Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Cyber Briefing – June 2, 2026


Cyber Briefing

TODAY’S TOP 5

FIRST EU AGENCY TO GET MYTHOS ACCESS: Anthropic PBC is set to give the European Union’s cybersecurity body access to Mythos, the first EU agency to get access to the powerful artificial intelligence tool that officials fear may be used to exploit vulnerabilities in key computer systems, Bloomberg reports. The generative AI company is going to let ENISA join Project Glasswing, an initiative to let key organizations test Mythos capabilities before it’s released more widely, people familiar with the matter said. Anthropic communicated the decision to the EU’s executive branch, the European Commission, over the weekend, the people said, asking not to be identified because the discussions are private. The EU and finance ministers across Europe have been pushing for access to Mythos since it was first previewed in April, and commission officials traveled to San Francisco last week to ask Anthropic executives for access to the model.

  • Anthropic, the artificial intelligence company behind the chatbot Claude, confidentially filed on Monday for an initial public offering, joining what could be a once-in-a-generation, moneymaking moment on Wall Street, The New York Times reports. With its IPO filing, Anthropic is expected to be among three high-profile companies preparing to go public this year, along with the rocket company SpaceX and OpenAI, which started the AI boom in 2022 with its ChatGPT chatbot. Their IPOs, which would be among the biggest ever, could create a tsunami of investment and employee wealth, and mint the world’s first trillionaire in Elon Musk, who owns about 50 percent of SpaceX. The public offerings could also flood the nonprofit world with new money, since Anthropic and OpenAI have both pledged a large part of their shares to charity. SpaceX’s IPO is expected this month, and OpenAI has been preparing to file in the coming weeks.
  • OUTAGE: The popular AI assistant Claude has gone down for many today, with Anthropic confirming that it’s working on fixing the issue. TechRadar has live updates.

THE ‘SEABED IS A BATTLEFIELD’: Australian Defense Minister Richard Marles said the “seabed is a battlefield” in a combative speech urging Beijing to be more transparent about its maritime operations, and taking aim at weak international controls over so-called “shadow-fleet” vessels, The Guardian reports. The warning came as the US, UK and Australia announced a new Aukus project to develop new underwater drone technology to protect undersea cables. The same announcement also revealed that Australia would buy three secondhand Virginia-class submarines from the U.S .under Aukus, instead of a mix of old and new, in a move to “simplify supply chain management, operational and maintenance requirements, and maximize cost efficiencies”

  • Defense Secretary Pete Hegseth urged Asian allies on Saturday to ramp up military spending to counter China’s growing power and prevent its dominance in the region, warning of “rightful alarm” over its rapid military buildup, Reuters reports. Hegseth, speaking at the Shangri-La Dialogue in Singapore, Asia’s premier forum for defense leaders, militaries and diplomats, said a stronger, more self-reliant network of allies is essential to deter aggression and preserve the balance of power.
  • A company that uses drones to analyze golf course grass. Another linked to a firm that hosts aerial light shows. And one founded by a 23-year-old former drone racing world champion. Any of them, the Pentagon says, could represent the future of warfare as officials scramble to plug what they see as a gaping hole in the United States’ military arsenal, The Washington Post reports. Conflicts in Ukraine and Iran have shown the value of small, cheap drones, and the Trump administration has concluded that the U.S. desperately needs to catch up. Officials are turning to an eclectic mix of companies — some launched by onetime hobbyists — and pitting them against one another in Drone Dominance, an 18-month contest that launched this year. The prize is a share of $1.1 billion in defense contracts, a sum the Pentagon hopes will be enough to buy 300,000 of what are essentially cheap flying bombs. 
  • Chinese scientists have developed a new artificial intelligence system that they claim could change how drones seek and kill enemy targets on the battlefield. Under normal conditions each individual unit in a swarm of drones can view only a small part of the area in question, making communication between drones key to getting the complete battlefield picture. Enemy jamming systems can break communication between drones and make this more challenging, causing targets to appear and disappear for drone operators. Now, scientists have developed a new algorithm that could enable drones to make good decisions using even incomplete information, while maintaining coordination between swarm members. The AI algorithm, named Heterogeneous Graph Spatio-Temporal Reasoning (HG-STR), would enable drone swarms to search a vast field and eliminate every enemy target even when their communication systems are jammed, according to a new study in the journal Acta Aeronautica et Astronautica Sinica, The Independent reports.

AFTER THE BLAST-OFF BLAST: The May 28 explosion on the test pad of Blue Origin’s New Glenn heavy lifter at Cape Canaveral is unlikely to have an impact on the Space Force’s national security launch schedule, industry officials and experts said, Breaking Defense reports. Even if it takes the company as long as a year to get back into orbit due to the damage to the pad, the Space Force’s current plans don’t envision manifesting the rocket under the National Security Space Launch (NSSL) Phase 3 program until 2028 at the earliest. “For NSSL, there’s time to get [New Glenn] back on track,” said one industry representative. 

  • The Space Force wants to make its electronic warfare capabilities more resilient by building five new tactical EW centers in the U.S. and around the globe, the need for which was underscored by recent Iranian attacks on USSF infrastructure and assets, Air and Space Forces Magazine reports. “We’ve seen in Operation Epic Fury for the first time that our space capabilities have been targeted and destroyed,” Brig. Gen. Christopher Fernengel, the service’s director of plans and programs, said last week. “We expect that to happen more.”

NEW NSA CYBER LEADERS: The National Security Agency has internally named a trio of appointments focused on the spy agency’s cyber operations, Nextgov/FCW reports. David Imbordino, who has overseen the NSA’s Cybersecurity Directorate in an acting capacity in recent months, has been tapped to lead the office permanently, according to two former senior national security officials familiar with the selections. Holly Baroody — a senior United Kingdom-based NSA official and a former civilian lead in U.S. Cyber Command — will serve as Imbordino’s deputy, the second former official said. The second former official also said that Bruce Jones, a longtime agency leader with experience in both technical and operational roles, will head the NSA’s Cybersecurity Collaboration Center.

  • Emily Burdick has been appointed acting director and principal deputy director of the Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response, or CESER, Executive Gov reports. The DOE office announced the appointment in a LinkedIn post a week ago, describing the position as “a critical role as the nation faces rising energy demand and evolving cyber threats.” Alex Fitzsimmons announced that he has assumed the role of associate deputy secretary of energy and senior adviser to Energy Secretary Chris Wright.

CAN DRONES RESUPPLY THE TROOPS?: Lawmakers want to know more about how the Air Force and Pentagon might employ autonomous cargo drones to resupply troops in remote locations in the future, according to reports attached to the House Armed Services Committee’s draft version of the fiscal 2027 National Defense Authorization bill, Air and Space Forces Magazine reports. The Air Force’s agile combat employment concept for operating in contested areas entails small teams of Airmen dispersing to remote locations in the Pacific, then operating from ad hoc airfields in a bid to make it harder for adversaries to locate and target them. But resupplying small, spread-out airfields so they can continue to generate airpower won’t be easy.

OSINT YOU NEED TO START YOUR DAY: The Cyber Briefing is brought to you by the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. SUBSCRIBE
WE WANT TO HEAR FROM YOU: What would you like to see in your morning briefing? Reach out to Executive Editor Bridget Johnson with your comments and suggestions

CYBER FOCUS PODCAST

(Watch on YouTube or click the player above)

For Estonia, cyber resilience is not an abstract policy goal. It is a national survival issue shaped by history, geography and the reality of living next to Russia. In the latest episode of Cyber Focus, Ambassador Kristjan Prikk explains how Estonia turned a lack of legacy infrastructure into a digital advantage, why the 2007 cyberattacks became a strategic wake-up call for the West and what Ukraine’s defense against Russia reveals about preparation, public-private cooperation and the future of conflict. The conversation also looks ahead to AI in government and education, to Estonia’s support for Ukraine and to the cyber lessons NATO must operationalize before the next crisis. At the center is a clear argument from one of the world’s most digitally advanced democracies: cyber defense is not just about hardening systems, but building the relationships, institutions and resilience needed to keep a society functioning under pressure.

SUBSCRIBE TO CYBER FOCUS: YouTube | Spotify | Apple Podcasts

CYBER AND CI UPDATES

ATTACKS AND INCIDENTS

Authentication

Password manager Dashlane suspends customer accounts amid brute-force attacks

Password manager Dashlane has disabled a number of user accounts as a precaution amid a spate of brute force attacks. It didn’t specify the scale of the attack, although scores of users have queried the reason for receiving emails informing them of account suspensions. “Your account has been temporarily suspended for security reasons as someone has attempted to register a new device and didn’t enter the correct token after several tries,” the emails read, along with instructions to contact customer support to restore access. (THEREGISTER.COM)

Biothreats

Moderna gets $50 million to develop mRNA Ebola vaccine against Bundibugyo

The global health organization Coalition for Epidemic Preparedness Innovations (CEPI) announced Monday that it will “urgently accelerate development” of three vaccine candidates against Bundibugyo ebolavirus (BDBV), pledging a little over $60 million in the effort to extinguish an outbreak currently raging out of control in the Democratic Republic of the Congo. Under the plans, CEPI has committed up to $50 million to US-based Moderna for preclinical development and Phase 1 clinical testing of its mRNA-based BDBV vaccine candidate. The funding will simultaneously allow the company to ramp up manufacturing capabilities and ready large-scale Phase 2/3 trials in the event the vaccine makes it through early testing. (ARSTECHNICA.COM)

Breaches

Plaza Home Mortgage discloses data breach affecting customers, employees

Plaza Home Mortgage, a wholesale and correspondent mortgage lender, has disclosed a data breach due to a security incident that may have exposed customers’ and employees’ personal information. The exact number of people affected and the specific states involved have not yet been publicly disclosed. The company said that on or around Feb. 17, 2026, there was unauthorized access to an employee’s computer when “threat actors” illegally accessed information systems without permission. “Our security controls immediately informed us about the access, and we took action immediately to shut down the attack,” the company stated. (HOUSINGWIRE.COM)

Station Casinos confirms March data breach, notification of people impacted

A data breach involving Station Casinos was discovered and reported on March 5, 2026, company officials have confirmed to 8 News Now. Station Casinos said an employee’s account and associated files were accessed, but the incident hasn’t impacted business operations. The company has seven hotel-casinos in Las Vegas, as well as several smaller neighborhood casinos and taverns. (8NEWSNOW.COM)

Cybercrime

Spain arrests doxer leaking sensitive data of government employees

The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE). According to authorities, the individual is responsible for a massive leak of personal data, which carried national security risks because of the people exposed. The police notes that the published data was from the State Attorney General’s Office, INCIBE, the National Police, the Civil Guard, and the National Security Council, all critical entities in the country. (BLEEPINGCOMPUTER.COM)

Government

Pakistan-linked SideCopy targets Afghanistan finance ministry with Xeno RAT

Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT. “The campaign opens with a spear phishing delivery – a ZIP archive containing a malicious LNK file bearing a carefully crafted Pashto-language filename,” Seqrite Labs researcher Dixit Panchal said in a technical breakdown of the activity. Also targeted as part of the campaign are provincial revenue and finance directorates, Pashto-speaking government officials, and provincial-level government employees. The campaign has been codenamed Operation XENOFISCAL. (THEHACKERNEWS.COM)

Supply chain

Miasma supply chain attack compromises Red Hat npm packages with credential-stealing worm

A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm. “This is effectively a Mini Shai-Hulud campaign: it uses the same core tactics of install-time execution, credential harvesting, CI/CD targeting, encrypted exfiltration, and potential downstream propagation,” Socket said. Exactly who is behind the attack activity is presently unknown given that TeamPCP (aka Replicating Marauder, TGR-CRI-1135, and UNC6780), an infamous cybercrime group, has open-sourced the attack tools linked to the Shai-Hulud worm, opening the door for other threat actors to pull off similar attacks and making definitive attribution harder. (THEHACKERNEWS.COM)

WATCH: White House National Cyber Director Sean Cairncross, CISA Acting Director Nick Andersen and more top leaders at the recent McCrary Cyber Summit

THREATS

Malware

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. Thousands of websites have been compromised in DriveSurge campaigns to redirect visitors to malware-delivery infrastructure, according to researchers at cybersecurity company SilentPush. ClickFix is a popular social engineering tactic that deceives victims into copying and executing malicious commands on their systems, often resulting in malware infections under the pretense of resolving a technical issue. (BLEEPINGCOMPUTER.COM)

SolyxImmortal malware steals passwords, cookies, files and keystrokes

Security researchers, including Cyfirma, report that the malware primarily targets Turkish users and exfiltrates stolen data through Discord webhooks. The analyzed sample is a relatively small Python script of just over 10 KB. Despite its size, it contains extensive functionality by importing multiple built-in and third-party Python modules. These modules allow the malware to interact with the operating system, extract browser data, capture screenshots, log keystrokes, and communicate with remote servers. (GBHACKERS.COM)

Vulnerabilities

Oracle’s first monthly patches resolve 77 vulnerabilities

Oracle has debuted its monthly Critical Security Patch Update (CSPU) with patches for 77 vulnerabilities, including a dozen critical-severity flaws. Announced in early May, the monthly rollouts are meant to supplement the quarterly Critical Patch Update (CPU) fixes and resolve high-priority issues faster. The first CSPU landed at the end of May and will be followed by another in mid-June. July will see the release of a quarterly CPU, with two additional CSPUs planned for August 18 and September 15. (SECURITYWEEK.COM)

Critical StrongDM flaw exposes users to authentication token theft and reuse

A critical security vulnerability tracked as CVE-2026-4387 has been disclosed in StrongDM, allowing attackers to steal and reuse authentication tokens to gain unauthorized access to infrastructure. The issue, discovered by SpecterOps researcher Hope Walker, affects StrongDM desktop and CLI environments before the patched versions and poses significant risks to enterprise environments that rely on centralized access control. The vulnerability stems from how StrongDM previously handled authentication data. (GBHACKERS.COM)

Critical Windows Netlogon vulnerability in attackers’ crosshairs

Threat actors are exploiting a critical-severity Windows Netlogon vulnerability for remote code execution, Centre for Cybersecurity Belgium (CCB) warns. Tracked as CVE-2026-41089 (CVSS score of 9.8), the security defect was publicly disclosed on May 12, when Microsoft patched it along with 136 other bugs as part of its Patch Tuesday security updates. According to Redmond’s advisory, the flaw is a stack-based buffer overflow issue that could be exploited via crafted network requests. (SECURITYWEEK.COM)

ADVERSARIES

China

China-aligned groups ramp up attacks: Dragon Weave hits Czech Republic and Taiwan

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments to trigger an infection chain that uses a Rust loader to drop the final payload for data exfiltration and remote control. “When extracted, the archive contains multiple files that appear legitimate but are actually part of a structured infection chain designed to execute malicious payloads in the background,” security researcher Priya Patel said. (THEHACKERNEWS.COM)

Iran

Iranian hackers hijack AppDomainManager to bypass EDR

Iran-linked hackers have upgraded their tradecraft by using AppDomainManager hijacking in .NET applications to turn off security telemetry before malicious code fully starts, making endpoint detection and response tools much harder to spot the attack. The campaign, attributed to the Iran-nexus group Screening Serpens, pairs this technique with DLL sideloading, fake job lures, and staged remote access trojans to keep victims blind and defenders behind. The group begins with highly tailored social engineering, often posing as recruiters, job portals, or meeting software to convince targets to open a malicious archive. (GBHACKERS.COM)

U.S. says more people may be charged in terror case linked to Iran

The U.S. government said on Monday it might charge additional people as part of a terror case that links attacks in Europe to Iran’s campaign of retaliation against the United States and Israel for the war that began in February. A prosecutor told a Manhattan federal judge that a large part of the government’s case against Mohammad Baqer Saad Dawood al-Saadi, a commander of an Iranian-backed militia, related to 18 terrorist attacks in Europe since March. Mr. al-Saadi has also been accused of plotting an attack against a synagogue in New York City. “Individuals have been arrested in those attacks,” the prosecutor, Sarah L. Kushner, said. (NYTIMES.COM)

Russia

Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years

A previously unknown hacking group has spent nearly two years quietly targeting Russian maritime universities, energy facilities, diplomatic missions and government agencies, according to new research. The campaign, which researchers at Russian cybersecurity firm Kaspersky said dates back to at least 2024, remained undetected for years and featured long periods of inactivity that helped conceal the group’s operations. Kaspersky said the hackers would sometimes go dormant for three to four months before launching bursts of activity that included up to 10 attacks in a single month. The company did not describe what post-compromise activity was observed after these attacks. (THERECORD.MEDIA)

Russian trucks get ‘dazzle’ paint to throw off AI-enabled drones

From an early point in the Russian war in Ukraine, we’ve seen many unorthodox efforts to try to improve the chances of survival of fighting vehicles. Now, Russian trucks are receiving ‘dazzle paint,’ borrowing the same kind of tactic Russia has used for some of its most important military aircraft, to try to confuse seekers on standoff weaponry that use image-matching capability. Several images showing the unusually painted Russian trucks have appeared on social media channels in recent days. (TWZ.COM)

GOVERNMENT AND INDUSTRY

Artificial intelligence

U.S. moves to close potential AI chip sales loophole

The Trump administration is moving to close a potential loophole in U.S. export restrictions, clarifying that a license is needed to sell advanced AI chips to firms with Chinese parent companies even if they are not located in China or another restricted country. The Commerce Department on Sunday issued new guidance about a 2023 licensing rule, saying it had received questions about whether portions of the requirement are still being enforced. The 2023 rule sought to update earlier restrictions on chip exports issued by the Biden administration. (THEHILL.COM)

Florida AG sues OpenAI, seeks to hold CEO Altman personally liable for alleged harms

Florida Attorney General James Uthmeier on Monday filed a lawsuit against OpenAI and its CEO Sam Altman, alleging that the artificial intelligence company knowingly released an unsafe product that could harm users. The 83-page complaint claims that OpenAI’s ChatGPT chatbot has aided and abetted mass shooters in “deadly rampages,” driven vulnerable people to suicide, harmed users’ critical thinking skills and caused minors to become addicted to the tool, which “feigns” human compassion. “This litany of harms is driven by Defendants’ insatiable quest to win the AI arms race and amass large fortunes, despite knowing the danger of ChatGPT,” the filing said. (CNBC.COM)

Without strong governance, companies put credit ratings at risk in AI era

AI’s improving cyberattack capabilities underscore the importance of improved security governance, the ratings agency S&P Global said in a recent report. Whether Anthropic’s highly touted Claude Mythos Preview model “represents a genuine inflection point or an incremental evolution,” companies should revisit how they detect and combat cybersecurity threats, S&P analysts said in the May 26 report. S&P’s analysis breaks down the different forms of risk associated with AI and connects those risk factors to the decisions that credit ratings agencies make. (CYBERSECURITYDIVE.COM)

Cryptocurrency

The toll booth at the throat of world trade

OPINION: In late February 2026, Iran closed the Strait of Hormuz to foreign shipping. What began as a chaotic wartime closure has, in the past few days, hardened into something more consequential: an official sovereign toll regime, codified in Iranian law, and priced in cryptocurrency. On May 18, Iran operationally launched the Persian Gulf Strait Authority, a formal state bureaucracy with its own internet domain (pgsa.ir), account on X, and contact email. Since then, Tehran has delineated a “management supervision area” across the strait and announced a transit-permit scheme that converts Hormuz from an international waterway into a vetted toll plaza. (WARONTHEROCKS.COM)

Defense

Pentagon’s JWCC follow-on would create cloud marketplace, expand AI and edge computing

The Pentagon’s next iteration of the Joint Warfighting Cloud Capability (JWCC) contract would establish a cloud marketplace for military users while expanding support for artificial intelligence, edge computing and cross-domain operations, according to a draft solicitation. On May 20, the Defense Information Systems Agency published a draft performance of work statement for the upcoming JWCC Unified Cloud Marketplace (UCM) contract on Sam.gov. Previously known as JWCC Next, the program is intended to create a single marketplace through which Defense Department organizations can access authorized cloud services from a broad range of vendors. (DEFENSESCOOP.COM)

Desert e-bike race ‘the perfect’ place to test military-vehicle AI

One team in the upcoming Baja 1000 dirt-bike race will bring a special advantage: AI that prescribes when a rider should pit, long before the need becomes obvious. The thousand-mile trek through California and Mexico is “the perfect” environment to test GDIT’s logistics-and-maintenance AI before it heads off to rough and disconnected battlefields, a company representative said. GDIT is teaming with AWS on Project Celerity, an AI-enabled platform for managing energy. The Army’s Advanced Research Lab has been heavily investing in how to deploy small, tactical “microgrids” — essentially energy generation and storage systems for environments where power and connectivity are absent. (DEFENSEONE.COM)

Drones

Thanks largely to robots, Ukraine is now talking about winning, not just surviving

A small but growing number of European officials and analysts are saying what four years ago was unthinkable: Ukraine isn’t just surviving its grueling war with Russia, it is in some ways thriving and may even be on a path to victory. This isn’t yet captured in headlines — for example, about last weekend’s barrage of Russian drones and missiles around Ukraine — but in the details, like how some 90 percent were intercepted. Several long-term trends have shifted in Ukraine’s favor, and the core reason is its fierce focus on AI and robotics. (DEFENSEONE.COM)

