Summary6 min read

CyberWire Daily – "When Hackers Go BIG in Cyber Espionage"

Date: October 16, 2025
Host: Maria Varmazes (in for Dave Bittner)
Featured Guest: Manoj Nair, Chief Innovation Officer, Snyk

Episode Overview

This episode focuses on large-scale cyber espionage and the rapidly evolving risks in AI security. The news briefing covers significant breaches, ransomware activity, phishing campaigns, and critical vulnerabilities affecting major organizations. The centerpiece is an in-depth interview with Snyk’s Manoj Nair, who explores AI adoption, emerging security risks in AI, and actionable guidance for practitioners.

Key Cybersecurity News and Analysis

F5 Networks’ Long-Term Breach and Nation-State Espionage

[02:10]

Incident Details: F5, a leading cybersecurity company, disclosed that state-sponsored hackers gained persistent access to its networks, stealing portions of Big IP source code and information about undisclosed vulnerabilities.
Duration: Hackers were inside F5’s networks for at least 12 months, with sources attributing the attack to China.
Risks:
- Attackers may now have a technical advantage to find and exploit new vulnerabilities in F5 devices and software.
- The U.S. CISA has ordered federal agencies to update and inventory F5 devices by October 22.
Quote:
- "The threat actor's access to F5's proprietary source code could provide that threat actor with a technical advantage to exploit F5 devices and software." (Maria Varmazes, [03:15])

PowerSchool Breach and Sentencing

[05:00]

Attack: Matthew Lane, 19, hacked education software provider PowerSchool, stealing information on over 70 million individuals.
Outcome: Sentenced to four years in prison, ordered to pay $14 million restitution, and fined $25,000.

Cisco Firewall Vulnerabilities and Senate Scrutiny

[06:00]

Issue: Senator Bill Cassidy demands answers from Cisco over firewall flaws exploited in the Arcane Door espionage campaign.
Action: Agencies ordered to patch, audit, and retire affected devices within 24 hours.

Phishing Campaigns Targeting Password Managers and Job Seekers

[07:00-08:30]

Password Manager Impersonation: Attackers send fake breach alerts for LastPass and Bitwarden, tricking users into downloading remote monitoring tools that result in a complete compromise.
- "To be clear, LastPass has not been hacked. This is an attempt on the part of a malicious actor to draw attention and generate urgency…" (LastPass statement, [07:55])
Credential Phishing: New scams mimic Google Careers pages, using realistic domains and dynamic tactics to evade traditional detection. Recommendations include domain monitoring and robust MFA.

Exposed Data and Ransomware Update

[09:00]

Data Exposure: An unprotected Elasticsearch cluster leaked 6 billion records from previous breaches—underscoring risk from aggregated data exposures.
Ransomware - Killin Group:
- Expanded attacks on organizations across France, Italy, and the U.S.
- Known for double extortion: encrypting data and threatening leaks of proprietary, employee, and customer information.
- "Pressure tactics are intensifying with shorter deadlines and more aggressive leak strategies." (Maria Varmazes, [09:32])

Featured Interview: Manoj Nair (Snyk) on AI Security

State of AI Security

[11:55–12:50]

Main Point: The field is in its "early innings" – understanding AI security risks is only beginning, and responses are still catching up to rapid adoption.
Quote:
- "Security is usually following the actual technology innovation... people are starting to understand the risks, but kind of early in understanding what do you do about the risks." (Manoj Nair, [12:15])

Comparing AI Security Adoption to the Cloud Era

[13:00–13:58]

Security professionals are more proactive compared to earlier tech shifts:
- "For the cloud era, it took several years after cloud became mainstream… I don't see that with AI. I see a leaning in of the security teams… to enable the business, understand the risks, understand that they cannot be just saying no." (Manoj Nair, [13:20])

Concrete Risks in AI Adoption

[14:12–16:55]

