The WhatsApp impostor.

The CyberWire Daily episode dated April 2, 2026, opens with a sponsor segment for Vanta, emphasizing the growing importance of automated compliance in cybersecurity. The main news segment covers a significant cyber incident involving a fake WhatsApp app used to deploy spyware on approximately 200 users in Italy, linked to Italian spyware firm SIO. WhatsApp responded by logging affected users out and planning legal action. The episode also reports on U.S. State Department efforts to counter foreign influence campaigns, Cisco’s release of critical patches for networking vulnerabilities, and the emergence of a new malware-as-a-service platform called CrystalRat. A ransomware attack on a North Dakota water treatment plant disrupted operations temporarily but did not compromise safety. Meanwhile, the Department of Health and Human Services is re-centralizing cybersecurity oversight under its CIO office. The episode features a deep-dive interview with Sumed Thakkar, CEO of Qualys, who discusses the evolution of cybersecurity from technology-focused alerts to proactive business risk management. Thakkar emphasizes the need for a 'Risk Operation Center' (ROC) to prioritize remediation based on potential financial loss, arguing that fixing high-risk vulnerabilities is more valuable than dashboard metrics. He highlights how agentic AI can reduce detection fatigue and empower security teams, while also acknowledging concerns about AI governance and the need for vendor-provided guardrails. The episode closes with a humorous note about a false report of the death of Jonathan the giant tortoise, a 194-year-old resident of St. Helena, which was revealed to be a cryptocurrency scam.