French prosecutors said Friday that foreign interference is behind a wave of apparently provocative acts — from stunts targeting Muslims to antisemitic graffiti — that have struck Paris in the last two years. Pig heads were found outside nine mosques on Tuesday, shocking the Paris region. “Several of the pig heads had the inscription ‘MACRON’ written in blue ink,” the prosecutor’s office said earlier this week. Prosecutors have not yet publicly named a state actor as being responsible for the various incidents, but the cases echo tactics previously attributed to Russian networks seeking to exploit social fractures in Europe. Foreign interference is “something we must take into account, and that we do take into account, since in making an assessment of this type of acts that have taken place in the Paris area since October 2023, we have nine cases,” Paris prosecutor Laure Beccuau told BFMTV on Friday. “It started with the blue Stars of David,” Beccuau said, referring to an incident that saw the symbols daubed on building walls in the French capitals’s 14th district in October 2023 — and was later linked to pro-Russian interference. “Then came the ‘red hands,’ then splashes of green paint,” she said about attacks that targeted the Paris Holocaust memorial in 2024 and 2025. Earlier this month, pro-Russian posters were discovered on several pillars of the Arc de Triomphe, showing the image of a soldier with the caption, “Say thank you to the victorious Soviet soldier.” Beccuau said investigators have identified similar patterns in the modus operandi of individuals of Eastern European origin arriving for a short period of time in France to carry out these acts. “Sometimes they take photos of what they have done, and send the photos beyond the borders to sponsors,” she said. “Some of the sponsors have been identified … so we are fully able to be convinced that these acts are operations of interference.” Since Russia’s full-scale invasion of Ukraine began in February 2022, French authorities have accused Moscow of spreading disinformation and orchestrating symbolic provocations designed to sow mistrust in institutions and deepen religious or political tensions. Clea Caulcutt contributed to this report.

Chancellor Friedrich Merz on Thursday called for stronger intelligence services that reflect Germany’s size and economic muscle at a time of heightened threats to Europe. “Rarely in the history of the Federal Republic has the security situation been so serious. The foundations of the European security architecture, which have enabled us to live in freedom, peace, and prosperity for decades, have become fragile,” Merz said at the inauguration of Martin Jäger as the new president of Germany’s Foreign Intelligence Service, the BND. “Given the responsibility we bear in Europe in view of our size and economic strength, it is therefore our goal to ensure that the BND performs at the very highest level in terms of intelligence,” he added. Germany’s security agencies have long depended on U.S. intelligence help to track terrorist threats, cyberattacks and espionage activities, while Europe now confronts a belligerent Russia and its allies. Jäger, 61, was appointed on Sept. 4 replacing long-serving chief Bruno Kahl. A seasoned diplomat, he previously represented Germany in Iraq and Afghanistan, and most recently served as ambassador to Ukraine. Since taking office months ago, Merz himself has become a primary target for Russian disinformation networks. Experts and intelligence officials link the campaigns, including fabricated stories, fake websites and AI-generated videos, to his outspoken support for Kyiv as it resists the Kremlin’s aggression. “In Germany, we are now fending off hybrid attacks against our infrastructure on a daily basis; acts of sabotage, espionage, disinformation campaigns,” Merz said during his speech on Thursday. He warned of “systemic rivals and adversaries” becoming “increasingly aggressive” in their tactics. “A paradigm shift in foreign and security policy” is necessary to overcome such threats, Merz said. “We have very, very good security agencies in Germany. But our sovereignty in Germany and in Europe depends not least on us becoming even better.”

BRUSSELS — The international world order is beyond repair and Europe should adapt to the law of the jungle — or else come up with new rules. That’s the bleak message the European Commission is set to give on Tuesday in a text detailing major challenges ahead. “We are witnessing the erosion of the international rules-based order,” several drafts of its annual Strategic Foresight Report, seen by POLITICO, say. Since taking office, U.S. President Donald Trump has consistently shown contempt for institutions like the United Nations by withdrawing funding or pulling out of key U.N. bodies like the UNHCR, its refugee agency, and UNESCO, which works in education and science. Trump’s global tariff threats have further undermined the authority of the World Trade Organization. The European Union’s executive will acknowledge that these institutions likely won’t recover from the breakdown of the global order. In fact, Europe should prepare for it not to come back. “A return to the previous status quo seems increasingly unlikely,” the draft warns. The EU could be particularly affected by this development. Key features of the bloc, such as its internal market, trade flows, international partnerships, and technical standards, all depend on a functioning multilateral system. “The instability and partial disfunction of the international order and the partial fracturing of global economies have a destabilising effect on the EU’s ability to act in the interest of its economy and the well-being of its people,” it adds. The final text of the report presented on Tuesday could still differ significantly from the drafts. EMBRACING CHANGE The Commission report aims to steer broader EU policies ranging from trade to technology, climate and other areas. It will call for Europe to be ready for the advent of artificial intelligence that matches human thinking; for regulation of technologies to dim the power of the sun; and to consider mining outer space and the deep sea for critical minerals. Instead of clinging to the old rules-based order, Europe should lead an international effort to reform it, the document will say. “The EU should actively and with a coherent approach shape the discussion about a new rule-based global order and a reform of multilateralism,” the draft reads, singling out the U.N. and the WTO, the Geneva-based trade club, as key institutions of focus. The bloc also shouldn’t shy away from forming “new alliances based on common interests,” it advises.

The Bulgarian government on Thursday reversed course as it clarified it had no evidence that Russia jammed GPS signals to European Commission President Ursula von der Leyen’s plane when it landed at a local airport on Sunday — despite initially making the claim itself.  On Thursday, Bulgarian Prime Minister Rosen Zhelyazkov told parliament that the Commission president’s plane had not been disrupted but had only experienced a partial signal interruption, the kind typically seen in densely populated areas.  “After checking the plane’s records, we saw that there was no indication of concern from the pilot. Five minutes the aircraft hovered in the waiting area, with the quality of the signal being good all the time,” he told lawmakers.  The prime minister had previously said the disturbance was due to unintended consequences of electronic warfare in the Ukrainian conflict.  Deputy Prime Minister and Transport Minister Grozdan Karadzhov, also denied there was evidence of disruption to the GPS signal of the Commission president’s flight.  “According to empirical data, according to the radio detection, the records of our agencies, civilian and military, there is not a single fact supporting the claim to silence the GPS signal that affected the plane,” Karadzhov told Bulgarian broadcaster bTV on Thursday.  On Monday, the Financial Times reported that a Commission-chartered plane on a tour of “front-line states” in Europe reportedly lost access to GPS signals while approaching Bulgaria’s Plovdiv airport. The correspondent who was on the plane wrote that the aircraft landed using paper maps and quoted an official saying it circled the airport for an hour. Brussels and Sofia were quick to blame Russia, calling it “blatant interference.”  The incident made headlines across Europe and prompted reactions from U.S. President Donald Trump, NATO’s Secretary-General Mark Rutte and other top officials. In past days, analysts have questioned the details of the incident, pointing to flight-tracking data revealing that the GPS signal was never lost and that the plane’s landing was only delayed by nine minutes. Public data also showed the same aircraft had experienced GPS jamming the day before over the Baltics — but not in Bulgaria. European Commission spokesperson Arianna Podestà on Thursday said the institution was informed by Bulgarian authorities of GPS jamming, echoing a press release shared by the country’s governent authorities on Monday. “We have never been speaking of the targeting ourselves and I was very clear in saying that we had no informationin this sense. But we are extremely well aware that this is a matter that occurs in our skies and in our seas on a constant manner since the start of the war and therefore this is why its important to tackle it together with our member states,” she told reporters at a briefing in Brussels.

BRUSSELS — The Czech government on Wednesday condemned China for carrying out a cyberattack against its foreign ministry exposing thousands of unclassified emails. Czechia said that the Chinese state-sponsored group Advanced Persistent Threat 31 (APT31) targeted the foreign ministry from 2022 — the year the country held the rotating EU presidency — and was able to read unclassified emails sent between embassies and EU institutions.  The Czech foreign minister, Jan Lipavský, said he would summon the Chinese ambassador immediately to explain the findings and tell him this would damage the countries’ bilateral relations.  “With today’s move, we have exposed China, which has long been working to undermine our resilience and democracy,” Lipavský said. “Through cyberattacks, information manipulation, and propaganda, it interferes in our society — and we must defend ourselves against that.”  It is the first time the Czech government has attributed a national cyberattack to a state-backed actor. An investigation conducted by the Security Information Service, Military Intelligence, Office for Foreign Relations and Information, and National Cyber and Information Security Agency (NUKIB) provided Czech authorities with a high degree of certainty about who was behind the targeting of the ministry. APT31 is run by China’s ministry of state security from the city of Wuhan, according to the U.S. justice department. The group has been accused of high-profile attacks in the past, including targeting the personal emails of campaign staff working for U.S. presidential candidate Joe Biden in 2020. In 2024, the U.K. and U.S. imposed sanctions on individuals tied to APT31. The alleged Chinese hack sparked outrage in Brussels, among the EU’s top brass and at NATO headquarters. “The European Union and its Member States, together with international partners, stand in solidarity with Czechia regarding the malicious cyber campaign that targeted its Ministry of Foreign Affairs,” the EU’s top diplomat, Kaja Kallas, said in a statement. “We call upon all states, including China, to refrain from such behavior, to respect international law and to adhere to the UN norms and principles, including those related to critical infrastructure,” Kallas added. “Cyber threat actors persistently seek to destabilize the Alliance. We remain committed to expose and counter the substantial, continuous and increasing cyber threat, including to our democratic systems and critical infrastructure. We are determined to further improve our capabilities and resilience and to employ the necessary capabilities in order to deter, defend against and counter the full spectrum of cyber threats to support each other,” the NATO military alliance said in a statement Wednesday. Jacopo Barigazzi contributed to this report.

