Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Cyber Briefing – April 30, 2026


Cyber Briefing

TODAY’S TOP 5

WHITE HOUSE OPPOSES EXPANDED ACCESS TO MYTHOS: The White House opposes a plan from Anthropic to expand access to its powerful artificial-intelligence model Mythos, complicating the rollout of an AI tool capable of carrying out cyberattacks and sowing widespread disruptions online, The Wall Street Journal reports. Anthropic recently proposed letting roughly 70 additional companies and organizations use Mythos, which would have brought the total number of entities with access to about 120, people familiar with the matter said. Administration officials told the company they oppose the move because of concerns about security, the people said. Some White House officials also worried that Anthropic wouldn’t have access to enough computing power to serve that many more entities without hampering the government’s ability to use it effectively, one of the people said. The White House is involved in the rollout of Mythos because of the national-security risks posed by the model. 

  • The White House is crafting guidance that would allow federal agencies to bypass a supply chain risk designation on Anthropic and clear the way for government use of its tools, including the cyber-focused Mythos AI model, according to an industry source familiar with the matter, Nextgov/FCW reports. The move is notable because it suggests the Trump administration may be softening its stance on Anthropic. The Pentagon labeled Anthropic as a supply chain risk earlier this year — and the White House later ordered a governmentwide phaseout of its technology — after the AI company declined to ease restrictions on its products being used in domestic surveillance and fully autonomous weapons. The administration is also drafting an AI executive order that could, in part, address how the government uses Anthropic’s tools, a second person familiar with the matter said. 
  • OpenAI is expanding access to its most advanced AI models to help businesses and governments shore up their cyber defenses, a sharp contrast to rival Anthropic, which says controlling access to its models is the best way to boost global cybersecurity, CNN reports. The difference in the two companies’ approaches to cybersecurity mirrors much of the wider debate in the world of AI, where the technology has been advancing much more quickly than legal, regulatory and social guardrails. That’s left some companies to advance a philosophy of innovating as quickly as possible, while others have moved more cautiously, mindful of potential social harms.
  • Project Glasswing was designed to place critical-infrastructure partners ahead of bad actors in the perpetual cat-and-mouse contest between offense and defense in cybersecurity. We should be relieved Anthropic made this choice, Mariana Olaizola Rosenblat writes at Just Security. But relief is not the same as security, and the fact that a government had to rely on a company’s goodwill, rather than the force of law, should alarm us. Reasons for alarm deepened last week when reports emerged that a group of unauthorized users had gained access to Mythos and other Anthropic models.

DATA CENTERS AS A CRITICAL INFRASTRUCTURE SECTOR?: The growth of data centers — and adversaries’ targeting of them — left lawmakers at a hearing Wednesday contemplating whether the federal government has the right setup for defending them, CyberScoop reports. Some industry witnesses and experts at the hearing of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection testified that the answer might be to give data centers their own standalone designation as a critical infrastructure sector. The question of how to secure data centers against cyber and physical attacks coincides with artificial intelligence fueling a boom in the building of such facilities across the United States. Last month, Iranian drones targeted two Amazon data centers in response to the U.S.-Israel bombing campaign on Iran, and a third data center in Bahrain was struck as well.

  • A data center developer has paused all Middle East project investments after one of its facilities was damaged by an Iranian missile or drone attack, Ars Technica reports. The decision comes as the Iran war is forcing Silicon Valley investors and tech companies to rethink a trillion-dollar plan to build more AI and cloud data centers in Gulf countries. The damaged data center is owned by Pure Data Centre Group, a London-based company that is operating or developing more than 1 gigawatt of data center capacity across Europe, the Middle East, and Asia. “No one’s going to run into a burning building, so to speak,” Pure DC CEO Gary Wojtaszek told CNBC. “No one’s going to put in new additional capital at scale to do anything until everything settles down.”
  • Cyber experts say staff cuts and other changes at the Cybersecurity and Infrastructure Security Agency have left CISA less ready to engage with the private sector on critical cyber issues, even as lawmakers eye new steps to address increasingly important sectors like space systems and data centers, Federal News Network reports. During the House Homeland Security subcommittee hearing Wednesday, witnesses focused primarily on CISA’s role carrying out sector risk management agency (SRMA) duties assigned to the Department of Homeland Security. Rep. Delia Ramirez (D-Ill.), the new ranking member of the cybersecurity subcommittee, pointed out that CISA has lost roughly one-third of its staff over the past year. CISA’s Stakeholder Engagement Division lost 96 of 189 staff since January 2025.

