Cyber Briefing – June 8, 2026

GUARDRAILS AROUND POWERFUL AI MODELS MAY BE TOO LATE: The U.S. is scrambling to strengthen guardrails around increasingly powerful artificial intelligence models before China can catch up. It may already be running out of time, POLITICO reports. New AI models, such as Anthropic’s Claude Mythos and OpenAI’s GPT 5.5-Cyber, have advanced faster than legislation regulating the technology can keep pace. They have both shown a remarkable ability to identify software vulnerabilities and launch cyberattacks — skills that hackers and cyber adversaries are hungry to exploit. Recent estimates suggest that the U.S. has at most six to 12 months before Beijing gains access to a frontier model with prowess comparable to Mythos or GPT 5.5-Cyber or develops an AI competitor that could eventually be wielded as a cyber weapon.

• Contract manufacturing in the People’s Republic of China (PRC) poses a latent challenge to U.S. national security, according to a Jamestown Foundation brief. Offshoring to the PRC risks turning manufacturing efficiency into a driver of strategic vulnerability by helping cement the country’s centrality to the critical technologies of the future. Since the 1990s, global technology companies have relied on Chinese and Taiwanese firms operating in the PRC to produce their goods. Those companies have, often willingly, provided intellectual property, training and resources to local firms, taking advantage of lower costs and a friendly regulatory environment. The PRC’s status as the world’s preeminent manufacturing and industrial power is a direct result of these efforts. The growth of its contract manufacturing sector has enabled it to integrate into global supply chains, allowing the country to move up the development ladder by absorbing know-how, building supplier leverage, accumulating capital and engineering capability, and moving into higher-value and strategically significant segments of the industrial chain. At the same time, these dynamics have hastened the decline of manufacturing in the United States.

• The U.S. pharmaceutical supply chain faces a threat equal to the “rare earths” challenge already posed by China’s exploitation of its dominance of those critical minerals, according to a Council on Foreign Relations report. U.S. dependence on China for essential medicines is structural — deeper, broader and more consequential than conventional market analyses suggest. That dependence began with generic medicines and their ingredients but is now growing in biologics manufacturing, first-in-human trials and synthetic DNA. That dependence is not simply the result of market conditions but rather decades of Chinese state investment. The United States (and just about every other nation) faces a growing risk that China will deliberately withhold essential pharmaceutical inputs as a tool of economic or political coercion outside of a military conflict, public health emergency or natural disaster, as China has done with rare-earth critical minerals. Those risks are greatest for the subset of essential medicines and inputs that China exports directly, which include medications to prevent organ transplant rejections, broad-spectrum hospital antibiotics and a powerful blood thinner. 

WILL NEW YORK BAN DATA CENTERS?: New York moved closer toward becoming the first U.S. state to enact a moratorium on large data centers. On Thursday, the state legislature approved a one-year ban on the facilities powering the AI boom. The measure now heads to Kathy Hochul, the governor, who will decide whether to sign it into law. The Guardian spoke to a state senator in the wake of the historic vote about authoring the bill and the wider U.S. backlash against data centers. Thursday’s vote comes as anger toward data centers, and AI, sweeps the nation. Almost three-quarters of Americans oppose a datacenter project being built near their homes, according to a new Heatmap poll. Many local communities across the country, including in New York, have already enacted a patchwork of moratoriums on data centers. But some residents are feeling overwhelmed by the pace and secrecy of development – and they’re calling on state governments for help.

• The political energy is slowly beginning to catch up to voter anger. Lawmakers in both parties who have touted the centers as economic boons in their states are backpedaling, The Washington Post reports. Gov. Mike DeWine (R-Ohio) paused new tax breaks for the centers last month after an independent report estimated that they had cost the state more than $1 billion in lost revenue last year. And Republicans and Democrats running for office say they want AI companies to offset their electricity usage to tame skyrocketing power bills. But few politicians are embracing grassroots demands for a pause or ban on data center construction.

• Illinois Gov. JB Pritzker said Friday he is pausing the state’s data center tax incentives starting in July amid a push to address concerns about electricity costs and water resources that have plagued the AI infrastructure build-out nationwide, The Hill reports. He directed state officials to pause agreements under the Data Center Investment Program, which exempted data center developers and operators from certain state and local taxes and provided additional tax credits for some projects.

• A record-shattering drought has racked much of the U.S. But the artificial intelligence industry is pushing ahead regardless, with the majority of planned data centers set to be built in drought-ridden locations, a Guardian analysis has found. About two-thirds of upcoming data centers, which typically require a large amount of water to operate, are set to be built in places that have been among the driest in the country over the past year.

• A nationwide backlash against artificial intelligence data centers has a new ally: the leopards of the Nashville Zoo. The zoo, a popular destination in Tennessee’s capital city, is trying to block a proposed 69,000-square-foot data center from being built next door, NBC News reports. The zoo says that the facility would be about 50 yards from some of its animals and that the noise could disturb its residents, including a leap of leopards that hail originally from Southeast Asia. The zoo launched an online petition against the data center that, as of Friday, had more than 180,000 signatures and 25,000 shares on Facebook. 

WHAT PORT SCANNERS MISS ABOUT MILITANT SUPPLY CHAINS: At the Port of Beirut, the new scanners did exactly what they were built to do. They saw the lithium batteries. They saw the drone propellers. They saw the fiber optic cable. They matched the scans against the paperwork, found no obvious deception, and cleared the cargo. That was the problem. The threat was not hidden in any single container. It was spread across many of them, arriving over weeks, through different vessels, different companies, and different bills of lading. The AI could identify what each shipment contained, but couldn’t figure out what those shipments, taken together, might be building toward. As a board member of the Beirut Port Authority, Karim Chebaklo, writing at War on the Rocks, saw that gap as a warning no one was reading.

• Britain’s Maritime and Coastguard Agency (MCA) says it helped to develop a code of safety for future remotely operated and autonomous cargo ships, The Register reports. The executive body, responsible for maritime law and safety policy, represented the UK’s interests in working groups during development of the first non-mandatory International Code of Safety for Maritime Autonomous Surface Ships (MASS Code). This code, set to be published by the International Maritime Organization (IMO) on July 1, is the first stab at a global regulatory framework covering uncrewed cargo ships.

BILL WOULD RESTORE CYBER INFO-SHARING PROGRAM FUNDS: Sen. Mark Warner (D-Va.) is introducing legislation to permanently fund a cybersecurity information-sharing program used by thousands of state, local, tribal and territorial governments, after the Trump administration ended federal support for the effort last year, Nextgov/FCW reports. The measure would require the Cybersecurity and Infrastructure Security Agency to provide funding for the Multi-State Information Sharing and Analysis Center, or MS-ISAC, a nonprofit-run program that offers services like threat intelligence and incident response assistance to roughly 19,000 government entities nationwide. Under former Homeland Security Secretary Kristi Noem, DHS terminated CISA’s funding agreement with the Center for Internet Security, which operates MS-ISAC, and barred certain federal grant funds from being used for membership fees. Critics argued the move weakened a key mechanism for sharing cyber threat information with smaller governments that often lack dedicated cybersecurity resources.

• The Senate voted against advancing a long-term reauthorization of a key surveillance power Friday, raising the odds that Congress could need another short-term patch — or let the spy law lapse entirely, POLITICO reports. Senators voted 52-47 against taking up a House-passed three-year deal, which leaders planned to use as a vehicle for a Senate-forged agreement that was circulated earlier this week.

• Congress rarely moves fast, but Reps. Rob Wittman and Pat Ryan are trying to change that. The two lawmakers founded the bipartisan House Defense Modernization Caucus in 2024 and have driven reforms through two consecutive defense authorization acts, targeting acquisitions and other bottlenecks. Jonathan Panter at War on the Rocks sits down with both congressmen to discuss their initiatives, how a caucus without markup power actually moves legislation and whether bipartisan cooperation on defense can last.

ONGOING TARGETED CAMPAIGN AGAINST U.S. LAW FIRMS: From January through May 2026, Mandiant identified a financially motivated data theft extortion campaign executed by the threat cluster UNC3753 (also tracked as “Luna Moth,” “Chatty Spider,” and “Silent Ransom Group”) targeting dozens of organizations across professional, legal and financial services in the United States. UNC3753 leverages voice phishing (vishing) and social engineering deception techniques to achieve remote access into corporate environments. Using pretexts such as data migration or invoice related emails, the threat actors initiate phone conversations posing as IT support and convince targets to host screen-sharing sessions and download remote monitoring and management (RMM) utilities. Once inside the environment, the threat actors either directly conduct searches to locate and exfiltrate highly sensitive data, or manipulate the victim into executing these actions on their behalf. This data typically includes proprietary legal agreements, personally identifiable information (PII), and financial records for subsequent extortion demands.

OSINT YOU NEED TO START YOUR DAY: The Cyber Briefing is brought to you by the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. SUBSCRIBE

WE WANT TO HEAR FROM YOU: What would you like to see in your morning briefing? Reach out to Executive Editor Bridget Johnson with your comments and suggestions

(Watch on YouTube or click the player above)

In this episode of Cyber Focus, Frank Cilluffo speaks with Geoffrey Fowler, head of public engagement for the Youth AI Safety Institute at Common Sense Media, about why AI requires a different kind of safety framework than movies, apps, games or social media. Fowler argues that generative AI is not static content; it is dynamic, conversational, multipurpose and capable of changing from one interaction to the next based on the user, the prompt, the model and the length of the conversation. The conversation explores how AI products that appear friendly, educational or therapeutic can create new risks for children, from emotional dependency and privacy concerns to unsafe mental-health guidance and weakening guardrails over extended conversations. Fowler explains how Common Sense Media is working to build independent AI safety ratings for kids, modeled in part on crash testing for cars: transparent evaluations that help parents and schools make better decisions while pushing companies toward safer design.

SUBSCRIBE TO CYBER FOCUS: YouTube | Spotify | Apple Podcasts

Artificial intelligence

School shooting survivor sues AI gun detection firm after system failed to spot weapon

The injured teenage survivor of a January 2025 shooting at a Nashville, Tennessee high school recently sued the manufacturer of an “AI gun detection” system that failed to detect the handgun that left two dead, including the shooter. According to the lawsuit, which was filed in Davidson County court last month, the security company Omnilert either knew or should have known that there were “significant operational limitations in its gun detection system that could result in detection failures during actual emergencies, including limitations based on camera placement, proximity of the weapon to camera sensors, camera angle, lighting, and weapon visibility.” (ARSTECHNICA.COM)

Breaches

Hacked, leaked, and held for ransom: the worst breaches of 2026 so far

If anything, 2026 has made clear that cybersecurity is no longer a background concern — it’s front and center, woven into almost every major story of the year. Yes, wars are still raging, the climate keeps worsening, and we’re seemingly one dodgy sneeze away from the next global pandemic. But running beneath all of it is a digital current that touches everything: wars being fought on digital fronts as well as physical ones, governments weaponizing citizens’ own data against them, botnets quietly undermining democratic institutions, nation-state hackers targeting civilian infrastructure from power grids to water systems, and ransomware gangs holding companies and institutions hostage for massive payouts. The attacks are getting bolder, more destructive, and harder to contain. (TECHCRUNCH.COM)

Atlas Menu data breach exposes 64,000 GTA V and CS2 cheat service users

Atlas Menu, a widely used cheat service for Grand Theft Auto V and Counter-Strike 2, was hacked during May 2026, and reportedly, hackers managed to sneak into the company’s private computer servers and steal a massive file full of customer records. The data breach was confirmed and verified on June 2, 2026, by the cybersecurity firm UpGuard and the tracking site Have I Been Pwned, a free public website people use to check if their personal logins are safe. The Atlas Menu website (atlasmenu.net) went down following the incident, while there’s no official response from its owners as yet. (HACKREAD.COM)

Education

Illinois high school hit by cybersecurity incident; summer programs canceled through Tuesday

A cybersecurity incident Sunday has forced Evanston Township High School to cancel all summer school classes, sports camps and other on-campus activities through Tuesday. In an announcement Sunday, the school said after discovering a “ransomware attack” it activated its incident response procedures and contacted outside cybersecurity attorneys and forensic experts to investigate. The school also said that it is cooperating with the FBI during the investigation. It was not immediately clear what if any information may have been compromised. (EVANSTONROUNDTABLE.COM)

Health care

Thousands of patient records taken in cyberattack

One of the largest hospital trusts in England has confirmed thousands of patient test results were stolen in a cyber attack in 2024. Mid and South Essex NHS Foundation Trust (MSE), which runs Broomfield hospital in Chelmsford as well as Basildon and Southend hospitals, said the breach involved 2,380 records. The data was taken from the computer drives of a third‑party testing provider, Synnovis, that analyzed blood, urine and tissue samples. (BBC.COM)

Social media

Meta says 20,000 Instagram accounts hacked via AI tool abuse

Meta says roughly 20,000 Instagram accounts may have been hacked in a recent attack abusing an AI-powered account recovery support tool. Hackers compromised many Instagram accounts simply by asking Meta’s chatbot to link their own email address to the targeted account. This enabled the hackers to reset the account password and take control of it. Many high-profile accounts were reportedly compromised and sold on the dark web. The list of impacted accounts included those of the Obama White House, Sephora, and U.S. Space Force Chief Master Sergeant John Bentivegna. (SECURITYWEEK.COM)

Supply chain

Miasma worm hits 73 Microsoft GitHub repositories in major supply chain attack

Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories. “Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service,” reads the message when attempting to access the “Azure/azure-functions-host” repository. “If you are the owner of the repository, you may reach out to GitHub Support for more information.” (THEHACKERNEWS.COM)

WATCH: White House National Cyber Director Sean Cairncross, CISA Acting Director Nick Andersen and more top leaders at the recent McCrary Cyber Summit

Artificial intelligence

Adaptive, agentic AI worms loom as next enterprise threat

AI adaptive worms will be autonomous agents that rapidly self-propagate by searching for zero-day bugs, known but unpatched software flaws, and unprotected secrets — and they will be able to do this across multiple environments, morphing dynamically as they go. To get ahead of this evolution, AI/machine learning (ML) security researchers at the University of Toronto, the Canadian AI incubator Vector Institute, enterprise-software firm ServiceNow, and the University of Cambridge created a proof-of-concept (PoC) agentic AI worm that spreads by adapting to each new environment, searching for vulnerabilities, and creating programs to exploit the systems. (DARKREADING.COM)

Health care

Infosecurity Europe: Reactive security is failing healthcare organizations, experts warn

Healthcare organizations (HCO) must embrace AI-powered tools to spot and contain threats faster, or continue to risk potentially fatal consequences for patients, experts have warned. Speaking at Infosecurity Europe on June 4, Cyber Salus CEO, Sher Baig, said HCOs across the globe face the same threats and operational constraints. Legacy infrastructure, hyper-connectivity and human fatigue are fomenting a perfect storm of risk, he argued. In rare cases, breaches can lead to patient fatalities. “If there was ever an industry where the potential harm bad actors can do is directly correlated to human impact, it’s healthcare,” Baig told attendees. (INFOSECURITY-MAGAZINE.COM)

Malware

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. The researchers found samples for ARM, MIPS, PowerPC, SuperH, x86, x86_64, and other architectures, featuring exploits for DVRs, routers, video management platforms, and Android-based devices. The botnet was seen targeting a Japanese technology company, but researchers discovered that the source IP address was for a device located in Germany. (BLEEPINGCOMPUTER.COM)

Lucid stealer hits 18 browsers, crypto wallets and Discord tokens

A new, fully featured Lucid Stealer build that combines large-scale credential theft with hidden remote access. The sample, distributed through Telegram-linked underground channels, is not a simple packed executable but a Lucid-branded information stealer and RAT wrapped inside a legitimate Node.js Single Executable Application (SEA). Static analysis recovered an embedded JavaScript loader and decrypted core payload without executing the sample, giving high confidence in the findings and a clear view of operator capabilities and infrastructure. (GBHACKERS.COM)

Phishing

Suspicious Polyfill login prompts pop up on Toshiba, Muji websites

Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. Both Japanese companies advised users who entered their account login data in the authentication screens to change their passwords to access the service. The login pop-ups were generated by the external service hosted at polyfill[.]io, which in 2024 introduced malicious code in scripts delivered by its CDN. (BLEEPINGCOMPUTER.COM)

Spyware

Android spyware Asin targets Arabic users via fake news, PDF and war map apps

Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites mimicking utilities, war-related updates, and a government news source. (THEHACKERNEWS.COM

Vulnerabilities

SolarWinds Serv-U vulnerability exploited in the wild

CISA on Friday warned of attacks targeting a SolarWinds Serv-U vulnerability that had been patched a couple of days earlier. Tracked as CVE-2026-28318 (CVSS score of 7.5), the bug is described as a denial-of-service (DoS) issue that can be exploited via specially crafted POST requests to crash the Serv-U service. Successful exploitation of the security defect does not require authentication, SolarWinds warned on Thursday. The flaw was addressed in Serv-U 15.5.4 Hotfix 1. SolarWinds encourages all customers to download and install the hotfix, including those who recently upgraded to Serv-U 15.5.4. (SECURITYWEEK.COM)

China

VerdantBamboo deploys BSD variant of BRICKSTORM on Linux appliances

A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with hacking groups known as Clay Typhoon (Microsoft), UNC5221 (Google), and Warp Panda (CrowdStrike). (THEHACKERNEWS.COM)

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. An investigation into the incident revealed that the threat actor had gained access to the victim network at least 18 months before detection, and had also compromised the victim organization’s managed services provider (MSP). UNC5221 is also tracked as VerdantBamboo and has been involved in attacks that exploited zero-day vulnerabilities in edge devices since at least 2023. (BLEEPINGCOMPUTER.COM)

Feds say U.S. citizen gathered information on American targets for Chinese Communist Party

An American citizen admitted to working on behalf of Chinese intelligence operatives for years, helping gather information on U.S. targets and attempting to penetrate American political circles, according to federal authorities. Thomas Weir Pauken II, 50, pleaded guilty Thursday to acting inside the U.S. as an agent of the People’s Republic of China without notifying the attorney general, the Department of Justice announced. The guilty plea prompted a stark warning from the FBI, which said the case demonstrates how far the Chinese Communist Party is willing to go to collect intelligence and influence activities inside the U.S. (FOXNEWS.COM)

Iran

Iran severely damaged U.S. air ops center in Qatar soon after war began

The command center that ran America’s air campaigns in the Middle East for over two decades took a direct hit during the U.S. war with Iran and was severely damaged, a senior U.S. official and other people informed about the attack told Air & Space Forces Magazine. The facility was not in use at the time and no injuries were reported. Multiple Iranian missiles struck the Combined Air Operations Center at Al Udeid Air Base, Qatar during the early weeks of the war, rendering it inoperable. Yet the Iranian missile attacks didn’t interfere with Operation Epic Fury’s air campaign, which began on Feb. 28, or the more limited airstrikes conducted since the tenuous ceasefire reached in early April. (AIRANDSPACEFORCES.COM)

North Korea

Xi gets warm North Korea welcome as Kim draws nuclear red line

Chinese President Xi Jinping received an elaborate welcome in North Korea, aiming to reassert Beijing’s influence over its neighbor with an expanding nuclear arsenal and a deepening alliance with Russia. Xi’s two-day visit marks his first to North Korea in seven years and comes after he hosted US President Donald Trump and Russia’s Vladimir Putin in Beijing for high-profile summits. Xi’s trip underscores his efforts to remind the world that Beijing remains Pyongyang’s most important political patron and economic lifeline, even as North Korea’s defense partnership with Russia has provided new diplomatic leverage. (BLOOMBERG.COM)

The world’s most surprising economic success story is … North Korea

North Korea is the world’s most unlikely growth story. Its economy is flourishing in ways not seen in years, aided by arms sales and troop deployments to Russia, supplies and financing from China, and the ability to flout international sanctions to import more energy, components and materials. Chinese leader Xi Jinping traveled to North Korea this week for his first foreign trip of the year. The Kim regime slammed its borders shut during the Covid-19 pandemic. It has since reopened to only a select few outsiders, including Russian and Western travelers and diplomats. Those visitors describe a North Korea unrecognizable from the past, especially its capital, Pyongyang, where Kim and the country’s elite live. (WSJ.COM)

A ‘miraculous transformation’: How Kim Jong-un fortified North Korea

During the pandemic, the North Korean leader Kim Jong-un, who had long billed himself as invincible, made a stunning, teary-eyed apology on national television. “I am really sorry,” he said, as the coronavirus, coupled with food shortages and international sanctions, was ravaging his country. “My efforts and sincerity have not been sufficient enough to rid our people of the difficulties in their life.” But while ordinary North Koreans were suffering, Mr. Kim, 42, seized the crisis as a unique opportunity. Now, he is brimming with confidence. He is recognized at home and abroad as North Korea’s most powerful leader to date, surpassing even his grandfather, the country’s founder, because he has achieved the status of a de facto nuclear power. (NYTIMES.COM)

Threat actors

Pink is the latest goon squad to use fake helpdesk calls to steal creds

A new extortion brand called Pink – which may be a rebrand of BlackFile – uses voice phishing and fake help-desk calls to gain initial access to organizations’ IT environments, steal their sensitive data, and threaten to leak it unless the victims pay a ransom demand. Palo Alto Networks’ Unit 42 first spotted the gang, which it tracks as cluster CL-CRI-1147, and its data-leak site, which went live on May 31. “Pink uses vishing and IT impersonation to phish credentials/MFA, then exfiltrates enterprise cloud storage and productivity data to extort victims,” the threat-intelligence biz said in a LinkedIn post. Google Threat Intelligence is not so sure it’s a new gang, however. (THEREGISTER.COM)

Artificial intelligence

How do AI data center fires start?

A researcher at Texas A&M University is exploring the increased fire risks associated with the rise of AI data centers. According to a university announcement Tuesday, chemical engineering Ph.D. students Tylee Kareck and Chi-Yang Li published a paper, with George Washington University and the University of California, Berkeley, that analyzes the common causes of such fires and provides strategies for reducing risk. “Our work provides insights to assess fire risk so engineers can design safer and more resilient data centers,” Qingsheng Wang, a professor in the Artie McFerrin Department of Chemical Engineering, who contributed to the paper, said in the announcement. (EDSCOOP.COM)

Nearly 1 in 5 U.S. adolescents and young adults use AI chatbots for mental health advice

Use of artificial intelligence chatbots for mental health advice among U.S. adolescents and young adults rose by more than 40% over the past year, with nearly 1 in 5 now reporting they have used AI tools for support, according to a new study. The study found that 19.2% of young people ages 12 to 21 said they had used AI chatbots such as ChatGPT, Gemini, Character.AI and Meta AI for advice or help when feeling sad, angry, nervous or stressed. That is up from 13.1% in a similar RAND survey conducted a year earlier and is similar to the 19.8% who reported receiving counseling from a mental health professional. (RAND.ORG)

Defense

Spectrum management: DoD and the National Telecommunications and Information Administration should improve external collaboration

The electromagnetic spectrum is a critical resource for many uses including national defense and commercial wireless services. Since more than one user operating on the same frequency can disrupt transmissions, the Department of Defense (DoD) must coordinate its spectrum use. It does so with other federal agencies and nonfederal entities, such as private sector companies and other organizations. This coordination occurs through a National Telecommunications and Information Administration (NTIA) committee. In doing so, DOD generally follows leading collaboration practices. For instance, DOD policy and practices provide for defined roles, established processes, and regular communication, which are each leading collaboration practices. Agency officials and private-sector stakeholders said DOD secures the frequency assignments it needs while addressing potential interference and other concerns with other users. (GAO.GOV)

France to test its own AI-powered battlefield command in June NATO exercise

France will test its artificial intelligence-powered battlefield command system with allies during a NATO interoperability exercise this month, as an alternative to the Maven Smart System developed by Palantir Technologies, said Gen. Patrick Justel, deputy chief of the French Army staff. The French have been developing the system with local companies including Mistral AI, Safran.AI, Thales and Airbus, Justel said in a media briefing on Thursday. The French Army has already tested the system, dubbed Arcadia, in exercises including Dacian Fall in Romania and Orion 26 in France. (DEFENSENEWS.COM)

Drones

Under ‘Drone Dominance’ push, Pentagon begins receiving small drones

The Pentagon has begun accepting small, one-way attack drones as part of its larger push to boost production and provide every squad with the weapon later this year, according to the program’s website. In total, the Department of Defense has ordered a total of 20,000 small, first-person view (FPV) drones from 10 of the top 11 vendors that competed in its Gauntlet 1 competition, according to the Drone Dominance “Leaderboard” website. That figure is 10,000 shy of the previously predicted order figure, though the company in third place, Napatree, has not yet been awarded a deal. (BREAKINGDEFENSE.COM)

Why unauthorized drone incursions are ‘a clear and present issue’ for US Transportation Command

In an era when unauthorized drone incursions at U.S. military installations are surging, these disruptions pose a particularly unique threat for U.S. Transportation Command. “It is a clear and present issue that we have to pay attention to,” Transcom Commander Gen. Randall Reed said Wednesday. “So, yes, we have conversations in that realm — and we have done so quite frequently.” During a 3-day trip to five locations around Colorado and California last week, Reed heard from Transcom’s civilian and commercial partners and multiple military personnel about the urgent need to keep both U.S. defense installations and civilian transportation nodes open and safe from adversarial or unidentified drones. (DEFENSESCOOP.COM)

Energy

DOE’s Alex Fitzsimmons on energy markets, AI, renewables and more

U.S. Department of Energy Associate Deputy Secretary of Energy Alex Fitzsimmons has a message for electric utilities from the Trump administration: “We all have the same goals” for affordable, reliable and secure energy systems. Fitzsimmons sought to deliver that message at the Edison Electric Institute’s annual conference in Las Vegas this week, where the dominant theme was balancing demand growth with affordability — underscored by the presence of dozens of protesters who disrupted the conference to demand action on rising electricity costs. Utility Dive caught up with Fitzsimmons at the conference to talk electricity markets, rising demand, coal plant emergency orders and more. (UTILITYDIVE.COM)

In Massachusetts, parked EVs will start feeding the grid this summer

After the school year ends in the Massachusetts towns of Acton and Boxborough, the district’s electric buses will mostly stay put in a parking lot. But they won’t sit idle all summer. The three vehicles will charge up their nearly 200-kilowatt-hour batteries overnight, when the power supply is at its cleanest and cheapest, then send energy back to the grid from 4 p.m. to 7 p.m. on days when the grid is strained. The district will earn revenue for the power it shares, perhaps even enough to cover the costs of charging up during the school year, said Kate Crosby, energy manager for the Acton-Boxborough school district. Plus, the strategy will help lower the emissions and cost of the region’s electricity supply. (CANARYMEDIA.COM)

IT modernization

EU unveils tech sovereignty package to cut reliance on U.S., Chinese suppliers

The European Commission proposed a sweeping set of laws and strategies this week aimed at reducing the European Union’s reliance on foreign technology, amid concerns that its long-standing tech dependencies are becoming a security vulnerability. Spanning semiconductors, cloud computing, artificial intelligence and open-source software, the proposals amount to what the Commission’s tech lead Henna Virkkunen called “a major shift in how Europe approaches technological sovereignty.” The package bundles two draft laws — a Chips Act 2.0 and a Cloud and AI Development Act (CADA) — alongside an Open Source Strategy and a roadmap for digitalizing the energy system, intended together to “help widen choice in core technologies for EU businesses, citizens and public administrations.” (THERECORD.MEDIA)

Leadership

Ashley Devoto named Air Force, Space Force CIO

The Department of the Air Force has tapped Ashley Devoto — a veteran and cybersecurity expert — as its new chief information officer, the department announced Thursday. Devoto enters the role after the department has been without a permanent CIO for over a year following the departure of Venice Goodwine in March 2025. With a decades-long career in cybersecurity fields, Devoto will now oversee the Air and Space Forces’ modernization and sustainment efforts for information technology and more. (DEFENSESCOOP.COM)

Sriram Krishnan is leaving his role as White House AI advisor

Krishnan, who’s been serving as a senior policy advisor on artificial intelligence at the White House, was one of a number of tech industry figures to take roles in the second Trump administration. Krishnan has led product teams at Microsoft, Twitter, Yahoo, Facebook, and Snap, and he was most recently a partner at Andreessen Horowitz, a firm whose founders threw their support behind Trump during the 2024 election. (TECHCRUNCH.COM)

Nuclear

Small modular nuclear reactor reaches criticality in first test

Just over a year ago, the Trump Administration issued an executive order meant to accelerate the development of nuclear power in the US. While an entire startup ecosystem has developed around the use of different — and typically smaller — reactor designs, only one of them has been fully licensed so far, and there are no plans to actually build any instances of that design. The executive order directed the Department of Energy to have three different reactor designs reach criticality in a bit over a year. On Thursday, a startup called Antares announced that a test reactor it had placed at the Idaho National Laboratory had reached criticality, making it the first new design to cross this threshold. Criticality means that the nuclear reactions inside the hardware had become self sustaining; it does not mean the reactor had started to generate power. (ARSTECHNICA.COM)

Regulations

Two-thirds of open source community unaware of Cyber Resilience Act

A leading open source security body has warned of “stagnating awareness and structural unreadiness” in the community ahead of a key December 2027 deadline for compliance with the Cyber Resilience Act (CRA). The CRA is an EU effort to introduce minimum security standards for hardware and software products sold in the region. Manufacturers must build security into their products from planning to end of life, including handling vulnerability management and managing software supply chain risks. (INFOSECURITY-MAGAZINE.COM)

Workforce

Air Force, Space Force seek 6,000 civilian hires in wake of DOGE cuts

The Air Force and Space Force are asking for funds to hire more than 6,000 civilians in fiscal 2027, a sharp reversal from a year ago when the budget request slashed about 5,700 full-time jobs. About 70 percent of the new civilian jobs included in the Department of the Air Force’s budget request aim to fill vacancies created by the Department of Government Efficiency commission or related executive orders. (AIRANDSPACEFORCES.COM)

Lawmakers aim to force the Army to detail its transformation plans

When the Army launched its “transformation initiative” a year ago, lawmakers immediately implored service leaders to show their work as they made plans to buy new things and get rid of old ones, including the cost tradeoffs and a timeline. They didn’t get those answers, so House lawmakers have inserted a requirement for an annual report and briefing into this year’s defense authorization bill. On Thursday, the House Armed Services Committee completed its markup on the bill, adding detailed instructions for an annual update on the Army Transformation Initiative — and also the Army’s Transformation-in-Contact/Continuous Transformation efforts, requiring specifics on new capabilities and ones that have been phased out. (DEFENSEONE.COM)

MORE: House lawmakers want the Navy to deploy drone boats faster (DEFENSEONE.COM)

Three highlights in latest DHS spending bill

Congress just passed fiscal 2026 appropriations for most of the Department of Homeland Security in May, but lawmakers are already moving forward with crafting a 2027 budget for DHS. The House Appropriations Committee’s homeland security subcommittee passed its version of the 2027 DHS spending bill on Thursday. The Republican-led committee passed the bill along party lines. The DHS spending bill’s specifics, particularly around border security and immigration enforcement agencies, could change as Republican leaders move forward with a new reconciliation bill. (FEDERALNEWSNETWORK.COM)

‘A lot to fix’: VA needs an IT program management office, CIO nominee says

The Veterans Affairs Department needs a technology program management office, and Gary Shatswell said he’s the man to do it in a Senate Veterans’ Affairs Committee hearing Wednesday. Shatswell, the nominee for the department’s CIO and information and technology assistant secretary, told the panel he is an industry-trained problem solver and, if confirmed, would make instituting a PMO one of his first tasks. “We need a culture of transparency and accountability, achievable through agile program management, which will also accelerate mission delivery,” he said. (FEDSCOOP.COM)

COMMITTEE ACTIVITY

TRANSPORTATION: The Senate Commerce, Science and Transportation Subcommittee on Surface Transportation, Freight, Pipelines, and Safety will hold a June 9 hearing to examine how technological advances are driving transportation innovation.

CISA adds one known exploited vulnerability to catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2026-28318 SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. (CISA.GOV)

TO BE INCLUDED IN THIS CALENDAR, SUBMIT YOUR SECURITY-FOCUSED EVENT FOR CONSIDERATION

MARITIME: The Stephenson Ocean Security Project highlights the ways that global security challenges arise from marine resource competition and works towards solutions that support sustainable development, coalition building, and the need for American leadership. This year’s forum on June 9 will discuss the escalating pressure facing global maritime governance from a variety of crisis points and how this pressure is affecting shared governance of the maritime commonwealth and our ability to grapple with common challenges including marine resource management, illegal fishing, supply chain transparency, and human rights at sea. This year’s forum is co-hosted in partnership with the CSIS Human Rights Initiative.

AI ECONOMY: How can AI be deployed effectively to enhance economic mobility and ensure the benefits of AI systems are reaped widely? On June 10, the Brookings Center on Regulation and Markets will host a fireside chat with Neil Thompson, director of the FutureTech project at MIT, to explore the intersection of AI and economic mobility. 

DIB: Join Hudson Institute for a June 11 fireside chat between Hudson Senior Fellow Nadia Schadlow and Deputy Assistant Secretary for Industrial Base Growth and Director of the Office of Small Business Programs James Mismash. The discussion will explore current efforts to strengthen the defense industrial base, expand industrial capacity, and foster greater participation and competition across the national security ecosystem.

AI AND THE WORKFORCE: Join AEI for the June 11 launch of the Commission on AI and the Future of the American Workforce, a joint initiative of the American Enterprise Institute and the Urban Institute. This commission brings together leaders from industry, labor, academia, and government to develop an actionable policy framework for AI-driven employment disruption. Hear from the commission co-chairs — former Speaker of the House Paul Ryan and former US Secretary of Commerce Gina M. Raimondo — as well as AEI President Robert Doar, and Urban Institute President Sarah Rosen Wartell as they unveil the commission’s mission and approach.

SECURITY POLICY: From AI and drone warfare to global alliances and economic security, America and its allies need “New Rules” to compete, deter, and win in the 21st century. Join leading voices in national security for an exclusive, all-day Center for a New American Security conference on June 11 at the forefront of today’s most consequential issues — from AI and cybersecurity to the latest developments in Iran, economic statecraft, and America’s strategic readiness across the world.

NORTH KOREA: On June 12 join the Indo-Pacific Security Initiative (IPSI) of the Atlantic Council’s Scowcroft Center for Strategy and Security for the launch of Nonresident Senior Fellow Jieun Baek’s latest book, “Privileged but Powerless.” Baek’s second book on North Korea draws on hundreds of hours of rigorous fieldwork and interviews with defectors to examine a surprising yet critical vector of regime instability. In a fireside chat, Baek will discuss how North Korea’s system of privilege and control shapes elite insecurity at the highest levels of the regime.

HYBRID WARFARE: On June 15 the Atlantic Council’s Eurasia Center will host an expert discussion on how the United States can best counter malign Russian and Chinese hybrid operations. Moscow and Beijing have long pursued campaigns of subversion, sabotage, and subterfuge against the West. Today, those efforts appear to be converging. Many of Beijing’s dual-use technologies have been instrumental in sustaining Russia’s war against Ukraine. Eurasia Center Senior Director and former US Ambassador to Ukraine John Herbst moderates a conversation on what the Russia-China hybrid axis means for Washington and its allies.

DIGITAL INFRASTRUCTURE: On June 16 the Atlantic Council’s Democracy + Tech Initiative will host a discussion to launch a new report examining the future of global connectivity financing and strategic competition over digital infrastructure. As China expands its Digital Silk Road through state-backed financing and integrated technology offerings, the United States and its allies face growing pressure to develop a credible alternative for expanding internet access in underserved markets. 

DIB: Join CNAS on June 16 for a fireside conversation with DoD’s Michael Cadenazzi examining the challenges and priorities shaping U.S. munitions production and defense industrial base policy. This event will examine how policymakers, industry partners, and acquisition officials can work together to build the surge capacity the United States needs, in a focused conversation on the future of U.S. munitions production and defense industrial base policy.

NUCLEAR: Why does the U.S. struggle while nuclear leaders such as China and France succeed? A combination of standardized designs, predictable regulation, and rapid regulatory approval all appear to play a role. And while bipartisan support for nuclear energy has grown due to its role in AI-driven energy demand and climate goals, political anxieties in the United States persist. Join AEI on June 18 to dissect the economic, regulatory, and political tensions that keep the U.S. lagging behind when it comes to nuclear energy.

MARITIME SECURITY: Please join the CSIS Defense and Security Department (DSD) and the U.S. Naval Institute (USNI) on June 18 for a Maritime Security Dialogue event featuring Lieutenant General Eric Austin, USMC, CG, MCCDC / DC, CD&I / PAE-MC. LtGen Austin will sit down with Dr. Seth G. Jones, president, CSIS Defense and Security Department, to discuss the future growth of the Marine Corps, lessons from the recent wars in Ukraine and the Middle East, and implications for the Indo-Pacific. Rear Admiral Raymond A. Spicer, USN (Ret.), chief executive officer and publisher, U.S. Naval Institute, will offer opening remarks. 

NUCLEAR: For the first time, the United States is preparing to deter two nuclear adversaries­­­, Russia and China. In today’s post-New START environment, U.S. adversaries remain committed to weakening American resolve and undermining Washington’s commitment to its allies. Join Hudson Senior Fellow and Keystone Defense Initiative Director Dr. Rebeccah Heinrichs and Administrator of the National Nuclear Security Administration Brandon Williams for a June 18 discussion on the administration’s priorities in strengthening the U.S. nuclear enterprise.

AI AND EXPORT CONTROL: Join House Foreign Affairs Committee Chairman Brian Mast and Senator Jim Banks for a June 25 fireside chat hosted by the Hudson Institute on Congress’s role in U.S. export control strategy to outcompete China in technology and AI development. The conversation will examine ways to close loopholes, guard America’s most critical technologies, and prevent Beijing from leveraging American innovation against American interests. 

GLOBAL SECURITY: Join the CSIS Defense and Security Department on June 30 for its annual Global Security Forum. This year’s conference will center on the theme “America at 250: A Defining Moment for American Statecraft and Military Power.: Through keynote addresses and expert panel discussions with government, industry, and finance experts, the Forum will examine how the tools of statecraft are being redefined and how the United States can harness innovation, rebuild industrial capacity, strengthen deterrence, and renew the foundations of leadership in a more dangerous world.

---

FOLLOW THE McCRARY INSTITUTE ON LINKEDIN | X | BLUESKY

SUBSCRIBE TO THE CYBER FOCUS PODCAST: YOUTUBE | SPOTIFY | APPLE PODCASTS

SUBMIT A TIP