Main Use Cases:
- Widespread usage of chat, video, voice AI in personal life; rapid adoption of generative AI tools in coding and business.
- Tools from companies like Cursor, Windsurf, Anthropic, and OpenAI rapidly changing the developer landscape.
Security Risks:
- Hallucinations in LLMs: Especially dangerous in code generation; can lead to vulnerabilities like SQL injections, inclusion of nonexistent (malicious) packages, and supply chain risks:
  - "Hallucinations are really bad for security. And so… that security risk is actually profound in that it's much higher than human produced code." (Manoj Nair, [15:38])
- Emergence of Typo-squatting/Package Risks: LLMs can recommend or use fake open-source packages, accidentally propagating malware.

Productivity Returns & Guardrails for Developers

[17:22–19:17]

Productivity Gains: AI boosts productivity, especially for "citizen developers," enabling new contributors to the development process.
Guardrails Required:
- "That doesn't mean I'm going to just deploy that in production without a lot of checking and security guardrails. So the pain moves somewhere else." (Manoj Nair, [18:15])
- Security cannot be an afterthought—guardrails (like AI tools for code review and testing) must evolve alongside productivity tools.

Advice for CISOs/Security Leaders

[19:28–21:45]

Start with Visibility:
- Do you know what gen AI/LLM apps and models your developers are using?
- Shadow AI is rampant—development teams often deploy models unknown to security.
  - Manoj recounts a story: "You ask the question, how many models do you have in production? One goes, 'We don't deploy AI.' ... the other build site team goes, 'Thousands.'" (Manoj Nair, [20:10])
Collaboration is Essential:
- Security cannot simply say no; must enable business and innovation.
- Governance, tool approval, and continuous monitoring are crucial.
- "Finding tooling that can move at the pace of AI is key… AI is really code and it's being built and it's being downloaded." (Manoj Nair, [21:11])
Continuous Learning:
- Encourage participation in industry events, e.g., the first AI Security Summit (Oct. 22–23, San Francisco, aisecuritysummit.com).
- Develop roles for "AI security engineers" to work in parallel with AI engineers.

Notable Quotes & Insights

On the difference with AI security adoption:
- "I see a leaning in of the security teams wanting to know what to do different, wanting to be close to the business… that for me is a pretty marked differentiation." (Manoj Nair, [13:30])
On LLM risks:
- "Especially the junior developer tends to think that anything that the machine produces is accurate. So that is a huge set of capable risks emerging from that." (Manoj Nair, [16:08])
On security productivity trade-offs:
- "The pain moves somewhere else... to truly get the full productivity benefit... you do need to have the proper expansion of both the technology guardrails... AI that can secure AI might be a simple way of thinking about it." (Manoj Nair, [18:22])
On addressing AI risks:
- "Find who are the providers who are being very innovative... The problem is AI is really code and it's being built and it's being downloaded." (Manoj Nair, [21:11])

Additional Segment: AI Bias in Facial Recognition

[24:15]

Issue: Wired reporting highlights how facial recognition systems exclude people with facial differences, deepening inequities due to lack of algorithmic diversity.
Expert Warning:
- "It's a solid reminder that when AI systems fail to include everyone, they can deepen longstanding inequities and isolation." (Maria Varmazes, [25:03])

Takeaways

Attacks are growing in sophistication and scope, often exploiting supply chains and trusted platforms.
AI development brings both large productivity gains and new security challenges; balancing enablement and risk is essential.
Traditional security tools aren’t enough—organizations must invest in visibility, governance, and continuous, AI-native controls.
Diversity, inclusion, and transparency remain critical not only in technical controls but in the very design of new AI systems.
Continuous education, community collaboration, and adopting emerging security roles and practices are key to staying ahead.