WATCH: House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection hearing “Data Centers, Telecommunications Networks, and Space-Based Systems: Modernizing DHS’s SRMA Role for the Communications and IT Sectors”

PRO-RUSSIAN HACKERS TURN CYBERATTACKS INTO A GAME: A pro-Russian hacker group accused by European authorities of carrying out cyberattacks against governments, banks and infrastructure across the West has turned participation in cybercrime into what it calls a “patriotic online game,” recruiting volunteers through Telegram and rewarding them with cryptocurrency, The Moscow Times reports. The group, NoName057(16), has claimed responsibility for waves of distributed denial-of-service (DDoS) attacks on public institutions and private companies across Europe since Russia’s full-scale invasion of Ukraine in 2022. Western intelligence agencies and Europol say the hackers function as part of Russia’s broader hybrid war against countries supporting Kyiv. An investigation by the Poland-based news outlet Vot Tak, conducted with cybersecurity experts from RKS.Global, found that the group’s activity has not diminished despite a major Europol-led crackdown in July 2025 known as Operation Eastwood.

  • The Russian State is seeking to massively expand its ability to surveil and filter internet traffic by upgrading systems to deal with increasing traffic volumes and increasing fines for providers who do not fully comply, the Jamestown Foundation reports. Russia is also pursuing further restrictions on virtual private networks (VPNs) by pressuring platforms to block those using them and requiring mobile operators to charge higher fees for those using more than 15 gigabytes of traffic from abroad. The Kremlin is aiming to restrict civilian use of digital encryption and create full-spectrum internet surveillance, which will likely expand further in the coming years.

AUTONOMOUS WARFARE SUB-UNIFIED COMMAND: The U.S. military will soon have a new sub-unified command focused on autonomous warfare, Secretary of Defense Pete Hegseth told lawmakers Wednesday, DefenseScoop reports. Sub-unified commands, which combatant commanders can set up with the approval of the SecDef, are joint organizations designed to conduct operations and certain missions assigned to the geographic or functional combatant command that they fall under. The designation typically signifies that the organization’s mission is enduring and a high priority for military leadership.

  • Last year, Army Secretary Daniel Driscoll brought together roughly 20 top executives from some of the nation’s leading technology and industrial companies to help the service identify how industry could best support the Army’s push to advance some of its critical artificial intelligence initiatives. The Army presented industry with a series of operational scenarios, asking companies how they would address the Army’s key challenges in those areas. “A lot of them really distill down into how do we become more data-centric and reduce cognitive load on operational formations, particularly in priority theaters, where low bandwidth or denied environments are going to be a problem in a large-scale combat scenario,” Deputy Under Secretary of the Army David Fitzgerald told Federal News Network.
  • The U.S. government is modernizing its Small Business Innovation Research and Small Business Technology Transfer (SBIR/STTR) programs to get after contemporary warfare and national security gaps, senior officials involved in the work said on Wednesday. Referred to collectively as “America’s seed fund,” that decades-old pair of federal programs provides technology-focused small businesses and startups with early-stage investments and support to commercialize their products, and ultimately field them for use by federal agencies and the military. “I think what you’re going to see is more urgency,” the Pentagon’s Chief Technology Officer Emil Michael told DefenseScoop. “There’s sort of specific modifications we’re going to make to make it easier … for small businesses by removing some of the barriers — regulatory and otherwise — that they currently face.”

THE CASE FOR ENGINEERING AN AI PARTNER FOR INTELLECTUAL HONESTY IN NATSEC: The Challenger, the Bay of Pigs, Kodak, the Iraq War and Theranos. These are not merely stories of failure; they are monuments to a recurring and dangerous paradox. In each case, leaders and organizations, fully aware of the need for rigor, inexplicably suppressed the very critical thinking that could have saved them, Forrest A. Woolley and Richard A. McConnell write at Small Wars Journal. The mystery is why intelligent, capable people act against their own best interests, becoming so infatuated with an idea that they build an echo chamber to protect it from reality. This behavior is not an aberration; it is a deeply human flaw. As our reliance on artificial intelligence grows, we risk building more sophisticated echo chambers, where human and machine bias can reinforce each other into oblivion. The solution is not to fear AI, but to engineer it with a new purpose: to serve not as a compliant assistant, but as an incorruptible partner for intellectual honesty with the human touch and involvement that is needed.

OSINT YOU NEED TO START YOUR DAY: The Cyber Briefing is brought to you by the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. SUBSCRIBE
WE WANT TO HEAR FROM YOU: What would you like to see in your morning briefing? Reach out to Executive Editor Bridget Johnson with your comments and suggestions

CYBER FOCUS PODCAST

(Watch on YouTube or click the player above)

America is asking more from its critical infrastructure just as adversaries are finding more ways to target it. AI, data centers, electrification and next-generation energy systems all depend on operational technology — the control systems that keep power, water, transportation and industry moving. As that backbone grows more connected, the stakes of securing it grow even higher. In this episode of Cyber Focus, Frank Cilluffo speaks with Zach Tudor, Associate Laboratory Director at Idaho National Laboratory, about how INL tests and secures critical infrastructure at scale. Tudor explains why resilience must guide infrastructure defense, what Ukraine and China reveal about the risks facing critical infrastructure, and why cyber-informed engineering is essential as new technologies move into energy, nuclear, wireless and industrial systems. The conversation also covers AI’s role in control environments, the workforce needed to secure future infrastructure and the challenge of moving faster before a major event forces action.

SUBSCRIBE TO CYBER FOCUS: YouTube | Spotify | Apple Podcasts

CYBER AND CI UPDATES

ATTACKS AND INCIDENTS

Breaches

Stelia North America hacked in ransomware attack

Airbus-owned Stelia North America has been hacked in an apparent ransomware attack. In a statement, Steila confirmed the attack, saying: “Upon detection, we immediately activated our cyber defence protocols and took proactive measures, including isolating affected systems, to mitigate the threat. We can confirm this incident is strictly contained to the Stelia North America IT environment and does not impact the broader Airbus Atlantic network. We are conducting a comprehensive forensic investigation alongside leading external cybersecurity experts. The safety and security of our people, our operations, our data, and our partners remain our absolute priority. (AVIATIONBUSINESSNEWS.COM)

Polymarket rejects data breach claims as hacker alleges 300K records stolen

A hacker called Xorcat claims to have stolen a massive 300,000 records from Polymarket. It is the world’s largest decentralised cryptocurrency-based prediction market where users bet on world events. The alleged stolen data was posted on a cybercrime forum and Telegram on 27 April 2026. However, Polymarket has rejected these claims. Xorcat claims to have taken advantage of several flaws in the website’s code. One method involved using undocumented API endpoints. Another method was a pagination bypass on Polymarket’s CLOB (Central Limit Order Book) trading system. (HACKREAD.COM)

Cybercrime

U.S., UAE and China joint effort dismantles 9 crypto scam centers

A Dubai police-led international crackdown on scam rings last week resulted in the arrest of 276 individuals and the shutdown of at least nine crypto scam centers, the Department of Justice revealed on Wednesday. In a joint operation with the FBI and China’s Ministry of Public Security, Dubai authorities arrested 275 people, with an additional person arrested by the Royal Thai Police. Six people have been charged in connection with the scam centers. Four of the defendants and two fugitive co-conspirators were charged with federal fraud and money laundering in federal court in San Diego, according to the DOJ. (TRADINGVIEW.COM)

Call centers dismantled and 10 arrested in EUR 50 million online fraud case

A criminal network operating a large-scale online fraud scheme has been dismantled through a collaborative investigation involving Austrian and Albanian authorities, with support from Europol and Eurojust. The operation, which spanned over two years, resulted in the arrest of ten individuals, the search of multiple premises, and the seizure of nearly EUR 900 000 in cash. The criminal network, allegedly operating several call centers in Tirana, Albania, is believed to have caused significant financial damage, totalling at least EUR 50 million. The call centers were professionally set up and organized, resembling legitimate business structures featuring a clear division of roles and hierarchical management. (EUROPOL.EUROPA.EU)

Health care

A quarter of health care organizations report medical device cyberattacks

One-in-four (24%) health care organizations (HCOs) experienced cyberattacks impacting medical devices over the past year, causing potentially significant disruption to patient care, according to RunSafe Security. The security vendor polled 551 healthcare professionals across the US, UK and Germany to produce its 2026 Medical Device Cybersecurity Index. It revealed that, in 80% of cases, attacks affecting devices had a “moderate” or “significant” impact on patients. (INFOSECURITY-MAGAZINE.COM)

Sandhills Medical says ransomware breach affects 170,000

Sandhills Medical said in a data security incident notice on its website that it discovered a ransomware attack on May 8, 2025. It has since been working with law enforcement, cybersecurity experts, and a forensics firm to investigate the intrusion and determine its impact. Now, nearly one year later, the healthcare organization has publicly disclosed the incident and notified affected individuals. (SECURITYWEEK.COM)

Trends

Researchers track 2.9 billion compromised credentials

The threat landscape in 2025 was characterized by a surge in compromised credentials, extortion and vulnerability exploitation, according to a new report from KELA. The threat intelligence firm tracked nearly 2.9 billion compromised credentials last year globally, it said in its latest report, The State of Cybercrime 2026: Emerging Threats & Predictions. These included usernames, passwords, session tokens, cookies found in URL, login and password (ULP) lists, breached email repositories and cybercrime marketplaces. At least 347 million were originally obtained by infostealers found on around 3.9 million infected machines. (INFOSECURITY-MAGAZINE.COM)

WATCH: White House National Cyber Director Sean Cairncross, CISA Acting Director Nick Andersen and more top leaders at the recent McCrary Cyber Summit

THREATS

Health care

AI finds 38 security flaws in electronic health record platform

An AI-powered analysis of the OpenEMR codebase uncovered 38 previously undisclosed vulnerabilities in the open source electronic health record (EHR) platform used by more than 100,000 healthcare providers worldwide. The vulnerabilities, all patched now, range in severity from medium to critical and include missing or incorrect authorization checks, cross-site scripting (XSS) flaws, SQL injection, path traversal, and session-related issues. The flaws could have enabled a broad range of attacks against OpenEMR deployments, according to researchers at Aisle, which used the company’s AI-powered platform to autonomously scan the OpenEMR codebase. (DARKREADING.COM)

ICS/OT

Hundreds of internet-facing VNC servers expose ICS/OT

Millions of remote access RDP and VNC servers are exposed to the internet, and hundreds of them may provide access to industrial control systems (ICS) and other operational technology (OT), according to research by Forescout. RDP (Remote Desktop Protocol) and VNC (Virtual Network Computing) are widely used for remote access, but they should not be exposed directly to the open internet without a secure gateway. A Shodan search shows roughly 1.8 million RDP and 1.6 million VNC servers exposed on the internet, a majority in China and the United States. Forescout has determined that the majority are honeypots, ISPs, and hosting providers, but its researchers still found 91,000 RDP and 29,000 VNC servers that could be linked to specific industries. (SECURITYWEEK.COM)

Phishing

New AI-powered Bluekit phishing kit targets major platforms with MFA bypass attacks

Varonis Threat Labs has discovered a new phishing-as-a-service kit called Bluekit that is making it much easier for cyberattackers to bypass security, even when users have extra protections turned on. This kit is basically like a one-stop shop for hackers, offering over 40 fake website templates that mimic big names like iCloud, Apple ID, Gmail, Outlook, Hotmail, Yahoo, ProtonMail, GitHub, Twitter, Zoho, Zara, and Ledger. In the past, a hacker had to switch between different services to set up a scam. Bluekit changes all that by offering everything on a single dashboard where threat actors can buy domains, set up fake login pages, and track their victims in real-time. (HACKREAD.COM)

Supply chain

SAP-related npm packages compromised in credential-stealing supply chain attack

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. According to reports from Aikido Security, Onapsis, OX Security, SafeDep, Socket, StepSecurity and Google-owned Wiz, the campaign – calling itself the mini Shai-Hulud – has affected packages associated with SAP’s JavaScript and cloud application development ecosystem. (THEHACKERNEWS.COM)

Vulnerabilities

SonicWall SonicOS flaw lets attackers bypass access controls and crash firewalls

SonicWall has released a security advisory detailing three new vulnerabilities affecting its SonicOS software. Disclosed on April 29, 2026, under advisory ID SNWLID-2026-0004, these security flaws open the door for attackers to bypass access controls, manipulate restricted files, and intentionally crash critical firewall infrastructure. The most severe of the three bugs carries a high-severity score, highlighting the need for immediate attention from network administrators. (GBHACKERS.COM)

Google fixes CVSS 10 Gemini CLI CI RCE and Cursor flaws that enable code execution

Google has addressed a maximum severity security flaw in Gemini CLI — the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems. “The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,” Novee Security said in a Wednesday report. “This triggered command execution directly on the host system, bypassing security before the agent’s sandbox even initialized.” (THEHACKERNEWS.COM)

ProFTPD SQL injection flaw opens door to remote code execution attacks

A newly disclosed flaw in ProFTPD is drawing urgent attention because it can let attackers move from a simple SQL injection bug to authentication bypass, privilege escalation, and in some environments even remote code execution. Tracked as CVE-2026-42167, the issue was found in ProFTPD’s mod_sql extension by ZeroPath Research, and MITRE assigned it a CVSS v3 score of 8.1, placing it in the high-severity range. The risk is especially serious for internet-facing FTP servers that use SQL-backed logging or authentication, because the attack can be triggered remotely and may not always require a valid login first. (GBHACKERS.COM)

ADVERSARIES

China

Chinese hackers spied on Cuban embassy as U.S. prepared blockade

Chinese hackers breached Cuba’s embassy in Washington to spy on communications of dozens of diplomats as the island nation stared down a U.S. naval blockade, according to findings from the cyber firm Gambit Security, Bloomberg reports. The campaign began in January and compromised the emails of 68 officials, including the Cuban ambassador and the deputy chief of mission, researchers said. The breach coincided with a period of intense geopolitical friction, occurring shortly after a U.S. raid in Venezuela and roughly coincided the Trump administration’s decision to halt oil deliveries to Cuba, contributing to widespread blackouts across the country. “This hack shows how world events drive cyber activity,” said Curtis Simpson, chief strategy officer at Gambit. (BLOOMBERG.COM)

House panels probe Airbnb, Anysphere over use of Chinese AI models

Republican-led House committees are investigating Airbnb and Anysphere, the maker of the AI coding platform Cursor, over their use of artificial intelligence models developed by Chinese companies. The House Homeland Security Committee and the House Select Committee on the Chinese Communist Party sent letters Wednesday to the companies’ CEOs requesting details about their use of Chinese-built AI systems, the rationale behind those choices and any communications the firms have had with the model providers. The letters — signed by Homeland Security Chairman Andrew Garbarino (R-N.Y.) and China Select Committee Chairman John Moolenaar (R-Mich.) — also ask that employees involved in those decisions participate in an in-person briefing with lawmakers. (NEXTGOV.COM)

More private health records of UK Biobank volunteers appear on Chinese website

There have been further listings of confidential health records of UK volunteers on the Chinese website Alibaba since the breach reported last week, and the government is braced for further leaks, the science minister has said. Addressing a House of Lords debate on the attempted sale of data belonging to 500,000 UK Biobank volunteers, Patrick Vallance said the government had worked with Chinese officials to remove additional postings on the online marketplace. “New listings will emerge – there have been additional listings posted since the government were made aware of the issue last week – and we continue to work with the Chinese government to remove them quickly,” Lord Vallance said. (THEGUARDIAN.COM)

Iran

Trump said Iran’s oil pipelines will soon ‘explode.’ Energy experts doubt it

After weeks of unsuccessfully pressuring Iran to reopen the Strait of Hormuz, President Donald Trump spent recent days arguing that its closure had brought Tehran to the brink of an explosive plumbing problem that would force it to the bargaining table. “If they don’t get their oil moving, their whole oil infrastructure is going to explode,” Trump told reporters at the White House last Thursday, touting the success of a U.S. blockade on the waterway that ordinarily ferries about 20 percent of the world’s oil and natural gas. He said during a Fox News appearance Sunday that Iranian oil pipelines “both mechanically and in the earth” would “explode from within” if the country did not start exporting through the strait soon. (WASHINGTONPOST.COM)

North Korea

Claude adds malware to crypto agent

ReversingLabs (RL) researchers discovered malicious code in a crypto trading project after an AI-based coding agent added a malicious package as a dependency. The @validate-sdk/v2 package poses as a routine data validation tool while siphoning off sensitive secrets from its host environment. The new malware campaign, which RL has dubbed PromptMink, involves a tainted package that was introduced in a Feb. 28 commit to an autonomous trading agent. The commit was co-authored by Anthropic’s Claude Opus large language model (LLM). It allows attackers to access users’ crypto wallets and funds. The incident is part of a broader campaign tied to the North Korean-linked group Famous Chollima, which is leveraging AI-generated code and a layered package strategy to evade detection and more effectively deceive automated coding assistants than human developers. (REVERSINGLABS.COM)

GOVERNMENT AND INDUSTRY

Artificial intelligence

Disclosed government AI use increased by 70% in 2025, per OMB 

The Office of Management and Budget’s public tally of governmentwide AI use again grew in 2025 — this time amid the Trump administration’s push to use the technology in the name of efficiency. Per OMB’s recent publication on GitHub, the U.S. government reported about 3,600 AI use cases across agencies, a nearly 70% increase in disclosed applications of the technology from the previous reporting year. As with previous disclosures, the accounting captures pre-deployment uses, pilot projects, those in active operation, and retired deployments. The figure does not include uses in the Department of Defense or elements of the intelligence community. Per the 2025 inventory, roughly 9% of the reported uses had been retired. (FEDSCOOP.COM)

NGA taking cautious approach to AI adoption in human resources

As the National Geospatial-Intelligence Agency adopts artificial intelligence into HR workflows, the organization is taking a prudent approach to ensure its workforce doesn’t become overdependent on the technology. “My biggest fear is that in five years, we’re going to lose a lot of expertise because we have automated so many of the things that have helped those individuals really understand their tradecraft, understand HR and the nuances and complexities and be able to grow,” Sasha Muth, deputy director of human development at NGA, said Tuesday during a panel the Workday Federal Forum, presented by FedScoop. (DEFENSESCOOP.COM)

AI companies can’t regulate themselves. They should regulate each other

OPINION: Competition is preventing artificial intelligence (AI) safety. Anthropic recently abandoned its industry-leading safety guarantee for new model releases, stating that “[w]e didn’t really feel, with the rapid advance of AI, that it made sense for us to make unilateral commitments … if competitors are blazing ahead.” A company that invests more in safety deploys models later, loses customers, and risks losing the investors it needs to fund compute for the next generation. OpenAI faced the same problem and responded by cutting pre-deployment safety testing time. Effective AI regulation must address the collective action problem at the heart of AI risk. (LAWFAREMEDIA.ORG)

