“The hackers made me do it,” or did they? - CyberWire Daily

Summary6 min read

CyberWire Daily — “The hackers made me do it,” or did they?
Date: January 27, 2026 | Host: Dave Bittner (N2K Networks)

Episode Overview

This CyberWire Daily episode provides a comprehensive roundup of the latest cybersecurity news, including major incidents, legal actions, and global government responses to cyber threats. The highlight is an in-depth interview with Cynthia Kaiser, SVP of the Ransomware Research Center at Halcyon, who discusses artificial intelligence (AI) and quantum computing threats, the maturing ransomware landscape, and practical advice for cyber defenders in 2026. The episode closes with a memorable story of a retail employee’s creative attempt to blame hackers for a theft scheme.

Key News Stories and Insights

Microsoft Office Zero-Day Emergency Patch

[00:50]

Microsoft releases an out-of-band security update to patch an actively exploited Office zero-day vulnerability (CVSS 7.8).
Attackers can bypass OLE security protections when users open malicious documents—preview pane is safe.
Service-side fix live for Microsoft 365 and Office 2021+. Older versions require registry-based mitigations until patches are ready.
"Technical details about the attacks remain limited," (Dave Bittner, 01:45).

Suspected Cyberattack Halts Rail Service in Catalonia, Spain

[02:00]

Rail services in Catalonia disrupted by system failures at Adif; cyberattack suspected but not confirmed.
Thousands stranded, government urges remote work and rescheduling.
Ongoing incidents compound a difficult week for Spanish rail.
"Barcelona Mayor Juame Colboni called the disruption unacceptable," (DB, 03:33).

FBI Investigates Signal Group Chats in Minnesota

[04:00]

FBI probes Minnesota Signal app groups warning members about ICE agents’ locations.
Free speech and civil liberties groups argue this could chill public oversight.
FBI Director Kash Patel acknowledges constitutional concerns: "the FBI would balance constitutional rights with potential violations of federal law," (DB, 04:45).

UK Unveils National Police Service for Cybercrime

[05:05]

Major overhaul: new national police body like the FBI to tackle digital crimes.
90% of UK crime now has a digital element; fraud is 44% of records.
Home Secretary: "the most significant changes in nearly 200 years," reflecting crime’s increased scale and sophistication.

Romanian Hitman-for-Hire Site Investigation

[06:15]

Romanian authorities seize assets from two nationals running an alleged murder-for-hire site using cryptocurrency.
Platform used escrow payments to hide identities; under investigation for organized crime and money laundering.
"Such sites often prove fraudulent, though investigations are ongoing," (DB, 07:10).

UK Court Awards $4.1M in Saudi Spyware Case

[07:28]

London-based critic Ganem Al Masarir awarded over $4.1 million after Pegasus spyware linked to Saudi Arabia hacked his devices.
Digital forensics by Citizen Lab instrumental in the ruling.
"The court said the hacking enabled extensive surveillance and caused severe psychological harm," (DB, 07:49).

Google to Settle for $68M Over Voice Assistant Privacy

[08:13]

Lawsuit claims Google’s voice assistant recorded conversations without consent, sharing them with advertisers.
Settlement awaits court approval; Google offers no comment.

CISA Releases Post-Quantum Cryptography Guidance

[08:46]

New CISA guidelines map NIST PQC standards to common enterprise tech.
“The agency stresses that none are fully quantum resistant yet,” (DB, 09:17).
Focus is mainly on key establishment rather than digital signatures/authentication.

Federal Charges in Large-Scale Snapchat Hacking

[09:41]

Kyle Svara (IL) charged with hacking nearly 600 Snapchat accounts, stealing and selling private images.
"One client was former Northeastern University coach Steve Waithy, later convicted of sextortion," (DB, 10:12).

