TODAY'S TOP 5
McCrary Institute for Cyber & Critical Infrastructure Security
Working to protect and advance U.S. interests in the areas of cyber and critical infrastructure security.
DoD SOFTWARE SPRINT: The Defense Department’s latest effort to obtain secure software kicked off a 90-day sprint to develop a framework and implementation plan under the Software Fast Track (SWFT) initiative, Federal News Network reports. Katie Arrington, who is performing the duties of the DoD chief information officer, officially launched the initiative in a much-anticipated memo signed on April 24. The Pentagon only made the memo public Monday. At the same time, the DoD CIO’s office released three requests for information (RFIs) under SWFT asking vendors for insights around tools, external assessments and how to best use automation and artificial intelligence to assist DoD-led risk assessment for expedited cybersecurity authorizations.
ENERGY CUTS: The White House’s 2026 budget proposal, released Friday, seeks to cut $19.3 billion from the Department of Energy’s budget by making deep reductions to Infrastructure Investment and Jobs Act funding and the Office of Energy Efficiency and Renewable Energy, Utility Dive reports. Under this budget, DOE’s funding would be reduced by 9.4% overall, though it proposes a 25% bump for the National Nuclear Security Administration. With NNSA funding excluded, DOE’s budget would be cut by a total of 18.2%. “The Budget maintains U.S. competitiveness in priority areas such as high-performance computing, artificial intelligence, quantum information science, fusion, and critical minerals,” the proposal says.
TRANSATLANTIC TECH CLASH: The tit-for-tat trade escalation between the United States and China has dominated news cycles. In the backdrop of rising U.S.-China tensions is another — and potentially just as profound — change occurring in the U.S.-EU relationship. The Europeans may increasingly distrust U.S. technology and may focus on “de-risking” not just from China but from the United States as well, states a CSIS analysis. The Trump administration’s aggressive attacks on European technology regulations and the cutoff of intelligence-sharing and weapons deliveries to Ukraine have led to fears in Europe that the United States could do something similar to it. Europe has suddenly become full of rumors that the United States could invoke a “kill switch” that would disable core military systems, including the Lockheed Martin F-35 fighter jet, or cut off intelligence-sharing and military sales to the bloc. Fears continue to mount in Europe that the United States could weaponize its technological dependencies, particularly if trade tensions spill over into the digital and tech domains. The role of digital connectivity in advancing national security priorities, waging war, and shaping the global information environment through large language models (LLMs) and very large online platforms (VLOPs) has thus moved to the forefront of geopolitics.
‘PROMOTE’ AND ‘PROTECT’ S&T STRATEGY: White House leadership is approaching U.S. global competitiveness in science and technology breakthroughs through a “promote” and “protect” strategy, Office of Science and Technology Policy Director Michael Kratsios said on Monday at the Milken Institute Global Conference in Los Angeles, Nextgov/FCW reports. Kratsios spotlit several policy items that are integral to the Trump administration’s push for U.S.-led tech dominance. To ensure the U.S. is leading in both the creation and adoption of critical technologies like artificial intelligence, quantum information sciences, nuclear energy and biotechnology, OSTP intends to use a “whole-of-government” approach.
REVOLUTIONARY FAR OVERHAUL: The Trump administration is moving quick on its promise to conduct a massive overhaul of the Federal Acquisition Regulation, a project being called Revolutionary FAR Overhaul, Nextgov/FCW reports. FAR is the subject of one of two executive orders President Trump signed in mid-April to reform how the federal government buys goods and services. In documents released Friday, the administration is proposing the elimination of significant portions of the FAR. What would remain are only those provisions required by law or are “essential to sound procurement.” The first set of changes focus on Part 1, which describes the federal acquisition regulation system; Part 34, which covers major system acquisitions; and Part 52, which covers solicitation provisions and contract clauses.
CYBER FOCUS PODCAST
Recorded at the RSA Conference in San Francisco, this special Cyber Focus episode brings together government, industry, and policy leaders for an insider look at the key takeaways from the biggest cybersecurity event of the year. Frank Cilluffo sits down with David Colberg, a longtime RSA leader and architect of the conference’s policy programming, to discuss how RSAC is shaping global cyber dialogue. Then a panel of McCrary Institute senior fellows — Katherine Hennessey, Matt Hayden, Alison King and Bob Kolasky — joins the conversation to reflect on major themes from agentic AI and offensive cyber to global cooperation and the CISA reorganization. Designed for Washington’s cyber policy community, this episode delivers a timely snapshot of the conversations driving national and international cybersecurity strategy.
