Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 9 stories across 5 topic areas, including: Russia conducting daily attacks on UK 'from seabed to cyberspace,' spy chief warns; UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace; CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain.

The Record (Recorded Future) · May 28 · Relevance: █████████░ 9/10

Why it matters to CISOs: GCHQ's public acknowledgment of daily Russian attacks on critical UK infrastructure—including subsea cables and energy pipelines—signals an escalating threat posture that enterprise security leaders in allied nations must factor into their geopolitical threat modeling and third-party risk assessments.

📖 Read full article

CyberScoop · May 27 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The GCHQ director's framing of AI as an 'unstoppable force' reshaping offensive and defensive cyber operations—combined with announcement of an AI-powered national cyber shield—provides strategic context for CISOs evaluating their own AI-driven defense investments and adversarial AI threat planning.

📖 Read full article

CyberScoop · May 27 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The Glassworm takedown exposed a sustained supply chain attack campaign that infected hundreds of open-source packages since early 2025, making this directly relevant to any enterprise relying on open-source dependencies in their software supply chain.

📖 Read full article

BankInfoSecurity · May 28 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Google's warning about Chinese-language PhaaS platforms using real-time OTP interception to bypass MFA and provision stolen payment cards into attacker wallets signals a maturation of adversary-in-the-middle capabilities that should prompt CISOs to accelerate migration from OTP-based to phishing-resistant FIDO2 authentication.

📖 Read full article

Dark Reading · May 27 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Research confirming that AI is dramatically compressing attacker exploit development timelines—outpacing the detection capabilities of standard vulnerability scanners—forces CISOs to reconsider patch prioritization cadences and the adequacy of scan-based vulnerability management programs.

📖 Read full article

Dark Reading · May 27 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The FBI warning about Silent Ransom Group using in-person physical access combined with social engineering to target law firms marks a dangerous escalation in extortion TTPs that CISOs at legal, financial, and professional services firms must brief to their physical security and insider threat programs.

📖 Read full article

The Record (Recorded Future) · May 28 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The Carnival breach—achieved via a single employee account compromised through social engineering—is a textbook case study in human-vector attacks at scale, reinforcing the need for robust phishing-resistant MFA and privileged account monitoring even for non-technical staff.

📖 Read full article

VentureBeat Security · May 27 · Relevance: ████████░░ 8/10

Why it matters to CISOs: With 63.6% of AI-capable vendors failing to disclose third-party AI subprocessors in their DPAs, CISOs face a significant unaddressed gap in vendor risk management and data privacy compliance that requires immediate reassessment of existing vendor contracts and AI governance frameworks.

📖 Read full article

Help Net Security · May 28 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: IBM's $5 billion Project Lightwell commitment to secure open-source software at enterprise scale—backed by 20,000 engineers and AI-driven vulnerability remediation—is a strategic market signal that could reshape how enterprises procure and trust open-source dependencies.

📖 Read full article

Alex: Welcome to Cleartext. It's Thursday, May 28th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves. Let's get into it.

Alex: We have a packed show today. The GCHQ director went very public this week with two major warnings — one about Russia's daily attacks on UK infrastructure, the other about AI reshaping cyber warfare. We've got CrowdStrike dismantling a botnet that's been poisoning the open-source supply chain for over a year. The FBI is warning about ransomware actors who are literally walking into law firms. And a new report that should make every CISO audit their vendor contracts before the end of the week. Let's start where Jordan wants to start.

Jordan: So Anne Keast-Butler, the director of GCHQ, stood up this week and said something that intelligence officials almost never say this plainly: Russia is conducting daily attacks on the United Kingdom, quote, "from seabed to cyberspace." Daily. She confirmed GCHQ is actively defending subsea cables, energy pipelines, disrupting Russian technology smuggling networks, and countering what she called reckless sabotage and assassination attempts. This is not a threat briefing about what might happen. This is an operational disclosure about what is happening right now.

Alex: And the reason this matters to our audience — most of whom are not defending subsea cables — is the signal it sends about threat posture across the entire Western alliance. If you're a CISO at a multinational with operations in Europe, or if you have third-party dependencies that touch UK critical infrastructure, energy, telecommunications, logistics, this is your threat model shifting in real time. When GCHQ goes public like this, they're telling the private sector: update your assumptions.

Jordan: Exactly. And the subtext is important. GCHQ doesn't make these disclosures for fun. They're building public and political support for increased defensive spending and for the private sector to take action. When the head of a signals intelligence agency says "daily attacks," she's telling CISOs in allied nations: your board needs to hear this.

Alex: The second piece from the same set of remarks is Keast-Butler calling AI an "unstoppable force" with offensive and defensive ramifications. She announced GCHQ is building an AI-powered national cyber shield, explicitly because adversary nations are already deploying AI in their offensive operations.

Jordan: Two things stand out to me here. First, the framing. She didn't say AI is a concern or a risk. She said unstoppable force. That's a signal that the UK intelligence community has concluded there is no scenario where AI doesn't fundamentally reshape cyber conflict. Second, she explicitly called on businesses to take urgent action. That's unusual. Intelligence chiefs don't typically issue calls to action for the private sector unless they see a gap that government alone cannot close.

Alex: Which dovetails directly into our next story, because the research on AI-assisted exploit development is no longer theoretical. Dark Reading covered new findings this week confirming that attackers are using AI to dramatically compress the time from CVE disclosure to working exploit. And here's the key finding: AI-assisted exploit development is now outpacing the detection capabilities of conventional vulnerability scanners.

Jordan: Let me put that in operational terms. Your scan-based vulnerability management program was built on the assumption that you had a window — days, sometimes weeks — between a CVE going public and an exploit appearing in the wild. That window is collapsing. If your patch prioritization cadence is still calibrated to a pre-AI threat landscape, you are behind.

Alex: This doesn't mean abandon scanners. It means scanners are necessary but no longer sufficient. You need to layer in threat intelligence-driven prioritization, assume faster exploitation timelines, and have compensating controls ready for the gap between disclosure and patch deployment. If your MTTR on critical CVEs is measured in weeks, that's now a board-level risk conversation.

Jordan: Let's pivot to supply chain, because CrowdStrike, Google, and Shadowserver coordinated the takedown of the Glassworm botnet this week. This one had been operating since early 2025 — over a year — injecting malware into hundreds of open-source software packages. The operation took down four attacker-controlled servers simultaneously.

Alex: Hundreds of packages. Since early 2025. Think about how many build pipelines consumed those dependencies over sixteen months. If you're an enterprise that relies on open-source — and let's be honest, that's every enterprise — you need to be asking your engineering teams a very specific question right now: have we audited our dependency trees against the Glassworm indicator list?

Jordan: CrowdStrike published indicators. Google published indicators. If your software composition analysis tooling isn't already flagging these, that's a gap. And this brings us to the IBM story, which is actually a useful bookend.

Alex: IBM and Red Hat announced Project Lightwell this week — a five billion dollar commitment to create what they're calling an enterprise clearinghouse for open-source software security. Twenty thousand engineers, frontier AI capabilities, covering the full lifecycle from upstream development through production. It's a massive bet.

Jordan: Five billion dollars is a market signal, not just an investment. IBM is betting that enterprises will pay for a trusted intermediary layer between raw open-source and production environments. Given what Glassworm just demonstrated, that bet looks well-timed. Whether Project Lightwell delivers on the promise is another question, but the strategic direction is sound. CISOs should watch this closely — not to buy today, but to understand where the market is heading on supply chain trust.

Alex: Good. Let's shift to the FBI warning about Silent Ransom Group, because this one is genuinely different. Jordan, set this up.

Jordan: So the FBI issued a formal warning that Silent Ransom Group is physically visiting law firm offices. Walking in the door. Social engineering staff to get direct access to servers and databases. This is not a phishing email. This is not a compromised VPN. This is a human being standing in your lobby, talking their way past reception, and accessing your systems in person.

Alex: This is the convergence of physical and cyber security that we've been talking about for years in theoretical terms. It's no longer theoretical. And the targeting is specific — law firms, professional services — because that's where the highest-value data lives with often the weakest physical access controls. If you're a CISO at a law firm, a financial advisory, an accounting firm, your physical security program and your cybersecurity program need to be having a joint conversation this week.

Jordan: The group is focused on data theft and extortion, not encryption. They don't need to deploy ransomware if they can walk out with your client files. And for law firms especially, the liability exposure from client data exfiltration is existential. This is a brief-the-managing-partner moment.

Alex: Let's stay on the social engineering theme because the Carnival breach fits here perfectly. ShinyHunters claimed responsibility. Carnival confirmed that the attacker compromised a single employee account through social engineering and used that access to exfiltrate personal data on approximately six million customers. The breach was identified on April 14th, which means they had time inside the environment.

Jordan: A single employee account. Six million records. Every time we see a breach like this, the root cause is the same: an employee was deceived, and the access that employee had — or could escalate to — was sufficient to reach millions of records. This is a controls conversation, not a training conversation. Phishing-resistant MFA, least privilege, privileged access monitoring. These are not aspirational goals anymore. They're baseline requirements.

Alex: Which connects directly to the Google Threat Intelligence Group's warning about Chinese-language phishing-as-a-service platforms. These platforms are using real-time OTP interception to defeat traditional MFA, then tokenizing stolen payment card credentials directly into attacker-controlled digital wallets. This is adversary-in-the-middle at industrial scale, offered as a service.

Jordan: The key phrase is "offered as a service." The sophistication barrier is gone. You no longer need to be a skilled threat actor to defeat OTP-based MFA. You need a subscription. If your organization is still relying on SMS or app-based one-time passwords as your primary MFA mechanism, you are defending against last year's threat landscape. FIDO2, hardware keys, phishing-resistant authentication — the migration timeline just got shorter.

Alex: Last story before we wrap. DataGrail released a report this week that should genuinely concern every CISO listening. They analyzed twenty-four hundred popular business software providers and found that sixty-three point six percent of vendors advertising AI capabilities do not disclose third-party AI subprocessors in their data processing agreements. Your vendors may be sending your data to AI models you never approved, and your DPAs don't cover it.

Jordan: Sixty-three percent. That means the majority of your AI-capable vendors are operating with a disclosure gap that directly undermines your compliance posture. If you're in a regulated industry, if you're subject to GDPR, state privacy laws, sector-specific regulations, your vendor risk management program has a blind spot that the regulators will eventually find.

Alex: This is an action item, not a watch item. Pull your top twenty AI-capable vendor contracts. Ask specifically about third-party AI subprocessors. If the DPA doesn't address it, you have a contract renegotiation conversation to initiate. This is the kind of governance gap that creates liability for the CISO personally, especially post-SEC enforcement actions.

Jordan: Alright, looking ahead. The theme this week is acceleration. Russia's daily attacks on allied infrastructure. AI compressing exploit development timelines. Phishing-as-a-service defeating MFA at scale. Open-source supply chains compromised for over a year before detection. Ransomware actors showing up in person. Every one of these stories reflects adversaries moving faster and operating more creatively than the defensive frameworks most enterprises have in place.

Alex: The question for CISOs this week isn't whether any single one of these threats applies to you. It's whether your program's assumptions about adversary speed, sophistication, and creativity are still valid. If your last strategic threat model refresh was six months ago, it's already stale. The tempo has changed.

Jordan: And the vendor trust story is the quiet bomb in the room. Everyone's focused on the loud threats — Russia, ransomware, botnets. But the systemic risk of your data flowing into AI models you didn't approve, through contracts that don't disclose it, that's the kind of risk that compounds silently until it doesn't.

Alex: Well said. That's our show for Thursday, May 28th. Show notes and links to every story we covered today are at cleartext.fm. We'll be back tomorrow. Stay sharp.

Jordan: Stay sharp.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-28.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 10 stories across 5 topic areas, including: Iranian intelligence service behind hack of LA transit system, researchers say; MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries; Dutch government blocks US company from acquisition, citing ‘risk to public interest’.

The Record (Recorded Future) · May 27 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Attribution of the LA Metro breach to Iran's MOIS—masked behind a fake hacktivist persona—signals that state-sponsored actors are actively using hacktivist cover to attack critical infrastructure, raising threat model implications for transportation, utilities, and other critical sectors.

📖 Read full article

The Hacker News · May 26 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: MuddyWater's Q1 2026 espionage campaign spanning nine countries and targeting financial services, manufacturing, and public sector organizations demonstrates Iran's sustained, broad-scope cyber espionage activity that enterprise security teams in these verticals must actively defend against.

📖 Read full article

TechCrunch Security · May 26 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The Dutch government blocking a US acquisition of the cloud provider hosting its national digital ID service reflects accelerating European sovereign cloud and technology independence trends that will directly affect multinational CISOs' vendor strategy and cross-border data governance decisions.

📖 Read full article

BleepingComputer · May 26 · Relevance: ████████░░ 8/10

Why it matters to CISOs: ShinyHunters' confirmed breach of Charter Communications—a major US telecom—highlights continued targeting of large carriers for extortion, with downstream risk to enterprise customers whose data transits or is held by Charter systems.

📖 Read full article

VentureBeat Security · May 26 · Relevance: ████████░░ 8/10

Why it matters to CISOs: CrowdStrike's 2026 Financial Services Threat Landscape Report identifies vishing-based MFA reset as the dominant attack vector against financial institutions, with Mutant Spider exploiting Microsoft Teams IT impersonation—a critical signal for any CISO relying on MFA as a control boundary.

📖 Read full article

BankInfoSecurity · May 27 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: A supply-chain incident via a poisoned VS Code extension compromised 3,800 GitHub repositories and forced enterprise-wide key rotation—CISOs with self-hosted git infrastructure must treat this as an immediate action item and audit developer toolchain extension policies.

📖 Read full article

BankInfoSecurity · May 27 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Federal agencies and contractors must reassess logging compliance postures as the Trump OMB replaces post-SolarWinds prescriptive logging mandates with a flexible risk-based model, potentially affecting regulatory expectations for companies doing government work.

📖 Read full article

Cybersecurity Dive · May 26 · Relevance: ████████░░ 8/10

Why it matters to CISOs: FBI warning about a Phishing-as-a-Service platform bypassing MFA via device code phishing in Microsoft 365 environments is directly actionable for CISOs—particularly given enterprise-wide M365 adoption—requiring review of conditional access policies and device code flow restrictions.

📖 Read full article

BankInfoSecurity · May 27 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Socket's $1B valuation Series C signals strong market validation for supply-chain security tooling beyond package managers, directly relevant as AI coding tools expand enterprise exposure to malicious dependencies and developer extensions.

