ClearSignal — Apr 29, 2026

Federal agencies face converging pressures from AI transformation, cybersecurity vulnerabilities, and supply chain threats that demand immediate action. Intelligence and defense organizations are racing to deploy AI capabilities while managing workforce concerns and operational risks, even as adversaries exploit critical Windows and open-source software vulnerabilities. Meanwhile, small defense manufacturers—over 70% of DoD's supplier base—face significant CMMC compliance gaps as enforcement deadlines approach, threatening supply chain continuity at a critical moment for defense readiness.

Top 3

The CMMC readiness gap: Why many small manufacturers are unprepared — Over 70% of DoD suppliers are small manufacturers discovering critical gaps in CMMC cybersecurity readiness as enforcement deadlines near. This represents an existential supply chain risk that could disrupt defense procurement and manufacturing continuity. Contractors should prioritize immediate CMMC assessment and remediation to maintain eligibility for DoD work. — federal-news-network
Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul — Intelligence agency officials identify workforce anxiety and safe deployment challenges as top AI transformation concerns, reflecting broader federal tensions between rapid innovation and operational risk. These human capital and security issues will determine whether agencies can successfully integrate AI at scale. Leaders must balance technology adoption with workforce development and risk management frameworks. — cyberscoop
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain — Attackers are conducting scaled supply chain attacks through malicious VS Code extensions on Open VSX that contain self-propagating malware disguised as legitimate tools. This attack vector threatens development environments across federal agencies and contractors who rely on open-source tooling. Organizations should immediately audit development tool supply chains and implement strict extension vetting procedures. — dark-reading

Policy & Regulatory

FTC: Americans lost over $2.1 billion to social media scams in 2025 — The FTC reported that Americans lost over $2.1 billion to social media scams in 2025, representing a significant increase since 2020. — bleeping-computer
U.S. companies hit with record fines for privacy in 2025 — U.S. companies are facing record privacy fines in 2025 driven by state laws like California’s privacy regulations, interstate enforcement partnerships, and increased scrutiny of AI and automation privacy impacts. — cyberscoop
Senators seek answers about hackers obtaining sensitive student data from ostensibly anonymous tip line — Senators Maggie Hassan and Jim Banks are investigating Navigate360 after hackers allegedly compromised its school safety tip line tool and obtained sensitive student data that was supposed to be anonymous. — cyberscoop
Tennessee becomes second state to ban cryptocurrency ATMs over scam concerns — Tennessee became the second U.S. state to ban cryptocurrency ATMs after officials observed overseas criminals using them to conduct government impersonation, tech support, romance, and pig butchering scams. — the-record
CISA orders feds to patch Windows flaw exploited as zero-day — CISA issued a directive ordering federal agencies to patch a Windows vulnerability actively exploited in zero-day attacks. — bleeping-computer
The CMMC readiness gap: Why many small manufacturers are unprepared — Small manufacturers comprising over 70% of DoD suppliers are discovering significant gaps in their CMMC (Cybersecurity Maturity Model Certification) readiness as enforcement deadlines approach. — federal-news-network
Pentagon formally requests name change to War Department, setting up fight with Dems — The Pentagon has formally requested to change its name to the War Department, planning to spend approximately $50 million in FY2026 to initiate the rebrand, which is expected to face Democratic opposition in Congress. — breaking-defense
UK lawmaker report warns AUKUS under threat from ‘shortcomings and failings’ — A UK parliamentary report warns that the AUKUS trilateral security partnership faces threats from various shortcomings, including Royal Navy Astute-class submarines being stretched to or beyond their operational limits. — breaking-defense

Agency & Mission Activity

Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul — Intelligence agency officials identify workforce anxiety over job displacement and the challenge of rapidly deploying AI tools safely as top concerns during AI transformation initiatives. — cyberscoop
USS Wasp sees five-year service life extension — The USS Wasp amphibious assault ship will receive a five-year service life extension, with plans to study similar extensions for other LHD-class vessels in the fleet. — breaking-defense
SOCOM adding AI, autonomy ‘at every level,’ commander says — SOCOM is integrating AI and autonomy capabilities across all organizational levels, with the commander highlighting the command’s agility in adopting disruptive technologies due to its smaller organizational structure. — defense-one

