Public administration & government

The week's public-sector signal is heavily Swiss/European. NCSC-CH reported an active Microsoft 365 "voicemail" phishing wave in Switzerland delivering infostealers and harvesting M365 credentials, with chain-phishing onward from compromised mailboxes. The Swiss Federal Audit Office reported that the two-year-old split of federal cyber-governance leaves strategic oversight without a complete incident picture — a structural finding for any federated public administration. Further afield, Ukraine's postal operator Ukrposhta had digital services disrupted by an overnight attack, and Brazil's national Cell Broadcast alert platform was hijacked to push fake emergency messages to ~30M phones — a reminder that government alerting infrastructure is itself a target.