Governance/Regulation/Legislation

New OECD measure compares AI and job capabilities

(DigWatch) The OECD has published a new framework designed to assess how closely current AI capabilities align with the requirements of different occupations. The paper, ‘The OECD AI Exposure Measure‘, maps OECD AI Capability Indicators to occupations and introduces an AI Capability Gap Index. According to the OECD, the framework is intended to support analysis of potential AI impacts on work, skills, education, and labour-market policy. – https://dig.watch/updates/oecd-ai-exposure-measure

Who has authority to deal with drones? In most of Europe, that’s unclear

(James Reeves – ASPI The Strategist) Europe’s growing drone problem is a governance problem. The hardware exists. What is missing, across most of the continent, is the legal authority to deploy it, the jurisdictional clarity to coordinate it, and the political will to mandate either. Until that changes, Europe’s critical infrastructure will remain exposed to attacks that are cheap to mount and catastrophically expensive to absorb. This conclusion comes from primary research: a strategic intelligence briefing on governance of uncrewed aerial systems (UASs, or drones). This was conducted by Challenger Research in partnership with policy consultancy TWA, drawing on 23 stakeholder interviews across politicians, defence experts, strategic advisors and critical infrastructure professionals in Britain and Europe, alongside regulatory analysis of Britain, Poland, Germany and Italy. The findings have been consistent across every jurisdiction examined. Legal authority and jurisdictional fragmentation are fundamental constraints on effective counter-drone response. The available counter-UAS hardware cannot be lawfully deployed fast enough to matter in the few minutes between identification and response. – https://www.aspistrategist.org.au/who-has-authority-to-deal-with-drones-in-most-of-europe-thats-unclear/

European Union reviews platform power in third annual Digital Markets Act report

(DigWatch) The European Commission has published its first formal review of the Digital Markets Act, assessing how the regulation is affecting large online platforms and digital market competition across the European Union. The review says the DMA has already produced visible changes in some areas, including greater user choice through third-party app stores and prompts allowing users to select browsers or search engines. However, it also points to continuing challenges in implementation and enforcement. – https://dig.watch/updates/european-union-digital-markets-act-report

European Commission advances AI transparency code under EU AI Act

(DigWatch) The European Commission’s AI Office has convened a new round of working group meetings and workshops on the forthcoming Code of Practice on Marking and Labelling of AI-Generated Content. The discussions brought together providers of generative AI systems and models, technology companies, industry representatives, civil society organisations and academic experts. Feedback from the meetings will inform the third and final draft of the code, expected in early June. – https://dig.watch/updates/european-commission-ai-transparency-code-ai-act

The Vatican vs. killer robots: Pope Leo XIV takes aim at AI warfare

(Hannah Roberts – Politico) Pope Leo XIV on Monday raised the alarm over the use of AI in warfare and called for the technology to be “disarmed” and prevented from “dominating humanity.”. In a document known as an encyclical — a papal letter outlining the church’s perspective on a key topic — Leo said that artificial intelligence should never be used to make lethal decisions and warned that chat bots and other AI tools should never be equated with humans. The encyclical marks the Catholic Church’s most forceful intervention in the global debate over how artificial intelligence is shaping the future of warfare, labor and society. The text risks putting the Vatican on a collision course with governments racing to deploy AI as a strategic weapon. –  https://www.politico.eu/article/the-vatican-vs-killer-robots-pope-leo-xiv-takes-aim-at-ai-warfare/

New Zealand child agencies urge rights-based approach to online safety

(DigWatch) Children’s organisations in New Zealand have called for online safety debates to focus on children’s rights, evidence, and young people’s experiences online. The recommendations were outlined in a joint resource published by the Children’s Monitoring Group, ‘Making the online world safe for children’, which sets out how Aotearoa New Zealand could respond to online harm without relying solely on access restrictions. – https://dig.watch/updates/new-zealand-online-safety-law

Taiwan says power supply ready for AI growth

(DigWatch) Taiwan’s Ministry of Economic Affairs said the country is prepared to meet increasing electricity demand linked to the AI data centre expansion. The comments followed remarks by Nvidia CEO Jensen Huang regarding the growing energy requirements of AI infrastructure development. Huang stated that sufficient power availability would be important for continued AI-related economic growth. – https://dig.watch/updates/taiwan-says-power-supply-ready-for-ai-growth

