The algorithm gets questioned. - CyberWire Daily

Summary7 min read

CyberWire Daily — “The algorithm gets questioned.”

Podcast Date: February 3, 2026
Host: N2K Networks
Episode Theme:
A sweeping digest of breaking cybersecurity news, focused on law enforcement actions, evolving AI development risks, recent threats, and a featured Threat Vector segment on why secure engineering must precede ethical AI debates.

Episode Overview

This episode covers the latest cybersecurity headlines, from law enforcement raids and crypto seizures, to sophisticated phishing campaigns and vulnerabilities in widely-used platforms. A highlight is the Threat Vector segment, where host David Moulton and Dr. Aaron Isaacson (Palo Alto Networks) explore the dangers of “vibe coding,” the importance of human oversight in AI development, and new challenges to code quality, security, and the evolving role of engineers.

Key News Highlights & Analysis

French Police Raid X's Paris Offices — Algorithm Manipulation (00:14–01:13)

French authorities raided X’s Paris office amid investigations into alleged foreign influence manipulating the platform’s algorithm.
Accusations also include X’s Grok chatbot spreading Holocaust denial and explicit deepfakes.
Police are invoking enhanced surveillance due to organized crime links and have summoned Elon Musk and ex-CEO Linda Vaccarino for interviews.
Host Dave Bittner: “X has criticized the probe as a politically motivated attack on free speech.” (01:12)

Helix Dark Web Mixer: $400M Asset Seizure (01:14–01:31)

U.S. authorities seized over $400 million connected to Helix, a Bitcoin mixer, capping a transnational operation.
Dave Bittner: “The final forfeiture order caps a multinational investigation and highlights growing law enforcement focus on asset seizure and restitution.”

NSA Zero Trust Guidance Update (01:31–02:08)

The NSA published updated Zero Trust guidance for U.S. government, urging “continuous, behavior-driven security models.”
Emphasizes real-time user behavior evaluation and constant privilege verification, broadening Zero Trust to “an operating model that persists throughout a user or system session.”
Key Insight: “Many successful attacks now occur after credentials are compromised.”

Advanced Phishing: Dropbox Credential Thefts (02:08–02:58)

Forcepoint XLabs warns: sophisticated phishing works via hidden PDF Acroforms, rerouting targets to fake Dropbox login pages.
Breached credentials routed clandestinely through Telegram.
Credential theft is surging, and such attacks exploit cloud-based, reputation-based defense blindspots.

Glassworm macOS Campaign—Dev Extensions Compromised (02:58–03:37)

Attackers hijacked a legitimate developer and infected four OpenVSX macOS extensions (~22,000 downloads).
Steals browser data, crypto wallets, and developer secrets. Evades Russian-language systems; commands issued via Solana memos.
Advice: Developers should clean systems, rotate credentials, and update extensions.

Ivanti Endpoint Zero-Day: Active Exploitation (03:37–04:22)

Watchtower reports critical code injection bugs: unauthenticated remote code execution, backdoors, and log erasure.
Ivanti’s patch is temporary and must be manually reapplied, with a permanent solution pending.

Multbook AI Social Network—Massive Data Leak (04:22–05:06)

Wiz researchers exposed 1.5M API tokens, 30K email addresses, and agent messages due to a hardcoded Supabase API key.
The incident spotlights the risks of “vibe coding”—building and shipping features before security is reviewed.

U.S. Election Security—States Left Alone (05:06–06:12)

Trump administration’s second term saw declines in federal election security support, pushing states to fill gaps on their own.
Funding and staff reduced; some federal claims of unchanged support disputed by state officials.

Nitrogen Ransomware Fatal Flaw (06:12–07:00)

Conti2-based ransomware for ESXi contains an encryption bug: “Paying a ransom will not help, since the attacker's decryption tools cannot recover the data either.”
Recovery is only possible via backups.

Threat Vector Segment: “Engineering Before Ethics in AI”

[David Moulton & Dr. Aaron Isaacson, Palo Alto Networks]
Start: 15:13

Introduction—The Dangers of “Vibe Coding”

David Moulton: “AI coding agents are rewriting software development... But a dangerous trend is emerging called vibe coding, where organizations remove humans from the loop entirely...” (15:13)
“Enterprises cannot blindly trust AI. It will not write secure code on its own.” (15:26)

Notable Quote

“What you're about to hear is a snapshot from my conversation with Aaron Isaacson, Vice President of AI Research and Engineering at Palo Alto Networks. He told me enterprises cannot blindly trust AI. It will not write secure code on its own.” — David Moulton (15:19)

Why Trust & Accountability Matter

Dr. Aaron Isaacson: Links personal engineering story to the perennial need for human oversight in AI:

“I've always been interested in this connection between machines and people and making sure that the technology we’re using is helpful.” (16:50)
He references the “AI effect”—AI as what hasn’t been done yet — and emphasizes humans must remain in-the-loop to check and verify AI outputs.
Insight:

“Because we’re not 100% confident in the computer solving the problem for us, we need a human to help… So as this applies to agents that are helping write code. A year ago we saw that we really couldn’t trust very much what the agents were writing. And today this is a practical thing that people are using throughout enterprise and other development spaces.” (17:40)

Productivity vs. Risk—AI Adoption’s Tradeoffs

Isaacson on Industry Shift:

“To keep up with the competition, people are willing to get rid of some of these human in the loop checks... Now, when you give agents the ability to write code unchecked... you actually get some really incredible results. But when you care about security or accuracy... those kind of approaches really aren’t the right ones to use.” (18:37)
Companies value speed and productivity, even as accuracy and security can be compromised.

Code Quality: Getting Better and Worse

Isaacson’s Balanced View:

“First, I want to say that I think the code quality is actually getting better. There are areas where it’s getting worse, but let’s talk about where it’s getting better first.” (20:30)
- More unit tests, easier refactoring, improved documentation — all thanks to AI.
- However, the ease of code generation floods projects with new code, raising the absolute number of security and quality issues.
- Stronger SDLC controls, including supply chain checks, are more crucial than ever:
  
  “When an agent wants to install a package, you have to make sure that that package is sanctioned... because agents are known to just like install buggy packages.” (21:55)
Key Insight:

“The AI does need to be managed... in the future it’ll look a lot more like management... I have a team of AI agents that can do work for me, I need to break the problem down...” (22:28)

Long-Term Implications: The Future Engineer

The software engineer's role is shifting from coder to orchestrator and supervisor of AI systems.
Individual contributors will need to acquire AI management and verification skills.

Memorable Moment

Moulton’s closing warning:

“Don’t let accountability become the vulnerability no one saw coming.” (23:46)

Lighter Moment—McDonald's Warns: Don’t Use Burgers as Passwords

(24:20–24:50)

McDonald’s Netherlands cheekily urges customers to avoid “Big Mac,” “Happy Meal,” or fast-food variations as passwords, referencing breach data.
“You might be lovin’ it, but hackers are too.” (24:30)
The segment ends with a call to adopt stronger passwords and stop using weak word substitutions.

Key Insights & Takeaways

AI in coding, if left unchecked, creates real risks: The shift to “vibe coding” showcases how productivity gains can mask increased vulnerability.
Human-in-the-loop oversight remains vital: Even as AI improves code testing and documentation, only proper management, verification, and SDLC rigor can ensure security.
The engineer’s job is evolving: Expect more focus on problem decomposition, task assignment, and AI oversight.
Threat landscape remains dynamic: From law enforcement actions to uncovered vulnerabilities and campaign tactics, responders must pay attention to systemic risks—both technological and organizational.

Notable Quotes & Timestamps

“AI coding agents are rewriting software development... But a dangerous trend is emerging called vibe coding...” — David Moulton [15:13]
“I've always been interested in this connection between machines and people and making sure that the technology we’re using is helpful.” — Aaron Isaacson [16:50]
“Because we’re not 100% confident in the computer... we need a human to help.” — Aaron Isaacson [17:22]
“The AI does need to be managed… in the future it’ll look a lot more like management…” — Aaron Isaacson [22:28]
“Don’t let accountability become the vulnerability no one saw coming.” — David Moulton [23:46]

Important Segment Timestamps

| Segment | Timestamp | |-----------------------------------------------------|------------| | X’s algorithm investigation, French police raid | 00:14–01:13| | Helix crypto mixer seizure | 01:14–01:31| | NSA zero trust guidance | 01:31–02:08| | Dropbox phishing, macOS dev threat, Ivanti flaw | 02:08–04:22| | Multbook AI data leak, election security | 04:22–06:12| | Nitrogen ransomware flaw | 06:12–07:00| | Threat Vector—AI engineering & code quality | 15:13–23:46| | McDonald’s on password hygiene | 24:20–24:50|

Conclusion

A comprehensive, contemporary episode delivering must-know headlines and deep insight into new risks in AI-fueled engineering. If you’re involved in code, security, or incident response, the reminder is clear: Productivity advances from AI are real, but so are the pitfalls if oversight, process, and accountability lag behind.

