The DOGE team faces growing backlash. The Five Eyes release guidance on protecting edge devices. A critical macOS kernel vulnerability allows privilege escalation, memory corruption, and kernel code execution. Google and Mozilla release security updates for Chrome and Firefox. Multiple Veeam backup products are vulnerable to man-in-the-middle attacks. Zyxel suggests you replace those outdated routers. A former Google engineer faces multiple charges for alleged corporate espionage. CISA issues nine new advisories for ICS vulnerabilities. A house Republican introduces a cybersecurity workforce scholarship bill. On our CertByte segment, a look at ISC2’s CISSP exam. Google updates its stance on AI weapons. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CertByte Segment

Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare.

This week, Chris is joined by Steven Burnley to break down a question targeting ISC2®'s CISSP - Certified Information Systems Security Professional) exam. Today’s question comes from N2K’s ISC2® CISSP - Certified Information Systems Security Professional Practice Test.

Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.

Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.

Selected Reading

Federal Workers Sue to Disconnect DOGE Server (WIRED)

Treasury says DOGE review has ‘read-only’ access to federal payments system (The Record)

‘Things Are Going to Get Intense:’ How a Musk Ally Plans to Push AI on the Government (404 Media)

Cybersecurity, government experts are aghast at security failures in DOGE takeover (CyberScoop)

Five Eyes Launch Guidance to Improve Edge Device Security (Infosecurity Magazine)

Apple's MacOS Kernel Vulnerability Let Attackers Escalate Privileges - PoC Released (Cyber Security News) 

Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities (SecurityWeek)

Critical Veeam Vulnerability (CVE-2025-23114) Exposes Backup Servers to Remote Code Execution (SOCRadar)

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers (TechCrunch)

US cranks up espionage charges against ex-Googler accused of trade secrets heist (The Register)

CISA Releases Nine Advisories Detailing vulnerabilities and Exploits Surrounding ICS (Cyber Security News)

CISA hires former DHS CIO into top cyber position (Federal News Network)

Proposal for federal cyber scholarship, with service requirement, returns in House (The Record)

Google drops pledge not to use AI for weapons or surveillance (Washington Post)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices