Cyber Briefing – June 10, 2026

WHITE HOUSE REINS IN AI TESTING UNIT: Trump administration officials have asked a government artificial-intelligence testing unit to stop issuing public reports, the latest signal that the White House is tightening control over AI models as national-security concerns increase, The Wall Street Journal reports. Administration officials including National Cyber Director Sean Cairncross have told the Center for AI Standards and Innovation to halt publication of its model assessments while an executive order President Trump signed last week is implemented, people familiar with the matter said. The order represented a win for Cairncross and Treasury Secretary Scott Bessent, who have pushed for security considerations to play a bigger role in model evaluation. The move to halt the center’s public work is being viewed as a sign to some officials that Cairncross and his allies want more say over model evaluation. 

• A top White House policy adviser who helped the administration navigate increasingly urgent questions around advanced artificial intelligence models with far-reaching hacking capabilities is set to depart, POLITICO reports. Thomas Lind, the head of policy in the Office of the National Cyber Director and a senior adviser to Cairncross, plans to leave government soon to spend more time with family, according to two people familiar with the decision, who, like others in this story, were granted anonymity to discuss White House personnel matters. His exit is the latest in a string of departures from the White House’s tech policy ranks since the release of the long-awaited AI executive order last week, which had been repeatedly delayed due to infighting over how heavily to regulate the fast-changing technology.

MYTHOS LITE: Anthropic is releasing a straitjacketed version of Mythos that researchers believe is safe for widespread use and relies on older technology for some of what it does, the company said on Tuesday. Called Claude Fable 5, this new system includes additional guardrails designed to block responses related to cybersecurity, biology and other vulnerable areas. Because of these guardrails, hackers may struggle to attack computer networks using Fable. But businesses and cybersecurity experts may also struggle to defend networks using the new system, The New York Times reports. Most queries from Claude users in areas that could be perceived as too risky, the company said, will be handled by Claude Opus 4.8, which was released last month and was also designed to avoid the security risks of Mythos.

CISA CHIEF DETAILS HIRING PROGRESS, AI DIRECTIVE: The Cybersecurity and Infrastructure Security Agency is extending nearly 200 job offers this month as CISA looks to reinforce its depleted ranks amid a wave of new artificial intelligence security mandates and activities, Federal News Network reports. During a Tuesday morning keynote address at a conference in Washington hosted by Axonius, acting CISA Director Nick Andersen also said the agency is reorienting itself around a “ruthless” prioritization of cyber-physical risks in both federal networks and critical infrastructure. Andersen’s comments come amid heightened concerns about the security of federal networks and critical infrastructure due to advances in AI.

• CISA plans to release a binding directive today that tasks the federal government with rethinking how it manages risks to its networks and prioritizing cyber vulnerabilities that demand the most urgency, Andersen said, Nextgov/FCW reports. The goal is to push agencies to focus less on the sheer number of known cyber vulnerabilities and more on the risks those flaws pose if they’re exploited by hackers, said Andersen, who added that the cyber community needs to “be okay with saying there are some systems that are less important than others.”

• CISA announced the winners of its 7th annual cybersecurity contest that brings federal employees together to test digital security strategies and responses, Nextgov/FCW reports. The winners of the President’s Cup Cybersecurity Competition competed across three categories. For the Defense Track Champion, the “sheriffsparks” team from the U.S. Navy won, and the Offensive Track Champion winner was team “bdubya” from the U.S. Army. The final winner of the Teams Champion category is the U.S. Army and U.S. Marine Corps’ “ENOENTHUSIASM” team. 

A FIRST FOR U.S. DRONE BOATS: In the latest sign that unmanned vehicles are an increasingly pivotal part of a modern military, a drone boat rescued the two-person crew from the U.S. Apache helicopter gunship that went down near the Strait of Hormuz on Monday, a spokesman for U.S. Central Command said. It was the first U.S. rescue carried out by an autonomous surface vessel, remotely piloted by a human operator, the Central Command spokesman, Capt. Tim Hawkins, said on Tuesday, The New York Times reports. “The surface drone that assisted in last night’s rescue of the Apache crew off the coast of Oman was a U.S. Navy Corsair unmanned surface vessel operated by U.S. 5th Fleet’s Task Force 59,” Captain Hawkins said in a text message. “The task force began fielding these drones in theater in late March.”

• The Corsair, which the manufacturer also calls an autonomous surface vessel (ASV), is a 24-foot-long drone boat with a speedboat-like design that was first unveiled in 2024. The manufacturer says it has a maximum range of 1,000 nautical miles, a top speed of 35 knots, and a 1,000-pound payload capacity, The War Zone reports.

• Iran hackers said that they assisted the Islamic Revolutionary Guard Corps with pinpointing U.S. targets in response to strikes conducted in retaliation for the earlier downing of the U.S. military helicopter, Threat Beat reports.

INSIDE THE IT INFRASTRUCTURE THREAT LANDSCAPE: For the past several years, the technology sector has remained the most targeted sector by eCrime and state-sponsored adversaries. The persistent volume of hands-on-keyboard intrusions targeting technology entities highlights adversaries’ sustained interest in interactive operations, which provide the flexibility to pursue theft, extortion, intelligence collection, or IT worker infiltration once access is established. This trend continued into Q1 2026, where hands-on-keyboard intrusions targeting technology entities accounted for 20% of all interactive intrusions observed; this was 26% more hands-on-keyboard intrusions than the second most targeted sector (Consulting and Professional Services) experienced in Q1 2026, CrowdStrike said in its 2026 Technology Threat Landscape Report. Between April 1, 2025, and March 31, 2026, North America-based technology organizations experienced the highest level of targeting from both eCrime and state-sponsored threat actors, accounting for 45% of all hands-on-keyboard intrusions targeting the sector.

• China-linked hackers posed the biggest espionage threat to technology companies over the past year, CrowdStrike said, amid surging investment in artificial intelligence, Reuters reports. The hacking campaigns align with the Chinese government’s strategic priorities and a sustained interest in technology ‌development, intellectual property, and information with strategic and economic value, the firm said.

OSINT YOU NEED TO START YOUR DAY: The Cyber Briefing is brought to you by the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. SUBSCRIBE

WE WANT TO HEAR FROM YOU: What would you like to see in your morning briefing? Reach out to Executive Editor Bridget Johnson with your comments and suggestions

(Watch on YouTube or click the player above)

NEW: A new executive order on artificial intelligence and cybersecurity sends a clear signal: Advanced AI now sits at the center of how the United States thinks about cyber defense, national security, critical infrastructure resilience and strategic competition. In this episode of Cyber Focus, Frank Cilluffo sits down with Daniel Kroese, vice president of global policy at Palo Alto Networks and a senior fellow at the McCrary Institute, to unpack what the order means in practice. Kroese argues that the most important signal is the administration’s effort to bring government, industry and critical infrastructure operators together quickly — not simply to study AI risk, but to operationalize AI-enabled defense while preserving the innovation advantage that gives the United States its head start.

SUBSCRIBE TO CYBER FOCUS: YouTube | Spotify | Apple Podcasts

Agriculture

Screwworms in U.S.: Human risk is low — but they can burrow through your skull

Ravenous, flesh-eating flies have busted through containment barriers and have now reemerged in the US. On Monday and Tuesday, the US Department of Agriculture reported three new cases, bringing the tally to five. One of the cases is in a dog, though it’s unclear where it became infected; the dog lives in New Mexico, had its infection reported in Texas, and may have recently traveled to Mexico, where the flies are also spreading. But the other four US cases were all in Texas — and all in calves — two in Zavala County and two in La Salle County. Almost all the attention over screwworm’s resurgence has focused on the threat to livestock, like the calves and, in turn, the financial risk to the cattle industry. (ARSTECHNICA.COM)

Breaches

French government messaging service breached in account hijacking attack

DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked user account to breach Tchap, the French government’s encrypted messaging platform. Developed in-house by DINUM in collaboration with ANSSI (the French Cybersecurity Agency) in 2018, Tchap is an instant messaging service and collaboration tool based on the decentralized Matrix protocol, designed exclusively for the French public sector. Tchap has now reached over 300,000 monthly users and over 500,000 downloads on Google’s Play Store after Prime Minister François Bayrou mandated the use of Tchap and banned foreign apps for work communications for all civil servants in early August 2025. (BLEEPINGCOMPUTER.COM)

Cybercrime

Encrypted chats expose Kosovar organized crime network behind EUR 80 million criminal empire

Messages exchanged on the encrypted communication platform SKY ECC have exposed a Kosovar-based organized crime network in large-scale drug trafficking, the use of fraudulent IDs, illegal possession of weapons, and money laundering across Europe. The intelligence gathered during a three-year investigation culminated on June 9 in a coordinated action day in Kosovo*, where authorities arrested five key members of the criminal organization. Some 150 officers were deployed on the ground, supported by a Europol expert. (EUROPOL.EUROPA.EU)

DDoS

Indonesian media outlet Tempo targeted by 24.9 million DDoS requests

A major wave of cyberattacks on Tempo has disrupted access to one of Indonesia’s leading news websites, with the media outlet reporting millions of malicious requests directed at its servers over several days. The Tempo cyberattack, which began on Friday, involved a distributed denial-of-service (DDoS) assault designed to overwhelm the company’s infrastructure and hinder public access to its journalism. According to Tempo’s technology team, the attacks generated an extraordinary volume of fake internet traffic, placing significant pressure on the organization’s servers and temporarily affecting the availability of the website for readers in Indonesia and elsewhere. (THECYBEREXPRESS.COM)

Emergency services

Louisiana fire district sues cybersecurity firm after hack

The St. George Fire Protection District is suing a Baton Rouge cybersecurity firm after hackers were found to have gained access to the fire district’s network— and were lying in wait for a future attack. In a suit filed on May 23, the fire district is seeking damages for a December 2023 security breach that its contracted cybersecurity firm, General Informatics, allegedly failed to prevent. Hackers in that attack were found to have been “living off the land” inside St. George Fire Protection District’s computer network, meaning they were using legitimate and trusted software tools already built into the network to evade detection and gain access to other trusted networks. (GOVTECH.COM)

Health care

Anubis ransomware gang claims credit as Mississippi hospital reveals attack impacted 54K patients

A health system in Mississippi has revealed a December 2025 data breach of its network resulted in records on 53,888 patients being stolen by hackers. Meanwhile, an infamous cybercrime cell has claimed credit for the attack, posting proof on the dark web. Last month, Singing River Health System reported official numbers from the incident to the U.S. Department of Health and Human Services’ Office for Civil Rights, which operates a data breach tracker. This came after an investigation into what it called a “cybersecurity incident” that staff at Singing River discovered a few days after cybercriminals were already inside its network. (HEALTHEXEC.COM)

WATCH: White House National Cyber Director Sean Cairncross, CISA Acting Director Nick Andersen and more top leaders at the recent McCrary Cyber Summit

Artificial intelligence

OpenClaw AI agent found falling for phishing attacks, spills user data

Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics commonly used to compromise human users. The OpenClaw open-source AI agent framework allows large language models (LLMs) to interact with real-world systems and perform actions autonomously. It can be used as an email agent for basic reasoning and operations. Researchers at security firm Varonis created an OpenClaw agent and connected it to a Gmail inbox, browser tools, Google Workspace APIs, and fabricated internal company data sources, instructing it to monitor and process incoming emails. (BLEEPINGCOMPUTER.COM)

Education

Students remain higher ed’s cybersecurity weak link

Just 22 percent of chief technology officers say students at their institution receive adequate cybersecurity training, according to Inside Higher Ed’s 2026 Survey of Campus Chief Technology/Information Officers. By comparison, 68 percent say faculty and staff receive adequate training. Another 70 percent say their institution’s leadership prioritizes cybersecurity investments. Students constituting a gap in their institutions’ cybersecurity ecosystems is nothing new. In last year’s survey, just 26 percent of CTOs reported requiring student cybersecurity training, versus 79 percent for faculty and 86 percent for administrative staff. (INSIDEHIGHERED.COM)

Malware

NFCShare Android malware spreads via fake banking app updates on GitHub

New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub. The malware has evolved and is now targeting customers of multiple banks and financial institutions across Europe in a phishing campaign aimed at stealing payment card data. After tricking victims with a fake verification screen to place the cards near the mobile device’s near-field communication (NFC) chip, NFCShare reads the information using Android’s IsoDep interface and EMV commands. (BLEEPINGCOMPUTER.COM)

Phishing

Tax phishing emails deliver in-memory malware to Windows systems

Cybercriminals are leveraging tax-themed phishing emails to deploy sophisticated in-memory malware on Windows systems, bypassing traditional disk-based detection mechanisms. The attack cascade begins when victims receive phishing emails containing malicious attachments disguised as official tax documents, W-2 forms, or rejected tax form notifications from legitimate entities like Intuit QuickBooks or HM Revenue & Customs. When opened, these attachments trigger a multi-stage execution chain that never writes malicious code to disk. Instead, attackers leverage legitimate Windows administration tools including PowerShell, mshta.exe, and Windows Management Instrumentation to execute shellcode loaders entirely in memory. (GBHACKERS.COM)

Trends

75% of firms deploy vulnerable code amid pressure on CISOs, report finds

According to the research, released on Jun 8 by Checkmarx, 95% of CISOs said they faced pressure to deprioritize or delay reporting of security issues by other parts of the business. As a result of this pressure, 75% of those surveyed said that their organization had knowingly deployed vulnerable code into a production environment. When asked why this code had been deployed, 30% responded that compensating controls were believed to sufficiently mitigate the risk and 27% said it was pushed out to meet a business, feature or security-related deadline. Meanwhile, a further 27% said that the vulnerability in the code was not detected until after deployment. (INFOSECURITY-MAGAZINE.COM)

Vulnerabilities

Cisco customers encounter another SD-WAN zero-day under attack

Cisco customers are confronting yet another actively exploited zero-day vulnerability affecting the vendor’s SD-WAN management software, reinforcing pressure on organizations that have experienced rare breaks from active threats this year. The vulnerability — CVE-2026-20245 — marks the seventh actively exploited zero-day in Cisco SD-WANs this year. Cisco said it first became aware of active exploitation of the latest defect in the network management software earlier this month. The company disclosed the vulnerability, which was first spotted by Mandiant, on Thursday and warned that a security patch is not yet available and there are no workarounds to mitigate the defect in the meantime. (CYBERSCOOP.COM)

A record-breaking Microsoft Patch Tuesday for June 2026

Microsoft released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available. The software giant said in a blog post last month that both its engineers and the security community are increasing using artificial intelligence tools to find bugs, meaning this month’s heavy Patch Tuesday may start to become the norm, said Satnam Narang, senior staff research engineer at Tenable. (KREBSONSECURITY.COM)

ServiceNow flaw exploited to gain unauthorized access to customer instances

ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. “On June 5, 2026, ServiceNow applied a security update to hosted customer instances,” the company revealed in an advisory that requires customer access. “The update concerned a security issue that could allow an unauthenticated user, in certain circumstances, to gain greater access to ServiceNow instances than intended.” The security update makes changes to an endpoint configuration to limit this access to authenticated users. The security flaw currently does not have a CVE identifier. Details of the issue first emerged on Reddit. (THEHACKERNEWS.COM)

New Veeam vulnerability exposes backup servers to RCE attacks

Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domain-joined backup servers. The vulnerability (tracked as CVE-2026-44963 and reported by WatchTowr security researcher Sina Kheirkhah) affects Veeam Backup & Replication (VBR) 12.3.2.4465 and all earlier version 12 builds, and was fixed in version 12.3.2.4854. While any domain user with low privileges can exploit this vulnerability, the flaw only impacts Veeam Backup & Replication installations that are joined to a domain. (BLEEPINGCOMPUTER.COM)

Critical vulnerabilities patched in Fortinet, Ivanti products

Fortinet and Ivanti on Tuesday rolled out fixes for multiple vulnerabilities in their products, including critical-severity OS command injection flaws. Fortinet published three advisories describing security defects in FortiSandbox, FortiOS, FortiProxy, and FortiPortal. The most severe of the three bugs is CVE-2026-25089 (CVSS score of 9.8), an OS command injection issue impacting FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. (SECURITYWEEK.COM)

Six Proto6 vulnerabilities in protobuf.js expose Node.js apps to RCE and DoS

Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution (RCE) and denial-of-service (DoS) attacks. “In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger crashes, runtime corruption, or even code execution,” Cyera security researcher Assaf Morag said. The vulnerabilities have been codenamed Proto6. (THEHACKERNEWS.COM)

Adobe patches 123 vulnerabilities

Adobe’s latest Patch Tuesday updates fix 123 vulnerabilities across 11 products. Of the total, 57 vulnerabilities were patched in Adobe Experience Manager. The vast majority are XSS flaws that allow arbitrary code execution, and three issues have been described as improper input validation that can lead to a security feature bypass. Two critical issues with a CVSS score of 10, both allowing arbitrary code execution, have been patched in Adobe Campaign Classic. (SECURITYWEEK.COM)

Critical phpBB flaw lets attackers hijack any account with one request

A critical flaw in the phpBB forum software has been disclosed that lets attackers hijack any account, including administrators, with a single unauthenticated request and no password. Tracked as PTT-2026-004 and rated 9.4 on the CVSS scale, the flaw is pending an official CVE ID. The authentication bypass was discovered by Dan Stefan Alexandru of Pentest-Tools.com and reported to phpBB on June 4. Every phpBB version up to 3.3.16 is affected in its default database-authentication mode, meaning a standard install is exposed out of the box. The 4.0.0 alpha is vulnerable too. (INFOSECURITY-MAGAZINE.COM)

China

Taiwan test-fires U.S.-supplied missile launcher toward China

Taiwan fired U.S. mobile missile launchers into the strategic waters directly facing China for the first time on Wednesday, sending a message of resolve to Beijing and Washington. The Taiwanese army used truck-mounted High Mobility Artillery Rocket Systems, or Himars, to fire 32 test rockets from a site near a river mouth on Taiwan’s western coast, which has been regarded as a potential landing point for invading Chinese forces. The drill was the highlight of two days of military exercises showcasing Taiwan’s preparations to combat an amphibious invasion. China considers democratically self-ruled Taiwan as part of its territory and hasn’t ruled out potentially using force to absorb the island. (WSJ.COM)

Russia

WinRAR flaw exploited by Russia-aligned groups to deploy stealers in Ukraine

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw that allows an attacker to write files outside the extraction directory via NTFS Alternate Data Streams (ADS). It was patched by WinRAR in July 2025. The findings show “how unmanaged software keeps an exploited entry point open long after the fix ships,” Trend Micro researchers Hiroyuki Kakara and Feike Hacquebord said in an analysis published Monday. (THEHACKERNEWS.COM)

Hackers pose as women seeking romance to spy on Russian soldiers

A previously undocumented cyber espionage group has been attempting to compromise the smartphones, computers and Telegram accounts of Russian military personnel by posing as women seeking romantic relationships, researchers have found. The group, dubbed SiribClone by Russian cybersecurity firm F6, has been active since at least the summer of 2025 and has primarily targeted members of the Russian armed forces stationed in border regions and combat zones. The campaign appears aimed at gathering battlefield intelligence by stealing files, monitoring communications and collecting sensitive military information from Russian troops deployed near the front line, researchers said in a report released last week. (THERECORD.MEDIA)

Acquisition

DHS annual assessment: Dynamic environment affects efforts to manage acquisition risks

The Department of Homeland Security plans to spend at least $55 billion on programs to develop and buy ships, technology systems, and more for national security. Under current legislation, DHS expects to receive at least $14 billion in additional funding, with most of that money going toward Coast Guard and Customs and Border Protection programs. At the same time, some DHS programs faced staffing and oversight changes. For example, some programs lost as much as 20% of their staff, which puts program goals at risk. And in October 2025, DHS dissolved a key acquisition oversight office. (GAO.GOV)

Artificial intelligence

GSA playing catch-up with industry on AI and tech, agency head says

Amore centralized government portal and more artificial intelligence deployment are just a couple ways the General Services Administration is slowly but surely trying to bring government services up to industry speed, its top official said Tuesday. At the IBM Think Gov 2026 conference at Nationals Park in Washington, D.C., GSA Administrator Edward Forst said the name of the government technology modernization game is catch-up, and the play is a bit of “instant gratification” from early wins and measurable goals. “We have stricken — although not to perfection yet — the word ‘monetization’ from our vocabulary,” he said. “I view it in our context as just catching up to yesterday.” (FEDSCOOP.COM)

New AI-powered surveillance towers are coming to the southern border

Customs and Border Protection is moving forward on AI-powered autonomous surveillance towers that are expected to be deployed across the southern border, signing a $71 million task order with GDIT last week. The award is the latest in a massive indefinite delivery/indefinite quantity contract, worth up to $1.8 billion, that kicked off three years ago and is aimed at modernizing and expanding CBP’s surveillance tower system. GDIT is a business unit of aerospace and defense company General Dynamics, which generated more than $52 billion in revenue last year. The vendor is a key player in CBP’s modernization plans as the prime contractor on a remote video surveillance program, the developer of a CBP database with quantum sensors and a fundamental part of a number of other projects including the smart border wall. (FEDSCOOP.COM)

Communications

UK weakens proposed telecoms defenses against Chinese hackers after industry pushback

Britain has weakened proposed cybersecurity protections for its telecoms networks that were developed in response to the Salt Typhoon espionage campaign, after the companies responsible for implementing the measures lobbied against cost and practicality, according to documents reviewed by Recorded Future News. Neither the British government nor the telecommunications industry has confirmed whether the China-linked Salt Typhoon campaign compromised networks in the United Kingdom. The National Cyber Security Centre (NCSC) has said Chinese hackers “targeted organisations in critical sectors” globally, including “a cluster of activity observed in the UK.” (THERECORD.MEDIA)

Data centers

FirstEnergy asks FERC to require data centers to pay for transmission interconnection costs

The proposal is based on a cost allocation method that has been used for natural gas pipelines for more than 25 years, according to FirstEnergy. It could be adopted without requiring legislation or “novel regulatory authority,” the Akron, Ohio-based utility company said. The proposal faced pushback at FERC on Monday from Maven Solutions, a consulting firm specializing in AI infrastructure governance and other issues. “FirstEnergy’s framework guarantees the transmission owner’s cost recovery, collateralizes the transmission owner’s investment, and shifts all demand-forecast, utilization, and cancellation risk from the utility to the customer,” Jayne Algermissen, Maven Solutions founder and technical program manager, said in the filing. (UTILITYDIVE.COM)

Wyoming’s data-center boom meets the ‘man camp’ backlash

Twenty years ago, Stan and Tammy Higgins moved into a home just outside this Old West railroad town on 3 acres of windswept shortgrass prairie. From their back window, they saw grazing cattle, roaming antelope and coyotes on the prowl. That pastoral scene is gone: Heavy trucks, earth movers and hundreds of construction workers have run nearly round-the-clock for about two years building a Meta Platforms data center. To the east, Microsoft recently announced plans to triple the acreage of its already sizable data complex. To the south, work is just getting started on Project Jade, which could one day be among the biggest data centers in the U.S. (WSJ.COM)

Defense

Dusting a dirt road: How the United States can break the cycle of failing military infrastructure

OPINION: According to the Department of Defense’s reporting, the United States owns and operates more than 700,000 facilities across nearly 5,000 sites at home and abroad. Much of this infrastructure is aging. Nearly 80 percent of military installations were established before 1970, and one-third of the department’s buildings are more than 50 years old. Less than 5 percent of the department’s budget is allocated towards managing this immense infrastructure portfolio and investing in its maintenance and modernization. As a result, according to the Pentagon’s fiscal year 2025 audit, the deferred maintenance backlog reached over $278 million, 85 percent of which are buildings and structures that “are enduring and required to support an ongoing mission.” Within the past decade, Defense Department officials have testified that nearly one-third of military facilities are in poor or failing condition and that one-quarter of Army barracks are in the same state. (WARONTHEROCKS.COM)

Drones

Pentagon approves long-range, autonomous counter-UAS system for use across the military after border testing

The Pentagon’s counter-drone task force tested a defensive system near the southern border last month that officials said is capable of long-range targeting and 24/7 automated sensing against unmanned aerial threats, approving it for use across the military. Over two days in mid-May at Marine Corps Air Station Yuma, Arizona, Joint Interagency Task Force 401 and other federal agencies deployed SkyValor — a counter-UAS “detect and defeat” system developed by CACI International — against aerial targets at different ranges, elevations and flight paths, according to a spokesperson for the task force. (DEFENSESCOOP.COM)

Inside Ukraine’s AI-enabled drone campaign targeting Russian logistics deep behind the lines

Over the past several weeks, news began emerging about Ukraine’s use of modified, AI-enhanced kamikaze drones to target Russian cargo trucks, fuel tankers, railroad cars and even vessels as far as 150 miles behind the front lines. Dubbed the mid-range strike campaign by Kyiv, this effort is having a devastating effect on Russian logistics, cutting off key highways to Crimea, helping to halt Moscow’s gains and pave the way for Ukrainian advances. (TWZ.COM)

SOCOM seeks ‘self-service’ synthetic data generation platform to boost drones’ computer vision

U.S. Special Operations Command and the SOFWERX innovation hub are launching a new initiative to support SOCOM’s pursuit of new capabilities to train computer vision models for unmanned systems. American special operations forces use various types of drones in the air, maritime and ground domains to support intelligence, surveillance, reconnaissance and other missions. Computer vision can boost those efforts by using AI to detect, identify, classify, and track objects and people of interest. However, there are challenges associated with the technology. (DEFENSESCOOP.COM)

Energy

Not-for-profit utilities turn to energy storage as data centers drive cost, reliability concerns

Meeker Energy, a member-owned electric cooperative serving about 10,000 homes and businesses in central Minnesota, is typical of many non-profit utilities across the country. While investor-owned giants tout the profit potential of large-load pipelines in the gigawatts, distribution coops like Meeker are watching the wholesale cost of electricity rise, with little they can do to mitigate it except controlling for their own consumption. That expense accounts for the largest part of members’ bills. That’s where storage comes in. The utility is in the early stages of testing behind-the-meter residential batteries at members’ homes for resilience and demand response. (UTILITYDIVE.COM)

Maritime

Coast Guard sharpens cybersecurity focus for passenger vessels

With new federal cybersecurity regulations put into effect July 2025, the Coast Guard is incorporating cyber readiness into routine vessel oversight, particularly during inspections and exams. “Operators should expect an increased focus on cybersecurity during safety and security inspections and exams on board vessels as the new cybersecurity regulations are implemented,” the agency said. The Coast Guard’s Commercial Vessel Compliance (CVC) office is responsible for setting the policy framework that underpins the agency’s marine safety, security, and stewardship mission, and the job is getting bigger every year. (WORKBOAT.COM)

Nuclear

Three Mile Island restart closes in on NRC approval

Constellation Energy’s plan to reopen the shuttered Three Mile Island nuclear site in Pennsylvania has cleared another key regulatory hurdle, bringing it one step closer to Nuclear Regulatory Commission approval. The NRC said Tuesday that restarting the Unit 1 reactor, now called the Crane Clean Energy Center, “would have no significant environmental impacts.” If the NRC grants final approval, Constellation has said it’s in position to start producing electricity there again by late 2027. (EENEWS.NET)

Social media

White House says UK should not ban social media for kids under 16

The Trump administration is urging the United Kingdom not to enact a social media ban for kids under the age of 16, citing the “benefits” of access to the open internet. Instead of a formal ban, the U.S. Embassy in London is pushing parents to manage their children’s privacy settings, encourage “study modes” and time control while shying away from official restrictions to technology. “Most content should remain accessible by default, including political speech,” the embassy wrote in its announcement. (THEHILL.COM)

Space

Stars and signals: Why operational advantage from satellites and drones decays faster than we think

OPINION: Modern military forces depend on satellites, networks, and precision navigation rather than the visual bombing cues of World War II. Nevertheless, the outcomes in battles still center on how long information remains usable enough to support decision-making before it is degraded, denied, or mistrusted. After two decades of fighting in Afghanistan and Iraq, modern militaries, such as U.S. and NATO forces, have become accustomed to persistent access to space-enabled services. This includes communications, as well as positioning, navigation, and timing (PNT), and intelligence, surveillance, and reconnaissance (ISR). (SMALLWARSJOURNAL.COM)

Surveillance reauthorization stuck amid Trump’s Pulte pick

Congress spent another day stalled on the renewal of a key surveillance authority Tuesday, as President Donald Trump declined to help clear a legislative path and instead dug in on his temporary choice in Bill Pulte as acting director of national intelligence. Lawmakers and the White House are sliding closer to the deadline Friday when statutory authority expires for Section 702 of the Foreign Intelligence Surveillance Act, which allows the U.S. government to collect digital communications of foreigners located outside the country. The program already has generated controversy because it also sweeps up the communications of Americans and allows the FBI to search through data without a warrant, using information such as an email address. (ROLLCALL.COM)

‘Not an option’: Top Senate defense appropriator says third reconciliation bill unlikely

Another reconciliation bill with funding for defense is “really not an option,” the head of the Senate Appropriations defense subcommittee said today, casting further doubt on the Pentagon’s plans to use $350 billion in reconciliation money to fund a $1.5 trillion defense budget. “I think it’s safe to conclude there will not be another reconciliation bill,” Sen. Mitch McConnell (R-Ky.) said during a hearing. McConnell’s remarks came in response to an exchange between Air Force Secretary Troy Meink and Senate Appropriations Chairman Susan Collins (R-Maine), who asked Air Force leaders what would happen if funding for the F-35 included in the reconciliation request never materializes. (BREAKINGDEFENSE.COM)

House prediction market ban faces turbulence

As House Republicans try to follow the Senate in curbing members’ prediction market trading, one top Democrat said his party would likely oppose it in the hopes of passing a stronger ban next year — if the chamber flips in November. “We’re going to pass a real stock trading ban, and it will include prediction markets,” Rep. Joe Morelle (D-N.Y.) said in a brief interview. Administration Committee Chair Rep. Bryan Steil (R-Wis.) first told Semafor he would aim to amend legislation limiting congressional stock trading to include prediction market restrictions. But that GOP effort faces substantial resistance from Democrats, who argue it should include the executive branch. (SEMAFOR.COM)

CISA adds three known exploited vulnerabilities to catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2026-7473 Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability, CVE-2026-11645 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, CVE-2026-20245 Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise. (CISA.GOV)

TO BE INCLUDED IN THIS CALENDAR, SUBMIT YOUR SECURITY-FOCUSED EVENT FOR CONSIDERATION

AI ECONOMY: How can AI be deployed effectively to enhance economic mobility and ensure the benefits of AI systems are reaped widely? On June 10, the Brookings Center on Regulation and Markets will host a fireside chat with Neil Thompson, director of the FutureTech project at MIT, to explore the intersection of AI and economic mobility. 

DIB: Join Hudson Institute for a June 11 fireside chat between Hudson Senior Fellow Nadia Schadlow and Deputy Assistant Secretary for Industrial Base Growth and Director of the Office of Small Business Programs James Mismash. The discussion will explore current efforts to strengthen the defense industrial base, expand industrial capacity, and foster greater participation and competition across the national security ecosystem.

AI AND THE WORKFORCE: Join AEI for the June 11 launch of the Commission on AI and the Future of the American Workforce, a joint initiative of the American Enterprise Institute and the Urban Institute. This commission brings together leaders from industry, labor, academia, and government to develop an actionable policy framework for AI-driven employment disruption. Hear from the commission co-chairs — former Speaker of the House Paul Ryan and former US Secretary of Commerce Gina M. Raimondo — as well as AEI President Robert Doar, and Urban Institute President Sarah Rosen Wartell as they unveil the commission’s mission and approach.

SECURITY POLICY: From AI and drone warfare to global alliances and economic security, America and its allies need “New Rules” to compete, deter, and win in the 21st century. Join leading voices in national security for an exclusive, all-day Center for a New American Security conference on June 11 at the forefront of today’s most consequential issues — from AI and cybersecurity to the latest developments in Iran, economic statecraft, and America’s strategic readiness across the world.

NORTH KOREA: On June 12 join the Indo-Pacific Security Initiative (IPSI) of the Atlantic Council’s Scowcroft Center for Strategy and Security for the launch of Nonresident Senior Fellow Jieun Baek’s latest book, “Privileged but Powerless.” Baek’s second book on North Korea draws on hundreds of hours of rigorous fieldwork and interviews with defectors to examine a surprising yet critical vector of regime instability. In a fireside chat, Baek will discuss how North Korea’s system of privilege and control shapes elite insecurity at the highest levels of the regime.

HYBRID WARFARE: On June 15 the Atlantic Council’s Eurasia Center will host an expert discussion on how the United States can best counter malign Russian and Chinese hybrid operations. Moscow and Beijing have long pursued campaigns of subversion, sabotage, and subterfuge against the West. Today, those efforts appear to be converging. Many of Beijing’s dual-use technologies have been instrumental in sustaining Russia’s war against Ukraine. Eurasia Center Senior Director and former US Ambassador to Ukraine John Herbst moderates a conversation on what the Russia-China hybrid axis means for Washington and its allies.

DIGITAL INFRASTRUCTURE: On June 16 the Atlantic Council’s Democracy + Tech Initiative will host a discussion to launch a new report examining the future of global connectivity financing and strategic competition over digital infrastructure. As China expands its Digital Silk Road through state-backed financing and integrated technology offerings, the United States and its allies face growing pressure to develop a credible alternative for expanding internet access in underserved markets. 

DIB: Join CNAS on June 16 for a fireside conversation with DoD’s Michael Cadenazzi examining the challenges and priorities shaping U.S. munitions production and defense industrial base policy. This event will examine how policymakers, industry partners, and acquisition officials can work together to build the surge capacity the United States needs, in a focused conversation on the future of U.S. munitions production and defense industrial base policy.

NUCLEAR: Why does the U.S. struggle while nuclear leaders such as China and France succeed? A combination of standardized designs, predictable regulation, and rapid regulatory approval all appear to play a role. And while bipartisan support for nuclear energy has grown due to its role in AI-driven energy demand and climate goals, political anxieties in the United States persist. Join AEI on June 18 to dissect the economic, regulatory, and political tensions that keep the U.S. lagging behind when it comes to nuclear energy.

MARITIME SECURITY: Please join the CSIS Defense and Security Department (DSD) and the U.S. Naval Institute (USNI) on June 18 for a Maritime Security Dialogue event featuring Lieutenant General Eric Austin, USMC, CG, MCCDC / DC, CD&I / PAE-MC. LtGen Austin will sit down with Dr. Seth G. Jones, president, CSIS Defense and Security Department, to discuss the future growth of the Marine Corps, lessons from the recent wars in Ukraine and the Middle East, and implications for the Indo-Pacific. Rear Admiral Raymond A. Spicer, USN (Ret.), chief executive officer and publisher, U.S. Naval Institute, will offer opening remarks. 

NUCLEAR: For the first time, the United States is preparing to deter two nuclear adversaries­­­, Russia and China. In today’s post-New START environment, U.S. adversaries remain committed to weakening American resolve and undermining Washington’s commitment to its allies. Join Hudson Senior Fellow and Keystone Defense Initiative Director Dr. Rebeccah Heinrichs and Administrator of the National Nuclear Security Administration Brandon Williams for a June 18 discussion on the administration’s priorities in strengthening the U.S. nuclear enterprise.

AI AND EXPORT CONTROL: Join House Foreign Affairs Committee Chairman Brian Mast and Senator Jim Banks for a June 25 fireside chat hosted by the Hudson Institute on Congress’s role in U.S. export control strategy to outcompete China in technology and AI development. The conversation will examine ways to close loopholes, guard America’s most critical technologies, and prevent Beijing from leveraging American innovation against American interests. 

GLOBAL SECURITY: Join the CSIS Defense and Security Department on June 30 for its annual Global Security Forum. This year’s conference will center on the theme “America at 250: A Defining Moment for American Statecraft and Military Power.: Through keynote addresses and expert panel discussions with government, industry, and finance experts, the Forum will examine how the tools of statecraft are being redefined and how the United States can harness innovation, rebuild industrial capacity, strengthen deterrence, and renew the foundations of leadership in a more dangerous world.

---

FOLLOW THE McCRARY INSTITUTE ON LINKEDIN | X | BLUESKY

SUBSCRIBE TO THE CYBER FOCUS PODCAST: YOUTUBE | SPOTIFY | APPLE PODCASTS

SUBMIT A TIP