Recent DPRK cyber operations: spying and theft. Twitter’s data incident. 3Commas breached. Poland warns of increased Russian offensive cyber activity. Port of Lisbon hit by ransomware. DHS announces SBIR topics. New additions to the Known Exploited Vulnerabilities Catalog. Ben Yelin on the legal conundrum of AI generated code. Our guest is Tanya Janca from She Hacks Purple with insights on API security. And, news flash! LockBit says they have a conscience. (Yeah, right.)

For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/1

Selected reading.
Recent DPRK cyber operations: spying and theft. (CyberWire)
Twitter targeted in extortion hack. (CyberWire)
3Commas' API compromised. (CyberWire)
Russian cyberattacks (Special Services) 
LockBit activity over the holidays. (CyberWire)
CISA Adds Two Known Exploited Vulnerabilities to Catalog (CISA) 
DHS Small Business Innovation Research (SBIR) Program FY23 Solicitation (SAM.gov)
The SBIR and STTR Programs. (SBIR/STTR)