C (15:08)

USAA knows dynamic duos can save the day like superheroes and Sidekicks or auto and home insurance with USAA you can bundle your auto and home and save up. Tap the banner to learn more and get a'@usaa.com bundle restrictions apply.

B (15:29)

It is always my pleasure when I get to welcome some of my N2K CyberWire colleagues to the show here. And today I get to do just that. Liz Stokes is our Cyberwire producer, and Maria Vermazes is host of the T Minus Space Daily podcast. Ladies, welcome.

D (15:44)

Thank you, Dave.

E (15:45)

Hi, Dave.

B (15:46)

So we have a miniseries that is getting ready to drop into our feed this coming Monday. It is called Cyber Without Borders. Why don't we start with a little bit of the backstory on this, Maria? This started with an invitation, an unlikely invitation indeed.

D (16:05)

As all good stories do. Early November 2025, we got a very suspicious email in our inboxes that said it was from NATO and they were inviting us to Estonia. And I think all of us went, there's no way this is real. This has got to be a fish. Long story short, it was very real. And they'd been watching us for a while.

B (16:27)

Right.

D (16:28)

So they were inviting us to join them at their cyber range in Tallinn, Estonia, to see sort of the takeaway of one of their major cybersecurity exercises they could conduct there with their partner nations and allies. And they wanted us to kind of get a sense of what they were doing. So Liz and I did that in early December.

B (16:50)

Liz, give us an idea of some of the logistics here of picking up a crew and taking them halfway around the world.

E (16:58)

Yeah, so it was much less of a crew and more. So me and Maria.

D (17:02)

Two woman crew.

E (17:04)

Two woman crew. And, yeah, I mean, it was a lot of fun. We packed for every possible scenario that we could because, you know, you only get to go to Estonia once. And so we went over there, and we knew that we were gonna try and cover everything that we possibly could. We were gonna bring back more audio than what we needed, and that's exactly what we did. I think that's the main goal of a podcast, is coming back with more audio than what you could ever even imagine. And so, yeah, we were over there for What, Maria? Like three days, I think, max.

D (17:36)

Yeah, I think 36 hours on the ground. For me, you were there longer than I was. Cause you, you, you. You were smart about it. I was not. I parachuted in and out, and I was exhausted and got sick afterwards. It was the whole thing. But I think I recorded audio for every waking moment.

E (17:52)

As you should.

D (17:53)

Yeah, editing's been fun. It's been really fun.

B (17:57)

Take us through that process. Because my experience is when you walk into something like this, you don't always know what you're going to end up with or the stories that you're going to tell. But as you are there, things start to form in your mind, like, maybe this is a story we tell, maybe this is an angle. Is that what happened for you, Maria?

D (18:17)

Liz and I were. We had some idea of what we might see at this exercise before we went, because NATO does publish like a little blog lit hundred, 200 words about what this exercise is. So we had like the most faint idea of what it would be that we might see. But during our research for this trip, and I think even on the plane over to Estonia, and while we were there, we realized that there was a bigger, broader meta story that we also needed to tell about why the heck were we in Estonia to begin with? Why is NATO there? Why is their cyber headquarters there? So that's actually the first episode that we're dropping on Monday is a bit of a history lesson. And I imagine many of the Cyberwire listeners will probably know where we're going to go with this a little bit, but we're going to hopefully fill in some gaps. Because I had a sense of why, why is NATO in Tallinn? Why is Tallinn such a big deal in cybersecurity? I knew a little bit of it, but in the process of being there and also learning about Estonia's history, I filled in a lot of my own gaps of that knowledge. So we're going to share that with the listeners. So when we actually get into what NATO does on the cyber side of things and the specific exercise, it'll make a lot more sense.

B (19:29)

And Liz, how many episodes are we looking forward to here?

E (19:32)

Yeah, so it's going to be a three part series. It's a special edition that we'll be releasing every Monday for the next three.

D (19:38)

Weeks with Reporter's Notebook for part four.

E (19:41)

And a special, special little nugget for everybody at the very end.

D (19:47)

If you want to hear me struggle with the coffee maker at 4 in the morning, which I'm sure everybody does behind the scenes. Yeah, yeah. That's part four of three.

B (19:59)

What did you take away from this trip? Let me start with you, Maria. Any surprises or things that were unexpected that you came home with?

