Over Two-Thirds of Security Pros Say Cyber Is Getting Harder
(Phil Muncaster – Infosecurity Magazine) Cybersecurity professionals say their job is harder than ever, with 68% reporting it has become more difficult over the past two years, according to a new report. The study, The Life and Times of Cybersecurity Professionals, Volume VIII, from industry body ISSA and analyst Omdia, surveyed 380 practitioners. It found that over 70% of respondents are facing workplace challenges linked to being locked out of key technology decisions. Among the key challenges cited were that other groups such as IT operations and platform engineering are increasingly involved in cybersecurity (79%). Another was that tech decisions are made without the input of cyber, creating barriers to security adoption (72%). – Over Two-Thirds of Security Pros Say Cyber Is Getting Harder – Infosecurity Magazine
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
(Danny Palmer – Infosecurity Magazine) A notorious ransomware group secretly infiltrated the network of a major company for up to two months by hiding command and control (C&C) traffic in Microsoft Teams, before unleashing their attack, researchers have warned. The investigation report, published by Symantec and Carbon Black on 16 June, warned that attackers deployed DragonForce ransomware on the network of a “major US services firm.”. The cybercriminals used a Go-based Remote Access Trojan (RAT) to abuse Microsoft Teams’ TURN relay servers and mask command-and-control traffic. The backdoor, which researchers dubbed Backdoor.Turn, altered the traffic so all defenders could see was outbound connections to legitimate Microsoft Teams servers. – DragonForce Ransomware Exploited Microsoft Teams to Hide Attack – Infosecurity Magazine
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
(Kevin Poireault – Infosecurity Magazine) Open-source security firm Chainguard has brought together dozens of partners in a new industry coalition to protect open-source software from AI attacks. The initiative, called Athena, was announced by Chainguard on June 16. Its founding members include BNY, Chainguard, Cisco, Cloudflare, Corridor, DepthFirst, Docker, JPMorganChase, Kyndryl, LTIMindtree and PwC. Based on preliminary work at Chainguard, Athena provides a vulnerability intelligence sharing platform and tools to fix the vulnerabilities frontier AI models, like Anthropic’s Mythos and OpenAI’s GPT-5.5.-Cyber, find before attackers can exploit them. – Chainguard, BNY Team Up to Secure Open Source from AI Threats – Infosecurity Magazine
FBI Warns Courier Cash Pickups Are Driving Crypto Scams
(Phil Muncaster – Infosecurity Magazine) The FBI has repeated calls urging members of the public not to fall for cryptocurrency investment schemes, after claiming that scammers are using couriers to bypass bank checks. Financial institutions are increasingly capable of spotting and blocking suspicious fund transfers made by victims to crypto-investment scammers, noted a Public Service Announcement (PSA) on July 15. However, the fraudsters are adapting. “Scammers inform victims in-person cash pickups are required to continue investing with the fraudulent investment firm or to pay purported fines to withdraw their investments,” the FBI noted. “Alternatively, the fraudulent cryptocurrency exchange may inform victims their account has been ‘flagged,’ allowing the scammer to suggest the use of cash couriers as an alternative.” – FBI Warns Courier Cash Pickups Are Driving Crypto Scams – Infosecurity Magazine
China-linked actor spent two years inside medical research networks
(Pierluigi Paganini – Security Affairs) Google’s Threat Intelligence Group published a report this week on UNC6508, a China-linked cyberespionage group that breached North American medical and military research organizations and stayed hidden for more than two years. The earliest confirmed intrusion dates to September 2023. The group remained active until November 2025, when researchers finally detected it. The finding highlights a lack of defender visibility more than attacker sophistication. “GTIG attributes this activity to UNC6508 with high confidence. This assessment is based on infrastructure overlaps between campaigns, the consistent use of the INFINITERED backdoor on REDCap servers, and the specific targeting of medical research and defense sectors.” reads the report published by Google. “We assess UNC6508 is an espionage motivated threat cluster, with priorities that align with historic PRC state-sponsored espionage trends and intelligence collection requirements.” – China-linked actor UNC6508 spent two years inside medical research networks
Australian Finance Department releases internal AI guidance
(DigWatch) Australia’s Department of Finance has publicly released internal guidance on generative AI under the Freedom of Information Act 1982, outlining how staff and contractors should use AI tools in their work. The guidance, dated March and April 2026, applies to tools including Microsoft 365 Copilot Chat, Microsoft 365 Copilot full licences, and public generative AI services such as ChatGPT, Claude, and Gemini. It says AI tools can improve productivity and service delivery, but also carry risks that must be understood and managed. Staff intending to use AI tools must complete the APS Academy’s AI in Government Fundamentals course. Staff are also encouraged to build prompting skills in a secure environment through GovAI’s Interactive Learning Environment and discuss approved AI use cases with managers. – Australian Finance Department releases internal AI guidance | Digital Watch Observatory
EDPS warns Shadow AI creates hidden data protection risks
(DigWatch) The European Data Protection Supervisor (EDPS) has warned that Shadow AI can create hidden data protection and breach risks when employees use unauthorised AI tools without organisational approval. The warning was published in a blog post by EDPS Wojciech Wiewiórowski on 15 June 2026. The EDPS said Shadow AI can include tools such as generative AI chatbots, coding assistants and automated note-taking applications. While employees may use them as shortcuts to improve productivity, unauthorised AI tools can bypass data protection and security safeguards. – Managing Shadow AI’s Hidden Data Breach Risk | European Data Protection Supervisor
Armenian finance minister highlights AI’s economic potential and risks
(DigWatch) Armenia’s Finance Minister Vahe Hovhannisyan said AI could support economic growth while also creating new economic and labour-market challenges. He made the comments during a parliamentary discussion on the performance of the 2025 state budget. Hovhannisyan said the impact of AI is being widely debated internationally and that governments around the world are actively exploring its economic implications. He was responding to questions about AI’s potential effect on GDP growth and the expansion of the tax base. – Armenia’s Finance Minister Assesses the Risks and Impact of AI on Economic Growth
Canada seeks stronger privacy rights through new digital governance law
(DigWatch) The Canadian government has introduced the Protecting Privacy and Consumer Data Act, a major legislative proposal designed to modernise the country’s private-sector privacy framework and strengthen protections in an increasingly AI-driven digital environment. According to the government, Canada’s existing privacy legislation was developed more than 25 years ago and no longer reflects technological realities such as AI, automated decision-making systems, deepfakes and the large-scale collection of children’s data. – Government of Canada tables new legislation to protect children’s data, strengthen privacy and build trust in the digital economy – Canada.ca
OECD says governments need stronger delivery capacity for digital transformation
(DigWatch) The OECD says governments have made progress in building the foundations of digital government, but must now focus on turning those foundations into measurable benefits for people and businesses. In its Digital Government Outlook 2026, the OECD says governments are operating under pressure from rapid technological change, fiscal constraints, rising public expectations and the growing adoption of AI. The report argues that digital technologies and data are now essential to public-sector performance, resilience, and trust. – Digital Government Outlook 2026 | OECD
ILO adopts Decent Work in the Platform Economy Convention 2026 for digital workers
(DigWatch) The International Labour Organization has adopted the Decent Work in the Platform Economy Convention 2026, creating the first global labour standard specifically focused on work performed through digital labour platforms. The International Labour Conference adopted the Convention at its 114th session in Geneva. It addresses working conditions in the platform economy, including ride-hailing, delivery, online freelancing, data work and other forms of digitally mediated labour. – ILO adopts Decent Work in the Platform Economy Convention 2026 for digital workers | Digital Watch Observatory
Humanists UK urges government to adopt human-centred AI principles
(DigWatch) Humanists UK has urged the UK government to place human dignity, democratic oversight and human flourishing at the centre of AI governance. The call followed a House of Lords debate on the impact of AI on human relationships and society, during which peers discussed the ethical, social and regulatory challenges raised by rapidly advancing AI systems. – UK Government urged to adopt humanist AI principles – Humanists UK
Yale proposal targets transparency gap in AI development
(DigWatch) Researchers at Yale’s Digital Ethics Center have proposed a copyleft-style licensing framework intended to increase transparency around generative AI models trained on open-source software. The proposal, called the Contextual Copyleft AI License, would adapt principles from free and open-source software licensing to generative AI. Under the model, AI systems trained on open-source code could be treated as derivative works, requiring developers to make key information about model architecture and training data freely available. – Yale researchers propose ‘copyleft’ rules for generative AI | Yale News
EU extends Cybersecurity Reserve support to Ukraine
(DigWatch) Ukraine can now activate emergency EU cyber support during significant or large-scale cybersecurity incidents after the Council of the European Union approved its inclusion in the EU Cybersecurity Reserve. The Reserve, managed by the European Union Agency for Cybersecurity, provides incident response services from trusted private-sector providers to help contain and mitigate major cyber incidents. – EU provides cyber support to Ukraine against major attacks | Shaping Europe’s digital future
In collaboration with