Expert Interview: AI, Quantum Threats, and the Evolving Ransomware Landscape

Guest: Cynthia Kaiser, SVP Ransomware Research Center, Halcyon
[14:45 - 24:38]

On Congressional Focus on AI and Quantum Cyber Threats

Cynthia appreciates Congress' growing attention, quoting Rep. Olis:

"If we don't get this right, we're screwed." (Cynthia Kaiser, 14:51)
Importance of separating fact from hype:

"...knowing what's accurate, what might be hyperbolic, but then what we can actually do to counter it..." (CK, 15:10)

Meaning of “AI Dominance”

[15:46]

For Cynthia, AI dominance means US leadership in cutting-edge AI models, shaping ethical use and market power.
“To me, that means we're the market leaders. We are able to ensure that the AI that goes out there conforms to the free speech and all other ethics that we hold dear as a country, and that we know… how it can be exploited, how it can be used for safety, and how to combine that.” (CK, 16:01)

Current US Standing and International Competition

[16:34]

US is 4–6 months ahead of competitors, especially China, who rapidly follow US AI advances.
“Whether that's from... figuring out things, stealing things along the way, or just when you know something's possible, sometimes it's easier to get to that point. Either way, the US is still ahead.” (CK, 16:45)

Ransomware Outlook for 2026

[17:27]

AI hasn’t fundamentally changed ransomware tactics—yet—but lowers barriers and speeds up tasks.
“It’s lowered the barriers and it's accelerated some discrete tasks, some workflows.” (CK, 17:35)
Growth in deepfake social engineering expected to overtake traditional techniques.
“...deep fake social engineering [will] really start to overtake just the traditional identity tech, a traditional social engineering.” (CK, 18:23)

Ransomware Market Maturity: Innovation or Refinement?

[19:41]

We're in a refinement stage: ransomware is much faster, driven by operator experience and increased virtualization, not just AI.
The dwell time for attackers is now “24 hours to hours”—necessitating automated, real-time defensive strategies.
“You really need automated defense, you need defense in depth to be able to identify these attacks in real time.” (CK, 20:40)

Will Quantum Threats Change Ransomware?

[21:48]

Quantum tech threats are a little way off for broad ransomware usage; greatest concern is state-level actors.
Future risk: encrypted stolen data could become accessible as quantum tools develop.
“Even the information that's been stolen along the way, if it was encrypted ... the ability to then go through data to identify high value data ... could come into play.” (CK, 22:19)

Advice for Defenders in 2026

[23:01]

Expect less lead time, more convincing attacks, and faster threat cycles.
“Really defenders should expect the shorter lead times, more convincing social engineering and faster iteration...” (CK, 23:04)
Basics matter: rapid patching, strong identity controls, resilient detection and response.
Increased focus on protecting in-house AI models—these are emerging, consolidated data targets for attackers.
“We really have to think about the security and extra security we're putting around the AI tools on our own systems to better protect our information.” (CK, 24:28)

Memorable Quotes & Moments

“If we don't get this right, we're screwed.”
— Representative Olis (quoted by Cynthia Kaiser), [14:51]
“AI hasn't fundamentally changed ransomware tactics, but it's changed kind of the economics of ransomware.”
— Cynthia Kaiser, [17:30]
“Now really all these [ransomware] things are happening in 24 hours to hours... you really need automated defense.”
— Cynthia Kaiser, [20:34]

Noteworthy Segment

The “Best Buy Guy” and the Hacker Alibi

[25:28]

In Savannah, Georgia, Best Buy employee Dorian Allen reportedly allowed $40,000+ in thefts, claiming hackers threatened to leak nudes unless he complied.
Police: Allen could not provide evidence of “hackers.” Surveillance showed staged checkouts of 143 items.
“While these supposed hackers remain, for now, safely imaginary.” (DB, 26:11)

Timestamps Index

00:50–13:00: Global cybersecurity news
14:45–24:38: Interview with Cynthia Kaiser (AI, quantum threats, ransomware trends, defenders’ advice)
25:28–26:11: Best Buy “hacker” alibi story

Tone & Language

Throughout, Dave Bittner maintains a professional but approachable style, deftly balancing succinct news delivery with deeper industry insights. Cynthia Kaiser brings expertise and a pragmatic perspective, focusing on real-world implications over hype, and highlighting clear, actionable guidance for security professionals.

This summary seeks to provide listeners and non-listeners alike a rich, detailed snapshot of the episode’s most significant news, expert insights, and memorable moments—focusing on what’s shaping the cybersecurity landscape today and tomorrow.