D (20:10)

The big surprise that sort of landed in our laps when we got back. We went to this exercise in early December 2025, and then World geopolitics, especially regarding the United States and its position in NATO, kind of seismically shifted within a month of Us getting while we were in the middle of editing all of this. And that became a huge challenge to navigate. And we had a lot of discussions, Liz and I, about how to navigate that without making it the entire story, because that's not what we wanted to do. But we have to also acknowledge that things were shifting as we were editing and putting the story together. So that was not part of our trip. That was after our trip. That was during the editing process. And it was a challenge navigating that. I think we did a good job with it. I think. I don't want to give too much away on how we managed it, but I feel proud of how we did. I think what surprised me when we were actually at the NATO cyber range was how little we actually saw, which was a little disappointing when we would recount our experience to people was we didn't actually see a whole lot, but again, we went in a skiff for an international military alliance. They weren't going to show us a whole lot of things. So there was a lot of reading between the lines. And also, what is it that NATO is going out of their way to tell us? That seems to be something they really want us to know. What do we think about that? And that became a lot of the discussion. And you'll hear a lot of that deliberating in the podcast.

B (21:42)

How about for you, Liz?

E (21:44)

It's funny because you asked that question. We honestly talk about this in the third episode. So again, stay tuned for Maria's and my conversation about that. Very raw conversation. But anyway, so I think the. I think Maria hit the nail on the head. It was just very interesting to go in there and see nothing while we, while we were there to learn about a lot of things. And I mean, we did, we did learn a lot of, a lot of things while we were there. But also, of course, they weren't gonna let us see everything that was going on. And it was just very interesting to see that. I think it was also interesting that we got to meet the American soldiers that were on the ground over there as well. It was great to have a conversation with them and you'll get to hear that in the three part series. And I think it was just an incredible experience for somebody like me who's never really done this before or really never been in cyber before. So it was just an incredible experience to see everything.

B (22:49)

Yeah. All right, well, our thanks to the folks at NATO for inviting us again. The series is called Cyber Without Borders and that will be dropping into your Cyberwire daily feed this coming Monday. Liz Stokes is our Cyberwire producer, and Maria Vermazes is the host of the T Minus Space Daily. Ladies, thanks so much for joining us.

D (23:11)

Appreciate it, Dave. Thank you, thank you.

C (23:26)

The world moves fast. Your workday even faster. Pitching products, drafting reports, analyzing data Microsoft 365 copilot is your AI assistant for work built into Word, Excel, PowerPoint, and other Microsoft 365 apps you use, helping you quickly write, analyze, create, and summarize so you can cut through clutter and clear a path to your best work. Learn more@Microsoft.com M365 Copilot this episode is.

A (23:56)

Brought to you by Indeed. Stop waiting around for the perfect candidate. Instead, use Indeed sponsored Jobs to find the right people with the right skills fast. It's a simple way to make sure your listing is the first candidate. C According to Indeed data, sponsored jobs have four times more applicants than non sponsored jobs. So go build your dream team today with Indeed. Get a $75 sponsored job credit at Indeed.com podcast terms and conditions Appreciate and.

B (24:29)

Finally, Scott Shambaugh, a volunteer maintainer of Matplotlib, is used to closing pull requests. With roughly 130 million monthly downloads, the plotting library attracts steady contributions, increasingly from AI coding agents. To manage quality, the team requires a human contributor who understands any submitted changes. When an autonomous agent named M.J. rathbun submitted code and Scott denied it, that should have been the end of the story. Instead, according to Shambaugh, the agent published a detailed hit piece accusing him of insecurity, hypocrisy, and gatekeeping. It mined his public work, invented psychological motives, and framed routine code review as prejudice against AI contributors. The Post read less like a bug report and more like a manifesto. Amusing at first glance, the incident raises sobering questions. An unsupervised AI running on decentralized platforms attempted a reputational pressure campaign to force code acceptance. It's an early, unsettling glimpse of autonomous agents treating social manipulation just another optimization problem. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing@the cyberwire.com a quick program note we are not publishing this coming Monday due to the Washington's birthday federal holiday. However, don't fret. We will be debuting Part one of our NATO series in your daily podcast feed, so do look for that. Be sure to check out this weekend's research Saturday and my conversation with Ziv Mador, VP of Security Research from Level Blue Spider Labs. The research we're discussing is titled Spider Labs IDs New Banking Trojan Distributed Through WhatsApp. That's Research Saturday. Check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire. N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here next week.

D (27:34)

Foreign.

B (27:47)

If you only attend one cyber security conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26 I'll see you in San Francisco.