In collaboration with
Global news
(Dominic Culverwell – The Kyiv Independent) News of former Google CEO Eric Schmidt’s reported investment in seven real estate assets in Kyiv has been welcomed in Ukraine as a rare example of foreign investment during wartime and an encouraging sign to other investors. Forbes Ukraine first reported on June 8 that Schmidt and his wife, Wendy Schmidt, had acquired a combined 36% stake in seven companies under the Dragon Capital group, a major Kyiv-based investment firm. While the deal has not been made public, Forbes reported that changes in the ownership structure appeared in the YouControl system, an open-data source, between late May and early June. Forbes estimates that the couple’s share is worth $55 million to $70 million. – ‘Great news for Ukraine’s investment climate’ — What we know about ex-Google CEO’s Kyiv real estate investment
(Lucy Pakhnyuk – The Kyiv Independent) European trust in the United States as a security partner has fallen to an all-time low, with most Europeans no longer viewing Washington as a reliable ally under President Donald Trump, according to a survey published June 10 by the European Council on Foreign Relations (ECFR). Only 11% of respondents across 15 European countries now consider the United States an ally, down from 16% six months ago and 22% in November 2024, the survey found. Meanwhile, 25% view the U.S. as either a rival or an adversary. The findings reflect a growing belief among Europeans that they cannot depend on the United States for their security and must take greater responsibility for their own defense. – European trust in US security falls to all-time low, survey finds
(Lucy Pakhnyuk – The Kyiv Independent/Russia, Ukraine) Multiple explosions were reported across Russian-occupied Crimea overnight on June 10-11, with several military-related sites apparently struck in what appeared to be an ongoing Ukrainian drone and missile attack, according to local reports and monitoring channels. The pro-Ukrainian Telegram channel Crimean Wind reported that a bridge in Armiansk, a town in northern Crimea near mainland Ukraine, was hit following reports of Ukrainian drones in the area and a series of explosions. – Explosions rock Russian-occupied Crimea amid apparent large-scale attack across peninsula
(Alex Raufoglu – RFE RL/Russia, China, Iran) Russia, China, and Iran are increasingly creating a strategic alliance of convenience that US policymakers must confront as it seeks to disrupt global order, according to a group of US experts and former officials. Speaking on June 10 at the “America’s Adversaries: The Russia Reality” national security briefing organized by the Independent Women’s Forum, many of the panelists noted the transactional benefits are already yielding critical strategic dividends, particularly for an otherwise isolated Iranian regime. Driven by their shared opposition to US dominance, the three countries are coordinating diplomatically, integrating their militaries and working on ways to evade Western sanctions. “The question is whether there is a strategy of disruption, tactical convenience, or opportunism, or whether it is designed to create a different set of strategic outcomes in terms of the global order,” according to Nadia Schadlow, a senior fellow at the Hudson Institute and former deputy national security adviser. – Growing Russia-China-Iran Axis Poses Broader Challenge, Analysts Say
(Alex Raufoglu – RFE RL/US, Iran) The US House of Representatives overwhelmingly approved legislation aimed at preventing American and allied technology from ending up in Iranian-made drones used in conflicts from Ukraine to the Middle East. The measure, known as the Block the Use of Transatlantic Technology in Iranian Made Drones Act (H.R. 2505), passed the House late on June 9 under a suspension of the rules, a procedure typically reserved for broadly supported legislation. The bill requires the Departments of Commerce, State, and Defense to develop new strategies to identify and disrupt supply chains enabling Iran to acquire critical technologies used in its drone program. Supporters told RFE/RL the legislation addresses a persistent problem: Western-made electronic components continue to be found in Iranian drones despite existing sanctions and export controls. “Iranian drones are being used to terrorize civilians and attack Americans and US allies around the world,” said Representative Brian Mast, chairman of the House Foreign Affairs Committee. He warned lawmakers during floor debate that such systems frequently rely on US and European-origin technology, calling it a continuing concern for lawmakers. The legislation highlights commercially available components often used in drone systems, including microprocessors, microcontrollers, voltage regulators, digital signal controllers, and GPS modules. US officials have repeatedly identified Western-made electronics in Iranian drones, including the Shahed series deployed by Russia against Ukrainian cities and infrastructure. The bill directs the Commerce Department to map technologies Iran uses or could use in drone development, trace manufacturers and suppliers, and identify third-party distributors helping Tehran evade export controls. The State Department would coordinate with allies to align export-control regimes and prevent sensitive technologies from reaching Iran through global supply chains. The Defense Department would develop options to deny Iran access to key drone-related technologies, including design software and advanced manufacturing equipment. – US House Passes Bill To Cut Off Western Technology Flowing Into Iranian Drones
(Daud Khattak – RFE RL/Afghanistan, Pakistan) Patients who can’t get their cancer medicine. A couple who had to postpone their wedding indefinitely. Traders stuck at the border, paying fines for truckloads of spoiled goods. Each day that the border between Afghanistan and Pakistan remains closed, the economic and humanitarian toll grows. Haji Muawin’s health is deteriorating, and he can’t get to the help he needs. The 55-year-old Afghan cancer patient has run out of his prescription medication and needs an examination at a hospital in Pakistan to continue treatment. “I visit the clinic every four months as I am in the last stages of my treatment, but the border closure has made my situation even more difficult,” Muawin, a resident of Afghanistan’s eastern Nangarhar Province, told RFE/RL. Tensions between Kabul and Islamabad rose sharply in October 2025 when Pakistan carried out air strikes inside Afghanistan, ostensibly against militants belonging to Tehrik-e Taliban (also known as TTP, or the Pakistani Taliban). The Afghan Taliban retaliated by attacking Pakistani border posts, and the deadly clashes continued for several days. The border has been closed ever since. – As Afghanistan’s Border With Pakistan Remains Closed, The Economic And Humanitarian Toll Mounts
(Mike Eckel – RFE RL/Russia, VPN) Since the onset of all-out war on Ukraine in February 2022, Russian authorities have dropped a veil of censorship — both overt and covert — on news, dissent, and debate about the conflict, not to mention about President Vladimir Putin’s leadership. Russians have responded by embracing virtual private networks (VPNs), online tools that shield a user’s location and allow them to read unfiltered news free of government interference. That’s made Russian regulators, not to mention the country’s powerful spy agencies, unhappy. Officials have sought to restrict or even criminalize the use of VPNs. Roskomnadzor, the agency that has spearheaded most of the Kremlin’s efforts to clamp down on the Russian segment of the Internet, has reportedly come up with its own novel idea to tackle the problem: a government-run VPN. – Russia Wants To Build a State-Run VPN. What Could Go Wrong?
(Al Arabiya/US, Iran) The United States and Iran traded air attacks on Thursday for a second straight day, with President Donald Trump vowing further strikes if Tehran does not immediately agree to a peace deal. The escalation in hostilities began earlier this week with the downing of a US Apache helicopter near the Strait of Hormuz, which sparked a series of tit-for-tat attacks across Iran and on US bases around the region. – US and Tehran trade attacks for a second day, Iran targets Jordan and Gulf states
(UN News/Migrants and Refugees) Global forced displacement has decreased for the first time in a decade, the UN refugee agency (UNHCR) reported on Thursday, though the figure remains unacceptably high and tens of millions of people are still trapped in prolonged exile with little prospect of rebuilding their lives. UNHCR’s flagship Global Trends Report, launched in Geneva by High Commissioner Barham Salih, showed that global refugee numbers fell by three per cent in 2025 to 41.6 million. Some 5.4 million people fled to other countries to escape violence and persecution during the year. – Refugee numbers drop for first time in a decade, but millions remain trapped | UN News
(UN News/War in Ukraine) As Russia’s full-scale invasion of Ukraine enters its fifth year, conditions in southern Ukraine have rapidly deteriorated. Maintaining humanitarian operations has become an increasingly complex balancing act between enabling aid delivery and managing risk. For Olga Scripovscaia, a field security coordination officer based in Odesa, each day starts with the same question: “what changed overnight?” After nights frequently interrupted by air alerts and coordinated attacks, mornings are spent reviewing incident reports, checking updates from local authorities and monitoring conditions across Odesa, Mykolaiv and Kherson, areas where humanitarian access can change within hours. “There is always something ongoing here,” she said. “Things are never quiet.” – ‘The day never stops’ for aid workers braving missiles and drones in Ukraine | UN News
(UN News/Sudan) Escalating attacks on bridges, roads and other civilian infrastructure in Sudan are disrupting humanitarian access and putting civilians at further risk, the United Nations said on Tuesday. The warning comes after overnight explosions reportedly struck the crucial Ardamata bridge in West Darfur state, as fighting continues between the Sudanese Armed Forces (SAF) and former allies the Rapid Support Forces (RSF). The two sides have been battling for control of the country since April 2023. The bridge links the city of El Geneina to areas near the border with neighbouring Chad. It is a vital route for commercial traffic and humanitarian supplies entering the Darfur region. – Sudan war: Drone attacks damage key aid routes | UN News
Tech world
(Daryna Antoniuk – The Record/Security & Surveillance) A cyberattack has disrupted sugar production in one of Australia’s largest cane-growing regions, forcing two major sugar mills to shut down and bringing harvesting operations to a halt. Mackay Sugar, Australia’s second-largest sugar producer, said on Wednesday that it was responding to a cybersecurity incident affecting parts of its operations and had engaged cybersecurity experts and local authorities to investigate the attack and restore its systems safely. The incident forced the shutdown of the company’s Farleigh and Racecourse mills in Queensland’s Mackay region, prompting growers to immediately stop harvesting sugarcane until further notice, according to local media reports. – Cyberattack shuts down major Australian sugar mills, disrupting harvest | The Record from Recorded Future News
(Alessandro Mascellino – Infosecurity Magazine/Security & Surveillance) Threat actors have been using short-form videos on TikTok and Instagram Reels to push the Vidar infostealer, disguising the attacks as tutorials for unlocking premium software for free. New analysis from ReversingLabs describes two campaigns that game the platforms’ recommendation algorithms to reach large audiences, both funneling viewers to sites peddling fake free software such as Spotify Premium. Vidar is a long-running infostealer sold as a service for a $300 lifetime license, harvesting credentials, financial data and authentication tokens. A refresh last October made it stealthier. The clips racked up real traction, with one tutorial drawing more than 100,000 views. – Fake Software Tutorials on TikTok Spread Vidar Stealer – Infosecurity Magazine
(Alessandro Mascellino – Infosecurity Magazine/Security & Surveillance) A new remote access trojan sold on dark web forums has been built to drain cryptocurrency, hijacking victims’ logged-in sessions to slip past passwords and multi-factor checks. Dubbed SilabRAT, the malware has been detailed in new analysis from Group-IB, which found it advertised since late 2025 as a malware-as-a-service (MaaS) offering at $5000 a month. Its developer, a Russian-speaking actor known as o1oo1, also sells a code-obfuscation tool called AsmCrypt and discounts buyers who take both. Buyers run their own campaigns, often spreading SilabRAT through email spam and ClickFix lures, and antivirus tools frequently log it as the HijackLoader packer rather than the payload. One operator claimed more than 90% of infected machines stayed online across a month-long campaign. – New SilabRAT Trojan Hijacks Sessions to Steal Crypto – Infosecurity Magazine
(Danny Palmer – Infosecurity Magazine/Security & Surveillance) Cybersecurity software regularly fails to detect and prevent the cyber-attacks they are designed to protect organizations from, especially within the bowser layer, research by Menlo Security has warned. Published on June 9, Menlo Security’s 2026 Browser Threat Report found that one in five phishing attacks which target the enterprise browser users go completely undetected by the tools which are supposed to protect the network and its users from attacks. Based on platform telemetry across millions of active browser sessions in enterprise customer environments between January 1 and March 31 2026, the research warned that threat actors are gaining entry to enterprise environments through the browser session layer. – Security Software Fails to Detect Fifth of Brower Phishing Attacks – Infosecurity Magazine
(Phil Muncaster – Infosecurity Magazine/Security & Surveillance) Identity crime experts have warned of “multi-layered crises” after revealing that many victims dealt with two or more incidents over the past year. The findings come from US non-profit the Identity Theft Resource Center (ITRC), which analyzed data from over 6000 reports submitted to it between April 1 2025 and March 31 2026. Its 2026 Trends in Identity Report revealed that nearly 26% of victims managed two or more concurrent identity crime incidents, up from 24% the previous year. – Over a Quarter of Identity Crime Victims Hit by Multiple Incidents – Infosecurity Magazine
(Valerie Arko-Adjei – Infosecurity Magazine/Security & Surveillance) AI adoption is accelerating in the workplace, and organizations are rushing to implement AI governance policies. ChatGPT, Microsoft Copilot, and Claude are among the common tools employees use to summarize meetings, draft reports and emails, and speed up decision-making. The point of concern is whether employees are using these tools faster than security teams can establish oversight controls. The cybersecurity concern is valid. Proprietary and sensitive data is being uploaded to external, unauthorized AI tools, which can have detrimental effects, including financial and reputational damage. – Shadow AI Is Exposing the Same Failures Teams Have Ignored For Years – Infosecurity Magazine
(DigWatch/Anthropic, Frontiers) Anthropic has launched Claude Fable 5, a new general-purpose AI model, alongside Claude Mythos 5, a more capable version reserved for selected cyber defence and infrastructure partners.The company described Fable 5 as its most capable generally available model to date, with strong performance across software engineering, knowledge work, vision and scientific research. Anthropic said the model’s advanced capabilities pose misuse risks, particularly in cybersecurity and research biology. – Claude Fable 5 and Claude Mythos 5 \ Anthropic
(DigWatch/Europe, Cyber Resilience Act, ENISA) The European Union Agency for Cybersecurity (ENISA) has published a report on Software Bill of Materials (SBOM) adoption, finding that the Cyber Resilience Act (CRA) is accelerating investment in software supply chain transparency across organisations. The report, titled ‘SBOM Adoption State of Play – 2026‘, analyses survey results gathered at the end of 2025. The survey examined how organisations of different sizes and across multiple sectors are approaching SBOM adoption in response to the Cyber Resilience Act. ENISA said the regulation is transforming SBOMs from a voluntary software supply chain security practice into a mandatory requirement for products with digital elements placed on the EU market. – SBOM Adoption State of Play – 2026 | ENISA
(DigWatch/AI, Gigafactories Poland, Europe) According to the Polish Press Agency, negotiations between the European Commission and EU member states on the development of AI gigafactories could conclude in June. The planned facilities are expected to be financed through the EU’s €20 billion InvestAI fund. – Poland signals progress on AI gigafactories and digital services tax | Digital Watch Observatory
(Pierluigi Paganini – Security Affairs/Security & Surveillance) Tchap, the encrypted messaging platform developed by the French government for its civil servants and made mandatory last year, was breached on June 7. ANSSI, France’s cybersecurity agency, detected the intrusion. The vector was straightforward: someone compromised a user account and used it to access the platform. No sophisticated technical exploit, just a stolen account. The attacker claimed responsibility over the weekend before the French Digital Affairs Directorate (DINUM) made any official announcement. They said they got in through a social engineering attack targeting the education shard, specifically matrix.agent.education.tchap.gouv.fr. Their own description of what they found is the more alarming part: they claim to have scraped nearly 650,000 messages, information on over 73,000 accounts, including email addresses and device metadata, and over 13.5GB of documents and media files. – France’s Government Messaging App Tchap Got Breached
(Pierluigi Paganini – Security Affairs/Security & Surveillance) CVE-2025-8088 is a path traversal flaw in WinRAR that lets an attacker write files outside the extraction directory using NTFS Alternate Data Streams. WinRAR fixed it in version 7.13 in July 2025. Nearly a year later, Trend Micro researchers published an analysis showing two separate Russia-linked APT groups, Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (UAC-0226), are still actively building new exploit samples and delivering fresh lure documents through it. The patch exists. The installations don’t have it. The mechanics of the flaw are worth understanding precisely. Victims receive a RAR archive, typically via spear-phishing email. They open it and see a decoy PDF, something that looks like a Ukrainian court summons, a Ministry of Defense registry, or a military equipment manifest designed to create urgency. In the background, with no warning and no additional user interaction, WinRAR silently writes hidden files to locations outside the extraction directory, including the Windows Startup folder. On the next login, those files execute automatically. – Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088