Timestamps

[02:10] – F5 breach and nation-state espionage
[05:00] – PowerSchool ransomware case and sentencing
[06:00] – Cisco vulnerabilities and Senate inquiry
[07:00–08:30] – Phishing campaigns: password managers and Google Careers
[09:00] – Data exposure: Elasticsearch breach and ransomware update
[11:42] – Manoj Nair interview introduction
[11:55–19:17] – Risks and productivity issues in AI security
[19:28–21:45] – Strategic advice for security leaders
[24:15] – AI bias in facial recognition and inclusion failures

This episode provided an expert snapshot of evolving cyber threats and practical, forward-thinking insights for navigating the complexities of AI security.

Loading summary

Transcript26 lines

[00:02]
Maria Varmazes
You're listening to the Cyberwire Network powered by N2K.
[00:14]
Dave Buettner
We've all been there. You realize your business needs to hire someone yesterday. How can you find amazing candidates fast? Well, it's easy. Just use Indeed when it comes to hiring, Indeed is all you need. Stop struggling to get your job post noticed Indeed Sponsored Jobs helps you stand out and hire fast. Your post jumps to the top of search results so the right candidates see it first and it works. Sponsored Jobs on indeed get 45% more applications than non sponsored ones. One of the things I love about Indeed is how fast it makes hiring. And yes, we do actually use Indeed for hiring here at N2K CyberWire. Many of my colleagues here came to us through Indeed plus with Sponsored Jobs. There are no subscriptions, no long term contracts. You only pay for results. How fast is Indeed? Oh, in the minute or so that I've been Talking to you, 23 hires were made on Indeed according to Indeed Data Worldwide. There's no need to wait any longer. Speed up your hiring right now with Indeed and listeners to this show will get a $75 sponsored job credit. To get your jobs more visibility at indeed.com cyberwire just go to indee indeed.com cyberwire right now and support our show by saying you heard about Indeed on this podcast. Indeed.com cyberwire terms and conditions apply. Hiring Indeed is all you need.
[02:01]
Maria Varmazes
F5 discloses long term Breach tied to Nation State Actors Power School Hacker Receives a four year Prison sentence Senator Scrutinizes Cisco Critical Firewall Vulnerabilities Phishing Campaign Impersonates Lastpass and Bitwarden Credential Phishing with Google Careers Reduce Effort Reuse Past breaches Recycle into new breach Killen Announces New Victims Manoj Nair from Snyk joins us to explore the future of AI security and the emerging risks shaping this rapidly evolving landscape. And AI faces the facts. Today is October 16, 2025. I'm Maria Varmazes, host of T Minus Space Daily in for Dave Fitner and this is your Cyberwire Intel Brief. Happy Thursday everyone. Thank you for joining me today. Let's get started. Seattle based cybersecurity firm F5 disclosed yesterday that state sponsored hackers had long term persistent access to its networks, leading to the theft of source code and customer information. The company says that hackers had access to the development environment for its Big IP product suite and its engineering knowledge management platform. In an SEC filing, the company said through this access, certain files were exfiltrated, some of which contained certain portions of the company's Big IP source code and information about undisclosed vulnerabilities that it was working on in Big ip. We are not aware of any undisclosed critical or remote code vulnerabilities and we are not aware of active exploitation of any undisclosed F5 vulnerabilities. We have no evidence of modification to our software supply chain, including our source code and our build and release pipelines. Bloomberg cites people familiar with the matter as saying that the hack is believed to be linked to China and that the hackers were inside F5 networks for at least 12 months. Ars Technica notes that F5's big IP line is used across the US government and by most of the largest companies in the world. The U.S. cybersecurity and Infrastructure Security Agency, or CISA, issued an emergency directive ordering federal civilian agencies to immediately inventory F5 devices and apply the latest updates by October 22nd. The agency stated the threat actor's access to F5's proprietary source code could provide that threat actor with a technical Advantage to exploit F5 devices and software. The threat actor's access could enable the ability to conduct static and dynamic analysis for identification of logical flaws and zero day vulnerabilities, as well as the ability to develop targeted exploits. 19 year old Matthew Lane of Massachusetts has been sentenced to four years in prison after pleading guilty to hacking education software provider Power School. It was, in the local vernacular, a wicked bad idea. Lane stole information belonging to more than 70 million individuals and demanded a ransom of $2.9 million in exchange for not publishing the data. In addition to his prison sentence, Lane has been ordered to pay $14 million in restitution and a $25,000 fine. U.S. senator Bill Cassidy has formally pressed Cisco for answers over two critical firewall vulnerabilities that allegedly allowed hackers to breach at least one federal agency. The senator's letter demands clarity on Cisco's timeline, knowledge of exploitation, customer guidance and internal communication protocols. The request follows a CISO directive instructing agencies to patch audit logs and retire unsupported devices within 24 hours. Citing unacceptable risk from Cisco's ASA and FTD platforms, Cisco has admitted the flaws were exploited as early as May and linked to the Arcane Door espionage campaign. Leaping Computer reports that a phishing campaign is impersonating LastPass and Bitwarden with phony breach notifications. The emails claim that the companies have been hacked, instruct users to install a more secure version of the Password Managers and that file will download the Synchro remote monitoring and management tool, which the attackers then use to install Screen Connect software Now Screen Connect is a legitimate remote management tool, but is frequently abused by attackers to take control of victims computers. LastPass issued a statement on the phishing campaign noting quote, to be clear, LastPass has not been hacked. This is an attempt on the part of a malicious actor to draw attention and generate urgency in the mind of the recipient, a common tactic for social engineering and phishing emails. Sublime Security shares a new wave of credential phishing scams impersonating Google Careers pages to target job seekers employing near limitless variations to bypass defenses. Legitimate sounding domain names like Google Careers, Site house fake login forms that harvest credentials. Attackers then tweak page Design, copy and URLs constantly, meaning each campaign looks slightly different and evades static detection rules. Very clever. The scammers also exploit password reset flows, job alerts and recruitment messages to lure victims. Sublime Security warns that these campaigns are effectively infinite in variation, making them harder to hunt and block using traditional signatures or rules. The Post recommends defenses such as domain monitoring, anomaly detection, user awareness and strong multi factor authentication. An Elasticsearch cluster exposed nearly 6 billion records, apparently accumulated from multiple past breaches and data scraping operations. The repository contains sensitive user data like emails, names, phone numbers and IPs spanning across over 40 million unique individuals. The leak is believed to aggregate information from many known incidents rather than originate in a single new breach. The database was publicly accessible for weeks, enabling anyone to query it until it was taken offline. Even though the data itself isn't newly stolen, its centralization magnifies risk, making it a rich target for opportunistic cybercrime ransomware group Killin has publicly listed new victims after recent attacks, expanding its victim swap in the ransomware underworld. Reported targets include organizations in France, Italy and the United States across sectors like healthcare, finance and manufacturing. Now Killin is known for double extortion, encrypting data and threatening to release sensitive information unless it is paid. In most recent cases, the group claimed to have stolen proprietary documents, employee records and customer data and demanded multimillion dollar ransoms. Analysts warn that Killen's pressure tactics are intensifying with shorter deadlines and more aggressive leak strategies. Organizations are urged to verify their backups, strengthen segmentation and monitor for signs of reconnaissance. Coming up after the break, Manoj Nair, chief innovation officer at Snyk, joins us to explore the future of AI security and the emerging risks shaping this rapidly evolving landscape. And AI faces the facts. Stick around.
[09:59]
Dave Buettner
What's your 2am Security worry? Is it do I have the right controls in place? Maybe? Are my vendors Secure or the one that really keeps you up at night. How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale. And it fits right into your workflows. Using AI to streamline evidence collection, flag risks, and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently and finally get back to sleep. Get started@vanta.com cyber that's V A N T A dot com cyber and now a word from our sponsor, ThreatLocker, the powerful zero trust enterprise solution that stops ransomware in its tracks. Allowlisting is a deny by default software that makes application control simple and fast. Ring Fencing is an application containment strategy, ensuring apps can only access the files, registry keys, network resources and other applications they truly need to function. Shut out cybercriminals with world class endpoint protection from Threat Locker.
[11:43]
Maria Varmazes
Dave Buettner recently sat down with Manoj Nair, who is the Chief Innovation Officer at Snyk, to explore the future of AI security and the emerging risks that are shaping this rapidly evolving landscape. Here's their conversation.
[11:56]
Dave Buettner
So today we're talking about AI security and your outlook on that. I would love to start with some high level stuff here if we could. Can you give us your perspective on sort of the state of things when it comes to AI and security? Where do you suppose we find ourselves at this moment?
[12:15]
Manoj Nair
I think we're at the very early innings of really understanding the security risks for AI. I think like every wave in technology we are about probably in the first few innings of adopting the technology, but security is usually following the actual technology innovation. And so people are starting to understand the risks, but kind of early in understanding what do you do about the risks and the risks are also, you know, just emerging as we speak.
[12:51]
Dave Buettner
Well, we've seen transitions over the years. You know, you think about folks moving to the cloud and things like that. Does this one strike you as being different?
[13:01]
Manoj Nair
I think both the speed of the technology transformation and the understanding of security, both are, both are different in that they are moving at what I call the AI speed. I think the good news is there is a bigger understanding when I talk to a lot of very large companies and CISOs and enterprises. I think, for example, just contrasting with the cloud era that took a few years Several years after cloud became mainstream, I think for the security professionals to truly understand that the risks are different and they need to own it and do something different. I don't see that with AI. I see a leaning in of the security teams wanting to know what to do different, wanting to be close to the business, enable the business understand the risks, understand that they cannot be just saying no. And so there's a lot like that for me is pretty marked differentiation between these two technology waves.
[14:02]
Dave Buettner
Well, let's dig into some of the risks. I mean, what are some of the things that are top of mind for you in terms of the things that have your attention and your concern?
[14:12]
Manoj Nair
Let me break it down maybe into a couple of the key use cases that we see. From where I sit and where the company sits, one of the in our personal lives, AI adoption is chat, video, voice, all of these use cases, all of us are using it every day, our kids are using it. So it's all kinds of fun that we can talk about. On the work front, code has become like the chat like use case, right? So there is, you know, it used to be just copilot three years ago. There are tons of companies here, some that are breaking every record. Companies like Cursor and windsurf, anthropic and OpenAI themselves have introduced coding assistance and agentic AI IDEs and agentic orchestrators. So there's three generations of code related innovation that has already emerged in the AI space. And so ground zero of the risks is the magic of LLMs that we all like is they're, oh, look at this, they thought of this unique thing and it's just them using all the training data that they have and manifesting results in different ways that we think is magic. On the code side we call it hallucinations. And hallucinations are really bad for security. And so one of the biggest things that three years ago was education and today I don't find the CISO is not aware that it is improving, but that security risk is actually profound in that it's much higher than human produced code. Will it get better? It will, but there's also a human psychology element there where especially the junior developer tends to think that anything that the machine produces is accurate. So that is a huge set of capable risks emerging from that, whether it's SQL injections getting into the code and no one is catching it until late, or package risks, malicious packages. We saw some recent attacks over the last few even weeks where people are creating malware and open source packages and these LLMs are hallucinating packages that don't exist in a predictable way. So they go post malware. It's called typo squatting. So all these terms are emerging, these risks are emerging, whether it's code or the packages or the supply chain. So there's a new set of, I would say, coding and supply chain risks emerging with just the first use case. Right. And I'll pause there because then there's that next set of things that people are doing with LLMs.
[17:00]
Dave Buettner
