Consumer protection

Agentic AI could accelerate and automate future cyberattacks, Malwarebytes warns

A new report by Malwarebytes warns that the rise of agentic AI will significantly increase the frequency, sophistication, and scale of cyberattacks.

Since the launch of ChatGPT in late 2022, threat actors have used generative AI to write malware, craft phishing emails, and execute realistic social engineering schemes.

One notable case from January 2024 involved a finance employee who was deceived into transferring $25 million during a video call with AI-generated deepfakes of company executives.

Criminals have also found ways to bypass safety features in AI models using techniques such as prompt chaining, injection, and jailbreaking to generate malicious outputs.

While generative AI has already lowered the barrier to entry for cybercrime, the report highlights that agentic AI—capable of autonomously executing complex tasks—poses a far greater risk by automating time-consuming attacks like ransomware at scale.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyber scams use a three-letter trap

Staying safe from cybercriminals can be surprisingly simple. While AI-powered scams grow more realistic, some signs are still painfully obvious.

If you spot the letters ‘.TOP’ in any message link, it’s best to stop reading and hit delete. That single clue is often enough to expose a scam in progress.

Most malicious texts pose as alerts about road tolls, deliveries or account issues, using trusted brand names to lure victims into clicking fake links.

The worst of these is the ‘.TOP’ top-level domain (TLD), which has become infamous for its role in phishing and scam operations. Although launched in 2014 for premium business use, its low cost and lack of oversight quickly made it a favourite among cyber gangs, especially those based in China.

Today, nearly one-third of all .TOP domains are linked to cybercrime — far surpassing the criminal activity seen on mainstream domains like ‘.com’.

Despite repeated warnings and an unresolved compliance notice from internet regulator ICANN, abuse linked to .TOP has only worsened.

Experts warn that it is highly unlikely any legitimate Western organisation would ever use a .TOP domain. If one appears in your messages, the safest option is to delete it without clicking.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Secret passwords could fight deepfake scams

As AI-generated images grow increasingly lifelike, a cyber security expert has warned that families should create secret passwords to guard against deepfake scams.

Cody Barrow, chief executive of EclecticIQ and a former US government adviser, says AI is making it far easier for criminals to impersonate others using fabricated videos or images.

Mr Barrow and his wife now use a private code to confirm each other’s identity if either receives a suspicious message or video.

He believes this precaution, simple enough for anyone regardless of age or digital skills, could soon become essential. ‘It may sound dramatic here in May 2025,’ he said, ‘but I’m quite confident that in a few years, if not months, people will say: I should have done that.’

The warning comes the same week Google launched Veo 3, its AI video generator capable of producing hyper-realistic footage and lifelike dialogue. Its public release has raised concerns about how easily deepfakes could be misused for scams or manipulation.

Meanwhile, President Trump signed the ‘Take It Down Act’ into law, making the creation of deepfake pornography a criminal offence. The bipartisan measure will see prison terms for anyone producing or uploading such content, with First Lady Melania Trump stating it will ‘prioritise people over politics’

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US delays 50% tariff on EU imports until July

US President Donald Trump has agreed to delay a planned 50% tariff on European Union imports. The new deadline is now set for 9 July 2025, following a request from European Commission President Ursula von der Leyen.

The extension allows more time for what both sides hope will be serious trade negotiations.

The announcement came after a phone call between Trump and von der Leyen. Trump said the EU leader asked for more time to work out a deal, and he was happy to agree. He expressed optimism that talks would begin quickly and hopes to reach an agreement soon.

Earlier this year, Trump introduced tariffs on EU goods, starting at 20% and later reducing to 10%. However, tensions rose when Trump announced the 50% tariff would take effect from 1 June, citing stalled negotiations.

Von der Leyen responded by emphasising the EU’s commitment to a strong transatlantic trade relationship. She also highlighted the need for the extension to finalise a good deal.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

BlackRock Bitcoin fund now second-largest holder

BlackRock’s iShares Bitcoin Trust (IBIT) has become the second-largest holder of Bitcoin, surpassing major industry players including Binance and Strategy. Only the wallet attributed to Bitcoin’s creator, Satoshi Nakamoto, holds more of the asset.

IBIT currently manages 636,108 BTC, which accounts for more than 3% of Bitcoin’s total supply and nearly 57% of Nakamoto’s estimated holdings.

The fund’s growth since its launch in January 2024 has been remarkable. With over $66.9 billion in net assets, IBIT now leads all Bitcoin ETFs by value.

Bloomberg analyst Eric Balchunas believes it could surpass Satoshi’s wallet by next summer—sooner if Bitcoin’s price reaches $150,000. Such a move would likely spark even stronger institutional interest.

Analysts say IBIT’s rise shows growing demand for regulated crypto access from advisers and retail investors. Bitcoin ETFs are outperforming gold funds, and BlackRock’s push highlights a major shift in global investment strategies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Ransomware gang leaks French government emails

A ransomware gang has published what it claims is sensitive data from multiple French organisations on a dark web forum.