Vietnam introduces mandatory labels for AI-generated content

(DigWatch) Vietnam will require disclosure labels for certain AI-generated and AI-edited content from May under a new government decree aimed at improving online transparency. Under Decree 142/2026/ND-CP, organisations and individuals using AI systems must disclose when content has been created or altered by AI in ways that could affect perceptions of authenticity. – https://dig.watch/updates/vietnam-introduces-mandatory-labels-for-ai-generated-content

Greece launches public AI literacy guide for citizens

(DigWatch) Greece’s Ministry of Digital Governance and Artificial Intelligence has launched ‘Artificial Intelligence for All’, a public guide designed to improve understanding and use of AI tools. The guide was developed through cooperation between leading AI scientists, the Ministry of Digital Governance and Artificial Intelligence, the National Council for Research, Technology and Innovation, and the Special Secretariat for Long-Term Planning. The guide is available free of charge through the digital platform of the Special Secretariat for Artificial Intelligence and Data Governance. – https://dig.watch/updates/greece-launches-public-ai-literacy-guide-for-citizens

Environmental group raises concerns over AI data centre emissions in Scotland

(DigWatch) Environmental charity APRS has criticised the Scottish Government over how greenhouse gas emissions linked to hyperscale AI data centres are assessed within existing planning and climate frameworks. According to APRS, earlier lifecycle emissions assessments focused primarily on broadband and smaller-scale digital infrastructure before the recent expansion of generative AI-related facilities. – https://dig.watch/updates/environmental-group-raises-concerns-over-ai-data-centre-emissions-in-scotland

Singapore pushes trusted AI governance with KPMG AI centre

(DigWatch) Singapore’s Ministry of Digital Development and Information has highlighted trust and accountability as key factors in AI adoption during the launch of KPMG’s new Trusted AI Centre of Excellence. Minister of State Jasmin Lau said governments and businesses should ensure AI adoption benefits workers, citizens, and smaller enterprises alongside larger organisations. – https://dig.watch/updates/singapore-pushes-trusted-ai-governance-with-kpmg-ai-centre

European Patent Office expands AI use in patent examination

(DigWatch) The European Patent Office (EPO) has presented new AI-related initiatives aimed at supporting quality and efficiency within the European patent system during the latest meeting of the SACEPO Working Party on Quality. The online gathering brought together 71 representatives from around the world to discuss examination standards, AI integration and long-term improvements to patent procedures. EPO President António Campinos described quality as a central element of the European patent system during the meeting. – https://dig.watch/updates/european-patent-office-expands-ai-use-in-patent-examination

Argentina launches AI ‘Digital Twin’ system for social policy simulations

(DigWatch) Argentina’s Ministry of Human Capital has launched the ‘Digital Twin’ initiative, an AI-based system intended to simulate potential impacts of social policies before implementation. According to the government, the project is part of broader efforts to use data analysis and predictive tools in public policy planning. The system is designed to model scenarios related to areas including poverty, subsidies, and human capital development using large-scale datasets. Officials said the initiative could support more anticipatory and data-informed policymaking processes. – https://dig.watch/updates/argentina-predictive-ai-social-policy-planning

Kazakhstan launches UNESCO AI readiness assessment initiative

(DigWatch) The United Nations Educational, Scientific and Cultural Organization has announced the launch of its AI Readiness Assessment Methodology in Kazakhstan to evaluate the country’s preparedness for AI governance and development. – https://dig.watch/updates/kazakhstan-launches-unesco-ai-readiness-assessment-initiative

