One flaw to rule the root.

CISA issues an urgent warning about active exploitation of a critical vulnerability in the sudo utility. Broadcom patches two high-severity vulnerabilities in VMware NSX. South Korea raises its national cyber threat level after a datacenter fire. Formbricks patches a critical token validation flaw. Microsoft blocks a credential phishing campaign that made use of malicious SVG files. Landlords are accused of scraping sensitive payroll data. Cybercriminals lay the groundwork for large-scale FIFA fraud. Burnout takes a heavy toll on cybersecurity professionals. On our Threat Vector segment, host David Moulton⁠ is joined by⁠ Kyle Wilhoit⁠ talking about the evolution of hacker culture and cybersecurity. London police bag the biggest bitcoin bust.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On this Threat Vector segment, host David Moulton⁠ is joined by⁠ Kyle Wilhoit⁠ of Unit 42 talking about the evolution of hacker culture and cybersecurity. You can listen to the full conversation⁠ here⁠, and catch new episodes of Threat Vector each Thursday in your podcast app of choice.

Selected Reading

CISA Issues Alert on Active Exploitation of Linux and Unix Sudo Flaw (GB Hackers)

Broadcom fixes high-severity VMware NSX bugs reported by NSA (Bleeping Computer)

South Korea raises cyber threat level after huge data centre fire sparks hacking fears (The Guardian)

JWT signature verification bypass enables account takeover in Formbricks (Beyond Machines)

Microsoft Flags AI Phishing Attack Hiding in SVG Files (Hackread)

Landlords Demand Tenants’ Workplace Logins to Scrape Their Paystubs (404 Media)

Playing Offside: How Threat Actors Are Warming Up for FIFA 2026 (Check Point Blog)

Why burnout is a growing problem in cybersecurity (BBC)

Chinese woman convicted after 'world's biggest' bitcoin seizure (BBC)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices