ClearSignal — Apr 10, 2026

Defense and intelligence agencies are accelerating AI integration and commercial technology adoption to modernize capabilities, as evidenced by the CIA deploying AI agents and Space Force's $1.8B shift to commercial surveillance satellites. Meanwhile, cyber threats intensify across both nation-state and criminal fronts, with Iranian attacks targeting U.S. critical infrastructure, Russian GRU operations disrupted by FBI action, and new AI models demonstrating autonomous zero-day discovery capabilities. These developments underscore the dual imperative of technology modernization and enhanced cyber defense postures across the defense industrial base.

Top 3

CIA employees will get AI ‘coworkers’—and eventually run teams of AI agents, deputy says — The CIA’s deployment of AI ‘coworkers’ and first-ever AI-generated intelligence report signals a fundamental transformation in intelligence production and analysis across the IC. This shift will drive demand for AI infrastructure, secure data platforms, and specialized AI training capabilities throughout the defense and intelligence contractor base. Contractors should anticipate new requirements for AI-enabled analytical tools and integration services. — defense-one
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs — Iranian government-sponsored actors are actively targeting approximately 3,900 exposed devices across U.S. critical infrastructure including energy, water, and government facilities. This campaign against operational technology poses immediate risks to essential services and demonstrates adversaries’ focus on industrial control systems as attack vectors. The threat highlights urgent requirements for OT security solutions and infrastructure hardening across federal civilian agencies. — cyberscoop
Space Force slates $1.8B for commercial sats to replace GSSAP neighborhood watch birds — Space Force’s $1.8B Andromeda program represents a strategic pivot toward commercial space surveillance, selecting 14 firms to compete for replacing military GSSAP satellites through 2036. This multi-billion dollar opportunity validates the commercial space sector’s maturation and signals broader DoD willingness to leverage commercial alternatives for critical national security missions. Contractors should position for task order competitions opening new pathways into space domain awareness. — breaking-defense

Competitive Landscape

Italy set to remove Leonardo CEO, despite major growth — Italy is planning to remove Leonardo CEO Roberto Cingolani despite the company’s strong growth, just three weeks after he presented an ambitious 2026-2030 industrial plan. This leadership change could impact Leonardo’s strategic direction and partnerships. — breaking-defense

Policy & Regulatory

FCC proposes new rule to further crackdown on illegal robocalls — The FCC proposed a new rule requiring originating providers to gather and verify more customer information before allowing calls, with steeper penalties for failing to stop illegal robocalls. — the-record
China’s dual-use ambitions could severely threaten America’s force posture — Heritage Foundation analysts Brent Sadler and Allen Zhang argue in an op-ed that the Pentagon must expand monitoring beyond dual-use technology to include dual-use maritime infrastructure as China’s ambitions threaten US force posture. This highlights a potential policy gap in tracking Chinese port and maritime facility development with military applications. — breaking-defense
How the Iran conflict might change defense investments in the Gulf — Analysis explores how ongoing Iran conflict may reshape defense investment priorities and spending patterns across Gulf region countries. Features interview with SCOPA CEO discussing Middle East defense market implications. — breaking-defense
Appeals court rebuffs Anthropic in latest round of its AI battle with the Trump administration — A federal appeals court declined to block the Pentagon’s blacklisting of AI company Anthropic, allowing the Defense Department’s restrictions on the company to remain in effect. — federal-news-network

Agency & Mission Activity

Treasury Department announces crypto industry cyber threat sharing initiative — The Treasury Department launched a cyber threat sharing initiative offering eligible U.S. digital asset firms the same actionable cybersecurity information shared with traditional financial institutions at no cost. — the-record
How the Army is developing its C2 plans — Joseph Welch, the Army’s Principal Assistant for Acquisition (C5ISR), discussed the Army’s command and control (C2) development plans in an interview. This provides insights into Army acquisition priorities for communications and intelligence systems. — breaking-defense
CIA employees will get AI ‘coworkers’—and eventually run teams of AI agents, deputy says — CIA Deputy Director Michael Ellis announced that agency employees will receive AI ‘coworkers’ and eventually manage teams of AI agents, revealing the CIA recently used AI to generate an intelligence report for the first time. — defense-one

Technology Trends

Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs — Censys researchers warn that approximately 3,900 devices across U.S. critical infrastructure sectors including energy, water, and government facilities are exposed to ongoing Iranian government-sponsored cyberattacks. The campaign specifically targets industrial operational technology and puts essential services at risk. — cyberscoop
Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’ — FBI cyber chief Brett Leatherman disclosed details of a successful operation to disrupt APT28, a Russian GRU-linked threat actor, by taking down compromised routers that provided the attackers with extensive network access. The campaign was notable for its ability to propagate from routers deeper into target networks. — cyberscoop
Microsoft: Canadian employees targeted in payroll pirate attacks — A financially motivated threat actor designated Storm-2755 is conducting payroll pirate attacks against Canadian employees, hijacking their accounts to redirect salary payments. The attacks represent a new type of financially motivated cybercrime targeting payroll systems. — bleeping-computer
Google rolls out Gmail end-to-end encryption on mobile devices — Google has expanded Gmail end-to-end encryption (E2EE) capabilities to all Android and iOS mobile devices for enterprise users, enabling secure email composition and reading without requiring additional tools. This enhances data protection for government and enterprise communications on mobile platforms. — bleeping-computer
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities — A newly identified Lua-based malware called LucidRook is being deployed in targeted spear-phishing campaigns against non-governmental organizations and universities in Taiwan. The malware represents an emerging threat to academic and civil society institutions. — bleeping-computer
Healthcare IT solutions provider ChipSoft hit by ransomware attack — Dutch healthcare software vendor ChipSoft suffered a ransomware attack forcing the company to take offline its website and digital services for patients and healthcare providers. — bleeping-computer
Google Chrome adds infostealer protection against session cookie theft — Google rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows to block info-stealing malware from harvesting session cookies. — bleeping-computer
Dutch hospitals face disruptions after ransomware attack on software provider ChipSoft — A ransomware attack on ChipSoft has disrupted digital services used by hospitals and patients across the Netherlands, according to the national healthcare sector cybersecurity center. — the-record
Russia accuses former Radio Free Europe journalist of aiding cyberattacks for Ukraine — Russia’s FSB accused a former Radio Free Europe journalist of collaborating with Ukraine’s Security Service (SBU) by passing information through a Telegram channel about local media coverage of the war. This represents an espionage allegation related to cyber-enabled intelligence operations. — the-record
Cryptocurrency ATM giant Bitcoin Depot reports $3.6 million stolen in cyberattack — Bitcoin Depot reported to the SEC that a cyberattack resulted in $3.6 million in stolen digital assets after threat actors gained access to systems and compromised credentials for the company’s digital asset settlement accounts. This incident highlights ongoing cybersecurity risks in the cryptocurrency sector. — the-record
The Golden Dome’s missing layer: On-orbit logistics for a resilient missile defense — A sponsored article discusses the need for on-orbit servicing and logistics capabilities as a foundational element for sustaining resilient missile defense satellite constellations in space. This addresses operational sustainability for space-based defense systems. — breaking-defense
UK accuses Russia of covert submarine operation threatening undersea cables — UK Defense Secretary John Healey accused Russia of conducting covert submarine operations threatening undersea cables, tracking an Akula-class submarine and two GUGI surveillance submarines throughout their deployment. The operation highlights growing threats to critical undersea infrastructure that supports global communications. — breaking-defense
Russia’s ‘Fancy Bear’ APT Continues Its Global Onslaught — Russia’s Fancy Bear APT group continues widespread cyber operations globally, with experts emphasizing that basic patching and zero trust implementation are essential defenses regardless of technical sophistication gap. — dark-reading
‘BlueHammer’ Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues — Researcher using alias ‘Chaotic Eclipse’ publicly released proof-of-concept exploit for Windows zero-day vulnerability allowing local privilege escalation, citing dispute with Microsoft’s vulnerability disclosure process. — dark-reading
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands? — Anthropic released Mythos Preview AI model capable of autonomously discovering and exploiting critical zero-day vulnerabilities, with vendor implementing access controls to prevent misuse. — dark-reading
Do Ceasefires Slow Cyberattacks? History Suggests Not — Historical analysis questions whether Iranian-linked cyber threat actors will respect ceasefire agreements, as past conflicts show cyberattacks typically continue despite physical hostilities pauses. — dark-reading
Snake Oilers: Burp AI, Sondera and Truffle Security — Snake Oilers podcast features three security vendors: PortSwigger’s Burp AI and DAST tools, Sondera’s AI agent trajectory monitoring technology, and Truffle Security’s Trufflehog secret detection and remediation platform. — risky-business

Procurement & Opportunities

Space Force slates $1.8B for commercial sats to replace GSSAP neighborhood watch birds — Space Force has allocated $1.8B for the Andromeda program (formerly RG-XX) to replace GSSAP satellites with commercial alternatives, selecting 14 firms to compete for task orders through April 2036. This represents a shift toward commercial space surveillance capabilities for the service’s neighborhood watch mission. — breaking-defense
Israel to ramp up production of Arrow interceptors — Israel announced plans to increase production of Arrow interceptors amid ongoing regional tensions. The announcement preceded a fragile US-Iran ceasefire that has not prevented Israeli strikes in Lebanon. — breaking-defense
Navy selects Leidos, Defense Unicorns to test software prototypes for ships — The Navy selected Leidos and Defense Unicorns to test software prototypes for ships in a lab-based environment under an other transaction agreement. This award supports the Navy’s software modernization efforts for maritime platforms. — breaking-defense
N6600126R0002 - Cyberspace Science, Research, Engineering and Technology Integration Small Business Multiple Award Contract (MAC) — NIWC Pacific issued a solicitation for a Cyberspace Science, Research, Engineering and Technology Integration Small Business Multiple Award Contract (MAC) with responses due April 24, 2026. — sam-gov

← Archive