Governance, Regulation, Legislation, Geostrategies

UN Women cautions AI is reinforcing gender bias

(DigWatch) UN Women has warned that AI systems continue to reinforce long-standing gender stereotypes, even as they become increasingly embedded in everyday life. The organisation says many AI models still associate women with domestic roles while linking men to leadership, business, and career success. Recent studies highlighted the scale of the issue. Research examining 133 AI systems found that 44% displayed gender bias, while more than a quarter showed both gender and racial bias. According to UN Women, these outcomes reflect biases embedded in training data and broader social patterns rather than isolated technical flaws. – https://news.un.org/en/story/2026/06/1167776

OECD examines young people’s social media use

(DigWatch) The OECD has warned that young people are growing up in a social media age that offers opportunities for creativity and connection, but also creates risks for learning, well-being and online safety. In a new Digital Economy Paper, ‘Growing up in the social media age’, the OECD reviews research on young people’s social media use and analyses data from the 2022 Programme for International Student Assessment. The paper focuses mainly on 15-year-olds and examines links between social media use, academic outcomes, creative thinking and policy responses. – https://www.oecd.org/en/publications/growing-up-in-the-social-media-age_a1132839-en.html

EU agrees tougher child protection rules against AI-generated abuse

(DigWatch) The agreement between the European Parliament and the Council updates legislation first adopted in 2011, reflecting the growing role of digital technologies and AI in facilitating abuse. Under the revised directive, designing, adapting or distributing AI systems intended to generate child sexual abuse material would become a criminal offence. The updated rules would also cover deepfake abuse material, livestreamed child sexual abuse, sexual extortion, and the possession or distribution of instructions on how to commit such crimes. – https://ec.europa.eu/commission/presscorner/detail/en/ip_26_1415

US sets post-quantum cryptography deadlines for federal systems

(DigWatch) US President Donald Trump has signed an executive order setting deadlines for federal agencies to migrate high-priority systems to post-quantum cryptography. Executive Order 14409 says large-scale quantum computers could threaten widely used cryptographic systems and create risks for sensitive government data, critical infrastructure and the digital economy. It also highlights ‘harvest now, decrypt later’ attacks, where adversaries collect encrypted information today and decrypt it once quantum capabilities become available. – https://www.whitehouse.gov/presidential-actions/2026/06/securing-the-nation-against-advanced-cryptographic-attacks/

UNESCO launches media literacy guide for families in the digital age

(DigWatch) UNESCO has launched a global media literacy guide to help parents, caregivers, and families support children’s safe, informed and critical engagement with digital environments. The guide, titled Growing Up in a Connected World: A Family Guide for the Digital Age, was launched at UNESCO Headquarters and online, attracting around 700 participants. It is available in English, French, and Spanish. – https://www.unesco.org/en/articles/unesco-launches-new-family-guide-digital-age

UNESCO launches consultation on fair compensation for news in the AI era

(DigWatch) UNESCO has launched a global consultation on its Draft Guidance on Fair Compensation for News, seeking input on how journalism should be remunerated as digital platforms and AI systems increasingly rely on news content. The draft guidance argues that the media sector is undergoing significant structural change, including declining funding for public-interest journalism and the contraction or closure of local and community news outlets. – https://dig.watch/updates/unesco-consultation-fair-payment-news-ai-era

AI is reshaping employment patterns across the US labour market

(DigWatch) AI is increasingly influencing the structure of the US labour market, although its impact on overall employment growth remains limited so far. Evidence suggests that the impact is concentrated in specific occupational groups rather than evenly distributed across the economy. Employment in occupations considered highly exposed to AI-driven substitution has declined in recent years, while occupations viewed as less vulnerable to automation have continued to expand. Since 2019, lower-exposure occupations such as electricians and teachers have recorded strong employment gains, while more AI-exposed occupations have experienced contraction. – https://dig.watch/updates/us-labour-market-shows-early-impact-of-ai

