Governance, Regulation, and Legislation

EU faces pressure to strengthen digital safeguards ahead of elections

(DigWatch) Emmanuel Macron has called for stronger enforcement of the EU digital rules, urging Ursula von der Leyen to act against risks linked to foreign interference in elections. The request comes amid growing concern over attempts to influence democratic processes across Europe. In a letter addressed to the Commission, Macron stressed the importance of safeguarding electoral integrity in a challenging geopolitical environment. – https://dig.watch/updates/eu-faces-pressure-to-strengthen-digital-safeguards-ahead-of-elections

New conservative group launches push for tougher AI rules

(Ashley Gold – Axios) A new coalition of conservative groups and advocates for stronger kids’ online safety and AI laws launched Monday, as the debate over regulating AI in the U.S. heats up. Why it matters: The White House just rolled out a light-touch AI framework that is unlikely to satisfy strong proponents of online safety and AI rules, even as some Republicans show growing appetite for a more hands-on approach. Republican infighting over the best way to regulate AI is just one hurdle the White House is going to face in trying to get their AI plans over the finish line. The coalition, Alliance for a Better Future, describes itself as “pro-innovation” and “pro-family advocacy.” – https://www.axios.com/2026/03/23/conservative-group-tougher-ai-rules

Security and Surveillance

Hacker walks away with $24.5 million after breaching Resolv DeFi platform

(Jonathan Greig – The Record) Decentralized finance platform Resolv said a recent cyberattack allowed a threat actor to compromise the company’s infrastructure and illicitly create $80 million worth of its USR stablecoin. USR is pegged to the U.S. dollar but plummeted in value on Saturday when the hacker created the uncollateralized coins and traded them for about 11,408 ETH, which is worth about $24.5 million. The company published a statement confirming the incident. USR was depegged from the U.S. dollar after the incident and is now worth about 26 cents. – https://therecord.media/hacker-breaches-resolv-defi-25-million

Education company Kaplan reports data breach impacting more than 230,000

(Jonathan Greig – The Record) The educational services company Kaplan told state regulators last week that at least 230,000 people had Social Security and driver’s license numbers leaked following a cybersecurity incident in the fall of 2025. The Florida-based company filed breach notification letters in at least seven states but did not respond to requests for comment about the total number of people impacted by the security incident. – https://therecord.media/kaplan-data-breach-hack-notification

California-based semiconductor testing company reports ransomware attack to SEC

(Jonathan Greig – The Record) A semiconductor testing company warned regulators on Friday that its subsidiary in Singapore suffered a ransomware attack earlier this month. In a filing with the Securities and Exchange Commission last week, Trio-Tech International said the cyberattack was discovered on March 11 and led to the encryption of files within the subsidiary’s network.  “At that time, management determined that the incident was not material,” the company said. “On March 18, 2026, the incident escalated and resulted in the unauthorized disclosure of certain Company data. Following this development, management concluded that the incident may constitute a material cybersecurity event.”. – https://therecord.media/ransomware-trio-tech-semiconductor-sec

Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems

(Danny Palmer – Infosecurity Magazine) Over half (56%) of IT and cybersecurity professionals have no idea how quickly they could shut down AI systems affected by a cyber-attack or security incident, new research by ISACA has found. Published on 23 March by the global certification body, the research is based on a survey of over 3400 security and digital professionals. Just under a third of respondents (32%) said that they believed they could halt potentially compromised AI systems within an hour, while 7% said they thought it would take over an hour. – https://www.infosecurity-magazine.com/news/cyber-staff-unsure-on-preventing/

Tycoon2FA Phishing Service Resumes Activity Post-Takedown

(Alessandro Mascellino – Infosecurity Magazine) Despite a major law enforcement operation earlier this month, Tycoon2FA, a subscription-based phishing-as-a-service (PhaaS) platform, has continued to compromise email accounts and bypass multifactor authentication (MFA). The platform, which intercepts live authentication sessions using adversary-in-the-middle (AITM) techniques, has reportedly resumed activity. Tycoon2FA, launched in 2023, was responsible for a significant share of phishing activity. By mid-2025, it accounted for 62% of phishing attempts blocked by Microsoft and reportedly generated more than 30 million malicious emails in a single month. – https://www.infosecurity-magazine.com/news/tycoon2fa-phishing-service-resumes/

High-Tech Sector Overtakes Finance as Top Target for Cyber-Attacks, Mandiant Reports

