Cyber Briefing – June 29, 2026

MYTHOS GETS OUT OF JAIL: The U.S. government Friday lifted its block on Anthropic’s powerful Claude Mythos 5 AI model, allowing the company to release it to more than 100 U.S. institutions including major companies and government agencies, Semafor reports. The decision, in a letter sent Friday afternoon to Anthropic, is a major de-escalation in the confrontation between the Trump Administration and one of the world’s most valuable private companies. Two weeks ago the administration imposed export controls on Mythos, leading to a shutdown of the model and its cousin Fable 5 after warnings from Amazon and other companies that they could be “jailbroken” for malicious purposes. The letter is silent on Fable 5, a weaker version of Mythos that was briefly the most powerful AI model widely available to consumers. People close to the talks said they are moving toward releasing Fable as well, though that timeline is unclear.

• Chinese artificial-intelligence systems have matched the performance of Anthropic’s powerful model Mythos in some cybersecurity scenarios, a development poised to reset the global tech race and pressure the White House in its overhaul of U.S. AI policy, The Wall Street Journal reports. Security researchers said that a new AI model, released this month by China’s Zhipu AI, also known as Z.ai, can match the latest U.S. models when it comes to finding security bugs, although it still lags behind Anthropic’s and OpenAI’s products in other tasks.

• A coalition of technology companies, including Anthropic, AWS, IBM and Microsoft, announced a joint effort to find, disclose and remediate security flaws in open-source software, Cybersecurity Dive reports. The group, called Akrites, will establish a shared security incident response team as well as a coordinated vulnerability disclosure process. The founding members, led by the Linux Foundation, will commit extensive resources to the effort, including funding, engineers and cybersecurity expertise. Officials said the plan was mainly driven by the emergence of frontier AI models that radically accelerated the ability to discover vulnerabilities in critical software applications.

IRAN HACKERS TARGET U.S. EMERGENCY SERVICES SECTOR: Pro-Iran hackers who took credit for a nationwide Friday outage of a platform delivering emergency alerts in major U.S. cities said Sunday that they hit the National Weather Service website, Threat Beat reports. The outage came as a dangerous heat dome is expected to scorch the eastern half of the country this week. Users began reporting trouble with weather.gov at Downdetector shortly before 9 a.m. Sunday. The Islamic Cyber Resistance in Iraq – 313 Team posted on its Telegram channel at 10:14 a.m. that it “carried out a sophisticated cyberattack targeting the U.S. National Weather Service” that “caused intermittent outages and slowed down the website’s operations.”

• The hacking group, which has claimed attacks on multiple Western websites throughout the U.S.-Israel conflict with Iran, said they were behind the outage of an incident response platform that alerts residents and response teams during disasters, attacks, public health emergencies and more, Threat Beat reports. The D.C. Homeland Security and Emergency Management Agency announced on Facebook Friday evening that Everbridge, “the technology platform behind AlertDC, is currently experiencing a nationwide outage.” AlertDC is the district’s official emergency notification system that sends residents who sign up emails or text alerts about extreme weather, government and school closures, crime and traffic advisories, power outages, Amber Alerts and more. Other jurisdictions including Fairfax County, Va., and San Francisco posted similar messages about the Everbridge outage on their social media accounts. 

• The Federal Communications Commission on Thursday approved a set of basic cybersecurity rules for the companies that issue emergency alerts in the U.S., Cybersecurity Dive reports. The FCC’s three commissioners unanimously adopted an order that will require Emergency Alerting System (EAS) operators — including radio stations, broadcast TV networks and cable systems — to use strong passwords, deploy network firewalls and promptly apply security patches. In a statement, the commission said the new requirements would protect EAS systems from “hijacking by cybercriminals and our nation’s adversaries” and thereby “preserve the public’s trust in EAS.”

• A heat dome will develop, strengthen and grow in size over much of the central United States for an extended period through the Independence Day weekend. It will even expand into parts of the East for several days. At its full extent, dangerous conditions will affect more than two dozen states, AccuWeather reports.

MILITARY AI TARGETING ‘WITHIN SECONDS’: A new agentic-AI tool will continuously scan intelligence feeds and operational networks to provide U.S. military commanders with targeting options “within seconds,” the Pentagon announced, Defense One reports. Dubbed Agent Network, the new tool will employ “agents” — artificial-intelligence entities that perform tasks on behalf of a user, such as running a scheduled search or executing an email campaign — to “continuously scan defense intelligence and operational systems, translating findings into clearly presented options,” said a press release, which added: “Agent Network does not autonomously select or strike targets; it ensures commanders remain in charge of every decision.”

• The Army announced Thursday that it has officially created a branch for soldiers specializing in space operations, DefenseScoop reports. The new Space Operations Branch will consolidate the service’s space professionals — including Army Space Operations Officers and enlisted Tactical Space Operations Specialists under the military occupational specialty (MOS) 40D created in 2025. The decision elevates space ops from a functional area to basic branch, formalizing the career within the service. “Establishing the Space Operations Branch is an important step in the Army’s continuous transformation,” Lt. Gen. John Rafferty, commander of Army Space and Missile Defense Command, said in a statement. “It provides the Army with the professional structure to deliver space-based effects directly to our soldiers and units at the tactical edge enabling commanders to fight and win in a contested, multidomain environment.”

EMERGING POWER RISKS REDUCE MARGIN FOR ERROR: The North American bulk power system (BPS) continued to perform reliably in 2025 even as the grid experienced increasing operational complexity, NERC said. NERC’s 2026 State of Reliability (SOR) finds both measurable reliability improvements and emerging risks associated with the changing resource characteristics, growing demand and more challenging operating conditions. New and emerging risks are evolving and reducing the margin for error, amplifying the potential for serious events on the bulk power system. Ongoing grid reliability will depend not only on maintaining and expanding infrastructure and resource adequacy, but also on improving industry’s ability to anticipate, model and mitigate these risks.

• The Department of Energy’s Strategic Petroleum Reserve was created to reduce the impact of oil market disruptions, like the war in Iran. Long-running questions persist about how large the reserve should be to meet evolving energy security needs and international obligations. The reserve’s aging infrastructure also needs further updates to ensure it remains capable of receiving and releasing oil as designed. However, Congress hasn’t specified its priorities or identified a target size for the reserve, and DOE doesn’t have a long-term plan to inform operational and investment decisions, the Government Accountability Office reports.

‘KNOWLEDGE-BASED’ ECONOMY FACILITATES TECH TRANSFERS TO IRAN: Iran’s network of state-run “innovation houses” and trade platforms is a main channel for acquiring sanctioned dual-use technology from the People’s Republic of China (PRC). Like the oil trade, it is steered from the top on both sides and shielded by mutual deniability, the Jamestown Foundation reports. The Iranian Vice Presidency for Science, Technology, and Knowledge-Based Economy (VPST) and its Islamic Revolutionary Guard Corps-linked arm, embeds Iranian firms in the PRC’s military-civil fusion and united front systems, and steers them toward military-linked suppliers. Throughput is still modest, but wartime devastation, a new U.S. oil-sanctions waiver, and Parliament Speaker Mohammad Bagher Ghalibaf’s elevation as Iran’s special envoy for the PRC are hardening the network into a durable procurement pipeline, positioned to tap into the proposed $300 billion reconstruction fund.

OSINT YOU NEED TO START YOUR DAY: The Cyber Briefing is brought to you by the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. SUBSCRIBE

WE WANT TO HEAR FROM YOU: What would you like to see in your morning briefing? Reach out to Executive Editor Bridget Johnson with your comments and suggestions

(Watch on YouTube or click the player above)

As frontier AI models become more capable at finding vulnerabilities, cybersecurity is entering a period where old timelines, disclosure norms and governance tools may no longer fit the speed of the technology. In this episode of Cyber Focus, Frank Cilluffo speaks with CyberScoop editor-in-chief Greg Otto about the recent controversy surrounding Anthropic’s Fable-5 and Mythos 5 models, the government’s use of export controls, and the difficulty of distinguishing between dangerous AI capability and legitimate defensive cyber use. The conversation moves from the Anthropic fight to a broader operational challenge: AI may help defenders discover more weaknesses, but organizations still have to validate, prioritize and fix them. Otto explains why vulnerability disclosure, patching, open-source security and public-private coordination are all being tested by AI’s pace — and why the most important question may not be whether AI can find the problem, but whether institutions can absorb what it reveals.

SUBSCRIBE TO CYBER FOCUS: YouTube | Spotify | Apple Podcasts

Agriculture

Texas agricultural officials issue emergency quarantines across 21 counties for screwworm parasite

Confirmed U.S. cases of the flesh-eating New World screwworm have reached 26, prompting Texas to issue strict emergency quarantine and animal movement orders across 21 counties. A new infested zone has been established covering parts of Jim Hogg, Starr, and Zapata counties following a recent detection in a bovine near the South Texas border. No warm-blooded animals, hides, or carcasses may be moved out of the designated quarantine zones without official inspection, clearance, and authorization by the Texas Animal Health Commission. (FOX7AUSTIN.COM)

Communications

Data breach exposes up to 14.2 million email logins at six ISPs

Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. The company says that it discovered the compromise on June 17 and responded immediately by blocking the attacker and implementing defense measures. The investigation determined that the hackers exploited a vulnerability in an unnamed third-party software that KDDI Corporation used on its system. (BLEEPINGCOMPUTER.COM)

Cybercrime

Oshawa, Ont., man pleads guilty to stealing Texas Republican Party data

Lawyers for an Ontario man accused of stealing and leaking Texan Republican Party data in 2021 say he has pleaded guilty before a Canadian court. In a statement released Thursday afternoon, Arash Ghiassi and Riaz Sayani say Aubrey Cottle has “formally accepted his role” in the hacking of the party’s website five years ago. Ghiassi said in an email that Cottle pleaded guilty in a Newmarket, Ont., courthouse to the unauthorized use of a computer, mischief to computer data, and failure to comply with a release order. U.S. authorities announced the arrest of a man from Oshawa, Ont., in April of last year and said the suspect was facing charges under Canadian law. (CBC.CA)

Supply chain

Hijacked npm and Go packages use VS code tasks to deploy Python infostealer

Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts. “This attack avoids the most common npm execution paths through lifecycle scripts, perhaps in an attempt to remain ‘compatible’ with npm v12’s security hardenings,” JFrog said in a technical analysis. “The package hides execution inside a VS Code task, configured to run automatically when the project folder is opened in VS Code.” (THEHACKERNEWS.COM)

WATCH: White House National Cyber Director Sean Cairncross, CISA Acting Director Nick Andersen and more top leaders at the recent McCrary Cyber Summit

Artificial intelligence

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers. Researchers at Mozilla’s Zero Day Investigative Network (0DIN) AI security platform say that the compromise happens with “no exploit code, no warning, no suspicious command anyone had to approve.” They demonstrated how an attacker could plant an interactive shell on a developer’s device by using Claude Code to run a cloned project without malicious code in the repository. (BLEEPINGCOMPUTER.COM)

Critical Google Gemini CLI flaw lets attackers execute code on headless CI platforms

A critical vulnerability has been identified in Google’s Gemini CLI and the associated run-gemini-cli GitHub Action. This flaw exposes headless continuous integration (CI) platforms to potential host-level code execution when processing untrusted workspaces. It is tracked as CVE-2026-12537, with the advisory identifying it as GHSA-wpqr-6v78-jr5g. Rated at the maximum severity under CVSS v4, the issue arises from improper handling of operating system commands in the container launcher and unsafe assumptions about workspace configuration and tool execution in non-interactive environments, such as GitHub Actions. (GBHACKERS.COM)

Cloud

Amazon Q flaw enabled cloud credential theft via malicious repositories

Researchers at Wiz have disclosed a high-severity vulnerability in the Amazon Q Developer extension for Visual Studio Code that could allow attackers to steal developers’ cloud credentials by luring them into opening a booby-trapped code repository. Amazon Q Developer is an AI-powered coding assistant that offers developers features such as code suggestions, automated refactoring, and access to external tools and services via integrations with local processes. AWS was notified about the issue on April 20 and a patch was released on May 12. The cloud giant published a security advisory this week. (SECURITYWEEK.COM)

CBRN

Radiological and nuclear threats are no longer hypothetical. Europe needs to respond

OPINION: On April 17, two radiological incidents unfolded within hours of each other at opposite ends of the European continent. At the Medyka border crossing in southeastern Poland, border guard officers stopped a Ukrainian woman during a routine screening. One of the hundred-dollar banknotes she was carrying registered radiation levels 1,905 times higher than the permissible threshold. It was the second such case in five months. The same afternoon in London, the Metropolitan Police sealed off Kensington Gardens after a pro-Iranian Islamist group, Harakat Ashab al-Yamin al-Islamia, posted a video showing two men in hazmat suits launching drones toward the Israeli embassy. In the recording, the group claimed the drones were carrying radioactive material. (ATLANTICCOUNCIL.ORG)

Malware

Millenium RAT rewritten in C++ infects 62,000-plus devices across 160 countries

A remote access trojan known as Millenium RAT has been quietly spreading across the globe, and the numbers are hard to ignore. Over 62,000 devices have been compromised across more than 160 countries, with no signs of slowing down. More than 39,000 of those infections happened in just the first quarter of 2026 alone, pointing to an operation that is actively scaling. The malware first appeared in a threat report by CYFIRMA in November 2023, initially tracked as version 2.4. Since then, it has gone through a significant transformation. (CYBERSECURITYNEWS.COM)

Vulnerabilities

Public PoC released for critical libssh2 CVE-2026-55200 client-side SSH flaw

A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No credentials, no user interaction. The bug affects every release up to and including 1.11.1 and carries a CVSS 4.0 score of 9.2. libssh2 is a client-side SSH library, not a server. That distinction matters. It is embedded in curl, Git, PHP, backup agents, firmware updaters, and a long tail of appliances. Anything that links it and reaches out to an untrusted SSH endpoint is a potential target. Many of those copies are statically linked, so a distro package update will not touch them, and you may not know they are there. (THEHACKERNEWS.COM)

Critical Dell Wyse Management Suite vulnerabilities let attackers execute remote code

Dell Technologies has disclosed several critical vulnerabilities in its Wyse Management Suite (WMS) that could enable remote attackers to execute arbitrary code and fully compromise affected systems. Identified under advisory DSA-2026-225, these flaws affect WMS versions prior to 5.5 HF1 and are rated from high to critical in severity, highlighting risks for enterprise environments that rely on centralised endpoint management. The most severe issue, tracked as CVE-2026-41120, has a CVSS score of 9.8 and is classified as an “Acceptance of Extraneous Untrusted Data With Trusted Data” vulnerability. (GBHACKERS.COM)

China

White paper promotes new world order

A new white paper on global governance released by the State Council presents Chinese leader Xi Jinping’s flagship foreign policy initiative as a bid to reform international governance in its favor. Both the white paper itself and surrounding commentary show that Beijing’s dismissals of claims it seeks to reshape the international system are a red herring. The document shows how Beijing sees a route to displacing the United States and the West in the international system runs through global south countries, which it claims to lead, and in particular through harnessing the support of the BRICS countries and the Shanghai Cooperation Organization. (JAMESTOWN.ORG)

Chinese framework powers 200,000 scam sites

More than 200,000 websites are using investment scam templates built with the Chinese open source framework Uni-App, Infoblox reports. A cross-platform development toolkit, Uni-App allows developers to create Vue.js codebases that can be deployed as mobile and desktop applications, or as mobile-optimized websites simultaneously. Widely used in China and supported by a developer ecosystem, the framework powers thousands of legitimate products, and its maker DCloud does not appear to be involved in its fraudulent use. (SECURITYWEEK.COM)

China’s ambitious AI blueprint

OPINION: Haggling in Switzerland’s Bürgenstock Resort Lake Lucerne over the memorandum of understanding between the U.S. and Iran has dominated headlines, but the real news this month is coming out of China. That news was easy to miss. Couched in the often impenetrable prose of Chinese bureaucrats and prefaced with the ritual genuflections toward Xi Jinping’s expressed vision for his country, “Implementation Opinions on Accelerating the Development of ‘AI+Consumption’ ” doesn’t strike the casual observer as a gripping read. But as the Claude-enabled translation provided by Bill Bishop’s invaluable Sinocism newsletter makes clear, something important is happening. (WSJ.COM)

What is the Chinese military thinking about the Iran war?

OPINION: Any rigorous analysis of American combat employment confirms that they remain shackled by ideological blindness anda cognitive flaw: the United States remains a master of the tactical, but an amateur at the strategic. Throughout the campaign, the U.S. military conducted complex operations of immense sophistication, scale, and diversity. These merit our respect and provide certain models for further study. But as has been the case in multiple conflicts across multiple decades, the adversary conflates the kinetic with the realization of political objectives. (DEFENSEONE.COM)

Iran

Iranian cyberattacks on Israel surged in 2026, cyber chief says

The number of Iranian cyberattacks against Israel has shot up since the launch of the US-Israeli war with Iran this year, Yossi Karadi, director general of the National Cyber Directorate, was quoted as saying today. Karadi told German newspaper Die Welt that in June 2025, during the first round of war between Israel and Iran, Israel’s authorities registered around 1,600 hostile cyber incidents. During the same month in 2026, the number had jumped to some 4,800 incidents, he told the paper. (TIMESOFISRAEL.COM)

Russia

SSU and FBI uncover Russian cyber espionage operation against officials and military personnel

The Security Service of Ukraine (SSU), working jointly with the FBI, has formally exposed a sustained Russian intelligence campaign targeting the messaging accounts of government officials, military personnel, politicians, and activists across Ukraine, Europe, and the United States. The operation is ongoing. The goal isn’t disruption; it’s intelligence collection. “Cyber experts of the Security Service of Ukraine together with the Federal Bureau of Investigation exposed Russian special services in systematic cyberattacks on messengers of officials, military personnel, politicians and activists from Ukraine, Europe and the USA.” read the alert by SSU. (SECURITYAFFAIRS.COM)

Artificial intelligence

AI, get me a human! Cities must balance AI efficiency with democratic engagement.

