Major federal cybersecurity programs expire amidst the government shutdown. Global leaders and experts convene in Riyadh for the Global Cybersecurity Forum. NIST tackles removable media. ICE buys vast troves of smartphone location data. Researchers claim a newly patched VMware vulnerability has been a zero-day for nearly a year. ClickFix-style attacks surge and spread across platforms. Battering RAM defeats memory encryption and boot-time defenses. A new phishing toolkit converts ordinary PDFs into interactive lures. A trio of breaches exposes data of 3.7 million across North America. Tim Starks from CyberScoop unpacks a report from Senate Democrats on DOGE. The Lone Star State proves even the internet isn’t bulletproof. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Tim Starks, Senior Reporter from CyberScoop, is back and joins Dave to discuss a report from Senate Democrats on the Department of Government Efficiency (DOGE). You can read Tim’s article on the subject here.

Selected Reading

Cyber information-sharing law and state grants set to go dark as Congress stalls over funding (The Record)

Live - Global Cybersecurity Forum in Riyadh tackles how technology can shape future of cyberspace (Euronews)

NIST Publishes Guide for Protecting ICS Against USB-Borne Threats (SecurityWeek)

ICE to Buy Tool that Tracks Locations of Hundreds of Millions of Phones Every Day (404 Media)

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability (SecurityWeek)

Don’t Sweat the ClickFix Techniques: Variants & Detection Evolution (Huntress)

Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device (SecurityWeek)

New MatrixPDF toolkit turns PDFs into phishing and malware lures (Bleeping Computer)

3.7M breach notification letters set to flood North America's mailboxes (The Register)

A Bullet Crashed the Internet in Texas (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices