Access

Europol dismantles cybercriminal VPN linked to ransomware investigations

Europol has announced that international law enforcement agencies dismantled the cybercriminal VPN platform known as First VPN during a coordinated operation targeting ransomware infrastructure and wider cybercrime networks.

The operation, led by authorities in France and the Netherlands with support from Eurojust, targeted infrastructure allegedly used by cybercriminals to conceal ransomware attacks, fraud, data theft and other illegal online activities.

Europol described the service as deeply embedded in the cybercrime ecosystem and said it had featured in almost every major Europol-supported cybercrime investigation over the past few years. The platform was allegedly promoted as an anonymity service for criminal use, offering anonymous payments, concealed infrastructure and tools intended to help users evade law enforcement detection.

Coordinated action days took place on 19 and 20 May, during which authorities dismantled 33 servers connected to the service and shut down associated domain names. Investigators also interviewed the alleged administrator in Ukraine and carried out a residential search linked to the operation.

According to Europol, investigators gained access to the platform’s infrastructure and user database during the investigation, which began in December 2021. The agency said the data helped identify users allegedly connected to ransomware campaigns, fraud schemes and other cybercrime operations across several jurisdictions.

Intelligence generated through the operation led to 83 intelligence packages being distributed internationally, information linked to 506 users being shared with partner agencies, and 21 Europol-supported investigations advancing through newly obtained evidence.

The operation also received support from cybersecurity company Bitdefender, while a joint investigation team coordinated by Eurojust facilitated judicial cooperation and evidence sharing among participating countries.

Why does it matter?

The takedown shows how law enforcement is increasingly targeting the infrastructure that enables cybercrime, not only the attackers themselves. VPN services marketed for criminal use can help ransomware actors and fraud networks hide their identity, route attacks and evade detection. By dismantling First VPN and obtaining user data, investigators can disrupt multiple cybercrime operations at once and strengthen ongoing ransomware investigations.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Canada advances 5G expansion with new spectrum and tower infrastructure reforms

Canada has announced measures to strengthen wireless connectivity, expand 5G infrastructure and accelerate the deployment of next-generation telecommunications technologies.

The government confirmed the rules for a planned 2027 millimetre-wave spectrum auction in the 26 GHz and 38 GHz bands. The auction will make 4.8 GHz of spectrum available to support advanced 5G applications and future 6G technologies. An additional 850 MHz of spectrum in the 26 GHz band will be made available through a future non-competitive licensing process.

The auction framework includes spectrum caps intended to ensure that several operators can access spectrum in each area. It also introduces smaller licensing areas, allowing operators to target spectrum access according to regional and business needs.

Alongside the spectrum measures, the government is proposing reforms to modernise Canada’s wireless tower-siting process. Planned changes include a standardised digital approval process and a publicly accessible online portal for applications and consultations. The reforms are intended to reduce administrative burden, improve transparency and support faster infrastructure deployment.

Minister of Industry Mélanie Joly said reliable and affordable connectivity is essential for economic growth, public safety and quality of life. The government said faster and more efficient infrastructure approvals would support competition, innovation and expanded wireless coverage across the country.

Officials also noted that millimetre wave spectrum can carry large amounts of data over short distances, supporting applications such as industrial automation, smart agriculture, private networks and fixed wireless services in rural and remote communities.

Why does it matter?

The announcement shows how 5G and future 6G planning increasingly depend on both spectrum policy and infrastructure deployment rules. By combining new mmWave spectrum with tower-siting reforms, Canada is trying to increase wireless capacity, reduce rollout delays and support data-intensive applications in industry, agriculture, private networks and rural connectivity.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Google launches Gemini 3.5 with advanced agentic AI capabilities

Google has announced Gemini 3.5, a new family of AI models designed to combine frontier-level reasoning with stronger agentic capabilities across consumer, developer and enterprise products.

The company is launching the series with Gemini 3.5 Flash, which it describes as its strongest agentic and coding model so far. Google said the model is built for complex, long-horizon tasks, including multi-step workflows, coding, document analysis and enterprise automation.

According to Google, Gemini 3.5 Flash outperforms Gemini 3.1 Pro on several coding and agentic benchmarks, including Terminal-Bench 2.1, GDPval-AA and MCP Atlas, while also improving multimodal reasoning. The company also claimed the model is significantly faster than other frontier models when measured by output tokens per second.

Google said the model can support agentic workflows through its Antigravity development platform, including the use of collaborative subagents for coding, financial document preparation, data analysis and other complex enterprise tasks. It also highlighted richer multimodal capabilities, including interactive web interfaces, visual reasoning and generative UI experiences.

Gemini 3.5 Flash is available through the Gemini app, AI Mode in Google Search, the Gemini API in Google AI Studio, Android Studio, Google Antigravity and Gemini Enterprise products. Google also said Gemini 3.5 Pro is being used internally and is expected to roll out next month.

