upcoming Episode & Focus
- First episode on CyberWire:
- Guest: Roberto Torres (CIO Dive)
- Focus: AI’s role in news coverage, vendor communication, and "cutting through the noise"
- Future Themes:
- AI implementation and governance.
- Addressing tech talent shortages and skills gaps.
- Notable Quote:
"Another big topic for [Roberto Torres] will be focusing on the whole idea of tech talent and how organizations are overcoming different skills shortages this year." – Madison Faribaugh [16:44]
Importance of Media Relations in Cybersecurity
- Broad Relevance:
- The show is not just for media professionals or PR: "Everyone in cybersecurity can do better to learn about communications. I mean, it benefits everyone." – Dave Bittner [17:08]
- Behind-the-Scenes Insights:
- Understanding the editorial process, the challenge of breaking through with pitches, and building mutually beneficial relationships.
- Trusted Relationships:
"A good PR person is worth their weight in gold. I just wish there were more of them." – Dave Bittner [18:24]
[19:36] Notable Case: Dutch USB Port Hack for Cocaine Smuggling
-
Case Summary:
Dutch court upholds a seven-year sentence for a man who orchestrated a port hacking operation using infected USB sticks to facilitate cocaine trafficking. -
Details:
- Defendant convinced a port terminal employee to plug in malware-laced USB drive.
- Months of remote access ensued, with messages reflecting real-time commentary on the break-in.
- Arguments that police should not access Sky ECC encrypted messages were rejected.
- Hack helped coordinate a 210 kg cocaine shipment disguised as wine.
-
Implication:
- Courts reinforce that cyber-enabled physical crime (even if intermediated by sophisticated means) is vigorously prosecuted.
-
Quote:
"Hacking a C port with malware laced USB sticks, all in the name of cocaine logistics, still counts as very much illegal, even if you complain about police reading your chats." – Dave Bittner [19:36]
Memorable Moments & Quotes
- “Multiple current and former employees at Target have confirmed... the source code and documentation recently shared by a threat actor appear to be authentic...” [00:32]
- “[Cloudflare’s] system incompatible with democratic values... could withdraw free services, remove Italian servers and halt support for the upcoming Winter Olympics...” [08:17]
- “[Our podcast] started... to talk to the reporters and the people who cover the industry, really figure out what they're interested in.” – Christine Blake [13:59]
- “A good PR person is worth their weight in gold. I just wish there were more of them.” – Dave Bittner [18:24]
- “Hacking a C port with malware laced USB sticks... still counts as very much illegal, even if you complain about police reading your chats.” – Dave Bittner [19:36]
Timestamps for Key Segments
- Target Source Code Leak & News Roundup: [00:32 – 12:39]
- Interview: Inside the Media Minds Podcast: [13:15 – 19:36]
- Dutch Port Hacking Sentencing: [19:36 – 20:30]
Tone & Takeaways
The episode balances urgency (breaking cyber threats and vulnerabilities) with an open, conversational tone — especially during the podcast interview. The insights from Christine Blake and Madison Faribaugh offer practical advice for anyone in cybersecurity to improve communication, while the news coverage underscores the rising sophistication and consequences of cybercrime.