Loading summary

Transcript17 lines

[00:02]
A
You're listening to the Cyberwire Network powered by N2K. If securing your network feels harder than it should be, you're not imagining it. Modern businesses need strong protection, but they don't always have the time, staff or patience for complex setups. That's where Nord layer comes in. Nordlayer is a toggle ready network security platform built for businesses. It brings VPN access control and threat protection together in one place. No hardware, no complicated configuration. You can deploy it in minutes and be up and running in less than 10. It's built on zero trust principles so only the right people can get access to the right resources. It works across all major platforms, scales easily as your teams grow and integrates with what you already use. And now Nordlayer goes even further through its partnership with CrowdStrike, combining Nordlayer's network security with Falcon Endpoint protection for small and mid sized businesses. Enterprise grade security made manageable Try Nordlayer risk free and get up to 22% off yearly plans plus an extra 10% with the code CYBERWIRE10. Visit nordlayer.com cyberwire daily to learn more. Microsoft rushes an emergency fix for an actively exploited Office Zero day A suspected cyber attack halts rail service in Spain. The FBI probes signal chats in Minnesota. The UK moves to overhaul policing for the cyber age. Romania investigates a hitman for hire site. A UK court awaits awards $4.1 million in a Saudi spyware case. Google agrees to a voice assistance settlement. CISA Maps post quantum crypto readiness Prosecutors charge an Illinois man over a Snapchat hacking scheme targeting hundreds of women. Our guest today is Cynthia Kaiser, senior vice president of the Ransomware Research center at Halcyon, sharing some insight into the AI and quantum threats to cybersecurity and the National Cyber Strategy. And a Best Buy guy tries a creative alib. It's Tuesday, january 27, 2026. I'm dave buettner and this is your cyberwire intel brief. Thanks for joining us here today. It's great to have you with us. Microsoft has issued emergency out of band security updates for an actively exploited zero day vulnerability in Microsoft Office, with a CVSS score of 7.8. The flaw allows attackers to bypass object linking and embedding or OLE security protections by abusing how Office handles untrusted inputs in malicious documents. Exploitation requires a user to open a specially crafted Office file, although the preview pane remains safe. The issue affects multiple Office versions as well as Microsoft 365 apps for enterprise for Microsoft 365 and Office 2021 and later a service side fix is already live and takes effect after restarting the applications. Older versions remain at risk until formal patches are released and users are advised to apply registry based mitigations. In the meantime, according to Microsoft, technical details about the attacks remain limited. Catalonia, Spain faced widespread travel disruption on Monday after a suspected cyber attack shut down regional rail services during the morning rush hour. Commuter and regional trains were abruptly suspended around 6:45am following system failures at Adif, Spain's rail infrastructure manager. Thousands of passengers were stranded, prompting the Catalan government to urge remote work and universities to reschedule exams. Spain's Transport Minister, Oscar Puente said a cyber attack was one possible cause, though this remains unconfirmed. Services later resumed intermittently, according to state rail operators, who cited a major computer malfunction. The incident compounded an already turbulent week for Spanish rail following multiple fatal injuries and injurious accidents nationwide. Barcelona Mayor Juame Colboni called the disruption unacceptable, while opposition figures blamed long term underinvestment and demanded accountability. FBI Director Kash Patel said Monday that the bureau has opened an investigation into Signal Group chats used by Minnesota residents to share information about federal immigration agents, citing concerns that such activity could put agents in danger. Speaking on a conservative podcast, Patel said the probe was prompted by claims that users shared agents locations and license plate numbers, though he did not specify which laws may have been violated. Free speech advocates quickly raised First Amendment concerns, arguing that sharing lawfully obtained information about law enforcement activity is constitutionally protected. Civil liberties groups warned the investigation could chill legitimate speech and public oversight of government actions. The chats hosted on the encrypted app Signal have been used by activists and community members to warn neighbors about immigration and Customs Enforcement activity. Patel acknowledged the free speech implications, but said the FBI would balance constitutional rights with potential violations of federal law. The UK Government has unveiled plans for a sweeping overhaul of policing aimed at tackling the surge in cybercrime, online fraud and other Internet enabled offenses. Proposals from the home office call for creating a new national police Service, described as Britain's equivalent of the FBI, to handle serious and cross border crimes increasingly beyond local forces reach. Officials say roughly 90% of crime now involves a digital element, with fraud accounting for about 44% of recorded offenses. Home Secretary Shabana