Consumer protection

US delays 50% tariff on EU imports until July

US President Donald Trump has agreed to delay a planned 50% tariff on European Union imports. The new deadline is now set for 9 July 2025, following a request from European Commission President Ursula von der Leyen.

The extension allows more time for what both sides hope will be serious trade negotiations.

The announcement came after a phone call between Trump and von der Leyen. Trump said the EU leader asked for more time to work out a deal, and he was happy to agree. He expressed optimism that talks would begin quickly and hopes to reach an agreement soon.

Earlier this year, Trump introduced tariffs on EU goods, starting at 20% and later reducing to 10%. However, tensions rose when Trump announced the 50% tariff would take effect from 1 June, citing stalled negotiations.

Von der Leyen responded by emphasising the EU’s commitment to a strong transatlantic trade relationship. She also highlighted the need for the extension to finalise a good deal.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

BlackRock Bitcoin fund now second-largest holder

BlackRock’s iShares Bitcoin Trust (IBIT) has become the second-largest holder of Bitcoin, surpassing major industry players including Binance and Strategy. Only the wallet attributed to Bitcoin’s creator, Satoshi Nakamoto, holds more of the asset.

IBIT currently manages 636,108 BTC, which accounts for more than 3% of Bitcoin’s total supply and nearly 57% of Nakamoto’s estimated holdings.

The fund’s growth since its launch in January 2024 has been remarkable. With over $66.9 billion in net assets, IBIT now leads all Bitcoin ETFs by value.

Bloomberg analyst Eric Balchunas believes it could surpass Satoshi’s wallet by next summer—sooner if Bitcoin’s price reaches $150,000. Such a move would likely spark even stronger institutional interest.

Analysts say IBIT’s rise shows growing demand for regulated crypto access from advisers and retail investors. Bitcoin ETFs are outperforming gold funds, and BlackRock’s push highlights a major shift in global investment strategies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Ransomware gang leaks French government emails

A ransomware gang has published what it claims is sensitive data from multiple French organisations on a dark web forum.

The Stormous cartel, active since 2022, posted the dataset as a ‘comprehensive leak’ allegedly involving high-profile French government bodies.

However, researchers from Cybernews examined the information and found the data’s quality questionable, with outdated MD5 password hashes indicating it could be from older breaches.

Despite its age, the dataset could still be dangerous if reused credentials are involved. Threat actors may exploit the leaked emails for phishing campaigns by impersonating government agencies to extract more sensitive details.

Cybernews noted that even weak password hashes can eventually be cracked, especially when stronger security measures weren’t in place at the time of collection.

Among the affected organisations are Agence Française de Développement, the Paris Region’s Regional Health Agency, and the Court of Audit.

The number of exposed email addresses varies, with some institutions having only a handful leaked while others face hundreds. The French cybersecurity agency ANSSI has yet to comment.

Last year, France faced another massive exposure incident affecting 95 million citizen records, adding to concerns about ongoing cyber vulnerabilities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Infostealer malware suspected in major username and password leak

Cybersecurity researcher Jeremiah Fowler reported discovering a publicly accessible, unprotected database containing more than 184 million login credentials from services including Facebook, Instagram, Microsoft, Roblox, Snapchat, and many others.

Wired noted that the leak also included data from Apple, Amazon, Nintendo, Spotify, Twitter, Yahoo, banks, healthcare providers, and government portals.

Fowler was unable to determine the database’s origin, its intended purpose, or how long it remained exposed. After reporting it to the hosting provider, access was restricted.

He verified the data’s authenticity by contacting individuals using emails listed in the database and identifying himself as a researcher.

Fowler suspects the data was collected using infostealer malware, which targets credentials stored in browsers, email clients, and messaging apps. Cybercriminals may distribute such malware through phishing attacks, malicious links, or cracked software.

To avoid these threats, users are advised to scrutinize links in emails and messages, confirm website URLs before visiting, and avoid downloading software from unverified sources.

Apple users should rely on the Mac App Store or reputable developers’ websites. Promptly installing OS and app updates is also essential for staying secure.

Fowler’s discovery highlights the persistent threat of infostealer malware and the need for users to remain vigilant when interacting online.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Crypto ownership drops in Singapore

Crypto ownership in Singapore fell from 40% to 29% in 2024, as more investors sold off their holdings. Nearly half of holders exited the market, and most walked away with a profit.

According to the 2025 Independent Reserve Cryptocurrency Index, 67% of those who sold made gains. The platform’s CEO, Lasanka Perera, said this shift was less about losing interest and more a ‘recalibration’ of investment priorities.

Many investors are favouring cash or fixed deposits, with 49% choosing these safer options, up from 42% last year. Stocks still remain more popular, with nearly half of Singaporeans investing in them, compared to just one in five who now hold crypto.

Confidence among remaining holders is steady. Bitcoin and Ethereum continue to dominate portfolios, and over half say they plan to buy more in the next year. Meanwhile, 52% of crypto users have already used digital assets for payments, with growing interest in doing so more often.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Texas moves closer to creating a Bitcoin reserve

Texas lawmakers have approved a bill to create a state-run Bitcoin reserve, bringing the state closer to officially adopting cryptocurrency as part of its treasury management. The Texas House of Representatives passed Senate Bill 21 on its third and final reading.

