Legal Considerations Related to the Anthropic “Export Controls Directive”
(Brian Egan – Just Security) On June 12, Anthropic announced that it was disabling access to two of its advanced artificial intelligence large language models, Claude Fable 5 and Mythos 5, after receiving an order from the U.S. government to suspend access to these models by any non-U.S. national. Anthropic described the order (which the U.S. government has not publicly disclosed) as an “export controls directive” that cites “national security authorities” as the basis for the suspension. Anthropic announced that the U.S. government’s concerns relate to reported methods for bypassing, or “jailbreaking,” the safety controls deployed by Anthropic to prevent misuse of its models for illicit activities. According to Anthropic, the particular vulnerabilities at issue are minor and are common to other AI models. – Legal Considerations Related to the Anthropic “Export Controls Directive”
Estonia to quarantine emails sent from Russian .ru domain before they reach government officials
(Daryna Antoniuk – The Record) Estonia will require additional security screening for emails sent from Russia’s .ru top-level domain before they reach government officials, according to the country’s minister of justice and digital affairs. The new measure will take effect on August 31, the anniversary of the withdrawal of Russian troops from Estonia following the collapse of the Soviet Union. It is intended to protect public institutions from cyber threats, Minister Liisa Pakosta said in a public speech quoted by local media. “Email addresses ending in .ru pose an elevated cyber risk. There is a serious danger that they are being used to break into personal databases,” she added. – Estonia to quarantine emails sent from Russian .ru domain before they reach government officials | The Record from Recorded Future News
Serverless Phishing Kit on GitHub Targets Mexican Banks
(Alessandro Mascellino – Infosecurity Magazine) A long-running phishing operation has been stealing banking credentials from customers of Mexican financial institutions without running any server infrastructure of its own, instead hiding inside trusted cloud platforms. New analysis from Group-IB detailed the campaign, which it called GitBait, and tied it to attacks on at least 12 financial institutions in Mexico over roughly three years. Instead of a dedicated backend, GitBait hosted its fake bank pages on GitHub Pages and funneled stolen logins through SheetBest, a legitimate service that writes data straight into Google Sheets, leaving little infrastructure to seize. Group-IB counted more than 100 GitHub-hosted domains tied to the campaign, each serving several phishing pages, and said it has reported all of them to GitHub. – Serverless Phishing Kit on GitHub Targets Mexican Banks – Infosecurity Magazine
Sensitive Enterprise Data Uploads to AI Models Double in a Year
(Danny Palmer – Infosecurity Magazine) The amount of sensitive enterprise data which employees uploaded to AI and machine learning applications has almost doubled in the last year, putting organizations at increased risk of data breaches and cyber espionage, a new report has warned. Published on June 17, the Zscaler 2026 AI Threat Report said that there has been a 93% year-over-year increase in employees transferring enterprise data to AI tools. Over half of these data transfers were driven by staff using two tools in particular: Grammarly (38%) and ChatGPT (21%). Other tools included OpenAI, Codium, GitHub Co-Pilot, Perplexity, Microsoft Co-Pilot, Google Gemini and Claude. According to Zscaler, a total of 18,033 TB of data was transferred to AI and machine learning applications during the last year. The report stated that this is roughly equivalent to 3.6 billion digital photos. – Sensitive Enterprise Data Uploads to AI Models Double in a Year – Infosecurity Magazine
AI Threats and Alert Fatigue Challenge Cybersecurity Teams
(Beth Maundrill – Infosecurity Magazine) A study conducted during Infosecurity Europe 2026 has found that AI-powered attacks at scale are the biggest security concern facing many cybersecurity professionals. The survey of 168 cybersecurity leaders across various sectors conducted by Filigran during the three-day event found 41% cited AI-powered attacks as a top challenge, double that of those who cited supply chain risk (21%) or unknown threats (21%). The research also asked what wastes most time within the security teams. Chasing false positives and low priority alerts the most common issue at 26%, suggesting significant proportion of time is spent validating findings. – AI Threats and Alert Fatigue Challenge Cybersecurity Teams – Infosecurity Magazine
Fifteen JetBrains Marketplace Plugins Found Stealing API Keys
(Phil Muncaster – Infosecurity Magazine) Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious plugins. Aikido Security found at least 15 integrated development environment (IDE) plugins on the JetBrains Marketplace which had slipped past security checks and have now been installed around 70,000 times. They apparently date back to October 2025, with the most recent plugins released in June 2026. – Fifteen JetBrains Marketplace Plugins Steal API Keys – Infosecurity Magazine
Frontier AI Models Point to a Shift Defenders Are Not Ready For
(Shlomo Kramer – Infosecurity Magazine) When Anthropic signalled the direction of travel with its Mythos model, it highlighted a structural change in how cyber-attacks will be created, scaled and executed. Enterprises are already deploying AI so fast than many security teams struggle to keep up. New tools are being embedded into workflows, connected to sensitive data and integrated across core systems. At the same time, frontier AI models, like mythos and GPT-5.5-cyber, are expanding what these systems can do, particularly in areas such as reasoning, automation and task execution. The combination has direct consequences for cybersecurity, because it allows both vulnerability discovery and attack execution to operate with far less human involvement, at a pace that can’t be matched by humans. The challenge for enterprises is not simply the volume of new vulnerabilities, but the operational burden of responding to them quickly enough, particularly in environments still dependent on distributed hardware and fragmented security infrastructure. – Frontier AI Models Point to a Shift Defenders Are Not Ready For – Infosecurity Magazine
Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS
(Phil Muncaster – Infosecurity Magazine) A lack of skilled staff is the top operational challenge faced by today’s security operations centers (SOCs), although practitioners and leaders have diverging perceptions of hiring needs, according to SANS Institute. The 2026 SANS SOC Survey was based on interviews with 444 IT and security professionals actively working in monitoring or security operations (SecOps) roles, plus an additional 69 CISOs and senior security executives. It found that 14% of practitioners cited staffing as their main challenge; the top-rated answer. However, over half (59%) of the “cyber leaders” interviewed claimed that management actually pays close attention to SOC hiring and retention needs. This contrasted with just a third (32%) of practitioners. – Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS – Infosecurity Magazine
EdTech Faces a Cybersecurity Crisis: Data Breaches Surge
(Pierluigi Paganini – Security Affairs) Resecurity (USA) warns the education technology (EdTech) sector has become a prime target for cybercriminals, as attacks against educational institutions and related platforms continue to escalate. Recent high-profile incidents, including attacks by groups such as ShinyHunters and FulcrumSec, highlight the vulnerability of educational organizations and the increasing sophistication of cyber extortion tactics. – EdTech Faces a Cybersecurity Crisis: Data Breaches Surge – Security Affairs
FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data
(Pierluigi Paganini – Security Affairs) On June 15, 2026, a data-theft extortion group calling itself FulcrumSec began leaking files from Novo Nordisk, the Danish maker of Ozempic and Wegovy, after the company refused a $25 million ransom demand. The attackers claimed access since March, opened a dialogue with Novo Nordisk on June 1, and started posting samples and a file tree once negotiations went nowhere. Novo Nordisk has confirmed unauthorized access to a limited number of internal IT systems and exposure of pseudonymized clinical-trial data, though it hasn’t validated the full scope of what FulcrumSec claims to have taken. “Novo Nordisk A/S recently identified an IT security incident involving unauthorised access to a limited number of internal IT systems.” reads the notice published by the company. “The incident included unauthorised access to certain personal data stored on the internal IT systems.” – FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data
China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints
(Pierluigi Paganini – Security Affairs) ESET researchers have found two previously undocumented Windows versions of SprySOCKS, a backdoor that the security community had until now treated as Linux-only. Trend Micro first documented the Linux variant in September 2023 and attributed it to Earth Lusca, a China-linked actor also tracked as Aquatic Panda, Charcoal Typhoon, and RedHotel, which has been active since at least 2021 and operated by a Chinese contractor named i-Soon. ESET researchers track the same cluster as FishMonger and place it under the broader Winnti umbrella. “ESET researchers have discovered two as-yet undocumented Windows variants of SprySOCKS, a previously Linux-only backdoor reportedly used by FishMonger” reads the report published by ESET. “The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS. Both come with a hardcoded C&C configuration and support communication over TCP, UDP, and WebSocket protocols.” – China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints – Security Affairs
UK deepens AI adoption in healthcare with new NHS funding
(DigWatch) According to UKAuthority, the UK government is investing nearly £30 million to expand the use of AI-powered diagnostic technologies across England’s National Health Service (NHS). The funding aims to accelerate diagnoses and improve patient care for millions of people. Under the programme, £20 million will be allocated to deploy AI-powered chest X-ray tools across every NHS trust in England by 2029. The technology is already used by around half of NHS trusts and has supported more than four million patients through faster lung cancer diagnosis or clearance – Government invests in AI cancer diagnosis | UKAuthority
South Korea launches AI-RAN project for 6G networks
(DigWatch) The Electronics and Telecommunications Research Institute (ETRI) has launched the AI-RAN Global Flagship Project, a multi-year research and development programme backed by an investment of 47 billion won (approximately $31.2 million). The initiative aims to develop AI native network technologies for the 6G era. The project will run until 2030 and brings together South Korea’s three largest mobile operators, SK Telecom, KT Corp and LG Uplus, alongside technology companies, universities and research institutions. The programme aims to integrate AI training and inference capabilities directly into next-generation network architecture. – South Korea’s ETRI launches AI-RAN initiative | TelecomTV
Thailand updates legal framework to modernise capital markets
(DigWatch) Thailand is advancing amendments to the Securities and Exchange Act to create a legal framework for electronic securities and support the digitalisation of its capital markets. The draft bill has passed its first reading in the House of Representatives, with a special committee appointed to review the details before the second and third readings. The proposal would allow securities to be issued, held, transferred and used as collateral in electronic form with legal effect. – Thailand amends securities law to support digital economy
Manchester tops UK AI city ranking for third consecutive year
(DigWatch) Manchester has ranked as the UK’s most AI-ready city outside London for the third consecutive year, according to the SAS AI Cities 2026 Index. The index, produced by data and AI company SAS, assesses cities using indicators including AI-related jobs, business activity, innovation funding, education opportunities and digital infrastructure. – Manchester retains UK’s top AI city crown for third year – Prolific North
Foxconn and Schneider Electric partner on AI data centre infrastructure
(DigWatch) Hon Hai Technology Group (Foxconn) has formed a strategic partnership with Schneider Electric to develop next-generation AI data centres and support the global expansion of AI infrastructure. The companies plan to develop a reference architecture for AI data centres focused on closed-loop energy optimisation, modular power and cooling systems, and standardised designs. They aim to create repeatable, high-performance ‘AI factory’ models that can be deployed at scale. – Taiwan’s Foxconn partners with Schneider Electric on AI data centers | Taiwan News
Vietnam targets digital economy at 30% of GDP by 2030
(DigWatch) Vietnam has approved a national programme to develop its digital economy and digital society from 2026 to 2030, setting a target for the digital economy’s value-added contribution to reach around 30% of GDP by the end of the decade. The programme aims to accelerate digital transformation across public services, businesses and society through digital platforms, data infrastructure, AI and wider adoption of digital services. – Vietnam targets digital economy at 30% of GDP by 2030 | Digital Watch Observatory
Trump’s AI export strategy runs into Trump’s export controls
(Ashley Gold – Axios) The Trump administration has made exporting American AI a key part of its plans for global AI dominance, but ad hoc policy decisions around the most advanced AI are threatening that effort. A flagship U.S. program designed to boost AI exports could be undermined by the very administration that created it. “The government’s willingness to arbitrarily and abruptly remove America’s best models from all foreign use shows that the strategy behind the AI Export Program is no longer relevant to decision makers in the U.S. government,” Dean Ball, a former AI adviser in the Trump administration, told Axios. The Trump administration slapped export controls on Anthropic’s newest model Fable 5 due to disagreements over whether it is safe for deployment, causing Anthropic to pull access to it entirely. – Trump’s AI export strategy runs into Trump’s export controls
In collaboration with