Loading summary

Transcript14 lines

[00:02]
A
You're listening to the Cyberwire Network, powered by N2K.
[00:15]
B
Most security conferences talk about Zero Trust Zero Trust World puts you inside this is a hands on cybersecurity event designed for practitioners who want real skills, not just theory. You'll take part in live hacking labs where you'll attack real environments, see how modern threats actually work and learn how to stop them before they turn into incidents. But Zero Trust World is more than labs. You'll also experience expert led sessions, practical case studies and technical deep dives focused on real world implementation. Whether you're blue team, red team, or responsible for securing an entire organization, the content is built to be immediately useful. You'll earn CPE credits, connect with peers across the industry and leave with strategies you can put into action right away. Join us March 4th through the 6th in Orlando, Florida. Register now@ZTW.com and take your Zero Trust strategy from theory to execution. French police raid X's Paris offices the feds take over $400 million from a dark web cryptocurrency mixer. The NSA says zero trust goes beyond authentication. Researchers warn of a multi stage phishing campaign targeting Dropbox credentials. A new glass worn campaign targets macOS developers. Critical Zero day vulnerabilities and Avanti endpoint Manager Mobile are under active exploitation. Researchers disclose a major data exposure in multiple a social network built for AI agents. States bridge the gap in election security. Nitrogen ransomware has a fatal flaw that permanently destroys data. On today's Threat Vector segment, David Moulton speaks with Aaron Isaacson, AI research and engineering lead at Palo Alto Networks. And supersize your passwords. You want fries with that? Foreign February 3, 2026 I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It's great as always to have you with us. French police raided X's Paris offices as part of a criminal investigation into whether the platform allowed foreign powers to manipulate its algorithm. The probe, announced by the Parquet de Paris, began in January 2025 following complaints from a French lawmaker and a senior public official. Prosecutors are examining allegations of organized interference with automated data systems and and fraudulent data extraction. The investigation later expanded to include X's Grok chatbot, accused of spreading Holocaust denial and sexually explicit deepfakes. Because the case involves organized crime allegations, police have enhanced surveillance powers. Authorities have summoned Elon Musk and former CEO Linda Vaccarino for voluntary interviews in April of this year. X has criticized the probe as a politically motivated attack on free speech. The US government has taken ownership of more than $400 million in assets tied to Helix, a dark web cryptocurrency mixer used to launder illicit funds. Helix operated from 2014 to 2017 and processed more than 350,000 bitcoins, primarily for online drug markets. Its creator, Larry Dean Harmon, pleaded guilty in 2021. The final forfeiture order caps a multinational investigation and highlights growing law enforcement focus on asset seizure and restitution, According to the US Department of Justice, the National Security Agency has released updated zero trust guidance urging U.S. government agencies to adopt continuous behavior driven security models. And as cyberattacks increasingly bypass traditional defenses, the recommendations outline multiple phases toward what the Department of Defense calls target level Zero Trust maturity. Rather than treating authentication as a one time gate, the NSA frames Zero Trust as an operating model that persists throughout a user or system session. The guidance emphasizes continuous evaluation based on user behavior, privilege use and resource access, addressing gaps between stated Zero Trust strategies and real world enforcement. Analysts say the focus reflects the reality that many successful attacks now occur after credentials are compromised. While aimed at national security systems, the guidance was released publicly to align expectations across civilian agencies and industry. Researchers at Forcepoint XLabs are warning of a multi stage phishing campaign designed to evade security controls and steal corporate credentials for Dropbox. The campaign uses brief professional looking emails tied to procurement or business requests urging recipients to open a PDF attachment. Those PDFs contain hidden acroform links that are difficult for security tools to scan. Victims are redirected through legitimate cloud infrastructure to a convincing fake Dropbox login page, according to forcepoint. This approach bypasses reputation based defenses and reduces suspicion. Stolen credentials are sent to attacker controlled channels on Telegram, enabling account takeover and potential follow on attacks. Researchers note the campaign reflects a broader surge in credential theft and identity based intrusions that can lead to deeper network compromise. Researchers are warning of a new Glass Worm campaign that spreads through compromised extensions on OpenVs targeting macOS developers. Attackers hijacked a legitimate developer account and pushed malicious updates to four popular extensions downloaded roughly 22,000 times. The malware hides code using invisible Unicode characters and steals browser data, Crypto wallet information, Developer secrets and macOS keychain data while also enabling remote access, according to report from Socket. The campaign pulls commands from Solana transaction memos and avoids Russian Locale Systems. OpenVSX Operator Eclipse foundation removed the malicious releases and revoked access. Affected developers are advised to clean systems and rotate all credentials. Researchers at Watchtower are warning of active exploitation of a critical zero day vulnerability in Ivanti endpoint Manager Mobile a tool widely used to manage corporate mobile devices. Avanti disclosed two severe code injection flaws that allowed unauthenticated remote code execution on on premise deployments. Watchtower says attackers have already exploited the bugs as zero days, establishing backdoors and potentially erasing logs. Ivanti has issued a temporary RPM based patch, but it must be reapplied after updates and is not a permanent fix. A full update is expected later in early 2026. Researchers warn organizations with exposed systems should assume compromise, begin incident response and consider rebuilding affected infrastructure. Security researchers at Wiz disclosed a major data exposure on Multbook, a social network built for AI agents. The issue stemmed from an exposed Supabase API key embedded in client side code, which lacked row level security controls and granted full read and write access to the production database. Wiz researchers were able to access 1.5 million API tokens, 30,000 email addresses and private agent messages and could impersonate any account. The platform's creator, Matt Schlicht, has since fixed the flaw. Wiz warned the incident highlights the risks of vibe coding, where rapid development outpaces secure configuration and human security review. State and local election officials say the Trump administration's second term has sharply reduced federal support for election security, forcing states to fend for themselves, cyberscoop reports. While President Donald Trump previously backed the creation of the Cybersecurity and Infrastructure Security Agency and major election security grants, officials now report staff cuts, reduced services and diminished communication from cisa. Congressional Democrats including Senator Alex Padilla warned states are losing critical partnerships and funding with federal grants from the Election Assistance Commission averaging less than $1 million per state. States like Arizona and West Virginia are turning to legislatures and local coordination to cover gaps. Officials such as Adrian Fontes dispute White House claims that federal support remains unchanged, saying election security assistance has clearly declined. Researchers say nitrogen ransomware's ESXi variant contains a fatal cryptographic flaw that permanently destroys data, even for the attackers themselves. The malware is derived from leaked Conti2 builder code and uses public key cryptography to encrypt files. However, a coding error overwrites four bytes of the per file public key in memory before encryption. As a result, files are encrypted using a corrupted public key that has no corresponding private key. This breaks the normal key exchange process and makes decryption mathematically impossible. Paying a ransom will not help, since the attacker's decryption tools cannot recover the data either. Victims without reliable backups have no recovery path, analysts warn. Organizations hit by nitrogen on ESXI systems to carefully assess encrypted files alongside the specific malware sample, as recovery outcomes depend entirely on whether backups exist. Coming up after the break in our Threat Vector segment, David Moulton sits down with Dr. Aaron Isaacson to explore why engineering excellence must be Precede ethical AI debates and super size your passwords. You want fries with that? Stick around. Ever wished you could rebuild your network from scratch to make it more secure, scalable and simple? Meet Meter, the company reimagining enterprise networking from the ground up. Meter builds full stack zero trust networks including hardware, firmware and software, all designed to work seamlessly together. The result? Fast, reliable and secure connectivity without the constant patching, vendor juggling, or hidden costs. From wired and wireless to routing, switching, firewalls, DNS security and vpn, every layer is integrated and continuously protected in one unified platform. And since it's delivered as one predictable monthly service, you skip the heavy capital costs and endless upgrade cycles. Meter even buys back your old infrastructure to make switching effortless, transform complexity into simplicity, and give your team time to focus on what really matters, helping your business and customers thrive. Learn more and book your demo@meter.com cyberwire that's M E T E R.com cyberwire. If securing your network feels harder than it should be, you're not imagining it. Modern businesses need strong protection, but they don't always have the time, staff or patience for complex setups. That's where Nordlayer comes in. Nordlayer is a toggle ready network security platform built for businesses. It brings VPN access control and threat protection together in one place. No hardware, no complicated