Colorado attorney general to delay enforcing AI law after xAI lawsuit

Following a suit filed this month by xAI against Colorado, the state’s attorney general has indicated that he will not enforce the state’s artificial intelligence law when it goes into effect this summer, and asked the federal court hearing the case to temporarily delay enforcement. Elon Musk’s AI company filed its suit in early April, seeking to stop enforcement of Colorado’s 2024 AI law before it takes effect on June 30. It was the first state law of its kind to broadly regulate high-risk AI systems used in areas like hiring, lending, housing, insurance and government services. (STATESCOOP.COM)

Met Police’s Palantir deployment has its own officers watching their backs

London cops are being told by their staff association to be “extremely cautious” about carrying work devices off duty, after the Metropolitan Police Service (MPS) deployed Palantir’s technology to investigate hundreds of its own officers. The Metropolitan Police Federation, which represents more than 30,000 MPS officers, is considering legal action over the force’s use of the US firm’s AI to analyze employee data, including location tracking. “Courageous colleagues across London do not deserve to be treated with this level of suspicion by their Big Brother Bosses,” said Matt Cane, the federation’s general secretary, in a statement. (THEREGISTER.COM)

Defense

U.S. seeks to deploy hypersonic missile for the first time against Iran

U.S. Central Command has asked to send the Army’s long-delayed Dark Eagle hypersonic missile to the Middle East for possible use against Iran, seeking a longer-range system to hit ballistic-missile launchers deep inside the country. If approved, it would mark the first time the U.S. will have deployed its hypersonic missile, which is running far behind schedule and hasn’t been declared fully operational even as Russia and China have deployed their own versions. The Request for Forces submission justifies the move by saying Iran has moved its launchers out of range of the Precision Strike Missile, a weapon that can hit targets at more than 300 miles, a person with direct knowledge of the request said. (BLOOMBERG.COM)

Ukrainian official advocates for artificial intelligence, autonomous drones for battlefield deployment

Head of the Office of the President of Ukraine, Kyrylo Budanov, made the comments during discussions around drone technology and Ukrainian strikes on Russian oil facilities at the Kyiv Security Forum this month. Bundanov advocated for the development of drones capable of independently identifying targets and manoeuvring, as well as the full integration of artificial intelligence. “In military terms, we are at a stage where the quantitative increase in drones no longer solves the issue fundamentally. Both we and the enemy have reached a certain maximum in the use of existing control technologies. The next stage is the full integration of artificial intelligence,” he said. (CYBERDAILY.AU)

Drones

Israel now using netting to protect combat vehicles against scourge of Hezbollah drones

Over the course of a nearly two-month old war with Israel, Hezbollah has been increasing its use of fiber-optic controlled first-person view (FPV) drones against Israeli troops and vehicles, something we were among the first to note. Now, it appears that Israel is resorting to the use of anti-drone netting on its vehicles to help protect them from the one-way attack drones. These attacks are occurring even amid an ongoing, though extremely fragile, ceasefire. A video emerged Wednesday on social media showing an Israeli vehicle festooned with the netting, draped like a soccer goal from metal arms extending out and above. (TWZ.COM)

Energy

In a first, fusion company applies for U.S. grid connection

Commonwealth Fusion Systems said Tuesday that it is the first developer of nuclear fusion to request a connection to a regional grid, a move aiming to boost prospects for a landmark power plant. The application to PJM Interconnection, the nation’s largest power market, is a notable milestone for a technology that envisions creating low-carbon electricity using the same reaction fueling the sun and stars. It’s an idea that has never been proven at commercial scale, but the company is eyeing what could be a first-of-a-kind demonstration by the early 2030s. “We’re not just proving fusion physics works — we’re showing exactly how fusion power plant watts get from our machine to the customer,” said Commonwealth CEO Bob Mumgaard, in a statement. “When you’re serious about building a power plant in the early 2030s, you act now. This is execution.” (EENEWS.NET)

U.S. battery startup builds factory in China after nixing Kentucky plant

Battery startup EnerVenue is planning an iconoclastic comeback. After failed plans to build a U.S. factory for its NASA-inspired tech, the firm announced $300 million in fresh funding to execute a manufacturing strategy that flies in the face of broader trends in the American battery market. EnerVenue seeks to commercialize a version of the pressurized nickel-hydrogen energy storage system that NASA used on the International Space Station and the Hubble Space Telescope. The original technology cost far too much to succeed in civilian power markets, but EnerVenue’s founders claimed to have swapped the platinum catalyst for a much cheaper material. (CANARYMEDIA.COM)