Well, before. Yeah. So before we get to the next step, let me ask you this. I mean, have we hit the point yet where it's worth it, where it's not just aspirational to hope that these LLMs are going to actually return on their investment when it. From a coder's point of view.
[17:22]
Manoj Nair
I think the productivity is there. I do see some occasional research that says because of so many other things that they now have to deal with. If you think about a typical engineer these days, there's research that we have done, others have done. This is you don't spend more than, let's say, somewhere between 10 to 30% of your time coding. So if you truly look at the full software development life cycle, you got to understand that AI has got to impact all of that. And we are seeing innovative companies who are trying to impact that entire software development life cycle, all the way from design to code to test. And until that happens, and that happens with proper guardrails, it is hard to find that full productivity impact that's promised. But today there is that euphoric moment where some of the busy work can go away. Or if you're not a regular developer, you're now able to code again. Or this term citizen developer emerges. But I talked about my two roles. I love that my marketing team, that some of them have never looked at code before, able to use some of these, wipe coding apps and create technology. That doesn't mean I'm going to just deploy that in production without a lot of checking and security guardrails. So the pain moves somewhere else. And to truly get the full productivity benefit, which I'm a believer that we will get, you do need to have the proper expansion of both the technology guardrails, like AI that can secure AI might be a simple way of thinking about it, but also AI that can test AI, AI that can do PR checks for AI. So new innovation needs to figure out what is the new new sets of pain points it's creating and then find solutions for that too. That's happening. It's happening real time.
[19:20]
Dave Buettner
Well, given these realities, what's your advice then for the folks who are charged with protecting their organizations? What are your words of wisdom?
[19:29]
Manoj Nair
My first question I ask any CISO is do you know what the devs are doing in terms of building gen AI apps and LLM apps and MCP servers into their code? And the answer is, you know the answer. And so start with visibility. Like everything else, you know, where's the shadow AI happening in your organization? I've been on calls where CTO and the CISO are both on the call large organization. And you ask the question, how many models do you have in production? One goes, we don't do, we don't deploy AI right now. You can imagine this is security professional. And then the other build site team goes, thousands. And so this is the dichotomy that's there. So start with visibility and once you start with visibility, then just follow traditional security principles. You're not going to say no because the pressure is from the C levels in the board. Can you work with your technology counterparts to figure out what's the proper governance model? Do you need to use every one of the 2 million models in hugging face? Does the dev team really need that access or could you find a few secure ones? Then of course as a security professional, you're going to find what tools allow me to know how do you approve and disapprove some of these models. And so this back and forth like collaboration is key, visibility is key. Finding tooling that can move at the pace of AI is key. So find who are the providers who are being very innovative because you're not going to see it from most of your. If you're a security professional thinking that my traditional endpoint or traditional network company is adding some AI features and that's going to help me here. The problem is AI is really code and it's being built and it's being downloaded. We call these terms inferencing, using GPUs to run these models. All that is very dynamic. It's going between, you know, acting and inferencing and using data fairly quickly. So what are the dynamic set of capabilities? I need as a security professional to allow the team to be very innovative while sensing and reacting and putting governance in place and putting visibility in place, but also figuring out how do I really know how the model is behaving after deployment and bringing all of that data back to continuously update the policy. So something like that one is just educate yourself. We are holding the first industry event In San Francisco October 22nd, 23rd it's called the aisecuritysummit.com it's free. It's us partnering with an organization called AI Engineer. They're the ones who held the largest AI engineering conference in June. 3000 plus AI engineers and all the leading AI companies were there. So this is an industry event founded by Snyk, an AI engineer. We got CEOs of 10, 15 companies there and there's a practitioner track and there's a leader track. I mean finding events like this to really educate yourself on what is the state of art of agentic gen AI development and then what is the best practice ways to start educating and training your team to have these AI security engineers who can be paired with AI engineers to really be able to go drive the security of gen apps. That would be my recommendation.