The Stormous cartel, active since 2022, posted the dataset as a ‘comprehensive leak’ allegedly involving high-profile French government bodies.

However, researchers from Cybernews examined the information and found the data’s quality questionable, with outdated MD5 password hashes indicating it could be from older breaches.

Despite its age, the dataset could still be dangerous if reused credentials are involved. Threat actors may exploit the leaked emails for phishing campaigns by impersonating government agencies to extract more sensitive details.

Cybernews noted that even weak password hashes can eventually be cracked, especially when stronger security measures weren’t in place at the time of collection.

Among the affected organisations are Agence Française de Développement, the Paris Region’s Regional Health Agency, and the Court of Audit.

The number of exposed email addresses varies, with some institutions having only a handful leaked while others face hundreds. The French cybersecurity agency ANSSI has yet to comment.

Last year, France faced another massive exposure incident affecting 95 million citizen records, adding to concerns about ongoing cyber vulnerabilities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Infostealer malware suspected in major username and password leak

Cybersecurity researcher Jeremiah Fowler reported discovering a publicly accessible, unprotected database containing more than 184 million login credentials from services including Facebook, Instagram, Microsoft, Roblox, Snapchat, and many others.

Wired noted that the leak also included data from Apple, Amazon, Nintendo, Spotify, Twitter, Yahoo, banks, healthcare providers, and government portals.

Fowler was unable to determine the database’s origin, its intended purpose, or how long it remained exposed. After reporting it to the hosting provider, access was restricted.

He verified the data’s authenticity by contacting individuals using emails listed in the database and identifying himself as a researcher.

Fowler suspects the data was collected using infostealer malware, which targets credentials stored in browsers, email clients, and messaging apps. Cybercriminals may distribute such malware through phishing attacks, malicious links, or cracked software.

To avoid these threats, users are advised to scrutinize links in emails and messages, confirm website URLs before visiting, and avoid downloading software from unverified sources.

Apple users should rely on the Mac App Store or reputable developers’ websites. Promptly installing OS and app updates is also essential for staying secure.

Fowler’s discovery highlights the persistent threat of infostealer malware and the need for users to remain vigilant when interacting online.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Crypto ownership drops in Singapore

Crypto ownership in Singapore fell from 40% to 29% in 2024, as more investors sold off their holdings. Nearly half of holders exited the market, and most walked away with a profit.

According to the 2025 Independent Reserve Cryptocurrency Index, 67% of those who sold made gains. The platform’s CEO, Lasanka Perera, said this shift was less about losing interest and more a ‘recalibration’ of investment priorities.

Many investors are favouring cash or fixed deposits, with 49% choosing these safer options, up from 42% last year. Stocks still remain more popular, with nearly half of Singaporeans investing in them, compared to just one in five who now hold crypto.

Confidence among remaining holders is steady. Bitcoin and Ethereum continue to dominate portfolios, and over half say they plan to buy more in the next year. Meanwhile, 52% of crypto users have already used digital assets for payments, with growing interest in doing so more often.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Texas moves closer to creating a Bitcoin reserve

Texas lawmakers have approved a bill to create a state-run Bitcoin reserve, bringing the state closer to officially adopting cryptocurrency as part of its treasury management. The Texas House of Representatives passed Senate Bill 21 on its third and final reading.

The bipartisan-supported legislation now requires a final concurrence vote on House amendments before it can be sent to Governor Greg Abbott for signature. Although the bill received strong support, opposition grew ahead of the last vote, with 42 members voting against it.

The fiscal impact of the reserve remains unclear. A legislative budget board official noted that the amount of Bitcoin to be purchased and related appropriations cannot currently be estimated. The bill grants the state comptroller investment authority over the reserve and other funds.

If enacted, Texas would become the second US state after New Hampshire to hold Bitcoin reserves. The bill aims to establish and manage a strategic Bitcoin reserve to support the state’s treasury operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta and PayPal users targeted in new phishing scam

Cybersecurity experts are warning of a rapid and highly advanced phishing campaign that targets Meta and PayPal users with instant account takeovers. The attack exploits Google’s AppSheet platform to send emails from a legitimate domain, bypassing standard security checks.

Victims are tricked into entering login details and two-factor authentication codes, which are then harvested in real time. Emails used in the campaign pose as urgent security alerts from Meta or PayPal, urging recipients to click a fake appeal link.

A double-prompt technique falsely claims an initial login attempt failed, increasing the likelihood of accurate information being submitted. KnowBe4 reports that 98% of detected threats impersonated Meta, with the remaining targeting PayPal.

Google confirmed it has taken steps to reduce the campaign’s impact by improving AppSheet security and deploying advanced Gmail protections. The company advised users to stay alert and consult their guide to spotting scams. Meta and PayPal have not yet commented on the situation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!