A top Dutch spy says Europe shouldn’t take its eye off potential danger from China, even as Russian ruler Vladimir Putin continues to attract most of the continent’s security attention. “China has a very complex, organized cyber system. And we are not able to have a full grasp on what they can do,” Vice Adm. Peter Reesink, director of Dutch military intelligence agency MIVD, told POLITICO during an interview. “I would say that it’s more threatening than Russia.” In its annual report released late last month, MIVD highlighted the deepening geopolitical, economic and military ties between Russia and China — and the growing risks they pose for Europe. The Dutch report noted that Russia is stepping up its hybrid attacks against the Netherlands and its European allies to influence and undermine their societies, while U.S. intelligence agencies revealed last year that Chinese cyber group Salt Typhoon had infiltrated major American telecoms providers for at least a year. “We saw something similar happening in Europe, although not at the same level as in the U.S.,” Reesink said, adding that China had targeted some 10 European countries. “But what we can observe is only a limited part of China’s complex cyber system.” The MIVD report revealed that Russia attempted to disrupt the European election last June by launching cyberattacks on websites linked to Dutch political parties and public transport systems — efforts intended to make it harder for Dutch citizens to vote. According to Reesink, such interference — from an increasingly belligerent Russia that has been waging war on neighboring Ukraine for years while conducting hybrid warfare in Europe — is not unique to the Netherlands. “We have information of Russian interference in different elections, and not only through disinformation. That’s in a few countries, and it is mostly with countries which used to be under the influence of Russia,” he said. BRACING FOR RUSSIAN ATTACK Reesink warned that Russia’s most threatening behavior is its ongoing military buildup for a potential future conflict. In 2024, Russia’s defense spending reached an estimated $149 billion, according to the Stockholm International Peace Research Institute — a 38 percent increase from 2023 and double the level from 2015. “Russia is producing much more artillery, also with help from other countries, than they need for the war with Ukraine,” Reesink said. He noted that Russia is not only replenishing depleted stockpiles but also moving new artillery units toward NATO borders, including the Baltic countries and Finland. Russia’s defense spending reached an estimated $149 billion. | Anatoly Maltsev/EPA “That’s an indication for us that they are building up capability,” he said, while emphasizing that MIVD does not currently foresee Putin initiating a new war. Reesink estimated that once — or if — a settlement with Ukraine is reached, Russia could be ready for a new conflict within a year, assuming its military production stays at current levels and the Kremlin maintains its political appetite for combat. “The Netherlands, like the rest of NATO countries, is in a phase of enhanced readiness program to make sure that we’re ready if that occurs,” he said. “Most ministries have faced budget cuts — except defense — and at the political level there’s little debate about the need to prepare,” he said. “We were a little bit reluctant over the past 20, 30 years, I must admit, but now that awareness is back again.” TRUMP’S WAKE-UP CALL Aside from the threats from China and Russia, European intelligence top brass sees another elephant in the room: U.S. President Donald Trump. Since his reelection in November, Trump has moved to consolidate political control over American intelligence agencies by cutting funds, sidelining dissenting voices and appointing loyalists to key positions — moves that critics say will undermine the independence and effectiveness of the intelligence community. “It’s not a very comfortable signal from the U.S. when you see the leadership on their side from the intelligence agencies being … well, having to seek another job,” Reesink said. But he argued that Trump’s return to office has served as a wake-up call for European intelligence services. “It was a good look in the mirror for Europe and the role we have to play for ourselves,” he said. The awareness “that something needs to be done from a European perspective” has taken root, he added. “And I can give you an example: A few weeks ago, we had a meeting in Brussels with intelligence agencies, both civilian and military. And for the first time, I think, all of us directors were present,” he said. Donald Trump has moved to consolidate political control over American intelligence agencies by cutting funds. | Pool Photo by Samuel Corum via EPA Reesink emphasized that cooperation among European and U.S. intelligence agencies remains robust and mutually beneficial — though he did have a word of warning. “If I look at the working level, there’s so much cooperation which has been going on for years, which is very viable for us, but for the U.S. as well. That’s not going to change overnight,” he said. However, Reesink acknowledged that Europe “cannot close its eyes” and may need to reassess its intelligence sharing with Washington in light of Trump, who has promoted some Russian narratives about Moscow’s war in Ukraine. “We weigh our level of cooperation, the amount and the intensity in which we share … and that could mean in the end that we are changing the way we have to cooperate with the U.S.,” he cautioned.