configuration. You can deploy it in minutes and be up and running in less than 10. It's built on zero trust principles so only the right people can get access to the right resources. It works across all major platforms, scales easily as your teams grow and integrates with what you already use. And now Nordlayer goes even further through its partnership with CrowdStrike, combining NordLayer's network security with Falcon endpoint protection for small and mid sized businesses. Enterprise grade security made manageable Try Nordlayer risk free and get up to 22% off yearly plans plus an extra 10% with the code CYBERWIRE10. Visit nordlayer.com cyberwire daily to learn more. On our latest segment from the Threat Vector. Podcast host David Moulton sits down with Dr. Aaron Isaacson to explore why engineering excellence must precede ethical AI debates.
[15:14]
C
I'm David Moulton, host of the Threat Vector podcast. AI coding agents are rewriting software development and enterprises are racing to adopt them for the productivity gains. But a dangerous trend is emerging called vibe coding, where organizations remove humans from the loop entirely and let AI write, test and deploy code with no oversight. What you're about to hear is a snapshot from my conversation with Aaron Isaacson, Vice President of AI Research and Engineering at Palo Alto Networks. He told me enterprises cannot blindly trust AI. It will not write secure code on its own. We talked about what secure AI coding actually looks like, why sandbox environments are a non negotiable, and how the role of a software engineer is shifting from writing code to managing AI teams. Organizations are already deploying these tools, often faster than security teams can assess the risk. Aaron, welcome to threatvector. Excited to have you here to talk about vibe coding today.
[16:29]
A
Glad to be here, thank you.
[16:31]
C
Aaron, you've been working at this intersection between AI research, engineering and real world systems in a lot of different contexts. What experiences have most shaped your perspective on why trust and accountability matter so much in an AI driven development environment?
[16:50]
A
So I've always been interested in this connection between machines and people and making sure that the technology that we're using is helpful, it's useful. And in cybersecurity, a lot of that's making sure that the systems we use are secure and safe for people. And one of the things that defines AI is that it's always these hard problems that we don't quite know how to do yet. In history, something called the AI effect, which is AI is whatever hasn't been done yet. It's also called Tesla's theorem. And because these AI problems are always right on the fringe of what's possible with computers, you often have a human that's in the loop that's helping the AI along. So because we're not 100% confident in the computer solving the problem for us, we need a human to help the human double checks. It gives suggestions, maybe solves some of the problems for the AI. And because we're not 100% confident in what the machine can do, we need to know that we can trust it. We need to know that we can verify what it's doing. And people who are deciding if we should adopt AI technology, they're always generally skeptical because they assume and AI can maybe not work in these fringe frontier cases. And so those are the really ones that are interesting, I think, to work on as we're really pushing the bound of what machines can do and making AI much more useful, especially in making our software more secure. So as this applies to agents that are helping write code. A year ago we saw that we really couldn't trust very much what the agents were writing. And today this is a practical thing that people are using throughout enterprise and other development spaces.
[18:25]
C
So, Aaron, was there a moment when you realized that AI productivity could actually increase risks if it wasn't engineered correctly?
[18:37]
A
Yeah. So in the past year or so, we've really seen this feeling in the industry that in order to keep up with the competition, people are willing to get rid of some of these human in the loop checks and just say, let's just go with the system. Let's let like we know these agents don't write code 100% perfectly, but everyone else is doing it. We got to keep up, we got to move fast. And so they're allowing this stuff to get into their engineering departments maybe at a faster rate than they would have done in the past. Now, when you give agents the ability to write code unchecked and be able to test their code and execute their code and write code without any controls, you actually get some really incredible results. And when you're prototyping or you're building a proof of concept, 30 minutes, you could have something that might have taken a week before, but when you care about security or accuracy of that system, those kind of approaches really aren't the right ones to use. And I, I don't see as much conversation in the industry around how do we use these tools to write accurate code, how to write secure code as much as, like, how do we go faster, how can we do this, can we increase productivity? And so that was part of what makes it so interesting to me is a major fundamental shift in how we write code. Yet people kind of know that it makes mistakes and can introduce vulnerabilities, and yet it's still being adopted. So how do we make these tools much safer to use and more trustworthy to use?
