A controversial Trump administration deal gives the U.A.E. access to cutting-edge U.S. AI chips. FlowiseAI warns of a critical account takeover vulnerability. A new social engineering campaign impersonates Meta account suspension notices. A macOS Spotlight 0-day flaw  bypasses Apple’s Transparency, Consent, and Control (TCC) protections. Are cost saving from outsourced IT services worth the risk? Poland boosts its cybersecurity budget after a surge in Russian-backed attacks. NTT Group joins the Comm-ISAC. Jaguar Land Rover’s global shutdown continues. A data breach affects millions of customers of top luxury brands. On today's Threat Vector segment, David Moulton⁠ speaks with⁠ Palo Alto Networks’ Spencer Thellmann about the dual challenges of securing employee use of generative AI tools and defending internally built AI models and agents. AI chatbots hustle seniors for science.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector Segment

On today's segment of Threat Vector, host⁠ David Moulton⁠, Director of Thought Leadership for Unit 42, speaks with⁠ Spencer Thellmann⁠, Principal Product Manager at Palo Alto Networks. David and Spencer explore the dual challenges of securing employee use of generative AI tools and defending internally built AI models and agents. You can listen to the full conversation here, and catch new episodes of Threat Vector each Thursday in your podcast app of choice.

Selected Reading

In Giant Deals, U.A.E. Got Chips, and Trump Team Got Crypto Riches (The New York Times)

Critical FlowiseAI password reset flaw exposes accounts to complete takeover (Beyond Machines)

New FileFix attack uses steganography to drop StealC malware (Bleeping Computer)

From Spotlight to Apple Intelligence (Objective- See)

The Elephant in The Biz: outsourcing of critical IT and cybersecurity functions risks UK economic security | by Kevin Beaumont | Sep, 2025 (DoublePulsar)

Russian hackers target Polish hospitals and city water supply (The Financial Times)

NTT Group Joins the U.S. Communications-ISAC (Topics)

Jaguar Land Rover says cyberattack shutdown to last 'at least' another week (The Record)

Bags of info stolen from multiple top luxury brands - double check your data now (TechRadar)

We wanted to craft a perfect phishing scam. AI bots were happy to help (Reuters)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices