Tonga votes on 20 Nov 2025. The Pacific monarchy faces economic dependence, regional competition, and growing information disorder. Local efforts exist, but limited institutional capacity leaves gaps ahead of the elections.

The blog introduces the actor-specific, granular analytical approach, which assesses digital influence operations by examining actors, structures, and intentions, rather than treating them as a uniform threat. Using IRSEM’s "Baybridge" case, it shows how bureaucratic incentives and commercial self-interest can undermine strategic effectiveness.

A September 3 data leak exposed internal files of pro-Russian Moldovan politician Ilan Shor and his “Victorie Bloc,” revealing a financed influence network linked to Russia. The leak, paired with targeted intimidation messages, severely disrupted the group. Analysts view it as a coordinated “Cyfluence Counteroperation” that effectively neutralized and delegitimized Shor’s organization just before Moldova’s elections.

The Czech parliamentary elections on 3–4 October 2025 face heavy digital interference. Russia and increasingly China exploit Telegram networks, disinformation portals, and fake TikTok accounts to spread distrust, voter apathy, and anti-Western narratives. According to CERA, the main risks are erosion of democratic trust, voter demobilization, and the strengthening of populist and pro-Russian forces.

The FDEI Country Report highlights how influence in Moldova is being shaped by coordinated campaigns targeting the 2025 elections. Russian-linked networks deploy cloned news sites, Telegram bots, and AI-generated content to spread disinformation and manipulate public perception. These campaigns aim to erode trust in institutions, polarize the electorate, and undermine cooperation with the EU and neighboring states.

This blog examines how Stark Industries Solutions acted as a Threat Activity Enabler (TAE) in hostile cyber and influence operations. It explores the company’s role in providing resilient infrastructure for disinformation and attacks, its sanctioning by the EU in May 2025, subsequent rebranding moves, and why infrastructure-focused analysis is essential to track continuity behind shifting names and entities.

This week, we turn to a case study from Philstar. The report examines a coordinated influence operation on X (formerly Twitter) that was active from late 2024 to mid-2025, with the goal of framing Vietnam as the main aggressor in the South China Sea.

This week, our Weekly Blog highlights a recent DFRLab report uncovering a coordinated network of at least 215 cross-platform accounts – 116 on Facebook, 79 on TikTok, and 17 on Instagram. Between December 2024 and June 6, 2025, these accounts generated 8,514 posts, attracting more than 16 million views and 681,000 likes. The investigation reveals how pro-Russian influence targeting Romania Moldova has been systematically amplified through this network, exploiting major social

The China cyber militia model shows how civilian, state, and military actors are fully interconnected. Rather than outsourcing, Beijing embeds information operations within this system, blurring boundaries and ensuring all parts can be mobilized as extensions of state power.

China tends to respond to accusations of information operations in a recurring pattern. A recent example is the Ministry of State Security’s reaction to Australian espionage allegations, which once again reflected this established approach.

Singapore’s public attribution of cyber intrusions to UNC3886 marks a shift in its stance toward China, departing from past discretion. The move highlights the role of attribution as both technical evidence and strategic messaging. China’s swift counteraccusations illustrate a pattern in hostile influence, redirecting attention and reframing narratives to challenge Singapore’s position and shape international perception.

Between March and April 2025, Doublethink Lab identified a coordinated influence campaign on Threads involving 51 fake accounts posing as Taiwanese users, spreading anti-DPP narratives alongside sexually suggestive content. The operation showed signs of outsourced amplification, blending political messaging with dating spam.

Examiniation of a recent VIGINUM report (June 2025), which analyzes the activities and organizational structure of the "African Initiative," an organization operating across several African countries.

Meta’s latest Adversarial Threat Report details the detection and dismantling of three global Coor-dinated Inauthentic Behaviour (CIB) campaigns attributed to actors based in China, Iran, and Romania.

This week’s post highlights key findings from Beyond Operation Doppelgänger: A Capability Assessment of the Social Design Agency (Pamment & Tsurtsumia, 2025), published by the Psychological Defence Agency at Lund University. Drawing on over 3,100 leaked internal documents, the study offers new insights into the structure, strategy, and objectives of the Russian influence campaign known as “Doppelgänger.”

VIGINUM Report Storm-1516 is a coordinated Russian disinformation campaign targeting Western democracies. It uses AI, deepfakes, and fake media outlets—often distributed via the CopyCop network—and follows a five-phase operational model. Evidence points to potential links with GRU Unit 29155 and broader state-backed influence networks.

Anthropic uncovers and disrupts four coordinated influence operations in April 2025, run by a commercial "Influence-as-a-Service" provider. These AI-driven disinformation campaigns—unlinked to any specific state actor—underscore the rising threat of private sector influence operations in digital security, social media manipulation, and global information warfare.

This week on our blog, we are presenting a new report by ClearSkySec that highlights a compelling case of a long-term influence operation.

This week, we examine the recent developments involving the hackergroup "Codebreakers" and the Iranian Sepah Bank, which have surprisingly not made international headlines yet.

This week, we are also reviewing the latest VIGINUM report . While it presents few new insights, it offers a structured overview of key...