Estonia proposes world-first digital IDs for AI agents

(DigWatch) Estonia is moving forward with plans to create official digital identities for AI agents, a move that could make it the first country to establish a formal framework for AI systems acting on behalf of individuals and organisations. The proposal received backing from Prime Minister Kristen Michal following discussions within the Eesti.ai advisory board. Under the proposed framework, AI agents would be granted limited and clearly defined permissions, enabling them to perform specific tasks such as preparing documents, handling administrative procedures and accessing designated information. Authorities say the framework would ensure that every action remains traceable, auditable and subject to clear human accountability. – https://valitsus.ee/en/news/prime-minister-michal-estonia-become-first-country-create-digital-identities-ai-agents

UK and Malaysia launch negotiations on digital trade agreement

(DigWatch) The UK and Malaysia have launched negotiations on a digital trade agreement aimed at supporting economic growth, creating jobs and expanding cross-border digital services. The UK government said the talks mark the next step in its effort to strengthen the country’s role as a global hub for services and digital trade. Digital trade encompasses the exchange of goods, services and data that are enabled or delivered through digital technologies. – https://dig.watch/updates/uk-malaysia-digital-trade-negotiations

Security and Surveillance

Five Eyes agencies urge action on AI cyber risk

(DigWatch) Five Eyes cybersecurity agencies have urged business and technology leaders to act quickly as AI transforms the cyber landscape. In a joint statement issued on 22 June, the leaders of the Five Eyes cybersecurity agencies said AI is already changing both offensive and defensive cyber capabilities. They said AI can strengthen cyber defence capabilities, but it is also increasing the speed, scale and sophistication of cyber threats. – https://www.cyber.gov.au/about-us/view-all-content/news/five-eyes-cyber-security-agencies-statement

Tata Electronics confirms cyberattack after alleged Apple, Tesla documents appear online

(Daryna Antoniuk – The Record) Indian manufacturer Tata Electronics has confirmed a cybersecurity incident affecting some of its systems, weeks after a cybercrime group claimed to have stolen confidential documents belonging to the company’s clients. In a statement to Recorded Future News, Tata Electronics said it detected the breach “a few weeks ago” and has since taken measures to address the incident. “The incident has had no impact on operations across businesses, which remain unaffected,” the company said. – https://therecord.media/tata-electronics-confirms-cyberattack

Suspected cyberattack triggers false emergency alerts across parts of Brazil

(Daryna Antoniuk – The Record) Brazil suspended its mobile phone emergency alert system after a suspected cyberattack triggered false warnings on phones across several states. The incident occurred early Saturday when at least a dozen unauthorized alerts were sent through Brazil’s Civil Defense Alert system, a platform designed to warn residents about imminent threats such as floods, landslides and other natural disasters. According to a statement from Brazil’s National Protection and Civil Defense Secretariat, the alerts included the word “misanthropy” and were issued at the system’s highest emergency level, causing phones to emit loud alarm sounds even when set to silent mode. – https://therecord.media/suspected-cyberattack-triggers-false-emergency-alerts-brazil

Xsolis Data Breach Impacts 1.4 Million People

(Pierluigi Paganini – Security Affairs) Healthcare tech company Xsolis, Inc. has disclosed a data breach impacting nearly 1.4 million individuals. The Tennessee-based firm provides utilization management and revenue cycle solutions for healthcare providers. The company became aware of an unauthorized access on January 22, following a phishing attack two days earlier. The security breach exposed personal and protected health information received from Xsolis’s hospital and payer clients. “On January 22, 2026, Xsolis became aware of unauthorized activity impacting a limited portion of the Xsolis environment resulting from a targeted phishing attack on January 20, 2026. We immediately contained the activity and launched an investigation with the assistance of external cybersecurity experts.” reads the notice for Data Security Incident, “The investigation determined that an unauthorized actor acquired certain files containing information that, depending on the individual, may include names, addresses, date of birth, health insurance information, Social Security numbers, and medical treatment information. We are not aware of any actual or attempted misuse of information because of this incident.” – https://securityaffairs.com/194067/cyber-crime/xsolis-data-breach-impacts-1-4-million-people.html

OpenAI Expands Daybreak to Help Defenders Patch Flaws

(Alessandro Mascellino – Infosecurity Magazine) OpenAI has expanded its cyber-defense program Daybreak, arguing that artificial intelligence (AI) has flipped the hardest part of security from finding software flaws to fixing them. In an announcement on June 22, the company said the expansion centered on patch automation. It released the full version of a cyber-focused model, GPT-5.5-Cyber, alongside updates to its Codex Security tool and a new open-source patching initiative. – https://www.infosecurity-magazine.com/news/openai-daybreak-gpt-5-5-cyber/

GTA 6 Scams Emerge as Pre-Orders Open

(Beth Maundrill – Infosecurity Magazine) As Rockstar Games announced pre-orders for Grand Theft Auto VI (GTA 6) will be available from June 25, scammers have already whipped up fake websites offering early access. These websites are offering access to GTA 6 and VIP early access if victims pay a few hundred dollars in cryptocurrency, enter a payment code and supposedly unlock the game. “Any site claiming to sell GTA 6 early access is not authorized by Rockstar Games and should be treated as fraudulent unless Rockstar announces it through official channels,” Stafan Dasic, senior malware research engineer at Malwarebytes, wrote in a blog on June 23. – https://www.infosecurity-magazine.com/news/gta-6-scams-emerge-as-preorders/

How World Cup Password Trends Can Increase Active Directory Risk

(Dominique Adams – Infosecurity Magazine) The 2026 FIFA World Cup is influencing more than conversations, headlines, and viewing habits. It is also shaping password choices. Users often build passwords around familiar references such as favorite players, clubs and tournament moments. In enterprise environments, especially those built around Active Directory, that familiarity can become a weakness. A password may meet complexity requirements on paper and still be highly predictable in practice. Recent research from Specops Software highlights the issue clearly. After analyzing more than 6.4 billion compromised passwords, Specops found football-related terms appearing at scale in breached credential data. Player and club names showed up repeatedly, often in formats that still satisfy standard complexity rules. In other words, a password can look compliant and still be easy to predict. – https://www.infosecurity-magazine.com/blogs/how-world-cup-password-trends/

GentleKiller Framework Disables Victims’ Security Software

(Alessamdro Mascellino – Infosecurity Magazine) One of the most active ransomware gangs of 2026 has been handing its affiliates a ready-made toolkit for switching off victims’ security software before the encryption begins. New analysis from ESET detailed the endpoint detection and response (EDR) killer suite of The Gentlemen, a ransomware-as-a-service operation (RaaS), built around an in-house framework the researchers named GentleKiller. GentleKiller’s job is to disable endpoint protection. ESET found it targeting more than 400 processes across roughly 48 security products, from Microsoft Defender and CrowdStrike to Sophos and ESET’s own tools, killing them at the kernel level so the ransomware could run unchecked. – https://www.infosecurity-magazine.com/news/gentlekiller-gentlemen-ransomware/

Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips

(Alessandro Mascellino – Infosecurity Magazine) A novel iPhone BootROM vulnerability has been discovered by researchers that gives attackers with physical access a route to compromise the boot chain on Apple A12, S4/S5 and Apple A13 systems-on-chips (SoCs). Paradigm Shift’s new analysis shared how the bug, which the firm dubbed usbliter8, could be exploited by combining a hardware vulnerability in the USB controller with a firmware configuration flaw in SecureROM. The finding matters because BootROM code is immutable after manufacture. Unlike recent Apple software flaws, this class of issue cannot be fully corrected through an operating system update. Exploitation is not remote. The proof-of-concept (PoC) shared by Paradigm Shift requires Device Firmware Update (DFU) mode and RP2350-based microcontroller hardware, limiting broad abuse but increasing the risk for seized, stolen or unattended devices. – https://www.infosecurity-magazine.com/news/apple-bootrom-exploit-a12-a13/

Microsoft Attributes Mastra AI Supply Chain Attack to North Korea

(Danny Palmer – Infosecurity Magazine) A supply chain attack which targeted Mastra, an open-source typescript for building AI-powered applications and agents, was the work of North Korean hackers, cybersecurity researchers have said. The attribution was made on June 19 by Microsoft Defender Security Research Team and Microsoft Threat Intelligence. The technology giant assessed with “high confidence” that the activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. – https://www.infosecurity-magazine.com/news/mastra-ai-supply-chain-attack/

Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens

(Kevin Poireault – Infosecurity Magazine) Several companies have disclosed that they were affected by a breach of business intelligence provider Klue, including a number of cybersecurity firms. Huntress, Recorded Future, Jamf and Tanium have all acknowledged using Klue’s intelligence services and confirmed that the breach enabled unauthorized access to their Salesforce accounts via stolen OAuth tokens used for Klue integrations. – https://www.infosecurity-magazine.com/news/klue-breach-compromise/

NCSC Urges Fortinet Customers to Tackle FortiBleed Fallout

(Phil Muncaster – Infosecurity Magazine) The UK’s National Cyber Security Centre (NCSC) has released guidance for Fortinet customers impacted by a global credential theft campaign. A database of around 75,000 credentials stolen from FortiGate firewall and SSL VPN customers was discovered by security researchers last week. Dubbed “FortiBleed,” it features usernames, email addresses and plaintext passwords for organizations including Oracle, Spotify, Toyota and AT&T. – https://www.infosecurity-magazine.com/news/ncsc-fortinet-customers-tackle/

Defense, Intelligence, Warfare

War robots invade Eurosatory 2026 as interest grows in UGVs after use in Ukraine

(Elisabeth Gosselin-Malo – Breaking Defense) War robots took over exhibitors’ stands at the 2026 Eurosatory edition, with at least 50 unmanned ground vehicle makers in attendance and more than a dozen systems of various sizes on display. Many of the offerings came from various European or American firms, but experts say the country at the forefront of these technologies is, without a doubt, Ukraine. “Ukraine leads in this space because it has an invaluable three years of battlefield testing and experimentation, which in turn have enabled the development of robust tactics and dedicated organizational structures, like new units, to employ UGVs,” Federico Borsari, fellow at the Center for European Policy Analysis, told Breaking Defense. –  https://breakingdefense.com/2026/06/war-robots-invade-eurosatory-2026-as-interest-grows-in-ugvs-after-use-in-in-ukraine/

Frontiers

Reflection secures SpaceXAI compute deal for open-source AI models

(DigWatch) Open-source AI startup Reflection has signed a major compute agreement with SpaceXAI, giving the company access to Colossus 2 data centre capacity as it works to develop frontier AI models. According to Axios, Reflection will begin paying $150 million per month from 1 July 2026 for access to the infrastructure through 2029. The deal is intended to give the Nvidia-backed startup the computing power needed to compete with leading AI companies. – https://dig.watch/updates/spacex-expands-role-in-ai-race-with-partnership

Oxford researchers develop AI tool to map hidden effects of high blood pressure

(DigWatch) Researchers led by the University of Oxford have developed an AI tool called ‘HyperScore’ that could help doctors better understand how high blood pressure affects different organs and individuals in different ways. The approach could support more personalised treatment strategies in the future. Using the AI tool, researchers identified six distinct patterns of hypertension-related disease by analysing hundreds of measurements, including cardiac imaging, brain MRI scans, blood tests and assessments of the kidneys, liver and vascular system. – https://dig.watch/updates/oxford-researchers-develop-ai-tool-to-map-hidden-effects-of-high-blood-pressure