Technology Trends

Microsoft asks iPhone users to reauthenticate after Outlook outage — Microsoft resolved a widespread Outlook.com outage affecting users globally and is now requiring iPhone users to reauthenticate their Outlook and Hotmail accounts in the default Mail app. — bleeping-computer
Robinhood account creation flaw abused to send phishing emails — Threat actors exploited a flaw in Robinhood’s account creation process to inject phishing messages into legitimate emails, deceiving users about suspicious account activity. — bleeping-computer
GlassWorm malware attacks return via 73 OpenVSX “sleeper” extensions — The GlassWorm malware campaign has returned with 73 malicious ‘sleeper’ extensions targeting the OpenVSX ecosystem that activate after updates. — bleeping-computer
Medtronic confirms breach after hackers claim 9 million records theft — Medical device manufacturer Medtronic confirmed a data breach affecting certain corporate IT systems, with hackers claiming to have stolen 9 million records. — bleeping-computer
Chinese national extradited to US for pandemic-era Silk Typhoon attacks — Chinese national Xu Zewei has been extradited to the U.S. for allegedly conducting Silk Typhoon espionage attacks directed by Chinese intelligence services to steal COVID-19 research data and information on U.S. policy interests during the pandemic. — cyberscoop
BlackFile actively extorting data-theft victims in retail and hospitality sector — BlackFile ransomware group, linked to The Com, is actively extorting retail and hospitality victims through data theft and has escalated tactics to include swatting company executives to pressure ransom payments. — cyberscoop
How automated testing helps agencies meet DoD modernization requirements — Automated testing is helping agencies meet DoD modernization requirements by enabling faster development cycles and improved functionality compared to outdated manual testing strategies. — federal-news-network
Disinformation campaign targeted Tibetan parliament-in-exile elections — The Digital Forensic Research Lab identified a disinformation campaign targeting Tibetan parliament-in-exile elections as part of Spamouflage, a Beijing-linked influence network. — the-record
Navy’s MQ-25 Stingray carrier drone completes first test flight — The Navy’s MQ-25 Stingray carrier-based refueling drone completed its first test flight, taking off from Boeing’s facility in Illinois for approximately two hours. — breaking-defense
UNC6692 Combines Social Engineering, Malware, Cloud Abuse — Newly discovered threat actor UNC6692 is conducting a multipronged campaign using Microsoft Teams for social engineering, AWS S3 buckets for infrastructure, and custom ‘Snow’ malware. — dark-reading
Unpatched ‘PhantomRPC’ Flaw in Windows Enables Privilege Escalation — Security researcher identified the ‘PhantomRPC’ vulnerability in Windows Remote Procedure Call mechanism with five exploit paths enabling privilege escalation through an architectural weakness in handling unavailable service connections. The flaw remains unpatched. — dark-reading
GitHub fixes RCE flaw that gave access to millions of private repos — GitHub patched critical remote code execution vulnerability CVE-2026-3854 in early March that could have exposed millions of private repositories to attackers. — bleeping-computer
Broken VECT 2.0 ransomware acts as a data wiper for large files — VECT 2.0 ransomware contains a critical flaw in its encryption nonce handling that causes it to permanently destroy larger files instead of encrypting them, effectively operating as a wiper malware. — bleeping-computer
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw — Hackers are actively exploiting CVE-2026-42208, a critical pre-authentication SQL injection vulnerability in LiteLLM, an open-source large language model gateway, to target sensitive information. — bleeping-computer
Microsoft to deprecate legacy TLS in Exchange Online starting July — Microsoft will deprecate legacy TLS connections for POP and IMAP email clients in Exchange Online beginning July 2026, requiring agencies to upgrade to modern TLS versions. — bleeping-computer
Federal CIO cautious on Anthropic’s Mythos despite planned rollout — Federal CIO Greg Barbaccia expresses cautious optimism about Anthropic’s Mythos AI cybersecurity tool, noting that laboratory performance may differ significantly from real-world federal network conditions despite planned deployment. — cyberscoop
Cyber Command, NSA chief warns foreign adversaries likely to target midterms — Army Gen. Joshua Rudd, serving as Cyber Command and NSA chief, testified before lawmakers that forces are postured and ready to safeguard U.S. midterm elections against foreign adversary threats. — the-record
Ukrainian police detain hackers suspected of stealing thousands of Roblox accounts for resale — Ukrainian police detained hackers suspected of stealing thousands of Roblox gaming accounts containing valuable digital items and in-game currency from Ukrainian and foreign players for resale. — the-record
China-linked hackers led phishing campaigns targeting journalists and activists, researchers say — China-linked hackers conducted phishing campaigns targeting journalists and activists to steal credentials and enable follow-on operations in support of Chinese government interests, according to security researchers. — the-record
AI won’t fix the Pentagon’s audit problem — Celonis VP Aubrey Vaughan argues that AI cannot simply be applied over legacy systems to resolve the Pentagon’s ongoing financial audit challenges, which require fundamental process improvements. — federal-news-network
Unmanned vessels in the water at Sea Air Space 2026 — Unmanned maritime vessels were showcased in the water at the Sea Air Space 2026 conference in National Harbor, Maryland, highlighting ongoing Navy interest in autonomous surface and subsurface capabilities. — breaking-defense
Risky Business #835 — Why the Fast16 malware is badass — Cybersecurity podcast discusses Chinese firms stealing American AI technology, US sanctions on Cambodian officials linked to scam operations, and the emergence of quantum-safe ransomware, with special focus on the sophisticated Fast16 malware. — risky-business
Lotus Wiper Attack Targeted Venezuelan Energy Firms, Utilities — The Lotus Wiper malware targeted Venezuelan energy firms and utilities using sophisticated living-off-the-land techniques designed for widespread data destruction. — dark-reading
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures — North Korean threat group BlueNoroff is using AI-generated avatars, stolen victim videos, and fake Zoom calls to scale social engineering attacks targeting cryptocurrency executives with malware. — dark-reading
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later — Former NSA deputy director Chris Inglis reflects on organizational mistakes during the 2013 Snowden leaks and offers insights on insider threat detection, media disclosure management, and security culture for CISOs. — dark-reading
Feuding Ransomware Groups Leak Each Other’s Data — Ransomware groups 0APT and KryBit attacked each other, inadvertently leaking infrastructure and operational data that provides defenders with rare visibility into ransomware operations and tactics. — dark-reading
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain — Attackers are conducting a scaled supply chain attack by distributing malicious VS Code extensions through Open VSX that appear legitimate but contain self-propagating malware. — dark-reading

Procurement & Opportunities

Rheinmetall lands $1.2 billion German future soldier contract — Rheinmetall secured a $1.2 billion contract from Germany for future soldier systems, with the German Bundestag approving €1.3 billion total for the project with additional orders expected. — breaking-defense
Request for Information -AI Cyber Defense for Commercial Internet — US Special Operations Command (USSOCOM) issued a Request for Information for AI Cyber Defense for Commercial Internet with responses due May 28, 2026. Solicitation number H92403KC under NAICS 541519. — sam-gov
Cybersecurity Support Services NOI to SS — Washington Headquarters Services issued a Special Notice for Cybersecurity Support Services (solicitation BW020420261441) with responses due April 28, 2026. NAICS code 541519. — sam-gov
Siemens Support Renewal; POP: 07/01/2026 - 06/30/2027 — NASA Shared Services Center issued a Special Notice for Siemens Support Renewal covering period July 1, 2026 to June 30, 2027 (solicitation 80NSSC26931707Q) with responses due April 30, 2026. NAICS code 541519. — sam-gov
Notice of Intent to Award Sole Source - Siemens Altair Software — Air Force Research Laboratory issued Notice of Intent to Award Sole Source contract to Siemens for Altair Software with responses due May 11, 2026. NAICS code 541519. — sam-gov
Artificial Intelligence, Machine Learning, and Data Science (AI/ML/DS) Technical Support Services — Department of Homeland Security’s Science & Technology Acquisition Division issued a sources sought notice for AI/ML/DS Technical Support Services with responses due May 12, 2026. — sam-gov
USAC RFP: Enterprise Cybersecurity and Monitoring Services — Federal Communications Commission released a combined synopsis/solicitation for Enterprise Cybersecurity and Monitoring Services for USAC with responses due June 10, 2026. — sam-gov
Advanced Communications Experiment – Cross-border Autonomous Vehicle Session Persistence Experiment and Research — DHS Science & Technology issued a sources sought for Advanced Communications Experiment focused on cross-border autonomous vehicle session persistence research with responses due May 8, 2026. — sam-gov
Australia boosts army with HIMARS and more armored vehicles — Australia is investing $2.3 billion AUD in HIMARS rocket systems and additional armored vehicles to significantly enhance the Australian Army’s long-range strike capability. — breaking-defense
Army releases commercial solutions opening for rapid EW and signals intelligence capabilities — The Army has released a commercial solutions opening to rapidly acquire electronic warfare and signals intelligence capabilities, aiming to create a capability library that units can use to select systems matching their mission requirements. — breaking-defense
Cybersecurity Support Services NOI to SS — Washington Headquarters Services issued a Special Notice for Cybersecurity Support Services (solicitation BW020420261441) with responses due April 30, 2026. — sam-gov
Offensive Cyber Depot Operations & Sustainment — Air Force Life Cycle Management Center issued a Sources Sought for Offensive Cyber Depot Operations & Sustainment (FA8307-26-R-CW02) with responses due May 20, 2026. — sam-gov
ONR Mission Support Services — Office of Naval Research issued a Sources Sought for ONR Mission Support Services (N0001426RFI7001) with responses due May 20, 2026. — sam-gov

← Archive