SUBSCRIBE TO CYBER FOCUS: YouTube | Spotify | Apple Podcasts
CYBER AND CI UPDATES
ATTACKS AND INCIDENTS
Breaches
Kelly Benefits data breach impact grows to 400,000 individuals
An investigation showed that the attackers managed to exfiltrate personal information during a five-day period, including name, SSN, date of birth, tax ID number, health insurance and medical information, as well as financial account information. The company has been notifying impacted individuals, including on behalf of several affected customers such as Amergis, Beam Benefits, Beltway Companies, CareFirst, The Guardian Life Insurance Company of America, Intercon Truck of Baltimore, Publishers Circulation Fulfilment, Quantum Real Estate Management, and Transforming Lives. (SECURITYWEEK.COM)
DragonForce ransomware group claims attacks on UK retailers
The attacks began roughly two weeks ago, with M&S hit first. The retailer has suspended online purchases and is still struggling to bring all systems back to normal operations. A spokesperson for M&S refrained from sharing additional information on the incident. Both Co-op and Harrods confirmed being targeted last week. Harrods said hackers attempted to access its systems, and that it immediately took proactive measures, including restricting internet access at its sites. (SECURITYWEEK.COM)
Cryptocurrency
France hit with another crypto-kidnapping case
French media report that the kidnapped man, the father of an unnamed “crypto-millionaire,” was freed on Saturday after being abducted last Thursday in Paris. AFP reports that the criminals kidnapped the man by pushing him into a delivery van. Four men wearing ski masks carried out the abduction and allegedly cut off one of the man’s fingers, according to unconfirmed reports. Le Parisien claims that the kidnappers demanded a €5–7 million ransom for the victim, who, together with his son, reportedly owns a crypto marketing firm in Malta. (CYBERNEWS.COM)
Cybercrime
Treasury sanctions Burma warlord and militia tied to cyber scam operations
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned the Karen National Army (KNA), a militia group in Burma, as a transnational criminal organization, along with the group’s leader Saw Chit Thu, and his two sons, Saw Htoo Eh Moo and Saw Chit Chit, for their role in facilitating cyber scams that harm U.S. citizens, human trafficking, and cross-border smuggling. The KNA-controlled region, located on the Thai-Burmese border, is home to multiple cyber scam syndicates, and the KNA has benefitted from its connection to Burma’s military in its criminal operations. Although statistics vary, American victims of cyber scams like the ones emanating from Burma have collectively lost billions of dollars over the last three years. (TREASURY.GOV)
Education
Hackers launch ‘serious’ attacks against Georgia school district, New Mexico university
Multiple school districts and a university in New Mexico are currently suffering from cyberattacks causing operational issues for thousands of students. In a statement on Sunday, Georgia’s Coweta County School System said it experienced a cyberattack on Friday evening that will impact its 23,000 students across 29 K-12 schools. “Some school system network processes will be hampered in the coming days, and school system employees have been advised not to access desktop devices, while the matter is being investigated,” the school district said. (THERECORD.MEDIA)
Healthcare
Hack on infusion center software supplier affects 118,000
A Maine developer of software for medication infusion therapy is notifying more than 118,000 individuals that their information was potentially stolen in a hacking incident discovered in February. The company, Endue Software, is already facing at least five proposed federal class action lawsuits involving the data theft. Endue reported the incident to regulators on April 11. The company said it "learned" on Feb. 17 of potential unauthorized access to certain Endue systems. (HEALTHCAREINFOSECURITY.COM)
OPSEC
Phone app Mike Waltz was photographed using is investigating a hack
A phone app that Mike Waltz, President Donald Trump’s former national security adviser, apparently used to save his text messages has temporarily suspended its services as it investigates a cybersecurity incident, a spokesperson for the app’s parent company told CNN on Monday. TeleMessage, which makes software for preserving and organizing messages sent via Signal and other mobile apps, is responding to a “recent security incident” and has hired an external cybersecurity firm to help investigate, a spokesperson for Oregon-based digital communications firm Smarsh told CNN. (CNN.COM)
Phishing
Darcula PhaaS steals 884,000 credit cards via phishing texts
The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. The cyber heist was done over seven months between 2023 and 2024, so it does not reflect the total amount the cybercrime platform has helped to steal. These numbers come from coordinated research by investigators from NRK, Bayerischer Rundfunk, Le Monde, and Norwegian security firm Mnemonic, who identified 600 operators (cybercrime clients) and the platform's main creator and seller. (BLEEPINGCOMPUTER.COM)
Ransomware
Ransomware attacks fall in April amid ransomHub outage
Ransomware attacks declined significantly in April, partly as a result of the RansomHub gang experiencing infrastructure outages, according to a new analysis by Comparitech. The consumer awareness company logged a total of 479 ransomware attacks throughout the month. This marked a notable drop compared to the first three months of 2025 in which Comparitech recorded 530 in January, 973 in February and 713 in March. Of the 479 logged attacks, 39 were confirmed by the targeted entity, such as through data breach notifications or press releases. (INFOSECURITY-MAGAZINE.COM)
New ‘bring your own installer’ EDR bypass used in ransomware attack
A new "Bring Your Own Installer" EDR bypass technique is exploited in attacks to bypass SentinelOne's tamper protection feature, allowing threat actors to disable endpoint detection and response (EDR) agents to install the Babuk ransomware. This technique exploits a gap in the agent upgrade process that allows the threat actors to terminate running EDR agents, leaving devices unprotected. The attack was discovered by John Ailes and Tim Mashni of Aon's Stroz Friedberg Incident Response team during an engagement with a customer who suffered a ransomware attack earlier this year. (BLEEPINGCOMPUTER.COM)
Transportation
Anonymous hacks GlobalX, Trump airline of choice for ICE deportations
Referring to Trump as a “fascist,” Anonymous left a lengthy message on the landing page of a GlobalX subdomain on Monday protesting the removal of “alleged members of a Venezuelan gang.” GlobalX was the airline carrier hired by the US government to transport about 130 Venezuelan migrants to El Salvador on March 15. “You lose again Donnie,” the hacktivists wrote, referring to a May 1st ruling by a US federal judge declaring the reasoning behind the deportations illegal. (CYBERNEWS.COM)
THREATS
Communications
Hackers selling SS7 0-day exploit on dark web for $5,000
A newly discovered dark web listing claims to sell a critical SS7 protocol exploit for $5,000, raising alarms about global telecom security. The seller, operating under the alias “GatewayPhantom,” is marketing the 0-day vulnerability as a tool for SMS interception, real-time phone tracking, and location monitoring. Signaling System No. 7 (SS7) is a 1975 telecommunications protocol still used globally to route calls and texts between networks. (GBHACKERS.COM)
Critical infrastructure
Stronger flood standards coming for new hospitals, schools, apartments
Many new hospitals, schools, apartment buildings and other structures would be built with extra flood protection under a major revision to an international building code approved Friday. A nonprofit that writes model building codes widely used in the U.S. took a step toward requiring that some newly built structures are constructed well above local flood level — and expanding the areas where elevation is required. “This is transformative,” said Oregon State University engineering professor Daniel Cox, who led an expert panel that wrote and proposed the new flood standards. “It’s going to change how we mitigate floods in the U.S.” (EENEWS.COM)
DDoS
DDoS attackers are pouncing on unpatched vulnerabilities
IoT manufacturers are failing to help prevent DDoS attacks by fixing known vulnerabilities, allowing criminals to launch years-long campaigns. Unpatched or poorly secured devices, purpose-built to keep costs down, allowed attackers to launch over 27,000 botnet-driven DDoS attacks during March alone. New figures from NetScout reveal that service providers were hit with an average of one attack every two minutes. Overall, there were around 880 confirmed DDoS attacks per day, peaking on March 10 with more than 1,600 incidents. (ITPRO.COM)
MORE: Germany most targeted country in Q1 2025 DDoS attacks (HACKREAD.COM)
Malware
RansomHub taps SocGholish: WebDAV and SCF exploits fuel credential heists
SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish to compromise networks through fake browser updates and JavaScript-based attacks on vulnerable CMS platforms like WordPress. (GBHACKERS.COM)
Phishing
Luna Moth extortion hackers pose as IT help desks to breach U.S. firms
The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States. According to EclecticIQ researcher Arda Büyükkaya, the ultimate goal of these attacks is data theft and extortion. Luna Moth, known internally as Silent Ransom Group, are threat actors who previously conducted BazarCall campaigns as a way to gain initial access to corporate networks for Ryuk, and later, Conti ransomware attacks. (BLEEPINGCOMPUTER.COM)
Ransomware
RomCom RAT targets UK organizations through compromised customer feedback portals
The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu, has been targeting UK companies in the retail, hospitality, and critical national infrastructure (CNI) sectors in a recently discovered cyber espionage and profit-driven operation called “Operation Deceptive Prospect.” Active since at least 2022, RomCom has a history of blending espionage with cybercrime, often focusing on governmental and military entities, particularly those linked to Ukrainian affairs and NATO. (GBHACKERS.COM)
Gunra ransomware’s double‑extortion playbook and global impact
Gunra Ransomware has surfaced as a formidable threat in April 2025, targeting Windows systems across industries such as real estate, pharmaceuticals, and manufacturing. As reported by CYFIRMA, this ransomware employs a sophisticated double-extortion strategy, encrypting victims’ data while exfiltrating sensitive information to coerce payments. With documented attacks in Japan, Egypt, Panama, Italy, and Argentina, Gunra’s global reach underscores its potential to disrupt business operations on a massive scale. (GBHACKERS.COM)
Vulnerabilities
Security researchers warn a widely used open source tool poses a ‘persistent' risk to the U.S.
The open source software easyjson is used by the US government and American companies. But its ties to Russia’s VK, whose CEO has been sanctioned, have researchers sounding the alarm. Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, the son of one of Vladimir Putin’s top aides and the CEO of VK Group, which runs VK, Russia’s Facebook equivalent that has increasingly shifted toward the regime’s repressive positioning. (WIRED.COM)
Google addresses one actively exploited vulnerability in May’s Android security update
Google addressed 47 vulnerabilities affecting Android devices in its May security update, including an actively exploited software defect that was first disclosed in March. Google said the high-severity vulnerability, CVE-2025-27363, “may be under limited, targeted exploitation.” The out-of-bounds write defect in FreeType versions 2.13.0 and below may result in arbitrary code execution, Facebook said in March when it disclosed the vulnerability in a security advisory acting in its capacity as a CVE numbering authority. The vulnerability has a base score of 8.1 on the CVSS scale and is still awaiting further assessment by the National Institute of Standards and Technology’s National Vulnerability Database program. (CYBERSCOOP.COM)
Microsoft finds default Kubernetes Helm charts can expose data
Microsoft warns about the security risks posed by default configurations in Kubernetes deployments, particularly those using out-of-the-box Helm charts, which could publicly expose sensitive data. In many cases, those Helm charts required no authentication, left exploitable ports open, and used weak or hardcoded passwords that were trivial to break. A report published by security researchers Michael Katchinskiy and Yossi Weizman of Microsoft Defender for Cloud Research highlights three cases as examples of a broader security issue that puts Kubernetes workloads at risk. (BLEEPINGCOMPUTER.COM)
ADVERSARIES
Iran
Iran unveils its latest ballistic missile as Netanyahu warns Houthis’ ‘patron’
The Iranian armed forces have unveiled what officials called an upgraded ballistic missile with claimed extended range of 1,200 km (750 miles), semi-official news agency Tasnim reported. Tasnim said that the missile, an extended range version of its Martyr Hajj Qassem, uses solid fuel and has a modified warhead that enables it to maneuver to “penetrate the air defense missile systems” and is equipped with “an advanced navigation system that allows it to hit targets precisely and counter electronic warfare.” (BREAKINGDEFENSE.COM)
Russia
Russian hackers target Romanian state websites on election day
A Russian-linked hacktivist group known as NoName057(16) claimed responsibility for cyberattacks on several Romanian websites over the weekend, as voters headed to the polls to elect a new president. Among the targets of the distributed denial-of-service (DDoS) attacks were the official websites of the Ministry of Foreign Affairs, the Romanian government, the Constitutional Court and several presidential candidates. Romania’s National Directorate for Cyber Security (DNSC) confirmed the attacks, saying the affected websites had been restored. DDoS attacks typically flood targeted sites with traffic, making them unreachable. (THERECORD.MEDIA)
Ukraine detains alleged FSB agent recruited via TikTok for spying on military
Ukraine’s security service (SBU) detained a woman accused of spying for Russia after allegedly being recruited through TikTok, the agency said on Monday. The 43-year-old woman, a local employee of a coal mining company in the Ukrainian Donetsk region, was reportedly tasked with identifying and photographing the positions of Ukrainian forces near the front-line town of Pokrovsk — currently one of the most active combat zones. According to the SBU, intelligence officers with Russia’s Federal Security Service (FSB) noticed the woman’s TikTok livestreams and later recruited her. She allegedly switched to secure messaging platforms to communicate with the FSB. (THERECORD.MEDIA)
Azerbaijan blames Russian state hackers for cyberattacks on local media
Azerbaijani officials claimed that the Russian state-sponsored hacker group APT29 was behind a cyberattack on several local media outlets earlier this year. The likely motive, according to Ramid Namazov, head of the Azerbaijani parliament's commission on countering hybrid threats, was retaliation for the closure of the Russian House state-funded cultural center in Baku and significant staff cuts at the Azerbaijani branch of Sputnik radio. In February, the Azerbaijani government ordered the closure of the Russian House, citing its lack of legal registration and violations of national legislation. (THERECORD.MEDIA)
GOVERNMENT AND INDUSTRY
Artificial intelligence
AI domination: RSAC 2025 social media roundup
Last week, RSAC 2025 took place in San Francisco, drawing thousands of cybersecurity experts and vendors from across the world. Dark Reading met with a variety of professionals and worked with them to pilot a series of videos where they shared with us their thoughts on the conference this year: their general insights, what they were most looking forward to, and what they found rewarding. To reflect on the past week, we share their responses below, which, perhaps unsurprisingly, focused in large part on the AI-in-security phenomenon. (DARKREADING.COM)
MORE: What Magic Johnson and Bruce Schneier taught us at RSAC 2025 (SCWORLD.COM)
Small businesses falling behind in AI-powered cyber defenses
A new study of small and medium-sized businesses (SMBs) by CrowdStrike found that only 11% of SMBs surveyed have adopted AI-powered defenses. According to the May 5 research, the smallest businesses are falling behind: Among SMBs with fewer than 50 employees, only 47% report having a security plan in place, and more than half allocate less than 1% of their annual budget to cybersecurity. “SMBs are increasingly aware of the cyber risks they face, but remain vulnerable to modern threats,” said Lisa Campbell, vice president of SMB at CrowdStrike. (SCWORLD.COM)
Waymo ramps up robotaxi production at new Arizona factory
Waymo has played coy for years about exactly how many Jaguar I-Pace EVs are in its autonomous fleet — a figure that covers vehicles used in testing and commercial robotaxi operations. On Monday, the Alphabet company finally provided a peek at the commercial side of the fleet. Waymo said Monday, as part of a larger announcement, that it has more than 1,500 commercial robotaxis in operation. And work is underway to expand it through a multi-million-dollar investment with Magna to build more than 2,000 autonomous I-Pace vehicles at a new factory in Arizona. (TECHCRUNCH.COM)
ALSO: Uber and WeRide set their robotaxi sights on 15 more cities (TECHCRUNCH.COM)
CIOs are battling to temper expectations as enterprises ramp up AI adoption
More than one-third (39%) of UK technology leaders believe their board has unrealistic expectations over the potential of generative AI tools, according to new research. An IDC InfoBrief, commissioned by Expereo, found most organizations are pinning their hopes on AI to drive business growth, with 88% of tech leaders believing the technology will help them meet business priorities within the next 12 months. Yet despite this optimism, many tech leaders are aiming to temper expectations and prevent botched implementation projects. (ITPRO.COM)
Contracting
Federal cost cutting leads cyber contractors to rework ties with government
On the sidelines of last week’s RSAC Conference, cybersecurity practitioners said the Trump administration’s broad cost-cutting push is pressuring government contractors to rethink how they deliver their cybersecurity services to agencies with diminished budgets. The Department of Government Efficiency’s federal reduction plans have targeted swaths of agencies who have budgeted for digital defense tools like antivirus or endpoint detection software. Parallel efforts led by senior administration officials have also targeted core security offices like the Cybersecurity and Infrastructure Security Agency, which recently ended some threat hunting contracts alongside the pursuit of broader workforce cuts. (NEXTGOV.COM)
Cryptocurrency
Arizona governor vetoes state bitcoin reserve
Arizona Gov. Katie Hobbs on Friday vetoed legislation that would have placed as much as 10% of the state’s funds in cryptocurrency. In a letter Friday to Warren Petersen, the Republican president of the Arizona Senate, Hobbs dismissed the idea. “The Arizona State Retirement System is one of the strongest in the nation because it makes sound and informed investments,” wrote Hobbs, a Democrat. “Arizonans’ retirement funds are not the place for the state to try untested investments like virtual currencу.” (STATESCOOP.COM)
Drones
Defense Innovation Unit launches solicitation for Replicator 2.0, new prize challenge for cUAS
The Defense Innovation Unit and US Northern Command introduced two new opportunities today for industry to bring forward capabilities for counter-unmanned aerial systems (cUAS). DIU, in partnership with both NORTHCOM and the Joint Counter-small UAS Office (JCO), announced a solicitation for low collateral defense (LCD) capabilities that will “scale across the joint force” and integrate into current small cUAS programs of record, DIU wrote in a press release. The agency added that the LCDs will contribute to the second iteration of the DoD’s sprawling Replicator effort. (BREAKINGDEFENSE.COM)
Healthcare
People struggle to get useful health advice from chatbots, study finds
With long waiting lists and rising costs in overburdened healthcare systems, many people are turning to AI-powered chatbots like ChatGPT for medical self-diagnosis. About one in six American adults already use chatbots for health advice at least monthly, according to one recent survey. But placing too much trust in chatbots’ outputs can be risky, in part because people struggle to know what information to give chatbots for the best possible health recommendations, according to a recent Oxford-led study. (TECHCRUNCH.COM)
Leadership
SpaceX alum tapped as Interior CIO
About a month after the department moved to dismiss several top executives at the Interior Department following their objections to giving the Department of Government Efficiency access to a federal personnel and payroll system, the Interior Department has tapped a SpaceX alum, Paul McInerny, to lead the department’s technology. The new chief information officer worked at billionaire Elon Musk’s SpaceX for several years, most recently as a senior manager for software automation tools, a role he left in 2020 to work at a lawn care startup, according to his LinkedIn and previous media coverage. McInerny has never worked in the government before. (NEXTGOV.COM)
Maryland names former federal agency CISO as state’s new cyber chief
Maryland’s technology department on Monday announced it’s hired James Saunders, a former federal technology official, to serve as its new chief information security officer. Saunders, who started as acting CISO on Monday and will become the state’s permanent cybersecurity chief after a Senate confirmation, most recently served as deputy chief information officer of the Office of Personnel Management. He also spent nearly three years as OPM’s CISO and nearly three years in various security roles at the Small Business Administration, including one year as its CISO. (STATESCOOP.COM)
Space
SpaceX pushed ‘sniper’ theory with the feds far more than is publicly known
The dramatic loss of the Falcon 9 rocket and its Amos-6 satellite, captured on video by a commercial photographer, came at a pivotal moment for SpaceX and the broader commercial space industry. It was SpaceX's second rocket failure in a little more than a year, and it occurred as NASA was betting heavily on the company to carry its astronauts to orbit. SpaceX was not the behemoth it is today, a company valued at $350 billion. It remained vulnerable to the vicissitudes of the launch industry. This violent failure shook everyone, from the engineers in Florida to satellite launch customers to the suits at NASA headquarters in Washington, DC. (ARSTECHNICA.COM)
LEGISLATIVE UPDATES
Stablecoins bill faces hurdle after Democrats withdraw support
Senate Democratic defections from a bipartisan stablecoins bill could become a procedural hurdle as Republicans try to bring the measure to the floor, possibly as early as this week. Four Democrats on the Senate Banking Committee who voted on March 13 to approve legislation that would facilitate issuance of stablecoins — digital currencies pegged to a reserve asset, in this case, the U.S. dollar — said over the weekend they wouldn’t vote for a revised bill released on May 1. They joined five other Democrats in a statement saying the revisions hadn’t gone far enough. Sen. Bill Hagerty (R-Tenn.), the lead sponsor of the bill, called the Democrats’ change of heart a political stunt. (ROLLCALL.COM)
HEARINGS
DHS: The House Appropriations Subcommittee on Homeland Security will hold an oversight hearing for the Department of Homeland Security on May 6.
CHINA: The House Homeland Security Subcommittee on Transportation and Maritime Security will hold a May 6 hearing on Beijing’s air, space and maritime surveillance from Cuba.
SPACE: The House Appropriations Subcommittee on Defense will hold a U.S. Air Force and Space Force oversight hearing on May 6.
COUNTERTERRORISM: The House Foreign Affairs Subcommittee on the Middle East and North Africa will hold a May 6 hearing to assess the effectiveness of the State Department’s Bureau of Counterterrorism.
SCIENCE AND TECH: The House Armed Services Subcommittee on Cyber, Information Technologies, and Innovation will hold a May 6 hearing on science, technology and innovation posture.
AI ARMS RACE: The House Judiciary Subcommittee on Courts, Intellectual Property, Artificial Intelligence and the Internet will hold a May 7 hearing on trade secrets and the global AI arms race.
FBI: The House Appropriations Subcommittee on Commerce, Justice, Science and Related Agencies will hold a May 7 hearing to review the FBI’s FY 2026 budget request.
CISA: The House Appropriations Subcommittee on Homeland Security will hold an oversight hearing for the Cybersecurity and Infrastructure Security Agency on May 8.
DHS: On May 8, the Senate Appropriations Subcommittee on Homeland Security will hold a hearing to review the Department of Homeland Security’s FY 2026 budget request.
AI POSTURE: The House Armed Services Subcommittee on Cyber, Information Technologies and Innovation will hold a May 8 hearing on information technology and artificial intelligence posture at the Department of Defense.
FBI: The Senate Appropriations Subcommittee on Commerce, Justice, Science and Related Agencies will hold a May 8 hearing to review the FBI’s FY 2026 budget request.
DHS: On May 14, the House Homeland Security Committee will hold a hearing to review the Department of Homeland Security’s FY 2026 budget request.
EVENTS
CRITICAL MINERALS: China’s near monopolistic control of many critical minerals, which are essential for both for consumer products and defense production, represents an unacceptable risk to the national security countries reliant on these minerals at a time of heightened geopolitical tension. The CSIS Americas Program will host a May 6 event assessing the future of U.S.-Canada cooperation on critical minerals.
QUANTUM SUMMIT: Nextgov/FCW and Defense One will bring together top government leaders to discuss the state of quantum technology, the urgency of post-quantum cybersecurity and the strategies shaping federal adoption at the 2025 Quantum Summit on May 6.
AI TO FIGHT FRAUD: On May 7 the Center on Regulation and Markets at the Brookings Institution will convene a panel of leading experts from Block, JP Morgan Chase, and FinRegLab to discuss the potential for AI as a new weapon to fight fraud and scams.
GLOBAL SECURITY: Join CSIS on May 12 for a conversation about Strategic Trends 2025: Key Developments in Global Affairs, a new report by the Center for Security Studies (CSS) at ETH Zürich. This year’s volume features chapters on shifting Eurasian partnerships, conflicts in the Middle East, deepening Euro-Atlantic and Indo-Pacific cooperation, the securitization of digital capabilities, and the role of critical technologies in great power competition.
GLOBAL SECURITY FORUM: Join the CSIS Defense and Security Department at the 2025 Global Security Forum, "Strength through the Storm: Industry, Innovation, and the Future of U.S. Military Power,” on May 13. As CSIS's flagship annual security conference, the forum will convene leaders from the government, military, private sector, and think tank community to discuss the intersection of industry, innovation, and military power and how we harness sources of American strength to address our nation’s security challenges.
FOLLOW THE McCRARY INSTITUTE ON LINKEDIN | X | FACEBOOK
SUBSCRIBE TO THE CYBER FOCUS PODCAST: YOUTUBE | SPOTIFY | APPLE PODCASTS