Temporary fix for Section 702.

This episode of CyberWire Daily covers a range of pressing cybersecurity developments, beginning with the U.S. House's unanimous extension of Section 702 of the Foreign Intelligence Surveillance Act until April 30, 2026—avoiding a potential lapse that could disrupt intelligence operations and trigger legal challenges. The episode highlights growing concerns over Anthropic's advanced AI model Mythos, which researchers have found capable of autonomously identifying and exploiting critical software vulnerabilities, prompting the White House to consider restricted government access amid fears it could shift the balance of power toward attackers. CISA’s acting director warns of a 60% reduction in agency capacity due to staffing shortages, undermining national resilience. Meanwhile, new threats emerge: Zion Siphon malware targets Israeli water systems, a global DDoS-for-Hire takedown disrupts over 3 million criminal accounts, and a critical Apache ActiveMQ flaw remains actively exploited. The episode also explores AI's dual role as both a transformative tool and existential risk, with Rubrik’s CTO Arvind Nithra Kashayap discussing the dangers of AI sprawl and advocating for automated governance to manage agent-driven workflows. The FBI’s Operation Masquerade, which remotely evicted Russian GRU hackers from 18,000 infected TP-Link routers, is celebrated as a significant disruption, though not a permanent fix. Finally, a DraftKings data dealer is sentenced to 30 months in prison for reselling stolen accounts, underscoring the ongoing threat of credential stuffing and insider abuse. Key takeaways include: 1) Section 702’s temporary extension is a stopgap, not a long-term solution—reform is urgently needed; 2) AI models like Mythos pose unprecedented risks and demand strict access controls and defensive safeguards; 3) AI agent sprawl requires automated governance, not manual oversight, to prevent catastrophic breaches; 4) CISA’s weakened capacity threatens national infrastructure resilience; 5) Supply chain attacks on WordPress plugins reveal systemic vulnerabilities in open-source ecosystems; 6) International cooperation, like Operation PowerOff, is essential to dismantle cybercrime infrastructure; 7) The FBI’s router takedown marks a strategic shift toward proactive disruption; 8) Cybercriminals continue to monetize breaches through resale, highlighting the need for stronger account protection and user education.