Governance/Regulation/Legislation

UN Global Mechanism on ICT security discusses procedures, debates co-facilitator appointments

(DigWatch) The United Nations Global Mechanism on developments in the field of ICTs in the context of international security and advancing responsible state behaviour in the use of ICTs held its third organisational meeting, focusing on operational arrangements for the newly established permanent forum. The session, chaired by Ambassador Egriselda López of El Salvador, addressed decision-making procedures, meeting schedules for 2026, and the structure of two dedicated thematic groups (DTGs), which will complement plenary sessions. Delegations discussed the mechanism’s working methods, with López noting that decisions would be taken by consensus in line with UN General Assembly rules of procedure. – https://dig.watch/updates/un-global-mechanism-on-ict-security-discusses-procedures-debates-co-facilitator-appointments

California challenges federal approach with new AI rules

(DigWatch) The government of California is advancing a more interventionist approach to AI governance, signalling a divergence from federal deregulatory preferences. An executive order signed by Gavin Newsom mandates the development of comprehensive AI policies within 4 months, prioritising public safety and protecting fundamental rights. The proposed framework requires companies seeking state contracts to demonstrate safeguards against harmful outputs, including the prevention of child exploitation material and violent content. – https://dig.watch/updates/california-challenges-federal-approach-with-new-ai-rules

World Data Organisation launches in Beijing to advance global data governance

(DigWatch) The World Data Organisation was formally established in Beijing on 30 March 2026, as the first professional international body focused on global data development and governance. The organisation aims to operate as a non-governmental, non-profit platform for dialogue, rule-making, and international collaboration. The WDO has three stated goals: bridging the data divide, unlocking data’s value, and powering the digital economy. These priorities are intended to reduce disparities in digital capacity between developed and developing countries. – https://dig.watch/updates/world-data-organisation-launches-in-beijing-to-advance-global-data-governance

EU boosts fact-checking with €5 million disinformation resilience plan

(DigWatch) The European Commission has committed €5 million to strengthen independent fact-checking networks, reinforcing efforts to counter disinformation across Europe. The initiative seeks to expand verification capacity in all EU languages while improving coordination among key stakeholders. The programme introduces a comprehensive support system for fact-checkers, covering legal assistance, cybersecurity protection and psychological support. – https://dig.watch/updates/eu-boosts-fact-checking-with-e5-million-disinformation-resilience-plan

Women are getting less recognition than men for using AI

(Emily Peck – Axios) Women are less likely to use AI at work — and even when they do, they get less recognition for the effort, finds a new survey from Lean In, the women’s advocacy group. Right now, AI ability is the skill many employers say they value most. Down the line, this recognition gap could exacerbate existing gender pay and promotion inequalities, Lean In founder Sheryl Sandberg tells Axios. 78% of men said they have used AI for work, compared with 73% of women, per a survey the group conducted in early March among 1,000 U.S. adults age 18 and over. – https://www.axios.com/2026/04/01/leanin-sheryl-sandberg-ai-women-men-work

Security and Surveillance

Romania under daily barrage of cyberattacks, defense minister says

(Daryna Antoniuk – The Record) Romanian government institutions are facing thousands of cyberattack attempts every day, the country’s defense minister said on Tuesday. The attacks target a wide range of public institutions, Defense Minister Radu Miruta said, though he did not specify which organizations are most frequently affected or identify the hacker groups responsible. “There are many institutions that can be attacked, and we see more than 10,000 such attacks every day,” Miruta said at a conference in Bucharest, according to local media reports. – https://therecord.media/romania-cyberattacks-russia-defense-minister

New Venom Stealer MaaS Platform Automates Continuous Data Theft

(Alessandro Mascellino – Infosecurity Magazine) A new malware-as-a-service (MaaS) platform dubbed Venom Stealer that automates credential theft and continuous data exfiltration has been identified by cybersecurity researchers. The platform is being sold on cybercrime networks and is designed to go beyond traditional credential harvesting tools by maintaining ongoing access to stolen data even after the initial infection. – https://www.infosecurity-magazine.com/news/venom-stealer-maas-automates-data/

Chinese Hackers Target European Governments in Espionage Campaigns

(Kevin Poireault – Infosecurity Magazine) After a quiet period since 2023, Chinese state-backed group TA416 has reemerged with a vengeance, launching a fresh wave of cyber espionage campaigns against European governments. Proofpoint researchers detected the group’s renewed activity in mid-2025, with multiple malware delivery campaigns targeting EU and NATO diplomatic missions across a range of European countries. TA416 regularly altered its infection chain, including abusing Cloudflare Turnstile challenge pages, abusing OAuth redirects and using C# project files, as well as frequently updating its custom PlugX payload, noted the Proofpoint researchers in an April 1 report. In March 2026, Proofpoint also observed in the weeks following the outbreak of conflict in Iran TA416 expand its targets to include diplomatic and government entities in the Middle East. – https://www.infosecurity-magazine.com/news/china-hackers-ta416-europe/

Clawing Back on Security: Challenges with Agentic AI Systems

(Donavan Cheah – Infosecurity Magazine) Clawdbot’s popularity has been meteoric, racking up more than 140,000 stars and 20,000 forks on its Github repository. However, its renaming to Moltbot suggested significant security issues, such as the trifecta of access to private data, exposure to untrusted content and external communication capabilities. One issue behind AI agents like this being insecure by design is because LLMs are unable to distinguish between different contexts. – https://www.infosecurity-magazine.com/opinions/clawing-back-security-challenges/

Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year

(Phil Muncaster – Infosecurity Magazine) The impact of cyber-attacks on UK manufacturers extended well beyond Jaguar Land Rover (JLR) last year, with 78% of businesses suffering a serious incident, according to new data from ESET. The security vendor polled 500 senior decision-makers responsible for IT, OT, operations, risk or security in UK manufacturing organizations, to understand more about threats to the sector. Almost all (95%) respondents admitted that an attack had a direct impact on their business, and most (53%) suffered financial loss as a result. Supply chain disruption (44%) and missed customer or supplier commitments (39%) were also common, according to the study. – https://www.infosecurity-magazine.com/news/eight-10-uk-manufacturers-hit/

Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

(Pierluigi Paganini – Security Affairs) Google has attributed the recent Axios npm supply chain compromise to a North Korean threat group tracked as UNC1069. The attack, aimed at financial gain, exploited the package to target developers and organizations relying on Axios. John Hultquist of Google Threat Intelligence confirmed the attribution, highlighting the group’s growing activity in supply chain attacks. “GTIG attributes this activity to UNC1069, a financially motivated North Korea-nexus threat actor active since at least 2018, based on the use of WAVESHAPER.V2, an updated version of WAVESHAPER previously used by this threat actor. Further, analysis of infrastructure artifacts used in this attack shows overlaps with infrastructure used by UNC1069 in past activities.” reads the analysis by Google Threat Intelligence Group. “Analysis of the C2 infrastructure (sfrclak[.]com resolving to 142.11.206.73) revealed connections from a specific AstrillVPN node previously used by UNC1069. Additionally, adjacent infrastructure hosted on the same ASN has been historically linked to UNC1069 operations.” – https://securityaffairs.com/190256/security/google-links-axios-npm-supply-chain-attack-to-north-korea-linked-apt-unc1069.html

SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code

(Pierluigi Paganini – Security Affairs) SentinelOne’s AI-based security detected and blocked a supply chain attack involving a compromised LiteLLM package. SentinelOne’s macOS agent detected and stopped a malicious process chain triggered by Claude Code after it unknowingly installed a compromised LiteLLM package. The AI identified suspicious hidden Python code execution via base64 decoding, and killed the process within seconds across hundreds of events. The system traced the full process chain triggered by an AI agent and prevented data theft or further spread, showing the power of autonomous, behavior-based defense. Attackers indirectly compromised LiteLLM by first breaching trusted tools like Trivy, stealing maintainer credentials to publish malicious versions. The campaign also hit other platforms, showing how open-source trust can be abused. In one case, an AI coding assistant unknowingly installed the infected package, highlighting a new risk: AI agents with full system access can spread attacks automatically. – https://securityaffairs.com/190248/security/sentinelone-autonomous-detection-blocks-trojaned-litellm-triggered-by-claude-code.html

Geostrategies

EDB fund and Kazakhstan ministry sign AI cooperation memorandum

(DigWatch) The Fund for Digital Initiatives of the Eurasian Development Bank has signed a Memorandum of Cooperation with Kazakhstan’s Ministry of AI and Digitalization. The agreement was signed during the Digital Qazaqstan forum held on 27 March in Shymkent. According to the text provided, the memorandum outlines a strategic partnership to introduce AI technologies and support digital projects. Areas of cooperation include identifying and implementing joint AI projects, exchanging expertise, and strengthening both sides’ capacities as centres of AI competence. – https://dig.watch/updates/edb-kazakhstan-ai-cooperation-memorandum

Australia and Anthropic deepen AI safety cooperation

(DigWatch) Anthropic has signed a Memorandum of Understanding with the Australian government to strengthen AI safety research and align with Australia’s National AI Plan. The agreement was formalised during a meeting in Canberra between Anthropic CEO Dario Amodei and Prime Minister Anthony Albanese. The partnership establishes collaboration with Australia’s AI Safety Institute, including the sharing of model capability insights, joint safety evaluations and coordinated research with academic institutions. – https://dig.watch/updates/australia-anthropic-deepen-ai-safety-cooperation

Frontiers

Agentic AI study begins through University of Glasgow and Lloyds partnership

(DigWatch) The University of Glasgow and Lloyds Banking Group have launched a four-year research partnership to study how agentic AI tools could support software and data engineering work. According to the announcement, engineers at Lloyds Banking Group in Bristol, Manchester, and Hyderabad will work with large-language-model-based coding tools on different tasks each quarter. The aim is to measure effects on delivery speed and quality. – https://dig.watch/updates/glasgow-lloyds-agentic-ai-engineering-study

Future intelligent networks move towards 6G era

(DigWatch) Digital infrastructure remains central to modern society, with mobile networks forming the backbone of global connectivity and technological progress. Research efforts are increasingly focused on ensuring that today’s 5G systems evolve into more advanced and intelligent network platforms. The future 6G era is expected to go beyond traditional connectivity, enabling immersive communication experiences, intelligent machine interaction, and the development of large-scale digital twins. – https://dig.watch/updates/future-intelligent-networks-move-towards-6g-era

Software development dominates AI agent tool usage

(DigWatch) Researchers analysed 177,436 AI agent tools created between November 2024 and February 2026 using Model Context Protocol repositories. The study examines how AI agents use external tools to access and modify digital environments. The tools are grouped into perception, reasoning and action categories based on their function. Perception tools access data, reasoning tools analyse information, and action tools modify systems such as files, emails or external platforms. – https://dig.watch/updates/software-development-dominates-ai-agent-tool-usage