Cloud computing

CrowdStrike disrupts Glassworm botnet targeting software developers worldwide

CrowdStrike has announced the coordinated disruption of the Glassworm botnet, a cyber operation targeting software developers through open-source software supply chains.

Working with Google and the Shadowserver Foundation, the cybersecurity company said it simultaneously disabled four command-and-control channels used by the malware infrastructure.

According to CrowdStrike, Glassworm targeted developers through trojanised VSCode extensions, malicious npm and Python packages, and compromised GitHub repositories containing poisoned code. The campaign affected Windows, macOS, and Linux systems and targeted the theft of developer credentials and the maintenance of persistent access to development environments.

CrowdStrike said the botnet had compromised hundreds of GitHub repositories using stolen developer credentials, posing risks to downstream software supply chains. The company warned that attackers are increasingly targeting developers because compromising a single workstation, repository, or package can spread malicious code across many organisations, services, and users.

The company also highlighted the growing resilience of cybercriminal infrastructure. It said Glassworm combined blockchain technology, peer-to-peer systems, legitimate online services, and traditional servers to make takedown attempts more difficult.

The disruption cuts off the botnet’s known command-and-control channels, but CrowdStrike said organisations should continue checking for compromised developer environments, malicious packages, and exposed credentials.

Why does it matter?

The Glassworm campaign shows how developer tools and open-source ecosystems have become critical attack surfaces. Rather than attacking only large enterprises directly, threat actors can compromise repositories, extensions, libraries, or credentials used by developers and then move through the software supply chain. Such attacks can create cascading risks for cloud services, enterprise software, financial systems, public services, and other organisations that rely on shared code and development infrastructure.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Study says AI is rewiring global trade and reshaping economic power

A new Allianz Research report argues that AI is transforming global trade, supply chains, digital infrastructure, and geopolitical influence.

The report says AI growth increasingly depends on global semiconductor production, cloud infrastructure, hyperscale data centres, and cross-border digital services. It also argues that trade is increasingly shaped by who controls AI infrastructure, data flows, and cloud capacity.

Allianz Research says exports of AI-enabling goods rose from USD 1 trillion in 2014 to USD 3.8 trillion in 2025, accounting for 15% of global trade and far outpacing overall goods trade growth. Asia dominates the supply side, accounting for 65% of global AI-related exports and seven of the top ten exporters, led by China, Taiwan, and Hong Kong.

The report also highlights the United States’ role as a centre of hyperscale AI infrastructure. It says the US has tripled its AI-related imports since 2023 and is home to 5,427 operational data centres, equivalent to 45% of the global total.

Europe faces a different challenge. According to Allianz Research, the region has less than 10GW of operational data-centre capacity, compared with 60GW in the US, while US hyperscalers already control 35% of European computing capacity and are consolidating a 70% share of the cloud market. The report points to fragmented regulation, complex permitting processes, grid connection delays, limited funding, and the absence of a domestic hyperscaler as factors that reinforce European dependence.

The study also warns that AI diffusion could widen EU-US service imbalances by requiring recurring payments to American AI providers and cloud platforms. In a high-adoption scenario, annual payments by eurozone users to US AI services providers could rise from EUR 2.7 billion to EUR 34 billion, according to the report.

Allianz Research concludes that AI governance, industrial policy, export restrictions, subsidies, and digital trade regulation are becoming central components of global economic competition. Governments are increasingly treating semiconductors, cloud infrastructure, data centres, and AI services as strategic assets linked to national security, economic resilience, and geopolitical influence.

Why does it matter?

The report frames AI as a trade and industrial policy issue, not only a technology story. Its findings suggest that control over semiconductors, cloud infrastructure, data centres, and AI services could shape which economies capture AI-driven productivity gains and which become more dependent on foreign platforms, supply chains, and infrastructure. For Europe, the key concern is a possible double dependence on US cloud and AI services and Asian hardware supply chains.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

European Union reviews platform power in third annual Digital Markets Act report

The European Commission has published its first formal review of the Digital Markets Act, assessing how the regulation is affecting large online platforms and digital market competition across the European Union.

The review says the DMA has already produced visible changes in some areas, including greater user choice through third-party app stores and prompts allowing users to select browsers or search engines. However, it also points to continuing challenges in implementation and enforcement.

Enforcement has become a central part of the assessment. In April 2025, Apple was fined €500 million for blocking developers from directing users to cheaper purchasing options, while Meta was fined €200 million over its ‘consent or pay’ model. Both companies are appealing the decisions.

The Commission also highlighted ongoing compliance and procedural difficulties. According to the review, investigations are taking around twice as long as the 12-month target, while legal procedures are being used to slow compliance.

The assessment raises broader questions about whether the DMA should eventually cover fast-growing areas such as AI tools and cloud platforms. The review presents the regulation as an evolving framework whose long-term impact will depend on consistent enforcement and adaptation to new market realities.

Why does it matter?

The review indicates that the Digital Markets Act is transitioning from establishing rules to a more challenging phase of enforcement. Initial changes suggest that the law is starting to influence the behaviour of platforms. However, delays, appeals, and uncertainties regarding AI and cloud services demonstrate that the European Union’s digital competition framework will need to continuously adapt as the power of platforms shifts into new areas of the digital economy.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

EU lawmakers challenge confidentiality rules on data centre emissions data

A group of 35 Members of the European Parliament has called on the European Commission to review confidentiality rules affecting public access to environmental data from data centres. The request focused on the disclosure of information related to emissions, energy use, and water consumption.

According to reporting by Investigate Europe, the disputed wording was linked to proposals submitted during consultations by Microsoft and DIGITALEUROPE. The clause was later incorporated into the EU Energy Efficiency Directive and limits disclosure of certain information related to individual data centres.

Critics argue that the measure may reduce transparency regarding the environmental impact of expanding digital infrastructure. Some lawmakers and advocacy groups have also raised questions about compatibility with transparency principles under the Aarhus Convention. Reports said critics believe the rules reduce scrutiny of the environmental impact linked to expanding AI and cloud infrastructure.

The lawmakers called on the European Commission to reconsider the provision and publish more detailed environmental reporting data. The issue has contributed to broader discussions in the EU regarding environmental accountability and oversight of digital infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

CMA opens Strategic Market Status investigation into Microsoft business software

The UK Competition and Markets Authority has opened a Strategic Market Status investigation into Microsoft’s business software ecosystem, marking another major step in the country’s digital competition regime.

The investigation will examine Microsoft’s position across workplace software products widely used throughout the UK economy, including productivity software, personal computer and server operating systems, database management systems, security software and its growing AI assistant ecosystem, including Copilot. The CMA said more than 15 million commercial users across the UK rely on Microsoft’s software ecosystem.

Regulators will assess whether Microsoft has Strategic Market Status in business software and whether its position may limit customer choice. The CMA said it will examine concerns linked to product bundling, interoperability limits and default settings that could make it harder for businesses and public-sector organisations to switch providers or combine Microsoft tools with competing products.

The authority will also examine how competing AI services can integrate with Microsoft’s business software as workplace tools increasingly incorporate AI and agentic AI functions. The CMA said customers should be able to access software and AI services from a range of suppliers rather than being locked into a single ecosystem.

Cloud competition concerns are also linked to the probe. An SMS designation would allow the CMA to consider targeted interventions related to Microsoft’s software licensing practices, which were previously identified as reducing competition in cloud services.

The CMA will gather evidence from Microsoft, customers, rivals, challenger technology firms and other stakeholders before deciding whether to designate Microsoft with Strategic Market Status. The regulator said the investigation does not assume wrongdoing and that any future interventions would depend on the evidence and relevant legal tests.

Why does it matter?

The investigation shows how digital competition oversight is moving deeper into enterprise software, cloud infrastructure and AI-enabled workplace tools. As products such as Copilot become embedded in systems used by businesses and public services, regulators are increasingly treating interoperability, bundling and switching costs as strategic competition issues rather than narrow technical questions.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Anthropic launches Claude Platform on AWS with managed AI agent tools

Anthropic has made Claude Platform on AWS generally available, giving AWS customers access to Claude Platform features through AWS authentication, billing and infrastructure integrations.

The platform includes Claude Managed Agents, code execution, web search, web fetch, prompt caching, batch processing, citations, support for the Files API, and support for Skills and MCP connectors. Anthropic said new Claude models and beta tools will become available on AWS at the same time they launch on the native Claude API.

Authentication runs through AWS Identity and Access Management, while audit logging is handled through AWS CloudTrail and billing through a single AWS invoice. Anthropic said the service is designed for organisations seeking native Claude Platform functionality while staying within existing AWS credentials, permissions and operational workflows.

The company also clarified the distinction between Claude Platform on AWS and Claude on Amazon Bedrock. Under the new platform, Anthropic operates the service and data is processed outside the AWS boundary.

By contrast, Claude on Amazon Bedrock keeps AWS as the data processor and operates within the AWS boundary, making it more suitable for customers with strict regional data residency requirements or those needing data processed exclusively within AWS infrastructure.

Why does it matter?

The launch shows how competition between major AI providers is shifting towards enterprise deployment, cloud integration and agent-based automation. For organisations, the choice is no longer only about model performance, but also about where data is processed, how access is controlled, how audit logs are handled and whether AI agents can be deployed within existing cloud governance systems.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Rising data centre demand increases energy and cyber risks

Data centres are increasingly central to digital economies, but their rapid expansion is reshaping both electricity demand and cybersecurity risks. According to the International Energy Agency, data centres used about 1.5% of global electricity in 2024, with demand rising as AI and cloud services expand.