Geostrategies

ASEAN isn’t yet ready for the AI agent swarm

(Karryl Kim Sagun Trajano, Ysa Marie Cayabyab – Lowy The Interpreter) Meta’s acquisition of Moltbook, an autonomous social network of AI agents, shows how far AI governance frameworks must evolve. Moltbook represents a novel form of online environment in which AI agents interact and generate content at scale. For policymakers in Southeast Asia, the episode poses a dilemma: technological experiments originating in global tech hubs can rapidly diffuse across regional digital systems, often outpacing existing regulatory oversight. The emergence of AI agents highlights a transition from AI as a human-assisted tool to AI systems capable of acting autonomously on users’ behalf. AI agents can operate continuously and independently, interpreting and responding to content at scale while autonomously completing tasks. In shared environments, agents can detect bugs, optimise workflows, and solve problems faster than humans. With elevated permissions and delegated authority, AI agents are already carrying out actions with consequences, from sending messages in a user’s name to initiating financial transactions. – https://www.lowyinstitute.org/the-interpreter/asean-isn-t-yet-ready-ai-agent-swarm

US and Sweden expand cooperation on AI and strategic technologies

(DigWatch) The White House has announced a new Memorandum of Understanding between the US and Sweden focused on cooperation in strategic technologies, research, and industrial innovation. The agreement includes cooperation on AI systems, advanced connectivity, and secure 5G and 6G infrastructure. The memorandum also references collaboration on telecommunications standards, subsea communications infrastructure, and industrial AI applications. – https://dig.watch/updates/us-and-sweden-expand-cooperation-on-ai-and-strategic-technologies

Security and Surveillance

Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers

(Pierluigi Paganini – Security Affairs) When the United States launched Operation Epic Fury against Iran at the end of February 2026, most analysts expected the country’s cyber apparatus to hunker down and weather the storm. That’s not what happened. Instead, researchers at Check Point have documented something more unsettling: the Iran-linked threat actor Nimbus Manticore (aka UNC1549) used the chaos of active conflict as cover to accelerate its operations, debut new malware, and experiment with delivery methods it had never tried before. “The campaign leveraged malicious lures impersonating organizations in the aviation and software sectors across the United States, Europe and the Middle East.” reads the report published by CheckPoint. “For the first time, we observed the use of SEO poisoning as an additional malware delivery method.”. The APT group is affiliated with Iran’s Islamic Revolutionary Guard Corps. It has been on the radar of threat intelligence experts for years, primarily targeting defense, aviation, and telecommunications organizations through career-themed phishing, fake job opportunities convincing enough to fool employees at major companies. What Check Point observed between February and April of this year, however, goes well beyond that established playbook. – https://securityaffairs.com/192689/apt/nimbus-manticore-expanded-attacks-with-ai-assisted-malware-and-fake-zoom-installers.html

The Hidden Ransomware Economy Running on Exposed Databases

(Pierluigi Paganini – Security Affairs) Database extortion doesn’t look like the ransomware stories that usually grab headlines. There’s no slick branding, no leak-site countdown, no gang posting memes on Telegram. In most cases, there’s just a text file sitting inside a live database telling the victim to send bitcoin for data that’s already been copied, deleted, or both. The Ransomnews Research Team spent five years tracking exposed databases on the public internet, from May 2021 through 13 May 2026. The dataset covers 65,907 exposed systems across MongoDB, MySQL, Elasticsearch, Kibana, and a long list of HTTP-based admin panels. Of those, 30,515 databases, or 46.3%, already carried a ransom or wipe note when researchers found them. – https://securityaffairs.com/192711/cyber-crime/the-hidden-ransomware-economy-running-on-exposed-databases.html

Malware Found in Laravel-Lang Composer Packages After Git Tag Poisoning Attack

(Pierluigi Paganini – Security Affairs) Hackers compromised four popular Laravel-Lang Composer packages and injected malware by rewriting more than 700 Git tags tied to historical versions. Laravel-Lang is a community-driven project that provides translation and localization files for Laravel applications. The affected libraries, used for localization in Laravel applications, include laravel-lang/lang, http-statuses, attributes, and actions. – https://securityaffairs.com/192697/security/malware-found-in-laravel-lang-composer-packages-after-git-tag-poisoning-attack.html

Lazarus APT unveils fileless remote access Trojan designed to evade detection

(Pierluigi Paganini – Security Affairs) North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and financial institutions over the past decade. But a newly detailed malware family suggests the group has quietly been refining its approach, trading noisy intrusions for something far more surgical: a remote access trojan that runs entirely in memory, leaving investigators with almost nothing to find. Researchers at Fox-IT, an NCC Group subsidiary, published a detailed breakdown last week of a three-stage toolchain dubbed RemotePE, which they first encountered during an incident response engagement at an unnamed decentralized finance organization. – https://securityaffairs.com/192666/apt/lazarus-apt-unveils-fileless-remote-access-trojan-designed-to-evade-detection.html

