Two of the world’s most prolific state-linked cybercrime groups — Russia’s Gamaredon and North Korea’s Lazarus collective — have been spotted sharing resources, new research showed on Thursday. Experts at cybersecurity firm Gen Digital found overlapping tactics and shared infrastructure between the two groups. The discovery is “unprecedented,” said Director of Threat Intelligence at Gen Digital Michal Salat. “I don’t recall two countries working together on [Advanced Persistent Threat] attacks,” he said, referring to attacks that are sophisticated, long-term campaigns often conducted by nation-state actors. If confirmed, it would mark a new level of coordination between Moscow and Pyongyang. The Gamaredon cybercrime group is linked to Russia’s Federal Security Service and has aggressively targeted Ukrainian government networks since the start of the invasion in 2022, mostly for intelligence collection. Lazarus, a well-known North Korean threat group, conducts everything from espionage to financially motivated cybercrime. While tracking Gamaredon’s use of Telegram channels to share the servers controlling its malware, analysts discovered that one of those servers was also being used by Lazarus. One Gamaredon-run server was also found hosting a hidden version of malware linked to Lazarus. The file closely matched Lazarus’ typical tools. Nation-state hacking groups rarely host or distribute one another’s malware. Researchers believe the findings indicate the two groups are likely sharing systems, and could very well be cooperating directly. At a minimum, it shows that one group is deliberately imitating the other. Salat added that Gamaredon may be studying Lazarus’ methods, too. Lazarus is known for using fake job offers to trick victims and for stealing cryptocurrency, a key revenue source for North Korea, which is under heavy global sanctions. Moscow and Pyongyang have increased cooperation, including among their militaries, in previous years. Western security services believe Pyongyang has sent thousands of North Korean soldiers to Russia to support the war in Ukraine. Ukrainian authorities last month said North Korean troops were flying drones across the border, and Ukrainian military intelligence said last week North Korea would send thousands of workers to Russia to manufacture drones.

French prosecutors said Friday that foreign interference is behind a wave of apparently provocative acts — from stunts targeting Muslims to antisemitic graffiti — that have struck Paris in the last two years. Pig heads were found outside nine mosques on Tuesday, shocking the Paris region. “Several of the pig heads had the inscription ‘MACRON’ written in blue ink,” the prosecutor’s office said earlier this week. Prosecutors have not yet publicly named a state actor as being responsible for the various incidents, but the cases echo tactics previously attributed to Russian networks seeking to exploit social fractures in Europe. Foreign interference is “something we must take into account, and that we do take into account, since in making an assessment of this type of acts that have taken place in the Paris area since October 2023, we have nine cases,” Paris prosecutor Laure Beccuau told BFMTV on Friday. “It started with the blue Stars of David,” Beccuau said, referring to an incident that saw the symbols daubed on building walls in the French capitals’s 14th district in October 2023 — and was later linked to pro-Russian interference. “Then came the ‘red hands,’ then splashes of green paint,” she said about attacks that targeted the Paris Holocaust memorial in 2024 and 2025. Earlier this month, pro-Russian posters were discovered on several pillars of the Arc de Triomphe, showing the image of a soldier with the caption, “Say thank you to the victorious Soviet soldier.” Beccuau said investigators have identified similar patterns in the modus operandi of individuals of Eastern European origin arriving for a short period of time in France to carry out these acts. “Sometimes they take photos of what they have done, and send the photos beyond the borders to sponsors,” she said. “Some of the sponsors have been identified … so we are fully able to be convinced that these acts are operations of interference.” Since Russia’s full-scale invasion of Ukraine began in February 2022, French authorities have accused Moscow of spreading disinformation and orchestrating symbolic provocations designed to sow mistrust in institutions and deepen religious or political tensions. Clea Caulcutt contributed to this report.

Chancellor Friedrich Merz on Thursday called for stronger intelligence services that reflect Germany’s size and economic muscle at a time of heightened threats to Europe. “Rarely in the history of the Federal Republic has the security situation been so serious. The foundations of the European security architecture, which have enabled us to live in freedom, peace, and prosperity for decades, have become fragile,” Merz said at the inauguration of Martin Jäger as the new president of Germany’s Foreign Intelligence Service, the BND. “Given the responsibility we bear in Europe in view of our size and economic strength, it is therefore our goal to ensure that the BND performs at the very highest level in terms of intelligence,” he added. Germany’s security agencies have long depended on U.S. intelligence help to track terrorist threats, cyberattacks and espionage activities, while Europe now confronts a belligerent Russia and its allies. Jäger, 61, was appointed on Sept. 4 replacing long-serving chief Bruno Kahl. A seasoned diplomat, he previously represented Germany in Iraq and Afghanistan, and most recently served as ambassador to Ukraine. Since taking office months ago, Merz himself has become a primary target for Russian disinformation networks. Experts and intelligence officials link the campaigns, including fabricated stories, fake websites and AI-generated videos, to his outspoken support for Kyiv as it resists the Kremlin’s aggression. “In Germany, we are now fending off hybrid attacks against our infrastructure on a daily basis; acts of sabotage, espionage, disinformation campaigns,” Merz said during his speech on Thursday. He warned of “systemic rivals and adversaries” becoming “increasingly aggressive” in their tactics. “A paradigm shift in foreign and security policy” is necessary to overcome such threats, Merz said. “We have very, very good security agencies in Germany. But our sovereignty in Germany and in Europe depends not least on us becoming even better.”

