BROADCASTS.com

A Wordpress plugin vulnerability puts 5 million sites at risk. Google releases an emergency Chrome update addressing an actively exploited vulnerability. Cisco patches multiple vulnerabilities. Researchers say Slack AI is vulnerable to prompt injection. Widely used RFID smart cards could be easily backdoored. The FAA proposes new cybersecurity rules for airplanes, engines, and propellers. A member of the Russian Karakurt ransomware group faces charges in the U.S. The Five Eyes release a guide on Best Practices for Event Logging and Threat Detection. The Kremlin claims widespread online outages are due to DDoS, but experts think otherwise. In our Threat Vector segment, guest host Michael Sikorski speaks with Jason Healey, Senior Research Scholar at Columbia University's School of International and Public Affairs. A deadbeat dad dodges debt through death.\xa0\nMiss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you\u2019ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.\n\nThreat Vector Segment\nIn this Threat Vector segment, guest host Michael Sikorski, CTO of Unit 42, engages in a thought-provoking conversation about the historical challenges and advances in cyber conflict with Jason Healey, Senior Research Scholar at Columbia University's School of International and Public Affairs. To listen to their full conversation, check out the episode here. You can catch new episodes of Threat Vector every Thursday on the N2K CyberWire network.\xa0\n\nSelected Reading\nCritical Privilege Escalation in LiteSpeed Cache Plugin (Patchstack)\nGoogle fixes ninth Chrome zero-day exploited in attacks this year (The Register)\nCisco Patches High-Severity Vulnerability Reported by NSA (SecurityWeek)\nSlack AI can leak private data via prompt injection (The Register)\nMajor Backdoor in Millions of RFID Cards Allows Instant Cloning (SecurityWeek)\nFAA proposes new cybersecurity rules for airplanes (The Record)\nU.S. charges Karakurt extortion gang\u2019s \u201ccold case\u201d negotiator (Bleeping Computer)\nASD\u2019s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection (CISA)\nKremlin blames widespread website disruptions on DDoS attack; digital experts disagree (The Record)\nDeadbeat dad faked his own death by hacking government sites (The Register)\n\nShare your feedback.\nWe want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.\xa0\n\nWant to hear your company in the show?\nYou too can reach the most influential leaders and operators in the industry. Here\u2019s our media kit. Contact us at cyberwire@n2k.com to request more info.\nThe CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. \xa9 N2K Networks, Inc.\nLearn more about your ad choices. Visit megaphone.fm/adchoices