Capacity development

McDonald’s faces backlash over AI hiring system security failures

A major security flaw in McDonald’s AI-driven recruitment platform has exposed the personal information of potentially 64 million job applicants.

The McHire platform, developed by Paradox.ai and powered by an AI chatbot named Olivia, suffered from basic authentication vulnerabilities and lacked critical security controls.

Security researchers Ian Carroll and Sam Curry discovered they could access the system using weak default credentials—simply the username and password ‘123456’.

The incident underscores serious cybersecurity lapses in automated hiring systems and raises urgent concerns about data protection in AI-powered HR tools. McHire is designed to streamline recruitment at McDonald’s franchise locations by using AI to screen candidates, collect contact details, and assess suitability.

The chatbot Olivia interacts with applicants using natural language processing, but users have often reported issues with miscommunication and unclear prompts. As a broader shift toward automation in hiring takes shape, McHire represents an attempt to scale recruitment efforts without expanding HR staff.

However, according to the researchers’ findings, the system’s backend infrastructure—housing millions of résumés, chat logs and assessments—was critically unprotected.

After prompt injection attacks failed, the researchers focused on login mechanisms and discovered a Paradox.ai staff portal linked from the McHire homepage.

Using simple password combinations and dictionary attacks, they could access the system with the password ‘123456’, bypassing standard security protocols. More worryingly, the account lacked two-factor authentication, enabling unrestricted access to administrative tools and candidate records.

From there, the researchers found an Insecure Direct Object Reference (IDOR) vulnerability that allowed traversal of the applicant database by manipulating ID numbers.

By increasing the numeric applicant ID above 64 million, they could view multiple records containing names, email addresses, phone numbers and chat logs. Although only seven records were considered during the test, five included personally identifiable information, highlighting the scale of the exposure.

Paradox.ai insisted that only a fraction of records held sensitive data, but the researchers warned of phishing risks linked to impersonation of McDonald’s recruiters. These could be used for payroll-related scams or to harvest further private information under false pretences.

McDonald’s acknowledged the breach and expressed disappointment in its third-party provider’s handling of basic security measures.

Paradox.ai confirmed the vulnerabilities and announced a bug bounty programme to incentivise researchers to report flaws before they are exploited. The exposed account was a dormant test login created in 2019 that had never been properly turned off—evidence of poor development hygiene.

Both companies have pledged to investigate the matter further and implement stronger safeguards, as scrutiny over AI accountability in hiring continues to grow.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta offers $200 million to top AI talent as superintelligence race heats up

Meta has reportedly offered over $200 million in compensation to Ruoming Pang, a former senior AI engineer at Apple, as it escalates its bid to dominate the AI arms race.

The offer, which includes long-term stock incentives, far exceeded Apple’s willingness to match and is seen as one of Silicon Valley’s most aggressive poaching efforts.

The move is part of Meta’s broader campaign to build a world-class team under its new Meta Superintelligence Lab (MSL), which is focused on developing artificial general intelligence (AGI).

The division has already attracted prominent names, including ex-GitHub CEO Nat Friedman, AI investor Daniel Gross, and Scale AI co-founder Alexandr Wang, who joined as Chief AI Officer through a $14.3 billion stake deal.

Most compensation offers in the MSL reportedly rival CEO packages at global banks, but they are heavily performance-based and tied to long-term equity vesting.

Meta’s mix of base salary, signing bonuses, and high-value stock options is designed to attract and retain elite AI talent amid a fierce talent war with OpenAI, Google, and Anthropic.

OpenAI CEO Sam Altman recently claimed Meta has dangled bonuses up to $100 million to lure staff away, though he insists many stayed for cultural reasons.

Still, Meta has already hired more than 10 researchers from OpenAI and poached talent from Google DeepMind, including principal researcher Jack Rae.

The AI rivalry could come to a head as Altman and Zuckerberg meet at the Sun Valley conference this week.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI to release Chromium-based AI browser competing with Chrome

OpenAI is preparing to launch an AI-powered web browser that could challenge Google Chrome’s dominant market position. The browser is expected to debut in the coming weeks and aims to change how users interact with the web fundamentally.

The new browser will reportedly integrate AI capabilities directly into the browsing experience, allowing for more intelligent and task-driven user interactions. Instead of simply directing users to websites, the browser is designed to keep many interactions within a native ChatGPT-style interface.

If adopted by ChatGPT’s 500 million weekly users, the browser could seriously threaten Google’s ad-driven ecosystem. Chrome is critical in Alphabet’s advertising revenue, accounting for nearly three-quarters of the company’s income by collecting user data and directing traffic to Google Search.