The announcement also introduced Gemini Spark, a personal AI agent powered by Gemini 3.5 Flash. Google said Spark is designed to run continuously, helping users navigate digital tasks and take action under their direction. It is starting with trusted testers, with a beta planned for Google AI Ultra subscribers in the US.

Alongside performance improvements, Google said Gemini 3.5 was developed under its Frontier Safety Framework. The company said it strengthened safeguards related to cybersecurity and chemical, biological, radiological and nuclear risks, while adding safety training and interpretability tools intended to reduce harmful outputs and mistaken refusals.

The launch reflects a wider industry shift from conversational AI assistants towards systems that can plan, coordinate and execute tasks across digital environments, with major AI companies increasingly competing on agentic workflows, coding performance, multimodal interaction and enterprise integration.

Why does it matter?

Gemini 3.5 shows how the AI race is moving beyond chatbot performance towards systems that can act across software, workflows and enterprise environments. Faster agentic models could help automate coding, analysis and business operations, but they also raise governance questions around supervision, safety, accountability and how much autonomy users and organisations should give to AI agents.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

OpenAI expands verification tools as AI slop blurs digital trust

OpenAI has announced new measures to strengthen the provenance and verification of AI-generated content as synthetic media becomes more widespread across digital platforms.

The company said it is expanding support for Content Credentials and compliance with the Coalition for Content Provenance and Authenticity (C2PA) standard. The standard uses metadata and cryptographic signatures to help ensure that information about a piece of media travels securely with the content, including details on where it came from and how it may have been created or edited.

OpenAI also plans to integrate Google DeepMind’s SynthID watermarking into images generated through ChatGPT, Codex and the OpenAI API. The company said SynthID will add an invisible watermarking layer that complements C2PA metadata, particularly when metadata is removed, lost, or altered during file conversions, resizing, screenshots, or other transformations.

The company said it is adopting a multi-layered provenance approach that combines metadata, watermarking and public verification tools rather than relying on a single detection method. According to OpenAI, C2PA can provide richer contextual information, while SynthID can help preserve a signal when metadata does not survive.

The move also connects to wider concerns about AI slop, as synthetic media and low-quality AI-generated content become harder to distinguish from authentic images. Provenance tools cannot solve the problem alone, but they can provide clearer signals about how digital media was created or modified.

OpenAI also previewed a public verification tool that will allow users to check whether ChatGPT, Codex or the OpenAI API generated an uploaded image. The tool will look for provenance signals, including Content Credentials and SynthID watermarks. Still, OpenAI said it will not make a definitive judgement when no signal is detected, because provenance signals can sometimes be removed.

At launch, the verification tool is limited to OpenAI-generated content. The company said it aims to support wider cross-platform verification efforts in the coming months and eventually expand support to more types of online content.

Why does it matter?

AI-generated content is becoming harder to distinguish from authentic media, fuelling concerns around AI slop, deepfakes and manipulated information. Provenance systems such as Content Credentials, watermarking and verification tools can help people understand where media came from and whether it was generated or modified by AI. However, OpenAI’s approach also shows the limits of technical detection: metadata can be stripped, watermarks may not survive every transformation, and no single method can provide complete certainty.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

UK proposes stronger streaming rules under new Ofcom standards

Ofcom has proposed new content and accessibility standards for major streaming platforms operating in the UK, expanding regulatory oversight across the rapidly growing on-demand media sector. The draft framework follows powers introduced through the Media Act and would align streaming services more closely with traditional broadcast television standards.

The proposed rules would apply to major platforms including Netflix, Amazon and Disney. Ofcom said audiences increasingly expect consistent protections regardless of whether content is viewed through conventional television or streaming services.

The draft Code includes requirements covering harmful or offensive material, fairness and privacy protections, and due impartiality and accuracy for news content. Additional safeguards for minors would also apply, alongside stronger expectations around contextual warnings and viewer information.

Ofcom also proposed new accessibility obligations for streaming providers. Under the draft rules, platforms would need to subtitle 80% of catalogue content, provide audio description for 10%, and provide signing for 5%. The regulator said that more than 18 million people with hearing or sight conditions could benefit from improved accessibility standards across streaming platforms.

Why does it matter?

The proposals signal a major shift in how digital media platforms are regulated in the UK, extending broadcast-style obligations into streaming ecosystems for the first time. The measures could influence global debates around platform accountability, online safety, accessibility standards, and regulatory convergence between traditional media and digital services.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

OpenAI integrates Codex into ChatGPT mobile app

OpenAI has integrated Codex into the ChatGPT mobile app, allowing users to monitor and manage agentic coding workflows from iOS and Android devices.

The feature, currently in preview and available across all plans, lets users view live Codex environments, review outputs, approve commands, change models, and start new tasks from their phones. OpenAI said the update is intended to support work across multiple threads and workflows, rather than to control a single task remotely.

Codex is OpenAI’s coding agent for software development, designed to help with tasks such as building features, refactoring code, generating pull requests, testing and documentation. OpenAI describes the Codex app as a command centre for agentic coding, with agents able to work in parallel across projects through worktrees and cloud environments.

The mobile integration aligns with other recent Codex updates, including background operations in desktop environments and a browser extension for live sessions. Together, the updates point to OpenAI’s effort to turn Codex into a persistent development assistant that can continue working across devices and environments.

The move also comes amid growing competition with Anthropic’s Claude Code, which has introduced similar remote-monitoring features. Both companies are competing to make agentic coding tools central to developer workflows, particularly for businesses and technical teams seeking more autonomous software development support.

Why does it matter?

Mobile access makes agentic coding less tied to a single workstation. If developers can review outputs, approve commands and manage parallel coding tasks from a phone, AI coding agents become more like always-on collaborators than occasional coding assistants. The shift could accelerate competition between OpenAI, Anthropic and other AI firms over who controls the next layer of software development workflows.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Ofcom investigates adult platforms under Online Safety Act age-check rules

Ofcom has opened investigations into the providers of pimpbunny.com and kemono.cr to assess their compliance with age-check rules under the UK’s Online Safety Act.

The regulator said pornography services must use ‘highly effective’ age checks to determine whether users are over 18 before allowing access to pornographic material. The investigations will examine whether there are reasonable grounds to believe the providers have failed, or are failing, to comply with those duties.

Ofcom said it prioritised action against the providers based on the risk of harm posed by their services. The regulator took account of user numbers, including significant increases in traffic since age-check laws came into force last summer.

Separately, Ofcom has issued a provisional decision concerning fapello.com, saying it has reasonable grounds to believe the provider is in breach of its duties under the Online Safety Act. Fapello can make representations before Ofcom reaches a final decision.

Ofcom also expanded its ongoing investigation into XGroovy to examine whether it failed to respond adequately to formal information requests from the regulator. The developments form part of wider UK enforcement efforts around online child safety, age assurance and platform accountability under the Online Safety Act.

Why does it matter?

The investigations show that Ofcom is moving from guidance to enforcement under the UK’s Online Safety Act, particularly for services hosting pornographic material. Age assurance has become a central test of the UK’s child online safety regime, with regulators assessing not only whether platforms have age checks in place, but whether those checks are effective enough to prevent children from readily accessing explicit content.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

China expands AI education strategy through global learning platform

China has launched a global AI education service platform to expand cross-border access to digital learning resources and support the integration of AI into education.

The initiative was announced during the 2026 World Digital Education Conference in Hangzhou and forms part of a broader upgrade to Smart Education of China, a digital education platform now accessible in around 220 countries and regions.

Chinese authorities said the upgraded platform will support cross-border sharing of educational resources and expand international services. New features include a lifelong learning hub and a Chinese language learning community.

The conference also saw the release of a report outlining China’s policy progress and practical experience in smart education. An AI education initiative was also unveiled, calling for better use of AI to support well-rounded and sustainable human development.

The initiative also urged stronger efforts to bridge the global digital divide by using smart education platforms to share high-quality resources and digital tools.

Why does it matter?

The launch shows how AI education is becoming part of digital infrastructure strategy, not only classroom reform. By linking AI tools, online learning resources and international access through a state-backed platform, China is positioning digital education as an area of both domestic development and global cooperation. It also points to wider competition over who builds the platforms, standards and learning ecosystems that will shape AI literacy and future workforce skills.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU Commission reviews Android DMA rules on interoperability

The European Commission is consulting third parties on proposed measures requiring Alphabet to ensure effective interoperability between Google Android and AI services under the Digital Markets Act.

The draft measures focus on AI services’ access to key Android capabilities, including wake-word activation, contextual data, integration with applications, and access to hardware and software resources needed for reliable and responsive services.

The Commission opened proceedings in January 2026 to specify how Alphabet should comply with DMA interoperability obligations for features relevant to AI services. Its proposed measures cover invocation, context, actions on apps and the operating system, access to resources, and general requirements such as free access, documented frameworks and APIs, technical assistance and reporting.

Stakeholders were asked to comment on the effectiveness, completeness, feasibility and implementation timelines of the proposed measures, particularly from the perspective of AI service providers and Android device manufacturers.

Input from Alphabet and interested third parties may lead to adjustments before the Commission adopts a final decision-making the measures legally binding. The Commission is expected to adopt that decision by 27 July 2026.

Why does it matter?

The case shows how the DMA is being applied to the emerging competitive landscape for AI assistants and mobile operating systems. If third-party AI services need access to Android features such as wake words, contextual data, app actions and on-device resources to compete effectively, interoperability rules could shape which AI tools reach users and how much control gatekeepers retain over mobile AI ecosystems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Diplo chatbot can make mistakes. Consider checking important information.