Third-Party Cyberattack Impacts Patient Information at The Oncology Institute

(Pierluigi Paganini – Security Affairs) The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The healthcare network first disclosed the security breach in November 2025 while the vendor’s investigation was still ongoing. Although the provider has not been officially named, reports suggest Cognizant-owned TriZetto may be involved. The Oncology Institute, Inc. is a U.S.-based healthcare company that provides community-based cancer care services. It operates a network of oncology clinics focused on treating patients with cancer in outpatient settings, aiming to make care more accessible outside of large hospital systems. –  https://securityaffairs.com/192679/data-breach/third-party-cyberattack-impacts-patient-information-at-the-oncology-institute.html

After the Canvas breach, security takes centre stage for SaaS providers

(Rajiv Shah – ASPI The Strategist) When a software-as-a-service (SaaS) platform fails, it doesn’t just fail one customer; it fails whole sectors. That’s the security problem hiding inside organisations becoming more and more dependent on SaaS providers. Customers need to focus on resilience, availability and security. They should ask ‘Will it work when we need it, can we trust it with our data, and what happens when it fails?’ As AI makes it cheaper to write software, these become the real differentiator, not instead of being impressed by smooth functionality and slick interfaces. We’ve just seen a very real example of risks in sectoral dependency on SaaS platforms. A breach in the Canvas learning management system in the first week of May 2026 exposed student records and took systems offline, affecting 275 million users at more than 8,800 institutions. Affected organisations in Australia included the Queensland Department of Education and top-tier universities such as the Australian National University, the University of Melbourne and the University of Technology Sydney. Learning and assessments were disrupted for several days until Canvas’s parent company, Instructure, said it had reached an agreement with the attackers to have the data destroyed. This has been widely assumed to mean that the company paid a ransom. – https://www.aspistrategist.org.au/after-the-canvas-breach-security-takes-centre-stage-for-saas-providers/

90 Days to Full NHI Management, Agentic AI Security and Operational Efficiency

(Robert Kraczek – Infosecurity Magazine) Non-human identities such as service accounts, APIs, bots and AI agents now dominate enterprise environments, but governance has not kept pace. Limited visibility, stale credentials, and unmanaged access create persistent risk, now amplified by autonomous AI agents that extend beyond static controls. Organizations need unified identity governance with continuous visibility, strict access control, and real time monitoring across all identities to reduce exposure and safely scale automation and AI. – https://www.infosecurity-magazine.com/blogs/90-days-to-full-nhi-management/

Fake Streams, Counterfeit Merch and Other Scams: How Fraudsters Target F1 Fans

(Infosecurity Magazine) Cybercriminals and fraudsters have dedicated entire ecosystems to scamming and stealing from Formula 1 fans, a new report has warned. According to the Bitdefender Cybersecurity Grand Prix Fan Threat Index, the growing global digital ecosystem around motorsport makes it an ideal target for scammers. Fans and Formula 1 teams alike now find themselves in attackers’ crosshairs. Scams targeting F1 fans range from being sold counterfeit merchandise and fake grand prix tickets, to illegal streaming services and social media scams. All designed to steal personal information, credit card details, generate illicit revenue and distribute malware. – https://www.infosecurity-magazine.com/news/how-fraudsters-target-f1-fans/

Breaking The Silo: What ECCTA’s Information-Sharing Gateway Means for Security Leaders

(Ruth Paley – Infosecurity Magazine) For CIOs and CISOs, economic crime is increasingly a technology problem. Fraud and financial crime campaigns now often resemble coordinated cyber operations: distributed, adaptive and deliberately structured to exploit the gaps between institutions. The historic constraint has not been capability within firms, but rather visibility across them. The Economic Crime and Corporate Transparency Act 2023 (ECCTA), and in particular its information-sharing gateway under sections 188–189, aims squarely at that gap. For security leaders, it introduces something more consequential than mere tinkering: a framework for controlled data exchange between institutions. With the focus shifting away from the question of whether firms can share information – they can now do so with confidence – the issue becomes how to do so in a way that strengthens detection and integrates with existing security architecture. – https://www.infosecurity-magazine.com/opinions/what-ecctas-means-for-security/

Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation

(Pierluigi Paganini – Security Affairs) Dutch financial crime investigators arrested two men and seized 800 servers connected to Stark Industries, a hosting provider accused of enabling cyberattacks, interference operations, and disinformation campaigns. Authorities said the suspects supported Russian and Belarusian entities under EU sanctions. Investigators launched the probe into the company, founded shortly before Russia invaded Ukraine. Authorities searched three business premises in Enschede and Almere, along with two data centers in Dronten and Schiphol-Rijk, seizing administrative records, laptops, phones, and more than 800 servers. “The criminal investigation focuses on a web hosting company that was established on February 10, 2022, two weeks before the Russian invasion of Ukraine.” reads the press release published by Dutch FIOD. “In the years that followed, this company was used, among other things, to facilitate destabilizing activities directed against the European Union, including interference, cyberattacks, and the dissemination of disinformation.” – https://securityaffairs.com/192602/intelligence/dutch-authorities-dismantle-hosting-network-allegedly-used-for-cyberattacks-and-disinformation.html

FBI director Kash Patel’s brand website taken offline after malware reports

(Pierluigi Paganini – Security Affairs) The merchandise website of FBI director Kash Patel (basedapparel[.]com) was taken offline on Friday after reports that it had been compromised by hackers using it to spread malware. The malware was discovered on Thursday by “big time nerd” user known as “debbie.”. Visitors were instructed to copy a code from the website and paste it into their computer’s terminal, a social engineering method known as a ClickFix attack. Once executed, the Mac-specific code would download and install malware on the device. A ClickFix attack is a social engineering technique that manipulates users into running malicious commands themselves, typically by posing as a fix for a problem or verification step, ultimately leading to malware installation or system compromise. – https://securityaffairs.com/192613/security/fbi-director-kash-patels-brand-website-taken-offline-after-malware-reports.html

United Kingdom and Australia tighten alliance on AI security risks

(DigWatch) The United Kingdom and Australia are deepening cooperation on AI security through a new partnership between the UK AI Security Institute and the Australian AI Safety Institute. Under a Memorandum of Understanding, the two institutes will share information on frontier AI capabilities, collaborate on AI evaluation practices and exchange research findings. The UK government said the partnership will focus partly on how advanced AI systems could be used in cyberattacks, as well as how they can strengthen defensive capabilities. – https://dig.watch/updates/united-kingdom-and-australia-on-ai-security-risks

Institute for AI Policy and Strategy warns of frontier AI cybersecurity risks

(DigWatch) The Institute for AI Policy and Strategy has called on the White House to develop a national security strategy focused on frontier AI systems. The recommendations follow reports concerning advanced cybersecurity-related capabilities demonstrated by Anthropic’s Mythos Preview model. The organisation recommended stronger protection of AI model weights, expanded monitoring of adversarial AI development, and improved information sharing between government agencies and private companies. The memo also proposed enhanced testing standards and oversight mechanisms for advanced AI systems. – https://dig.watch/updates/institute-for-ai-policy-and-strategy-warns-of-frontier-ai-cybersecurity-risks

Defense/Intelligence/Warfare

Iran Is Aiming To Use Chinese Technology To Permanently Throttle Internet Access

(Kian Sharifi – RFE/RL) A senior Iranian official has revealed that Tehran has imported advanced Chinese technology in a bid to permanently cut off access to the global Internet. The revelation came amid an unprecedented Internet blackout in Iran, where the authorities imposed a shutdown after the start of the war with the United States and Israel on February 28. Mohammad Sarafraz, a member of Iran’s Supreme Council of Cyberspace and former head of state broadcaster IRIB, told the online newspaper Faraz on May 23 that the Chinese hardware was already in the country. The purpose of the technology, he said, was to lay the groundwork for the permanent throttling of the Internet while only allowing tightly monitored access for select users in the country of some 90 million people. – https://www.rferl.org/a/iran-china-internet-blackout-censorship-tool/33764398.html