Britain elevated its national terrorism threat level from “substantial” to “severe” following a stabbing attack on two Jewish men in the Golders Green area of London, which police have formally declared a terrorist incident. Prime Minister Keir Starmer called for a “more united nation” and signaled that some protest marches could face restrictions amid surging antisemitism. Jewish community organizations have begun hiring veterans from elite British military units, including former Royal Marines, to guard synagogues and schools across London. The threat elevation reflects assessments that both Islamist extremist and far-right networks pose heightened risk in the current environment.
The UK's Joint Terrorism Analysis Centre raised the national terrorism threat level from “substantial” to “severe” on April 30—the highest in four years — following an antisemitic stabbing attack in Golders Green, London. MI5 cited a rise in both Islamist and extreme right-wing terrorist threats as the driving factors. The U.S. Embassy in London subsequently issued a security alert advising American citizens to avoid schools, churches, and tourist locations, warning that a terrorist attack is "highly likely."
The U.S. Department of Justice unsealed an indictment against Xu Zewei, a Chinese national extradited from Italy, for his alleged role in the HAFNIUM/Silk Typhoon cyber espionage campaign. Xu is accused of conducting state-directed intrusions during 2020–2021 that exploited Microsoft Exchange Server zero-day vulnerabilities to steal COVID-19 vaccine research from American universities and research institutions. FBI Director Kash Patel described Xu as a PRC state-sponsored hacker operating under the direction of China's Ministry of State Security. The extradition is notable for its rarity — few PRC-linked cyber operatives have been successfully rendered to U.S. jurisdiction — and signals continued DOJ prioritization of countering Chinese cyber espionage. Xu faces up to 20 years in federal prison.
Germany formally attributed a months-long phishing campaign targeting Signal messenger accounts of cabinet ministers, military officials, and journalists to a Russian state-controlled cyber actor. Victims received fraudulent messages mimicking Signal support, prompting them to enter PINs or scan QR codes that granted attackers access to their accounts. Dutch intelligence services issued a parallel warning in March, describing a "large-scale global cyber campaign" by Russian state hackers targeting Signal and WhatsApp accounts of officials across allied nations. The operation represents an evolution in Russian targeting of encrypted communications infrastructure used by Western decision-makers.
Coordinated attacks by jihadist group JNIM and Tuareg separatist rebels struck military sites across Mali on April 25–26, including the main military base at Kati outside Bamako. Mali's Defense Minister Gen. Sadio Camara was killed in the assault, and armed groups seized towns and military installations in multiple regions. UN Secretary-General Guterres called for an international response to curb the spread of violent extremism in the Sahel. The scale of the offensive — penetrating the capital's perimeter — represents a significant escalation and raises questions about the Malian junta's capacity to maintain territorial control following the withdrawal of French and UN peacekeeping forces.
Ukrainian officials and researchers at Sensity have identified over 1,000 synthetic videos forming part of what they describe as a structured "narrative kill chain" — a modular disinformation system targeting Ukrainian soldiers, civilians, and Western audiences. The deepfakes depict frontline Ukrainian soldiers delivering fabricated "stories of hopelessness," blending authentic footage with AI-generated elements to erode morale and undermine trust in Ukraine's central command. The campaign represents a significant escalation in Russia's use of AI as a mass disinformation weapon, moving beyond isolated fakes toward industrialized, pipeline-driven influence operations.
The CogDef Brief discusses various cybersecurity incidents, including the disruption of a Russian DNS hijacking campaign by the DOJ, a North Korean supply chain attack on the Axios npm package, and critical vulnerabilities in Fortinet, alongside espionage activities and threats posed by an emerging Russia-China information alliance.