(Pierluigi Paganini – Security Affairs/Security & Surveillance) Security researcher Chaotic Eclipse, also known as Nightmare-Eclipse, has published a new proof-of-concept exploit for a RoguePlanet Microsoft Defender zero-day. The flaw relies on a race condition that can provide attackers with SYSTEM-level privileges, allowing them to execute code with the highest permissions. The exploit was successfully tested on fully updated Windows 10 and Windows 11 systems running the June 2026 Patch Tuesday updates, showing that patched systems may still be vulnerable. – Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows
(DigWatch/Cybercrime, Governance) The process of developing a supplementary protocol to the UN Convention against Cybercrime has begun, with early state submissions already showing competing views over its scope and timing. The Ad Hoc Committee Secretariat invited preliminary written inputs on the possible scope, objectives and structure of a draft protocol supplementary to the Convention, also known as the ‘Hanoi Convention’. The mandate follows UN General Assembly resolution 79/243, which asked the Committee to negotiate a draft protocol addressing, among other issues, additional criminal offences. – UN Cybercrime Convention Protocol talks reveal competing visions | Digital Watch Observatory
(DigWatch/AI, Governance) The UK government will develop and test AI legal assistants as part of a broader set of technology initiatives aimed at reducing court delays and improving the efficiency of the justice system. The Ministry of Justice said the tools will support routine casework, including research and case analysis, before any possible use in the Crown Court. The AI legal assistants will be developed in collaboration with legal professionals and AI developers, with initial testing taking place in controlled environments. The government said the trials will help establish standards for the safe and ethical use of AI in legal settings and ensure any future systems meet the expectations of judges and legal practitioners before wider deployment. – AI tech ambition to deliver smarter justice for victims – GOV.UK
(DigWatch/AI, Security & Surveillance) Cybersecurity researchers have demonstrated an AI-powered computer worm capable of identifying vulnerabilities, generating attack strategies and spreading autonomously across networks. The study suggests that advances in AI agents could enable a new class of adaptive cyber threats capable of operating with minimal or no direct human intervention. The research, conducted by teams from the University of Toronto, Vector Institute, University of Cambridge, and ServiceNow, describes malware that uses large language models to tailor its behaviour to each target. Unlike traditional worms, the system can adapt its attack methods in real time instead of relying solely on pre-programmed exploits. – AI Agents Enable Adaptive Computer Worms
(DigWatch/AI, Frontiers) Apple has unveiled the next generation of Apple Intelligence at WWDC26, introducing a significantly upgraded Siri designed to provide deeper personal context awareness, broader app integration and more advanced conversational capabilities. The new assistant can search across messages, emails and photos, answer questions about on-screen content and access web information to provide more up-to-date responses while maintaining Apple’s privacy-focused approach. – Apple unveils next generation of Apple Intelligence, Siri AI, and more – Apple
(DigWatch/AI, Frontiers) A Stanford Medicine pilot study has found that an AI-powered tool can help doctors prepare hospital discharge summaries while easing cognitive burden and reducing reported burnout. The in-house system, known as MedAgentBrief, was designed to condense complex patient histories into draft discharge summaries for physician review. Discharge summaries are essential for continuity of care, but can be time-consuming because doctors must summarise days or weeks of clinical information for outpatient providers. – AI could ease the burden of hospital discharge summaries
(DigWatch/AI, Defense) The Kenya Defence Forces (KDF) has completed the Service Members Basic Artificial Intelligence Course 01/26, a training programme aimed at strengthening AI capabilities among military personnel. The course concluded with a graduation ceremony at the National Military Command Centre in Nairobi. Delivered by the Defence Intelligence Academy in partnership with the Moran AI and Cyber Centre of Excellence and other technology partners, the programme provided participants with foundational knowledge of AI and emerging technologies. The course aimed to equip participants with practical skills relevant to increasingly data-driven security and defence environments. – CAPACITY DEVELOPMENT IN ARTIFICIAL INTELLIGENCE – Ministry of Defence – Kenya



