In collaboration with
Global news
(Al Arabiya/US, Iran) The United States and Iran traded air attacks on Thursday for a second straight day, with President Donald Trump vowing further strikes if Tehran does not immediately agree to a peace deal. The escalation in hostilities began earlier this week with the downing of a US Apache helicopter near the Strait of Hormuz, which sparked a series of tit-for-tat attacks across Iran and on US bases around the region. – US and Tehran trade attacks for a second day, Iran targets Jordan and Gulf states
(UN News/Migrants and Refugees) Global forced displacement has decreased for the first time in a decade, the UN refugee agency (UNHCR) reported on Thursday, though the figure remains unacceptably high and tens of millions of people are still trapped in prolonged exile with little prospect of rebuilding their lives. UNHCR’s flagship Global Trends Report, launched in Geneva by High Commissioner Barham Salih, showed that global refugee numbers fell by three per cent in 2025 to 41.6 million. Some 5.4 million people fled to other countries to escape violence and persecution during the year. – Refugee numbers drop for first time in a decade, but millions remain trapped | UN News
(UN News/War in Ukraine) As Russia’s full-scale invasion of Ukraine enters its fifth year, conditions in southern Ukraine have rapidly deteriorated. Maintaining humanitarian operations has become an increasingly complex balancing act between enabling aid delivery and managing risk. For Olga Scripovscaia, a field security coordination officer based in Odesa, each day starts with the same question: “what changed overnight?” After nights frequently interrupted by air alerts and coordinated attacks, mornings are spent reviewing incident reports, checking updates from local authorities and monitoring conditions across Odesa, Mykolaiv and Kherson, areas where humanitarian access can change within hours. “There is always something ongoing here,” she said. “Things are never quiet.” – ‘The day never stops’ for aid workers braving missiles and drones in Ukraine | UN News
(UN News/Sudan) Escalating attacks on bridges, roads and other civilian infrastructure in Sudan are disrupting humanitarian access and putting civilians at further risk, the United Nations said on Tuesday. The warning comes after overnight explosions reportedly struck the crucial Ardamata bridge in West Darfur state, as fighting continues between the Sudanese Armed Forces (SAF) and former allies the Rapid Support Forces (RSF). The two sides have been battling for control of the country since April 2023. The bridge links the city of El Geneina to areas near the border with neighbouring Chad. It is a vital route for commercial traffic and humanitarian supplies entering the Darfur region. – Sudan war: Drone attacks damage key aid routes | UN News
Tech world
(Danny Palmer – Infosecurity Magazine/Security & Surveillance) Cybersecurity software regularly fails to detect and prevent the cyber-attacks they are designed to protect organizations from, especially within the bowser layer, research by Menlo Security has warned. Published on June 9, Menlo Security’s 2026 Browser Threat Report found that one in five phishing attacks which target the enterprise browser users go completely undetected by the tools which are supposed to protect the network and its users from attacks. Based on platform telemetry across millions of active browser sessions in enterprise customer environments between January 1 and March 31 2026, the research warned that threat actors are gaining entry to enterprise environments through the browser session layer. – Security Software Fails to Detect Fifth of Brower Phishing Attacks – Infosecurity Magazine
(Phil Muncaster – Infosecurity Magazine/Security & Surveillance) Identity crime experts have warned of “multi-layered crises” after revealing that many victims dealt with two or more incidents over the past year. The findings come from US non-profit the Identity Theft Resource Center (ITRC), which analyzed data from over 6000 reports submitted to it between April 1 2025 and March 31 2026. Its 2026 Trends in Identity Report revealed that nearly 26% of victims managed two or more concurrent identity crime incidents, up from 24% the previous year. – Over a Quarter of Identity Crime Victims Hit by Multiple Incidents – Infosecurity Magazine
(Valerie Arko-Adjei – Infosecurity Magazine/Security & Surveillance) AI adoption is accelerating in the workplace, and organizations are rushing to implement AI governance policies. ChatGPT, Microsoft Copilot, and Claude are among the common tools employees use to summarize meetings, draft reports and emails, and speed up decision-making. The point of concern is whether employees are using these tools faster than security teams can establish oversight controls. The cybersecurity concern is valid. Proprietary and sensitive data is being uploaded to external, unauthorized AI tools, which can have detrimental effects, including financial and reputational damage. – Shadow AI Is Exposing the Same Failures Teams Have Ignored For Years – Infosecurity Magazine
(DigWatch/Anthropic, Frontiers) Anthropic has launched Claude Fable 5, a new general-purpose AI model, alongside Claude Mythos 5, a more capable version reserved for selected cyber defence and infrastructure partners.The company described Fable 5 as its most capable generally available model to date, with strong performance across software engineering, knowledge work, vision and scientific research. Anthropic said the model’s advanced capabilities pose misuse risks, particularly in cybersecurity and research biology. – Claude Fable 5 and Claude Mythos 5 \ Anthropic
(DigWatch/Europe, Cyber Resilience Act, ENISA) The European Union Agency for Cybersecurity (ENISA) has published a report on Software Bill of Materials (SBOM) adoption, finding that the Cyber Resilience Act (CRA) is accelerating investment in software supply chain transparency across organisations. The report, titled ‘SBOM Adoption State of Play – 2026‘, analyses survey results gathered at the end of 2025. The survey examined how organisations of different sizes and across multiple sectors are approaching SBOM adoption in response to the Cyber Resilience Act. ENISA said the regulation is transforming SBOMs from a voluntary software supply chain security practice into a mandatory requirement for products with digital elements placed on the EU market. – SBOM Adoption State of Play – 2026 | ENISA
(DigWatch/AI, Gigafactories Poland, Europe) According to the Polish Press Agency, negotiations between the European Commission and EU member states on the development of AI gigafactories could conclude in June. The planned facilities are expected to be financed through the EU’s €20 billion InvestAI fund. – Poland signals progress on AI gigafactories and digital services tax | Digital Watch Observatory
(Pierluigi Paganini – Security Affairs/Security & Surveillance) Tchap, the encrypted messaging platform developed by the French government for its civil servants and made mandatory last year, was breached on June 7. ANSSI, France’s cybersecurity agency, detected the intrusion. The vector was straightforward: someone compromised a user account and used it to access the platform. No sophisticated technical exploit, just a stolen account. The attacker claimed responsibility over the weekend before the French Digital Affairs Directorate (DINUM) made any official announcement. They said they got in through a social engineering attack targeting the education shard, specifically matrix.agent.education.tchap.gouv.fr. Their own description of what they found is the more alarming part: they claim to have scraped nearly 650,000 messages, information on over 73,000 accounts, including email addresses and device metadata, and over 13.5GB of documents and media files. – France’s Government Messaging App Tchap Got Breached
(Pierluigi Paganini – Security Affairs/Security & Surveillance) CVE-2025-8088 is a path traversal flaw in WinRAR that lets an attacker write files outside the extraction directory using NTFS Alternate Data Streams. WinRAR fixed it in version 7.13 in July 2025. Nearly a year later, Trend Micro researchers published an analysis showing two separate Russia-linked APT groups, Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (UAC-0226), are still actively building new exploit samples and delivering fresh lure documents through it. The patch exists. The installations don’t have it. The mechanics of the flaw are worth understanding precisely. Victims receive a RAR archive, typically via spear-phishing email. They open it and see a decoy PDF, something that looks like a Ukrainian court summons, a Ministry of Defense registry, or a military equipment manifest designed to create urgency. In the background, with no warning and no additional user interaction, WinRAR silently writes hidden files to locations outside the extraction directory, including the Windows Startup folder. On the next login, those files execute automatically. – Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088
(Pierluigi Paganini – Security Affairs/Security & Surveillance) Security researcher Chaotic Eclipse, also known as Nightmare-Eclipse, has published a new proof-of-concept exploit for a RoguePlanet Microsoft Defender zero-day. The flaw relies on a race condition that can provide attackers with SYSTEM-level privileges, allowing them to execute code with the highest permissions. The exploit was successfully tested on fully updated Windows 10 and Windows 11 systems running the June 2026 Patch Tuesday updates, showing that patched systems may still be vulnerable. – Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows
(DigWatch/Cybercrime, Governance) The process of developing a supplementary protocol to the UN Convention against Cybercrime has begun, with early state submissions already showing competing views over its scope and timing. The Ad Hoc Committee Secretariat invited preliminary written inputs on the possible scope, objectives and structure of a draft protocol supplementary to the Convention, also known as the ‘Hanoi Convention’. The mandate follows UN General Assembly resolution 79/243, which asked the Committee to negotiate a draft protocol addressing, among other issues, additional criminal offences. – UN Cybercrime Convention Protocol talks reveal competing visions | Digital Watch Observatory
(DigWatch/AI, Governance) The UK government will develop and test AI legal assistants as part of a broader set of technology initiatives aimed at reducing court delays and improving the efficiency of the justice system. The Ministry of Justice said the tools will support routine casework, including research and case analysis, before any possible use in the Crown Court. The AI legal assistants will be developed in collaboration with legal professionals and AI developers, with initial testing taking place in controlled environments. The government said the trials will help establish standards for the safe and ethical use of AI in legal settings and ensure any future systems meet the expectations of judges and legal practitioners before wider deployment. – AI tech ambition to deliver smarter justice for victims – GOV.UK
(DigWatch/AI, Security & Surveillance) Cybersecurity researchers have demonstrated an AI-powered computer worm capable of identifying vulnerabilities, generating attack strategies and spreading autonomously across networks. The study suggests that advances in AI agents could enable a new class of adaptive cyber threats capable of operating with minimal or no direct human intervention. The research, conducted by teams from the University of Toronto, Vector Institute, University of Cambridge, and ServiceNow, describes malware that uses large language models to tailor its behaviour to each target. Unlike traditional worms, the system can adapt its attack methods in real time instead of relying solely on pre-programmed exploits. – AI Agents Enable Adaptive Computer Worms
(DigWatch/AI, Frontiers) Apple has unveiled the next generation of Apple Intelligence at WWDC26, introducing a significantly upgraded Siri designed to provide deeper personal context awareness, broader app integration and more advanced conversational capabilities. The new assistant can search across messages, emails and photos, answer questions about on-screen content and access web information to provide more up-to-date responses while maintaining Apple’s privacy-focused approach. – Apple unveils next generation of Apple Intelligence, Siri AI, and more – Apple
(DigWatch/AI, Frontiers) A Stanford Medicine pilot study has found that an AI-powered tool can help doctors prepare hospital discharge summaries while easing cognitive burden and reducing reported burnout. The in-house system, known as MedAgentBrief, was designed to condense complex patient histories into draft discharge summaries for physician review. Discharge summaries are essential for continuity of care, but can be time-consuming because doctors must summarise days or weeks of clinical information for outpatient providers. – AI could ease the burden of hospital discharge summaries
(DigWatch/AI, Defense) The Kenya Defence Forces (KDF) has completed the Service Members Basic Artificial Intelligence Course 01/26, a training programme aimed at strengthening AI capabilities among military personnel. The course concluded with a graduation ceremony at the National Military Command Centre in Nairobi. Delivered by the Defence Intelligence Academy in partnership with the Moran AI and Cyber Centre of Excellence and other technology partners, the programme provided participants with foundational knowledge of AI and emerging technologies. The course aimed to equip participants with practical skills relevant to increasingly data-driven security and defence environments. – CAPACITY DEVELOPMENT IN ARTIFICIAL INTELLIGENCE – Ministry of Defence – Kenya
