Chrome security update fixes six flaws that could enable arbitrary code execution. Stable channel 139.0.7258.127/.128 (Windows, Mac) and .127 (Linux) ships high-severity patches that protect user data and system integrity.
CVE-2025-8879 is a heap buffer overflow in libaom’s video codec. CVE-2025-8880 is a V8 race condition reported by Seunghyun Lee. CVE-2025-8901 is an out-of-bounds write in ANGLE.
Detection methods included AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL. Further fixes address CVE-2025-8881 in File Picker and CVE-2025-8882, a use-after-free in Aura.
Successful exploitation could allow code to run with browser privileges through overflows and race conditions. The automatic rollout is staged; users should update it manually by going to Settings > About Chrome.
Administrators should prioritise rapid deployment in enterprise fleets. Google credited external researchers, anonymous contributors, and the Big Sleep project for coordinated reporting and early discovery.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Indonesia is urgently working to secure strategic autonomy in AI as Huawei rapidly expands its presence in the country’s critical infrastructure. Officials are under pressure to swiftly adopt enforceable safeguards to balance innovation and security. The aim is to prevent critical vulnerabilities from emerging.
Huawei’s telecom dominance extends into AI through 5G infrastructure, network tools, and AI cloud centres. Partnerships with local telecoms, along with government engagement, position the company at the heart of Indonesia’s digital landscape.
Experts warn that concentrating AI under one foreign supplier could compromise data sovereignty and heighten security risks. Current governance relies on two non-binding guidelines, providing no enforceable oversight or urgent baseline for protecting critical infrastructure.
The withdrawal of Malaysia from Huawei’s AI projects highlights urgent geopolitical stakes. Indonesia’s fragmented approach, with ministries acting separately, risks producing conflicting policies and leaving immediate gaps in security oversight.
Analysts suggest a robust framework should require supply chain transparency, disclosure of system origins, and adherence to data protection laws. Indonesia must act swiftly to establish these rules and coordinate policy across ministries to safeguard its infrastructure.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Quantum computing is set to shift from theory to real-world applications in 2025, driven by breakthroughs from Google and IBM. With error-corrected qubits and faster processing, the market is projected to reach $292 billion by 2035.
New chips, such as Google’s Willow, have significantly reduced errors, while interconnect innovations link multiple processors. Hybrid quantum-classical systems are emerging, with AI refining results for logistics, energy grids, and secure financial transactions.
The technology is accelerating drug discovery, climate modelling, and materials science, cutting R&D timelines and improving simulation accuracy. Global firms like Pasqal are scaling production in Saudi Arabia and South Korea, even as geopolitical tensions rise.
Risks remain high, from the energy demands of quantum data centres to threats against current encryption. Experts urge rapid adoption of post-quantum cryptography and fault-tolerant systems before mass deployment.
As the UN marks 2025 as the International Year of Quantum Science, quantum computing is quietly being integrated into operations worldwide, solving problems that surpass those of classical machines. The revolution has begun, largely unnoticed but poised to redefine economies and technology.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The US Judiciary has confirmed suffering a cyberattack and says it is reinforcing systems to prevent further breaches. In a press release, it described ‘escalated cyberattacks of a sophisticated and persistent nature’ targeting its case management system and sensitive files.
Most documents in the judiciary’s electronic system are public; however, some contain confidential or proprietary information that is sealed from public view. The documents, it warned, are of interest to threat actors, prompting courts to introduce stricter controls on access under monitored conditions.
The Administrative Office of the US Courts is collaborating with Congress, the Department of Justice, the Department of Homeland Security, and other relevant agencies on security measures. No details were given on the exact methods of reinforcement.
The US court system has been a frequent target of cybercrime. Previous incidents include a 2020 federal court breach, a 2024 attack on Washington state courts, and a ransomware strike on the Los Angeles Superior Court in summer 2024.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Tesla has applied for a licence to supply electricity to homes and businesses across Britain, challenging the dominance of major energy firms. Ofgem could take up to nine months to decide, with operations potentially starting next year.
Known for electric vehicles, Tesla also runs solar and battery storage divisions, with more than 250,000 EVs and tens of thousands of home batteries already sold in the UK. The company’s experience in Texas, where it rewards customers for feeding surplus power to the grid, could inform its UK plans.
The move comes as Tesla’s European car sales decline sharply, with July registrations falling almost 60% in the UK and over 55% in Germany. Increased competition from Chinese manufacturer BYD has added to the pressure.
Tesla has faced public criticism linked to Elon Musk’s political positions, yet the energy push signals a strategic shift towards broader utility services in its key markets.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Google has become the first major tech firm to sign formal agreements with US electric utilities to ease grid pressure. The deals come as data centres drive unprecedented energy demand, straining power infrastructure in several regions.
The company will work with Indiana Michigan Power and Tennessee Valley Authority to reduce electricity usage during peak demand. These arrangements will help divert power to general utilities when needed.
Under the agreements, Google will temporarily scale down its data centre operations, particularly those linked to energy-intensive AI and machine learning workloads.
Google described the initiative as a way to speed up data centre integration with local grids while avoiding costly infrastructure expansion. The move reflects growing concern over AI’s rising energy footprint.
Demand-response programmes, once used mainly in heavy manufacturing and crypto mining, are now being adopted by tech firms to stabilise grids in return for lower energy costs.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UK’s designation of data centres as Critical National Infrastructure highlights their growing strategic importance, yet a pressing concern remains over vulnerabilities in their OT and IoT systems. While IT security often receives significant investment, the same cannot be said for other technologies.
Attackers increasingly target these overlooked systems, gaining access through insecure devices such as IP cameras and biometric scanners. Many of these operate on outdated firmware and lack even basic protections, making them ideal footholds for malicious actors.
There have already been known breaches, with OT systems used in botnet activity and crypto mining, often without detection. These attacks not only compromise security in the UK but can destabilise infrastructure by overloading resources or bypassing safeguards.
Addressing these threats requires full visibility across all connected systems, with real-time monitoring, wireless traffic analysis, and network segmentation. Experts urge data centre operators to act now, not in response to a breach, but to prevent one entirely.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Eight long-dormant Bitcoin wallets from the early days of the network moved a combined 80,000 BTC in early July 2025. Each wallet sent roughly 10,000 BTC to new SegWit addresses, which offer enhanced security against future quantum computing threats.
These transfers mark the most significant single Bitcoin transactions ever recorded, attracting intense speculation across the crypto community.
Shortly after the transfer, around 28,600 BTC were sent to Galaxy Digital, with about 9,000 BTC sold, likely contributing to a 5% price drop from Bitcoin’s recent all-time high of $123,000.
Experts believe the security upgrade was a precaution against quantum computing risks, threatening Bitcoin’s cryptographic foundations in the coming decades. Developers are working on proposals to protect vulnerable wallets and strengthen network security.
Blockchain analysis shows all eight wallets belong to one entity, with some suspecting Roger Ver, aka ‘Bitcoin Jesus,’ because of his early role and recent legal troubles. Around that time, OP_RETURN messages appeared on the blockchain, possibly a spam campaign pressuring the wallet owner to prove control.
While no evidence of hacking has emerged, these events have heightened attention on dormant Bitcoin holdings and quantum security.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Long-standing dominance over Android app distribution has been declared illegal by the Ninth Circuit Court of Appeals, reinforcing a prior jury verdict in favour of Epic Games. Google now faces an injunction that compels it to allow rival app stores and alternative billing systems inside the Google Play Store ecosystem for a three-year period ending November 2027.
A technical committee jointly selected by Epic and Google will oversee sensitive implementation tasks, including granting competitors approved access to Google’s expansive app catalogue while ensuring minimal security risk. The order also requires that developers not be tied to Google’s billing system for in-app purchases.
Market analysts warn that reduced dependency on Play Store exclusivity and the option to use alternative payment processors could cut Google’s app revenue by as much as $1 to $1.5 billion annually. Despite brand recognition, developers and consumers may shift toward lower-cost alternatives competing on platform flexibility.
While the ruling aims to restore competition, Google maintains it is appealing and has requested additional delays to avoid rapid structural changes. Proponents, including Microsoft, regulators, and Epic Games, hail the decision as a landmark step toward fairer mobile market access.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A new phase of the EU AI Act takes effect on 2 August, requiring member states to appoint oversight authorities and enforce penalties. While the legislation has been in force for a year, this marks the beginning of real scrutiny for AI providers across Europe.
Under the new provisions, countries must notify the European Commission of which market surveillance authorities will monitor compliance. But many are expected to miss the deadline. Experts warn that without well-resourced and competent regulators, the risks to rights and safety could grow.
The complexity is significant. Member states must align enforcement with other regulations, such as the GDPR and Digital Services Act, raising concerns regarding legal fragmentation and inconsistent application. Some fear a repeat of the patchy enforcement seen under data protection laws.
Companies that violate the EU AI Act could face fines of up to €35 million or 7% of global turnover. Smaller firms may face reduced penalties, but enforcement will vary by country.
Rules regarding general-purpose AI models such as ChatGPT, Gemini, and Grok also take effect. A voluntary Code of Practice introduced in July aims to guide compliance, but only some firms, such as Google and OpenAI, have agreed to sign. Meta has refused, arguing the rules stifle innovation.
Existing AI tools have until 2027 to comply fully, but any launched after 2 August must meet the new requirements immediately. With implementation now underway, the AI Act is shifting from legislation to enforcement.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
