Governance, Regulation, and Legislation
AI chatbots raise risks as EU urged to enforce DSA rules
(DigWatch) Concerns are growing over the risks posed by AI chatbots, particularly for minors, as evidence suggests these systems can facilitate harmful behaviour. A recent case in Finland, where a teenager planned a violent attack after interacting with an AI chatbot, has intensified calls for stronger oversight. A report by the Center for Countering Digital Hate found that most leading AI chatbots assisted when prompted about violent acts. Researchers reported that eight out of ten systems tested generated harmful information or encouraged violence, highlighting gaps in existing safeguards. The findings have renewed focus on how the Digital Services Act (DSA) could be applied to AI chatbots. – https://dig.watch/updates/ai-chatbots-eu-dsa-regulation
Geostrategies
White House pours cold water on cyber ‘letters of marque’ speculation
(Alexander Martin – The Record) The Trump administration is not considering cyber “letters of marque” or allowing private companies to carry out cyberattacks on behalf of the U.S. government, senior White House officials said this week, pushing back on growing speculation about the role of industry in U.S. cyber operations. Thomas Lind, a senior adviser at the Office of the National Cyber Director, acknowledged at the Prague Cyber Security Conference on Tuesday that the administration’s four-page national cyber strategy, unveiled earlier this month, called for a more aggressive approach against criminal networks and adversarial governments. – https://therecord.media/offensive-cyber-white-house-hacking
Terrorism/Counterterrorism
Europol coordinates largest referral action targeting terrorist audio propaganda
(Europol) Europol has coordinated the largest Referral Action Day (RAD) to date targeting terrorist propaganda shared through audio content, resulting in the referral of 17 298 URLs across 40 online platforms. Combined, the audio content in these links represents more than 1 100 hours – the equivalent of 47 days of continuous listening. The operation focused on terrorist audio propaganda used by groups across the ideological spectrum, including jihadist and violent right-wing extremist networks. The RAD was initiated and co-led by Hungary and Europol’s EU Internet Referral Unit (EU IRU), bringing together specialised investigators from 13 countries: Belgium, Denmark, Germany, Hungary, Ireland, Italy, Luxembourg, Malta, Portugal, Serbia, Slovenia, Spain and Sweden. Investigators collected the content in the weeks leading up to the action and carried out extensive deconfliction checks to ensure that referrals would not interfere with ongoing investigations. On 3 March, the URLs were referred to online service providers for assessment against their terms of service. So far, 77% of the content has been removed. The suspected terrorist content included speeches from designated terrorist leaders, songs praising violent acts, and nashids – Islamic chants frequently used in jihadist propaganda. – https://www.europol.europa.eu/media-press/newsroom/news/europol-coordinates-largest-referral-action-targeting-terrorist-audio-propaganda
Security and Surveillance
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
(Daryna Antoniuk – The Record) A Russian state-backed hacker group has targeted a Ukrainian government agency using a stealthy phishing campaign that exploits a vulnerability in widely used Zimbra webmail software, according to new research. The operation, attributed with medium confidence to APT28 — also known as Fancy Bear and believed to be linked to Russia’s military intelligence — targeted the State Hydrographic Service of Ukraine which plays a role in maritime navigation and other critical infrastructure services. Researchers at cybersecurity firm Seqrite said the attackers exploited a cross-site scripting flaw, tracked as CVE-2025-66376, allowing them to inject malicious code directly into an email viewed through Zimbra’s browser-based interface. – https://therecord.media/russia-hackers-ukraine-zimbra-breach
Financial Brands Targeted in Global Mobile Banking Malware Surge
(Alessandro Mascellino – Infosecurity Magazine) A global surge in mobile banking malware targeting 1243 financial brands across 90 countries is reshaping the fraud landscape, with attacks now originating primarily on user devices, according to Zimperium zLabs. Zimperium’s latest report examined 34 active malware families affecting apps with more than three billion downloads, revealing what analysts describe as industrialised, large-scale campaigns. These operations are reportedly evolving faster than traditional banking defences, driven by widespread code sharing and low barriers to entry for attackers. – https://www.infosecurity-magazine.com/news/financial-brands-mobile-banking/
FCA Updates Cyber Incident and Third-Party Reporting Rules
(Phil Muncaster – Infosecurity Magazine) The UK Financial Conduct Authority (FCA) has issued new rules designed to give firms more certainty about what cyber‑related incidents to report and when, in order to bolster their cyber and business resilience. The financial services regulator said the update came after industry feedback that organizations often aren’t clear on what to report and what information to provide when they do. “Resilience is being tested like never before, with firms facing growing cyber threats and increasing reliance on third parties to deliver the essential financial services consumers rely on,” said FCA director of specialists and wholesale sell-side, Mark Francis. – https://www.infosecurity-magazine.com/news/fca-updates-incident-thirdparty/
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
(Phil Muncaster – Infosecurity Magazine) A prolific ransomware group has been exploiting a zero-day vulnerability in a Cisco firewall product since January, according to a new analysis from AWS. AWS CISO, CJ Moses, warned yesterday that the Interlock operation had been using CVE-2026-20131 in attacks since January 26. CVE-2026-20131 is a remote code execution (RCE) flaw in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software. – https://www.infosecurity-magazine.com/news/interlock-ransomware-exploit-cisco/
UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs
(Kevin Poireault – Infosecurity Magazine) Security leaders at the UK’s top critical national infrastructure (CNI) firms are relying more than ever on regulatory compliance to drive their cyber maturity and investments, Bridewell has found. In its latest Cybersecurity in CNI Report 2026, the UK-based cyber service provider found that 35% of security leaders working across the UK’s 13 CNI sectors cited regulatory requirements as the primary influence on their security programs. This is up from 26% the in 2025 and 29% the year before. In parallel, increased connectivity, the desire to support innovation and evolving cyber threats have all stagnated as cyber maturity influences. Only 25% of respondents mentioned one of these factors as driving security investment in 2025 and 2026. – https://www.infosecurity-magazine.com/news/uk-regulation-drives-cyber/
DarkSword emerges as powerful iOS exploit tool in global attacks
(Pierluigi Paganini – Security Affairs) Lookout Threat Labs discovered a new iOS exploit kit called DarkSword that has been used since late 2025 by multiple threat actors, including surveillance vendors and likely nation-state actors. The toolkit enables full-chain attacks to steal sensitive data from Apple devices and has been observed in campaigns targeting countries such as Saudi Arabia, Turkey, Malaysia, and Ukraine. – https://securityaffairs.com/189662/hacking/darksword-emerges-as-powerful-ios-exploit-tool-in-global-attacks.html
Russia establishes Vienna as key western spy hub targeting NATO
(Pierluigi Paganini – Security Affairs) Western intelligence reports that Russia has transformed Vienna into its largest Western spy hub, steadily expanding surveillance over the past two years. Using diplomatic compounds and rooftop satellite clusters, Russia monitors sensitive communications across NATO, the Middle East, and Africa, reviving a major Cold War-era signals intelligence operation, according to the Financial Times. “This is one of our main concerns,” a senior European diplomat in Vienna told the Financial Times. “They are targeting NATO government and military communications… Vienna is their hub in Europe.”. Western intelligence reports Russia steadily expanding surveillance in Vienna, with moving antennas and rooftop dishes actively tracking satellites, even adjusting them around major events like the Munich Security Conference. – https://securityaffairs.com/189653/intelligence/russia-establishes-vienna-as-key-western-spy-hub-targeting-nato.html
Russia-linked hackers use advanced iPhone exploit to target Ukrainians
(Daryna Antoniuk – The Record) A likely Russia-linked threat actor deployed a sophisticated iPhone hacking tool to target Ukrainian users and steal sensitive data, according to research published on Wednesday. The malware, dubbed DarkSword, allows attackers to break into iPhones with little to no user interaction, extract sensitive data within minutes, and then erase traces of the intrusion, researchers at cybersecurity firm Lookout said. They attributed the activity to a threat actor tracked as UNC6353. Little is known about the group’s infrastructure or broader affiliations, but it has previously targeted victims in Ukraine using the Coruna exploit chain. – https://therecord.media/russia-linked-hackers-use-iphone-exploit-ukraine
Frontiers
MIT advances wireless sensing with generative AI
(DigWatch) Researchers at MIT have developed a new approach that combines generative AI with wireless signals to detect objects hidden behind obstacles. The system uses Wi-Fi-like millimetre wave signals to build partial reconstructions and then completes missing details with AI. – https://dig.watch/updates/mit-advances-wireless-sensing-with-generative-ai
AI platform boosts efficiency in Tokyo administration
(DigWatch) Tokyo authorities are accelerating the adoption of generative AI across public administration, aiming to improve efficiency and address labour shortages. Municipal governments across the capital are increasingly integrating AI into daily operations. A new AI platform with GovTech Tokyo enables public employees to build customised applications without advanced technical skills. Built on open-source software, the system lowers costs and removes barriers linked to development and infrastructure. – https://dig.watch/updates/ai-boosts-efficiency-in-tokyo-administration
New AI system predicts chemical impact on genes
(DigWatch) Researchers led by Michigan State University developed an AI model that predicts chemical effects on gene expression, speeding up drug discovery. The system analyses chemical structures to determine whether compounds increase or decrease activity in specific genes. – https://dig.watch/updates/new-ai-system-predicts-chemical-impact-on-genes
UK announces £2.5 billion investment in AI and quantum technologies
(DigWatch) Plans to accelerate technological leadership have been outlined by the HM Treasury and the Department for Science, Innovation and Technology, with a £2.5 billion investment targeting AI and quantum computing. Ambition has been reinforced by Rachel Reeves, who positioned AI as a central driver of economic growth, alongside closer European ties and regional development. Strategy aims to secure the fastest adoption of AI across the G7 while supporting domestic innovation ecosystems. – https://dig.watch/updates/uk-announces-2-5-billion-investment-in-ai-and-quantum-technologies
UK launches major AI supercomputer for fusion research
(DigWatch) The University of Cambridge has partnered with the UK Atomic Energy Authority and the Department for Energy Security and Net Zero to deploy a major AI supercomputer for fusion energy. The system, named ‘Sunrise’, is designed to accelerate research into clean and sustainable power. – https://dig.watch/updates/major-ai-supercomputer-for-fusion-research