[20:07]
C
So let's shift gears again. Before we recorded, you and I exchanged a couple of articles and.
[20:14]
B
We were.
[20:15]
C
Going back about this idea that there's maybe some growing evidence about declining code quality with AI assisted development. I want to hear your thoughts on what that means for like, long term security and technical debt.
[20:30]
A
First, I want to say that I think the code quality is actually getting better. There are areas where it's getting worse, but let's talk about where it's getting better first. Okay, so a lot more unit tests are being written. That really helps the agents and developers write better code, validate that code works. In the old days, trying to get your test coverage up was hard to do. Engineers didn't like writing unit tests There was a lot of pressure today. I can't imagine accepting a PR that didn't have tests in it. Why would you do that? They just ask the agent to write the tests. Not only that, you can't actually trust agent code unless you have tests to run. Because agents will make mistakes like people do. And the way that they check to make sure that our code work is they run the unit tests. So that's super important. I think agents can help refactor code in minutes where it would have taken days. So when you do recognize, oh, the agents have duplicated code somewhere, or hey, this architecture we're building is not quite right, let's refactor it. That stuff can happen much more quickly than it used to. Documentation is much higher quality. Comments are much higher quality. Again, engineers under pressure, they don't write a lot of doc strings, but the agents don't mind doing it. And then automation can take bug reports that come in and do the initial attempt at fixing them. Many times the agent's actually successful at doing that. So those are areas where the code quality actually can be much higher because they can fix bugs automatically. They can test that the code is being working, they can write documentation, all that stuff. Now where it's decreasing, I think is that when too much code gets pushed out too quickly. And that's encouraged because it is easy to write code like you want to write a lot of code, just go ahead and write as much as you want. And even if that code is better quality code because there's so much more of it, I think the absolute number of issues can be higher today because you're just getting more features being built. And so the software development life cycle, like I mentioned before, is just more and more important, like used to be that you could maybe get away with not doing steps of it today you have to follow all those steps, right? Like when an agent wants to install a package, you have to make sure that that package is sanctioned, is a version that doesn't have known CVEs in it. Because agents are known to just like install buggy packages and things like they have to. You have to have the controls in place to make sure that they're not doing those things. And then lastly, I'd say that just like engineers, the AI does need to be managed. And I think that software engineering in the future is going to look a lot more like management. Maybe it's easy for me to say because I'm an engineer that's become a manager, but I see us thinking about engineering as I have a team of AI agents that can do work for me. I need to break the problem down in a way that I understand what's being built in a way that I can sign a task, verify the tasks are being done, check on the ones that aren't working right, whatever the process is. And I think that you'll see individual contributors picking on a lot of those skills because they have their team of AI working for them.
[23:46]
C
If this got your attention, don't wait. Listen to the full episode now in your Threat Vector Podcast feed. It's called Is your AI well engineered enough to be trusted? And it's live now. Don't let accountability become the vulnerability no one saw coming.
[24:21]
B
Be sure to check out the complete Threat Vector podcast wherever you get your favorite shows. And finally, change your password. Day Arrive With a gentle nudge from an unlikely security evangelist, McDonald's its Netherlands team warned customers that while burgers may be comforting, they make terrible passwords. Drawing on breach data from have I Been Pwned? The chain noted that classics like Big Mac, Happy Meal, and even creatively mangled versions such as Chicken McNuggets appear with depressing frequency and compromised password lists. The message was blunt and slightly cheeky. You might be lovin it, but hackers are too. The campaign pokes fun at the enduring belief that swapping letters for symbols equals security, a trick attackers mastered decades ago. And while security pros lean on passphrases, managers and multi factor authentication, most users still cling to flimsy passwords. Even younger users fare no better, according to Google. The takeaway Enjoy the fries, but stop using them to protect your accounts. Please drive through. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Foreign. If you only attend one cybersecurity conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26 I'll see you in San Francisco.