Governance/Regulation/Legislation

China science groups release global AI governance initiative

(DigWatch) A global AI governance initiative jointly drafted by 16 organisations, including the Chinese Association for AI, has been released under the organisation of the China Science and Technology Policy Research Association. According to the text, the initiative calls for an open, fair, inclusive, and effective global AI governance system. Its main elements include ensuring benefits and improving livelihoods, maintaining security and preventing risks, upholding fairness, promoting balanced development, encouraging exchange and mutual learning, and building consensus. – https://dig.watch/updates/china-global-ai-governance-initiative

US expands AI focus in schools

(DigWatch) The US Department of Education has introduced a new supplemental priority focused on advancing AI in education, published in the Federal Register. The measure is intended for use in discretionary grant programmes. – https://dig.watch/updates/us-expands-ai-focus-in-schools

Belgian DPA releases new AI harms information brochure

(DigWatch) The Belgian Data Protection Authority has outlined the impact of AI on privacy in a new publication, highlighting growing concerns around data use and protection. The analysis forms part of its ongoing work on emerging technologies. – https://dig.watch/updates/belgian-dpa-releases-new-ai-harms-information-brochure

UNESCO to unveil AI in education observatory for Latin America and the Caribbean

(DigWatch) UNESCO will launch the Observatory on AI in Education for Latin America and the Caribbean at a high-level event during the 2026 Forum of the Countries of Latin America and the Caribbean on Sustainable Development, organised by the Economic Commission for Latin America and the Caribbean. – https://dig.watch/updates/unesco-ai-education-observatory-latam-caribbean

South Korea warns on AI fake news risks

(DigWatch) Reporting by The Korea Herald states that South Korean Prime Minister Kim Min-seok has warned of the risks of AI-generated fake news ahead of an upcoming election. Authorities are urging greater vigilance as digital content becomes harder to verify. – https://dig.watch/updates/south-korea-warns-on-ai-fake-news-risks

Australian authorities warn of data exploitation through social media platforms

(DigWatch) Social media and messaging services pose growing security and privacy risks, with personal data used to build profiles for fraud, espionage, or social engineering. Even routine posts may contribute to broader data collection and unintended exposure. Platforms typically collect extensive user and device data under evolving privacy policies, sometimes storing it across jurisdictions with varying legal protections. Such conditions increase the risks to identity theft, reputational harm, and the misuse of aggregated personal information. The Australian Government advises organisations to restrict access to official accounts, train staff, and enforce clear policies on what can be shared. – https://dig.watch/updates/australian-authorities-warn-of-data-exploitation

UK tests AI transcripts to improve access to justice and reduce court costs

(DigWatch) The UK Ministry of Justice, alongside HM Courts & Tribunals Service, has launched a study examining how AI can be used to generate court transcripts more efficiently. The initiative aims to reduce the cost and time required for accessing official court records. – https://dig.watch/updates/uk-tests-ai-transcripts-to-improve-access-to-justice-and-reduce-court-costs

Geostrategies

Canada and Finland set out sovereign technology and AI cooperation agenda

(DigWatch) Canada and Finland have issued a joint statement setting out a new phase of bilateral cooperation focused on Arctic and maritime issues, defence and resilience, and advanced technologies, including sovereign technology, AI, quantum computing, and high-performance computing. The statement says the two countries met in Ottawa to advance bilateral cooperation amid strategic competition and an emerging international order. On technology, the statement welcomes a Canada–Finland joint statement on sovereign technology and AI cooperation, aimed at expanding collaboration on advanced technologies that deliver shared economic benefits. – https://dig.watch/updates/canada-finland-sovereign-technology-ai-agenda

Azerbaijan advances digital diplomacy agenda

(DigWatch) The Ministry of Foreign Affairs of the Republic of Azerbaijan has highlighted the growing role of AI and digital technologies in diplomacy, according to an official publication. The discussion reflects wider efforts to modernise diplomatic practices. – https://dig.watch/updates/azerbaijan-advances-digital-diplomacy-agenda

Hong Kong and China cyberspace authority sign AI and blockchain cooperation deal

(DigWatch) The Chief Executive of Hong Kong, John Lee, met the Director of the Cyberspace Administration of China (CAC), Zhuang Rongwen, in Hong Kong to discuss cooperation in innovation and technology. During the meeting, officials from the Innovation, Technology and Industry Bureau and the CAC signed a Memorandum of Understanding (MOU) on innovation and technology development. The agreement covers areas including AI, cross-border data flow and blockchain. – https://dig.watch/updates/hong-kong-and-china-cyberspace-authority-sign-ai-and-blockchain-cooperation-deal

Security and Surveillance

AI Companies to Play Bigger Role in CVE Program, Says CISA

(Kevin Poireault – Infosecurity Magazine) AI companies like OpenAI and Anthropic should play a bigger role in software vulnerability disclosures in the future, according to a leader of the world’s largest vulnerability disclosure scheme. Speaking at the opening of VulnCon26 in Scottsdale, Arizona, on April 14, Lindsey Cerkovnik said AI companies “should be better represented” in the Common Vulnerabilities and Exposures (CVE) program. As chief of the Vulnerability Response & Coordination (VRC) Branch at the US Cybersecurity and Infrastructure Security Agency (CISA), sole sponsor of the MITRE-run CVE program, Cerkovnik and her team manage coordinated vulnerabilities disclosures for the CVE program. She acknowledged that the program has faced a rapid growth of reported vulnerabilities over the past year and that the evolution of AI platforms will likely accelerate that growth. “With the arrival of new AI tools, some helping discover valid vulnerabilities, others perhaps finding things with less value, we’re at a turning point,” Cerkovnik said. – https://www.infosecurity-magazine.com/news/ai-companies-to-play-bigger-role/

Researchers Spot Surge in Brute-Force Attacks from Middle East

(Phil Muncaster – Infosecurity Magazine) Security researchers have detected a “sharp rise” in brute-force attempts to hijack SonicWall and Fortinet devices, with the vast majority (88%) appearing to come from the Middle East. Barracuda said most of these attempts were unsuccessful as they were either blocked outright by security tools or directed at invalid usernames. Although these attacks may simply have been routed through servers and networks in the region, the timing would seem to coincide with US and Israeli hostilities against Iran. – https://www.infosecurity-magazine.com/news/researchers-surge-bruteforce/

Mirax malware campaign hits 220K accounts, enables full remote control

(Pierluigi Paganini – Security Affairs) Mirax is a new Android remote access trojan spreading through ads on Meta platforms, targeting mainly Spanish-speaking users and reaching over 220,000 accounts. The malicious code lets attackers fully control infected devices in real time and goes further by turning them into SOCKS5 proxy nodes, routing malicious traffic through victims’ IPs. The Android RAT is sold as malware-as-a-service, and shows how mobile threats are evolving in scale and sophistication. “Mirax is a newly identified Android Remote Access Trojan (RAT) and banking malware that has rapidly gained traction within the cybercriminal ecosystem. Publicly promoted on underground forums since December 19, 2025, it has been actively monitored by the Cleafy Threat Intelligence team since March 2026, when multiple campaigns targeting primarily Spanish-speaking regions were observed.” reads the report published by Cleafy. “Unlike typical MaaS offerings, Mirax is distributed through a highly controlled and exclusive model, limited to a small number of affiliates.“ – https://securityaffairs.com/190842/uncategorized/mirax-malware-campaign-hits-220k-accounts-enables-full-remote-control.html

PHP Composer flaws enable remote command execution via Perforce VCS

(Pierluigi Paganini – Security Affairs) Two high-severity vulnerabilities in PHP Composer could allow attackers to execute arbitrary commands. PHP Composer is a dependency manager for PHP that helps developers install and manage libraries their projects need. By defining packages in a composer.json file, it automatically downloads and updates them, resolving dependencies. It simplifies development and is widely used with frameworks like Laravel and Symfony. The flaws impact the Perforce VCS driver and stem from improper input validation and insufficient escaping. By crafting a malicious composer.json or source reference with shell metacharacters, an attacker controlling a repository configuration could run commands on the user’s system. – https://securityaffairs.com/190824/security/php-composer-flaws-enable-remote-command-execution-via-perforce-vcs.html

Personal data of 1 million gym members compromised in Basic-Fit security incident

(Pierluigi Paganini – Security Affairs) Basic-Fit, Europe’s largest gym chain, has disclosed a data breach affecting around 1 million members. Hackers gained unauthorized access to the company systems and stole personal. The gym chain said it recently detected the intrusion and is investigating the incident while notifying affected users and working to contain the impact. “Today, Basic-Fit has notified the relevant data protection authority concerning unauthorized access to the system that records members’ visits to Basic-Fit clubs.” reads the press release published by the company. “The unauthorised access was detected by our system monitoring processes and was stopped within minutes of discovery. The members whose data is involved have been informed.” – https://securityaffairs.com/190815/data-breach/personal-data-of-1-million-gym-members-compromised-in-basic-fit-security-incident.html

Defense/Intelligence/Warfare

Canada launches cyber security certification to protect defence supply chains

(DigWatch) The Government of Canada has introduced Level 1 of the Canadian Program for Cyber Security Certification, establishing a baseline set of cyber security requirements for suppliers involved in defence contracts. The measure will begin phased implementation from summer 2026, with certification required at the contract award stage. A programme that forms part of Canada’s broader effort to strengthen resilience across defence supply chains, responding to increasing cyber threats targeting contractors and sensitive information. – https://dig.watch/updates/canada-launches-cyber-security-certification-to-protect-defence-supply-chains

Frontiers

South Korea deploys AI smart city pilots across Southeast Asia

(DigWatch) The Ministry of Land, Infrastructure and Transport in South Korea has selected six pilot projects under the K-City Network Global Cooperation Program to deploy AI-based smart city models across Southeast Asia. The initiative reflects efforts to extend tested domestic systems into international urban contexts. – https://dig.watch/updates/south-korea-deploys-ai-smart-city-pilots-across-southeast-asia

EU approves Italian State aid to support graphene-based photonic chip development

(DigWatch) The European Commission has approved a €211 million Italian State aid measure to support the development of photonic chips based on graphene technology. A funding will be provided to the Italian SME CamGraPhIC, with project activities taking place in Pisa and Bergamo. –  https://dig.watch/updates/eu-approves-italian-state-aid-to-support-graphene-based-photonic-chip-development

EU-backed financing boosts Bulgaria’s high-tech sector and innovation growth

(DigWatch) The European Investment Fund (EIF) will manage a €210 million financing initiative to support high-tech businesses in Bulgaria, focusing on sectors such as AI, microelectronics and advanced technologies. The programme operates within the JEREMIE Bulgaria framework, which aims to improve access to capital for small and medium-sized enterprises. – https://dig.watch/updates/eu-backed-financing-boosts-bulgarias-high-tech-sector-and-innovation-growth

Canada launches hybrid AI weather model

(DigWatch) Environment and Climate Change Canada has announced the launch of a hybrid AI weather forecasting model aimed at improving predictions of severe weather. The system combines AI with traditional physics-based forecasting methods. According to Environment and Climate Change Canada, the model uses AI to analyse large datasets while relying on established models to account for local weather factors such as temperature, wind and precipitation. This combination is expected to improve forecast accuracy. – https://dig.watch/updates/canada-launches-hybrid-ai-weather-model