CyberWire Daily

Tim Starks, senior reporter at CyberScoop who covers cybersecurity policy and tech. He talks about massive chatbot message leaks. He explains concerns over domain registration abuse and the limits of takedowns. He discusses U.S. efforts to export AI and cyber standards and European moves toward digital sovereignty.

Tom Pace, CEO of NetRise and former DOE cyber analyst, explains why knowing who maintains open-source code matters. He discusses open-source provenance risks and how visibility into maintainers can close doors for nation-states. Short takes cover supply chain flaws, targeted phishing via Signal, and covert operations against influence networks.

Ben Yelin, Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies and co-host of the Caveat podcast, offers legal and policy perspective. He discusses the California lawsuit alleging social platforms harm kids and how discovery might reveal internal documents. He explores Section 230 limits, comparisons to tobacco litigation, and possible age-based restrictions.

Cynthia Kaiser, SVP at Halcyon who leads ransomware research and studies AI and quantum risks. She discusses AI lowering barriers for attackers and speeding ransomware operations. She covers quantum-era risks to long-term secrets and how national strategy and defenses must adapt. Short, sharp takes on attack velocity, automated defenses, and securing AI models.

Kathleen Smith, Chief Outreach Officer at ClearedJobs.net and co-host of Security Cleared Jobs, shares hiring and outreach experience in cleared and cyber recruiting. She discusses the experience paradox in cyber hiring. Practical paths include volunteering, CTFs, pen testing projects, domain expert transitions, internships, and internal retraining. Workplace examples and realistic expectations for entry roles are explored.

Maria Varmazis, T-Minus Space Daily host who covers space situational awareness; Brandon Karp, leader in international public-private space partnerships with national-security experience. They discuss gaps in tracking satellites and explosive growth in conjunction alerts. They debate who should control traffic data and how commercial sensors and automation can scale space safety.

Lauren Van Wazer, VP of Global Public Policy at Akamai and former White House cybersecurity policy lead, describes a career shaped by engineering, law, and tech policy. She recounts moving from AT&T to government roles and building Akamai’s worldwide policy team. She discusses leadership as coaching, wins in broadband and Wi‑Fi access, and the mantra to follow your own North Star.

Andrew Northern, Principal Security Researcher at Censys who studies web-based malware, walks through multi-stage JavaScript injects and how compromised sites funnel victims through shared redirect chokepoints. He outlines a tracing method to map those chains. Topics include fake CAPTCHAs, reuse of script paths, blockchain-based hiding, and practical defender detection and mitigation steps.

Chris Neihuis, founder and CEO of Vigilant who helps people protect money, identity, and devices. He breaks down organizational blind spots and why marketing can mask weak defenses. He covers detection gaps as systems move to the cloud. He urges CEOs to ask vendors for realproof and prioritize U.S.-based providers.

In this informative discussion, Kaushik Devireddy, an AI data scientist at Fable Security, unpacks the complex world of cybersecurity threats. He dives into a devious fake ChatGPT installer designed to steal passwords and explains how it mimicked legitimate sites to trick users. Kaushik also highlights the advanced malware tactics used, such as base64-encoded payloads and disguised command prompts. His insights on user password habits reveal alarming trends in security hygiene. This episode is a must-listen for anyone concerned about online safety!