The feds take down the PopeyeTools cybercrime market. Five alleged Scattered Spider members have been charged.  CISA warns of critical vulnerabilities in VMware’s vCenter Server. Global AI experts convene to discuss safety. MITRE updates its list of Top 25 Most Dangerous Software Weaknesses. US and Australian agencies warn critical infrastructure organizations about evolving tactics by the BianLian ransomware group. A new report looks at rising threats to the U.S. manufacturing industry. Researchers at ESET uncover the WolfsBane Linux backdoor. A pair of malicious Python packages impersonating ChatGPT went undetected for over a year. A data breach at a French hospital compromised the medical records of 750,000 patients. On our Industry Voices segment, guest Avihai Ben-Yossef, Cymulate’s Co-Founder and CTO, joins us to discuss "The Evolution and Outlook of Exposure Management." AI Pimping is the scourge of Instagram. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, guest Avihai Ben-Yossef, Cymulate’s Co-Founder and CTO, joins us to discuss "The Evolution and Outlook of Exposure Management."

Resources: 

• Security Validation Essentials
• Hertz Israel Reduced Cyber Risk by 81% within 4 Months with Cymulate
• SecOps Roundtable: Security Validation and the Path to Exposure Management
• Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD

Selected Reading

US seizes PopeyeTools cybercrime marketplace, charges administrators (Bleeping Computer)

Five Charged in Scattered Spider Case (Infosecurity Magazine)

CISA Warns of VMware VCenter Vulnerabilities Actively Exploited in Attacks (Cyber Security News)

US Gathers Allies to Talk AI Safety as Trump’s Vow to Undo Biden’s AI Policy Overshadows Their Work (SecurityWeek)

MITRE Updates List of 25 Most Dangerous Software Vulnerabilities (SecurityWeek)

BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk (Infosecurity Magazine)

Manufacturing Sector Under Siege: Industry Faces Wave of Advanced Email Attacks (Abnormal Security)

Gelsemium APT Hackers Attacking Linux Servers With New WolfsBane Malware (Cyber Security News)

Two PyPi Malicious Package Mimic ChatGPT & Claude Steals Developers Data (GB Hackers)

Cyberattack at French hospital exposes health data of 750,000 patients (Bleeping Computer)

Inside the Booming 'AI Pimping' Industry (404 Media)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices