Russia-Backed Disinformation Network Dismantled Across Africa

Meta has shut down an extensive disinformation network spreading Russian propaganda throughout Africa that operated for over six months. According to the company’s quarterly security report, the operation utilized more than 65 accounts and 70 pages designed to mimic legitimate news outlets while publishing content critical of France and the United States and promoting Russian geopolitical narratives.

The network primarily employed freelancers based in sub-Saharan African countries who were hired through job platforms like Upwork. These individuals advertised themselves as social media managers or search engine optimization specialists, creating a distributed workforce for the Russia-backed propaganda effort.

“The individuals behind these Pages repeatedly returned to our platform after we removed them, often using fake accounts to recreate similar brands,” Meta reported. “This network of individuals operated independently, though they likely received centralized tasking through channels outside of Meta’s platform.”

Meta noted that the coordination between these freelancers was evident in their publishing patterns and obfuscation techniques. The security team observed “the same or slightly adjusted ad content – often within a two-day window – and utilizing the same text obfuscation methods, such as 4ng0la, uk_ra_ine, and fr@nce.”

The dismantling of this network came after VIGINUM, France’s anti-disinformation agency, provided intelligence exposing Russia’s information operations in the region. Meta also discovered a second, smaller disinformation network operating in the same area, run by a Cameroonian freelancer believed to be working for Russia’s state-controlled news agency RT.

These Russian-backed information operations in Africa represent part of a broader trend of state-sponsored disinformation campaigns. In a related development, Germany recently summoned the Russian ambassador to formally complain about Moscow’s interference in German elections earlier this year, including disinformation campaigns that continue to circulate false narratives about pension reforms.

Cybersecurity Concerns Mount Globally

In other security news, Apple has released patches for two actively exploited WebKit zero-days that were used in what the company described as an “extremely sophisticated attack” targeting users running iOS versions prior to iOS 26. The vulnerabilities were discovered by Google’s security team, which also patched its own Chrome zero-day on the same day.

Google is now tracking at least five Chinese cyber-espionage groups exploiting the React2Shell vulnerability for initial access, up from just two groups previously identified. The threat actors, designated as UNC6600, UNC6586, UNC6588, UNC6595, and UNC6603, are part of a growing trend of nation-state attackers targeting widely-used software frameworks.

A troubling report from security firm Strider revealed that Chinese researchers have published more than 2,700 research papers examining the U.S. power grid and its vulnerabilities. Approximately 225 of these papers explicitly explored potential attacks on American infrastructure, with some research conducted by entities linked to China’s military and security services.

New Legislation and Corporate Security Measures

South Korea is introducing substantial fines for businesses that suffer repeated data breaches, with penalties reaching up to 3% of annual sales. This legislative effort follows major security incidents at SK Telecom, KT, and e-commerce giant Coupang. Companies will also face new fines for delaying breach notifications to authorities.

In the United States, lawmakers have reintroduced two important security bills: the Satellite Cybersecurity Act, which directs the Commerce Department to develop voluntary security recommendations for commercial satellites, and the Stopping Adversaries From Exploiting LiDAR (SAFE LiDAR) Act, which aims to phase out LiDAR technology from foreign adversaries, particularly China, citing risks to national security.

The Trump administration is preparing an executive order to allow private companies to conduct offensive cyber operations on behalf of the government, effectively creating modern “letters of marque” for digital warfare. Congress has already allocated $1 billion for offensive cyber operations through the annual spending bill, signaling a significant shift in U.S. cyber strategy.

Meanwhile, MSC Cruises, the third-largest cruise operator globally, has banned passengers from wearing smart glasses in public spaces, citing privacy concerns about the discreet recording capabilities of these devices. Staff have been instructed to confiscate smart glasses from passengers who violate this policy.

As cybersecurity threats continue to evolve, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its Cross-Sector Cybersecurity Performance Goals, providing revised guidance and benchmarks for critical infrastructure operators to better protect against emerging threats.

These developments highlight the increasingly complex landscape of global cybersecurity, where nation-state actors, criminal organizations, and corporate security policies intersect in an ongoing battle for digital security and information integrity.