Loading summary
A
You're listening to the Cyberwire Network, powered by N2K.
B
Heading to this year's Black Hat USA. The N2K CyberWire team will be on site recording from our podcast studio in the Spectre Ops Kennel Club. If you're interested in joining us for a conversation or learning more about what we're recording throughout the week, visit sponsor.thecyberwire.com for more information. And make sure you stop by the studio and meet the N2K CyberWire team. We'll see you there. What's the one thing in business that's spreading as fast as AI? AI Risk Every new tool your team signs up for. Every vendor that turns on AI features, every new integration. Each one is an opportunity for something to go wrong. And most security programs weren't built for AI's pace of growth. Enter Vanta. Vanta is the number one agentic trust platform used by over 16,000 fast moving companies like Ramp Cursor and Harvey to ensure they're always audit ready. And now Vanta is helping companies like yours watch for the risks that show up between audits across your vendors, your AI tools and your whole environment. How the Vanta agent works like a 24.7grc engineer in the background, finding issues, drafting fixes and cutting vendor assessment time by up to 50%. Whether you're a fast growing startup or a global enterprise, Vanta is here to help you automate your security and compliance and earn and prove trust. Get started today@vanta.com cyber that's V-A-N T A.com cyber. Cert CC warns of an unpatched tender router backdoor. Adobe highlights an actively exploited cold fusion flaw. Canada pulls back the curtain on offensive cyber operations. Anthropic quietly removes hidden tracking from Claude code. Chinese AI gains momentum as US Providers sweeten the deal. US Cloud firms challenge South Korea's new security rules. Microsoft's device telemetry helps unmask an alleged scattered spider hacker. Spanish police arrest an alleged pro Russia hacktivist. Our guest is Orla Daily, CIO at skillsoft, discussing if AI is already bypassing its own guardrails and the stochastic parrot is back and it's tired of being misquoted. It's Tuesday, july 7th, 2026. I'm dave bittner and this is your cyberwire intel brief. Thanks for joining us here today. It's great as always to have you with us. CERTCC is warning of an unpatched authentication backdoor affecting multiple Tenda router firmware versions. The flaw allows anyone with a hidden password to bypass normal authentication and gain full administrative access through the router's Web interface, regardless of the configured username or password, according to the advisory. The firmware checks an undocumented password stored in the device configuration after normal authentication fails, and any username will be accepted if the backdoor password matches. Successful exploitation enables complete device takeover, including changing network settings, disabling security features and compromising connected systems. Tenda has not responded or released a patch. CERTCC recommends disabling remote management and changing the default LAN IP address to reduce exposure until a firmware update becomes available. Adobe is urging ColdFusion customers to apply the latest security updates immediately after researchers reported active exploitation of a maximum severity path traversal flaw that can lead to remote code execution. The vulnerability is one of six critical bugs addressed in Adobe's June 30 bulletin. With hundreds of Internet exposed cold Fusion instances still online, organizations are advised to patch without delay. Adobe recently announced it will move to a twice monthly security advisory schedule, citing AI driven vulnerability discovery and the need to accelerate patch releases. Canada's communications security establishment, the CSE revealed it conducted three state authorized offensive cyber operations last year targeting threats to national security. The agency said it disrupted overseas brokers supplying chemicals used to produce fentanyl, undermined an extremist group's online recruitment and propaganda efforts, and dismantled a ransomware as a service operation by rendering its infrastructure inoperable and delayed deleting much of its data. CSE also carried out technical disruptions against 10 major ransomware groups targeting Canada and conducted one defensive cyber operation that disrupted a phishing campaign aimed at Canadian government institutions and other critical systems, while the agency withheld operational details and locations to protect its methods. The report offers a rare public look at how Canadian intelligence uses offensive cyber capabilities to counter cybercrime, crime, extremism and other foreign threats. Anthropic removed hidden tracking code from its CLAUDE code developer tool after a security researcher discovered it was quietly identifying users potentially connected to China by monitoring signals such as time zones and proxy use. Anthropic engineer Tariq Shiapar said the code was introduced as a March experiment to combat account abuse and AI model distillation and was removed because stronger protections are now in place. Privacy advocates criticized the undisclosed tracking as a breach of user trust, arguing it should have been transparent. The incident comes amid growing tensions over Chinese AI companies allegedly distilling US Models following reports of the tracker. Alibaba banned employees from using CLAUDE code, citing security concerns. Anthropic maintains that large scale distillation poses a significant threat to AI security and competitiveness. Chinese AI models are rapidly gaining adoption among U.S. companies as they deliver competitive performance at significantly lower cost than leading American systems platforms such as OpenRouter Report. Chinese models now account for more than 30% of weekly token usage by US developers, driven by offerings from companies including Deepseek and Zai. Some businesses have migrated workloads from premium US Models, citing dramatic cost savings while maintaining acceptable performance for many applications. Industry observers say Chinese open source and open weight models are closing the capability gap with top US systems while costing 60 to 90% less for certain workloads. The trend highlights growing pressure on US AI companies as organizations increasingly prioritize affordability and flexibility alongside cutting edge performance when selecting AI models. OpenAI, Anthropic and major cloud providers are aggressively offering startups millions of dollars in AI, compute and token credits to attract long term customers, according to the Wall Street Journal. Some startups have received competing offers exceeding $3 million, while companies like Google Cloud, Microsoft and Amazon Web Services are also providing generous incentives. The competition comes as AI vendors face pressure to grow revenue ahead of potential IPOs and fend off lower cost rivals. The incentives are designed to lock startups into their platforms before they establish lasting infrastructure and development flows. Major US Cloud providers are urging Washington to challenge South Korea's proposed overhaul of its Public sector cloud security certification program, arguing the changes could unfairly disadvantage foreign providers and violate the Korea U S Free Trade Agreement. The companies are particularly concerned that revised rules could require physical network separation, forcing providers such as Amazon Web Services, Microsoft Azure and Google Cloud to build dedicated infrastructure in South Korea at significant cost. South Korea says the overhaul is intended to strengthen national security and streamline approvals under the National Intelligence Service, not discriminate against foreign firms. The dispute adds to broader U S South Korea tensions over digital regulation, with U.S. officials and lawmakers closely monitoring the proposed rules and their potential impact on trade and broader bilateral security cooperation. Court documents allege that 19 year old Peter Stokes and American Estonian accused of involvement with the Scattered Spider cybercrime group was linked to an alleged $8 million ransomware demand through Microsoft's Global Device Identifier, or GDID. According to an FBI affidavit, Microsoft provided device telemetry that allowed investigators to correlate a unique Windows device identifier with NGROK access records despite Stokes use of a vpn. The GDID was then matched with IP addresses linked to his Snapchat, Apple and Facebook accounts across multiple countries, strengthening the attribution. Stokes faces six charges, including four related to the alleged ransomware scheme and two conspiracy counts tied to Scattered Spider. His prosecution is part of the FBI's broader Operation Riptide, targeting the prolific cybercriminal group. Spanish police have arrested a man accused of supporting several pro Russia hacktivist groups linked to cyberattacks against critical national infrastructure. Authorities allege the suspect, arrested in March following an FBI tip, maintained close ties to Cyber army of Russia Reborn z Pentest and Noname O5 7 16, helping coordinate activities and provide logistical support. Investigators also claim he assisted a CAR member's escape to Russia in 2025 and seized computer equipment and cryptocurrency assets believed to be connected to cybercrime. The arrest is part of the FBI's Operation Red Circus, which targets Russia aligned hacktivist networks. Western intelligence agencies have warned that while these groups often rely on distributed denial of service attacks, they have also been linked to more serious intrusions targeting critical infrastructure, including water and energy systems. Coming up after the break, my conversation with Orla Daily from skillsoft. We're discussing if AI is already bypassing its own guardrails and the stochastic parrot is back and it's tired of being misquoted. Stay with us. AI is making phishing attacks faster, more convincing and harder for people to spot, and traditional security awareness and phishing training weren't designed for this level of attack. HOX Hunt helps security teams prepare employees for the attacks they face every day with personalized phishing training that adapts to each employee and reduces risky behavior over time for IT and security leaders looking to strengthen their human layer of defense without adding more manual work. Visit hoxhunt.com cyberwire to learn more. That's H O x h u n t.com cyberwire. This episode is supported by Black Hat usa. If you follow the research, you know a lot of it breaks on Black Hat stages hundreds of peer reviewed briefings, more than 100 hands on trainings, and the largest business hall in Black Hat's history. Six days to learn the skills you'll need tomorrow, August 1st through the 6th. Use code CYBERWIRE for $200 off your briefings pass@blackhat.com we'll see you in Vegas. Orla Daily is CIO at skillsoft. We recently got together to discuss if AI is already bypassing its and why many organizations aren't ready.
A
So I think when, you know, we look at the media we can see that there's obviously a number of examples of where AI is breaking beyond the guardrails and seeing that with different examples. And I think what it's really just highlighting is a few things. One, around governance, there's been a lot of focus on AI governance, but I think what this is proving is that governance cannot just stop at policy. And it's just critical that those governing elements are built into our processes to as much as to an extent as possible. As we think about governance, I would say, you know, there's definitely that tension with AI. It's new, we're looking to be innovative, we want to move fast. And therefore how do you put guardrails in place that allow you to move fast responsibly, but not slow you down? So I think that's one element. Secondly, I would say observability is clearly becoming key because in a number of these cases where AI has broken the guardrails, it's difficult or it takes a while to spot that, and therefore you can only ultimately manage what we know. And I think there's always going to be a risk, especially at the pace that this is developing, that something goes sideways. And therefore, how do you make sure that you can see that as quickly as possible to be able to then respond and react? And obviously, as we think about, about this from a skillsoft perspective, it really is then about how do you make sure that your employees are educated, they understand the potential risks, and are really on top of that in terms of just applying judgment in terms of how we continue to leverage AI responsibly, how
B
much is this a new paradigm for both the security professionals and, as you say, the users themselves. I think many people, when they think about computers and how computers work, that it's generally binary. Right. But these AI systems, is it fair to say they're a lot fuzzier?
A
I think that's a really good way of putting it. And I think it is different, right, for those in tech that are used to and maybe comfortable with, binary and having a sense of control where you provide certain inputs, you understand how those inputs were going to be processed and then ultimately what type of output you were going to get. This is a very different game and a very different time. And that does require us to think about how we're leveraging AI differently because we don't necessarily know what the output's going to look like, which then just requires a different level of skills in terms of judgment. You know, how do we get at that transparency and just, I guess it's requiring just a level of being alert and more alert than we've had to be in the past.
B
It reminds me of when my wife and I had to childproof our home against a toddler.
A
You know, that is true. And they still managed to get into those corners that you hadn't predicted.
B
That's right. That's right. Well, seriously though, I mean, what are your recommendations? What should organizations be doing to effectively come at this?
A
So I think it starts with controlling what you can control and determining how to push the right guardrails in place. You do have to start with the basics, and while they may not be sufficient, they're still very important and having those foundations in place. So what is your governance policy? Making sure that that's well understood across the organization? As I said, just embedding that into your operational processes as much. Again, striking the right balance by putting controls in place so people can get themselves into trouble, but also allowing some leeway for experimentation. And I think this is where, you know, the answer for every group is not the same. And there needs to be some level of flexibility, just depending on how those groups are trying to leverage AI, but also their level of maturity around understanding what AI can or can't do. Then I think there is something around just that level of observability and understanding what AI you have in your landscape. And therefore where are the potential exposures and the potential risk. Again, certain parts of the business, you can take more risk than others. And I think this is where we're seeing that shift, with leadership just having to be much more in tune with the company's overall appetite for risk. And then how do you manage and put in place the right controls aligned to that?
B
Yeah, I think that's a really interesting point. Do you suppose that this is an opportunity for companies to take a fresh look at their risk appetite? Because while there's certainly lots of benefits here, I mean, even the folks who aren't directly dealing with the AI, they may have to deal with some of the new types of risk that it could introduce to the organization.
A
No, I think that's a really good point. And I think we've all had risk matrix and enterprise risk management frameworks for the longest time, but I think there was maybe we had got a little bit passive around those because, to be honest, there wasn't always a huge pressure on the risk elements. And then now that's shifted. And therefore we certainly at skillsoft relooked at our enterprise risk management framework and adapted that in the context of AI. And I think that is important for companies to do. And then equally, I think the education piece is key. And we've seen that even with traditional security activities where we'd send out the spam emails and eventually people start to see the pattern and less and less people clicked over time. And that repetitive education was key. I think with AI it's no different and taking a similar approach to making sure that there is a level of just repetitiveness in the message that's going out there, but then also just keeping it updated based on just the pace at which AI is evolving.
B
Do you have any specific examples of how you and your colleagues at skillsoft have come at this challenge to balance the need for innovation with the need to protect the organization as well?
A
So I think what's been helpful for us beyond just the standard activities that a lot of companies are doing is we have now an AI Connect which we started within the digital and IT organization, but then have made a company wide forum every approximately three weeks. And that is an invitation that goes out to the full company. Anybody is welcome to join. And we usually use the session giving an update on some key AI topics and that could be how to use some of the tools that we have, or it could be an update when we refreshed our governance policy in terms of what that means. But it's equally providing a forum for people to bring their questions and to share what they're doing with AI, which allows us to get a better pulse of what's happening across the organization, but then also brings questions to the forefront that we may not have thought of, you know, a certain use case that someone's looking at that may expose a risk that they hadn't thought about. So that's been super helpful just in keeping an open dialogue across the organization for us to understand how people are leaning in and adopting AI, but then also provides them with a forum to bring their question when they're not sure of how to move forward.
B
Have there been any common elements that you've been able to track when you see organizations who are being successful here? Are there common things that they're doing?
A
A couple of themes that have emerged as I've talked to my peers. In addition to just having the basics covered again around the governance and the policies, it's having a discrete focus and having a group of individuals that are maybe tasked with advancing AI or at least are seen as the group that maybe are further along in terms of understanding how the company wants to apply AI and what the guardrails are that you want to operate within. So having that level of accountability and making an investment in upskilling a core group of individuals who can then help translate what's happening to the rest of the organization, I think is working well, it seems for a number of companies, mainly because things are happening so fast. It is impossible for everyone in addition to their day job, I think, to keep up. And therefore having a smaller group of individuals who have a little bit more capacity to do that is helpful. Or perhaps it's just in the nature of their role. They're able to leverage AI more actively and therefore are also really getting behind what it's capable of doing and what some of the pitfalls are, and then being able to share that more broadly.
B
That's Orla Daily CIO at skillsoft. As organizations grow, so does complexity. New applications are deployed, vendors are granted temporary access, and remote support tools are installed. Many of them never go away. In my recent conversation at RSAC 2026 with Rob Allen, Chief Product Officer at ThreatLocker, he explains how these forgotten tools create hidden pathways into enterprise environments and why attackers increasingly exploit what's already inside the network. Instead of trying to break through the perimeter, learn how to reduce lingering access, shrink your attack surface, and implement zero trust more effectively by listening to the full conversation at explore.thecyberwire.com threatlocker.
C
Heat up your Fourth of July at the Home Depot with our wide variety of grills under $300 and make every gather one to remember. Give your outdoor space a glow up, whatever your budget is, with savings on seasonal plants starting at $5. With the grill fired up and your backyard set to perfection, you'll be able to invite friends and family over to kick off the party. Start celebrating with low prices guaranteed at the Home Depot. Prices may vary by store. Exclusions apply. See homedepot.com Pricematch for details.
D
This episode is brought to you by Google Chrome. You think you know a browser, but Gemini and Chrome? That's new. It can help you with practically anything on the we like restoring a vintage motorcycle from a 50 page restoration block. Or finally break down that long article you've had open for weeks. Gemini and Chrome is here for it, ready to make anything online make sense. There's no place like Chrome. Check responses, setup required, compatibility and availability various 18.
B
And finally, five years after the influential Stochastic Parrots paper landed in the middle of an AI firestorm, its lead author, computational linguist Emily Bender, says many people still misunderstand its central point. The paper argued that large language models generate fluent text by predicting statistically likely word sequences, not by understanding language or meaning. In other words, they're remarkably good at sounding like they know what they're talking about, which, as history reminds us, is not a uniquely machine problem. Bender says the stochastic parrot metaphor was never intended as an insult, only as a concise explanation of how these systems produce synthetic text. She also argues that the catch all term artificial intelligence lumps together fundamentally different technologies, making public debate and regulation harder. Looking back, Bender says she would expand the paper to address another major issue, the exploitative labor practices and widespread use of creators work that underpin many modern AI systems. It's a good reminder that humans remain remarkably willing to mistake confidence for comprehension, whether it comes from a chatbot or across the conference table. Polly wants a token, And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire n2k.com N2K's lead producers, Liz Stokes, were mixed by Trey Hester with original music and sound designed by Elliot Peltzman. Our contributing host is Maria Vermazes our executive producer is Jennifer Ibin, Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.
D
Foreign.
B
What happens when AI agents gain access to the same systems, applications, and credentials as your employees? According to Arvind Nithra, Kashayp, CTO and co founder of Rubrik, that reality is already here. As AI agents proliferate across enterprise environments, organizations face a growing how do you govern systems that operate at machine speed? To learn more about AI sprawl, the risk it creates, and how organizations can prepare, visit explore.thecyberwire.com Rubrik to hear the full conversation.
Episode: Welcome home, hacker
Date: July 7, 2026
Host: Dave Bittner (N2K Networks)
Featured Guest: Orla Daly, CIO at Skillsoft
This episode delivers a brisk yet nuanced survey of recent cybersecurity threats, trends in global regulation and AI, and includes an insightful interview with Orla Daly, CIO at Skillsoft, about whether AI is already circumventing its own guardrails. The episode closes with a thoughtful reflection on the continued relevance—and misinterpretation—of the “Stochastic Parrot” metaphor for AI language models.
Topic: Is AI Already Bypassing Its Own Guardrails?
Segment Start: [14:48]
On childproofing AI:
“It reminds me of when my wife and I had to childproof our home against a toddler.”
— Dave Bittner ([17:45])
“They still managed to get into those corners that you hadn't predicted.”
— Orla Daly ([17:50])
On the importance of company-wide engagement:
“It just allows us to get a better pulse of what's happening across the organization...brings questions to the forefront that we may not have thought of.”
— Orla Daly ([21:57])
This episode weaves together the ever-quickening pace of cyber threats, the evolving regulatory landscape, and the practical realities of deploying and governing AI—highlighted by Orla Daly’s nuanced insights on balancing innovation with responsibility. The closing reflection on “stochastic parrots” is a reminder that, amid all technological leaps, critical thinking and clear understanding remain essential.