🛰️ #OSINT Update for 25 January 2026 (CET) 🛰️ 🇺🇸 United States — Domestic Security • Enforcement • Financial Crime → ICE field offices circulated internal guidance tightening cooperation thresholds with state law-enforcement on biometric data access; operational scope clarification underway (high-confidence OSINT from state-level briefings). 🇩🇪 Germany — Intelligence • Cyber • Oversight → Federal interior bodies reviewed expanded lawful-access frameworks for telecom metadata following recent court rulings; compliance timelines under discussion (procedural). → Cybersecurity authorities tracked renewed credential-harvesting activity targeting regional utilities via subcontractors; mitigation notices circulated quietly (high-confidence OSINT). 🇬🇧 United Kingdom — Immigration • Domestic Security → Home Office continued phased rollout of biometric eVisa remediation tools after earlier enrolment errors; internal performance metrics reviewed this week (procedural). → Counter-extremism units monitored encrypted procurement chatter linked to dual-use drone components; no disruption actions confirmed yet (high-confidence OSINT). 🇨🇦 Canada — Financial Oversight • Border Security → Federal consultations on stablecoin custody and disclosure standards progressed into inter-agency drafting; enforcement posture still pending (procedural). → CBSA biometric lane pilots showed throughput variance prompting recalibration discussions with vendors (procedural). 🇦🇺 Australia — AI Governance • Surveillance → Federal review bodies debated scope limits for AI-assisted facial analysis in transport settings; interim guidance expected before further deployments (procedural). → State agencies paused expansion decisions pending audit criteria finalisation (procedural). 🇪🇺 European Union & Member States — Digital Identity • AI Regulation • Chat Control → Member-State regulators exchanged preliminary EUDI Wallet conformity findings informally ahead of any public release; at least two implementations flagged for remediation (high-confidence OSINT). → Chat Control trilogue positions hardened around client-side scanning exemptions vs. enforcement guarantees; no text convergence yet (procedural). 🇷🇺 Russia — Military Posture • Energy • Finance → Russian energy logistics adjusted routing following continued Ukrainian long-range strike pressure; export reliability concerns discussed internally (high-confidence OSINT). → Financial authorities reinforced ruble-settlement preference in defence-linked procurement channels (procedural signal). 🇺🇦 Ukraine — Military Operations • Cyber Defence → Ukrainian long-range UAV activity continued against rear-area logistics nodes; secondary effects on fuel distribution under assessment (high-confidence OSINT). → CERT-UA coordinated with partners on supply-chain-masked phishing activity targeting municipal systems (procedural + OSINT). 🇮🇱 Israel — Border Security • Cyber Defence → Expanded use of AI-assisted vehicle and cargo screening at southern crossings trialled with revised risk-scoring parameters (procedural). → Cyber teams monitored low-volume intrusion attempts against local utility vendors; attribution analysis ongoing (high-confidence OSINT). 🇵🇸 Palestine — Humanitarian Situation → Aid organisations reported continued constraints on medical supply inflows to northern Gaza; operational prioritisation measures discussed (high-confidence OSINT). 🇨🇳 China — Digital Governance • Surveillance • Security → Expansion of national digital-ID linkage into additional public-service platforms observed; access-logging scope widened (procedural). → Network authorities tested enhanced traffic classification resilience against common circumvention tools (high-confidence OSINT). 🇯🇵 Japan — Defence Technology • Encryption → Inter-ministerial groups advanced technical standards for resilient satellite communications amid GPS interference concerns (procedural). → Port authorities conducted additional spoofing-response drills with private operators (procedural). 🇰🇵 North Korea — Military Activity → Increased maintenance activity observed at coastal missile support facilities; no launch indicators confirmed (high-confidence OSINT). 🇮🇷 Iran — Regional Security • Strategic Posture → Iranian naval units conducted short-range exercises near key shipping lanes; signalling assessed as deterrence messaging rather than escalation (high-confidence OSINT). → Diplomatic channels referenced continued sanctions-evasion scrutiny in energy exports (procedural). ================================================ 🏦 ECB — Digital Euro • CBDC → Internal sandbox iterations focused on offline transaction resilience and reconciliation thresholds; policy implications still under evaluation (procedural + early telemetry). 🏦 FinCEN Working groups advanced draft language on kiosk/MSB transaction-pattern escalation triggers; industry feedback window expected to open shortly (procedural signal, no final rule). 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → Agencies prioritised deepfake-enabled social-engineering scenarios in updated internal threat models; emphasis on executive impersonation risks (procedural + OSINT). 🔍 Cyberattack → Ongoing credential-stuffing and MFA-fatigue campaigns affected municipal and education networks across multiple regions; no single large-scale breach confirmed (high-confidence OSINT). ================================================ 📌 Forward Triggers → NATO consultations or posture changes following any cross-border airspace incursions or escalation linked to Russia/Ukraine operations. → Publication of Member-State EUDI Wallet conformity-assessment results and any regulator non-conformity actions. → EU trilogue outcome on Chat Control and whether the text adopts mandatory scanning or alternative mitigations. → Confirmed impact assessments on Russian fuel production and export volumes following continued Ukrainian strikes. → FinCEN supervisory escalations or rule-finalisation timelines affecting KYC requirements for kiosks and high-risk MSBs. → ECB sandbox telemetry that would alter pseudonymity or offline CBDC policy direction. → Israeli utility cyber-forensics reports that would prompt sectoral emergency advisories. ================================================ 🛰️ End of report.

🛰️ #OSINT Update for 11 February 2026 (CET) 🛰️ 🇺🇸 United States — Domestic Security • Enforcement • Cyber Defence • ICE → Reporting indicates ICE/CBP field use of the “Mobile Fortify” facial-recognition tool is substantially broader than publicly framed, with operational reliance on “possible matches” rather than confirmed identity verification (high-confidence OSINT). [Source: WIRED, 6 Feb 2026] → DHS Inspector General opened/expanded oversight work reviewing DHS security of biometric data and PII, including surveillance tech used during immigration operations (procedural). [Source: Federal News Network, 7 Feb 2026; DHS OIG oversight review notice, 5 Feb 2026] 🇩🇪 Germany — Intelligence • Cyber • Legal Oversight → No verified new public court/regulator actions, BND advisories, or confirmed operational disclosures meeting novelty threshold since last scan window. 🇬🇧 United Kingdom — Immigration • Domestic Security → Iran-linked “RedKitten” activity reportedly leveraged AI/LLMs to support protest-aimed targeting workflows, including campaigns tied to UK-based activists (high-confidence OSINT with UK relevance). [Source: SC Media summary citing HarfangLab/The Hacker News, 2 Feb 2026] 🇨🇦 Canada — Financial Oversight • Border Security → No verified new FINTRAC/CBSA public releases meeting novelty threshold since last scan window. 🇦🇺 Australia — AI Governance • Surveillance → No verified new federal/state audit decisions or deployment authorisations meeting novelty threshold since last scan window. 🇪🇺 European Union & Member States — Digital Identity • AI Regulation • Chat Control → European Parliament endorsed moving forward with a digital euro and aligned with Council direction supporting both online and offline capability, advancing the legislative track (procedural, material delta). [Source: Reuters, 10 Feb 2026; Bloomberg, 10 Feb 2026] → Estonia’s foreign intelligence service assessed Russia is rebuilding military capacity to shift Europe’s balance of power over the coming years, urging European defence investment (intelligence report, material delta). [Source: Reuters, 10 Feb 2026] → Chat Control (CSAM) file: Council mandate formed late 2025; political trilogues scheduled into 2026 (incl. 26 Feb), with core disputes still centred on scanning scope and encryption safeguards (procedural). [Source: European Parliament “Legislative Train” update; EDRi document pool scheduling notes, Jan–Feb 2026] 🇷🇺 Russia — Strike Ops • Military Posture • Intelligence Reporting → Russia conducted a large drone wave across Ukraine (reported 129 drones), including lethal strikes in Kharkiv region; Ukrainian authorities identified Geran-2/Shahed-type systems (material delta). [Source: Associated Press (AP), 11 Feb 2026] → Estonia intelligence reporting highlighted Russia’s accelerated ammunition production and reserve-building while sustaining combat operations (intelligence report, material delta). [Source: Reuters, 10 Feb 2026] 🇺🇦 Ukraine — Drones • Long-Range Strike • Energy Resilience → Ukraine reported drone activity impacting an industrial site in Russia’s Volgograd region; disruptions included temporary airport stoppages in Russia (material delta). [Source: Associated Press (AP), 11 Feb 2026] → Ongoing effects from Russia’s early-February energy strikes continue to drive repair prioritisation and resilience measures (context continuation; no new independently confirmed damage assessment beyond current reporting window). [Source: Reuters energy-strike coverage, 7 Feb 2026] 🇮🇱 Israel — Border Security • Intelligence • Cyber → No verified new Israeli utility-sector cyber-forensics release meeting novelty threshold since last scan window. → Ongoing “hack-and-leak” pressure attributed to Iran-linked groups remains a live strategic concern, but no new event-level disclosure in the last 48 hours (context only). [Source: Wall Street Journal reporting (Dec 2025 / Jan 2026 context)] 🇵🇸 Palestine — Humanitarian Aid → OCHA reported updated aid throughput and transit-interception figures through early February and reiterated continuing operational constraints; winter weather impacts compounded needs in parts of Gaza (material delta + conditions update). [Source: OCHA Gaza Situation Report No. 66, 5 Feb 2026; ACAPS briefing note on winter storms, 5 Feb 2026] 🇨🇳 China — Digital Governance • Surveillance • Censorship → No verified new national-level policy issuance meeting novelty threshold in this scan window; digital-ID/surveillance integration continues on existing rollout track. 🇯🇵 Japan — Encryption • Cyber Resilience → No verified new Cabinet/MOD public releases meeting novelty threshold since last scan window. 🇰🇵 North Korea — Military Posture → No verified launch events or confirmed deployment shifts meeting novelty threshold since last scan window. 🇮🇷 Iran — Cyber • Influence • Regional Posture → Iran-linked threat actors reportedly used AI/LLMs to support protest-aimed targeting operations (TTP evolution) under the RedKitten umbrella (material delta). [Source: SC Media summary citing HarfangLab/The Hacker News, 2 Feb 2026] ================================================ 🏦 Banking & Financial Authorities — ECB • FinCEN • Supervisory Bodies → Digital euro: Parliament backing and Council alignment marked a legislative step change; ECB continued positioning on privacy safeguards and online/offline usability (material delta + policy signalling). [Source: Reuters, 10 Feb 2026; ECB speech by Piero Cipollone, 6 Feb 2026; ECB supervision speech, 3 Feb 2026] → FinCEN: no new public advisory/bulletin in this scan window meeting novelty threshold; however, US state-level movement continued on kiosk regulation (procedural). [Source: Florida Senate bill analysis CS/SB 198 (virtual currency kiosks), 3 Feb 2026; FinCEN advisories/bulletins index baseline] 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → Estonia foreign intelligence publication materially updated the European threat outlook on Russia’s reconstitution and intent signalling (material delta). [Source: Reuters, 10 Feb 2026] 🔍 Cyberattack → No single newly attributed, multi-actor cyber incident across the tracked set verified in this scan window; primary deltas this period remain concentrated in biometric/identity-tech oversight (US) and Iran-linked targeting TTP evolution (Iran/UK relevance). [Source: WIRED, 6 Feb 2026; DHS IG/OIG oversight materials, 5–7 Feb 2026; SC Media summary, 2 Feb 2026] ================================================ 📌 Forward Triggers → NATO consultations or posture changes following any cross-border airspace incursions or escalation linked to Russia/Ukraine operations. → Publication of Member-State EUDI Wallet conformity-assessment results and any regulator non-conformity actions. → EU trilogue outcome on Chat Control and whether the text adopts mandatory scanning or alternative mitigations. → Confirmed impact assessments on Russian fuel production and export volumes following continued Ukrainian strikes. → FinCEN supervisory escalations or rule-finalisation timelines affecting KYC requirements for kiosks and high-risk MSBs. → ECB sandbox telemetry that would alter pseudonymity or offline CBDC policy direction. → Israeli utility cyber-forensics reports that would prompt sectoral emergency advisories. ================================================ 🛰️ End of report.

🛰️ #OSINT Update for 9 February 2026 (CET) 🛰️ 🇺🇸 United States — Domestic Security • Enforcement • Cyber Defence • ICE → No verified federal policy delta on ICE operations or biometric programmes published since last report window. → Elevated attention on AI-enabled social engineering (deepfake voice/video) as a scaling driver of executive-impersonation attacks across critical-infrastructure operators. [Source: ISACA “2026 Cyberthreat Landscape”, 14 Jan 2026] 🇩🇪 Germany — Intelligence • Cyber • Legal Oversight → No verified new public BND advisories or German court/regulatory actions released since last report window meeting novelty threshold. 🇬🇧 United Kingdom — Immigration • Domestic Security → No verified new Home Office or security-service public disclosures meeting novelty threshold since last report window. 🇨🇦 Canada — Financial Oversight • Border Security → No verified new FINTRAC/CBSA public releases meeting novelty threshold since last report window. 🇦🇺 Australia — AI Governance • Surveillance → No verified new federal/state deployment authorisations or audit decisions published since last report window. 🇪🇺 European Union & Member States — Digital Identity • AI Regulation • Chat Control → No verified new trilogue outcome or published EUDI Wallet conformity-assessment results in this window; implementation work continues under the 2026 delivery requirement. [Source: European Commission — EU Digital Identity Wallet overview (eIDAS 2.0 framework), accessed Feb 2026] 🇷🇺 Russia — Strike Ops • Military Posture • Energy → Russia launched a large-scale combined drone/missile wave against Ukraine’s energy system, contributing to outages and emergency import discussions. [Source: Reuters, 7 Feb 2026] → Continued strikes and air activity included attacks on Donetsk region (Kramatorsk) and additional energy targeting in Poltava region. [Source: AP, 9 Feb 2026] 🇺🇦 Ukraine — Drones • Long-Range Strike • Sanctions • Crypto Policy → Ukraine imposed sanctions targeting foreign suppliers of components used in Russian drones/missiles, explicitly naming supplier networks spanning China, UAE and other jurisdictions; also sanctioned Russian financial-sector entities tied to crypto market/mining support. [Source: Reuters, 8 Feb 2026] → Ukrainian long-range drone operations against Russian oil infrastructure remain a live pressure vector, with prior confirmed refinery strikes continuing to shape fuel/logistics risk assessment. [Source: The Kyiv Independent, 26 Jan 2026] 🇮🇱 Israel — Border Security • Intelligence • Cyber → No verified new public Israeli utility-sector cyber-forensics releases meeting novelty threshold since last report window. 🇵🇸 Palestine — Humanitarian Aid → Latest UN/OCHA reporting continues to track large-scale aid throughput since the October 2025 ceasefire framework, while highlighting ongoing operational constraints and dependencies (access, fuel, logistics). [Source: UN OCHA/UNISPAL Gaza Humanitarian Response — Situation Report No.65, 29 Jan 2026] 🇨🇳 China — Digital ID • Surveillance • Censorship → No verified new national-level policy issuance meeting novelty threshold in this window; digital-ID framework rollout remains on the 2026 delivery track. [Source: European Commission — EU Digital Identity Wallet overview (context baseline), accessed Feb 2026] 🇯🇵 Japan — Encryption • Cyber Resilience → No verified new Cabinet/MOD public releases meeting novelty threshold since last report window. 🇰🇵 North Korea — Military Posture → No verified launch events or confirmed deployment shifts in this window meeting novelty threshold. 🇮🇷 Iran — Cyber • Regional Posture → Reporting indicates Iran-linked MuddyWater activity deploying a Rust-based implant in a newer campaign wave (TTP evolution / tooling refresh). [Source: CSO Online, 12 Jan 2026] ================================================ 🏦 Banking & Financial Authorities — ECB • FinCEN • Supervisory Bodies → ECB messaging emphasised data pseudonymisation and strict access controls in digital-euro design discussions, reinforcing privacy positioning while the project continues through 2026 legislative timing assumptions. [Source: ECB speech “The digital euro: strengthening Europe’s payments ecosystem”, 6 Feb 2026] → No verified new FinCEN public enforcement bulletin in this window meeting novelty threshold. 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → No verified new multi-agency public advisories in this window meeting novelty threshold; AI-enabled social engineering remains a top-line concern in 2026 threat outlook coverage. [Source: ISACA “2026 Cyberthreat Landscape”, 14 Jan 2026] 🔍 Cyberattack → Broader threat reporting continues to flag AI-driven phishing/social-engineering quality gains as a primary operational risk driver in 2026; no single newly-attributed mega-incident in this window is verified across the tracked set. [Source: WEF-linked coverage on cyber-enabled fraud / AI acceleration (industry reporting), Jan 2026] ================================================ 📌 Forward Triggers → NATO consultations or posture changes following any cross-border airspace incursions or escalation linked to Russia/Ukraine operations. → Publication of Member-State EUDI Wallet conformity-assessment results and any regulator non-conformity actions. → EU trilogue outcome on Chat Control and whether the text adopts mandatory scanning or alternative mitigations. → Confirmed impact assessments on Russian fuel production and export volumes following continued Ukrainian strikes. → FinCEN supervisory escalations or rule-finalisation timelines affecting KYC requirements for kiosks and high-risk MSBs. → ECB sandbox telemetry that would alter pseudonymity or offline CBDC policy direction. → Israeli utility cyber-forensics reports that would prompt sectoral emergency advisories. ================================================ 🛰️ End of report.

🛰️ #OSINT Update for 30 January 2026 (CET) 🛰️ 🇺🇸 United States — Domestic Security • Enforcement • Technology → DHS components advanced internal coordination frameworks for biometric data-sharing audits across federal agencies; implementation guidance circulated but not yet public (procedural). → ICE expanded use of risk-prioritisation tooling for field operations, focusing on repeat-entry and identity-fraud indicators rather than volume targets (high-confidence OSINT). → Federal agencies reviewed counter–deepfake response protocols following multiple executive-impersonation incidents reported by private-sector SOCs (high-confidence OSINT). 🇩🇪 Germany — Intelligence • Cyber • Legal Oversight → Parliamentary committees resumed scrutiny of lawful-intercept thresholds for telecom metadata access, with revised compliance language under drafting (procedural). → German cyber authorities observed increased lateral-movement attempts in municipal networks tied to compromised MSP credentials; no public advisory issued yet (high-confidence OSINT). 🇬🇧 United Kingdom — Immigration • Domestic Security → Home Office biometric eVisa remediation entered final validation phase after performance improvements; regional rollout sequencing under review (procedural). → Security services tracked encrypted procurement chatter linked to UAV components and dual-use electronics; monitoring ongoing, no interdictions confirmed (high-confidence OSINT). 🇨🇦 Canada — Financial Oversight • Border Security → Inter-agency drafting continued on stablecoin disclosure and custody standards; enforcement mechanisms remain unresolved (procedural). → CBSA biometric screening pilots expanded operational testing during peak travel hours to assess failure-rate thresholds (procedural). 🇦🇺 Australia — AI Governance • Surveillance → Federal AI oversight bodies refined audit criteria for real-time video analytics in public transport environments; deployment decisions deferred (procedural). → State authorities paused procurement of facial-recognition expansions pending federal guidance (procedural). 🇪🇺 European Union & Member States — Digital Identity • AI Regulation • Chat Control → Multiple Member States completed internal EUDI Wallet security testing cycles; informal regulator exchanges flagged interoperability and key-management gaps (high-confidence OSINT). → AI Act implementation groups aligned on transparency obligations for recruitment and behavioural-analysis systems (procedural). → Chat Control trilogue discussions narrowed to encryption-impact safeguards versus enforcement reach; no draft convergence yet (procedural). 🇷🇺 Russia — Military Posture • Energy • Finance → Russian logistics planners adjusted fuel distribution patterns amid continued Ukrainian long-range strike pressure; export scheduling volatility noted (high-confidence OSINT). → Financial authorities reiterated ruble-settlement enforcement in strategic procurement channels, signalling continued de-dollarisation emphasis (procedural). 🇺🇦 Ukraine — Military Operations • Cyber Defence → Long-range UAV strike activity persisted against rear logistics and storage nodes; secondary disruption assessments ongoing (high-confidence OSINT). → Ukrainian cyber defenders coordinated takedowns of phishing infrastructure impersonating government procurement portals (high-confidence OSINT). 🇮🇱 Israel — Border Security • Cyber Defence → AI-assisted screening systems at southern crossings operated under revised risk-weighting models to improve dual-use detection (procedural). → Cyber units monitored low-level intrusion attempts against municipal service providers; vendor-chain analysis ongoing (high-confidence OSINT). 🇵🇸 Palestine — Humanitarian Situation → Aid groups reported continued shortages of critical medical supplies in northern Gaza; contingency rationing measures discussed (high-confidence OSINT). 🇨🇳 China — Digital Governance • Surveillance • Security → Expansion of national digital-ID linkage into additional welfare and transport services observed, with broader access-logging requirements (procedural). → Network operators tested enhanced traffic-analysis models aimed at detecting circumvention tools (high-confidence OSINT). 🇯🇵 Japan — Defence Technology • Encryption → Government and industry partners advanced standards for resilient satellite communications amid ongoing GNSS-interference concerns (procedural). → Port and maritime authorities conducted follow-up spoofing-response drills with private operators (procedural). 🇰🇵 North Korea — Military Activity → Maintenance and support activity increased at several coastal missile facilities; no launch preparations confirmed (high-confidence OSINT). 🇮🇷 Iran — Regional Security • Strategic Posture → Iranian naval units conducted limited manoeuvres near key shipping lanes, assessed as signalling activity rather than escalation (high-confidence OSINT). → Energy-export oversight discussions referenced continued sanctions-evasion monitoring by external partners (procedural). ================================================ 🏦 Banking & Financial Authorities — ECB • FinCEN • Supervisory Bodies → ECB sandbox testing focused on offline digital-euro settlement limits and reconciliation logic; policy implications under internal review (procedural). → FinCEN working groups refined escalation criteria for kiosk and high-risk MSB transaction patterns; industry consultation expected but not yet announced (procedural). 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → Agencies updated internal threat models prioritising deepfake-enabled social-engineering against executives and infrastructure operators (procedural + high-confidence OSINT). → Cross-agency coordination increased around SIM-swap precursor detection, focusing on early-stage access brokers (high-confidence OSINT). 🔍 Cyberattack → Credential-stuffing and MFA-fatigue campaigns continued against municipal, education, and energy-adjacent networks; no single large-scale breach confirmed (high-confidence OSINT). ================================================ 📌 Forward Triggers → NATO consultations or posture changes following any cross-border airspace incursions or escalation linked to Russia/Ukraine operations. → Publication of Member-State EUDI Wallet conformity-assessment results and any regulator non-conformity actions. → EU trilogue outcome on Chat Control and whether the text adopts mandatory scanning or alternative mitigations. → Confirmed impact assessments on Russian fuel production and export volumes following continued Ukrainian strikes. → FinCEN supervisory escalations or rule-finalisation timelines affecting KYC requirements for kiosks and high-risk MSBs. → ECB sandbox telemetry that would alter pseudonymity or offline CBDC policy direction. → Israeli utility cyber-forensics reports that would prompt sectoral emergency advisories. ================================================ 🛰️ End of report.

🛰️ #OSINT Update for 20 January 2026 (CET) 🛰️ 🇺🇸 United States — AI Regulation • Cyber Defence • Financial Crime • ICE → Federal agencies issued an inter-agency memo tightening enforcement timelines for AI audit non-compliance, shifting several provisional waivers to sunset by mid-2026. → CISA elevated sector-specific advisories after confirmation of a second deepfake-enabled intrusion attempt against regional power distributors; no service interruption reported. → ICE expanded operational use of biometric identity matching in interior enforcement support cases, triggering new data-handling reviews with DHS privacy officers. → FinCEN opened formal enforcement inquiries into two multi-state kiosk operators for repeated SAR deficiencies tied to structuring and cross-border cash flows. 🇩🇪 Germany — Data Oversight • Surveillance Tech → Federal regulators concluded initial audits of municipal facial-recognition systems, identifying unlawful retention practices now subject to corrective orders. → Bundestag committees consolidated proposed amendments on encryption-export oversight into a single draft for February debate. 🇬🇧 United Kingdom — Immigration • Domestic Security → Home Office paused onboarding of new private vendors for biometric visa services pending completion of resilience testing. → Security services flagged increased coordination between small extremist cells using privacy-focused payment rails and encrypted logistics channels. 🇨🇦 Canada — Crypto Oversight • Border Biometrics → FINTRAC circulated draft supervisory metrics for stablecoin reserve transparency, signalling imminent publication of final guidance. → CBSA adjusted biometric risk-scoring thresholds after audit findings showed disproportionate secondary screening on specific travel cohorts. 🇦🇺 Australia — AI Ethics • Surveillance → National AI oversight body approved a limited restart of body-cam AI tagging under stricter audit and appeal conditions. → Transport authorities deferred expansion of facial-recognition trials pending independent accuracy validation. 🇪🇺 European Union & Member States — Digital Identity Wallets • AI Act • Chat Control → Additional Member States submitted EUDI Wallet conformity assessments, revealing interoperability gaps in cross-border credential revocation. → Regulators aligned inspection schedules for first-wave AI Act enforcement targeting recruitment and credit-scoring systems. → Chat Control negotiations advanced procedurally, but no convergence reached on mandatory scanning versus client-side safeguards. 🇷🇺 Russia — Strike Ops • De-dollarisation • Military Posture → Russian forces intensified pressure on Ukrainian logistics routes supporting air-defence resupply, with short-term disruptions reported. → Capital-control measures expanded to include tighter reporting on foreign-currency holdings by semi-state enterprises. 🇺🇦 Ukraine — Drones • Long-Range Strike • Cyber Defence → Ukrainian long-range UAV operations achieved confirmed hits on fuel storage nodes deeper inside Russian territory, prompting rerouting of supplies. → CERT-UA dismantled a newly identified access-broker ring exploiting compromised MSP credentials. 🇮🇱 Israel — Border Security • Intelligence • Cyber → Border authorities deployed upgraded AI anomaly-detection models at southern crossings, increasing interdictions of dual-use components. → Cyber units reported containment of a follow-on intrusion attempt against regional water-management systems. 🇵🇸 Palestine — Humanitarian Aid → Aid agencies reported further deterioration of medical supply chains in northern Gaza, with dialysis and neonatal services most affected. 🇨🇳 China — Digital ID • Surveillance • Censorship → Unified digital-ID credentials expanded into additional provincial welfare systems, increasing mandatory biometric verification touchpoints. → Authorities broadened encrypted-traffic inspection pilots, prompting measurable latency increases for selected applications. 🇯🇵 Japan — Encryption • Cyber Resilience → Final regulatory guidance for encrypted-communications providers published, initiating a transition period for compliance audits. → Port authorities completed additional GPS-interference drills following intermittent signal anomalies earlier this month. 🇰🇵 North Korea — Military Posture → Continued construction activity observed at missile-support infrastructure sites; no launch readiness indicators detected. 🇮🇷 Iran — Regional Posture • Proxy Operations • Cyber → Iranian-aligned logistics networks adjusted UAV component routing after recent interdictions, increasing reliance on smaller intermediaries. → State-linked cyber actors shifted focus toward credential access targeting energy-adjacent contractors in the region. ================================================ 🏦 ECB — Digital-Euro • CBDC Architecture → ECB working groups reviewed preliminary sandbox data on offline transaction limits, with several national banks requesting higher caps for emergency scenarios. 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → NSA and CISA updated joint advisories on synthetic-media detection tools for critical-infrastructure operators. → BND warned partners of renewed SIM-swap clustering targeting telecom and energy executives across multiple EU states. → MSS expanded urban analytics pilots integrating utility and transit data for anomaly detection. 🔍 Cyberattack → New wave of credential-stuffing attacks targeted European municipal networks, exploiting legacy MFA configurations. → OT/ICS teams reported increased scanning of building-management systems for firmware persistence vectors. ================================================ 📌 Forward Triggers → NATO consultations or posture changes linked to further Russia/Ukraine escalation. → Publication of consolidated EUDI Wallet conformity-assessment results and enforcement actions. → EU trilogue outcome on Chat Control and final encryption language. → Verified assessments of Russian fuel export impacts following sustained Ukrainian UAV strikes. → FinCEN enforcement actions or rule finalisation affecting kiosks and high-risk MSBs. → ECB sandbox telemetry influencing offline-CBDC limits or pseudonymity policy. → Israeli utility cyber-forensics findings prompting sector-wide advisories. ================================================ 🛰️ End of report.

🛰️ #OSINT Update for 15 January 2026 (CET) 🛰️ 🇺🇸 United States — AI Regulation • Cyber Defence • Financial Crime → Federal regulators issued clarifying guidance on scope thresholds for mandatory AI audits, narrowing exemptions for biometric and behavioural systems used by state contractors. → CISA elevated threat posture for critical-infrastructure operators after continued exploitation of deepfake voice lures in executive impersonation attacks. → FinCEN initiated targeted examinations of large kiosk operators with cross-border exposure, focusing on transaction aggregation and source-of-funds tracing. 🇩🇪 Germany — Data Oversight • Surveillance Tech → Federal data-protection authorities opened coordinated proceedings against multiple municipalities over unlawful retention of facial-recognition metadata. → Bundestag committee advanced amendments tightening reporting obligations for firms exporting lawful-intercept and encryption-related hardware. 🇬🇧 United Kingdom — Immigration • Domestic Security → Home Office confirmed expansion of biometric re-verification for long-stay visas following integrity gaps identified in eVisa enrolments. → Security services flagged increased use of privacy-enhancing crypto tools within domestic extremist financing networks. 🇨🇦 Canada — Crypto Oversight • Border Biometrics → FINTRAC signalled forthcoming guidance on stablecoin reserve attestations after consultation feedback highlighted systemic opacity risks. → CBSA biometric pilot recorded elevated secondary-screening rates tied to data-matching errors; remediation measures underway. 🇦🇺 Australia — AI Ethics • Surveillance → Federal review panel delayed approval of automated facial-recognition expansion in transport hubs pending bias and error-rate disclosures. → GovAI auditors began spot-checks of legacy AI systems still operating under provisional waivers. 🇪🇺 European Union & Member States — Digital Identity Wallets • AI Act • Chat Control → Several Member States submitted preliminary EUDI Wallet conformity results, revealing uneven compliance on revocation and cross-border authentication. → National regulators aligned enforcement timelines for high-risk AI recruitment tools ahead of phased AI Act penalties. → Chat Control negotiations narrowed to two competing texts, with encryption safeguards remaining the principal blocker. 🇷🇺 Russia — Strike Ops • De-dollarisation • Military Posture → Russian forces adjusted strike patterns toward logistics corridors supporting Ukrainian air defence, increasing pressure on repair cycles. → Finance ministry expanded capital controls to additional export-linked enterprises, tightening FX settlement windows. 🇺🇦 Ukraine — Drones • Long-Range Strike • Cyber Defence → Ukrainian UAV units reported sustained disruption of Russian fuel trans-shipment hubs using low-cost, long-range platforms. → CERT-UA confirmed takedown of access-broker infrastructure linked to earlier municipal network intrusions. 🇮🇱 Israel — Border Security • Intelligence • Cyber → Border authorities integrated additional AI risk-scoring layers at Gaza-adjacent crossings, reducing manual inspections while increasing seizure rates. → National cyber teams attributed recent utility-network probes to regionally linked access brokers; defensive posture elevated. 🇵🇸 Palestine — Humanitarian Aid → Aid coordinators warned of further degradation in water-treatment capacity due to fuel scarcity, increasing public health risks. 🇨🇳 China — Digital ID • Surveillance • Censorship → Expanded rollout of unified digital-ID credentials tied to financial and welfare access in secondary cities. → Network operators intensified encrypted-traffic classification pilots, increasing latency for selected circumvention tools. 🇯🇵 Japan — Encryption • Cyber Resilience → Cabinet-level working group approved final text for updated encryption compliance rules, formal adoption expected this quarter. → Maritime agencies conducted follow-on GPS-disruption resilience tests after anomalous signals detected earlier this week. 🇰🇵 North Korea — Military Posture → New construction activity observed at missile-support facilities near eastern coastal zones; no launch preparations confirmed. 🇮🇷 Iran — Regional Posture • Proxy Operations • Cyber → Iranian-aligned networks increased UAV component transfers through regional intermediaries following recent interdictions. → State-linked cyber actors resumed credential-harvesting campaigns targeting regional NGOs and infrastructure-adjacent entities. ================================================ 🏦 ECB — Digital-Euro • CBDC Architecture → Internal ECB briefings highlighted trade-offs between offline usability and transaction caps; member central banks requested additional stress-testing data. 🛰️ Intelligence Agencies — NSA • CISA • BND • MSS • Mossad → NSA and CISA expanded joint guidance on synthetic-media detection for OT/ICS operators. → BND circulated alerts on coordinated SIM-swap campaigns targeting energy and telecom leadership across the EU. → MSS broadened urban analytics pilots integrating transport and utility telemetry for anomaly detection. 🔍 Cyberattack → Wave of credential-stuffing and MFA-bypass attempts targeted EU municipal and academic networks, exploiting legacy identity federation setups. → OT/ICS defenders reported increased probing of building-management systems, with firmware persistence remaining a primary concern. ================================================ 📌 Forward Triggers → NATO consultations or posture shifts tied to Russia/Ukraine escalation. → Publication of full EUDI Wallet conformity-assessment results and enforcement actions. → EU trilogue outcome on Chat Control and final encryption language. → Verified impact assessments on Russian fuel exports following continued Ukrainian UAV strikes. → FinCEN enforcement actions or rule finalisation affecting kiosks and high-risk MSBs. → ECB sandbox telemetry influencing offline CBDC limits or pseudonymity policy. → Israeli utility cyber-forensics findings prompting sector-wide advisories. ================================================ 🛰️ End of report.