Mahmood said the reforms reflect how crime has evolved in scale and sophistication, calling them the most significant changes in nearly 200 years. Under the plan, the national crime agency would be absorbed into the new service, while local forces remain focused on neighborhood policing. The government also plans major investments in digital tools, artificial intelligence and national coordination, alongside new oversight for technologies such as facial recognition. Romanian authorities are investigating two nationals suspected of running a hitman for hire website that allegedly allowed users to contract assassins online. Police conducted searches at the request of UK authorities seizing electronic devices, cryptocurrency worth about $650,000 and large sums of cash. Prosecutors say the platform used cryptocurrency and escrow style payments to conceal identities and transactions. The suspects face potential charges, including organized crime, incitement to murder and money laundering. Officials note such sites often prove fraudulent, though investigations are ongoing. A UK court has awarded more than $4.1 million to London based Saudi critic Ganem Al Masarir, ruling that his phones were hacked by spyware linked to the Saudi state judge Pushpinder Seni found a compelling basis that Al Masarir's phones were infected with Pegasus spyware and that the operation was directed or authorized by Saudi Arabia. The court said the hacking enabled extensive surveillance and caused severe psychological harm, forcing Al Nasrir to stop producing his popular YouTube content. Evidence from digital forensics researcher Bill Martzak of the Citizen Lab supported the findings. Saudi Arabia did not contest the case, leading the judge to enter summary judgment, calling the intrusions exceptionally grave invasions of privacy. Google has agreed to pay $68 million to settle a class action lawsuit alleging its voice assistant recorded users conversations without consent and shared them with advertisers. The proposed settlement, filed in federal court in California, awaits approval from U.S. district Judge Beth Labson Freeman. Plaintiffs claimed Google devices recorded private discussions even without the activation phrase. If approved, the fund will cover consumer claims and legal fees, with payouts varying by the number of valid claims. Google did not comment. CISA has released new guidance mapping post quantum cryptography standards to common enterprise hardware and software categories. Issued in response to a June 2025 executive order, the advisory is meant to help CIOs and security teams assess quantum safe readiness and plan long term migration. CISA identifies product classes already using or transitioning toward NIST PQC algorithms, including cloud services, collaboration tools, browsers and some endpoint security products. However, the agency stresses that none are fully quantum resistant. Yet most implementations focus on key establishment, not digital signatures or authentication. The guidance signals that PQC is becoming a practical procurement consideration while highlighting significant gaps enterprises must address as quantum safe standards mature. US Prosecutors have charged Illinois man Kyle Svara with running a phishing scheme that allegedly compromised nearly 600 women's Snapchat accounts between 2020 and 2021. Authorities say he impersonated SNAP employees to steal access codes, download private images, and sell or trade the material online, including via Reddit. One client was former Northeastern University coach Steve Waithy, later convicted of sextortion. Svara now faces federal fraud and identity theft charges and is scheduled to appear in court in Boston. Coming up after the break, my conversation with Cynthia Kaiser from Halcyon. We're talking about AI and quote, quantum threats to cybersecurity and a Best Buy guy tries a creative alibi. Stay with us. What's your 2am Security worry? Is it do I have the right controls in place? Maybe are my vendors secure or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. And it fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently, and finally, get back to sleep. Get started@vanta.com cyber that's V A N T A dot com cyber. When it comes to mobile application security, good enough is a risk. A recent Survey shows that 72% of organizations reported at least one mobile application security incident last year and 92% of responders reported threat levels have increased in the past two years. Guard Square delivers the highest level of security for your mobile apps without compromising performance, time to market or user experience. Discover how Guard Square provides industry leading security for your Android and iOS apps at www.guardsquare.com. Cynthia Kaiser is Senior Vice President of the Ransomware Research center at Halcyon. I recently sat down with her to discuss AI and quantum threats to cybersecurity and the national Cyber Strategy. So Cynthia, it's always great to have you back. You know, I want to key off of the fact that not too long ago we saw some congressional hearings when it came to AI and quantum threats for cybersecurity. And I wanted to check in with you on that for your reaction to kind of what this indicates, the attention that Congress is taking when it comes to these issues.
[14:45]
B