How Ukraine became a drone superpower

OPINION: One night in March, a two-person Ukrainian crew established a record for the Ukrainian Armed Forces by shooting down, in one engagement, 23 Russian Shahed drones with Sting interceptor drones designed by the Ukrainian military technology company Wild Hornets. The story is noteworthy not only for the number of intercepted drones, but also for the operation’s cost efficiency and Ukraine’s interceptor-production capacity behind it. A Sting interceptor costs about $2,500. In comparison, a single U.S.-made Patriot interceptor missile that does the same job costs more than $3 million and requires significantly more time and resources to build and operate than a drone. Lockheed Martin produced approximately 600 of the most advanced PAC-3 type of Patriot missiles last year; meanwhile, the Ukrainian Armed Forces used about 700 of these interceptors in the span of only four winter months in 2025-2026. (JUSTSECURITY.ORG)

Energy

Load growth can help modernize grid, but cost-shift risks are significant: Concentric

Large load customers are an asset for modernizing the grid and adding flexibility, as long as they are “integrated transparently and pay their fair share,” concludes a report released today by Concentric Energy Advisors. However, the report said, if large load customers don’t pay their share of fixed grid costs, “the need for system upgrades remains …. [and] the resulting cost shift to other customers could total between $120 billion and $169 billion over a 30-year period nationwide” in transmission costs alone. “The need for capital investment is increasing even without large loads, due to added system complexity and increasing extreme weather, among other reasons,” the report said. “Grid connected large loads typically help support the fixed costs of maintaining and modernizing the system.” (UTILITYDIVE.COM)

IT modernization

ADI calls for federal focus on rapid technology procurement

The federal government should emphasize “nimble, rapid procurement” as it advances innovation and integrates emerging technologies, the Alliance for Digital Innovation (ADI) said in a new white paper. In the May 26 document, which reviews the Trump administration’s technology priorities, ADI recommended that federal officials adopt acquisition pathways and budget and appropriations cycles “that reflect commercial technology lifecycles.” They include modular contracting, commercial-first procurement strategies, and faster award timelines, said ADI, a technology trade group. (MERITALK.COM)

Risk management

Business leaders lack understanding of threat intelligence, study warns

Launched at Infosecurity Europe 2026, the “Bridging the Gap Between Threat Intelligence and Business Risk” paper by Silobreaker and the SANS Institute examines the gap between threat intelligence teams and other areas of the business differ in their understanding about security risks and how to combat them. This ‘intelligence-stakeholder gap’ means that even if an organization has a threat intelligence team which produces relevant information for the organization to use, this information might fly under the radar or be misunderstood by business leaders. (INFOSECURITY-MAGAZINE.COM)

Zero days

Microsoft says it will not pursue security researchers after zero-day backlash

Microsoft said Monday it has “no intention to pursue action” against security researchers who uncover vulnerabilities and publish their findings, days after an official blog post sparked a backlash from the security community. The post had condemned a recent series of uncoordinated Windows zero-day releases as “never justifiable” and said the company’s Digital Crimes Unit would “continue bringing cases against” those enabling criminal actors. While Microsoft stopped short of naming or directly threatening Nightmare Eclipse — the pseudonymous researcher behind the disclosures — the disclosures themselves were described as having created “unnecessary risk,” and Microsoft’s language was perceived as a threat. (THERECORD.MEDIA)

LEGISLATIVE UPDATES

GAO tells senators it will investigate IRS’s Free File program

The Government Accountability Office is readying an investigation into the IRS’s Free File program, confirming in a letter to three senators that their request for a probe has been accepted. Sens. Elizabeth Warren (D-Mass.), Angus King (I-Maine) and Ron Wyden (D-Ore.) asked the GAO last month to examine Free File, an IRS partnership with private tax prep companies known for a 20-plus-year history of limited consumer use and reports of hidden costs and data privacy issues. The response letter from the GAO, made public Monday, said the lawmakers’ request is “within the scope of its authority. We anticipate that staff with the required skills will be available shortly to initiate an engagement.” (FEDSCOOP.COM)

One of Congress’ most popular bills is running into Trump headwinds

Legislation to approve water projects is typically one of the most bipartisan bills to pass Congress, but advancing a package this year may be harder thanks to President Donald Trump’s penchant for withholding funding from his political enemies. Lawmakers have been approving Water Resources Development Act bills on schedule every two years since 2014 — securing popular levee, harbor, lock, dam and water treatment system projects home for their states and districts. But neither the House nor the Senate have unveiled their proposals yet, and time is running out for bipartisan legislation before congressional action typically grinds to a halt during a contentious election year. Meanwhile, some lawmakers are already trying to use the package as a vehicle for addressing grievances with the administration. (EENEWS.NET)

COMMITTEE ACTIVITY

NOMINATIONS: The Senate Intelligence Committee will hold a June 2 hearing on the nomination of Dr. Roger Mason to be director of the National Reconnaissance Office and Michael Vance to be assistant secretary of State for intelligence and research. 

BUDGET: The Senate Appropriations Subcommittee on Homeland Security will hold a June 2 hearing to review the Fiscal Year 2027 Budget Request for DHS.

INDUSTRIAL BASE: The House Small Business Committee will hold a June 3 hearing on restoring the industrial base and the role of small businesses in national security.

BUDGET: The House Homeland Security Committee will hold a June 3 hearing to review the Fiscal Year 2027 Budget Request for DHS.

DATA SECURITY: The House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade will hold a June 3 hearing examining legislation to establish a federal comprehensive privacy and data security law.

EDUCATION: The House Education and Workforce Subcommittee on Higher Education and Workforce Development will hold a June 3 hearing on higher education in the age of AI.

AI SECURITY: The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection will hold a June 4 hearing on how frontier models, agentic AI and AI coding tools are reshaping cybersecurity and critical infrastructure resilience.

PNT: The House Energy and Commerce Subcommittee on Communications and Technology will hold a June 4 hearing examining positioning, navigation and timing capabilities in the United States.

CHINA: The House Foreign Affairs East Asia and Pacific Subcommittee will hold a June 4 hearing on China’s role in the fentanyl crisis.

ALERTS AND ADVISORIES

CISA adds one known exploited vulnerability to catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2024-21182 Oracle WebLogic Server Unspecified Vulnerability. This type of vulnerability is a frequent attack vectors for malicious cyber actors and poses significant risks to the federal enterprise. (CISA.GOV)

Events

TO BE INCLUDED IN THIS CALENDAR, SUBMIT YOUR SECURITY-FOCUSED EVENT FOR CONSIDERATION

SOCIAL MEDIA: On June 2, The Hamilton Project at the Brookings Institution will host a virtual event exploring the costs of social media, including overuse driven by addiction and “fear of missing out” (FOMO). The event will feature a fireside chat with Dr. Vivek Murthy (19th and 21st surgeon general of the United States) and Cecilia Kang (The New York Times). It will also include a panel discussion with Benjamin Handel (University of California, Berkeley) and Lena Song (University of Illinois Urbana-Champaign), moderated by Bradley Hardy (Georgetown University). In conjunction with the event, The Hamilton Project will release two publications discussing the findings and policy implications of recent economic research on product market traps in social media and on digital addiction.

AI AND ENTERPRISE: Join AEI on June 3 to examine how businesses are shaping AI and transforming American enterprise. Experts from academia and business will examine these questions: What industries are changing most rapidly? Which are changing the future for others? And how are we preparing business leaders for future challenges?

CYBER FORCE: Join CSIS on June 3 for a discussion on the forthcoming report from the Commission on U.S. Cyber Force Generation, which examines how the United States can better build, organize, and sustain the cyber workforce needed to meet evolving national security demands. As cyber threats grow in scale and sophistication, the report assesses key challenges across the current ecosystem, including persistent talent shortages, fragmented institutional structures, and barriers to effective coordination between government and the private sector.

DEFENSE: On June 3 the Indo-Pacific Security Initiative (IPSI) and the Transatlantic Security Initiative (TSI) of the Atlantic Council’s Scowcroft Center for Strategy and Security will host a seminar on upgrading transregional defense partnerships. This event is part of IPSI’s Cross-Strait and Beyond Seminar Series, which informs the public debate on key issues for Taiwan and the United States, held in partnership with the Taipei Economic and Cultural Representative Office in the United States.

DATA CENTERS: Join the CSIS Economic Security and Technology Department’s Matt Pearl, Aalok Mehta, Joseph Majkut, and Philip Luck on June 4 for a discussion on the rapid expansion of data centers and what it means for the future of AI, energy, and U.S. competitiveness. As artificial intelligence accelerates demand for compute power, data centers have emerged as a critical piece of strategic infrastructure shaping electricity demand, industrial policy, environmental debates, and global technology competition.

BIOTHREATS: On June 4, the Bipartisan Commission on Biodefense at the Atlantic Council will host its latest meeting, which will discuss how non-federal governments approach biodefense. State, local, tribal, and territorial governments serve on the front lines of biodefense. As the biological threat continues to grow, those officials who tackle this topic on a daily basis require reinforcement. This meeting of the commission will discuss the impacts of changes in federal support for state, local, tribal, and territorial biodefense activities, as well as the biodefense roles, responsibilities, and investments of non-federal governments. The discussion will also touch upon the personnel, policies, and programs needed to bolster preparedness for future biological threats.

MARITIME: The Stephenson Ocean Security Project highlights the ways that global security challenges arise from marine resource competition and works towards solutions that support sustainable development, coalition building, and the need for American leadership. This year’s forum on June 9 will discuss the escalating pressure facing global maritime governance from a variety of crisis points and how this pressure is affecting shared governance of the maritime commonwealth and our ability to grapple with common challenges including marine resource management, illegal fishing, supply chain transparency, and human rights at sea. This year’s forum is co-hosted in partnership with the CSIS Human Rights Initiative.

AI ECONOMY: How can AI be deployed effectively to enhance economic mobility and ensure the benefits of AI systems are reaped widely? On June 10, the Brookings Center on Regulation and Markets will host a fireside chat with Neil Thompson, director of the FutureTech project at MIT, to explore the intersection of AI and economic mobility. 

DIB: Join Hudson Institute for a June 11 fireside chat between Hudson Senior Fellow Nadia Schadlow and Deputy Assistant Secretary for Industrial Base Growth and Director of the Office of Small Business Programs James Mismash. The discussion will explore current efforts to strengthen the defense industrial base, expand industrial capacity, and foster greater participation and competition across the national security ecosystem.

SECURITY POLICY: From AI and drone warfare to global alliances and economic security, America and its allies need “New Rules” to compete, deter, and win in the 21st century. Join leading voices in national security for an exclusive, all-day Center for a New American Security conference on June 11 at the forefront of today’s most consequential issues — from AI and cybersecurity to the latest developments in Iran, economic statecraft, and America’s strategic readiness across the world.

NORTH KOREA: On June 12 join the Indo-Pacific Security Initiative (IPSI) of the Atlantic Council’s Scowcroft Center for Strategy and Security for the launch of Nonresident Senior Fellow Jieun Baek’s latest book, “Privileged but Powerless.” Baek’s second book on North Korea draws on hundreds of hours of rigorous fieldwork and interviews with defectors to examine a surprising yet critical vector of regime instability. In a fireside chat, Baek will discuss how North Korea’s system of privilege and control shapes elite insecurity at the highest levels of the regime.

DIB: Join CNAS on June 16 for a fireside conversation with DoD’s Michael Cadenazzi examining the challenges and priorities shaping U.S. munitions production and defense industrial base policy. This event will examine how policymakers, industry partners, and acquisition officials can work together to build the surge capacity the United States needs, in a focused conversation on the future of U.S. munitions production and defense industrial base policy.

NUCLEAR: Why does the U.S. struggle while nuclear leaders such as China and France succeed? A combination of standardized designs, predictable regulation, and rapid regulatory approval all appear to play a role. And while bipartisan support for nuclear energy has grown due to its role in AI-driven energy demand and climate goals, political anxieties in the United States persist. Join AEI on June 18 to dissect the economic, regulatory, and political tensions that keep the U.S. lagging behind when it comes to nuclear energy.

NUCLEAR: For the first time, the United States is preparing to deter two nuclear adversaries­­­, Russia and China. In today’s post-New START environment, U.S. adversaries remain committed to weakening American resolve and undermining Washington’s commitment to its allies. Join Hudson Senior Fellow and Keystone Defense Initiative Director Dr. Rebeccah Heinrichs and Administrator of the National Nuclear Security Administration Brandon Williams for a June 18 discussion on the administration’s priorities in strengthening the U.S. nuclear enterprise.

GLOBAL SECURITY: Join the CSIS Defense and Security Department on June 30 for its annual Global Security Forum. This year’s conference will center on the theme “America at 250: A Defining Moment for American Statecraft and Military Power.: Through keynote addresses and expert panel discussions with government, industry, and finance experts, the Forum will examine how the tools of statecraft are being redefined and how the United States can harness innovation, rebuild industrial capacity, strengthen deterrence, and renew the foundations of leadership in a more dangerous world.


FOLLOW THE McCRARY INSTITUTE ON LINKEDIN | X | BLUESKY

SUBSCRIBE TO THE CYBER FOCUS PODCAST: YOUTUBE | SPOTIFY | APPLE PODCASTS

SUBMIT A TIP

Click to listen highlighted text!