Weekly Cybersecurity Digest [August, Week 5]
Posted on September 2, 2025
Dear Valued Clients,
Welcome to this week’s cybersecurity digest, curated by Make Sense to provide actionable insights into Europe’s rapidly evolving cyber landscape. This edition highlights how adversaries are exploiting artificial intelligence to power phishing campaigns, how European governments are tightening vendor and infrastructure policies, and how regulatory frameworks like the EU AI Act are reshaping compliance.
At Make Sense, we help enterprises not only stay informed, but also turn complex security signals into auditable defences and measurable resilience across Europe.
✅ Top Stories of the Week
i. Spain cancels €10m Huawei kit for national research network (RedIRIS)
Madrid terminated a €10 million contract with Huawei for academic network infrastructure, citing strategic autonomy and the importance of securing telecom supply chains. The decision marks a broader European trend of scrutinizing vendors linked to foreign state influence. Security analysts warn that public institutions must implement robust vendor risk management practices, ensuring that third-party access does not become an avenue for espionage or service disruption. [Read more via The Record]
ii. Multi-National Advisory Issues Warning on China-Linked Cyber Threats
On August 27, a coalition of nations, including Germany and the UK, jointly issued an advisory on escalating cyber threats tied to Chinese state-linked actors. The report highlights targeting of energy, telecom, and transport sectors across Europe, warning that campaigns are aimed at long-term persistence and intellectual property theft. The advisory stresses immediate patching, enhanced monitoring of supply chains, and prioritisation of critical asset defence. [Read more via CybersecurityDive]
iii. Suspected Ransomware at Miljödata Hits ~200 Swedish Municipalities
A suspected ransomware attack on HR software vendor Miljödata has disrupted systems for ~200 Swedish municipalities and regions handling sick leave and other HR data, CEO Erik Hallén said. Minister for Civil Defence Carl-Oskar Bohlin said the scope is unclear; CERT-SE is assisting. Miljödata is working with external experts; police are investigating as the government readies a tougher cybersecurity bill. [Read more via The Record]
✅ Industry Trends & Insights
EU AI Act Enforcement Now in Effect
The EU AI Act officially entered its enforcement phase on August 2, mandating transparency, ethical labelling, and strict risk management for General Purpose AI models. Non-compliance carries fines of up to 7% of global turnover. European boards are being urged to invest in compliance readiness, establish AI governance councils, and ensure supply chain partners follow aligned practices. [Read more via SC Media]
EU Launches €36M Cybersecurity Reserve Under Cyber Solidarity Act
On August 27, ENISA and the European Commission announced a €36 million Cybersecurity Reserve to rapidly assist EU Member States during major cyber incidents, strengthening collective resilience. This reserve enables rapid deployment of technical teams, digital forensics, and incident response coordination. Experts believe the initiative demonstrates Europe’s growing commitment to collective resilience and highlights the importance of cooperative frameworks in addressing cross-border cyber threats. [Read more via ENISA’s website]
✅ Regulatory & Policy Updates
EU to Enhance GPS Defence with New Satellites
Following a wave of GPS jamming incidents disrupting aviation and logistics, the EU has announced plans to deploy low-orbit satellites to counter jamming and spoofing attempts. This initiative is part of a broader civil infrastructure defence strategy and signals Europe’s determination to mitigate space-enabled cybersecurity threats. [Read more via Reuters]
Spanish AI Regulation Gaining Ground
Spain’s data protection and digital rights agencies are accelerating preparations to align with the EU AI Act. Authorities are focusing on governance structures and cross-sector oversight, ensuring local AI deployments meet both ethical and cybersecurity standards ahead of wider EU enforcement. [Read more via SC Media]
✅ Cyber IQ Challeng e + Proactive Security Hacks
Quick Quiz: Which new attack method combined AI-generated phishing with trusted remote access tools to compromise European enterprises?
A) Credential stuffing
B) AI-crafted phishing with remote access payloads
C) Deepfake-enabled voice fraud
D) DNS hijacking
(Answer revealed below!)
Smart Security Moves of the Week:
- Tackle AI Phishing Head-On: Use AI-driven email filtering, enforce DMARC policies, and conduct multilingual phishing simulations.
- Harden Remote Access: Limit remote desktop use, enforce MFA, and monitor for anomalous ScreenConnect sessions.
- Secure Vendor Ecosystems: Spain’s Huawei exclusion shows the importance of mapping vendor dependencies and applying zero-trust to suppliers.
- Invest in GPS Redundancy: Aviation and logistics firms should implement multi-modal navigation to withstand jamming incidents.
- Engage Cyber Reserves: Leverage ENISA’s new EU Cybersecurity Reserve for rapid incident response and cross-border recovery.
Answer: B) AI-crafted phishing with remote access payloads
✅ Conclusion
From AI-driven phishing campaigns that exploit trusted tools, to vendor scrutiny in Spain, and new EU-backed reserves strengthening crisis response, this week illustrates how Europe’s cyber landscape is shifting rapidly. Regulatory enforcement around AI and proactive steps like satellite defence investments further signal that cyber resilience now spans both digital and physical domains.
At Make Sense, we help organizations translate these developments into measurable, auditable, and proactive cyber defences. Staying informed is the first step, building resilience is the next.
Stay secure,
The Make Sense SRL Team & CyberTania