BRUSSELS — The international world order is beyond repair and Europe should adapt to the law of the jungle — or else come up with new rules. That’s the bleak message the European Commission is set to give on Tuesday in a text detailing major challenges ahead. “We are witnessing the erosion of the international rules-based order,” several drafts of its annual Strategic Foresight Report, seen by POLITICO, say. Since taking office, U.S. President Donald Trump has consistently shown contempt for institutions like the United Nations by withdrawing funding or pulling out of key U.N. bodies like the UNHCR, its refugee agency, and UNESCO, which works in education and science. Trump’s global tariff threats have further undermined the authority of the World Trade Organization. The European Union’s executive will acknowledge that these institutions likely won’t recover from the breakdown of the global order. In fact, Europe should prepare for it not to come back. “A return to the previous status quo seems increasingly unlikely,” the draft warns. The EU could be particularly affected by this development. Key features of the bloc, such as its internal market, trade flows, international partnerships, and technical standards, all depend on a functioning multilateral system. “The instability and partial disfunction of the international order and the partial fracturing of global economies have a destabilising effect on the EU’s ability to act in the interest of its economy and the well-being of its people,” it adds. The final text of the report presented on Tuesday could still differ significantly from the drafts. EMBRACING CHANGE The Commission report aims to steer broader EU policies ranging from trade to technology, climate and other areas. It will call for Europe to be ready for the advent of artificial intelligence that matches human thinking; for regulation of technologies to dim the power of the sun; and to consider mining outer space and the deep sea for critical minerals. Instead of clinging to the old rules-based order, Europe should lead an international effort to reform it, the document will say. “The EU should actively and with a coherent approach shape the discussion about a new rule-based global order and a reform of multilateralism,” the draft reads, singling out the U.N. and the WTO, the Geneva-based trade club, as key institutions of focus. The bloc also shouldn’t shy away from forming “new alliances based on common interests,” it advises.

The Bulgarian government on Thursday reversed course as it clarified it had no evidence that Russia jammed GPS signals to European Commission President Ursula von der Leyen’s plane when it landed at a local airport on Sunday — despite initially making the claim itself.  On Thursday, Bulgarian Prime Minister Rosen Zhelyazkov told parliament that the Commission president’s plane had not been disrupted but had only experienced a partial signal interruption, the kind typically seen in densely populated areas.  “After checking the plane’s records, we saw that there was no indication of concern from the pilot. Five minutes the aircraft hovered in the waiting area, with the quality of the signal being good all the time,” he told lawmakers.  The prime minister had previously said the disturbance was due to unintended consequences of electronic warfare in the Ukrainian conflict.  Deputy Prime Minister and Transport Minister Grozdan Karadzhov, also denied there was evidence of disruption to the GPS signal of the Commission president’s flight.  “According to empirical data, according to the radio detection, the records of our agencies, civilian and military, there is not a single fact supporting the claim to silence the GPS signal that affected the plane,” Karadzhov told Bulgarian broadcaster bTV on Thursday.  On Monday, the Financial Times reported that a Commission-chartered plane on a tour of “front-line states” in Europe reportedly lost access to GPS signals while approaching Bulgaria’s Plovdiv airport. The correspondent who was on the plane wrote that the aircraft landed using paper maps and quoted an official saying it circled the airport for an hour. Brussels and Sofia were quick to blame Russia, calling it “blatant interference.”  The incident made headlines across Europe and prompted reactions from U.S. President Donald Trump, NATO’s Secretary-General Mark Rutte and other top officials. In past days, analysts have questioned the details of the incident, pointing to flight-tracking data revealing that the GPS signal was never lost and that the plane’s landing was only delayed by nine minutes. Public data also showed the same aircraft had experienced GPS jamming the day before over the Baltics — but not in Bulgaria. European Commission spokesperson Arianna Podestà on Thursday said the institution was informed by Bulgarian authorities of GPS jamming, echoing a press release shared by the country’s governent authorities on Monday. “We have never been speaking of the targeting ourselves and I was very clear in saying that we had no informationin this sense. But we are extremely well aware that this is a matter that occurs in our skies and in our seas on a constant manner since the start of the war and therefore this is why its important to tackle it together with our member states,” she told reporters at a briefing in Brussels.