Financial

Claude Mythos fears startle Japan’s financial services sector

While the world waits to see if Anthropic’s Mythos model is really as scary as people say it is, the financial services industry in Japan is establishing a task force dedicated to addressing the cyber threat it poses. On April 24, the people who manage the world’s fourth largest economy — Japan’s finance minister, the governor of its central bank, presidents of its three megabanks, and a senior executive of its stock exchange — gathered at the headquarters of Japan’s Financial Service Agency in Tokyo. There, they agreed to form a working group to address the fact that artificial intelligence (AI) may now be able to totally undermine the systems underpinning their industry. (DARKREADING.COM)

Health care

FDA piloting use of AI for ‘real-time’ clinical trials

The U.S. Food and Drug Administration will test out real-time clinical trials using artificial intelligence tools and data science. The goal is to accelerate the development of promising new drug therapies, which the agency said are slowed by data and procedural bottlenecks. The agency said Wednesday a real-time clinical trial has already involved “successful initiation” of two proof-of-concepts – one by pharmaceutical giant AstraZeneca and the other by Amgen. AstraZeneca is conducting a phase 2 multi-site trial called Traverse involving patients with mantle cell lymphoma who haven’t yet received treatment. (HEALTHCAREINFOSECURITY.COM)

Social media

Meta told it’s violating EU law by not doing enough to keep children off Facebook and Instagram

The European Commission has found that Meta breached EU law by failing to prevent under-13s from accessing its platforms, as scrutiny of the tech giant’s handling of child safety intensifies. The commission said Wednesday that its preliminary investigations concluded that Meta violated the EU’s Digital Services Act because the minimum age requirement of 13 for Instagram and Facebook is not adequately enforced. When creating an account, minors can input a false birth date, with no controls in place to verify it, the Commission said. (CNBC.COM)

States take up kids online safety as Congress stalls

From new investigations to a string of settlements, verdicts and state laws, state leaders are trying to fill a gap left by Congress, which has failed to pass a major kids’ online safety bill despite substantial bipartisan concern and growing pressure from advocates. While most in Congress say protecting children and teens online is a priority, a string of intraparty and partisan disagreements, procedural hurdles and clashes between the House and Senate have derailed legislative efforts for years. (THEHILL.COM)

Space

Meet the 3-star insiders say will be Space Force’s next top leader

Lt. Gen. Douglas Schiess is likely to be nominated by President Donald Trump to serve as the Space Force’s next top uniformed leader, Defense One has learned. Schiess currently serves as the deputy chief of space operations for operations at the Pentagon. If confirmed by the Senate, the three-star general will replace Gen. Chance Saltzman — who was confirmed as the service’s top military leader in September 2022. Two defense insiders confirmed to Defense One that Schiess was the likely nominee. A Space Force spokesperson declined to comment on the presumptive nominee. White House officials did not immediately return a request for comment on Wednesday afternoon. (DEFENSEONE.COM)

Space Force awards first contracts for satellite threat warning radar payloads

The Space Rapid Capabilities Office (Space RCO), in partnership with the Space Force’s innovation arm SpaceWERX, has awarded three small companies contracts worth $3 million each to develop new radar warning receivers to equip future highly maneuverable satellites in geosynchronous Earth orbit (GEO). The awards to Assurance Technology Corporation, Raptor Dynamix and Innovative Signal Analysis, Inc. are being funded via the Small Business Innovation Research (SBIR) Direct-to-Phase II program, according to a Space RCO press release. The radar warning receivers “will detect and characterize emissions from ground-based radars” tracking Space Force satellites in GEO, thus improving the service’s space domain awareness capabilities, the release explained. (BREAKINGDEFENSE.COM)

Transportation

California’s new autonomous vehicle rules give police power to cite driverless vehicles for moving violations, self-driving big rigs allowed

Under the new rules, law enforcement may cite AV companies for moving violations committed by their vehicles. Specifically, police may issue a Notice of AV Noncompliance to manufacturers when an AV commits a moving violation, “enhancing visibility and accountability for AV traffic law compliance,” according to state officials. AV companies are also required to respond to first responder calls within 30 seconds and to provide access to manual vehicle override systems. The new AV rules also authorize local emergency officials to create temporary “do not enter” or “restricted area” zones in response to a public safety issues in order to clear AVs from active emergency zones. (CDLLIFE.COM)

LEGISLATIVE UPDATES

House sends spy reauthorization bill to uncertain Senate fate

The House passed a renewal of a key surveillance power Wednesday, a day before its statutory authority expires, sending it to a Senate that appears unlikely to pass that version of it. The House, in a 235-191 vote that split members of both parties, approved legislation that would renew Section 702 of the Foreign Intelligence Surveillance Act for three years and include new provisions to address privacy concerns some lawmakers have with the program. The House attached language that also would prohibit the Federal Reserve from issuing a central bank digital currency, a bill fueled by privacy concerns associated with the technology. That measure passed the House last year as its own bill and was added to the Section 702 reauthorization in an apparent bid to flip privacy-minded GOP holdouts. (ROLLCALL.COM)