📖 Read full article

Ars Technica Security · May 26 · Relevance: █████████░ 9/10

Why it matters to CISOs: A critical authentication-bypass flaw dubbed 'BadHost' in Starlette—downloaded 325 million times weekly—directly threatens enterprise AI agent infrastructure at massive scale, requiring immediate inventory and patching of any AI workloads using this package.

📖 Read full article

Alex: Welcome to Cleartext. It's Wednesday, May 27th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves. So here's what caught my attention first thing this morning. A critical authentication bypass in an open-source Python package called Starlette, which underpins a staggering amount of AI agent infrastructure. Three hundred and twenty-five million weekly downloads. The vulnerability, dubbed BadHost, lets attackers bypass authentication entirely on AI workloads built on this framework. If you're running AI agents in production, and at this point most of you are, you need to know if Starlette is in your dependency tree. Today. Not Friday.

Alex: We're going to get into that, plus Iran running dual-track cyber operations behind fake hacktivist fronts, the White House gutting post-SolarWinds logging mandates, ShinyHunters hitting Charter Communications, two separate MFA bypass techniques that should make every CISO rethink their authentication architecture, and a supply chain incident that has GitHub rotating keys enterprise-wide. A lot to cover. Let's get into it.

Jordan: Let's start with Iran because there are two stories today that paint a very coherent picture. First, researchers at Gambit Security have attributed the LA Metro breach to a group called Ababil of Minab. They presented themselves as hacktivists. They are not. Gambit ties them directly to Iran's Ministry of Intelligence, MOIS. The breach caused weeks of operational disruption to LA's transit system. Weeks. This is a critical infrastructure hit by a nation-state wearing a costume.

Alex: And that's the pattern that matters here. We've been tracking the hacktivist-as-cover trend for a while, but this is a clean attribution case. A state intelligence service deliberately created a fake persona to maintain plausible deniability while attacking American critical infrastructure. For CISOs in transportation, utilities, water, energy, you need to update your threat models. The adversary isn't just the sophisticated APT that moves quietly. It's also the group that looks like script kiddies on Telegram but has a government backing its operations.

Jordan: And then layer on the second Iran story. MuddyWater, which is well-established as Iranian state-linked, ran a DLL side-loading espionage campaign across nine countries and nine organizations in Q1 of this year. Financial services, manufacturing, education, public sector. Symantec and Carbon Black's Threat Hunter Team documented the whole thing. So you've got MOIS running destructive ops behind hacktivist cover on one hand, and MuddyWater running broad-scope espionage on the other. Two different operational tempos, two different objectives, same state sponsor.

Alex: This is Iran running a full-spectrum cyber program. The post-war tensions with the US are clearly fueling an acceleration. If you're in any of those targeted verticals, especially financial services or manufacturing, MuddyWater's tradecraft here, DLL side-loading, is well-understood but still effective because too many organizations don't have adequate controls around DLL loading paths and application whitelisting. This is detectable and defensible, but you have to be looking for it.

Jordan: Now let's pivot to something that directly affects authentication architecture, and it ties together two stories. The FBI issued an advisory about a Phishing-as-a-Service platform that's using device code phishing to bypass MFA in Microsoft 365 environments. No stolen credentials required. The attacker exploits the OAuth device code authorization flow, which is a legitimate feature of the protocol. And then separately, CrowdStrike's 2026 Financial Services Threat Landscape Report identifies Mutant Spider as the most active threat to financial services over the past twelve months, and their primary technique is calling employees, impersonating IT support, and convincing them to reset their own MFA and register attacker-controlled devices.

Alex: I want CISOs to sit with this for a moment. These are two completely different attack paths, both defeating MFA, and neither one involves stealing a password. In one case, the attacker exploits a protocol flow that most security teams haven't restricted. In the other, the attacker exploits your own help desk procedures. Your MFA reset process worked exactly as designed, and the attacker still won. This is the moment where MFA as a security boundary needs to be reclassified as MFA as one layer among several.

Jordan: Specifically, for the device code phishing, you need to look at your conditional access policies in Entra ID and evaluate whether you can restrict or block device code flow entirely for most users. Most organizations don't need it broadly enabled. For the vishing vector, this is a people and process problem. Your help desk identity verification procedures need to be hardened. Call-back verification, out-of-band confirmation, something beyond voice on a Teams call.

Alex: And if your board still thinks MFA is the answer, these two stories are your briefing material. MFA is necessary. It is not sufficient.

Jordan: Let's talk about the Charter breach. ShinyHunters confirmed they breached Charter Communications, a major US telecom, and they're running the standard extortion playbook, pay or we leak. ShinyHunters have been consistently targeting large enterprises and telecom providers for high-value data.

Alex: The downstream risk here is what concerns me most. Charter isn't just a consumer ISP. Enterprise traffic transits their infrastructure. Enterprise customer data may be held in their systems. If you're a Charter customer at the enterprise level, you should be engaging your account team right now to understand scope. What data was accessed? What's the exposure to your organization? Don't wait for the press release.

Jordan: And this is a good moment to remind everyone that your third-party risk program needs to include your telecom providers. They hold metadata, traffic data, sometimes authentication data. They are high-value targets for exactly this reason.

Alex: Now, the GitHub story. This one is operationally urgent for anyone running self-hosted git infrastructure. A poisoned VS Code extension, used by a GitHub employee, led to the compromise of approximately thirty-eight hundred repositories. GitHub's own CISO, Alexis Wales, confirmed they're rotating all keys on GitHub.com as a precaution, and they've told self-hosted admins to do the same.

Jordan: The supply chain angle here is critical. This wasn't a vulnerability in git. This was a malicious developer tool extension that gave an attacker access to the development environment. We keep talking about software supply chain security in terms of packages and dependencies. This is a reminder that the developer's IDE and its extensions are part of that supply chain too. If you don't have a policy governing what extensions your developers can install in VS Code, you have a gap.

Alex: Which actually segues nicely into the Socket funding round. Socket raised sixty million at a billion-dollar valuation, Series C led by Thrive Capital. They're expanding beyond npm and PyPI package scanning to cover AI coding tools, browser extensions, and developer tooling more broadly.

Jordan: The market is validating what we just talked about. The attack surface for dependency injection is expanding dramatically as AI-assisted coding tools become standard. Socket is positioning to cover that expanded surface. If you're evaluating supply chain security tooling, they're worth a look.

Alex: Now, the BadHost vulnerability. Jordan, you opened with this. Let's give it the actionable treatment it deserves.

Jordan: BadHost is a critical authentication bypass in Starlette, which is a Python ASGI framework. If you're not familiar with it by name, you might still be running it. It's a foundational dependency for FastAPI and a huge portion of the Python web and AI agent ecosystem. Three hundred and twenty-five million weekly downloads. The flaw allows attackers to bypass authentication entirely on infrastructure built with this package. If you're running AI agents, ML inference endpoints, or any Python-based API services, you need your teams to check dependency trees immediately and patch.

Alex: This is one of those vulnerabilities where the blast radius is defined not by one product but by the dependency graph. Your application team might not even know Starlette is in their stack because it came in as a transitive dependency. This is an all-hands inventory exercise.

Jordan: Moving to governance. The White House OMB issued a new memo that replaces the Biden-era M-21-31 logging requirements, the ones that came out of the SolarWinds response. The new framework is narrower, emphasizing risk-based prioritization, threat hunting, and forensic readiness rather than prescriptive comprehensive log retention.

Alex: I have mixed feelings about this. The original M-21-31 was expensive and burdensome for agencies to implement. That's true. And a risk-based approach is philosophically sound. But the timing is concerning. We're in an environment where AI-enabled intrusions are getting faster, dwell times are shrinking, and the analysts I talk to are worried that reducing logging comprehensiveness means reducing detection capability at exactly the wrong moment.

Jordan: And for CISOs in the private sector who do government work, the compliance implications are real. If your logging posture was built to satisfy M-21-31 as a contractual requirement, you need to understand what the new baseline looks like and whether your agency customers will expect the old standard or the new one. Don't assume anything. Get it in writing.

Alex: Last story. The Dutch government blocked a US company from acquiring a cloud provider that hosts the Netherlands' national digital ID service, citing risk to public interest. This is part of a broader European pattern of asserting technology sovereignty.

Jordan: This is the trend that keeps accelerating. European governments are drawing lines around critical digital infrastructure and saying, this cannot be controlled by US entities. For multinational CISOs, this directly affects your cloud strategy, your vendor selection, and your data residency architecture. If you're running European operations on US-controlled cloud infrastructure, you need to be planning for a world where that becomes increasingly constrained.

Alex: It's not just GDPR anymore. It's sovereign control over the infrastructure layer itself. Your procurement and legal teams need to be in the room for these decisions, not just your architects.

Jordan: So stepping back, Alex, the theme I see today is the erosion of assumptions. MFA is your security boundary? Not anymore. Hacktivists are unsophisticated? Not when they're state-sponsored. Your logging mandates are stable? They just changed. Your cloud vendor choices are yours to make? Not if a foreign government disagrees.

Alex: That's exactly right. And I'd add one more. Your dependency tree is known and controlled? The Starlette vulnerability and the GitHub extension compromise both say otherwise. The common thread is that the controls and assumptions we built our security programs on two or three years ago are being systematically challenged. Not theoretically. In production.

Jordan: What I'm watching this week is whether we see more attribution of hacktivist personas to state actors. The Gambit Security research on Ababil of Minab could be the start of a wave. There are a lot of groups operating under hacktivist cover right now that haven't been formally attributed yet.

Alex: And I'm watching the OMB logging change ripple through the contractor ecosystem. That's going to create confusion and potentially gaps in the short term. If you're a federal contractor CISO, get ahead of it now.

Jordan: That's our show for today. Show notes and links to every story we covered are at cleartext.fm.

Alex: Thanks for listening. We'll see you tomorrow.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-27.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 9 stories across 5 topic areas, including: Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks; Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning; Kremlin appoints cyber executive with alleged GRU ties to Security Council role.

Krebs on Security · May 25 · Relevance: █████████░ 9/10

Why it matters to CISOs: The dismantling of Stark Industries-linked infrastructure used by Russian intelligence agencies to stage cyberattacks and influence operations in the EU represents a significant takedown with direct implications for threat actor capability degradation. CISOs should assess whether their organizations were targeted via this infrastructure and expect temporary disruption to related threat actor operations.

📖 Read full article

The Hacker News · May 26 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Iranian state-sponsored group Nimbus Manticore is actively targeting US aviation and software sectors with novel AI-built backdoors following the February 2026 US-Israeli military campaign against Iran, signaling a retaliatory escalation that enterprises in critical infrastructure and defense-adjacent sectors must treat as an elevated threat.

📖 Read full article

The Record (Recorded Future) · May 25 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The elevation of a cyber executive with alleged GRU ties to Russia's Security Council under Shoigu signals potential strategic prioritization of offensive cyber operations at the highest levels of Russian government, which may portend increased state-sponsored activity targeting Western enterprise infrastructure.

📖 Read full article

Help Net Security · May 26 · Relevance: ████████░░ 8/10

Why it matters to CISOs: An AI model autonomously discovering over 10,000 high- and critical-severity zero-days across major vendors' software represents a watershed moment for vulnerability management — CISOs must anticipate dramatically accelerated patch cadences and reassess their exposure windows as AI-driven vulnerability discovery scales industry-wide.

📖 Read full article

Help Net Security · May 26 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Google GTIG's analysis of Chinese-language PhaaS ecosystems expanding into territory historically dominated by Russian criminal groups signals a meaningful shift in the threat landscape, with mature, well-resourced services almost exclusively targeting non-Chinese enterprises — making Western organizations the primary focus.

📖 Read full article

BleepingComputer · May 25 · Relevance: ████████░░ 8/10

Why it matters to CISOs: An FBI-flagged PhaaS platform actively bypassing MFA via OAuth device code abuse to hijack M365 accounts poses an immediate threat to any enterprise running Microsoft 365, requiring urgent review of device code authentication policies and conditional access configurations.

📖 Read full article

BleepingComputer · May 26 · Relevance: ██████░░░░ 6/10

Why it matters to CISOs: The ShinyHunters-claimed breach of a global retail chain with 86,000 locations underscores the continued targeting of consumer-facing enterprise brands for PII extraction and extortion, and serves as a benchmark for board-level breach disclosure and notification obligations involving SSNs.

📖 Read full article

The Hacker News · May 26 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: India's CERT-In setting a 12-hour patching expectation for internet-exposed critical vulnerabilities — driven explicitly by AI-compressed exploitation timelines — signals a global regulatory direction that will pressure multinational enterprises to fundamentally rethink patch velocity SLAs and automation capabilities.

📖 Read full article

Help Net Security · May 26 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A zero-day being actively exploited in Trend Micro Apex One — a widely deployed enterprise endpoint security platform — means attackers are weaponizing a trust boundary within the security stack itself, requiring immediate emergency patching for all organizations running this product.

📖 Read full article

Alex: Welcome to Cleartext. It's Tuesday, May 26th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves. Let's get into it.

Alex: We have a packed show today. The Dutch just pulled off a massive infrastructure takedown tied to Russian intelligence. Iran's retaliatory cyber campaign is hitting US aviation and software companies with AI-built backdoors. There's a new appointment in Moscow that should make every Western CISO pay attention. Anthropic's Claude Mythos has found over ten thousand zero-days, and we need to talk about what that means for your patch cycles. We've got two phishing-as-a-service stories that paint a converging picture. There's an actively exploited zero-day in Trend Micro Apex One, and India just told organizations to patch internet-facing critical vulns in twelve hours. So let's go.

Jordan: Let's start with the Netherlands. Dutch authorities arrested two co-owners of internet hosting companies and seized more than 800 servers. This infrastructure was linked to Stark Industries Solutions, an ISP the EU had already sanctioned as a staging ground for Russian intelligence cyber operations. These servers were used for cyberattacks, influence operations, and disinformation campaigns inside the EU. And for those who follow Brian Krebs, these are the same individuals he profiled back in 2025.

Alex: This is a significant operational disruption. Eight hundred servers is not a small footprint. For CISOs listening, there are two immediate actions. First, check your threat intel feeds and historical logs for any indicators tied to Stark Industries infrastructure. Your threat intel team should already be pulling those IOCs. Second, understand that this creates a temporary capability gap for the threat actors who relied on this infrastructure, but temporary is the key word. They will reconstitute. They always do.

Jordan: Right. And the reconstitution timeline matters. Russian-affiliated groups have shown they can stand up replacement infrastructure in weeks, not months. So you get a window, not a victory. But I want to connect this to the third story, because the Kremlin just appointed Andrei Kozlov to Russia's Security Council as an aide to Shoigu. Kozlov ran a cybersecurity center within Rostec, Russia's state defense conglomerate, and has alleged ties to the GRU.

