
U.S. Government Accelerates Post-Quantum Cryptography Migration and Addresses AI Cybersecurity Threats
On June 22, 2026, the U.S. federal government issued Executive Order 14412, mandating migration to post-quantum cryptography (PQC) for high-value assets and high-impact systems by December 31, 2030 (key establishment) and December 31, 2031 (digital signatures), accelerating the previous 2035 deadline. The order addresses the 'harvest now, decrypt later' threat, where adversaries collect encrypted data to decrypt once quantum computing matures, with NIST having already finalized three PQC standards in August 2024: ML-KEM for key exchange, ML-DSA, and SLH-DSA for signatures. Agencies must appoint a PQC migration lead within 30 days and complete inventory reviews within 90 days, while vendors using legacy RSA or Diffie-Hellman may face compliance issues. Separately, a joint statement by Five Eyes cybersecurity agencies (CISA, NCSC, ASD, CCCS) warned that AI is actively exploited by attackers, compressing the vulnerability-to-exploitation window from weeks to near-instantaneous, and urged organizations to adopt AI-driven defenses. AMD faced backlash after silently removing Transparent Secure Memory Encryption (TSME) from consumer Ryzen processors in firmware updates, only to reverse the decision in July 2026 following community pressure, restoring the feature via BIOS updates based on AGESA 1.3.0.1b. Additional incidents included a LastPass breach via stolen third-party OAuth tokens, a $3 million Poly Market hack via malicious JavaScript, and Alibaba suing the U.S. over its designation as a Chinese military company.