Lawmakers raise concerns over NASA budget cuts, missing operating plan

Lawmakers from both chambers voiced concern this week that the proposed fiscal year (FY) 2027 NASA budget is insufficient, citing deep cuts to science programs, the omission of dozens of missions, and the elimination of STEM engagement funding. In President Donald Trump’s FY 2027 budget request, NASA would receive $18.8 billion, or $5.6 billion less than FY 2026 levels. Science funding would drop from $7.25 billion to under $3.9 billion. Space technology funding would fall from $920.5 million to $624.3 million, and space operations – including the International Space Station – would decline from nearly $4.2 billion to just over $3 billion. Funding for NASA’s Office of STEM Engagement would be eliminated. (MERITALK.COM)

House bill wants CIOs, agency heads to hit the gas on legacy IT phase-outs

Agencies would be pushed to pick up the pace on the elimination of legacy IT systems under a new bill from a bipartisan group of House lawmakers. The Legacy IT Reduction Act of 2026 (H.R.8408) from Reps. Maxwell Frost (D-Fla.), William Timmons (R-S.C.), Eric Burlison (R-Mo.) and Byron Donalds (R-Fla.) would require agency chief information officers to lead the charge on lessening the federal government’s reliance on and expenditures for aging systems. The first step in that reduction would be a CIO-led initiative to inventory every piece of legacy technology still in use or maintained by their respective agencies within a year of the legislation becoming law, according to the bill text. (FEDSCOOP.COM)

Congress tries again on national preemptive data privacy law

House Republicans rolled out yet another proposal for national data privacy legislation that once again would preempt existing state laws, drawing a torrent of criticism. Leaders on the House Energy and Commerce and Financial Services Committees unveiled two pieces of legislation last week: the Securing and Establishing Consumer Uniform Rights and Enforcement over Data Act, known as the SECURE Data Act, and the Guidelines for Use, Access, and Responsible Disclosure of Financial Data Act, known as the GUARD Financial Data Act. (NEXTGOV.COM)

COMMITTEE ACTIVITY

SPACE BUDGET: The House Appropriations Defense Subcommittee will hold an April 30 budget hearing on the U.S. Air Force and Space Force.

ALERTS AND ADVISORIES

Adapting zero trust principles to operational technology

This paper provides considerations for applying ZT principles to OT systems and environments to system owners, operators, and security personnel. It addresses the unique challenges of transitioning to a ZT architecture within OT, considering technology gaps from legacy infrastructure, operational constraints, and the safety requirements that come from the critical link between cybersecurity and physical processes. (IC3.GOV)

Events

TO BE INCLUDED IN THIS CALENDAR, SUBMIT YOUR SECURITY-FOCUSED EVENT FOR CONSIDERATION

AI FOOD SECURITY: Join the CSIS Global Food and Water Security Program on April 30 for the Artificial Intelligence (AI) for Food Security Forum, bringing together U.S. and global policymakers, technology developers, financers, researchers and implementing partners working at the forefront of AI for food security.

SEMICONDUCTORS: The CSIS Renewing American Innovation program and the Texas Institute for Electronics (TIE) at The University of Texas at Austin are hosting a half-day symposium April 30 of expert panels highlighting the region’s dynamism and how the private sector, public sector, and academia in Austin and the state of Texas more generally have made the state a world-renowned semiconductor advanced packaging hub. 

TRANSPORTATION: With new technology comes questions about data privacy, security and accountability with high stakes for businesses and consumers. On May 5, as part of the seventeenth annual A. Alfred Taubman Forum on Public Policy, Governance Studies at Brookings will host a webinar to discuss the benefits and implications of connected cars.

AI AND IRAN: The conflict in Iran reveals urgent lessons about AI as a weapon of war and statecraft. Led by one of Washington’s top experts on Iranian strategy, military doctrine, and the IRGC, this May 6 FDD panel provides an assessment of how the Iranian regime has used autonomous systems and machine learning to expand its reach; how AI tools have supercharged propaganda campaigns and cyber-enabled information warfare; and in the financial realm, how emerging technologies have enabled large-scale fraud and illicit funding of Tehran’s proxies. 

EMERGING TECH: In an evolving geopolitical landscape, how can the US build on its experience in developing frontier technologies and globally competitive industries through investments in priority technologies for the 21st century? Join AEI’s Michael R. Strain for a May 13 conversation with experts from the Massachusetts Institute of Technology for a conversation on their new book “Priority Technologies: Ensuring US Security and Shared Prosperity (2026).”


FOLLOW THE McCRARY INSTITUTE ON LINKEDIN | X | BLUESKY

SUBSCRIBE TO THE CYBER FOCUS PODCAST: YOUTUBE | SPOTIFY | APPLE PODCASTS

SUBMIT A TIP

Click to listen highlighted text!