[23:06]
Maria Varmazes
That was Manoj Nair sitting down with Dave Bittner to explore the future of AI security and the emerging risks shaping this rapidly evolving landscape.
[23:19]
Manoj Nair
Foreign.
[23:29]
Dave Buettner
They know cybersecurity can be tough and you can't protect everything. But with Thales, you can secure what matters most. With Thales's industry leading platforms, you can protect critical applications, data and identities anywhere and at scale with the highest roi. That's why the most trusted brands and largest banks, retailers and healthcare companies in the world rely on Thales to protect what matters most. Applications, data and identity. That's Thales. T H A L E S learn more@talasgroup.com Cyber.
[24:15]
Maria Varmazes
When did making plans get this complicated? It's time to streamline with WhatsApp, the secure messaging app that brings the whole group together. Use polls to settle dinner plans, send event invites and pin messages so no one forgets mom 60th and never miss a meme or milestone. All protected with end to end encryption. It's time for WhatsApp message privately with everyone. Learn more@WhatsApp.com facial recognition is becoming part of everyday life, from unlocking our phones to verifying our identities online. But for millions of people that are living with facial differences, that technology can be more of a barrier than a convenience. There's new reporting from Wired that reveals that some individuals are being locked out of their essential services, like renewing driver's licenses, accessing financial accounts, or even just verifying their identity simply because the systems can't recognize their faces. Experts say that the issue stems from algorithms that weren't trained with enough diversity, leaving people with craniofacial conditions or other differences literally unseen by the technology. And advocates warn that this isn't just some technological glitch. It is a solid reminder that when AI systems fail to include everyone, they can deepen long standing inequities and isolation. They're calling for more inclusive design and human support when automated systems fall short. It's proof that even advanced AI can sometimes miss what's right in front of it.
[26:04]
Manoj Nair
Foreign.
[26:09]
Maria Varmazes
And that's the Cyberwire Daily brought to you by N2K CyberWire. For links to all of today's stories, check out our daily briefing@thecyberwire.com hey CyberWire listeners. As we near the end of the year, it's the perfect time to reflect on your company's achievements and set new goals to boost your brand across the industry next year. And we would love to help you you achieve those goals. We've got some unique end of year opportunities, complete with special incentives to launch 2026. So tell your marketing team to reach on out. Send us a message to Salesthesyberwire.com or visit our website so we can connect about building a program to meet your goals. We'd love to know what you think of our podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing, changing world of cybersecurity. If you like the show, please hear a reading and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our producer is Liz Stokes. We're mixed by Elliot Peltzman and Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ivan. Peter Kilpie is our publisher and I'm your host Maria Varmazes in this week for Dave Buettner. Thank you for listening. We'll see you tomorrow. Here we have the Limu Imu in.
[27:48]
Dave Buettner
Its natural habitat, helping people customize their car insurance and save hundreds with Liberty Mutual. Fascinating.
[27:57]
Manoj Nair
It's accompanied by his natural ally, Doug.
[28:00]
Maria Varmazes
Uh, Limu is that guy with the binoculars watching us.
[28:03]
Manoj Nair
Cut the camera.
[28:04]
Dave Buettner
They see us. Only pay for what you need@libertymutual.com Liberty Liberty Liberty Liberty Savings Very underwritten by Liberty Mutual Insurance Co. Affiliates excludes Massachusetts Cyber Innovation Day is the premier event for cyber startups, researchers and top VC firms building trust into tomorrow's digital world. Kick off the day with unfiltered insights and panels on securing tomorrow's technology. In the afternoon, the 8th annual DataTribe Challenge takes center stage as elite startups pitch for exposure, acceleration and funding. The Innovation Expo runs all day, connecting founders, investors and researchers around breakthroughs in cybersecurity. It all happens November 4th in Washington, D.C. discover the startups building the future of cyber. Learn more at CID Datatribe. Com.