By building its browser, OpenAI would gain more direct access to user behaviour data, improving its AI models and enabling new forms of web engagement. However, this move is part of OpenAI’s broader strategy to integrate its services into users’ personal and professional lives.

The browser will reportedly support AI ‘agents’ capable of performing tasks such as making reservations or filling out web forms automatically. These agents could operate directly within websites, making the browsing experience more seamless and productive.

While OpenAI declined to comment, sources suggest the browser is built on Google’s open-source Chromium codebase—the same foundation behind Chrome, Edge, and Opera. However, this allows OpenAI to maintain compatibility while customising user experience and data control.

Competition in the AI-powered browser space is heating up. Startups like Perplexity and Brave have already launched intelligent browsers, and The Browser Company continues to develop features for AI-driven navigation and summarisation.

Despite Chrome’s 3-billion-strong user base and over two-thirds of the browser market share, OpenAI sees an opportunity to disrupt the space. Apple’s Safari holds second place with just 16% of the global share, leaving room for new challengers.

Last year, OpenAI hired two senior Google engineers from the original Chrome team, fueling speculation that the company was eyeing the browser space. One executive even testified that OpenAI would consider buying Chrome if it were made available through antitrust divestiture.

Instead, OpenAI built its browser from the ground up, allowing greater autonomy over features, data collection, and AI integration. A source told Reuters this approach ensures better alignment with OpenAI’s goal of embedding AI across user experiences.

In addition to hardware acquisitions and agent-based interfaces, the browser represents a crucial link in OpenAI’s strategy to deepen user engagement. The company recently acquired the AI hardware firm io, co-founded by Apple’s former design chief Jony Ive, for $6.5 billion.

The browser could become the gateway for OpenAI’s AI agents like ‘Operator,’ enhancing productivity by turning passive browsing into interactive assistance. Such integration could give OpenAI a competitive edge in the evolving consumer AI landscape.

Meanwhile, Google faces legal challenges over Chrome’s central role in its ad monopoly. A US judge ruled that Google maintains an unlawful hold over online search, prompting the Department of Justice to push for divestiture of key assets, including Chrome.

OpenAI’s entry could spark a broader shift in how consumers, businesses, and advertisers engage with the internet as the browser race intensifies. With built-in AI capabilities and task automation, browsing may become a different experience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Kazakhstan rises as an AI superpower

Since the launch of its Digital Kazakhstan initiative in 2017, the country has shifted from resource-dependent roots to digital leadership.

It ranks 24th globally on the UN’s e‑government index and among the top 10 in online service delivery. Over 90% of public services, such as registrations, healthcare access, and legal documentation, are digitised, aided by mobile apps, biometric ID and QR authentication.

Central to this is a Tier III data-centre-based AI supercluster, launching in July 2025, and the Alem.AI centre, both designed to supply computing power for universities, startups and enterprises.

Kazakhstan is also investing heavily in talent and innovation. It aims to train up to a million AI-skilled professionals and supports over 1,600 startups at Astana Hub. Venture capital surpassed $250 million in 2024, bolstered by a new $1 billion Qazaqstan Venture Group fund.

Infrastructure upgrades, such as a 3,700 km fibre-optic corridor between China and the Caspian Sea, support a growing tech ecosystem.

Regulatory milestones include planned AI law reforms, data‑sovereignty zones like CryptoCity, and digital identity frameworks. These prepare Kazakhstan to become Central Asia’s digital and AI nexus.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI that serves communities, not the other way round

At the WSIS+20 High-Level Event in Geneva, a vivid discussion unfolded around how countries in the Global South can build AI capacity from the ground up, rooted in local realities rather than externally imposed models. Organised by Diplo, the Permanent Mission of Kenya to the UN in Geneva, Microsoft, and IT for Change, the session used the fictional agricultural nation of ‘Landia’ to spotlight the challenges and opportunities of community-centred AI development.

With weak infrastructure, unreliable electricity, and fragmented data ecosystems, Landia embodies the typical constraints many developing nations face as they navigate the AI revolution.

UN Under-Secretary-General and Special Envoy for Digital and Emerging Technologies Amandeep Singh Gill presented a forthcoming UN report proposing a five-tiered framework to guide countries from basic AI literacy to full development capacity. He stressed the need for tailored, coordinated international support—backed by a potential global AI fund—to avoid the fragmented aid pitfalls seen in climate and health sectors.

WSIS

Microsoft’s Ashutosh Chadha echoed that AI readiness is not just a tech issue but fundamentally a policy challenge, highlighting the importance of data governance, education systems, and digital infrastructure as foundations for meaningful AI use.