Thank you for having me back. And we're talking about a topic I find really important, which is kind of thinking about how our adversaries are integrating AI. And I'm really glad to see Congress Taking up this mantle, I think I saw Representative Olis during the hearing say, if we don't get this right, we're screwed. And, I mean, that was my big takeaway is like, that's true. Right? We have to really be thinking about this and understanding it. And by understanding it, though, I mean knowing what's accurate, what might be hyperbolic, but then what we can actually do to counter it, because it's not a runaway train, we can do things that really help put us in a better security position.
[15:32]
A
Well, you used the word hyperbolic, and I'd love to start there, because I see folks talking about the importance of AI dominance, and I have to say I'm not certain what that means. What does it mean to you?
[15:47]
B
It means that the US Stays ahead and is the leader of the kind of frontier models, the type of AI development that's at that cutting edge. Because when we keep our market dominance, keep our AI dominance, to me, that means we're the market leaders. We are able to ensure that the AI that goes out there conforms to the free speech and all other ethics that we hold dear as a country, and that we know that we're how it can be exploited, how it can be used for safety, and how to combine that. And things aren't coming at us as a surprise.
[16:29]
A
And where do you suppose we stand today in terms of maintaining our leadership?
[16:34]
B
Yeah, I think that we're easily four to six months ahead of a lot of other groups, countries, especially kind of China that's developing it. What you've seen China do a lot is kind of rapidly develop after we develop certain types of functions or advances in their own models, and whether that's from kind of typical Chinese model of figuring out things, stealing things along the way, or just when you know something's possible, sometimes it's easier to, like, get to that point. Either way, the US Is still ahead, and it's really important to keep us ahead as we look at what we might be facing coming down the road.
[17:15]
A
Well, speaking of what we might be facing, you head up the Ransomware Research center with your colleagues at Halcyon. What are you anticipating this coming year when it comes to ransomware?
[17:28]
B
So I think right now we would say that AI hasn't fundamentally changed ransomware tactics, but it's changed kind of the economics of ransomware. Right. It's lowered the barriers and it's accelerated some discrete tasks, some workflows. I think that's where you're going to see some of this improvement and some more of these discrete tasks. So in the hearing, Google talked about the use of AI in certain points of the ATTCK chain that really did enable certain components to be a little more autonomous, to act a little more autonomously and do that kind of in real time. To also thinking about the discrete tasks that are available with initial access, I feel like that's where we've seen a lot of the technology go, where you can kind of imagine how it is really beneficial to adversaries like think making a lot more believable. Phishing emails, deep fakes. So I think in the next year, what we'll likely see is deep fake social engineering really start to overtake just the traditional identity tech, a traditional social engineering. And we're also going to see actors then start to experiment with some of these more niche things that were talked about in the hearing. I call them niche, I call them experimentation because that's what they are. There's a high failure rate for this kind of stuff that's going on right now. It's really kind of starting to piece together and automate. Things are already known. So yeah, we'll probably detect it along the way. So it's easy to say kind of dismiss it now. But the reason you experiment, the reason you do lots of failures is so you can get to success. And I think that's what we're going to see over the next year is those reps that attempts to really start to get better and figure out how you can change the sophistication, make things actually more advanced using AI.
[19:24]
A
Yeah, it's a really interesting point. I mean, I guess from your point of view, where are we when it comes to the maturity of the ransomware marketplace? I mean, is there still room for innovation or are we at a state of refinement?
[19:42]
B
Well, I think refinement was probably more where we're at over the last year. And you and I have talked about this before. Over the last year, ransomware has gotten so fast and that's where we've seen a lot of the innovation. And that primarily wasn't because AI was there, it's because there's more virtualization. The ransomware actors just have more experience, so they're able to get faster. There's a lot of different things there. And that the quickness of ransomware attacks now already necessitates a change in security postures. So believing that you used to have days or weeks of dwell time of an actor, so they're on your system, you could get an alert, you could look at that alert in the Morning try to kick them out. That's not possible now. Now really all these things are happening in 24 hours to hours. And that means that you really have to automate a lot of your security tasks. The way in which you defend against AI enhanced threats is much the same. Like you really need automated defense, you need defense in depth to be able to identify these attacks in real time. Because right now and for the foreseeable future, what is more likely to happen is just more, right, more attacks from more actors who maybe wouldn't have been able to do it otherwise, or advanced actors figuring out ways to automate parts of their processes, create agents that help them do their activity so that they can do more attacks or they can do those, you know, just a slight bit faster. But I think what we're at now is looking at not having an attack. You recover from an attack, you could have set your security posture, you wait for the next one. But if you have more and more attacks, that's really problematic. And that's likely where we're going with some of these integrations of AI Speaking.