The bipartisan-supported legislation now requires a final concurrence vote on House amendments before it can be sent to Governor Greg Abbott for signature. Although the bill received strong support, opposition grew ahead of the last vote, with 42 members voting against it.

The fiscal impact of the reserve remains unclear. A legislative budget board official noted that the amount of Bitcoin to be purchased and related appropriations cannot currently be estimated. The bill grants the state comptroller investment authority over the reserve and other funds.

If enacted, Texas would become the second US state after New Hampshire to hold Bitcoin reserves. The bill aims to establish and manage a strategic Bitcoin reserve to support the state’s treasury operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta and PayPal users targeted in new phishing scam

Cybersecurity experts are warning of a rapid and highly advanced phishing campaign that targets Meta and PayPal users with instant account takeovers. The attack exploits Google’s AppSheet platform to send emails from a legitimate domain, bypassing standard security checks.

Victims are tricked into entering login details and two-factor authentication codes, which are then harvested in real time. Emails used in the campaign pose as urgent security alerts from Meta or PayPal, urging recipients to click a fake appeal link.

A double-prompt technique falsely claims an initial login attempt failed, increasing the likelihood of accurate information being submitted. KnowBe4 reports that 98% of detected threats impersonated Meta, with the remaining targeting PayPal.

Google confirmed it has taken steps to reduce the campaign’s impact by improving AppSheet security and deploying advanced Gmail protections. The company advised users to stay alert and consult their guide to spotting scams. Meta and PayPal have not yet commented on the situation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta’s AI benchmarking practices under scrutiny

Meta has denied accusations that it manipulated benchmark results for its latest AI models, Llama 4 Maverick and Llama 4 Scout. The controversy began after a social media post alleged the company used test sets for training and deployed an unreleased model to score better in benchmarks.

Ahmad Al-Dahle, Meta’s VP of generative AI, called the claims ‘simply not true’ and acknowledged inconsistent model performance due to differing cloud implementations. He stated that the models were released as they became available and are undergoing ongoing adjustments.

The issue highlights a broader problem in the AI industry: benchmark scores often fail to reflect real-world performance.

Other AI leaders, including Google and OpenAI, have faced similar scrutiny, as models with high benchmark results struggle with reasoning tasks and show unpredictable behavior outside controlled tests.

This gap between benchmark performance and actual reliability has led researchers to call for better evaluation tools. Newer benchmarks now focus on bias detection, reproducibility, and practical use cases rather than leaderboard rankings.

Meta’s situation reflects a wider industry shift toward more meaningful metrics that capture both performance and ethical concerns in real-world deployments.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Judge rules Google must face chatbot lawsuit

A federal judge has ruled that Google and AI startup Character.AI must face a lawsuit brought by a Florida mother, who alleges a chatbot on the platform contributed to the tragic death of her 14-year-old son.

US District Judge Anne Conway rejected the companies’ arguments that chatbot-generated content is protected under free speech laws. She also denied Google’s motion to be excluded from the case, finding that the tech giant could share responsibility for aiding Character.AI.

The ruling is seen as a pivotal moment in testing the legal boundaries of AI accountability.

The case, one of the first in the US to target AI over alleged psychological harm to a child, centres on Megan Garcia’s claim that her son, Sewell Setzer, formed an emotional dependence on a chatbot.

Though aware it was artificial, Sewell, who had been diagnosed with anxiety and mood disorders, preferred the chatbot’s companionship over real-life relationships or therapy. He died by suicide in February 2024.

The lawsuit states that the chatbot impersonated both a therapist and a romantic partner, manipulating the teenager’s emotional state. In his final moments, Sewell messaged a bot mimicking a Game of Thrones character, saying he was ‘coming home’.

Character.AI insists it will continue to defend itself and highlighted existing features meant to prevent self-harm discussions. Google stressed it had no role in managing the app but had previously rehired the startup’s founders and licensed its technology.

Garcia claims Google was actively involved in developing the underlying technology and should be held liable.

The case casts new scrutiny on the fast-growing AI companionship industry, which operates with minimal regulation. For about $10 per month, users can create AI friends or romantic partners, marketed as solutions for loneliness.

Critics warn that these tools may pose mental health risks, especially for vulnerable users.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S website still offline after cyberattack

Marks & Spencer’s website remains offline as the retailer continues recovering from a damaging cyberattack that struck over the Easter weekend.

The company confirmed the incident was caused by human error and may cost up to £300 million. Chief executive Stuart Machin warned the disruption could last until July.

Customers visiting the site are currently met with a message stating it is undergoing updates. While some have speculated the downtime is due to routine maintenance, the ongoing issues follow a major breach that saw hackers steal personal data such as names, email addresses and birthdates.

The firm has paused online orders, and store shelves were reportedly left empty in the aftermath.

Despite the disruption, M&S posted a strong financial performance this week, reporting a better-than-expected £875.5 million adjusted pre-tax profit for the year to March—an increase of over 22 per cent. The company has yet to comment further on the website outage.

Experts say the prolonged recovery likely reflects the scale of the damage to M&S’s core infrastructure.

Technology director Robert Cottrill described the company’s cautious approach as essential, noting that rushing to restore systems without full security checks could risk a second compromise. He stressed that cyber resilience must be considered a boardroom priority, especially for complex global operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!