Anthropic’s Mythos proves irresistible despite claimed supply chain risks.Iran claims U.S. backdoors hit its networks. New Coast Guard rules target maritime OT security. A fresh NGate Android malware variant emerges. Thousands of ActiveMQ servers face active exploitation risk. CISA adds eight flaws to its KEV list. Progress patches MOVEit and LoadMaster bugs. Attackers impersonate IT staff over Microsoft Teams. A ransomware negotiator admits working with BlackCat. Google Gemini asks, “May we see your photos please?”

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices Elad Koren, Vice President, Product Management, Cortex Cloud at Palo Alto Networks, discusses building AI natively into platforms, managing complexity and trust, and taking a measured, experimental approach during the industry’s “messy middle” phase. If you enjoyed this conversation, tune into the full interview here.

Selected Reading

The US NSA is using Anthropic's Claude Mythos despite supply chain risk (Security Affairs)

Anthropic secretly installs spyware when you install Claude Desktop (That Privacy Guy)

Iran claims US used backdoors in networking equipment (The Register)

Maritime Cybersecurity Rules Make Waves (GovInfoSecurity)

New NGate variant hides in a trojanized NFC payment app (We Live Security)

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers (Bleeping Computer)

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) (Help Net Security)

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster (SecurityWeek)

Microsoft: Teams increasingly abused in helpdesk impersonation attacks (Bleeping Computer)

Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims (United States Department of Justice)

Google Starts Scanning All Your Photos As New Update Goes Live (Forbes)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices