Cyber Briefing – June 9, 2026

WHAT’S INSIDE THE AI NSPM: President Donald Trump on Friday signed a national security memo aimed at speeding up government use of advanced artificial intelligence across the military and intelligence community, while also trying to harden those systems against foreign theft and manipulation, Nextgov/FCW reports. The National Security Presidential Memorandum reflects a growing view inside the White House that U.S. security agencies are moving too slowly to adopt frontier AI tools, even as the evolving technology improves rapidly and rivals like China seek ways to craft their own versions. It calls for agencies like the FBI, the Office of the Director of National Intelligence and the Office of the National Cyber Director to build “deep, proactive” relationships with AI companies so that cutting-edge models can be made available to national security personnel faster. 

• Overall, NSPM-11 aims to accelerate adoption of AI in national security. It seeks to streamline procurement, expand training and enhance security in close collaboration with America’s leading tech firms, while revoking Biden-era guardrails it sees as too restrictive. But the memo also orders the “termination for default or for convenience” of contracts with any company that tries to restrict how the government uses its AI, as the administration alleges Anthropic did, with strictly limited waivers allowed for pressing needs, as reportedly is the case at NSA, Breaking Defense reports.

• Quarantine buys time, but it isn’t a cure. The most critical steps in the Covid-19 pandemic response came after lockdowns bought breathing room: fine-tuning vaccines, mass-producing them and distributing them before the clock ran out. Cyber defense is in the same race. Frontier AI can already find vulnerabilities faster than humans can patch them, and the response so far — highly capable models granted to a trusted few — is a kind of quarantine that buys cyber defenders a head start, Shaun Ee and Jam Kraprayoon write at Lawfare. But a head start means nothing if squandered. Just as Operation Warp Speed defined the U.S. pandemic response, cyber defense needs a bold push to make the best of this critical window: triaging defenders, translating models into deployable tools and distributing those tools at scale.

RESPONSIBLE DISCLOSURE IN THE AGE OF AI: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models are now capable of autonomously identifying exploitable software vulnerabilities at unprecedented speed and scale. This development exposes decades of accumulated technical debt created by a software industry that prioritized rapid deployment over secure-by-design engineering practices. Drawing on the evolution of software assurance, vulnerability disclosure frameworks and U.S. cyber policy, this perspective argues that the current moment represents a strategic inflection point for governments, industry and critical infrastructure operators. McCrary Institute senior fellow Melissa Hathaway, writing at The Cyber Defense Review, examines the growing tension between offensive and defensive equities in cyberspace, the emergence of AI-enabled vulnerability discovery capabilities in both the U.S. and China, and the increasing risks posed by unsupported legacy systems and AI-assisted code generation practices. Responsible disclosure can no longer remain a reactive or fragmented process, but must become a coordinated national and international resilience effort involving governments, software vendors, infrastructure operators and emergency response organizations. The article concludes with an urgent call for accelerated remediation, large-scale patch management coordination and sustained investment in automated vulnerability repair capabilities before adversaries exploit this rapidly narrowing window of opportunity.

LIST OF FIRMS LINKED TO CHINA’S MILITARY GROWS: The Pentagon added a slew of Chinese companies, including Alibaba Group, Baidu Inc and carmaker BYD, to a list of entities it believes have aided the Chinese military, complicating the fragile diplomatic relationship between Washington and Beijing, CNBC reports. The Defense Department published an updated “1260H list” Monday evening stateside — a roster of companies the Pentagon considers affiliated with China’s military or defense industrial base. The designations do not impose sanctions explicitly, but mean the Defense Department will be prohibited from contracting directly with listed companies starting later this month, and from procuring their products or services through third parties beginning in June 2027. 

• Western companies are pouring money into Brazil’s rare-earth industry, hoping the South American nation can help loosen China’s grip on the minerals used in electric vehicles, wind turbines and advanced weapons, The Wall Street Journal reports. Miners are racing to develop deposits across Brazil, which holds the world’s second-largest rare-earth reserves after China. But their ambitions extend beyond digging up ore. Companies and government officials say they want to build processing plants that can separate rare earths, produce metals and eventually manufacture magnets. The realization of that ambition would represent a much bigger challenge to China. While Beijing holds roughly half of global rare-earth reserves, it controls more than 90% of processing and magnet production, giving it a dominating influence over global supply chains.

TESTS SUGGEST RUSSIA CAN JAM GPS ON A CONTINENTAL SCALE: Russian satellites have been identified as the cause of mysterious, seconds-long bursts of GPS interference across Europe — a rare example of human-made GPS interference coming from space. But uncertainty still hangs over whether such interference is intentional and if it could be more powerfully weaponized as GPS jamming with continental reach in the future, Ars Technica reports. The discovery came from an investigation detailed in a June 2 preprint paper by Todd Humphreys and his student Zach Clements at The University of Texas at Austin, along with Argyris Krizise at Stanford University in California. By sifting through public data from ground-based stations with global navigation satellite system (GNSS) receivers, they identified a pattern of high-powered interference lasting less than 10 seconds each time but simultaneously detectable by ground stations across Europe from Norway to Spain to Poland, and even reaching as far west as Greenland and Canada.

• The foundation of global space law that has governed human activity outside Earth for nearly six decades may be approaching a breaking point, according to a new analysis by two astronomers who argue that the legal framework created during the Cold War is inadequate for an era of commercial spaceflight, global political instability and growing militarization of orbit, The Debrief reports. The study, published in Frontiers in Space Technologies, argues that the 1967 Outer Space Treaty (OST), long regarded as the foundation of peaceful space exploration, confronts mounting challenges from transforming global power shifts, increasing orbital competition and the emergence of private companies as dominant players in space activities.

DEFENDING THE KEY TERRAIN OF AI INFRASTRUCTURE: For Iran, targeting data centers served multiple strategic ends within a single effort. Hitting those centers allowed it to punish economically vital US companies, as well as the regional organizations that host data on those companies’ servers, and served as an unambiguous threat that further attacks on digital infrastructure were likely if Iran’s demands were not met. But these strikes indicate that a broader strategic shift is already underway, Jason Vogt and Nina A. Kollars write at the Modern War Institute at West Point. For adversaries looking to impose costs, signal resolve or disrupt military operations, data centers make attractive targets. They are large, fixed sites that are costly to build. They are also dependent on local power, water and data transmission infrastructure, which can also be targeted. Attacking them not only harms the data center operator, but all the organizations that rely upon it for data storage, networking or AI integration. This has the potential to compound effects, as multiple entities experience degradation or loss from a single action.

OSINT YOU NEED TO START YOUR DAY: The Cyber Briefing is brought to you by the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. SUBSCRIBE

WE WANT TO HEAR FROM YOU: What would you like to see in your morning briefing? Reach out to Executive Editor Bridget Johnson with your comments and suggestions

(Watch on YouTube or click the player above)

In this episode of Cyber Focus, Frank Cilluffo speaks with Geoffrey Fowler, head of public engagement for the Youth AI Safety Institute at Common Sense Media, about why AI requires a different kind of safety framework than movies, apps, games or social media. Fowler argues that generative AI is not static content; it is dynamic, conversational, multipurpose and capable of changing from one interaction to the next based on the user, the prompt, the model and the length of the conversation. The conversation explores how AI products that appear friendly, educational or therapeutic can create new risks for children, from emotional dependency and privacy concerns to unsafe mental-health guidance and weakening guardrails over extended conversations. Fowler explains how Common Sense Media is working to build independent AI safety ratings for kids, modeled in part on crash testing for cars: transparent evaluations that help parents and schools make better decisions while pushing companies toward safer design.

SUBSCRIBE TO CYBER FOCUS: YouTube | Spotify | Apple Podcasts

Breaches

Hacker claims breach of Aussie travel agency FirstClass; 53k customers potentially impacted

A hacker with a penchant for targeting Australian organizations is claiming to have added another victim to their growing list of data breaches. The threat actor, 2019, a prominent member of a popular underground hacking forum, said in a 3 June post that they had gained access to the data of more than 53,300 customers of the luxury travel website, FirstClass.com.au. According to the hacker, the compromised data includes names, email addresses, phone numbers, IP addresses, account status, and preferred airport. (CYBERDAILY.AU)

Education

Oxford University discloses data breach after careers platform hack

The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised. This platform is also used by other UK educational organizations, such as King’s College London and the University of Manchester, to run their institution-specific career hubs. Founded in 1096, Oxford is a collegiate research university comprising 43 autonomous colleges with more than 26,000 students and over 5,900 research, teaching and research support staff, and is the oldest university in the English-speaking world. (BLEEPINGCOMPUTER.COM)

174,000 impacted by Lansing Community College data breach

Lansing Community College (LCC) is notifying over 174,000 people that their personal information was compromised in a data breach more than one year ago. The incident was identified in February 2025, roughly one week after hackers gained access to some of its systems using compromised credentials, the Lansing, Michigan public community college says in notification letters sent to the impacted individuals. Working with third-party cybersecurity experts, LCC determined that the hackers accessed personal information such as names, addresses, dates of birth, driver’s license details, and Social Security numbers. (SECURITYWEEK.COM)

Financial

SoFi confirms third-party data breach at Hong Kong subsidiary

SoFi Hong Kong is warning that it suffered a data breach after hackers gained access to a database at a third-party vendor containing customer information. The company is a U.S.-based financial technology company that offers banking, investing, loans, and other personal finance services. The company also operates SoFi Hong Kong, which provides investment and securities services to customers in the region. In emails sent to customers and shared with BleepingComputer, SoFi said it discovered the incident on April 30, 2026, after detecting unauthorized access to a database of SoFi Securities (Hong Kong) Limited via one of its vendors. (BLEEPINGCOMPUTER.COM)

2019 claims cyber incident on Aussie ASX and financial market research firm

Kalkine Media is an ASX share market news and research firm, which aims to deliver investment insights to its customers using its own technology platform. The firm operates in Australia, Canada, New Zealand, India, the UK, and the USA. Over the weekend (6 June), threat actor 2019 listed Kalkine Media on an infamous cyber crime forum, claiming to have stolen the personal data of over 2,900 customers. According to the listing, allegedly stolen data includes customer names, ID numbers, email addresses, phone numbers, call status details, call ID details and more. According to threat researcher Dark Web Informer, some details pertain to what appears to be agentic AI call recordings. (CYBERDAILY.AU)

Maritime

Qilin ransomware claims hack of major New York/New Jersey Shipping Association

The Qilin ransomware gang on Monday claims to have hacked the Shipping Association of New York & New Jersey (SANYNJ), a major maritime industry group responsible for cargo movements at one of North America’s busiest ports. The notorious ransomware group posted the maritime membership organization on its dark leak site Monday morning. Although Qilin provided few details in the victim entry, the Russian-speaking cybercriminal cartel posted a link claiming to have already “publicated” whatever data it allegedly stole from the massive organization. (CYBERNEWS.COM)

Spyware

Meta alleges NSO violated spyware injunction with new WhatsApp attacks

Meta on Monday accused spyware maker NSO Group of violating a court order that barred it from targeting users of WhatsApp. “WhatsApp caught and disrupted spear phishing attempts linked to NSO, a spyware firm blacklisted by the US government,” WhatsApp owner Meta said in an announcement. Meta said it is asking a court “to hold NSO in contempt for violating a permanent injunction that barred them from ever targeting WhatsApp and its users.” NSO is an Israeli company that developed the Pegasus spyware. The U.S. government added NSO to the Entity List in 2021, saying it “developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.” (ARSTECHNICA.COM)

Supply chain

Hades PyPI attack: 19 packages poisoned to auto-run Bun credential stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems. “The compromised releases shipped a *-setup.pth file that attempts to execute automatically during Python startup, download the Bun JavaScript runtime, and run an obfuscated JavaScript payload named _index.js,” Socket said in a new analysis. (THEHACKERNEWS.COM)

WATCH: White House National Cyber Director Sean Cairncross, CISA Acting Director Nick Andersen and more top leaders at the recent McCrary Cyber Summit

Malware

Hackers clone Ghidra, dnSpy and other tool sites to spread malware

A network of fake websites is trapping unsuspecting users by claiming to be official download pages for free tools like Ghidra, dnSpy, ILSpy, and CrystalDiskMark. Discovered by Check Point Research, this operation uses highly realistic portals to trick visitors into downloading malware instead of legitimate software. Usually, when open-source projects are searched on Google, users trust the first link that appears. In this campaign, hackers exploit exactly this habit. Researchers explain in the blog post that they have developed 100+ clone websites that mimic real portals, even preserving authentic GitHub links when users hover over download buttons. (HACKREAD.COM)

Weedhack MaaS targets Minecraft players to steal credentials and hijack accounts

Weedhack, a Malware-as-a-Service (MaaS) operation specifically engineered to prey on Minecraft players, that has been active since at least January 2026. The service packages credential theft, cryptocurrency wallet extraction, account hijacking and full remote-access capabilities into a low-cost, subscription-based offering marketed through SEO poisoning,YouTube promotion and counterfeit Minecraft mod websites. By combining polished distribution tactics with decentralized infrastructure retrieval and a customer-facing dashboard, Weedhack substantially lowers technical barriers for novice threat actors and raises the threat level across gaming communities, especially for younger users. (GBHACKERS.COM)

Spoofing

Ghost-Sender flaw exposes Exchange Online users to sender spoofing attacks

A newly disclosed “Ghost-Sender” flaw is exposing Microsoft Exchange Online environments to large-scale email spoofing attacks, allowing threat actors to bypass standard email authentication controls and deliver forged messages directly to users’ inboxes. The issue, identified by security researchers Lucas Dodgson, Tobias Oberdörfer, and Robin Hilber, stems from misconfigurations in hybrid or cloud email deployments where organizations rely on external MX records alongside Exchange Online. The vulnerability enables attackers to send emails impersonating virtually any sender, internal or external, and to bypass SPF, DKIM, and DMARC protections. (GBHACKERS.COM)

Vulnerabilities

Check Point warns critical auth bypass bug exploited in the wild

Check Point has urged customers to patch a critical zero-day vulnerability in its Remote Access VPN and Mobile Access solutions that is being actively exploited. CVE-2026-50751 is an authentication bypass flaw that affects deployments configured to use the deprecated IKEv1 key exchange protocol. The security vendor revealed on June 8 that in one case, an affiliate of the Qilin ransomware group has exploited the flaw in “post-compromise activity.” (INFOSECURITY-MAGAZINE.COM)

LiteLLM flaw CVE-2026-42271 exploited in the wild, chains to unauthenticated RCE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-42271 (CVSS score: 8.7), is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the host. (THEHACKERNEWS.COM)

Zero-days

Google patches 5th Chrome zero-day exploited in 2026

Google on Monday announced a Chrome 149 update that patches 74 vulnerabilities, including a zero-day that has been exploited in the wild. The exploited vulnerability is tracked as CVE-2026-11645. It has been described as a high-severity out-of-bounds read/write issue in V8, allowing a remote attacker to execute arbitrary code inside a sandbox using a specially crafted HTML page. No information is available about the attacks exploiting CVE-2026-11645, but threat actors have likely chained it with a sandbox escape flaw. (SECURITYWEEK.COM)

Iran

Handala claims Israeli radar hack, but evidence shows phone admin panel

An Iranian-linked hacker group called Handala claimed to have hit Israeli military targets with massive cyberattacks on Sunday, June 7 2026. The group used the Telegram messaging app to announce they had successfully disrupted signal networks across Israel’s military radar systems. What’s interesting here is the timing of the announcement, as Handala’s claim perfectly coincides with a chaotic real-world development, as Israel and Iran broke their two-month ceasefire by trading heavy missile strikes on the same day. Handala also boasted to have placed the Kfar Yona municipality, a local town hall in central Israel, under a digital siege. In their public messages, the group warned: “Today marks the beginning of the end.” They added that these actions were only a first warning to Israel and any countries supporting it. (HACKREAD.COM)

North Korea

North Korean hackers use fake coding tasks to steal crypto

A likely North Korean threat actor has phished software developers at almost 100 organizations with fake job and code-review lures to steal cryptocurrency and credentials. According to new analysis from Proofpoint, which tracks the cluster as UNK_DeadDrop, the campaign sent more than 250 emails in April and May 2026. Targets were mostly US-based and worked in technology, education or finance, with a focus on cryptocurrency firms. Each email linked to a GitHub or GitLab repository dressed up as a coding assignment, with instructions to clone it and open the folder in an editor such as VS Code or Cursor. (INFOSECURITY-MAGAZINE.COM)

Russia

Russia upgrades rules for its digital spy system to better track citizens online

Russia has spent decades building one of the world’s most sophisticated digital surveillance systems. Now, the Kremlin is taking steps to make it faster, more automated and better integrated across the country’s internet infrastructure. Known as SORM, the platform gives Russia’s security and intelligence agencies access to telephone calls, internet traffic and other electronic communications passing through domestic networks. New regulations published by Russia’s Ministry of Digital Development at the end of May updated the technical standards governing SORM, formally known as the System for Operative Investigative Activities. (THERECORD.MEDIA)

Artificial intelligence

Artificial intelligence

Companies aren’t prepared for how AI is accelerating impersonation attacks

The cybersecurity industry devotes a lot of attention to how AI helps hackers analyze vulnerabilities more quickly and craft better malware, but a new report argues that AI’s improved impersonation of corporate leaders is proving just as consequential. Impersonation attacks have targeted either executives or lower-level employees at more than half (53%) of organizations this year, the security firm Outtake said in a report published on June 4. At the same time, the report found, three-quarters of respondents to Outtake’s survey performed only limited impersonation monitoring or only reacted to attacks as they happened. (CYBERSECURITYDIVE.COM)

Data centers

AI industry rejects utility effort to restrict competition

Google, Microsoft, Meta and other tech companies are pushing back against an effort by Midwestern utilities to suspend competitive bidding for transmission projects linked to data centers. Nine utilities petitioned the Federal Energy Regulatory Commission in April to suspend competition for five years, citing the “speed to power” push by the artificial intelligence industry. The so-called Grid Acceleration Coalition argued that putting projects out to bid causes significant delays to powering data centers. Tech companies don’t agree. (EENEWS.NET)

Microsoft seeks Nevada tariff to shield ratepayers from data center costs

Microsoft in May filed a proposed Ratepayer Protection Tariff with the Public Utilities Commission of Nevada, seeking to establish a state-jurisdictional framework for allocating the costs of AI-driven data center load growth. The proposal splits project-specific infrastructure into a Customer Contributed Share, paid by the large-load customer, and a System Benefit Share that can be reviewed for inclusion in utility rate base if it benefits the broader system. Microsoft said the tariff would support faster grid expansion, provide greater planning certainty for utilities and regulators, and help accommodate growing AI-related electricity demand without increasing bills for residential and small-business customers. (UTILITYDIVE.COM)

Defense

Army touts ‘Mortars App’ for soldiers to fire rounds via smartphone, tablet

he Army developed an app meant to help mortar crews calculate and launch rounds, the service said, replacing software for decades-old platforms with a fire control system that can fit in their pockets. Originally introduced in 2023, the “Mortars App” is intended to give soldiers a more intuitive fire control system that can be used for different platforms. Mortar crews are responsible for delivering immediate indirect fire for maneuvering forces, and are required to coordinate ranges, ballistics, round types and a host of other fire data to do so. The service described the application as modular, with the ability to run on “devices as small as a Samsung phone running Android OS” and legacy systems, such as the Lightweight Handheld Mortar Ballistics Computer (LHMBC), which was released in the early 2000s and is common to Army mortar units. (DEFENSESCOOP.COM)

What if the A-10 had AI & electronic-warfare gear?

Lawmakers want to see if the Air Force’s venerable A-10 Thunderbolt IIs can be souped up with artificial intelligence, electronic-warfare gear, or better comms to keep it in the fight. The House Armed Service Committee’s version of the annual defense policy bill included several Warthog-related provisions as part of an en bloc package. One would require a report on potential A-10 capabilities by Jan. 15, 2027, from Defense Secretary Pete Hegseth, Air Force Secretary Troy Meink, and the leaders of Air Combat Command and U.S. Central Command. (DEFENSEONE.COM)

DISA to begin migrating combatant commands to unified IT network in 2028

The Defense Information Systems Agency will start transferring combatant commands to a standardized and secure IT network — now known as CommandNet — in fiscal 2028. Developed under the Mission Network-as-a-Service program, CommandNet aims to break down silos between disparate, geographically-isolated networks used by COCOMS and replace them with a single IT architecture. To prepare for future migrations, DISA plans to work with combatant commands throughout 2026 and incorporate lessons learned from its ongoing DODNet transformation, according to Kelli Garczynski, DISA’s deputy program manager for DODNet. (DEFENSESCOOP.COM)

Education

FTC orders Illuminate Education to bolster data security after breach impacting 10M students

The Federal Trade Commission finalized an order Friday against K-12 software vendor Illuminate Education, directing the company to improve its data security measures and barring it from misrepresenting its data privacy practices or breach notification times after a breach in 2021 impacted the data of more than 10 million current and former students. The final order, which the FTC said was modified following a period of public comment, comes after the federal agency found that Illuminate, which provides student grading and attendance software, allegedly failed to implement reasonable security controls. These failures, the FTC alleged, were contributing factors in a December 2021 cyberattack on the company, which exposed the personal data of about 10.1 million current and former students across dozens of school districts in several states, including New York City’s large public school system. (STATESCOOP.COM)

Insurance

Cyber insurance policyholders facing heavier scrutiny in underwriting, claims

Enterprises holding cyber insurance policies are undergoing more scrutiny in their claims as rates decline and insurers scramble to remain profitable. The stakes are high for both sides. Insurance companies around the globe increasingly fear their business is overly dependent on large U.S. policyholders, which make up nearly two-thirds of their global market share. They worry that one large supply chain event or outage could escalate and ultimately wipe out the cyber insurance industry as a whole. These market pressures have led to a shift in the cyber insurance business model, where cyber insurers are developing sophisticated risk models to prepare for large-scale attacks that could disrupt a wave of policyholders at the same time. (CYBERSECURITYDIVE.COM)

Maritime

From Pyongyang to Primorsk: When sanctions evasion becomes system design

OPINION: Rarely a week passes without a new story about Russia’s shadow fleet. Tankers catch fire in the Mediterranean, are added to sanctions lists, or are boarded while passing through European waters. But the bigger story is not the vessels that are caught, but those that aren’t — ships moving between registries, ports, shell companies, and service providers that obscure their ties to Russia while keeping a sanctioned state afloat. The vessels that do get sanctioned are the visible tip of a larger scheme that North Korea spent years running, and Russia has refined at scale. Shadow fleets are typically studied in isolation, rather than as a reusable system. North Korea’s maritime evasion has been documented primarily through the U.N. Panel of Experts reporting on violations and enforcement gaps, while Russia’s shadow fleet is typically analyzed in industry and policy reporting by organizations such as Windward and the Kyiv School of Economics. These reports have illuminated common evasive tactics, but they rarely ask why the same mechanisms remain available across time and space, allowing Russia to reuse and scale up North Korean tactics. (WARONTHEROCKS.COM)

Regulations

Keir Starmer gives tech firms three months to stop children sending nude images

Apple and Google have been given a three-month ultimatum to make it impossible for children to take, share or view nude images on their smartphones, Prime Minister Sir Keir Starmer said. The UK Government wants firms to activate built-in features on their devices or come up with technological solutions on phones and tablets to detect and block such content. It means all adults will need to verify their age if they want to take or view nude images. Firms must implement changes or face new legislation, which could lead to fines, and as a last resort, criminal liability for tech bosses. (IRISHNEWS.COM)

Resilience

Data supports efforts to combat urban heat; could AI help?

Local governments are preparing for the summer months with data-driven efforts to combat urban heat — and predictive analytics can help them be more proactive. Climate change is increasing the frequency, intensity and duration of hot spells, but technology is helping address the challenges posed by record-breaking heatwaves and make communities more resilient. Today, cities are using data and technology not only to respond to challenges, but also to get ahead of them, Rochelle Haynes, senior vice president and managing director of What Works Cities at Results for America, said. The organization partners with a network of more than 300 cities. (GOVTECH.COM)

Schiff unveils bill restricting Pentagon AI use without human involvement

Sen. Adam Schiff (D-Calif.) introduced a bill Monday that would require human involvement in the Pentagon’s use of autonomous or semi-autonomous weapons that rely on AI. The legislation, called the Human Authority in Lethal Operations Act, seeks to establish a “clear chain of command” under which a designated commander has the final say over decisions to use force that involve autonomous weapon systems. Pentagon officials would also be required to maintain records of their decision making processes, such as target selection, for review after the fact. (THEHILL.COM)

House Republicans tee up nuclear licensing reforms

The House Energy and Commerce Committee is set to renew its multiyear push to expand nuclear power this week, with lawmakers considering a package of bills aimed at streamlining regulations for reactor development. The Energy Subcommittee will meet to discuss legislation that Republican leaders say builds on the ADVANCE Act, a bipartisan law enacted in 2024 that sought to accelerate deployment of advanced reactors by reforming what industry advocates described as a cumbersome Nuclear Regulatory Commission licensing process. “Burdensome regulations and a costly licensing process have made it difficult to expand the use of nuclear power,” said Energy and Commerce Chair Brett Guthrie (R-Ky.) and Energy Subcommittee Chair Bob Latta (R-Ohio). “By building on the ADVANCE Act, we can deliver the reliable power needed to support America’s continued energy dominance.” (EENEWS.NET)

HASC challenges Trump’s EO ending bargaining rights for DoD workers

The House Armed Services Committee is pushing back against President Donald Trump’s executive order that removes collective bargaining rights for civilian workers at nearly three dozen federal agencies in an effort “to enhance the national security of the United States.” During its annual marathon markup session last week, the committee adopted an amendment offered by Rep. Donald Norcross (D-N.J.) to ban the Defense Department’s use of fiscal 2027 funds to implement the president’s executive order. (FEDERALNEWSNETWORK.COM)

Senate HELP Committee leader seeks answers on NYC health hack

The chair of the U.S. Senate health committee is seeking answers from New York City officials — including the city’s mayor — about a 2025 hack at the country’s largest municipal public health system, New York City Health + Hospitals, that affected 1.8 million individuals. Sen. Bill Cassidy (R-La.), a physician and chair of the Senate health, education, labor and pension committee, in a June 4 letter to NYC Health CEO Mitchell Katz and New York City mayor Zohran Mamdani, sought details about the 2025 health data breach health affecting nearly 2 million patients, as well as the cybersecurity controls in place leading up to the incident. (HEALTHCAREINFOSECURITY.COM)

Warren seeks admin leadership to testify on AI policy

Sen. Elizabeth Warren, D-Mass., is asking fellow lawmakers on the Senate Banking Committee to bring Trump administration officials to the Hill to testify on the administration’s approach to artificial intelligence regulation, specifically requesting the presence of Commerce Secretary Howard Lutnick and Treasury Secretary Scott Bessent. The June 8 letter seeks the attendance of both Lutnick and Bessent, as well as other “key Administration officials,” to address outstanding issues related to the advent of AI. (NEXTGOV.COM)

COMMITTEE ACTIVITY

TRANSPORTATION: The Senate Commerce, Science and Transportation Subcommittee on Surface Transportation, Freight, Pipelines, and Safety will hold a June 9 hearing to examine how technological advances are driving transportation innovation.

CISA adds two known exploited vulnerabilities to catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2026-42271 BerriAI LiteLLM Command Injection Vulnerability, CVE-2026-50751 Check Point Security Gateway Improper Authentication Vulnerability. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise. (CISA.GOV)

TO BE INCLUDED IN THIS CALENDAR, SUBMIT YOUR SECURITY-FOCUSED EVENT FOR CONSIDERATION

MARITIME: The Stephenson Ocean Security Project highlights the ways that global security challenges arise from marine resource competition and works towards solutions that support sustainable development, coalition building, and the need for American leadership. This year’s forum on June 9 will discuss the escalating pressure facing global maritime governance from a variety of crisis points and how this pressure is affecting shared governance of the maritime commonwealth and our ability to grapple with common challenges including marine resource management, illegal fishing, supply chain transparency, and human rights at sea. This year’s forum is co-hosted in partnership with the CSIS Human Rights Initiative.

AI ECONOMY: How can AI be deployed effectively to enhance economic mobility and ensure the benefits of AI systems are reaped widely? On June 10, the Brookings Center on Regulation and Markets will host a fireside chat with Neil Thompson, director of the FutureTech project at MIT, to explore the intersection of AI and economic mobility. 

DIB: Join Hudson Institute for a June 11 fireside chat between Hudson Senior Fellow Nadia Schadlow and Deputy Assistant Secretary for Industrial Base Growth and Director of the Office of Small Business Programs James Mismash. The discussion will explore current efforts to strengthen the defense industrial base, expand industrial capacity, and foster greater participation and competition across the national security ecosystem.

AI AND THE WORKFORCE: Join AEI for the June 11 launch of the Commission on AI and the Future of the American Workforce, a joint initiative of the American Enterprise Institute and the Urban Institute. This commission brings together leaders from industry, labor, academia, and government to develop an actionable policy framework for AI-driven employment disruption. Hear from the commission co-chairs — former Speaker of the House Paul Ryan and former US Secretary of Commerce Gina M. Raimondo — as well as AEI President Robert Doar, and Urban Institute President Sarah Rosen Wartell as they unveil the commission’s mission and approach.

SECURITY POLICY: From AI and drone warfare to global alliances and economic security, America and its allies need “New Rules” to compete, deter, and win in the 21st century. Join leading voices in national security for an exclusive, all-day Center for a New American Security conference on June 11 at the forefront of today’s most consequential issues — from AI and cybersecurity to the latest developments in Iran, economic statecraft, and America’s strategic readiness across the world.