PARIS  — French authorities on Tuesday accused Russia’s most high-profile hacking group of orchestrating cyberattacks on President Emmanuel Macron’s 2017 election campaign. This is the first time France has publicly accused Moscow of being behind the affair known as “Macron leaks,” which resulted in the disclosure of thousands of documents that belonged to the then-candidate’s campaign team. A statement from the French Ministry of Foreign Affairs said Russia’s intelligence service, the GRU, has been carrying out attacks for several years against French interests. The unit accused of carrying out the attacks was the infamous APT28, also known as Fancy Bear. That group has previously been sanctioned by the EU for hacking the German Bundestag in 2015. It has also been tied to the hack of the U.S. Democratic National Committee in 2016 and email accounts belonging to Chancellor Olaf Scholz’s Social Democratic Party in 2022 and 2023. The French ministry said that the hacking group was used “to target or compromize a dozen French entities” since 2021, and was also being used to put pressure on Ukraine’s infrastructure. France’s cybersecurity agency said in a paper that French ministerial agencies were targeted as well as various private sector actors, including in the finance and aerospace sectors. France’s Foreign Minister Jean-Noël Barrot posted a message on X saying France “observes, blocks and fights its adversaries,” along with a video about the “silent war” waged by Russia against France. It is rare for the French government to call out perpetrators of cyberattacks on its territory by name. In recent weeks, though, Macron has upped the rhetoric against Russian President Vladimir Putin, in a bid to pile the pressure on ceasefire talks between the U.S and Russia. Last week, Macron called on Putin to “stop lying” on his desire to peacefully end the war in Ukraine in an impassioned exchange with reporters. Previously, the French president also warned U.S. President Donald Trump that Putin was playing games at the end of an international summit in Paris.

PARIS — French Foreign Affairs Minister Jean-Noël Barrot voiced his confusion over reports that the United States’ Defense Secretary Pete Hegseth has ordered a halt of offensive cyber operations against Russia. “I have a bit of trouble understanding [Hegseth’s decision],” Barrot told public radio France Inter Monday. The French minister said European Union countries “are constantly the targets” of Russian cyberattacks. Cybersecurity publication The Record on Friday reported that Hegseth had ordered U.S. Cyber Command to stand down from planning offensive cyber operations against Russia. The report was confirmed by other publications shortly after. Cyber Command is the U.S. Department of Defense’s section conducting cyberattacks and cyberdefensive operations. Hegseth’s move raised eyebrows in Europe, where Russia is seen as a main threat in cyberspace together with China. Both French diplomatic officials and President Emmanuel Macron have repeatedly accused Russia of engaging in hybrid warfare against France through cyberattacks. “Russia is attacking us on information, cyber,” Macron said last month, claiming that Moscow was seeking to “destabilize our democracies.” A report published on Feb. 24 by Viginum, the French digital interference service, said France was “the subject of a particularly aggressive and persistent targeting by Russian information threat actors.”

The European Parliament has asked lawmakers, parliamentary assistants and staff to use Signal, an end-to-end-encrypted messaging app, as an instant messaging tool for work-related communications, according to an internal email seen by POLITICO.  “Due to a recent increase in threat on commercial telecommunications infrastructure and following certain incidents targeting large telecommunications companies mainly in the U.S., the risk of interception or manipulation of unsecure communications via public networks has increased,” the email said. The advice comes after it was revealed that a China-linked hacking group called Salt Typhoon conducted large-scale intrusions on U.S. and global telecommunication providers. New research by cyber intelligence firm Recorded Future on Thursday showed the group had breached telcos as recently as January, including in Italy and the U.K., despite U.S. sanctions. Parliament’s email reminded lawmakers they should use “Parliament’s corporate solutions” Teams and Jabber when possible and only Signal if the two are unavailable. “The use of Signal is proposed as a safe alternative in cases where no equivalent corporate tool is available,”  the Parliament’s press service said in a statement, adding it couldn’t “comment further on security or cybersecurity measures or tools.”  In 2020, the European Commission gave a similar advice, telling its staff to switch to Signal for secure communications. In 2023, several EU institutions also banned the use of Tiktok on work-related devices, requesting that its staff — numbering about 32,000 — remove the app from officials’ devices and their personal devices with work-related apps installed. The decision sparked a wave of similar measures across European capitals. Signal’s application is favored by cybersecurity experts and privacy activists because of its end-to-end encryption and open-source technology.