Alex: This is a signal, not just a personnel move. When you place someone with deep offensive cyber expertise and intelligence community ties directly into the national security decision-making body, you are telegraphing strategic intent. For board conversations, this is the kind of indicator I'd use to justify sustained investment in threat detection and incident response capabilities against Russian state actors. The threat is not diminishing. It's being elevated within their own government hierarchy.

Jordan: And while the Dutch are dismantling Russian infrastructure on one front, Iran is escalating on another. Nimbus Manticore, also tracked as UNC1549, is running a fresh campaign targeting US aviation and software companies. The context here is critical. This is retaliatory. The joint US-Israeli military campaign against Iran in late February 2026 triggered this. They're using AI-built backdoors called MiniFast and MiniJunk V2, delivered through phishing lures and SEO poisoning.

Alex: Two things stand out to me. First, the targeting. Aviation and software sectors. These are not random. Aviation is critical infrastructure and defense-adjacent. Software companies are supply chain entry points. If you're in either of those sectors, you need to be on heightened alert right now. Second, the AI-built malware piece. This is not a gimmick. AI-generated tooling means faster iteration, more polymorphic variants, and potentially cleaner code that evades signature-based detection. Your EDR needs to be tuned for behavioral detection, not just pattern matching.

Jordan: The SEO poisoning vector is worth calling out specifically. This isn't just spearphishing. They're poisoning search results so that employees researching legitimate aviation or software topics land on weaponized pages. That's a different threat model than email-based phishing, and it requires web gateway controls and DNS-layer security to address.

Alex: Good point. It also means your security awareness training needs to extend beyond "don't click suspicious emails" to "be cautious about what you download from search results, even when you initiated the search."

Jordan: Let's pivot to what might be the most consequential story of the day, even though it's not about an attack. Anthropic announced that Claude Mythos, through Project Glasswing, has autonomously identified over ten thousand high- or critical-severity vulnerabilities in critical software systems. Partners include AWS, Apple, Broadcom, Cisco, CrowdStrike, and Google.

Alex: This is a watershed moment, and I don't use that phrase lightly. We are entering an era where AI can find vulnerabilities faster than humans can patch them. That's not a theoretical problem anymore. It's here. If you're a CISO running a vulnerability management program with a thirty-day patch SLA for critical vulns, you need to fundamentally rethink that number.

Jordan: And the dual-use concern is real. Mythos was designed to find zero-days and create working exploits. Anthropic is running this through a coordinated disclosure framework with major vendors, which is responsible. But the capability exists. If Anthropic can do this, state actors can build or are building something similar. The exploitation timeline for newly discovered vulnerabilities is about to compress dramatically.

Alex: Which brings us directly to the CERT-In story. India's Computer Emergency Response Team just issued guidelines calling for organizations to patch critical vulnerabilities in internet-exposed systems within twelve hours. Twelve hours. And they explicitly cited AI-assisted exploitation as the justification.

Jordan: Twelve hours is aggressive, and they qualified it with "where feasible," but the direction is clear. Regulators are starting to calibrate their expectations to the speed of AI-driven threats, not human-speed threats. If you're a multinational with operations in India, this applies to you now. If you're not, it applies to you soon. Other regulators will follow.

Alex: This is a conversation every CISO needs to have with their board. Achieving twelve-hour patch cycles for internet-facing systems requires significant investment in automation, asset inventory accuracy, and change management streamlining. You cannot meet this with manual processes. Full stop. If your organization can't identify all internet-facing assets within an hour, you can't patch them within twelve.

Jordan: Now let's talk about the two phishing stories that paint a converging picture. First, the FBI issued an official warning about Kali365, a phishing-as-a-service platform that's actively targeting Microsoft 365 accounts. The technique is clever. It abuses the OAuth device code authentication flow to steal session tokens, completely bypassing MFA. They don't need your second factor. They get a persistent session token through the device code grant.

Alex: If you run Microsoft 365, and most of you do, this requires immediate attention. Review your conditional access policies. Specifically, look at whether you've restricted or disabled the device code authentication flow. Most organizations don't need it for general users. Disable it where you can. Where you can't, add additional conditional access controls like requiring compliant devices or restricting by IP range.

Jordan: The second phishing story is from Google's Threat Intelligence Group. They analyzed a dozen active Chinese-language phishing-as-a-service operations and found mature, sophisticated services that almost exclusively target non-Chinese enterprises. These are well-resourced, they offer no-code builder tooling, and they operate primarily through Telegram.

Alex: So we now have Russian-speaking PhaaS, Chinese-language PhaaS, and platforms like Kali365 all operating at scale. The phishing-as-a-service market is diversifying and maturing. For CISOs, this means the volume, quality, and variety of phishing attacks hitting your organization is going to continue increasing. Investment in email security, browser isolation, and identity protection isn't optional.

Jordan: Let's hit the vulnerability story quickly. CVE-2026-34926 is a path traversal vulnerability in Trend Micro Apex One that's being actively exploited in zero-day attacks. CISA has issued a warning. Trend Micro's own TrendAI incident response team reported it.

Alex: This one is particularly uncomfortable because Apex One is endpoint security software. When threat actors compromise your security tools, they're operating inside the trust boundary of your defensive stack. If you run Apex One, this is an emergency patch. Not tomorrow. Today.

Jordan: And the 7-Eleven breach rounds out our breach coverage. ShinyHunters claimed responsibility for an April 2026 breach exposing data on over 185,000 individuals, including SSNs, dates of birth, and addresses. It's a straightforward extortion play against a massive retail footprint of 86,000 stores across 19 countries.

Alex: From a governance perspective, the SSN exposure triggers notification obligations in virtually every US state. If you're in retail or consumer-facing industries, this is a reminder that your data minimization practices directly impact your breach liability. If you don't need to store SSNs, don't store SSNs.

Jordan: Let's look at the bigger picture for the week ahead. The theme I see emerging is compression. Time is compressing across every dimension of security. Exploitation timelines are compressing because of AI. Patch expectations are compressing because regulators see the same thing. The gap between vulnerability discovery and weaponization is compressing. And the phishing-as-a-service ecosystem is compressing the skill barrier for attackers.

Alex: I agree. And the strategic implication is that CISOs who are still running their programs at 2024 speeds are falling behind. The Anthropic story alone should be a wake-up call. When an AI can autonomously find ten thousand critical vulnerabilities, the old model of quarterly patching and annual pen tests is obsolete. The organizations that invest in automation, real-time asset visibility, and AI-augmented defense now will be the ones that survive this acceleration. The ones that don't will be in breach notification headlines.

Jordan: Watch for vendor patch advisories to spike in the coming weeks as Glasswing disclosures start hitting. And keep your eyes on Iranian activity. The retaliatory campaign is likely in its early stages, not its final form.

Alex: That's our show for today. Show notes and links to every story we covered are at cleartext.fm. We'll be back tomorrow. Stay sharp.

Jordan: See you then.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-26.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 9 stories across 6 topic areas, including: Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks; Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms; Lessons for organizations from the Verizon 2026 Data Breach Investigations Report.

Krebs on Security · May 25 · Relevance: █████████░ 9/10

Why it matters to CISOs: The dismantling of Stark Industries-linked bulletproof hosting infrastructure used by Russian intelligence agencies directly reduces adversary capacity for EU-targeted cyberattacks and influence operations—a significant law enforcement milestone with implications for threat modeling against Russian-nexus actors.

📖 Read full article

The Hacker News · May 25 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Lazarus Group's deployment of a memory-only RAT targeting financial institutions signals continued North Korean state-sponsored focus on financial sector intrusions, with fileless execution techniques designed to evade endpoint detection tools common in enterprise environments.

📖 Read full article

Help Net Security · May 25 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The annual DBIR remains the most empirically grounded benchmark for breach causation trends, giving CISOs data-backed ammunition to justify security investment priorities and program strategy to boards and executives.

📖 Read full article

Wired Security · May 25 · Relevance: ██████░░░░ 6/10

Why it matters to CISOs: AI-accelerated exploit development is compressing the window between vulnerability discovery and weaponization, forcing CISOs to rethink patch velocity assumptions and invest in predictive exposure management rather than reactive patching cycles.

📖 Read full article

BleepingComputer · May 25 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A PhaaS platform capable of bypassing MFA by abusing OAuth device code authentication is a direct threat to enterprise M365 environments—CISOs should assess conditional access policies and device code flow restrictions immediately given the FBI's active warning.

📖 Read full article

Help Net Security · May 25 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: With 65% of senior decision-makers using unapproved AI tools despite knowing the risks, CISOs face a top-down shadow AI problem that cannot be solved through employee-level policy enforcement alone—this reframes the governance challenge as an executive risk conversation.

📖 Read full article

BankInfoSecurity · May 25 · Relevance: ██████░░░░ 6/10

Why it matters to CISOs: Conflicting signals from White House executive orders—tightening KYC requirements while easing fintech oversight—create compliance uncertainty for financial sector CISOs who must navigate overlapping and potentially contradictory regulatory obligations.

📖 Read full article

BankInfoSecurity · May 25 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Zscaler's acquisition of Symmetry Systems signals a strategic market move to unify AI model visibility, agentic identity governance, and zero trust controls—CISOs evaluating their AI security architecture and vendor consolidation strategies should track how this reshapes the DSPM and AI governance landscape.

📖 Read full article

The Hacker News · May 25 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A coordinated cross-ecosystem supply chain attack spanning npm, PyPI, and Crates.io with 34 malicious packages across 384 versions poses immediate risk to enterprise development pipelines—security teams should audit developer environments and dependency inventories now.

📖 Read full article

Alex: Welcome to Cleartext. It's Monday, May 25th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves. Let's get into it.

Alex: We've got a packed show today. Dutch authorities just made the biggest takedown of Russian-linked cyber infrastructure we've seen in years. Lazarus Group has a new toy that your EDR probably can't see. The FBI is actively warning about a phishing service that's eating Microsoft 365 environments for lunch. We'll talk about the new Verizon DBIR, the AI bug hunting arms race, a supply chain attack hitting three package ecosystems simultaneously, and why your C-suite might be your biggest shadow AI problem. Plus a quick look at Zscaler's latest acquisition play. Jordan, let's start with the Netherlands.

Jordan: Yeah, this is a big one. Dutch authorities arrested two individuals who co-owned hosting companies that had taken over the infrastructure of Stark Industries Solutions, a provider the EU had already sanctioned for being a staging ground for Russian intelligence cyber operations. Eight hundred servers seized. This wasn't some symbolic law enforcement action. This was dismantling active operational infrastructure used for cyberattacks, influence operations, and disinformation campaigns targeting the EU.

Alex: And what makes this particularly interesting from a strategic perspective is that Krebs actually profiled these hosting companies back in 2025. So the intelligence community and the journalism community had visibility into this for over a year before enforcement caught up. That gap between identification and action is something CISOs should think about when they're assessing how long adversary infrastructure persists.

Jordan: Exactly. And the practical implication here is that if you're running threat models against Russian-nexus actors, particularly if you're operating in Europe or you have significant EU exposure, this takedown genuinely degrades adversary capacity. Not permanently, they'll rebuild. But eight hundred servers is not trivial to replace, especially the relationships and the routing and the reputation those IPs had built up over time. It creates a window of reduced capability.

Alex: For CISOs with European operations, this is the kind of event you want to brief your board on. Not because it changes your security posture overnight, but because it demonstrates that the enforcement landscape in Europe is getting more aggressive. And that has implications for how you think about geopolitical risk in your threat model. It's also worth noting that the EU sanctions regime is now showing teeth. Sanctions aren't just diplomatic signals anymore. They're becoming predicate offenses that lead to arrests and infrastructure seizures.

Jordan: Which brings a nice segue to the second state-sponsored story. Lazarus Group, North Korea's premier cyber unit, is deploying a new cross-platform memory-only RAT called RemotePE against financial institutions and crypto firms. Fox-IT, which is NCC Group's subsidiary, published the research. The attack chain uses two loaders, DPAPILoader and RemotePELoader. The clever bit is DPAPILoader uses Windows' own Data Protection API to decrypt its payloads, which means the decryption keys are tied to the machine and user context. If you're doing offline forensics or trying to detonate this in a sandbox that doesn't have the right DPAPI context, you're not going to see the payload.

Alex: And the memory-only execution means there's nothing on disk for traditional endpoint tools to scan. This is precisely the kind of technique that exposes gaps between organizations that have invested in behavioral detection and memory scanning versus those still relying primarily on file-based detection. If you're a CISO in financial services or anywhere near cryptocurrency operations, this should trigger an immediate conversation with your detection engineering team about coverage for fileless execution chains, particularly ones abusing legitimate Windows APIs.

Jordan: The cross-platform nature is also worth flagging. RemotePE isn't just a Windows problem. If you've got mixed environments, and most financial institutions do, you need to think about this holistically. Lazarus doesn't care about your org chart. They care about where the money is.

Alex: Let's shift to something that should be an action item for literally every CISO listening. The FBI issued an active warning about Kali365, a phishing-as-a-service platform targeting Microsoft 365 accounts. Jordan, walk us through the mechanism.

Jordan: So Kali365 abuses OAuth device code authentication flows. This is the flow where you see a code on one device and enter it on another to authenticate. The attack tricks users into entering an attacker-controlled device code, which then gives the attacker a session token. Here's the critical part: this bypasses MFA entirely. You've authenticated, you've completed your second factor, and the attacker gets the resulting session token. Your MFA did exactly what it was supposed to do, and it didn't matter.

Alex: This is a board-level conversation because most boards have been told that MFA is the cornerstone of their identity security strategy. And it is. But this is a concrete example of a commodity service, not a nation-state tool, a service anyone can buy, that renders MFA insufficient on its own. The action items are clear. Review your conditional access policies in Entra ID. Specifically, look at whether you've restricted device code flows. Most organizations have no reason to allow device code authentication broadly. Restrict it to the specific scenarios where it's actually needed, managed conference room devices, that sort of thing.

Jordan: And if you haven't deployed token binding or continuous access evaluation in your M365 environment, this is your wake-up call. The FBI doesn't issue warnings about phishing kits that aren't working. This thing is effective at scale.

Alex: Alright, let's talk about the Verizon 2026 DBIR. It's out. If you haven't read it yet, clear some time this week. Jordan, what's your read?

Jordan: The DBIR remains the single most useful empirical dataset we have for understanding how breaches actually happen versus how we think they happen. And every year, it humbles us. I won't spoil the full report because CISOs should actually read it, but the value here is in using the data to pressure-test your own assumptions. If you're spending sixty percent of your budget on a threat category that accounts for ten percent of actual breaches, the DBIR is the document that helps you have that conversation with your CFO.

Alex: And I'd add, for those of you preparing board presentations this quarter, the DBIR is the most credible external source you can cite. Boards respond to empirical data, especially when it comes from a source they recognize. Use it to validate your program priorities or, frankly, to justify pivoting spend where the data says the actual risk is.

Jordan: Now let's talk about something that should change how you think about patch management timelines. Wired published a piece on the AI bug hunting arms race, and the headline number is striking. Anthropic's Mythos model has reportedly found thousands of critical bugs. This isn't theoretical anymore. AI-powered vulnerability discovery is operating at production scale.

Alex: The implication for CISOs is that the window between vulnerability discovery and weaponization is compressing. If AI can find bugs faster, it can also be used to develop exploits faster. Your patch velocity assumptions from even two years ago may be dangerously stale. If you were comfortable with a thirty-day patch cycle for critical vulnerabilities, you need to revisit that.

Jordan: The defenders are using these tools too. That's the arms race part. But the asymmetry still favors attackers because they only need one exploit, and defenders need to patch everything. The strategic response isn't just faster patching. It's predictive exposure management. Understanding which of your assets are most likely to be targeted based on what AI-assisted discovery is finding in the wild.

Alex: Staying on the offensive threat side, TrapDoor. This is a coordinated supply chain attack that's been active since May 22nd, so just three days. Thirty-four malicious packages across three hundred eighty-four versions spanning npm, PyPI, and Crates.io simultaneously. This is credential-stealing malware targeting developer environments.

Jordan: The multi-ecosystem coordination is what elevates this. We've seen malicious packages in npm. We've seen them in PyPI. Hitting three ecosystems simultaneously with a coordinated campaign suggests a well-resourced actor with a broad targeting mandate. This isn't opportunistic. This is planned.

Alex: If you have development teams, and you do, your Monday morning action item is an audit of recently added dependencies across all three ecosystems. Talk to your engineering leads. Make sure your software composition analysis tooling is flagging these specific packages. And if you don't have a policy requiring review of new dependencies before they enter your build pipeline, this is the incident that justifies creating one.

Jordan: Now for the story that made me laugh and then immediately made me concerned. TrustedTech published research showing sixty-five percent of senior decision-makers are using unapproved AI tools. Compared to thirty-one percent of regular employees. The C-suite is your biggest shadow AI problem.

Alex: This completely inverts the governance model most CISOs have built. We've been writing acceptable use policies aimed at employees. We've been doing awareness training for rank and file. And it turns out the executives, who approved those policies, are the ones most aggressively violating them. This is not a policy enforcement problem. This is a culture and incentive problem at the top of the organization.

Jordan: And you can't exactly put your CEO through a mandatory training module and expect behavior change. The approach has to be different. You need to make the approved tools as frictionless as the shadow ones, and you need to frame the risk in terms executives care about. Not abstract data leakage. Concrete scenarios. Your board presentation draft just went into a model trained on the internet. Your M&A target list is now in a third-party's training data.

Alex: This is honestly one of the most important governance conversations CISOs will have this year. You need executive sponsors who understand the risk, and you need to be willing to have uncomfortable conversations with your peers in the C-suite.

Jordan: Quick hit on the Zscaler-Symmetry acquisition. Zscaler is buying Symmetry Systems to add AI model visibility, agentic identity governance, and zero trust controls specifically for AI workloads.

Alex: This is a clear signal that the DSPM market is converging with AI governance. If you're evaluating vendors in either space, watch this integration closely. The ability to track AI data lineage and govern agentic identities, meaning AI systems that act autonomously with their own credentials, is going to become a table-stakes requirement in the next twelve to eighteen months.

Jordan: And finally, a brief note on the conflicting executive orders around financial services regulation. One tightens KYC, the other eases fintech oversight. If you're a CISO in financial services, work closely with your compliance team to understand which interpretation your regulators are going to land on. Don't wait for clarity. Start mapping both scenarios now.

Alex: Alright, Jordan, let's look at the week ahead. What's the thread connecting today's stories?

Jordan: The theme I keep coming back to is the acceleration of adversary capability and the compression of response timelines. Whether it's AI finding bugs faster, phishing-as-a-service commoditizing MFA bypass, or supply chain attacks coordinating across three ecosystems in seventy-two hours, the speed of the threat landscape is outpacing the organizational processes most of us have in place. The Dutch takedown is encouraging, but it's one action against an entire ecosystem of adversary infrastructure.

Alex: Agreed. And the shadow AI story connects to that because it shows that the acceleration isn't just external. Our own organizations are moving faster than our governance frameworks can keep up with, and the pressure is coming from the top. This week, I'd watch for DBIR-driven conversations to start shaping budget discussions as we head into planning season. I'd also keep a close eye on TrapDoor. Three days old and already spanning three ecosystems. That campaign is going to expand.

Jordan: And patch your conditional access policies for device code flows. Today. Not after your next change window. Today.

Alex: That's our show for Monday, May 25th. Show notes and links to every story we covered are at cleartext.fm. I'm Alex Chen.

Jordan: I'm Jordan Reeves. Stay sharp. We'll see you tomorrow.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-25.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 16 stories across 5 topic areas, including: Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks; Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages; First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups.

The Hacker News · May 20 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Fox Tempest weaponized Microsoft's own Artifact Signing system to deliver trusted-looking malware across thousands of enterprise networks—a reminder that code-signing trust hierarchies are now a target, not a control, and that vendor takedowns are a necessary but insufficient defense.

📖 Read full article

Cybersecurity Dive · May 22 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Iranian APTs are escalating targeted espionage against US, Israeli, and UAE critical sectors amid ongoing conflict—enterprises in defense, energy, and financial services should immediately harden against impersonation-based spear-phishing and review vendor access from affected geographies.

📖 Read full article

The Hacker News · May 22 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Operation Saffron's dismantling of First VPN—used in nearly every major recent cybercrime investigation—removes a key anonymization layer from 25+ ransomware groups and may temporarily disrupt attack infrastructure targeting enterprise networks.

📖 Read full article

Krebs on Security · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The arrest of the alleged Kimwolf operator—who infected over one million IoT devices for DDoS-for-hire—demonstrates increasingly effective cross-border law enforcement coordination; enterprises with IoT exposure should audit device security given the botnet's massive scale.

📖 Read full article

Dark Reading · May 19 · Relevance: █████████░ 9/10

Why it matters to CISOs: The 2026 DBIR's finding that vulnerability exploitation now accounts for 31% of initial access—overtaking credential theft for the first time—demands a fundamental rebalancing of enterprise security investment from identity-centric controls toward rapid patch cadence and exposure management.

📖 Read full article

VentureBeat Security · May 20 · Relevance: ██████████ 10/10

Why it matters to CISOs: The GitHub breach—traced to a single compromised developer's VS Code extension—exposed 3,800 internal repos and is part of a broader wave of CI/CD and open-source supply chain attacks (TeamPCP/Mini Shai-Hulud) that are actively compromising enterprise development pipelines. Every org using GitHub Actions, npm, or third-party IDE extensions faces direct exposure.

📖 Read full article

Krebs on Security · May 18 · Relevance: ██████████ 10/10

Why it matters to CISOs: A CISA contractor intentionally published AWS GovCloud credentials and internal system secrets to a public GitHub repo—the agency responsible for defending civilian federal infrastructure suffered one of the worst self-inflicted government data leaks on record, triggering bipartisan Congressional demands for answers and raising serious questions about contractor oversight.

📖 Read full article

CyberScoop · May 22 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Kali365's device-code OAuth abuse bypasses MFA entirely by capturing legitimate access tokens—not credentials—meaning organizations with mature MFA deployments remain exposed; CISOs should audit conditional access policies to block unrecognized device authorization flows.

📖 Read full article

TechCrunch Security · May 18 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The theft of biometric fingerprint data alongside medical records from 1.8 million patients is irreversible—unlike passwords, fingerprints cannot be rotated—making this one of the most consequential healthcare breaches of 2026 and a stark reminder that biometric data requires categorical protection beyond standard PII controls.

📖 Read full article

CyberScoop · May 21 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Bipartisan Congressional pushback on CISA budget reductions signals a potential policy inflection point; CISOs who rely on CISA advisories, KEV updates, and sector coordination should plan for continued capability degradation and diversify their threat-intel dependencies.

📖 Read full article

CyberScoop · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The postponement of a federal AI security EO—which would have required NSA, Treasury, and other agencies to test AI models for cybersecurity and national security risks within 90 days—delays the regulatory floor for AI governance, leaving enterprise CISOs without a federal compliance anchor to cite in board conversations about AI risk.

📖 Read full article

Cybersecurity Dive · May 19 · Relevance: ██████░░░░ 6/10

Why it matters to CISOs: Major telecom providers launching a private ISAC to sidestep federal government involvement reflects growing distrust of government-adjacent threat-sharing structures—CISOs in telecom and adjacent critical infrastructure should evaluate whether sector-specific private ISACs offer more candid intelligence sharing than existing government-affiliated bodies.

📖 Read full article

VentureBeat Security · May 22 · Relevance: █████████░ 9/10

Why it matters to CISOs: Attackers demonstrated that Sigstore provenance verification—widely treated as the definitive trust signal for npm packages—provides zero protection when maintainer credentials are compromised, forcing CISOs to rethink dependency trust models beyond cryptographic signing.

📖 Read full article

The Hacker News · May 23 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Anthropic's Project Glasswing finding 10,000 high/critical vulnerabilities in systemically important software in under 60 days signals that AI-accelerated vulnerability discovery is outpacing enterprise patch capacity—CISOs must immediately assess whether their exposure management programs can handle a step-change increase in disclosed critical flaws.

📖 Read full article

The Hacker News · May 21 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Actively exploited zero-days in Microsoft Defender—the endpoint security tool trusted to prevent exactly this class of attack—underscore that security tooling itself is now a high-value attack surface; CISOs should prioritize emergency patching of Defender and audit privileged escalation paths on Windows endpoints.

📖 Read full article

The Hacker News · May 22 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: A CVSS 10.0 unauthenticated remote flaw in Cisco Secure Workload—a tool specifically designed for zero-trust microsegmentation—is a direct attack on the security control layer itself; organizations running Secure Workload should treat this as a P0 emergency patch given the product's privileged position in network architecture.

📖 Read full article

Jordan: The week trust died. That's what this was. When a VS Code extension with two million installs gets poisoned and opens the door to 3,800 internal GitHub repos, when cryptographic signing on npm turns out to be camouflage for attackers, when CISA itself leaks its own GovCloud keys to a public repo — this was the week we learned that every trust signal we've built our security architectures around is now an attack surface. That's where we're starting.

Alex: Welcome to Cleartext. I'm Alex Chen, alongside Jordan Reeves. This is your Saturday Week in Review for the week ending May 23rd, 2026. If you couldn't keep up this week, here's what mattered and what it means. We've got four major themes to walk through. First, the collapse of supply chain trust — from code signing to npm provenance to IDE extensions, the foundational assumptions behind software integrity took a beating this week. Second, the vulnerability tsunami — the DBIR numbers, AI-driven discovery, and actively exploited zero-days in the very tools we rely on for defense. Third, a surprisingly productive week for law enforcement disruption operations, and what that means for your threat landscape. And fourth, the governance vacuum — CISA's credibility crisis, stalled AI regulation, and what happens when the institutions meant to backstop enterprise security can't backstop themselves.

Jordan: Let's start with supply chain trust because this is the story that should keep every CISO up this weekend. The GitHub breach is as bad as it sounds. A single developer installed the Nx Console VS Code extension, version 18.95.0. Two point two million installs on that extension. It was poisoned. Through that one compromised developer machine, attackers — tracked as TeamPCP or UNC6780 — exfiltrated approximately 3,800 internal GitHub repositories. They're now advertising those repos for sale starting at fifty thousand dollars. GitHub's own statement said the claim is "directionally consistent" with their investigation. That's GitHub-speak for "yeah, they got us."

Alex: And what makes this genuinely systemic rather than just another breach is what happened the very next day on npm. Six hundred and thirty-three malicious package versions passed Sigstore provenance verification. Full cryptographic attestation. Valid SLSA Build Level 3 certificates. The system worked exactly as designed — and that's the problem. Sigstore verifies that a certificate was valid and that the build happened in a CI environment. It cannot tell you whether the human behind the credential authorized the publish. So when the attacker had the compromised maintainer account, the transparency log became cover.

Jordan: I want CISOs to sit with that for a second. The industry spent years building Sigstore, SLSA, provenance attestation — all of it premised on the idea that if you can verify the build chain, you can trust the artifact. What this week proved is that cryptographic signing is a necessary but wildly insufficient control when the identity layer underneath it is compromised. The signing doesn't lie, but it doesn't know the difference between the real maintainer and someone who stole their credentials.

Alex: And then layer on the Microsoft story. Fox Tempest was running malware-signing-as-a-service — MSaaS — abusing Microsoft's own Artifact Signing system to make malicious code look trusted. Microsoft's Digital Crimes Unit took it down, and good for them, but think about what that means. Attackers aren't trying to evade your code-signing checks. They're getting valid signatures. They're operating inside the trust hierarchy. Every detection that says "this binary is signed, therefore it's safe" is now a liability.

Jordan: The through-line here is unmistakable. Whether it's IDE extensions, npm packages, or signed Windows binaries, the attackers have figured out that the fastest path to your environment is through the things you've explicitly told your stack to trust. Your allowlists are now their target list. And I don't think most organizations have an answer for that yet.

Alex: Practically, here's what I'd be doing this weekend. Audit every VS Code extension, every GitHub Action, every third-party plugin in your CI/CD pipeline. If you don't have a software bill of materials for your development toolchain — not just your production code, your toolchain — you're flying blind. And start treating developer workstations as tier-one critical assets, not afterthoughts.

Jordan: Let's pivot to the vulnerability picture because the DBIR dropped this week and the headline number is a milestone. Vulnerability exploitation is now the number one initial access vector at thirty-one percent of breaches. First time it's overtaken stolen credentials in the history of the report.

Alex: That is a structural shift, not a blip. For years we've told boards that identity is the perimeter. And identity still matters enormously — the Kali365 phishing kit the FBI warned about this week is capturing OAuth tokens, not passwords, bypassing MFA entirely through the device authorization flow. Three hundred and forty organizations compromised by a parallel platform in five weeks. So identity attacks aren't going away. But the DBIR is telling us that the industry's underinvestment in patch velocity and exposure management is now the primary thing adversaries are exploiting.

Jordan: And then Anthropic drops Project Glasswing. Ten thousand high or critical severity vulnerabilities found in systemically important software in under sixty days using Claude Mythos. Ten thousand. Separately, researchers demonstrated a twenty-dollar-per-zero-day AI pipeline for WordPress plugins. The economics of vulnerability discovery just fundamentally changed. We are about to be buried in disclosed critical flaws at a rate that exceeds any organization's capacity to patch.

Alex: Meanwhile, the tools we use to defend against exploitation are themselves under attack. Microsoft disclosed two actively exploited zero-days in Defender — including a privilege escalation to SYSTEM. And Cisco patched a CVSS ten-point-zero in Secure Workload, their zero-trust microsegmentation product. Unauthenticated remote access to Site Admin privileges. No credentials required. Your security control plane is the attack surface.

Jordan: If you're a CISO and your board asks you one question next week, it should be this: can we patch faster than adversaries can weaponize? And for most organizations, the honest answer is no. The DBIR documented a growing gap between disclosure and remediation. AI is about to blow that gap wide open.

Alex: Let's talk about the law enforcement wins because this was actually a remarkable week for disruption operations. Operation Saffron took down First VPN, a bulletproof VPN service that Europol said appeared in almost every major recent cybercrime investigation. Twenty-five-plus ransomware groups used it. Eight hundred servers seized. And critically, law enforcement intercepted VPN traffic and notified users they'd been identified. That's not just disruption, that's deterrence.

Jordan: And the Kimwolf arrest. The alleged botmaster behind a million-plus device IoT botnet, arrested in Ottawa, facing charges in both the US and Canada. This is the person who attacked Brian Krebs with DDoS, doxing, and swatting — which, pro tip, don't attack the journalist who will then investigate you for months and publicly name you before law enforcement catches up.

Alex: These actions matter but let's be clear-eyed. They're necessary and insufficient. Taking down one VPN service creates temporary friction. The operators will migrate. The Kimwolf botnet infrastructure will be replicated. What these operations do buy us is time and intelligence. The First VPN traffic intercepts likely generated enormous leads. And the public identification of users sends a signal that anonymity infrastructure has a shelf life.

Jordan: Which brings us to the governance segment, and this is where the week gets genuinely uncomfortable. The CISA story is devastating. A contractor maintained a public GitHub repo that exposed credentials to highly privileged AWS GovCloud accounts and internal CISA systems. The agency responsible for defending civilian federal infrastructure suffered one of the worst self-inflicted leaks on record. They were still struggling to invalidate credentials days after discovery.

Alex: And the political context makes it worse. Bipartisan lawmakers — Bacon and Walkinshaw — came out and said CISA has been diminished at exactly the moment threats from China and others are growing. The budget cuts are real. The capability degradation is real. And now the credibility damage from this leak compounds everything.

Jordan: For CISOs who rely on CISA — KEV catalog, advisories, sector coordination — you need to start diversifying your threat intelligence dependencies. I'm not saying CISA is going away, but its capacity to serve as the authoritative voice for civilian cybersecurity is materially degraded. The telecom sector apparently reached the same conclusion. Major providers launched a private ISAC explicitly designed to operate without federal government involvement, citing concerns that federal participation was chilling candid discussions. Post-Salt Typhoon, the telecoms decided they'd rather share intelligence among themselves than through government-adjacent channels.

Alex: And then the AI governance vacuum. The administration postponed the executive order that would have required NSA, Treasury, and other agencies to test AI models for cybersecurity risks within ninety days. That delay matters because CISOs have been waiting for a federal compliance anchor to cite in board conversations about AI risk. Without it, you're arguing from first principles every time. New York DFS moved independently with AI-related cyber guidance, but state-by-state regulation is not a strategy.

Jordan: The Iranian threat picture also deserves a mention. Palo Alto Networks published research on sophisticated spear-phishing targeting US, Israeli, and UAE critical sectors. And Iranian actors expanded into OT — fuel tank ATG systems. If you're in defense, energy, or financial services, the targeting is active and the tradecraft is improving.

Alex: So stepping back. What defined this week?

Jordan: This was the week the security industry's trust architecture was exposed as a house of cards. Code signing, provenance verification, trusted extensions, government agencies, security tools themselves — every layer we've built to establish trust became an attack vector. Adversaries aren't trying to break through our defenses anymore. They're wearing our defenses as a disguise.

Alex: And from a board perspective, the conversation has to change. It's not enough to say "we have MFA, we verify signatures, we follow CISA guidance." Every one of those statements was invalidated by a real-world attack this week. The question for CISOs going into next week is: where is your trust model brittle? Where have you substituted a technical control for actual verification? Because attackers are now specifically targeting the delta between what we think a control proves and what it actually proves.

Jordan: Patch Defender. Patch Cisco Secure Workload. Audit your VS Code extensions and your CI/CD dependencies. Review your conditional access policies for device authorization flow abuse. And have an honest conversation about whether your patch velocity can survive the AI-driven vulnerability disclosure wave that is now clearly here.

Alex: That's the week. The daily show returns Monday. Show notes and links to every story we covered can be found at cleartext.fm. I'm Alex Chen.

Jordan: I'm Jordan Reeves. Have a good weekend. Patch something.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-23.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 10 stories across 4 topic areas, including: China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments; Belarus-linked hackers use fake training certificates to target Ukrainian officials; European authorities take down prolific cybercrime VPN service.

Dark Reading · May 22 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Chinese APT Webworm is abusing trusted enterprise platforms—Discord and Microsoft Graph API—as C2 channels to compromise EU government networks, signaling that detection strategies relying on domain reputation are increasingly insufficient.

📖 Read full article

The Record (Recorded Future) · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: GhostWriter's ongoing spear-phishing campaigns against Ukrainian government officials are a case study in credential-harvesting via trusted brand impersonation—tactics directly applicable to enterprise defense and security awareness programs.

📖 Read full article

CyberScoop · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Europol's dismantling of First VPN—a service appearing in nearly every major recent cybercrime investigation and used by over two dozen ransomware gangs—is a meaningful disruption to ransomware infrastructure that enterprise security teams should track for follow-on threat actor behavior changes.

📖 Read full article

Ars Technica Security · May 22 · Relevance: █████████░ 9/10

Why it matters to CISOs: TeamPCP's software supply chain poisoning campaign—spanning GitHub and npm at scale—represents a systemic threat to enterprise CI/CD pipelines and open-source dependencies that security leaders must assess for exposure across their development toolchains.

📖 Read full article

Infosecurity Magazine · May 21 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A threat actor compromised a developer's identity and published a trojanized VS Code extension through legitimate marketplace channels, demonstrating that IDE plugin ecosystems are now a credible enterprise attack surface requiring governance.

📖 Read full article

Help Net Security · May 22 · Relevance: ████████░░ 8/10

Why it matters to CISOs: An FBI-warned Phishing-as-a-Service platform called Kali365 is capturing Microsoft 365 OAuth tokens at scale, bypassing MFA without credential theft—directly threatening the M365 environments that form the productivity backbone of most enterprise organizations.

📖 Read full article

The Record (Recorded Future) · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: A large-scale breach of a healthcare billing services provider affecting multiple German hospitals reinforces the systemic third-party vendor risk in healthcare supply chains—a concern directly relevant to CISOs managing vendor risk in regulated industries.

📖 Read full article

CyberScoop · May 21 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Bipartisan congressional pushback on CISA budget cuts signals institutional recognition that federal cyber defense capacity has been dangerously reduced, with direct implications for public-private threat intelligence sharing and incident response support that enterprises rely on.

📖 Read full article

CyberScoop · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The delay of a White House AI security executive order—which would have tasked NSA, Treasury, and other agencies with 90-day model security evaluations—creates regulatory uncertainty for enterprises building AI governance frameworks tied to anticipated federal guidance.

📖 Read full article

The Hacker News · May 22 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A maximum-severity unauthenticated REST API vulnerability in Cisco Secure Workload—an enterprise microsegmentation platform deployed in data center environments—requires immediate patching assessment given the sensitivity of workload telemetry and policy data it handles.

📖 Read full article

Alex: Welcome to Cleartext. It's Friday, May 22nd, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves. Let's get into it.

Alex: We have a packed show today. Supply chain poisoning at a scale we haven't seen before, Chinese APTs hiding in your Microsoft stack, an FBI warning about a new phishing platform eating M365 tokens for breakfast, a perfect ten Cisco vulnerability, and some important developments on the policy front with CISA funding and the delayed AI executive order. Let's start where Jordan wants to start.

Jordan: Yeah, let's start with the supply chain story because this one should be setting off alarms. A threat group called TeamPCP ran what researchers are calling the Megalodon campaign. In a six-hour window, they pushed 5,718 malicious commits across 5,561 GitHub repositories. Throwaway accounts, forged author identities, injected GitHub Actions workflows with base64-encoded payloads designed to exfiltrate CI/CD secrets. This isn't a theoretical risk anymore. This is industrial-scale poisoning of the open source ecosystem.

Alex: And this isn't happening in isolation. The related story is the Nx Console VS Code extension compromise. A threat actor posed as a legitimate Nx maintainer, published a trojanized extension through the official Visual Studio Marketplace. Grafana Labs confirmed their GitHub environment was breached through the connected TanStack npm supply chain attack. To their credit, Grafana refused extortion demands and hardened their posture, but the attack chain here is what matters. You go from a compromised developer identity to a malicious IDE plugin to enterprise source code repositories. That's three hops from a single identity compromise to crown jewels.

Jordan: What I want CISOs to internalize is that your IDE plugin ecosystem is now an attack surface that requires governance. How many of your developers are installing VS Code extensions without any review process? How many of those extensions have publish permissions that nobody's auditing? This isn't a developer productivity conversation anymore. It's an enterprise security conversation.

Alex: And on the CI/CD side, if you're not monitoring for anomalous commits, if you're not validating the provenance of your GitHub Actions workflows, if you're not treating your build pipeline with the same rigor as your production environment, you are exposed to exactly this kind of campaign. The scale of Megalodon should be a forcing function for reassessing your software supply chain controls this quarter.

Jordan: Shifting to the geopolitical landscape. China's Webworm APT is running campaigns against European government networks, and the tradecraft is notable. They're using Discord and Microsoft Graph API as command-and-control channels, plus SoftEther VPN for SOCKS proxy tunneling between victims and infrastructure.

Alex: This is the maturation of a trend we've been tracking for two years. Nation-state actors are living inside your trusted enterprise platforms. When your C2 traffic is flowing through Microsoft Graph API, your domain reputation-based detection is useless. Your firewall sees legitimate Microsoft traffic. Your proxy sees legitimate Discord traffic. The signal is buried in the noise of normal business operations.

Jordan: Exactly. And this isn't just a government problem. If you're a defense contractor, a critical infrastructure operator, a multinational with EU operations, you are in the target set. The detection challenge here requires behavioral analytics at the application layer. You need to understand what normal Graph API usage looks like for your environment and alert on deviations. Static signatures won't catch this.

Alex: The Belarus-linked GhostWriter campaign targeting Ukrainian officials with fake training certificates is worth a brief mention here because it reinforces a complementary point. These are credential-harvesting campaigns using trusted brand impersonation through a popular online learning platform. The tactical lesson for enterprise defenders is that your security awareness training needs to account for the fact that attackers are now impersonating the very platforms your employees use for professional development. The trust exploitation is getting more creative.

Jordan: Now, there's a piece of good news on the offensive infrastructure front. Europol took down First VPN, arrested its administrator, seized servers and domains. This is significant because Europol said this service appeared in nearly every major recent cybercrime investigation. Used by approximately two dozen ransomware gangs. And here's the detail I want people to notice: Europol stated they notified the service's users that they've been identified.

Alex: That's the real story. The takedown disrupts infrastructure, but the identification of users creates a chilling effect and likely leads to follow-on arrests. For enterprise security teams, the practical implication is to watch for infrastructure migration patterns over the next 30 to 60 days. When you knock out a service this central to the ransomware ecosystem, threat actors scatter and reconstitute. Your threat intel feeds should be tuned for new VPN services, new proxy networks, new infrastructure patterns emerging from this disruption.

Jordan: Let's talk about the FBI warning on Kali365. This is a Phishing-as-a-Service platform first observed in April, distributed via Telegram, and it captures Microsoft 365 OAuth tokens. It bypasses MFA without stealing passwords. Let me say that again. It bypasses MFA without credential theft by capturing the OAuth token itself.

Alex: This is the threat model that keeps M365-dependent enterprises up at night. And that's most enterprises. Kali365 provides AI-generated phishing lures, automated campaign templates, real-time tracking dashboards, and OAuth token capture, all packaged for less-technical attackers. The democratization of this capability is what makes it dangerous. You don't need to be sophisticated to run a sophisticated attack anymore.

Jordan: The defensive response here has to go beyond MFA. You need conditional access policies that evaluate device compliance, network location, and risk signals before granting token access. You need token binding where possible. You need to monitor for anomalous token usage patterns, sessions originating from unexpected geolocations, tokens being used across multiple IP addresses. If your M365 security posture is still anchored primarily on MFA as the control, this platform is specifically designed to defeat you.

Alex: The German hospital breach through Unimed, their billing services provider, is a story we've seen variants of a hundred times, but it keeps happening because the underlying problem isn't solved. A single third-party billing provider gets breached, and patient and financial data from multiple hospitals is compromised simultaneously. If you're in healthcare or any regulated industry with concentrated vendor dependencies, your third-party risk management program needs to account for this aggregation risk. It's not just about whether your vendor is secure. It's about what happens when the vendor that serves you and your twenty peers gets compromised all at once.

Jordan: Let's hit the Cisco vulnerability quickly because this one demands action. CVE-2026-20223, CVSS 10.0, maximum severity. Unauthenticated remote access to sensitive data via insufficient REST API validation in Cisco Secure Workload. This is your microsegmentation platform. This is deployed in data center environments handling workload telemetry and policy data. If you're running Cisco Secure Workload, this is an emergency patching cycle. No confirmed active exploitation yet, but a CVSS ten with unauthenticated remote access does not stay unexploited for long.

Alex: Agreed. Don't wait for the weekend. Get your teams on this today.

Jordan: On the policy front, two stories that are connected by a common thread. First, bipartisan pushback on CISA budget cuts. Reps. Don Bacon, Republican from Nebraska, and James Walkinshaw, Democrat from Virginia, both saying the cuts have gone too far. They're citing growing threats from China at a moment when CISA's capacity has been diminished. State officials are simultaneously urging Congress to renew cyber grant programs because local governments simply lack resources to counter advanced threats.

