Open source, open target.

A sweeping malware campaign by North Korea’s Lazarus Group targets open source ecosystems. President Trump announces a new electronic health records system. A new report reveals deep ties between Chinese state-sponsored hackers and Chinese tech companies. Researchers describe a new prompt injection threat targeting LLMs via browser extensions. Palo Alto Networks’ Unit 42 proposes a new Attribution Framework. Honeywell patches six vulnerabilities in its Experion Process Knowledge System. Researchers track the rapid evolution of a sophisticated Android banking trojan. Scattered Spider goes quiet following recent arrests. Our guests are Jermaine Roebuck and Ann Galchutt from CISA, discussing "Open-Source Eviction Strategies Tool for Cyber Incident Response." A Polish trainmaker sues hackers for fixing trains. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Jermaine Roebuck, Associate Director for Threat Hunting at CISA and Ann Galchutt, Technical Lead at CISA, who will be discussing "Open-Source Eviction Strategies Tool for Cyber Incident Response." Selected Reading Sonatype uncovers global espionage campaign in open source ecosystems (Sonatype) Trump administration is launching a new private health tracking system with Big Tech's help (AP News) Report Links Chinese Companies to Tools Used by State-Sponsored Hackers (SecurityWeek) Top 5 GenAI Tools Vulnerable to Man-in-the-Prompt Attack, Billions Could Be Affected (LayerX) Introducing Unit 42’s Attribution Framework (Unit42) Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes (SecurityWeek) Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed Cybercriminals ‘Spooked’ After Scattered Spider Arrests (Infosecurity Magazine) Polish Train Maker Is Suing the Hackers Who Exposed Its Anti-Repair Tricks (iFixit) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices