Governance, Regulation, Legislation, Geostrategies

White House unveils pared-back AI executive order

(Suzanne Smalley – The Record) The White House on Tuesday released its long awaited artificial intelligence executive order, putting forth a plan that downsizes an initial version that was scrapped last month amid internal dissent. The biggest change between the two iterations is that the latest plan changes the voluntary review period for government testing of AI models to within 30 days of release to the public and not the previously mandated 90 days. AI industry leaders had reportedly been pressuring the White House to establish a 14-day review period. The order notes that federal access to the models should be subject to “appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements.” – https://therecord.media/white-house-unveils-ai-executive-order

New bill aims to regulate military uses of AI

(Thomas Novelly – Defense One) A new bill would restrict the Pentagon’s use of AI in operations and heavily regulate its use on fully-autonomous weapons, for domestic surveillance, and with nuclear weapons. Sen. Kirsten Gillibrand, D-N.Y., announced “The Secure and Accountable Military AI Act” on Tuesday. Other lawmakers have not joined the legislation, and her office confirmed she plans to offer elements of the bill as amendments to the Senate’s version of the National Defense Authorization Act. “Right now, the Pentagon is moving toward deploying incredibly powerful AI technology without commonsense guardrails in place, which could have catastrophic consequences that make all of us less safe,” Gillibrand said in an emailed statement. “We must act now – not to stifle technological progress, but to establish clear rules of the road that keep humans in charge and keep AI’s use in warfare smart and safe.” – https://www.defenseone.com/policy/2026/06/bill-regulate-military-ai/413917/?oref=d1-featured-river-top

Greece approves major digital governance and interoperability reforms

(DigWatch) The Greek Parliament has approved a bill from the Ministry of Digital Governance and Artificial Intelligence to expand digital public services, reduce bureaucracy, and strengthen cybersecurity. The legislation implements the EU rules on the cross-border automated exchange of supporting documents through the once-only principle, allowing citizens and businesses to avoid repeatedly submitting the same documents to public authorities across the EU. Greece’s new framework establishes technical and operational measures enabling public authorities to retrieve official documents securely and automatically, with the user’s consent. The system will operate through the European interoperability infrastructure and in line with the EU data protection requirements. – https://dig.watch/updates/greece-major-digital-governance-reforms

China tightens controls on technology leaks with updated secrecy laws

(DigWatch) China has updated its trade secret protection rules to formally include data, algorithms, computer programs, code, and other technical information, reflecting the growing importance of digital assets in commercial competition. The Provisions on the Protection of Trade Secrets, issued by the State Administration for Market Regulation, took effect on 1 June 2026 and replaced rules dating back to 1995. The framework defines trade secrets as technical, business, and other commercial information that is not publicly known, has commercial value, and is protected through corresponding confidentiality measures. The new rules encourage companies to strengthen internal compliance and trade secret management systems. They identify reasonable confidentiality measures, including confidentiality agreements, employee training, access restrictions, data classification, encryption, isolation, and limits on copying, storing, or accessing sensitive information. – https://dig.watch/updates/china-updated-secrecy-laws

France secures a €75 billion SoftBank investment for AI data centres

(DigWatch) SoftBank Group has announced plans to develop and operate 5 GW of AI data centre capacity in France, representing an investment of up to €75 billion. The commitment was announced at the 2026 Choose France summit and marks SoftBank Group’s largest AI infrastructure investment in Europe. The company said the project is designed to expand access to high-performance computing capacity and strengthen France’s role as a European hub for AI infrastructure. The first phase includes an initial €45 billion investment to deliver 3.1 GW of AI data centre capacity in the Hauts-de-France region by 2031. Planned sites include Dunkirk, Bosquel, and Bouchain, with additional projects expected elsewhere in France. – https://group.softbank/en/news/press/20260531_0

UK proposes hash-matching rules to combat intimate image abuse in search results

(DigWatch) The UK government has published draft amendments to the Illegal Content Codes of Practice for search services under the Online Safety Act, proposing new measures to help detect intimate image abuse content. The amendments, published on 1 June, would add a recommended measure for large general search services to use hash-matching technology to detect intimate-image abuse content. According to the draft, Ofcom prepared the amendments under section 41 of the Online Safety Act and submitted them to the Secretary of State on 15 May. The document was presented to Parliament under section 43 of the Act and is due to lie before both Houses for 40 days. – https://www.gov.uk/government/publications/online-safety-act-draft-amendments-to-the-illegal-content-codes-of-practice/draft-amendments-to-illegal-content-codes-of-practice-for-search-services

European Investment Bank backs Allegro for AI expansion

(DigWatch) The European Investment Bank has agreed to provide Polish e-commerce platform Allegro with a PLN 1 billion loan to support research, development, and AI initiatives. The financing marks the largest private-sector research and development programme backed by the EIB in Poland and is intended to support Europe’s digital competitiveness and digital sovereignty. The funding will cover nearly 40% of Allegro’s planned expenditure on research, development, and innovation in the coming years. The company plans to expand its use of AI, improve customer services, develop next-generation delivery systems, and strengthen its digital marketplace. – https://www.eib.org/en/press/all/2026-185-eib-backs-poland-s-allegro-with-pln-1-billion-to-supercharge-ai-and-e-commerce-innovation

EU welcomes G7 adoption of online child protection principles

(DigWatch) The European Commission has welcomed a new agreement by G7 digital and technology ministers on a shared set of principles aimed at improving online safety for children and teenagers. The principles reflect approaches already present in several EU initiatives, including measures focused on online safety, digital literacy and the protection of minors. – https://digital-strategy.ec.europa.eu/en/news/commission-welcomes-g7-agreement-common-principles-protecting-minors-online

How Nigeria’s Fake News Industry Has Evolved to Embrace AI

(Idayat Hassan – CIGI) Fake news in Nigeria predates the internet era. The Nigerian rumour mill, as characterized by Sola Odunfa in a 2009 article for BBC Africa, gained ascendancy during the country’s long periods of post-independence military rule when the formal news media was constrained in what it could say. In this information vacuum, Nigeria’s offline rumour mill became a “wild industry which respects no conventions or authority or checks.” Fast forward to 2026 and the same characterization of Nigeria’s digital information ecosystem applies, with fake news not only rampant but also offering significant economic opportunity for those seeking to create or shape the narrative. – https://www.cigionline.org/articles/how-nigerias-fake-news-industry-has-evolved-to-embrace-ai/

Security and Surveillance

Threat Actor Uses AI to Build EDR Evasion Tools

(Alessandro Mascellino – Infosecurity Magazine) A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection and response (EDR) software, in what was presented as a red team project. The activity was uncovered by Sophos X-Ops. According to new analysis from its Counter Threat Unit, the activity was discovered after an unusual endpoint in a customer environment raised alerts for malicious files in a local test folder. Those files, alongside a linked Git repository, revealed a lab built to develop evasion tooling and test it against EDR agents from Sophos, CrowdStrike and Microsoft. Many of the Python scripts were partly AI-generated and written in Russian. – https://www.infosecurity-magazine.com/news/ai-edr-evasion-tooling/

Infosecurity Europe: NCSC Urges Immediate Action to Boost Resilience as Uncertainty Persists

(Phil Muncaster – Infosecurity Magazine) Security teams must improve collaboration and enhance cyber resilience if they are to survive in an increasingly volatile world, one of the UK’s leading cybersecurity agencies has warned. Speaking at Infosecurity Europe on June 2, National Cyber Security Centre (NCSC) director of operations, Paul Chichester, shared his vision of the threat landscape, and what organizations must do to manage risk at a time of tremendous change. Despite having observed the “arc of cybersecurity” for over three decades, Chichester admitted “now is perhaps the first time I’m not sure ‘where next?’.” That’s down to a confluence of technological change, geopolitical uncertainty, and threat landscape evolution. “It feels like there are a lot of dice and a lot of variables and we’re not predicting anything very well these days,” he admitted. “Professionally, things are harder than they’ve ever been.” – https://www.infosecurity-magazine.com/news/ncsc-resilience-certainty-is-never/

Infosecurity Europe: Cybersecurity Teams Which Don’t Leverage AI are “Doomed to Fail”

(Danny Palmer – Infosecurity Magazine) The rapidly evolving threat landscape and the way threat actors are leveraging AI to enhance attacks means that defenders no longer have a choice and must also use AI to help defend networks from from cyber threats – otherwise they are “doomed to fail.”. That is the warning Joe Slowik, director of cybersecurity alerting strategy at Dataminr, gave at Infosecurity Europe on Tuesday 2 June. In a session on the AI & Cloud Security Stage, Slowik argued that there is a critical need for defenders to adapt to accelerated adversary timescales, and that organizations which still rely on a human-focused security operations center (SOC) will be left behind – and vulnerable to cyber threats. – https://www.infosecurity-magazine.com/news/cybersecurity-teams-doomed-to-fail/

Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats

(Kevin Poireault – Infosecurity Magazine) AI is shaping Bayer’s approach to security as the life sciences firm aims to become one of Europe’s leading agentic deployment organizations in the pharmaceutical industry. At Infosecurity Europe 2026, Kevin Jones, Bayer’s CISO, told attendees that the company has fundamentally changed how its workforce is prepared for AI-driven threats, moving away from checklist-style technical guidance toward psychology-first security awareness. “We scrapped everything to do with technical in our awareness training,” Jones said, explaining that conventional advice, such as looking for spelling mistakes, suspicious URLs or odd attachments no longer works when attackers “have learnt to spell, in five different languages, all in real time, and it’s all generated with AI at scale.” – https://www.infosecurity-magazine.com/news/bayer-reinvents-security-awareness/

Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

(Beth Maundrill – Infosecurity Magazine) As AI-powered cyber-attacks are a top risk for UK cybersecurity professionals, investment priorities over the next 12 to 24 months is set to focus on AI and advanced threat preparedness. This according to new findings from ManageEngine which surveyed 1500 IT and business decision-makers across the UK, Spain, Germany, Italy and the Netherlands. The firm found that 43% of UK respondents identified AI-powered attacks as their single biggest risk over the next 12 months, ahead of traditional threats such as ransomware, phishing and data breaches. The top spending commitment cited by 41% of UK respondents is set to focus on tackling AI and advanced threats. ManageEngine said AI-powered attacks are the top predicted risk in Germany and Spain also, with investment priorities aligned accordingly across all five countries surveyed. – https://www.infosecurity-magazine.com/news/uk-firms-prioritize-ai-threat/

Infosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study Warns

(Danny Palmer – Infosecurity Magazine) Business leaders are unsure what threat intelligence is or how it can help them, potentially putting organizations at increased to cyber threats, a new research paper has warned. Launched at Infosecurity Europe 2026, the Bridging the Gap Between Threat Intelligence and Business Risk paper by Silobreaker and the SANS Institute examines the gap between threat intelligence teams and other areas of the business differ in their understanding about security risks and how to combat them. This ‘intelligence-stakeholder gap’ means that even if an organization has a threat intelligence team which produces relevant information for the organization to use, this information might fly under the radar or be misunderstood by business leaders. – https://www.infosecurity-magazine.com/news/business-leaders-struggle-threat/

Instagram Account Hijacks Expose the Security Risks of AI-Powered Support

(Pierluigi Paganini – Security Affairs) Attackers abused Meta’s AI-powered support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. The issue affected several users, including high-profile accounts, before Instagram fixed the flaw. Security researcher Jane Wong and other users reported the hack of multiple accounts by exploiting this vulnerability. “Instagram has resolved a security issue that allowed several users’ accounts to get hacked.” reported TechCrunch.”The attack appeared to rely on tricking Meta’s own AI-powered support chatbot into granting access to a victim’s account.”. What makes this story remarkable is how little sophistication was required in the attack. The incident came to light after reports spread across Reddit, X, Telegram, and security circles that Instagram accounts were being hijacked through Meta’s AI-powered support workflow. – https://securityaffairs.com/193034/hacking/instagram-account-hijacks-expose-the-security-risks-of-ai-powered-support.html

ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short

(Pierluigi Paganini – Security Affairs) ENISA has published its third annual NIS360 report, assessing the cybersecurity maturity and criticality of all sectors covered by the NIS2 directive. The headline finding is that things are improving across the board. The more important finding is that the improvement is uneven, slow where it matters most, and being outpaced by a threat landscape that’s getting harder faster than defenses are getting better. Banking, electricity, and telecommunications remain the most mature and most critical sectors, as they have been since the assessment began. Three sectors moved up into the high maturity band for the first time: trust services, aviation, and financial market infrastructures. Four more strengthened their position within the moderate band: gas, road, maritime, and health. – https://securityaffairs.com/193002/reports/enisa-nis360-2026-progress-across-the-board-but-the-sectors-that-matter-most-are-still-falling-short.html

GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure

(Pierluigi Paganini – Security Affairs) GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is hidden using invisible Unicode characters embedded between visible text. “GoDaddy Security researchers have analyzed malware that uses an unconventional approach to command and control: encoding malicious payloads for WordPress within Steam Community profile comments.” reads the report published by GoDaddy. From the outside, the comments look like ASCII art. From the inside, they’re encoded instructions telling infected WordPress sites where to load malicious JavaScript from. – https://securityaffairs.com/192990/breaking-news/godaddy-found-malware-on-1980-wordpress-sites-using-steam-as-c2-infrastructure.html

Defense, Intelligence, Warfare

Thanks largely to robots, Ukraine is now talking about winning, not just surviving

(Patrick Tucker – Defense One) A small but growing number of European officials and analysts are saying what four years ago was unthinkable: Ukraine isn’t just surviving its grueling war with Russia, it is in some ways thriving and may even be on a path to victory. This isn’t yet captured in headlines—for example, about last weekend’s barrage of Russian drones and missiles around Ukraine—but in the details, like how some 90 percent were intercepted. Several long-term trends have shifted in Ukraine’s favor, and the core reason is its fierce focus on AI and robotics. – https://www.defenseone.com/technology/2026/06/ukraine-robots-winning/413902/?oref=d1-featured-river-secondary

Desert e-bike race ‘the perfect’ place to test military-vehicle AI

(Patrick Tucker – Defense One) Pilot Racing, a team in the upcoming Baja 1000 dirt-bike race will bring a special advantage: AI that prescribes when a rider should pit, long before the need becomes obvious. The thousand-mile trek through California and Mexico is “the perfect” environment to test GDIT’s logistics-and-maintenance AI before it heads off to rough and disconnected battlefields, a company representative said. GDIT is teaming with AWS on Project Celerity, an AI-enabled platform for managing energy. The Army’s Advanced Research Lab has been heavily investing in how to deploy small, tactical “microgrids”—essentially energy generation and storage systems for environments where power and connectivity are absent. Those microgrids aren’t intended to simply provide power for soldiers on base but also power batteries for a growing fleet of eclectic and robotic vehicles and weapons. So predicting when and how drones or ground robots might require new batteries is a part of the challenge. – https://www.defenseone.com/technology/2026/06/desert-e-bike-race-perfect-place-test-military-vehicle-ai/413903/