Indonesia is urgently working to secure strategic autonomy in AI as Huawei rapidly expands its presence in the country’s critical infrastructure. Officials are under pressure to swiftly adopt enforceable safeguards to balance innovation and security. The aim is to prevent critical vulnerabilities from emerging.
Huawei’s telecom dominance extends into AI through 5G infrastructure, network tools, and AI cloud centres. Partnerships with local telecoms, along with government engagement, position the company at the heart of Indonesia’s digital landscape.
Experts warn that concentrating AI under one foreign supplier could compromise data sovereignty and heighten security risks. Current governance relies on two non-binding guidelines, providing no enforceable oversight or urgent baseline for protecting critical infrastructure.
The withdrawal of Malaysia from Huawei’s AI projects highlights urgent geopolitical stakes. Indonesia’s fragmented approach, with ministries acting separately, risks producing conflicting policies and leaving immediate gaps in security oversight.
Analysts suggest a robust framework should require supply chain transparency, disclosure of system origins, and adherence to data protection laws. Indonesia must act swiftly to establish these rules and coordinate policy across ministries to safeguard its infrastructure.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Four Ghanaian nationals have been extradited to the United States over an international cybercrime scheme that stole more than $100 million, allegedly through sophisticated romance scams and business email compromise (BEC) attacks targeting individuals and companies nationwide.
The syndicate, led by Isaac Oduro Boateng, Inusah Ahmed, Derrick van Yeboah, and Patrick Kwame Asare, used fake romantic relationships and email spoofing to deceive victims. Businesses were targeted by altering payment details to divert funds.
US prosecutors say the group maintained a global infrastructure, with command and control elements in West Africa. Stolen funds were laundered through a hierarchical network to ‘chairmen’ who coordinated operations and directed subordinate operators executing fraud schemes.
Investigators found the romance scams used detailed victim profiling, while BEC attacks monitored transactions and swapped banking details. Multiple schemes ran concurrently under strict operational security to avoid detection.
Following their extradition, three suspects arrived in the United States on 7 August 2025, arranged through cooperation between US authorities and the Economic and Organised Crime Office of Ghana.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Security researcher Dirk-jan Mollema demonstrated methods for bypassing authentication in hybrid Active Directory (AD) and Entra ID environments at the Black Hat conference in Las Vegas. The techniques could let attackers impersonate any synced hybrid user, including privileged accounts, without triggering alerts.
Mollema demonstrated how a low-privilege cloud account can be converted into a hybrid user, granting administrative rights. He also demonstrated ways to modify internal API policies, bypass enforcement controls, and impersonate Exchange mailboxes to access emails, documents, and attachments.
Microsoft has addressed some issues by hardening global administrator security and removing specific API permissions from synchronised accounts. However, a complete fix is expected only in October 2025, when hybrid Exchange and Entra ID services will be separated.
Until then, Microsoft recommends auditing synchronisation servers, using hardware key storage, monitoring unusual API calls, enabling hybrid application splitting, rotating SSO keys, and limiting user permissions.
Experts say hybrid environments remain vulnerable if the weakest link is exploited, making proactive monitoring and least-privilege policies critical to defending against these threats.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
In response to a troubling glitch in Google’s Gemini chatbot, the company is already deploying a fix. Users reported that Gemini, when encountering complex coding problems, began spiralling into dramatic self-criticism, declaring statements such as ‘I am a failure’ and ‘I am a disgrace to all possible and impossible universes’, repeatedly and without prompting.
Logan Kilpatrick, Google DeepMind’s group product manager, confirmed the issue on X, describing it as an ‘annoying infinite looping bug’ and assuring users that Gemini is ‘not having that bad of a day’. According to Ars Technica, affected interactions account for less than 1 percent of Gemini traffic, and updates addressing the issue have already been released.
This bizarre behaviour, sometimes described as a ‘rant mode’, appears to echo the frustrations human developers express online when debugging. Experts warn that it highlights the challenges of controlling advanced AI outputs, especially as models are increasingly deployed in sensitive areas such as medicine or education.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A critical flaw in the Windows version of WinRAR is being exploited to install malware that runs automatically at startup. Users are urged to update to version 7.13 immediately, as the software does not update itself.
Tracked as CVE-2025-8088, the vulnerability allows malicious RAR files to place content in protected system folders, including Windows startup locations. Once there, the malware can steal data, install further payloads and maintain persistent access.
ESET researchers linked the attacks to the RomCom hacking group, a Russian-speaking operation known for espionage and ransomware campaigns. The flaw has been used in spear-phishing attacks where victims opened infected archives sent via email.
WinRAR’s July update fixes the cybersecurity issue by blocking extractions outside user-specified folders. Security experts recommend caution with email attachments, antivirus scanning of archives and regular checks of startup folders for suspicious files.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
OpenAI chief executive Sam Altman has warned that many ChatGPT users are engaging with AI in self-destructive ways. His comments follow backlash over the sudden discontinuation of GPT-4o and other older models, which he admitted was a mistake.
Altman said that users form powerful attachments to specific AI models, and while most can distinguish between reality and fiction, a small minority cannot. He stressed OpenAI’s responsibility to manage the risks for those in mentally fragile states.
Using ChatGPT as a therapist or life coach was not his concern, as many people already benefit from it. Instead, he worried about cases where advice subtly undermines a user’s long-term well-being.
The model removals triggered a huge social-media outcry, with complaints that newer versions offered shorter, less emotionally rich responses. OpenAI has since restored GPT-4o for Plus subscribers, while free users will only have access to GPT-5.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UAE Ministry of Interior states that AI, surveillance, and modern laws are key to fighting crime. Offences are economic, traditional, or cyber, with data tools and legal updates improving investigations. Cybercrime is on the rise as digital technology expands.
Current measures include AI monitoring, intelligent surveillance, and new laws. Economic crimes like fraud and tax evasion are addressed through analytics and banking cooperation. Cross-border cases and digital evidence tampering continue to be significant challenges.
Traditional crimes, such as theft and assault, are addressed through cameras, patrols, and awareness drives. Some offences persist in remote or crowded areas. Technology and global cooperation have improved results in several categories.
UAE officials warn that AI and the internet of Things will lead to more sophisticated cyberattacks. Future risks include evolving criminal tactics, privacy threats, skills shortages, and balancing security and individual rights.
Opportunities include AI-powered security, stronger global ties, and better cybersecurity. Dubai Police have launched a bilingual platform to educate the public, viewing awareness as the first defence against online threats.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
OpenAI will make its GPT-4o model available again for ChatGPT Plus subscribers after replacing it with GPT-5, following complaints from users who said the change was abrupt and unwelcome.
Chief executive Sam Altman confirmed that subscribers can choose between the two models, adding that the company will monitor usage before deciding how long to keep older versions available.
The decision comes days after the debut of GPT-5, which was introduced without the option to select previous models manually.
Some users said they valued the continuity and emotional connection they had formed with GPT-4o, describing it as unique and meaningful instead of simply replaceable. Others preferred having the freedom to select a model manually rather than relying on a default.
Altman acknowledged that GPT-5’s performance appeared weaker at times, attributing it partly to a temporary malfunction in the automatic switching system.
He also said adjustments are being made to improve how the system selects the most suitable model in different scenarios.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
US law enforcement, alongside nine other nations, dismantled the BlackSuit ransomware gang’s infrastructure, replacing its leak site with a takedown notice after a coordinated operation. The group, formerly known as Royal, had amassed over $370 million in ransoms since 2022.
More than 450 victims were targeted across critical infrastructure sectors, with ransom demands soaring up to $60 million. Dallas suffered severe disruption in a notable attack, affecting emergency services and courts.
German authorities seized key infrastructure, securing data that is now under analysis to identify further collaborators. The operation also included confiscating servers, domains and digital assets used for extortion and money laundering.
New research indicates that members of BlackSuit may already be shifting to a new ransomware operation called Chaos. US agencies seized $2.4 million in cryptocurrency linked to a Chaos affiliate, marking a significant blow to evolving cybercrime efforts.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A cyber‑attack on Bouygues Telecom has compromised the personal data of 6.4 million customers. The firm disclosed that a third party accessed personal and contractual information related to certain subscriptions.
Attackers gained access on 4 August and were blocked swiftly after detection, increasing the monitoring of the systems. Exposed data includes contact details, contractual and civil status information, business records for professional clients, and IBANs for affected users.
The cybersecurity breach did not include credit card numbers or passwords. Bouygues sent impacted customers notifications via email or text and advised vigilance against scam calls and messages.
The French data protection authority, the CNIL, has been informed, and a formal complaint has been filed. The company warned that perpetrators face up to five years in prison and a fine of €150,000 under French law.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