NORTH KOREA: On June 12 join the Indo-Pacific Security Initiative (IPSI) of the Atlantic Council’s Scowcroft Center for Strategy and Security for the launch of Nonresident Senior Fellow Jieun Baek’s latest book, “Privileged but Powerless.” Baek’s second book on North Korea draws on hundreds of hours of rigorous fieldwork and interviews with defectors to examine a surprising yet critical vector of regime instability. In a fireside chat, Baek will discuss how North Korea’s system of privilege and control shapes elite insecurity at the highest levels of the regime.

HYBRID WARFARE: On June 15 the Atlantic Council’s Eurasia Center will host an expert discussion on how the United States can best counter malign Russian and Chinese hybrid operations. Moscow and Beijing have long pursued campaigns of subversion, sabotage, and subterfuge against the West. Today, those efforts appear to be converging. Many of Beijing’s dual-use technologies have been instrumental in sustaining Russia’s war against Ukraine. Eurasia Center Senior Director and former US Ambassador to Ukraine John Herbst moderates a conversation on what the Russia-China hybrid axis means for Washington and its allies.

DIGITAL INFRASTRUCTURE: On June 16 the Atlantic Council’s Democracy + Tech Initiative will host a discussion to launch a new report examining the future of global connectivity financing and strategic competition over digital infrastructure. As China expands its Digital Silk Road through state-backed financing and integrated technology offerings, the United States and its allies face growing pressure to develop a credible alternative for expanding internet access in underserved markets. 

DIB: Join CNAS on June 16 for a fireside conversation with DoD’s Michael Cadenazzi examining the challenges and priorities shaping U.S. munitions production and defense industrial base policy. This event will examine how policymakers, industry partners, and acquisition officials can work together to build the surge capacity the United States needs, in a focused conversation on the future of U.S. munitions production and defense industrial base policy.

NUCLEAR: Why does the U.S. struggle while nuclear leaders such as China and France succeed? A combination of standardized designs, predictable regulation, and rapid regulatory approval all appear to play a role. And while bipartisan support for nuclear energy has grown due to its role in AI-driven energy demand and climate goals, political anxieties in the United States persist. Join AEI on June 18 to dissect the economic, regulatory, and political tensions that keep the U.S. lagging behind when it comes to nuclear energy.

MARITIME SECURITY: Please join the CSIS Defense and Security Department (DSD) and the U.S. Naval Institute (USNI) on June 18 for a Maritime Security Dialogue event featuring Lieutenant General Eric Austin, USMC, CG, MCCDC / DC, CD&I / PAE-MC. LtGen Austin will sit down with Dr. Seth G. Jones, president, CSIS Defense and Security Department, to discuss the future growth of the Marine Corps, lessons from the recent wars in Ukraine and the Middle East, and implications for the Indo-Pacific. Rear Admiral Raymond A. Spicer, USN (Ret.), chief executive officer and publisher, U.S. Naval Institute, will offer opening remarks. 

NUCLEAR: For the first time, the United States is preparing to deter two nuclear adversaries­­­, Russia and China. In today’s post-New START environment, U.S. adversaries remain committed to weakening American resolve and undermining Washington’s commitment to its allies. Join Hudson Senior Fellow and Keystone Defense Initiative Director Dr. Rebeccah Heinrichs and Administrator of the National Nuclear Security Administration Brandon Williams for a June 18 discussion on the administration’s priorities in strengthening the U.S. nuclear enterprise.

AI AND EXPORT CONTROL: Join House Foreign Affairs Committee Chairman Brian Mast and Senator Jim Banks for a June 25 fireside chat hosted by the Hudson Institute on Congress’s role in U.S. export control strategy to outcompete China in technology and AI development. The conversation will examine ways to close loopholes, guard America’s most critical technologies, and prevent Beijing from leveraging American innovation against American interests. 

GLOBAL SECURITY: Join the CSIS Defense and Security Department on June 30 for its annual Global Security Forum. This year’s conference will center on the theme “America at 250: A Defining Moment for American Statecraft and Military Power.: Through keynote addresses and expert panel discussions with government, industry, and finance experts, the Forum will examine how the tools of statecraft are being redefined and how the United States can harness innovation, rebuild industrial capacity, strengthen deterrence, and renew the foundations of leadership in a more dangerous world.

---

FOLLOW THE McCRARY INSTITUTE ON LINKEDIN | X | BLUESKY

SUBSCRIBE TO THE CYBER FOCUS PODCAST: YOUTUBE | SPOTIFY | APPLE PODCASTS

SUBMIT A TIP