These facilities operate as both energy consumers and producers, relying on grid power while also maintaining on-site generation and battery systems. Their ability to switch power sources instantly supports service continuity but can also cause sudden load shifts that challenge grid stability during outages or cyber incidents.

Cybersecurity is now closely tied to energy resilience. Data centres depend on interconnected systems such as backup power, cooling, and digital control networks, all of which require continuous monitoring and protection.

Weaknesses in any part of this ‘system of systems’ can affect both service availability and wider electricity infrastructure.

Why does it matter? 

Data centres are becoming a critical infrastructure that directly affects both digital services and electricity systems. Shared planning for power disruptions, cyber events, and load management is increasingly seen as necessary to ensure stability across both digital services and national energy systems.

Their rising energy demand and reliance on complex on-site and grid power arrangements mean disruptions or cyber incidents can have wider knock-on effects, making resilience and cross-sector coordination essential for overall system stability.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

European Commission publishes first Digital Markets Act review

The European Commission has published its first formal review of the Digital Markets Act, assessing how the regulation is affecting the behaviour of large online platforms in the EU digital economy. According to the review, the law has produced visible changes in some areas, while also exposing continuing problems in implementation and enforcement.

The review points to changes in user choice since the DMA entered into force in March 2024. These include support for third-party app stores and prompts on devices to select browsers or search engines, alongside reported increases in usage and downloads of alternative services.

Enforcement action is also a central part of the assessment. In April 2025, Apple was fined €500 million for blocking developers from directing users to cheaper purchasing options, while Meta was fined €200 million over its ‘consent or pay’ model. Both companies are appealing the decisions.

At the same time, the review identifies clear implementation challenges. It says investigations are taking around twice as long as the 12-month target, while legal procedures are being used to slow compliance. It also raises broader questions about whether fast-growing areas such as AI tools and cloud platforms should eventually be brought within the scope of the regulation.

The Digital Markets Act is therefore presented less as a completed intervention than as an ongoing regulatory process. The review suggests that its long-term impact will depend not only on the rules already in force, but also on how consistently they are enforced and how the EU responds to changes in digital markets.

Why does it matter?

The review matters because it shows that the real test of the Digital Markets Act is no longer whether the EU can write rules for large platforms, but whether it can enforce them quickly and adapt them to new market realities. Early changes in user choice suggest the law is starting to affect platform behaviour. However, delays in investigations and questions around AI and cloud services show that the regulatory contest is still evolving.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

White paper sets priorities for Europe’s digital sovereignty and tech competitiveness

A new whitepaper by GITEX AI Europe, in partnership with research firm LUE, outlines key priorities for strengthening Europe’s digital sovereignty and long-term technological competitiveness.

The study suggests scaling AI computing power, expanding cloud infrastructure, adopting open-source standards and increasing startup investment as central pillars. These measures aim to align innovation capacity with broader economic and industrial growth.

It highlights rising demand for AI infrastructure, with data centre expansion and energy integration seen as essential. The report also stresses the need for sovereign cloud systems to ensure greater control over data, alongside the role of open-source technologies in enabling flexibility and transparency.

The whitepaper concludes that stronger investment and coordinated policy are required to support deep-tech growth and prevent talent loss, with initiatives and partnerships shaping Europe’s digital future across the continent.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Rubrik launches Agent Cloud for enterprise AI governance

Rubrik has launched Rubrik Agent Cloud for the Gemini Enterprise Agent Platform, introducing new governance and operational controls for enterprise AI agents built on Google Cloud.

According to the company, the integration is intended to help organisations accelerate and secure the deployment of AI agents by adding semantic governance and operational resilience through real-time, intent-based guardrails. The company says the offering is powered by its Semantic AI Governance Engine, or SAGE, which is designed to monitor and control autonomous agent behaviour.

Google Cloud’s Satish Thomas, Vice President for Applied AI and Platform Ecosystem, said:

‘As enterprises move into the autonomous era with Gemini Enterprise, security and governance are top of mind. Rubrik helps to provide a unified control layer for agent deployment and security that is critical for AI success.’

Rubrik’s Devvret Rishi, General Manager for AI, stated:

Enterprises want the speed of Google Cloud’s AI technologies, but also require the safety of Rubrik’s cyber resilience. Through this collaboration, we will remove the governance bottleneck for customers developing with Gemini Enterprise Agent Platform. RAC provides real-time guardrails organizations need to speed AI agents into production, without the worry of compromising enterprise security or integrity.’

Rubrik says the integration includes automated discovery of agents running on Gemini Enterprise Agent Platform Runtime, visibility into risk, access permissions and policy violations, a unified control interface for AI security policies, and an ‘Agent Rewind’ capability intended to instantly and precisely undo an autonomous agent’s destructive action.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.