Civil society voices, particularly from IT4Change’s Anita Gurumurthy and Nandini Chami, spoke about ‘regenerative AI’—AI that is indigenous, inclusive, and modular. They advocated for small-scale models that can run on local data and infrastructures, proposing creative use of community media archives and agroecological knowledge.

Speakers stressed that technology should adapt to community needs, not the reverse, and that AI must augment—not displace—traditional practices, especially in agriculture where livelihoods are at stake.

WSIS

Ultimately, the session crystallised around a core principle: AI must be developed with—not for—local communities. Participants called for training unemployed youth to support rural farmers with accessible AI tools, urged governments to invest in basic infrastructure alongside AI capacity, and warned against replicating inequalities through automation.

The session concluded with optimism and a commitment to continue this global-local dialogue beyond Geneva, ensuring AI’s future in the Global South is not only technologically viable, but socially just.

Track key events from the WSIS+20 High-Level Event 2025 on our dedicated page.

UN leaders chart inclusive digital future at WSIS+20

At the WSIS+20 High-Level Event in Geneva, UN leaders gathered for a pivotal dialogue on shaping an inclusive digital transformation, marking two decades since the World Summit on the Information Society (WSIS). Speakers across the UN system emphasised that technology must serve people, not vice versa.

They highlighted that bridging the digital divide is critical to ensuring that innovations like AI uplift all of humanity, not just those in advanced economies. Without equitable access, the benefits of digital transformation risk reinforcing existing inequalities and leaving millions behind.

The discussion showcased how digital technologies already transform disaster response and climate resilience. The World Meteorological Organization and the UN Office for Disaster Risk Reduction illustrated how AI powers early warning systems and real-time risk analysis, saving lives in vulnerable regions.

Meanwhile, the Food and Agriculture Organization of the UN underscored the need to align technology with basic human needs, reminding the audience that ‘AI is not food,’ and calling for thoughtful, efficient deployment of digital tools to address global hunger and development.

Workforce transformation and leadership in the AI era also featured prominently. Leaders from the International Labour Organization and UNITAR stressed that while AI may replace some roles, it will augment many more, making digital literacy, ethical foresight, and collaborative governance essential skills. Examples from within the UN system itself, such as the digitisation of the Joint Staff Pension Fund through facial recognition and blockchain, demonstrated how innovation can enhance services without sacrificing inclusivity or ethics.

As the session closed, speakers collectively reaffirmed the importance of human rights, international cooperation, and shared digital governance. They stressed that the future of global development hinges on treating digital infrastructure and knowledge as public goods.

With the WSIS framework and Global Digital Compact as guideposts, UN leaders called for sustained, unified efforts to ensure that digital transformation uplifts every community and contributes meaningfully to the Sustainable Development Goals.

Track all key events from the WSIS+20 High-Level Event 2025 on our dedicated page.

X CEO Yaccarino resigns as AI controversy and Musk’s influence grow

Linda Yaccarino has stepped down as CEO of X, ending a turbulent two-year tenure marked by Musk’s controversial leadership and ongoing transformation of the social media company.

Her resignation came just one day after a backlash over offensive posts by Grok, the AI chatbot created by Musk’s xAI, which had been recently integrated into the platform.

Yaccarino, who was previously a top advertising executive at NBCUniversal, was brought on in 2023 to help stabilise the company following Musk’s $44bn acquisition.

In her farewell post, she cited efforts to improve user safety and rebuild advertiser trust, but did not provide a clear reason for her departure.

Analysts suggest growing tensions with Musk’s management style, particularly around AI moderation, may have prompted the move.

Her exit adds to the mounting challenges facing Musk’s empire.

Tesla is suffering from slumping sales and executive departures, while X remains under pressure from heavy debts and legal battles with advertisers.

Yaccarino had spearheaded ambitious initiatives, including payment partnerships with Visa and plans for an X-branded credit or debit card.

Despite these developments, X continues to face scrutiny for its rightward political shift and reliance on controversial AI tools.

Whether the company can fulfil Musk’s vision of becoming an ‘everything app’ without Yaccarino remains to be seen.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Nvidia nears $4 trillion milestone as AI boom continues

Nvidia has made financial history by nearly reaching a $4 trillion market valuation, a milestone highlighting investor confidence in AI as a powerful economic force.

Shares briefly peaked at $164.42 before closing slightly lower at $162.88, just under the record threshold. The rise underscores Nvidia’s position as the leading supplier of AI chips amid soaring demand from major tech firms.

Led by CEO Jensen Huang, the company now holds a market value larger than the economies of Britain, France, or India.

Nvidia’s growth has helped lift the Nasdaq to new highs, aided in part by improved market sentiment following Donald Trump’s softened stance on tariffs.

