AI behind the velvet rope.

The White House keeps frontier AI models on a short leash. Russian threat actors increasingly target secure messaging platforms. DirtyClone is a high-severity Linux kernel privilege escalation flaw. An investigation claims federal websites are violating privacy rules. Microsoft dismantles a sophisticated malicious browser extension campaign. Setting up a GitHub repository could trick AI coding agents into executing malicious payloads. The DOJ shuts down illegal World Cup streamers. An Anonymous-linked hacker gets 18 months for website defacement. Monday business briefing. Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discusses cyber risk as a board concern. In healthcare AI, patient privacy needs a second opinion.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discussing cyber risk as a board concern. If you're interested in learning more about NACD, be sure to check out their Director’s Handbook on Cyber-Risk Oversight.

Selected Reading

Washington pushes AI into an export-control era as rivals rush to fill the gap (Metacurity)

FBI and CISA Warn Russian Hackers Stealing Verification Codes and Account PINs From Signal Users (GB Hackers)

'DirtyClone' Linux Kernel Vulnerability Leads to Root Access (SecurityWeek)

‘It’s dangerous and it’s going to erode trust’: redesign of US government websites stokes surveillance fears | Trump administration (The Guardian)

StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years (SecurityAffairs) 

Clean GitHub repo tricks AI coding agents into running malware (Bleeping Computer)

US seizes hundreds of FIFA World Cup illegal streaming domains (Bleeping Computer)

Anonymous-Linked Hacktivist Aubrey Cottle Jailed Over Texas GOP Cyberattack (Hackread)

Accenture acquires Dragos, runZero, and NetRise for more than $4 billion. (N2K Pro Business Briefing)

Medical diagnosis AIs can be tricked into telling whose data trained them (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices