UK police make multiple arrests in the retail cyberattack case.  French authorities arrest a Russian basketball player at the request of the U.S. A German court declares open season on Meta’s tracking pixels. The European Union unveils new rules to regulate artificial intelligence. London’s Iran International news confirms cyberattacks from Banished Kitten. Treasury sanctions a North Korean hacker over fake IT worker schemes. Microsoft confirms a widespread issue preventing organizations from deploying the latest Windows updates. Agreements over AI help end a year-long Hollywood strike. Researchers take an  in-depth look at ClickFix. I’m joined by Ben Yelin and Ethan Cook for a look at Congress’ recent attempt to limit AI regulation through preemption. Password insecurity with a side of fries.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we’re sharing our latest Caveat Policy Deep Dive—a special segment where we explore the legal and policy forces shaping our digital lives. In this episode, Ethan Cook joins hosts Dave Bittner and Ben Yelin to break down a recent attempt by Congress to use preemption as a way to block state-level AI laws, and what this means for the ongoing tug-of-war over who should regulate AI in America.

For the full conversation and a deeper dive into the implications of this federal vs. state showdown, check out the Caveat podcast

Selected Reading

UK police arrest four in connection with M&S and Co-op cyberattacks (Reuters)

Russian Basketball Player Arrested in France at Request of United States (The Moscow Times)

German court rules Meta tracking technology violates European privacy laws (The Record)

European Union Unveils Rules for Powerful A.I. Systems (The New York Times)

Leaked materials came from previously reported cyberattacks, Iran International confirms (Iran Insight)

Treasury sanctions North Korean over IT worker malware scheme (Bleeping Computer)

Microsoft confirms Windows Server Update Services (WSUS) sync is broken (Bleeping Computer)

Industry video game actors pass agreement with studios for AI security (Reuters)

Fix the Click: Preventing the ClickFix Attack Vector (Palo Alto Networks)

McDonald’s AI Hiring Bot Exposed Millions of Applicants' Data to Hackers Using the Password ‘123456’ (WIRED)

Audience Survey

Complete our annual audience survey before August 31.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices