--This letter addresses essential aspects of threat assessment by proposing intent-driven threat models that incorporate both capabilities and intents. We propose a holistic framework for cyber physical awareness (CPA) in space networks, pointing out that analyzing reliability and security separately can lead to overfitting on system-specific criteria. We structure our proposed framework in three main steps. First, we suggest an algorithm that extracts characteristic properties of the received signal to facilitate an intuitive understanding of potential threats. Second, we develop a multitask learning architecture where one task evaluates reliability-related capabilities while the other deciphers the underlying intentions of the signal. Finally, we propose an adaptable threat assessment that aligns with varying security and reliability requirements. The proposed framework enhances the robustness of threat detection and assessment, outperforming conventional sequential methods, and enables space networks with emerging intershell links to effectively address complex threat scenarios.

Former Arizona gubernatorial candidate Kari Lake weighs in as Democratic Gov. Katie Hobbs vetoes legislation limiting Chinese land ownership near U.S. military bases and strategic assets and warns how the move puts national security at risk. Texas has become the latest state to cement a ban on land and property purchases by individuals or entities from adversarial nations. Republican Gov. Greg Abbott signed Senate Bill 17 into law over the weekend, prohibiting countries identified as security threats in the intelligence community's 2025 Annual Threat Assessment, from acquiring "real property" in the state. The countries include China, Russia, Iran and North Korea, and the bill identified "real property" as agricultural land, commercial or industrial properties, residential properties and land used for mining or water use. Amid heightened global tensions, there has been an increased appetite for protecting foreign asset acquisitions in the United States.

State Armor founder and CEO Michael Lucci on CCP-linked researchers residing at American universities, national security threats from China and the need to block the subversion with legislation. National security and China experts are warning that Israel's attack on Iran is an example of why Beijing's efforts to purchase land and other assets within the United States need to be stopped immediately. After the initial attacks began on Friday, news reports began surfacing indicating that Israel had secretly built a drone base on Iranian soil that it used to launch its attacks. The operation was years in the making, one Israeli security official told the Jewish Chronicle, adding that weapons systems and soldiers had been smuggled into the country ahead of time. "Look at the ways Israel penetrated Iran for sabotage operations. Now look at the Chinese companies and assets permeating the US power grid (solar converters), local law enforcement (DJI drones), and social media (TikTok)," China policy expert Michael Sobolik wrote in a post on X. "The CCP is preparing to paralyze us in a crisis."

Current hardware security verification processes predominantly rely on manual threat modeling and test plan generation, which are labor-intensive, error-prone, and struggle to scale with increasing design complexity and evolving attack methodologies. To address these challenges, we propose ThreatLens, an LLM-driven multi-agent framework that automates security threat modeling and test plan generation for hardware security verification. ThreatLens integrates retrieval-augmented generation (RAG) to extract relevant security knowledge, LLM-powered reasoning for threat assessment, and interactive user feedback to ensure the generation of practical test plans. By automating these processes, the framework reduces the manual verification effort, enhances coverage, and ensures a structured, adaptable approach to security verification. We evaluated our framework on the NEORV32 SoC, demonstrating its capability to automate security verification through structured test plans and validating its effectiveness in real-world scenarios.

Continuous Integration/Continuous Deployment (CI/CD) is fundamental for advanced software development, supporting faster and more efficient delivery of code changes into cloud environments. However, security issues in the CI/CD pipeline remain challenging, and incidents (e.g., DDoS, Bot, Log4j, etc.) are happening over the cloud environments. While plenty of literature discusses static security testing and CI/CD practices, only a few deal with network traffic pattern analysis to detect different cyberattacks. This research aims to enhance CI/CD pipeline security by implementing anomaly detection through AI (Artificial Intelligence) support. The goal is to identify unusual behaviour or variations from network traffic patterns in pipeline and cloud platforms. The system shall integrate into the workflow to continuously monitor pipeline activities and cloud infrastructure. Additionally, it aims to explore adaptive response mechanisms to mitigate the detected anomalies or security threats. This research employed two popular network traffic datasets, CSE-CIC-IDS2018 and CSE-CIC-IDS2017. We implemented a combination of Convolution Neural Network(CNN) and Long Short-Term Memory (LSTM) to detect unusual traffic patterns. We achieved an accuracy of 98.69% and 98.30% and generated log files in different CI/CD pipeline stages that resemble the network anomalies affected to address security challenges in modern DevOps practices, contributing to advancing software security and reliability.

Chinese artificial intelligence firm DeepSeek is a "profound threat" to U.S. national security, a bipartisan House committee said Wednesday, urging Nvidia to hand over information on sales of chips that the startup may have used to develop its breakthrough chatbot model. The House Select Committee on China alleged in a report Wednesday that DeepSeek's ties to Chinese government interests "are significant," citing corporate filings obtained by the panel. Lawmakers claimed that DeepSeek's founder, Liang Wenfeng, controls the firm alongside the High-Flyer Quant hedge fund in an "integrated ecosystem" linked to state-linked hardware distributors and Chinese research institute Zhejiang Lab. "Although it presents itself as just another AI chatbot, offering users a way to generate text and answer questions, closer inspection reveals that the app siphons data back to the People's Republic of China (PRC), creates security vulnerabilities for its users, and relies on a model that covertly censors and manipulates information pursuant to Chinese law," the report states.

The Model Context Protocol (MCP) is a standardized interface designed to enable seamless interaction between AI models and external tools and resources, breaking down data silos and facilitating interoperability across diverse systems. This paper provides a comprehensive overview of MCP, focusing on its core components, workflow, and the lifecycle of MCP servers, which consists of three key phases: creation, operation, and update. We analyze the security and privacy risks associated with each phase and propose strategies to mitigate potential threats. The paper also examines the current MCP landscape, including its adoption by industry leaders and various use cases, as well as the tools and platforms supporting its integration. We explore future directions for MCP, highlighting the challenges and opportunities that will influence its adoption and evolution within the broader AI ecosystem. Finally, we offer recommendations for MCP stakeholders to ensure its secure and sustainable development as the AI landscape continues to evolve.

Cloud computing environments are increasingly vulnerable to security threats such as distributed denial-of-service (DDoS) attacks and SQL injection. Traditional security mechanisms, based on rule matching and feature recognition, struggle to adapt to evolving attack strategies. This paper proposes an adaptive security protection framework leveraging deep learning to construct a multi-layered defense architecture. The proposed system is evaluated in a real-world business environment, achieving a detection accuracy of 97.3%, an average response time of 18 ms, and an availability rate of 99.999%. Experimental results demonstrate that the proposed method significantly enhances detection accuracy, response efficiency, and resource utilization, offering a novel and effective approach to cloud computing security.

This week, government agencies in countries including South Korea and Australia have blocked access to Chinese artificial intelligence (AI) startup DeepSeek's new AI chatbot programme, mostly for government employees. Other countries, including the United States, have said they may also seek to block DeepSeek from government employees' mobile devices, according to media reports. All cite "security concerns" about the Chinese technology and a lack of clarity about how users' personal information is handled by the operator. Last month, DeepSeek made headlines after it caused share prices in US tech companies to plummet, after it claimed that its model would cost only a fraction of the money its competitors had spent on their own AI programmes to build. The news caused social media users to joke: "I can't believe ChatGPT lost its job to AI." Here's what we know about DeepSeek and why countries are banning it.

Artificial Intelligence (AI) agents have become increasingly prevalent in various applications, from virtual assistants to complex data analysis systems. However, their direct access to databases raises significant concerns regarding privacy and security. This paper examines these critical issues, focusing on the potential risks posed by unrestricted AI access to sensitive data. The rapid advancement of AI technologies has resulted in systems capable of processing vast amounts of data and generating human-like responses. While this progress has provided numerous benefits, it has also introduced new challenges in ensuring data privacy and security. AI agents with direct access to databases may inadvertently expose confidential information, or they may be exploited by malicious actors to access or manipulate sensitive data. Additionally, AI systems' ability to analyze large datasets increases the risk of unintended privacy violations, making them prime targets for attacks aimed at extracting or misusing data. This paper explores the current landscape of AI agent interactions with databases and analyzes the associated risks. It discusses the potential threats to privacy protection and data security as AI agents become more integrated into various applications.