[21:33]
A
Of more and increased velocity, certainly an area of development is the quantum threat. Do you suppose that is going to affect ransomware operators ability to do what they do when these tools become more readily available?
[21:49]
B
Yeah, I think we're a little bit of ways out from some of the quantum assisted tools becoming available to the wider swaths of cyber criminal groups. When I think about the quantum, I certainly am thinking first and foremost about China and some of the other nation states. But you know, eventually when you get to those points where I think I would really worry among the ransomware group overall is not just kind of the, hey, it makes this technically a little bit easier or our ability to move is a lot faster. But even the information that's been stolen along the way, if it was encrypted, or if the information they're stealing is encrypted, maybe isn't as useful the ability to then go through data to identify high value data that we thought we were all protecting, that could come into play. But once again, I still feel that's a much farther out issue than what we're looking at in terms of the advancements fueled by AI.
[22:46]
A
Well, looking at the big picture again, you know, heading into or well into 2026 as we find ourselves already, what's your advice for the defenders out there when it comes to approaching ransomware this coming year?
[23:01]
B
Really defenders should expect the shorter lead times, more convincing social engineering and faster iteration. And that I think just shows focusing on the basics, but focusing on some of the basics. Well, the rapid patching, strong identity controls and resilient detection and response processes. That's still what is most important. And I think overall when you're looking at this, ensuring that your creating and thinking about like how do I do this detection and defense in real time? So that's really the advice I'd give to defenders overall. But I'd go a step further where now if we're on the AI topic, which is a lot of organizations are thinking about or starting to develop their own in house AI models or maybe have employees that are pulling together valuable data into their own models on their networks if more security is not placed around that. So take an in house AI model or the kind of discrete ones that maybe employees are creating on their own. That is a huge target of opportunity for ransomware actors when they get onto a system or any adversary really, they get onto a system. Maybe you used to have to go around and look for the valuable data or maybe it was in different places. But what we're all doing is consolidating that into very easily findable places. And so we really have to think about the security and extra security we're putting around the AI tools on our own systems to better protect our information.
[24:39]
A
That's Cynthia Kaiser from Halcyon.
[24:54]
C
The world moves fast. Your workday even faster. Pitching products, drafting reports, analyzing data. Microsoft 365 Copilot is your AI assistant for work built into Word, Excel, PowerPoint and other Microsoft 365 apps you use, helping you quickly write, analyze, create and summarize so you can cut through clutter and clear a path to your best work. Learn more@Microsoft.com M365 copilot.
[25:28]
A
And finally, a 20 year old Best Buy employee in Savannah, Georgia is learning that retail crime dramas rarely end with a plot twist in the defendant's favor. Police say Dorian Allen helped suspected shoplifters walk out of the Abercorn street store with more than $40,000 in merchandise from snack foods to $700 PlayStation consoles. His explanation? Online blackmail. According to the Savannah Police Department, Allen claimed a mysterious hacker group emailed instructions on which customers to wave through, threatening to leak nude photos if he refused. Investigators say he could not identify the hackers, describe them or produce the emails. Store video allegedly shows weeks of point of sale manipulation totaling 143 items. Allen now faces theft charges while these supposed hackers remain, for now, safely imaginary. And that's the cyber wire for links to all of today's stories Check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. If you only attend one cybersecurity conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26. I'll see you in San Francisco. Attackers don't go through your tools, they go around them. In our interview with Jared Atkinson, CTO at Spectrops, he reveals how attackers look to exploit our identities, steal tokens, and quietly snowball their access across active directory, cloud apps and GitHub. We talk through attack paths, why least privilege keeps failing, and how one misconfiguration can hand over the keys to your organization. Want to see risk as attackers do? Then check out the full interview now on TheCyberWire.com SpectreOps.