Alex: I've been saying this for months. The public-private threat intelligence sharing that CISA enables is infrastructure that enterprises depend on, whether they realize it or not. When CISA's capacity is reduced, the information sharing degrades, the incident response support degrades, and the coordinated vulnerability disclosure process slows down. This isn't abstract. This affects your ability to get timely, actionable intelligence on the exact kind of threats we've discussed today.

Jordan: And the second policy story, the White House postponed the AI security executive order with no new timeline. The draft would have required NSA, Treasury, and other agencies to evaluate new AI models for cybersecurity and national security concerns within 90 days.

Alex: For CISOs who've been building AI governance frameworks in anticipation of federal guidance, this delay creates real uncertainty. My advice: don't wait. Build your framework based on NIST AI Risk Management guidance and the EU AI Act requirements if you have European operations. You can always adjust when federal guidance eventually lands, but you can't afford to have ungoverned AI deployments while you wait for Washington to make up its mind.

Jordan: Looking at the week in aggregate, Alex, there's a theme that's impossible to ignore. The trust boundary is dissolving. Attackers are inside your IDE extensions, inside your Microsoft Graph API traffic, inside your CI/CD pipelines, inside your OAuth token flows. Every layer of implicit trust in the enterprise stack is being weaponized.

Alex: That's exactly right. And the response can't be to add another point product for each attack vector. The response has to be architectural. Zero trust isn't a marketing term. It's the recognition that you need to verify continuously at every layer, from developer toolchains to production workloads to identity tokens. If this week's stories don't validate that strategic direction for your board, I don't know what will.

Jordan: And on a practical level, this weekend, check your Cisco Secure Workload patching status, review your VS Code extension governance, make sure your M365 conditional access policies account for token theft scenarios, and have a conversation Monday morning about what your CI/CD pipeline monitoring actually looks like. That's a full plate, but it's where the threats are.

Alex: That's our show for today. Show notes and links to every story we covered are at cleartext.fm. Have a safe weekend. We'll see you Monday.

Jordan: Stay sharp.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-22.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 8 stories across 5 topic areas, including: Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems; Europe dismantles VPN service used by cybercriminals to hide ransomware attacks; Srsly Risky Biz: Politicians ditch Signal for homegrown apps.

The Record (Recorded Future) · May 20 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A formal Russia-China pact on AI, cyberspace, and technology independence signals an accelerating bifurcation of the global tech ecosystem — CISOs must factor geopolitical bloc alignment into supply chain risk, vendor selection, and threat modeling.

📖 Read full article

The Record (Recorded Future) · May 20 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The takedown of First VPN — a criminal infrastructure service marketed on Russian-speaking forums — demonstrates growing law enforcement capability against anonymization tools used by ransomware operators and may temporarily disrupt attacker operational security.

📖 Read full article

Risky Business News · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: European governments moving away from Signal to sovereign messaging apps reflects a broader trend of digital sovereignty — CISOs at multinationals must anticipate fragmented secure communications requirements across jurisdictions and assess interoperability risks.

📖 Read full article

The Hacker News · May 20 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The disruption of Fox Tempest's malware-signing-as-a-service operation — which abused Microsoft's own Artifact Signing system — underscores the risk that trusted code-signing infrastructure can be weaponized, and the importance of verifying software provenance beyond signature checks.

📖 Read full article

BankInfoSecurity · May 21 · Relevance: █████████░ 9/10

Why it matters to CISOs: A supply chain attack via a poisoned VS Code extension compromised GitHub's internal repos — this is a wake-up call for every enterprise relying on developer tooling ecosystems and highlights the need to audit IDE extensions, CI/CD pipelines, and enforce least-privilege on developer credentials.

📖 Read full article

Wired Security · May 21 · Relevance: █████████░ 9/10

Why it matters to CISOs: TeamPCP's software supply chain attack spree — impacting hundreds of organizations — demands immediate review of open-source dependency management, software composition analysis tooling, and SBOM practices across the enterprise.

📖 Read full article

BankInfoSecurity · May 21 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Check Point's acquisition of Deepchecks to validate autonomous AI security agents signals that AI hallucination and reliability in security operations is becoming a board-level concern — CISOs deploying agentic AI in SOCs need validation frameworks.

📖 Read full article

BleepingComputer · May 20 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Active exploitation of SonicWall Gen6 SSL-VPN appliances — with MFA bypass leading to ransomware deployment — is an immediate action item for any enterprise running these widely deployed devices.

📖 Read full article

Jordan: A developer downloaded a VS Code extension. GitHub lost 3,800 internal repositories. And now Lapsus$ is back, selling the data for ninety-five thousand dollars. That's your Thursday.

Alex: Welcome to Cleartext. I'm Alex Chen. With me as always is Jordan Reeves. It's May 21st, 2026, and if you're a CISO right now, your developer toolchain just became your most urgent attack surface. We've got the GitHub breach, a supply chain gang operating at unprecedented scale, a Microsoft malware-signing takedown, SonicWall MFA bypasses tied to ransomware, the Xi-Putin tech alignment pact and what it means for your vendor strategy, European governments abandoning Signal, and a law enforcement win in the criminal VPN space. Let's move.

Jordan: Let's start with the story that's going to dominate your weekend. GitHub got hit. Roughly 3,800 internal repositories were exfiltrated after a single developer installed a poisoned VS Code extension — specifically a compromised version of Nx Console. The root cause traces back to a TanStack npm package that had been tampered with as part of a broader supply chain worm. TeamPCP, now tracked as UNC6780 by threat intelligence teams, is apparently cooperating with Lapsus$ to sell the stolen data for ninety-five thousand dollars.

Alex: And let's be precise about why this one stings. This isn't a zero-day. This isn't a nation-state zero-click exploit. A developer installed an extension from what appeared to be a legitimate source in the VS Code marketplace, and that was enough to compromise one of the most security-conscious engineering organizations on the planet. If you're a CISO and you don't have a policy governing IDE extensions, you have a gap.

Jordan: TeamPCP has been running what researchers are calling the Mini Shai-Hulud supply chain worm — at least seven waves of it since March. The scale is genuinely unusual. Hundreds of organizations hit. And the sophistication is real: they're forging valid cryptographic provenance on malicious packages. So your software composition analysis tools may be telling you everything is signed and clean, and being technically correct while being completely wrong.

Alex: That's the part that should concern boards. We've spent years telling leadership that signed software equals trusted software. TeamPCP just invalidated that assumption at scale. If you have an SBOM program — and you should — audit it now. Not for presence of packages but for integrity of the signing chain. And if you're running open-source dependencies without a formal review process for transitive dependencies, this week is the week to start that conversation with your engineering leadership.

Jordan: Grafana Labs was also caught in this. So it's not GitHub-specific. It's a broad ecosystem compromise, and the blast radius is still being assessed.

Alex: Connected to that ecosystem story — Microsoft this week disclosed it took down a threat actor called Fox Tempest, which had been running a malware-signing-as-a-service operation. And here's the part that matters: they weaponized Microsoft's own Artifact Signing system to get valid Microsoft signatures on malicious code. So we have two separate threat actors, in the same week, demonstrating that code-signing infrastructure is now an active target.

Jordan: This is the logical endpoint of the trust chain being exploited. Defenders built controls that say: verified signature equals permitted execution. Attackers spent years figuring out how to get verified signatures. They've now figured it out. The policy implication is that signature verification is necessary but not sufficient. You need behavioral controls downstream. You need runtime monitoring. A signature check at the perimeter is not the end of the story anymore.

Alex: Patch note for anyone running SonicWall Gen6 SSL-VPN appliances — and there are a lot of them. Active exploitation is occurring right now. Attackers are brute-forcing VPN credentials and then bypassing MFA because SonicWall's patches were incomplete. The outcome is ransomware deployment. This is not a theoretical risk. If you haven't confirmed your SonicWall estate is fully patched — not partially patched — do that today.

Jordan: The incomplete patching detail is what makes this operationally frustrating. Organizations applied the patch, checked the box, and are still exposed. Verify the patch, verify MFA is actually enforced at the appliance level, not just assumed.

Alex: Now let's shift to the geopolitical picture, because the Xi-Putin statement from yesterday deserves more than a headline skim. The joint statement includes explicit pledges to cooperate on satellite internet, software development, and open-source initiatives — framed explicitly as reducing dependence on Western technology and building capacity to compete with countries they describe as unfriendly.

Jordan: From a threat modeling standpoint, this formalizes something that's been directionally true for a while. You now have two major cyber powers explicitly aligning their technology stacks, their AI development, and their cyberspace governance posture. The practical implication is that the technology bifurcation that's been happening quietly for years — Huawei bans, SMIC restrictions, export controls — is now a declared strategic objective on their side too.

Alex: For CISOs at multinationals, this lands in a few different places. Vendor selection and supply chain risk: you need to know where every tier of your technology stack sits relative to these blocs. Board reporting: if you're not already framing geopolitical tech alignment as a risk factor in your briefings, you're behind. And threat modeling: the cooperation between Russian and Chinese capabilities — offensive and defensive — means you may need to revisit your threat actor assumptions, particularly if you're in critical infrastructure, defense industrial base, or any sector subject to export controls.

Jordan: The open-source cooperation piece is also worth watching. If you have engineers pulling from repositories that may increasingly reflect Chinese or Russian development communities, that's a provenance question that connects directly back to the TeamPCP story we just discussed.

Alex: Speaking of fragmentation — European governments are moving away from Signal and building sovereign encrypted messaging platforms. The motivations are legitimate: phishing risk, data sovereignty, vendor dependency on a US-based nonprofit. But the analysts are right to flag the tradeoff. Signal is extraordinarily well-engineered. Homegrown alternatives will introduce their own attack surfaces.

Jordan: For CISOs at multinationals, the practical problem is interoperability. You may soon be operating across jurisdictions where your secure communications stack has to accommodate government-mandated sovereign apps with their own authentication and key management architectures. That's a policy and procurement problem that's worth getting ahead of now.

Alex: Law enforcement had a good week. French and Dutch authorities, with Europol and Eurojust support, seized 33 servers and took down First VPN, a service that had been marketed on Russian-speaking cybercrime forums specifically for ransomware operators and data thieves to evade detection. This is Operation Saffron, and it's significant less for the immediate disruption and more for what it signals about operational tempo.

Jordan: Law enforcement is getting faster and more coordinated on criminal infrastructure. That's not nothing. It temporarily degrades attacker operational security — they have to find new anonymization infrastructure, new tools. It doesn't stop them, but it raises their costs and sometimes surfaces tradecraft that intelligence teams can use.

Alex: Quick note on the vendor side: Check Point acquired Deepchecks, an AI evaluation startup focused on validating autonomous AI agents and preventing hallucinations in security workflows. If you're deploying agentic AI in your SOC — and increasingly you are or you're being sold on doing so — the question of whether those agents are making reliable decisions is not theoretical. This acquisition is Check Point's answer to that question. Watch this space. Validation frameworks for AI-driven security actions will be a requirement within eighteen months.

Jordan: Worth noting that "the AI said so" is not a sufficient answer if an autonomous agent triggers an incident response action that turns out to be wrong. Legal liability, regulatory scrutiny — this matters.

Alex: So what's the theme of this week, Jordan?

Jordan: Trust infrastructure is the attack surface. Code signing, MFA, legitimate developer tools, open-source provenance — the things we built to establish trust in our systems are now the things being targeted. Attackers are not breaking through walls. They're walking through doors we built for ourselves.

Alex: And the geopolitical layer is accelerating this. When you have two major powers formally committing to building a parallel technology ecosystem — including open-source, AI, and satellite infrastructure — the provenance questions that matter for security get harder, not easier. The supply chain problem is going to deepen before it gets better. What I'd tell every CISO going into next week: get a current inventory of your developer toolchain, IDE extensions included. Validate — don't assume — your SonicWall patch state. And if you haven't briefed your board on the Russia-China tech alignment in the context of your specific threat model, schedule that conversation.

Jordan: And maybe double-check what extensions are running in your own VS Code instance before you close the laptop tonight.

Alex: That's Cleartext for Thursday, May 21st. Show notes and links to every story we covered today are at cleartext.fm. If this is useful to you, share it with a peer. We'll see you tomorrow.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-21.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 9 stories across 4 topic areas, including: CISA credential leak raises alarms, and Capitol Hill demands answers; Ukraine says Russia is deploying AI-powered malware on the battlefield; Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network.

CyberScoop · May 19 · Relevance: █████████░ 9/10

Why it matters to CISOs: The agency responsible for defending federal networks leaked plaintext passwords and GovCloud keys publicly — this undermines trust in government security guidance and raises questions about contractor security posture that affects any enterprise working with federal systems.

📖 Read full article

The Record (Recorded Future) · May 19 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Russia's documented escalation of AI-powered cyber operations in Ukraine provides a preview of techniques likely to proliferate against Western enterprises — CISOs should use this intelligence to model adversarial AI capabilities in threat assessments.

📖 Read full article

The Record (Recorded Future) · May 19 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A previously unexplained national telecom outage traced to a Huawei zero-day raises serious questions about critical infrastructure supply chain trust — CISOs in telecom and enterprises dependent on telecom resilience should factor this into vendor risk assessments.

📖 Read full article

Help Net Security · May 20 · Relevance: █████████░ 9/10

Why it matters to CISOs: The DBIR is a benchmark report for board-level risk communication — vulnerability exploitation overtaking credential theft as the #1 initial access vector for the first time in 19 years demands a reassessment of patch management investment and prioritization strategies.

📖 Read full article

BleepingComputer · May 19 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Fox Tempest's malware-signing-as-a-service enabled ransomware operators to bypass code-signing trust controls — CISOs should review their code-signing validation and allowlisting policies given this trust model was systematically abused.

📖 Read full article

The Hacker News · May 20 · Relevance: █████████░ 9/10

Why it matters to CISOs: A supply-chain-critical platform used by virtually every enterprise dev team was compromised via a poisoned VS Code extension — CISOs must assess exposure to GitHub-hosted internal tooling and review IDE extension policies immediately.

📖 Read full article

CyberScoop · May 19 · Relevance: ████████░░ 8/10

Why it matters to CISOs: This ongoing supply-chain campaign is stealing publishing tokens and installing OS-level backdoors in CI/CD pipelines — CISOs need to validate software composition analysis controls and audit developer environment integrity immediately.

📖 Read full article

BleepingComputer · May 19 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: ShinyHunters continues to target large retail brands — CISOs in retail and consumer-facing industries should review this incident for applicable TTPs and ensure extortion response plans are current.

📖 Read full article

Cybersecurity Dive · May 19 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Major telecoms creating a private ISAC to avoid federal government involvement signals a shift in public-private threat sharing dynamics — CISOs should monitor whether this model proliferates to other critical sectors and how it affects intelligence quality.

📖 Read full article

Jordan: The agency responsible for telling the rest of us how to secure federal networks just leaked plaintext passwords and cloud keys on a public GitHub repository. Let that sit for a second.

Alex: Welcome to Cleartext. It's Wednesday, May 20th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves.

Alex: Today we're covering a lot of ground. The CISA credential leak and what it means for anyone operating in or adjacent to federal environments. The 2026 Verizon DBIR dropped this morning with a historic shift in how attackers are getting in. GitHub is investigating a major internal breach via a malicious IDE extension. Russia is deploying AI-enabled malware in Ukraine and the implications reach well beyond the battlefield. And a fresh wave of npm supply chain compromises is hitting CI/CD pipelines right now. That's the menu. Let's get into it.

Jordan: So CISA. The Nightwing contractor situation. A researcher described the leaked repository as one of the worst he'd ever seen, and he's not being dramatic. We're talking plaintext passwords, GovCloud keys, live credentials for government environments — sitting on a public GitHub repo. Senator Hassan has formally demanded answers from CISA's acting director, which tells you this is not going away quietly.

Alex: Here's the board-level framing on this. CISA is the authority. They write the guidance. They issue the directives. They tell federal agencies and critical infrastructure operators what good looks like. When they are the breach, it doesn't just create an operational problem — it creates a credibility problem that cascades. If you're a CISO at a company with federal contracts, GovCloud deployments, or any FedRAMP-adjacent posture, you need to audit your contractor security posture right now. Not because you caused this. Because this incident demonstrates that contractor hygiene across the federal ecosystem is genuinely broken, and you can't assume your contractors are the exception.

Jordan: And the contractor dynamic here matters. Nightwing is the entity linked to this leak, not CISA employees directly. That's actually the harder governance problem. You can control your own staff. Controlling what your contractors do with privileged credentials in their own development environments is a different kind of problem. Most enterprises haven't solved it either.

Alex: Agreed. Now let's shift to the DBIR because it dropped this morning and it's relevant to every conversation we're about to have. For the first time in nineteen years, vulnerability exploitation has knocked credential theft off the top spot as the leading initial access vector. Thirty-one percent of breaches started with exploitation. That's not a marginal change — that's a structural shift.

Jordan: And the underlying driver isn't that attackers suddenly love CVEs more than stolen passwords. It's that the volume and speed of exploitation has changed. The window between disclosure and weaponization has compressed to hours in some cases. And patching lag across the industry is still measured in weeks to months. That gap is where attackers live.

Alex: For CISOs, this is a board conversation. If your security narrative has been built around identity and credential controls — and a lot of programs have been, because that was the right call for a long time — you need to rebalance. Not abandon identity work, but make a credible argument for why your patch management program and your exposure management posture are funded at the level this threat demands. The DBIR gives you the citation. Use it.

Jordan: Now let's talk about GitHub, because this one hits close to home for a lot of security teams. The threat actor TeamPCP exfiltrated approximately 3,800 internal GitHub repositories. GitHub says no evidence of customer data compromise outside their internal systems so far, but the initial access vector is what every CISO needs to pay attention to: a malicious VS Code extension installed by an employee.

Alex: Think about your developer population. How many of them are installing extensions from the marketplace with minimal scrutiny? IDE extensions run with the same privileges as the developer. They can read files, exfiltrate tokens, access environment variables, reach secrets in config files. This is not a theoretical attack surface. It just played out against GitHub itself.

Jordan: And GitHub is not a naive target. They have sophisticated security engineering. If a poisoned extension got through their controls and reached internal repositories at this scale, the question every CISO has to ask is: what's our extension allowlisting policy? Do we have one? Is it enforced? If the answer is no, that's a gap you're fixing this week.

Alex: Connect this to the npm story as well, because they're thematically linked. The Mini Shai-Hulud campaign — and yes, that's a real threat actor name — published over 600 malicious npm packages in the latest wave. The malware steals publishing tokens, installs OS-level backdoors, and persists inside CI/CD pipelines. Several widely-used open source projects have already been compromised.

Jordan: What makes this particularly nasty is the persistence model. This isn't just a compromised package that you patch and move on from. If the malware is in your CI pipeline, it's watching every build. It can poison future artifacts. You have to treat this as an incident, not a software update.

Alex: If you haven't validated that your software composition analysis tooling is current and that your developer environment integrity is intact, that's the action item. SCA alone isn't sufficient here — you need to be looking at your pipeline integrity holistically.

Jordan: Let's spend a minute on Russia's AI cyber operations because this one deserves serious analytical attention, not just a headline. Ukraine's National Security and Defense Council is reporting a dramatic expansion of Russia's AI-enabled offensive capabilities over the past year. AI applied to social engineering, malware development, and attack automation. Ukrainian officials are explicitly describing a growing imbalance between attackers and defenders.

Alex: The Ukraine theater has functioned as a live test environment for Russian offensive cyber capabilities for years now. Techniques that appear there tend to proliferate. AI-accelerated malware development means faster variant generation, more personalized phishing, and reduced operational cost for the attacker. That attacker-defender imbalance comment is not hyperbole. It's a preview.

Jordan: The practical implication for threat modeling: if your threat assessments don't include adversarial AI capability as a factor, they're already out of date. Nation-state level AI offensive tooling will diffuse into criminal ecosystems. It always does. The timeline is compressing.

Alex: Two more items worth flagging. On the Huawei zero-day: Luxembourg's entire national telecom network going down last year has now been attributed to a Huawei zero-day exploit. Huawei has not acknowledged the vulnerability. There's no evidence of recurrence, but the flaw remains unexplained. For CISOs in telecom or industries with deep telecom infrastructure dependencies, this goes into your vendor risk model. Full stop.

Jordan: And Microsoft's disruption of Fox Tempest — the group running malware-signing-as-a-service — is a win, but a qualified one. They were systematically abusing Microsoft's own Artifact Signing service to generate fraudulent code-signing certificates for ransomware operators. The trust model for code signing was being sold as a commodity service. Review your allowlisting policies. A signed binary is not a safe binary.

Alex: Briefly on 7-Eleven and the ShinyHunters confirmation: they've confirmed the breach, scope is still under investigation. If you're in retail or consumer-facing industries, pull the TTPs and pressure-test your extortion response plans. ShinyHunters is prolific and methodical.

Jordan: And on the telecom ISAC story — major providers launching a private ISAC explicitly to avoid federal government involvement — I think this is actually a signal worth watching carefully. The stated reason is that federal presence was chilling candid threat intelligence sharing.

Alex: That tells you something about the current state of public-private trust in the security space. If the model proliferates to other critical sectors, the intelligence sharing ecosystem fragments. That may mean better signal quality within sectors and worse cross-sector visibility. For CISOs in critical infrastructure, think about where you're getting your intelligence and whether that sourcing changes if this model spreads.

Jordan: Stepping back to the week's theme — what we're really seeing is a coherent picture of institutional trust under stress. CISA leaks its own credentials. A trusted platform like GitHub gets compromised through a trusted tool category. Code-signing certificates are being commoditized for malware. The controls that enterprises have built their security programs around — trust in government guidance, trust in signed code, trust in vetted extensions — are all being systematically challenged at the same time.

Alex: Which means the posture that wins right now is one that assumes less and verifies more. Not paranoia — operational skepticism applied consistently. Zero trust as a philosophy, not just an architecture. That's the board message this week.

Jordan: Watch for CISA's formal response to Senator Hassan's inquiry. And watch the GitHub investigation closely — if customer data exposure surfaces, the scope of this changes significantly.

Alex: That's Cleartext for Wednesday, May 20th. Show notes and links to every story we covered today are at cleartext.fm. If this was useful, share it with a peer who needs it. We'll be back tomorrow.

Jordan: Stay sharp.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-20.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 8 stories across 3 topic areas, including: Verizon Breach Report: Vulnerability Exploitation Surges; Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering; The New Phishing Click: How OAuth Consent Bypasses MFA.

BankInfoSecurity · May 19 · Relevance: █████████░ 9/10

Why it matters to CISOs: The 2026 Verizon DBIR is essential board-level intelligence — the finding that half of all breaches now involve ransomware and that vulnerability exploitation continues to surge provides concrete data to justify patch management and resilience investments.

📖 Read full article

VentureBeat Security · May 18 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Four supply-chain incidents hitting OpenAI, Anthropic, and Meta in 50 days expose a critical blind spot in AI release pipelines — CISOs adopting AI tooling must extend third-party risk assessments to cover CI/CD, dependency, and packaging integrity beyond model safety evaluations.

📖 Read full article

The Hacker News · May 19 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The EvilTokens PhaaS platform compromised 340+ M365 orgs in five weeks by abusing OAuth device code flows to bypass MFA entirely — CISOs must evaluate conditional access policies and consider blocking device code authentication flows.

📖 Read full article

Krebs on Security · May 18 · Relevance: █████████░ 9/10

Why it matters to CISOs: A CISA contractor publicly exposing GovCloud credentials and internal deployment details is a worst-case supply chain and insider risk scenario — CISOs should use this to justify stricter secrets management and CI/CD pipeline audits across their own organizations.

📖 Read full article

TechCrunch Security · May 18 · Relevance: █████████░ 9/10

Why it matters to CISOs: A 1.8M-record healthcare breach involving biometric data (fingerprints) raises the stakes on irreversible data exposure — CISOs should reassess biometric data handling, storage, and incident response plans given that biometrics cannot be reset like passwords.

📖 Read full article

The Record (Recorded Future) · May 18 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Grafana's breach via a stolen GitHub token and public refusal to pay ransom is a case study in token/secret management failures and incident response transparency — CISOs should audit PAT and service account hygiene across development environments.

📖 Read full article

BleepingComputer · May 19 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: ShinyHunters claiming another major retailer reinforces the persistent threat to large consumer-facing enterprises — CISOs in retail and adjacent sectors should ensure threat intelligence covers this prolific extortion group's evolving TTPs.

📖 Read full article

Dark Reading · May 18 · Relevance: █████████░ 9/10

Why it matters to CISOs: An actively exploited Exchange zero-day (CVE-2026-42897) with no patch available demands immediate mitigation action — CISOs with OWA-exposed environments should implement compensating controls and monitor for mailbox compromise.

📖 Read full article

Jordan: A CISA contractor left highly privileged AWS GovCloud credentials sitting in a public GitHub repository. Not encrypted. Not rotated. Public. Security researchers are calling it one of the most egregious government data leaks in recent history. And it's Tuesday.

Alex: Welcome to Cleartext. I'm Alex Chen.

Jordan: And I'm Jordan Reeves.

Alex: Today we are not short on material. The 2026 Verizon DBIR dropped and the headline numbers deserve your attention. We've got an Exchange zero-day with no patch, a PhaaS platform that's making MFA irrelevant for hundreds of Microsoft 365 organizations, AI supply chain attacks hitting the biggest names in the industry, and two major breaches — one involving 1.8 million people's fingerprints. Let's get into it.

Jordan: Start with the DBIR because this is your board ammunition for the next budget cycle. Verizon's 2026 report confirms two things that should not surprise anyone in this audience but will absolutely land differently when you're citing an industry benchmark. Vulnerability exploitation as an initial access vector continues to surge. And half — half — of all successful breaches now involve some form of ransomware action. The other number that matters: patch rollout timelines are slowing. Not holding steady. Slowing. Exploitation is going up, patching speed is going down. That's not a trend, that's a collision.

Alex: And here's the strategic framing for your CFO conversation. This report gives you third-party validation to defend every dollar you're spending on patch management tooling, vulnerability prioritization, and ransomware resilience. The board doesn't want to hear your threat model. They want to hear what happened to everyone else. The DBIR is that story. Use it.

Jordan: Speaking of patches that don't exist yet — CVE-2026-42897. Active exploitation, no fix. This is an XSS vulnerability in Exchange hitting Outlook Web Access mailboxes. If you have OWA exposed to the internet, this is not a watch-and-wait situation.

Alex: The compensating controls conversation here is straightforward: restrict external access to OWA where you can, implement WAF rules targeting the XSS vector, and get your SOC hunting for mailbox manipulation indicators now. Don't wait for Microsoft's patch cadence to protect an exposed attack surface.

Jordan: What I'd add — and this is worth flagging for anyone still running on-premises Exchange — this vulnerability is a reminder that legacy mail infrastructure sitting on the perimeter is a persistent liability. The pressure to migrate isn't just about features.

Alex: Let's talk about OAuth phishing, because this is the MFA story that should make you revisit your conditional access architecture today. The EvilTokens PhaaS platform compromised more than 340 Microsoft 365 organizations across five countries in five weeks. Here's the mechanism: attackers send targets a message asking them to visit microsoft.com/devicelogin and enter a short code. The user does it. They complete their normal MFA challenge. They think they've authenticated into something legitimate. They haven't. They've handed attackers a persistent OAuth token tied to their account.

Jordan: The genius of this attack — and I use that word reluctantly — is that there is no phishing page. The victim goes to a real Microsoft domain, completes a real MFA prompt, and walks away feeling secure. The attack abuses the device code flow, which was designed for scenarios like smart TVs and printers that can't handle browser-based authentication. It was never intended to be an enterprise identity pathway, and it's being weaponized systematically.

Alex: The action item is direct: evaluate whether your organization actually needs device code authentication flows enabled. For most enterprise environments, the answer is no. Block it in conditional access. If you can't block it entirely, scope it tightly and alert on it. 340 organizations in five weeks is a significant deployment rate for a platform that's been live since February.

Jordan: Now let's spend some time on AI supply chain, because four incidents in 50 days across OpenAI, Anthropic, and Meta is a pattern, not a coincidence. The critical insight here is that none of these attacks targeted the model itself. They targeted the release pipeline — CI runners, dependency hooks, packaging gates.

Alex: This is the maturity gap in how most organizations are thinking about AI risk. Vendor questionnaires ask about model safety evaluations, responsible disclosure processes, red team assessments. Almost none of them ask about artifact integrity, dependency management, or CI/CD security for the AI tooling you're ingesting. That's the gap these attackers are walking through.

Jordan: The Mini Shai-Hulud worm is the specific case worth examining. On May 11th, it published 84 malicious package versions across 42 npm packages in the tanstack namespace — in six minutes. The packages carried valid SLSA Build Level 3 provenance. Build-level attestation did not save anyone here. The integrity signal was legitimate. The packages were not.

