No panic—just patch.

A patient's death has been linked to a 2023 ransomware attack on an NHS IT provider. US authorities have indicted a man known online as "IntelBroker" in connection with company data hacks. A suspected cyberattack has disrupted Columbia University's computer systems. A major license plate reader company has restricted cross-state data access after reports revealed misuse of its network by police agencies. Andy Boyd, former Director of CIA's Center for Cyber Intelligence, joined the Caveat podcast to discuss offensive cyber and the US government. Cisco has reported 10 critical remote code execution flaws in Identity Services Engine, and Citrix has released emergency patches for an actively exploited vulnerability in NetScaler Products. CISA has warned of a FortiOS hard-coded credentials vulnerability and an AMI MegaRAC bug that have been exploited in attacks. A British man has been charged in connection with "IntelBroker" company data hacks, and French police have arrested suspected BreachForums administrators. A student allegedly hacked Western Sydney University to get discounted parking and alter academic results. The CyberWire is a production of N2K Networks, and listeners are encouraged to complete an annual audience survey and sign up for the Daily Briefing.