Hackers ignore the ceasefire.

The CyberWire Daily episode on April 9, 2026, delivers a comprehensive briefing on escalating cyber threats amid geopolitical tensions, particularly focusing on Iran-linked hackers who continue cyber operations despite a fragile ceasefire. Pro-Iranian groups like Handala have paused attacks on U.S. targets but remain active against Israel, while U.S. authorities warn of ongoing infiltration into critical infrastructure via programmable logic controllers. Microsoft’s sudden suspension of open-source developer accounts sparked concern over delayed security updates, later attributed to missed verification deadlines. Meanwhile, John Deere reached a landmark $99 million settlement in a right-to-repair dispute, mandating digital repair tools for 10 years. High-severity vulnerabilities were patched by Palo Alto Networks and SonicWall, while new macOS malware targets crypto wallets, and a stealthy DDoS-for-hire botnet, Majesu, continues evolving. CISA issued an urgent patch for a critical Avanti flaw with active exploitation. In a sponsored interview, Nozomi Networks CEO Edgar Capdevielli discusses the growing convergence of nation-state threats and AI in OT security, emphasizing that while industrial systems remain legacy-bound, defensive strategies are maturing through better collaboration between IT and OT teams and proactive patching. He warns that AI is leveling the playing field, enabling less-skilled hackers to become sophisticated threats. A final segment reveals a hidden 49-day system freeze in macOS due to a 32-bit counter overflow, a silent but critical flaw affecting long-running systems.