However, trade barriers with China continue to pose risks, including export restrictions that cost Nvidia $4.5 billion in the first quarter of 2025.

Despite those challenges, Nvidia secured a major AI infrastructure deal in Saudi Arabia during Trump’s visit in May. Innovations such as the next-generation Blackwell GPUs and ‘real-time digital twins’ have helped maintain investor confidence.

The company’s stock has risen over 21% in 2025, far outpacing the Nasdaq’s 6.7% gain. Nvidia chips are also being used by the US administration as leverage in global tech diplomacy.

While competition from Chinese AI firms like DeepSeek briefly knocked $600 billion off Nvidia’s valuation, Huang views rivalry as essential to progress. With the growing demand for complex reasoning models and AI agents, Nvidia remains at the forefront.

Still, the fast pace of AI adoption raises concerns about job displacement, with firms like Ford and JPMorgan already reporting workforce impacts.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google partners with UK government on AI training

The UK government has struck a major partnership with Google Cloud aimed at modernising public services by eliminating agreing IT systems and equipping 100,000 civil servants with digital and AI skills by 2030.

Backed by DSIT, the initiative targets sectors like the NHS and local councils, seeking both operational efficiency and workforce transformation.

Replacing legacy contracts, some of which date back decades, could unlock as much as £45 billion in efficiency savings, say ministers. Google DeepMind will provide technical expertise to help departments adopt emerging AI solutions and accelerate public sector innovation.

Despite these promising aims, privacy campaigners warn that reliance on a US-based tech giant threatens national data sovereignty and may lead to long-term lock-in.

Foxglove’s Martha Dark described the deal as ‘dangerously naive’, with concerns around data access, accountability, public procurement processes and geopolitical risk.

As ministers pursue broader technological transformation, similar partnerships with Microsoft, OpenAI and Meta are underway, reflecting an industry-wide effort to bridge digital skills gaps and bring agile solutions into Whitehall.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI and big data to streamline South Korea’s drug evaluation processes

The Ministry of Food and Drug Safety (MFDS) of South Korea is modernising its drug review and evaluation processes by incorporating AI, big data, and other emerging technologies.

The efforts are being spearheaded by the ministry’s National Institute for Food and Drug Safety Evaluation (NIFDS).

Starting next year, NIFDS plans to apply AI to assist with routine tasks such as preparing review data.

The initial focus will be synthetic chemical drugs, gradually expanding to other product categories.

‘Initial AI applications will focus on streamlining repetitive tasks,’ said Jeong Ji-won, head of the Pharmaceutical and Medical Device Research Department at NIFDS.

‘The AI system is being developed internally, and we are evaluating its potential for real-world inspection scenarios. A phased approach is necessary due to the large volume of data required,’ Jeong added.

In parallel, NIFDS is exploring using big data in various regulatory activities.

One initiative involves applying big data analytics to enhance risk assessments during overseas GMP inspections. ‘Standardisation remains a challenge due to varying formats across facilities,’ said Sohn Kyung-hoon, head of the Drug Research Division.

‘Nonetheless, we’re working to develop a system that enhances the efficiency of inspections without relying on foreign collaborations.’ Efforts also include building domain-specific Korean-English translation models for safety documentation.

The institute also integrates AI into pharmaceutical manufacturing oversight and develops public data utilisation frameworks. The efforts include systems for analysing adverse drug reaction reports and standardising data inputs.

NIFDS is actively researching new analysis methods and safety protocols regarding impurity control.

‘We’re prioritising research on impurities such as NDMA,’ Sohn noted. Simultaneous detection methods are being tailored for smaller manufacturers.

New categorisation techniques are also being developed to monitor previously untracked substances.

On the biologics front, NIFDS aims to finalise its mRNA vaccine evaluation technology by year-end.

The five-year project supports the national strategy for improving infectious disease preparedness in South Korea, including work on delivery mechanisms and material composition.

‘This initiative is part of our broader strategy to improve preparedness for future infectious disease outbreaks,’ said Lee Chul-hyun, head of the Biologics Research Division.

Evaluation protocols for antibody drugs are still in progress. However, indirect support is being provided through guidelines and benchmarking against international cases. Separately, the Herbal Medicine Research Division is upgrading its standardised product distribution model.

The current use-based system will shift to a field-based one next year, extending to pharmaceuticals, functional foods, and cosmetics sectors.

‘We’re refining the system to improve access and quality control,’ said Hwang Jin-hee, head of the division. Collaboration with regional research institutions remains a key component of this work.’

NIFDS currently offers 396 standardised herbal medicines. The institute continues to develop new reference materials annually as part of its evolving strategy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!