Alex: Which means your third-party risk program needs a new appendix. If you are onboarding AI tooling — and you are — your vendor security assessments need to include questions about CI/CD pipeline integrity, artifact signing beyond basic provenance, and incident response for supply chain compromise scenarios. This is not covered by most existing frameworks.

Jordan: Two breach stories that belong together because they share a root cause: secret sprawl and token hygiene.

Alex: Start with CISA, because the irony is uncomfortable. A CISA contractor maintained a public GitHub repository containing credentials to highly privileged AWS GovCloud accounts. The repo also included internal documentation on how CISA builds, tests, and deploys software. Experts are calling it one of the most egregious government data leaks in recent history. The agency responsible for protecting critical infrastructure had a contractor exposing its own deployment architecture to the public internet.

Jordan: The lesson here isn't to pile on CISA. The lesson is that this exact scenario is replicating itself silently in enterprise environments right now. Developer repos with hardcoded credentials, service account tokens committed alongside application code, CI/CD pipelines with embedded secrets that have never been audited. This is the baseline. Not the exception.

Alex: Your action coming out of this story: run a secrets scanning pass across your GitHub organizations this week. Tools exist for this. The question is whether you've prioritized it. CISA's incident should make that prioritization easier.

Jordan: Grafana reinforces it. Hackers gained access to Grafana Labs' entire codebase through a stolen GitHub access token. Grafana publicly refused to pay the ransom, which I respect as a posture, but the access vector is the story. One compromised personal access token. That's the blast radius.

Alex: And Grafana is widely deployed observability infrastructure. If you're running it in your environment, your security team should already be reviewing whether your Grafana instance has been updated and whether any downstream integrity concerns apply to your deployment.

Jordan: Quickly on 7-Eleven — ShinyHunters has confirmed another major brand. Retail CISOs know this group well. They are systematic, they are prolific, and their TTPs evolve. If you're in consumer-facing enterprise and you're not actively tracking ShinyHunters' current playbook in your threat intel program, fix that.

Alex: The breach story with the longest tail is NYC Health + Hospitals. 1.8 million people. Stolen medical records. And fingerprints. This is where healthcare breach severity calculus changes.

Jordan: You cannot issue someone new fingerprints. That's the distinction that matters. Every other credential compromise has a remediation path — reset the password, revoke the token, reissue the card. Biometric data is permanently compromised once it's stolen. The irreversibility changes the liability picture and it should change how you store it.

Alex: If your organization collects biometric data — and increasingly they do, whether for access control, fraud prevention, healthcare records — your incident response plan needs a biometric-specific track. What's your notification obligation? What's your remediation offer to affected individuals? What does recovery actually look like when the compromised data can't be replaced? Most IR playbooks haven't answered those questions yet.

Jordan: Outlook for the week. The theme I keep coming back to across everything we've covered today is that defenders are being systematically outpaced in the areas they assumed were mature. Patch management — slowing. MFA — bypassed. Supply chain attestation — circumvented. Secrets management — still failing at CISA. The adversary surface isn't expanding because attackers found new zero-days. It's expanding because the fundamentals aren't holding.

Alex: What I'd tell any CISO walking into a board meeting this week: the 2026 DBIR gives you the macro narrative. The Exchange zero-day gives you immediate urgency. The OAuth story gives you a reason to reopen your identity architecture conversation. And the CISA breach gives you the internal audit justification you may have been waiting for. This is a week where the news cycle actually hands you leverage. Use it deliberately.

Jordan: Watch the Exchange patch timeline closely. Microsoft has not committed to an out-of-band release as of this recording. If that changes, we'll flag it.

Alex: That's Cleartext for Tuesday, May 19th. Show notes and links to every story we covered today are at cleartext.fm. If this was useful, share it with a peer who needs it. We'll be back tomorrow.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-19.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 9 stories across 5 topic areas, including: Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations; Interpol Launches Sweeping Cybercrime Crackdown in MENA Region; Grafana says stolen GitHub token let hackers steal codebase.

The Hacker News · May 18 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Confirmation that a pre-Stuxnet tool was designed to corrupt nuclear weapons simulations underscores the long history and sophistication of nation-state cyber sabotage targeting critical infrastructure — relevant for CISOs defending high-value simulation and modeling environments.

📖 Read full article

Infosecurity Magazine · May 18 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Operation Ramz's 201 arrests across 13 MENA countries signals growing international law enforcement coordination against phishing and fraud networks that target enterprises globally.

📖 Read full article

BleepingComputer · May 18 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Grafana is deeply embedded in enterprise observability stacks — source code theft via a stolen GitHub token raises supply chain integrity concerns and highlights the risk of credential-based attacks on development infrastructure.

📖 Read full article

BleepingComputer · May 17 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Tycoon2FA adding device-code phishing to bypass MFA on Microsoft 365 accounts is a direct threat to enterprise identity security — CISOs should evaluate conditional access policies and device-code flow restrictions immediately.

📖 Read full article

Infosecurity Magazine · May 18 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: As enterprises rapidly adopt agentic AI, the UK NCSC's new guidance provides a government-backed framework CISOs can use to structure internal AI security policies and risk assessments.

📖 Read full article

Infosecurity Magazine · May 18 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: UK financial regulators setting cybersecurity and operational resilience expectations around frontier AI will likely influence global regulatory norms — CISOs in financial services and regulated industries should prepare for similar requirements.

📖 Read full article

BankInfoSecurity · May 18 · Relevance: ██████░░░░ 6/10

Why it matters to CISOs: SecurityScorecard's acquisition of Driftnet expands third-party risk management capabilities with real-time internet reconnaissance — relevant for CISOs managing supply chain and AI-driven vendor risk programs.

📖 Read full article

BankInfoSecurity · May 18 · Relevance: █████████░ 9/10

Why it matters to CISOs: A maximum-severity, actively exploited zero-day in Cisco Catalyst SD-WAN Controller allowing unauthenticated admin access is an immediate priority for any enterprise running Cisco SD-WAN infrastructure — patch or mitigate now.

📖 Read full article

Help Net Security · May 18 · Relevance: █████████░ 9/10

Why it matters to CISOs: NGINX is the most widely deployed web server globally — active exploitation of a critical RCE/DoS vulnerability means every enterprise must immediately audit exposure and apply mitigations.

📖 Read full article

Jordan: Before we get into today's show, consider this: researchers just confirmed that before Stuxnet, before the world even had a name for nation-state cyber sabotage, there was another tool. It was quietly corrupting nuclear weapons simulations. And we're only hearing about it now. That's not a history lesson. That's a reminder of how much we don't know about what's already inside critical systems.

Alex: Welcome to Cleartext. It's Monday, May 18th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves.

Alex: Today we have a packed show. Two actively exploited critical vulnerabilities that need your attention before you finish your coffee. A Grafana source code theft that has supply chain implications for a huge portion of enterprise DevOps stacks. MFA bypass getting more sophisticated. UK regulators turning up the heat on AI. And that pre-Stuxnet story Jordan just teased — which is genuinely significant. Let's get into it.

Jordan: So let's start with Fast16. Symantec and Carbon Black — now both under Broadcom — published analysis confirming that this Lua-based malware was purpose-built to corrupt uranium-compression simulations. The kind of simulations that tell weapons designers whether a warhead design actually works. This predates Stuxnet by an unknown margin, which means the timeline for state-sponsored cyber sabotage targeting weapons programs is longer and deeper than the public record showed. The tool had a hook engine that was selectively interested in specific simulation processes. This wasn't opportunistic. It was surgical.

Alex: And the reason CISOs should care — beyond the sheer historical weight of it — is the pattern it reinforces. High-value simulation and modeling environments, whether in defense, energy, pharma, or financial risk modeling, are attractive sabotage targets, not just espionage targets. The threat isn't always exfiltration. Sometimes the goal is to make you trust outputs that have been quietly manipulated. That's a much harder problem to defend against than data theft, and it's one that most security programs aren't explicitly designed to catch.

Jordan: The integrity angle is underrated. Detection pipelines, monitoring, alerting — all of it is built around detecting presence or movement of an attacker. Detecting that your simulation results have been corrupted over time? That's a scientific problem as much as a security problem. And if you're in an organization where computational outputs drive high-stakes decisions, you need to be having that conversation.

Alex: Okay, let's pivot to what's actively burning right now. Two critical vulnerabilities, both under active exploitation, both affecting infrastructure that most enterprises are running. Jordan, take Cisco first.

Jordan: Maximum severity. That's CVE scoring language for zero margin. The Cisco Catalyst SD-WAN Controller has a broken peering authentication mechanism in a component called vdaemon. An attacker with network access can gain administrative privileges without any credentials. No username, no password. Unauthenticated admin access to your WAN controller. And it's being actively exploited in the wild. If you're running Cisco Catalyst SD-WAN, this is not a patch-by-next-cycle situation. This is a patch-today or implement-compensating-controls-today situation. Cisco has published guidance. Your team should already be moving.

Alex: The board framing here is straightforward. Compromised WAN controller means an attacker has visibility into and potentially control over the routing fabric of your enterprise network. That's not a perimeter issue. That's a core infrastructure issue. If you're a CISO who has Cisco SD-WAN in your environment and you're not on the phone with your network team right now, stop listening to us and make that call.

Jordan: Second one is NGINX Rift. CVE-2026-42945. NGINX is the most deployed web server on the planet. This vulnerability can be triggered by a single crafted HTTP request, and it gives you denial-of-service reliably and potentially unauthenticated remote code execution. It was disclosed last week and it's already being exploited. The attack surface here is enormous. If you have public-facing web infrastructure and you haven't confirmed your NGINX versions and patch status, that's your other call to make this morning.

Alex: Both of these landing on the same Monday is not a coincidence in terms of how your week is going to go. Clear your schedule accordingly.

Jordan: Next up: Grafana. The short version is that an attacker stole a GitHub access token, used it to download Grafana Labs' full codebase, and then demanded a ransom. Grafana refused to pay. The attacker has threatened to publish the source code.

Alex: Grafana is embedded in the observability stack of a significant percentage of enterprise engineering organizations. Dashboards, Loki for logging, Tempo for traces, Pyroscope for profiling. This is the glass through which a lot of teams watch their systems. The immediate supply chain concern is this: if that source code is published and contains vulnerabilities — hardcoded credentials, logic flaws, anything — those findings will be weaponized quickly. Your security and DevOps teams should be monitoring for any Grafana-related disclosures and should have an accelerated patching posture for Grafana components going forward.

Jordan: The vector here is also worth noting. A stolen GitHub access token. Not a zero-day, not a nation-state APT. A credential. We keep coming back to this — identity is the perimeter, and developer toolchain credentials are often the least scrutinized part of the identity estate. Token rotation, scope limitation, GitHub audit log monitoring — these are not exotic controls. They're hygiene, and this is what happens when they slip.

Alex: Speaking of identity — Tycoon2FA. This phishing kit has been evolving fast, and the latest addition is device-code phishing against Microsoft 365. The attack abuses the OAuth device code flow, which is designed for input-constrained devices, to generate a code that the victim enters into a legitimate Microsoft page. The attacker captures the resulting token. Standard MFA doesn't stop it because the victim is genuinely authenticating — the token just ends up in the wrong hands. And the kit is now wrapping phishing URLs inside Trustifi click-tracking links to evade email security.

Jordan: The conditional access policy angle is the actionable lever here. Microsoft allows you to restrict or block device code flow for user accounts that don't have a legitimate business need for it. Most enterprise users don't. If you haven't evaluated that restriction, this is your prompt. It won't cover every scenario, but it closes this specific abuse path. Also worth reviewing: are your Conditional Access policies actually enforcing compliant device requirements? Because token theft is much less useful if the downstream access requires a managed, compliant device.

Alex: Let's spend a couple of minutes on AI governance because there were two significant signals out of the UK today and they're worth reading together. The NCSC published new guidance specifically on agentic AI — autonomous AI systems that take actions, call APIs, make decisions. The guidance is aimed at helping organizations structure risk assessments and security policies around these systems. Separately, the Bank of England, the FCA, and HM Treasury issued a joint statement raising concerns about frontier AI risks in financial services and setting expectations around cybersecurity and operational resilience.

Jordan: The regulators are moving faster than most enterprise AI governance programs. When three major UK financial regulators issue a joint statement, that becomes a reference document for every other financial regulator watching. CISOs in financial services globally should treat this as a preview of what's coming their way. And the NCSC guidance is genuinely useful as a starting framework for agentic AI risk — not a compliance checkbox, but a structured way to think through what your AI agents can access, what they can do, and how you monitor and constrain them.

Alex: The underlying issue is that agentic AI systems don't fit neatly into existing access control models. They're not users and they're not services. They need their own identity, their own least-privilege posture, their own audit trail. If you don't have a policy framework for that yet, the NCSC guidance is a reasonable place to start.

Jordan: Quick note on the SecurityScorecard and Driftnet acquisition. SecurityScorecard brought in an internet reconnaissance capability that adds real-time visibility into exposed assets and hidden infrastructure. For CISOs running third-party risk programs, this matters because vendor risk scoring that incorporates live attack surface data is meaningfully more accurate than snapshot-based approaches. Worth watching if you're evaluating or already using SecurityScorecard in your supplier risk workflow.

Alex: And Interpol's Operation Ramz — 201 arrests across 13 MENA countries, nearly 4,000 victims identified, 53 servers seized. The headline is law enforcement coordination improving, which is genuinely good news. The operational implication is that some of the phishing and fraud infrastructure your SOC has been tracking in that region is going to go quiet and then reappear elsewhere. Don't read the arrests as the threat disappearing. Read it as the threat moving.

Jordan: Alright, the week's theme is pretty clear: the seams. Token-based auth, device code flows, WAN peering authentication, simulation output integrity — attackers are finding the seams in how modern infrastructure is stitched together. The gaps between systems, between teams, between the way something was designed to work and the way it's actually deployed. That's not new, but the Fast16 story is a useful reminder that this has been the game for a long time. The sophistication just keeps climbing.

Alex: What we're watching this week: any Grafana source code publication and what falls out of it, patch uptake velocity on the Cisco and NGINX vulnerabilities, and whether other financial regulators start echoing the UK's joint statement on frontier AI. Those are the signals that will tell us whether this week is a contained burn or something bigger.

Jordan: If you're walking into a board meeting or a budget conversation this week, the Cisco SD-WAN zero-day and NGINX Rift are your concrete examples of why patching velocity and network segmentation aren't theoretical investments. They're what stands between your WAN infrastructure and an unauthenticated admin.

Alex: That's Cleartext for Monday, May 18th. Show notes and links to every story we covered today are at cleartext.fm. If this was useful, share it with a peer. We'll be back tomorrow.

Jordan: Stay sharp.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-05-18.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.