Two weeks ago, I was exchanging emails with an editor from a government tech publication who apologized for his lack of responsiveness by noting that he was going through the “craziest” news week of the year. This past week, the same editor again apologized for his slow responses, noting that this week was even crazier than the previous one. That’s the kind of month it’s been and might explain why some big news stories (government shutdown?) are not included in this week’s newsletter. There just isn’t enough space.
This week, I’ve focused on three areas that seem to draw the most attention, including sobering news of cyber threats, a continuing drumbeat of headline-grabbing announcements from the General Services Administration (GSA) and a surfeit of coverage from the AFA’s Air, Space & Cyber Conference (AFA 2025):
Government-Targeted Cyberattacks
Warnings from Cybersecurity and Infrastructure Security Agency (CISA) and a disrupted plot to intercept communications between government officials attending a United Nations meeting were covered by government tech reporters and other publications this week:
- CISA disclosed that threat actors breached an unnamed federal agency last year by exploiting a critical vulnerability in the open source GeoServer mapping server, a story picked up by Rob Wright for security trade publication Dark Reading.
- Sergiu Gatlan of tech trade Bleeping Computer wrote that threat actors gained access to the agency’s GeoServer server two days after the threat was first identified and compromised another one roughly two weeks later.
- In Federal News Network, Anastasia Obis noted that CISA’s emergency directive only applies to federal civilian agencies but strongly encourages other government and private sector organizations to follow the same guidance.
- In other CISA news, David DiMolfetta reported in Nextgov/FCW that the agency ordered federal organizations to patch Cisco devices that have been exploited by an advanced hacker group.
- CISA acknowledged it has yet “to get a complete handle on the scope and impact of attacks related to the Cisco device vulnerabilities and that it took months to determine the root cause and mitigate the activity, according to an update by Matt Kapko in CyberScoop.
- In yet another example of a looming cyber threat to government, the Secret Service this week said it disrupted a network of devices across the New York tristate area tied to nation-state threat actors targeting senior U.S. government officials as the United Nations General Assembly convened in Manhattan, according to a piece by Chris Riotta in GovInfoSecurity.
- Grace Dille covered the story for MeriTalk, noting the Secret Service discovered more than 300 co-located SIM servers and 100,000 SIM cards at multiple sites concentrated within 35 miles of the meeting of the United Nations General Assembly.
GSA Touts Its News
The GSA continued its streak of announcements of new deals with iconic tech companies and continued progress in revamping the FedRAMP cloud security assessment and authorization program:
- The GSA this week announced the second phase of its FedRAMP 20x program to leverage automation in place of annual assessments to speed up authorizations, with details reported by Natalie Alms in Nextgov/FCW.
- Madison Alder and Miranda Nazzaro covered the news for FedScoop, noting comments from Federal Chief Information Officer Greg Barbaccia expressing his commitment to the FedRAMP program.
- The new phase of FedRAMP 20x program will focus on a limited number of FedRAMP Moderate authorizations (as opposed to FedRAMP Low authorizations from the previous phase), Dille noted in MeriTalk.
- In his coverage of Barbaccia’s comments on FedRAMP, Justin Doubleday of Federal News Network added that Barbaccia also gave his full support to advancing other top-tier tech services such as conversational AI engines.
- In other GSA news, the agency reached a OneGov agreement with Elon Musk’s xAI to make its Grok AI models available to federal agencies for $0.42 for 18 months, according to coverage from MeriTalk’s Weslan Hansen.
- FedScoop’s Nazzaro also covered the Grok news, noting that it came after the GSA AI safety team tested Grok 4 and determined it met the necessary requirements.
- In her take on the announcement, Alexandra Kelley reported in Nextgov/FCW that the agreement represents the longest contract term for a OneGov AI deal thus far, and will be in place until March 2027.
- Similarly, Meta announced early this week that its open source AI models are now available for federal use through the GSA’s OneGov program, Edward Graham wrote in Nextgov/FCW.
Saltzman at AFA 2025
There was so much coverage in the tech media on news coming out of the AFA 2025 conference that I couldn’t possibly include it all here. But if one person generated the most coverage at the event, it was Chief of Space Operations Gen. Chance Saltzman. Here’s a sampling of those articles:
- Saltzman told attendees that the U.S. Space Force is planning for investments in operations up to 15 years into the future based on expected technology developments of adversaries, according to a Breaking Defense article by Theresa Hitchens.
- In a press briefing after his speech, Saltzman told reporters he is pushing his team to complete the plan by the end of this year and then refresh it every five years, Courtney Albon wrote in Air & Space Forces Magazine.
- In a separate article, Albon reported that Saltzman said the endeavor has begun with a 10-week initial qualification training course for new acquisition officers. Obis covered the announcement in Federal News Network, noting that the training program immerses new acquisition officers into the complexities of contracting, space system testing and program management.
- In space industry publication Space News, Sandra Erwin noted Saltzman’s view that accepting imperfect solutions that can help troops today rather than waiting for flawless systems.
- Also in Air & Space Forces Magazine, Shaun Waterman reported on Saltzman’s announcement at the event that Front Door, the one-stop shop for contractors to interact with the U.S. Space Systems Command, will become contractors’ first point of contact for the whole service.
Upcoming Industry Events
I encourage you to visit the sites of the publications above for more news from AFA 2025. And if you’d like to experience these newsmaking events in person, here are few upcoming ones that might be in the headlines next week:
- October 1: POLITICO’s Policy Outlook: Cybersecurity, POLITICO, Union Station – Columbus Club, Washington, D.C.
- October 1-2: Federal News Network’s Cyber Leaders Exchange 2025, Carahsoft, Federal News Network, Virtual
- October 3: GovTechNext: Bridging Innovation to Mission, an Emerging Tech Demo Day, ACT-IAC, Carahsoft Collaboration & Conference Center, Reston, Virginia
I’ll stop there. Will next week be even “crazier” for the government tech media? Come back then and I’ll let you know. In the meantime, subscribe to this newsletter on LinkedIn or via the form below.