(Kevin Poireault – Infosecurity Magazine)The high-tech sector was the most targeted industry for cyber-attacks in 2025, dethroning financial services as the primary focus of threat actors, according to Mandiant’s latest incident response data. High tech companies accounted for 17% of all Mandiant investigations in 2025, the Google Cloud-owned firm noted in the M-Trends 2026 Report, published on March 23. In comparison, finance, which led in 2023 and 2024, represented 14.6% of Mandiant investigations over the past year. Business and professional services and healthcare were also heavily targeted, making up 13.3% and 11.9% of all investigations, respectively. – https://www.infosecurity-magazine.com/news/high-tech-top-target-cyberattacks/

Pro-Iranian Nasir Security is targeting energy companies in the Gulf

(Pierluigi Paganini – Security Affairs) Resecurity (USA) is tracking a relatively new cybercriminal group called Nasir Security, presumably associated with Iran, that is targeting energy organizations in the Middle East. The energy sector is one of the most impacted areas because of the Iranian malicious activity in the region, including the lockdown of the Strait of Hormuz and drone/missile attacks against the energy infrastructure of neighboring countries in the GCC, allies of the US. Based on the artifacts collected by the threat intelligence team at Resecurity, the group is attacking supply chain vendors involved in engineering, safety, and construction. The data stolen as a result of such incidents is authentic but originates from a third party (of the target company), which may lead to incorrect assumptions about the origin of the breach. Notably, the focus of the attacks is centered on the energy sector, which has experienced significant financial and technological damage since the start of the war in Iran. Cyberspace is used to amplify it, following recent attacks against LNG and logistics providers. – https://securityaffairs.com/189865/cyber-warfare-2/pro-iranian-nasir-security-is-targeting-energy-companies-in-the-gulf.html

Iran-linked actors use Telegram as C2 in malware attacks on dissidents

(Pierluigi Paganini – Security Affairs) The FBI warns that Iran’s Ministry of Intelligence and Security (MOIS) runs cyber campaigns using Telegram as a command-and-control infrastructure to deliver malware. Threat actors target Iranian dissidents, journalists, and opposition groups worldwide. Once deployed, the malware enables surveillance, data theft, and reputational damage against victims. The activity reflects ongoing Iranian cyber operations amid rising geopolitical tensions in the Middle East. The FBI released this alert to raise awareness and help defenders understand the tactics used in these campaigns, urging organizations and individuals to adopt mitigation measures to reduce the risk of compromise. – https://securityaffairs.com/189820/malware/iran-linked-actors-use-telegram-as-c2-in-malware-attacks-on-dissidents.html

Russia-linked actors target WhatsApp and Signal in phishing campaign

(Pierluigi Paganini  – Security Affairs) Threat actors linked to Russian Intelligence Services are running phishing campaigns to hijack high-value accounts on messaging apps like WhatsApp and Signal, the FBI warns. “The FBI has identified cyber actors associated with Russian Intelligence Services targeting users of commercial messaging applications, including Signal.” FBI Director Kash Patel wrote on X. “The campaign targets individuals of high intelligence value, including current and former U.S. government officials, military personnel, political figures, and journalists.” – https://securityaffairs.com/189808/intelligence/russia-linked-actors-target-whatsapp-and-signal-in-phishing-campaign.html

44 Aqua Security repositories defaced after Trivy supply chain breach

(Pierluigi  Paganini – Security Affairs) Researchers found malicious Trivy images on Docker Hub linked to a supply chain attack. Versions 0.69.4–0.69.6, now removed, contained TeamPCP infostealer code. Suspicious tags were pushed without matching GitHub releases, increasing the risk to developers using compromised container images. The OpenSourceMalware team reports that Aqua Security’s internal GitHub organization was compromised by TeamPCP, which defaced all 44 repositories in minutes. The attacker renamed repos and altered descriptions using a stolen service account token, likely linked to the earlier Trivy supply chain attack, marking a further escalation in ongoing activity. – https://securityaffairs.com/189856/uncategorized/44-aqua-security-repositories-defaced-after-trivy-supply-chain-breach.html

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

(Pierluigi Paganini – Security Affairs) Oracle released security updates to address a critical vulnerability, tracked as CVE-2026-21992 (CVSS score of 9.8), affecting Identity Manager and Web Services Manager. The flaw lets unauthenticated attackers over HTTP take control of Oracle Identity Manager and Web Services Manager, risking full system compromise with severe impact on data and availability. “This Security Alert addresses vulnerability CVE-2026-21992 in Oracle Identity Manager and Oracle Web Services Manager. This vulnerability is remotely exploitable without authentication. If successfully exploited, this vulnerability may result in remote code execution.” reads the advisory. – https://securityaffairs.com/189796/security/oracle-fixes-critical-rce-flaw-cve-2026-21992-in-identity-manager.html

