(Kevin Poireault – Infosecurity Magazine) G7 nations have identified cyber threats as the most significant risk they face, for the second consecutive year. As the Munich Security Conference (MSC)opened in Germany on February 13, the event’s partner consultancy, Kekst CNC, released the latest edition of its annual security risk report, the Munich Security Index (MSI) 2026. The findings show that G7 countries (Canada, France, Germany, Italy, Japan, the UK and the US) ranked “cyber-attacks on their country” as their top concern in 2025, followed by “economic or financial crisis” and “disinformation campaigns from enemies.”. This marked the second year in a row that cyber threats have held the top spot, rising sharply from fourth place in 2021 and seventh in 2022. – Munich Security Conference: Cyber Threats Lead G7 Risk Index – Infosecurity Magazine
(Alexander Martin – The Record) Estonia’s foreign intelligence chief on Friday called on European governments and industry to invest in homegrown offensive cyber capabilities, noting that the continent relies too heavily on non-European tools. Kaupo Rosin, head of Estonia’s Foreign Intelligence Service (EFIS), told the Munich Cyber Security Conference that Europe is focused on defense, while modern intelligence and security operations increasingly depend on the ability to penetrate, disrupt or manipulate adversaries’ digital systems. “My call to the European industry is not only to think about cyber defense technology, but start to think about cyber offensive solutions too,” said Rosin. – Estonia spy chief calls on Europe to invest in its own offensive cyber capabilities | The Record from Recorded Future News
(Dina Temple-Raston – The Record) For more than a decade, American cyber strategy has largely been an exercise in digital resilience: assume the networks will be probed, breached and sometimes penetrated, then build systems sturdy enough to survive those kinds of breaches. At the Munich Cyber Security Conference this week, senior U.S. officials signaled that this defensive crouch is giving way to something closer to Cold War–style deterrence — an effort to convince adversaries that the costs of hacking the United States will outweigh the benefits. – US needs to impose ‘real costs’ on bad actors, State Department cyber official says | The Record from Recorded Future News
(Alexander Martin – The Record) Cyber and hybrid threats are now a permanent feature of Europe’s security environment, a senior Swedish defense official said Thursday, warning that societies must be built to function under sustained pressure rather than assuming disruptions will be rare. Lisa Gustafsson, director of foreign intelligence and cyber at the Swedish Ministry of Defence, made the remarks at the Munich Cyber Security Conference, citing Russia’s full-scale invasion of Ukraine as a turning point that has normalized the combined use of military force, economic pressure, information operations and cyber activity. “We are now living through a long-term confrontation in which military power, economic pressure, information operations, and cyber activities are used in combination, persistently, and deliberately,” Gustafsson said. – Europe must adapt to ‘permanent’ cyber and hybrid threats, Sweden warns | The Record from Recorded Future News
(Dina Temple-Raston – The Record) Speaking at the Munich Cyber Security Conference on Friday, Yuh-Jye Lee — a senior adviser at Taiwan’s National Security Council — delivered a stark warning about China’s intentions to use cyberspace in new and more aggressive ways. “We assess operations [like Volt Typhoon] may serve as real-world testing to paralyze infrastructure,” Lee said during a keynote speech at the conference. “Taiwan being a honeypot has taught us defense is not enough.”. Lee’s comments come on the heels of recently leaked technical documents that suggest China is stepping up its infrastructure hacking operations. – China may be rehearsing a digital siege, Taiwan warns | The Record from Recorded Future News
(Dina Temple-Raston – The Record) At the Munich Cyber Security Conference on Thursday, amid the usual talk of deterrence and digital battlefields, something quieter, and more revealing, slipped into the room. The next arena of political conflict, the speakers suggested, won’t be defined by borders or territory. It will be written in code. And much of that code isn’t controlled by governments at all — it belongs to American companies. Onstage were two men who have spent their careers thinking about power in its most muscular forms: Paul Nakasone, the former head of U.S. Cyber Command and the National Security Agency, and Dag Baehr of Germany’s foreign intelligence service, the Bundesnachrichtendienst. – A hard truth in Munich: Cyber defense runs through Silicon Valley | The Record from Recorded Future News
(Alexander Martin – The Record) The United States wants allies and industry partners to work alongside it in cyberspace to confront the most significant threats, a senior White House cyber official said Thursday in a discussion opening the Munich Cyber Security Conference. National Cyber Director Sean Cairncross, who is leading a U.S. delegation including representatives from nearly every branch of government, said Washington is looking to deepen cooperation with partners rather than act alone. He echoed a line coined by Secretary of State Marco Rubio, saying the U.S. “America first” approach does not mean “America alone.” – US wants cyber partnerships to send ‘coordinated, strategic message’ to adversaries | The Record from Recorded Future News
(Danny Palmer – Infosecurity Magazine) Over 260,000 Google Chrome users have downloaded fake AI assistants designed to deliver malicious browser extensions which can steal login credentials, monitor emails and enable remote access by attackers. Over 30 Google Chrome extensions designed to deliver the phoney AI assistants have been identified by cybersecurity researchers at LayerX, who describe the campaign as a “single coordinated operation.”. “Notably, several of the extensions in this campaign were featured by the Chrome Web Store, increasing their perceived legitimacy and exposure,” they said. –Fake AI Assistants in Google Chrome Web Store Steal Passwords – Infosecurity Magazine
(Christelle Barnes – Infosecurity Magazine) For decades, Europe’s energy grid was centralized and analogue, powered by large, highly regulated plants. However, the rapid growth of solar and other renewables has created a decentralized, digital network of smaller sources, the majority of which lack the same security oversight. While large utility-scale solar plants of over 100MW are typically subject to stricter rules, the majority of European solar power coming from Utility scale plants is from sites of less than 100MW. According to data analytics company Wood Mackenzie, half of that power comes from plants which produce less than 25MW each. The smaller the site, the less likely it is to fall under existing cybersecurity regulations. – Safeguarding Solar Energy Through Smarter Cybersecurity – Infosecurity Magazine
(Pierluigi Paganini – Security Affairs) Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks aimed at stealing AI intellectual property, which Google has detected and blocked. While APT groups have not breached frontier models, private firms and researchers have tried to clone proprietary systems. State-backed actors from North Korea, Iran, China, and Russia use AI for research, targeting, and phishing. Threat actors also test agentic AI, AI-powered malware like HONESTCUE, and underground “jailbreak” services. Threat actors now use large language models to craft polished, culturally accurate phishing messages that remove common red flags like poor grammar. They also run “rapport-building” phishing, holding realistic multi-step conversations to gain trust before delivering malware. – Google: state-backed hackers exploit Gemini AI for cyber recon and attacks
(Marcus Walsh – Cybernews) A survey has revealed that over 3 million social media posts featuring extremist content have been utilised to exploit German political thinking, across various channels on TikTok and Telegram. The survey by predictive narrative intelligence platform Repsense has analyzed 3.1 million pieces of content across TikTok and Telegram in Germany, aiming to detect coordinated narrative operations and information influence campaigns. Crucially, the researchers found that there is an optimum 12-48 hour window for the content to first appear on Telegram where the idea coordinates. Then the narrative spreads and peaks across channels on TikTok. 97% of the content analysed in the study appeared across both Telegram and TikTok, reinforcing the ideologies further. Some narratives originate in Russian-language Telegram channels, but it does not say these are state-directed or attribute them to the Kremlin or any other organization.Short-form videos often slip through the radar when it comes to robust defence planning in organizations such as NATO and EU institutions. – Millions of TikTok and Telegram posts are secretly manipulating Germans | Cybernews
(Ann-Marie Corvin – Cybernews) Red teamers warn that Discord’s push toward stricter safety controls is colliding with a familiar truth: when platforms build barriers, users look for ways around them, and attackers look for ways in. As Nic Adams, CEO of 0rcus, a specialist in non-attributable operations and offensive system design, warns: “Every platform adopting mandatory age verification is building a centralized identity honey pot. It’s not a question of if these systems get targeted again, but when.”. His comments follow Discord’s Monday announcement that it would begin rolling out “teen-by-default” settings in March, part of a global safety push that will require adults to prove their age to access sensitive content and adult-only spaces. – Discord age checks create “identity honey pot” as teens find bypasses | Cybernews
(Anton Mous – Cybernews) The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) are concerned that the Digital Omnibus goes far beyond a technical amendment of the General Data Protection Regulation (GDPR). Instead, the European supervisors feel it will affect individuals’ fundamental rights. In November 2025, the European Commission introduced the Digital Omnibus, a set of proposals to simplify the existing rules on AI, cybersecurity, and data protection. The executive branch of the EU intends to change the definition of personal data. The proposal allows the processing of special categories of personal data for verification purposes. It also stipulates that ‘legitimate interest’ should be a legal basis for developing and training AI models. – EU eyes rollback of key privacy rules, GDPR| Cybernews
(Anton Mous – Cybernews) Cybercriminals and state-sponsored hacking groups are increasingly using artificial intelligence to carry out cyberattacks or phishing campaigns. Google first reported that attackers were testing AI tools in real-world operations in late 2025. The latest Google Threat Intelligence report suggests that experimentation is continuing and maturing. According to Google’s Threat Intelligence Group (GTIG) and Google DeepMind, the use of AI hasn’t yet led to game-changing attacks or “breakthrough capabilities” that fundamentally alter the threat landscape. – Hackers upgrade with AI, Google warns | Cybernews