OPINION: The widespread support for Pope Leo XIV’s recent encyclical on artificial intelligence is striking, if not ironic. At a moment when trust in institutions, politicians, and the economy is at historic lows — particularly in the United States and Europe — one of the world’s oldest institutions has managed to capture public attention by warning that efficiency driven by technological advances cannot come at the expense of human relationships, judgment, and dignity. For countries, cities, and communities trying to navigate the AI transition, the Pope’s message provides an excellent reminder that AI governance is not just a technical challenge, but a moral, and, by extension, democratic one. (GMFUS.ORG)

Cloud

FedRAMP finalizes 2026 cloud authorization rules

The Federal Risk and Authorization Management Program (FedRAMP) on June 25 finalized its Consolidated Rules for 2026, giving agencies, cloud service providers, independent assessors, and advisors a single public reference for program requirements, timelines, definitions, and implementation guidance. The rules consolidate requirements covering stakeholder responsibilities, certification pathways, collaborative continuous monitoring, vulnerability detection and response, incident communications, emergency changes, and ongoing reporting. The release is the latest milestone in FedRAMP’s broader 20x modernization initiative, the General Services Administration-led effort to replace documentation-heavy reviews with reusable, measurable security evidence and greater automation. (MERITALK.COM)

Critical minerals

NATO’s critical minerals security runs through the eastern flank. Why Bucharest 9 should lead it

OPINION: Washington demanded that Europe shoulder NATO’s conventional defense by 2027, but Beijing’s new export controls mean every European magnet, motor, and missile component now requires a Chinese permit slip. The Bucharest 9 – sitting atop most of the eastern flank’s mineral wealth – is the right platform to close this gap, and this paper sets out the geological mapping, stockpiling, and counter-disinformation agenda that would make it work. (SMALLWARSJOURNAL.COM)

Data

ATF cancels controversial commercial geolocation contract

The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) canceled a contract with Penlink that used ad-surveillance technologies to track the location of Americans. The contract was canceled a little more than a month after ATF Director Robert Cekada acknowledged under questioning from Rep. Michael Cloud (R-Texas) in a congressional hearing that the agency was purchasing the geolocation data of Americans through a contract for “an ad-tech type thing” that would provide the agency with geolocation data “based on the ads that go through.” “We have purchased access to that system but we have not used it for a criminal case because we have not established any policies yet on how we would do it,” Cekada said. (CYBERSCOOP.COM)

Data centers

Data centers are ready to negotiate flexibility for speed

With the U.S. facing an electricity affordability crisis and demand rising quickly for the first time in decades, experts say the Federal Energy Regulatory Commission’s June 18 order to system operators to provide transmission for flexible large loads underscores the urgent need to implement data center load flexibility. Just a 1% to 2% reduction in data center peak demand can reduce electricity rates 0.5% to 2.8% and protect reliability, according to a 2026 Duke University Nicholas Institute study. And pilots and analysis led by the Electric Power Research Institute, or EPRI, show how flexibility is within reach that can also get data centers interconnected faster. (UTIILITYDIVE.COM)

Defense

Technology release and foreign disclosure: DoD is taking action to help improve its processes

DoD and other agencies use specific processes to determine whether to sell defense items — such as tanks and guns — and disclose sensitive information to U.S. allies. In 2024, Congress told DoD to assess how well those processes were working. By year’s end, DoD reported on challenges and proposed reforms to improve efficiency. For example, decisions to release specialized technology require multiple stakeholders to weigh in. DoD is exploring the creation of a centralized policy database to coordinate efforts. DoD officials told GAO it had implemented 26 of 33 planned reforms by May 2026. And, DoD is set to complete all 33 by November. (GAO.GOV)

The defense industrial alliance Washington is throwing away

OPINION: As the relationship between the United States and Canada continues to degrade, it now comes at the expense of each country’s industrial security. Last month, the Pentagon announced the unilateral suspension of the 86-year-old Canadian Permanent Joint Board on Defense in response to what the White House sees as Ottawa’s failure to present a credible plan to spend 3.5 percent of GDP on defense by 2035. And the opening of the gleaming new bridge between Detroit and Windsor has been long delayed in the tense run-up to the continental trade deal review. What many policymakers in Washington fail to realize is that their actions are producing the opposite of their intended effect (encouraging Canada to invest further in its defense). (WARONTHEROCKS.COM)

Drones

Strategic snapshot: Ukrainian drone mastery changing war’s tide 

Ukraine finds itself in its best battlefield position since autumn 2022. Leadership changes within Ukraine’s Ministry of Defense have spurred rapid drone innovation, allowing the Armed Forces of Ukraine (AFU) to fight more effectively and sustainably on the battlefield. At the same time, Ukraine’s burgeoning mid- and long-range strike capabilities erode Russia’s war machine at an escalating rate. The AFU’s recent battlefield success has attracted global demand for Ukrainian drone technology in the wake of the conflict with Iran. Ukraine has signed numerous defense agreements, not only with Western partners, but also Gulf States, at the political and private sector levels. Ukraine has bolstered its global standing through cutting-edge defense technology. (JAMESTOWN.ORG)

DHS looks to put funds toward FBI’s counter-drone training center

The Department of Homeland Security is continuing to explore ways to bolster its defenses against drones, according to DHS Secretary Markwayne Mullin, who testified on Thursday before the House Appropriations Committee. Last week, DHS leaders met with FBI Director Kash Patel, per the agency’s top official. The FBI runs a counter-UAS training center in Alabama that serves as the federal government’s primary training and certification facility for related operations. The installation has played a central role in upskilling law enforcement ahead of the FIFA World Cup. “We have more people asking to get into the school than he has space to do it,” Mullin told lawmakers of the training center. “We are looking for ways to partner with him to be able to put DHS funding directly to that.” (FEDSCOOP.COM)

Could the Army’s light squad vehicle power battlefield drones?

The Army’s proliferating drone use is exacerbating the modern problem of keeping everything charged. One combat team is testing ways to use its light Infantry Squad Vehicles as mobile charging stations. “As we field technology, power generation becomes increasingly problematic. The [Integrated Tactical Network], all the soldier-borne equipment, all require batteries that have to be recharged. [Enhanced Night Vision Goggles] require batteries, particularly to use thermals,” said Col. Ryan Bell, commander of the 3rd Mobile Brigade Combat Team in the 101st Airborne Division, of lessons from an April training rotation at the Joint Readiness Training Center at Fort Polk, Louisiana. (DEFENSEONE.COM)

South Korea to train half a million military personnel to become ‘drone warriors’

All of South Korea’s military forces will be trained as drone operators in a sweeping overhaul of its warfare strategy, the defence minister has said. “All soldiers should be able to use drones like a second personal firearm,” Ahn Gyu-back, who heads the defence ministry in Seoul, said on Friday. The plan envisages training 500,000 authorised military personnel across the army, navy, air force and marines to become “drone warriors”, the ministry said. Wars in Ukraine and the Middle East had shown that drones were now a “gamechanger on the battlefield”, Ahn said. (THEGUARDIAN.COM)

Energy

445 GW — mainly solar, storage — to come online by 2030 as demand growth surges: ICF

ICF expects about 445 GW of nameplate capacity will come online in the United States from this year through 2030. Given the characteristics of different technologies, however, the capacity will only contribute about 191 GW to meeting peak load, the consulting firm said in a report released Thursday. ICF expects U.S. electricity demand will grow 21% by 2030 and 39% by 2035 from 2026 levels, according to the report, “Electricity Demand Growth: How Will the Grid Keep Pace?” It forecasts that peak demand will increase 14% by 2030 and 25% by 2035 from 2026 levels. (UTILITYDIVE.COM)

Dubai’s DEWA stops 3,000 cyberattacks daily as critical Infrastructure threats rise

As cyber threats against critical infrastructure continue to rise globally, the Dubai Electricity and Water Authority (DEWA) says it is successfully blocking around 3,000 cyberattacks every day targeting its electricity and water systems. The figure was revealed by Saeed Mohammed Al Tayer, Managing Director and CEO of DEWA, during a session hosted by the Dubai Press Club, where he outlined how artificial intelligence, digital infrastructure and cybersecurity have become central to safeguarding Dubai’s energy and water networks. Al Tayer said cyber resilience has become a national priority as utilities increasingly rely on connected digital systems, smart infrastructure and AI-powered operations. (ITP.NET)

Health care

HHS agencies flesh out priorities for healthcare AI

The U.S. Department of Health and Human Services is preparing new guidance to help accelerate the adoption of artificial intelligence across healthcare, with federal officials signaling that governance frameworks, implementation support and new approaches for evaluating clinical AI tools are among the department’s top priorities. Officials from multiple HHS agencies – including the Office of the National Coordinator for Health IT, the Food and Drug Administration and the Advanced Research Projects Agency for Health – on Thursday fleshed out plans for a coordinated “OneHHS” strategy for expanding AI use. (HEALTHCAREINFOSECURITY.COM)

Quantum

NSF adds 5 teams to Quantum Virtual Lab design competition

The National Science Foundation (NSF) selected five additional teams to design experimental quantum technologies under its National Quantum Virtual Laboratory program, adding $20 million in new funding to an effort to build shared national research infrastructure for quantum science and technology. The five teams, announced in a June 24 press release, will each receive $4 million over two years to refine development plans and prepare for the implementation phase. They join four teams NSF selected in September 2025, bringing the total number of design-stage projects to nine. (MERITALK.COM)

Resilience

Sustaining cybersecurity gains becomes the next challenge

Federal cybersecurity grants have helped state and local governments build stronger cyber defenses in recent years, but state leaders say the next challenge is keeping those capabilities in place as the money runs out. The issue surfaced in a panel discussion during this week’s ISAC Annual Summit,* as state cybersecurity leaders from Kansas, Minnesota and Tennessee reflected on lessons learned as the State and Local Cybersecurity Grant Program (SLCGP) winds down. Agencies and municipalities continue to spend awards from multiple funding rounds, including some of the earliest grants. However, states are focusing on how to sustain the cybersecurity capabilities built through the program as they look beyond the existing federal funding. (GOVTECH.COM)

Space

NASA tests AI medic for astronauts too far from Earth to call a doctor

NASA researchers are testing an AI clinical decision support system to help astronauts diagnose and treat medical symptoms during deep-space missions. The Crew Medical Officer Digital Assistant (CMO-DA) is powered by a Red Hat-backed open source tool called RamaLama, designed to simplify how developers run, pull, and serve AI models. While it’s no Star Trek-esque Emergency Medical Hologram (EMH) quite yet, it could be a boon to ailing astros far from home. Earlier this year, NASA decided to bring Crew-11 back from the International Space Station (ISS) early because of a medical concern. As missions venture further afield – to the Moon, Mars, and beyond – an early return may no longer be practical, while communication delays can rule out real-time consultation with doctors on Earth. (THEREGISTER.COM)

Federal AI security center measure advanced by House Science

A measure that would put into law a key federal office focused on artificial intelligence advanced Thursday out of the House Science, Space and Technology Committee, as part of a slate of AI-focused and data center bills. The committee advanced the bills on a bipartisan basis, but put off potential changes regarding funding levels for the Center on AI Standards and Innovation within the Commerce Department’s National Institute of Standards and Technology. The center was previously known as the AI Safety Institute under the Biden administration. The committee voted unanimously in favor of the bill that would codify the center, which would see its name changed to the Center for AI Security and Innovation, according to the bill text. (ROLLCALL.COM)

House lawmakers introduce bipartisan bill requiring DHS cyber logging report

Reps. James R. Walkinshaw (D-Va.) and Don Bacon (R-Neb.) on June 25 introduced bipartisan legislation that would require the Department of Homeland Security to report to Congress on gaps preventing the agency from fully meeting federal cybersecurity event logging requirements. The Cybersecurity Logging Enforcement and Accountability Reporting (CLEAR) Act would require DHS to submit a report within 180 days identifying specific gaps in resources, guidance, and policies that prevent the department from meeting all federal cybersecurity event logging requirements, and what is needed to close those gaps, according to the lawmakers. (MERITALK.COM)

House releases bipartisan water infrastructure bill

The House Transportation and Infrastructure Committee proposed bipartisan legislation Friday that would authorize infrastructure and studies addressing flood risk and other water challenges, but the package is slimmer on new projects than past versions. The Water Resources Development Act of 2026 includes 10 project authorizations and 131 new studies to be conducted by the Army Corps of Engineers. Four of the projects in the bill are new, while the other six are alterations of projects previously approved by Congress. The bill would also direct the agency to prioritize various issues and studies that have been sidelined by the Trump administration, with provisions seeking to promote nature-based and nonstructural flood solutions. (EENEWS.NET)

The Trump Pentagon appointee who has divided top Republicans

Last fall, one of the top Republicans in Congress left the Pentagon suspecting he’d been told a lie. Rep. Mike D. Rogers, chairman of the House Armed Services Committee, had learned that the Trump administration planned to remove thousands of soldiers from Romania — even as his committee demanded that the Pentagon consult with Congress before initiating any major withdrawals. So the Alabama lawmaker devised an honesty test, people familiar with his thinking said. In an October meeting with Elbridge Colby, the Pentagon’s policy chief, the congressman asked whether any troop reductions were coming. Colby, Rogers recounted in an interview with The Washington Post, said he wasn’t aware of any. (WASHINGTONPOST.COM)

COMMITTEE ACTIVITY

INTERNET: The House Judiciary Subcommittee on Courts, Intellectual Property, Artificial Intelligence, and the Internet will hold a June 30 hearing on IP and the Internet after 40.

TECH LEADERSHIP: The House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade will hold a June 30 hearing on legislative proposals to secure U.S. technology leadership.

SPACE: The House Science, Space and Technology Committee will hold a July 1 hearing on advancing America’s space weather capabilities. 

DATA: The House Administration Subcommittee on Modernization and Innovation will hold a July 1 hearing on modernizing public access to legislative data and information.

Russian intelligence services continue to target commercial messaging applications

CISA and the Federal Bureau of Investigation (FBI) issued an updated Public Service Announcement (PSA) warning of Russian Intelligence Services (RIS) cyber threat actors targeting commercial messaging applications in ongoing phishing campaigns. This PSA is an update to the March 2026 Russian Intelligence Services Target Commercial Messaging Application Accounts and provides recent tactics, recommended mitigations, and samples of phishing messages. (CISA.GOV)

TO BE INCLUDED IN THIS CALENDAR, SUBMIT YOUR SECURITY-FOCUSED EVENT FOR CONSIDERATION

GLOBAL SECURITY: Join the CSIS Defense and Security Department on June 30 for its annual Global Security Forum. This year’s conference will center on the theme “America at 250: A Defining Moment for American Statecraft and Military Power.: Through keynote addresses and expert panel discussions with government, industry, and finance experts, the Forum will examine how the tools of statecraft are being redefined and how the United States can harness innovation, rebuild industrial capacity, strengthen deterrence, and renew the foundations of leadership in a more dangerous world.

DATA SECURITY: From surveillance-capable applications to data-harvesting platforms, foreign adversaries — particularly the Chinese Communist Party — are exploiting technology to access American data at an unprecedented scale. Join Rep. Nathaniel Moran (R-Texas) for a July 2 fireside discussion with Senior Fellow Jason Hsu to discuss the congressman’s bill, H.R. 7509, the Deterring Adversarial Access to Americans’ Data Act, and Congress’s role in facilitating public-private understanding in an era of great power competition.  

SOUTH CHINA SEA: The CSIS Southeast Asia Program and Asia Maritime Transparency Initiative are pleased to present the Sixteenth Annual CSIS South China Sea Conference. This full-day conference July 7 will feature keynote addresses and in-depth panel discussions on recent developments in disputed waters and the importance of the 10-year anniversary of the landmark South China Sea arbitration. Panels will address the state of play, legal developments and dispute management, evolving alliance networks, and the role of global stakeholders. 

COMMUNICATIONS: Join the American Enterprise Institute on July 8 for an exclusive look into the questions defining the Federal Communications Commission (FCC). This public event will begin with a fireside chat, featuring the FCC’s Arpan Sura and AEI’s Shane Tews, to examine the most pressing issues before the commission.

CHINA: Join Hudson Institute’s China Center on July 10 as Miles Yu hosts a panel examining Taiwan’s experience in handling national security cases, foreign interference, technology theft, election influence, proxy networks, and gray-zone legal warfare. The discussion will explore how authoritarian influence exploits democratic openness, social trust, local networks, and legal ambiguity.

AI CYBER DEFENSE: Join the CSIS Economic Security and Technology Department on July 15 for a discussion on the growing role of artificial intelligence in cyber defense and what it means for the future of national security, critical infrastructure protection, and digital resilience. As cyber threats become more sophisticated and persistent, governments and industry are increasingly turning to AI-enabled tools to detect intrusions, automate threat analysis, strengthen network defense, and respond to attacks at machine speed.

---

FOLLOW THE McCRARY INSTITUTE ON LINKEDIN | X | BLUESKY

SUBSCRIBE TO THE CYBER FOCUS PODCAST: YOUTUBE | SPOTIFY | APPLE PODCASTS

SUBMIT A TIP