How Allianz Cyber Educator Daria Catalui Puts People First to Build a Human Firewall

(Danny Palmer – Infosecurity Magazine) For Daria Catalui, top cyber educator at Allianz and an advisor at European Union Agency for Cybersecurity (ENISA), effective cybersecurity starts not with technology, but with empowering people to become part of the human firewall. From contributing to early cybersecurity education policy programs for the ENISA and the European Commission, to heading up cybersecurity awareness at the financial services firm Allianz, she has long championed a people‑first approach to security. Her focus is on equipping individuals with the information and behaviors they need to stay safe online, both in the enterprise and at home. In this conversation with Infosecurity, Catalui details her passion for cybersecurity education, the concept of the ‘human firewall’, how to deliver appropriate, futureproof cybersecurity training in the age of AI and how she balances the roles as top cyber wducator at Allianz and an advisor for ENISA – https://www.infosecurity-magazine.com/interviews/allianz-cyber-educator-daria/

Defense, Intelligence, and Warfare

Digital Domains Are the New Battlefield

(Lauryn Williams – Lawfare) When the world woke up to news of a massive U.S.-Israeli military operation in Iran on Feb. 28, the early headlines were digital as well as kinetic. Anthropic’s Claude AI tool reportedly aided the U.S. military in selecting targets for missile strikes; an alleged Israeli cyberattack compromised the widely used BadeSaba religious calendar application to send anti-regime messages; the Iranian regime imposed an internet blackout and the U.S. military claimed that cyber and space operations had “disrupted” Iran’s communications; and electronic warfare activity spiked concurrently, hampering GPS navigation systems for ships passing through the Gulf. These events reveal a truth of modern warfare: Air campaigns like Operation Epic Fury are being fought and shaped in digital domains, including cyberspace, the information space, the electromagnetic spectrum, and outer space. Lines between these domains are blurring with growing implications for the future of modern conflict. –  https://www.lawfaremedia.org/article/digital-domains-are-the-new-battlefield

America’s arsenal of tomorrow: Divergent 3D-prints cruise missiles

(Mike Allen – Axios) A cruise-missile airframe is being 3D-printed before my eyes. The AI-driven system, the size of a shipping container, hums as it stacks layer on layer of aluminum and proprietary advanced metals. Why it matters: This white-floored factory at Divergent Technologies, just outside L.A., is a window into the American arsenal of the future. Each of Divergent’s printers, engineered and manufactured in the U.S., can produce hundreds of these missile airframes each year. They’re part of a new generation of “low-cost” missiles that are roughly one-tenth the cost of a legacy system. – https://www.axios.com/2026/03/23/divergent-3d-printing-missiles-pentagon

Frontiers

Telefónica Tech moves to combine AI and quantum computing

(DigWatch) Telefónica Tech has partnered with three European firms to bring AI and quantum computing closer together. The collaboration aims to improve how advanced models are developed and deployed across different environments. The initiative brings together Qilimanjaro Quantum Tech, Multiverse Computing and Qcentroid. Their combined expertise is expected to support more efficient, compact and locally deployable AI systems. – https://dig.watch/updates/telefonica-tech-moves-to-combine-ai-and-quantum-computing

Inspired Education introduces AI-driven learning for primary schools

(DigWatch) Inspired Education has unveiled a new AI-enabled primary teaching model designed to modernise traditional learning systems. The programme aims to better align education with how children learn in a digital and fast-changing environment. The model combines core academic subjects in the morning with applied learning in the afternoon. Students focus on life skills such as problem-solving, entrepreneurship and communication alongside standard curriculum content. – https://dig.watch/updates/inspired-education-introduces-ai-driven-learning-for-primary-schools

Human data demand fuels new global digital economy

(DigWatch) A growing number of individuals worldwide are participating in a new digital economy built around supplying data for AI systems. Through platforms such as Kled AI and Silencio, users upload videos, audio recordings and personal interactions in exchange for payment, contributing to the development of increasingly sophisticated AI models. Such a trend reflects a broader shift in the AI industry, where demand for high-quality human-generated data is rising as traditional web-based sources become more limited. – https://dig.watch/updates/human-data-demand-fuels-global-digital-economy