Cybersecurity researchers have uncovered a rapidly expanding Android botnet known as Kimwolf, which has already compromised approximately 1.8 million devices worldwide.
The malware primarily targets smart TVs, set-top boxes, and tablets connected to residential networks, with infections concentrated in countries including Brazil, India, the US, Argentina, South Africa, and the Philippines.
Analysis by QiAnXin XLab indicates that Kimwolf demonstrates a high degree of operational resilience.
Despite multiple disruptions to its command-and-control infrastructure, the botnet has repeatedly re-emerged with enhanced capabilities, including the adoption of Ethereum Name Service to harden its communications against takedown efforts.
Researchers also identified significant similarities between Kimwolf and AISURU, one of the most powerful botnets observed in recent years. Shared source code, infrastructure, and infection scripts suggest both botnets are operated by the same threat group and have coexisted on large numbers of infected devices.
AISURU has previously drawn attention for launching record-setting distributed denial-of-service attacks, including traffic peaks approaching 30 terabits per second.
The emergence of Kimwolf alongside such activity highlights the growing scale and sophistication of botnet-driven cyber threats targeting global internet infrastructure.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cloudflare released its sixth annual Year in Review, providing a comprehensive snapshot of global Internet trends in 2025. The report highlights rising digital reliance, AI progress, and evolving security threats across Cloudflare’s network and Radar data.
Global Internet traffic rose 19 percent year-on-year, reflecting increased use for personal and professional activities. A key trend was the move from large-scale AI training to continuous AI inference, alongside rapid growth in generative AI platforms.
Google and Meta remained the most popular services, while ChatGPT led in generative AI usage.
Cybersecurity remained a critical concern. Post-quantum encryption now protects 52 percent of Internet traffic, yet record-breaking DDoS attacks underscored rising cyber risks.
Civil society and non-profit organisations were the most targeted sectors for the first time, while government actions caused nearly half of the major Internet outages.
Connectivity varied by region, with Europe leading in speed and quality and Spain ranking highest globally. The report outlines 2025’s Internet challenges and progress, providing insights for governments, businesses, and users aiming for greater resilience and security.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cryptocurrency theft intensified in 2025, with total stolen funds exceeding $3.4 billion despite fewer large-scale incidents. Losses became increasingly concentrated, with a few major breaches driving most of the annual damage and widening the gap between typical hacks and extreme outliers.
North Korea remained the dominant threat actor, stealing at least $2.02 billion in digital assets during the year, a 51% increase compared with 2024.
Larger thefts were achieved through fewer operations, often relying on insider access, executive impersonation, and long-term infiltration of crypto firms rather than frequent attacks.
Laundering activity linked to North Korean actors followed a distinctive and disciplined pattern. Stolen funds moved in smaller tranches through Chinese-language laundering networks, bridges, and mixing services, usually following a structured 45-day cycle.
Individual wallet attacks surged, impacting tens of thousands of victims, while the total value stolen from personal wallets fell. Decentralised finance remained resilient, with hack losses low despite rising locked capital, indicating stronger security practices.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Retailers face escalating cyber threats as hackers increasingly target customer data, eroding trust and damaging long-term brand value.
Deloitte warns that data breaches and ransomware attacks are becoming more frequent and costly, with some retailers facing losses reaching hundreds of millions, alongside declining consumer confidence.
The expansion of AI-driven personalisation has intensified privacy concerns, as customers weigh convenience against data protection.
While many shoppers accept sharing personal information in exchange for value, confidence depends on clear safeguards, transparent data use and credible security practices across digital channels.
Deloitte argues that leading retailers integrate cybersecurity into their core business strategy, rather than treating it as a compliance obligation.
Priorities include protecting critical digital assets, modernising security operations and building cyber-aware cultures capable of responding to AI-enabled fraud, preserving customer trust and sustaining revenue growth.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cybersecurity researchers are urging greater caution as Christmas approaches, warning that seasonal scams are multiplying rapidly. Check Point has recorded over 33,500 festive phishing emails and more than 10,000 deceptive social ads within two weeks.
AI tools are helping criminals craft convincing messages that mirror trusted brands and local languages. Attackers are also deploying fake e-commerce sites with AI chatbots, as well as deepfake audio and scripted calls to strengthen vishing attempts.
Smishing alerts imitating delivery firms are becoming more widespread, with recent months showing a marked rise in fraudulent parcel scams. Victims are often tricked into sharing payment details through links that imitate genuine logistics updates.
Experts say fake shops and giveaway scams remain persistent risks, frequently launched from accounts created within the past three months. Users are being advised to ignore unsolicited links, verify retailers and treat unexpected offers with scepticism.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
US credit reporting company 700Credit has confirmed a data breach affecting more than 5.6 million individuals after attackers exploited a compromised third-party API used to exchange consumer data with external integration partners.
An incident that originated from a supply chain failure after one partner was breached earlier in 2025 and failed to notify 700Credit.
The attackers launched a sustained, high-volume data extraction campaign starting on October 25, 2025, which operated for more than two weeks before access was shut down.
Around 20 percent of consumer records were accessed, exposing names, home addresses, dates of birth and Social Security numbers, while internal systems, payment platforms and login credentials were not compromised.
Despite the absence of financial system access, the exposed personal data significantly increases the risk of identity theft and sophisticated phishing attacks impersonating credit reporting services.
The breach has been reported to the Federal Trade Commission and the FBI, with regulators coordinating responses through industry bodies representing affected dealerships.
Individuals impacted by the incident are currently being notified and offered two years of free credit monitoring, complimentary credit reports and access to a dedicated support line.
Authorities have urged recipients to act promptly by monitoring their credit activity and taking protective measures to minimise the risk of fraud.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
SoundCloud has confirmed a recent security incident that temporarily affected platform availability and involved the limited exposure of user data. The company detected unauthorised activity on an ancillary service dashboard and acted immediately to contain the situation.
Third-party cybersecurity experts were engaged to investigate and support the response. The incident resulted in two brief denial-of-service attacks, temporarily disrupting web access.
Approximately 20% of users were affected; however, no sensitive data, such as passwords or financial details, were compromised. Only email addresses and publicly visible profile information were involved.
In response, SoundCloud has strengthened its systems, enhancing monitoring, reviewing identity and access controls, and auditing related systems. Some configuration updates have led to temporary VPN connectivity issues, which the company is working to resolve.
SoundCloud emphasises that user privacy remains a top priority and encourages vigilance against phishing. The platform will continue to provide updates and take steps to minimise the risk of future incidents.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Maharashtra police are expanding the use of an AI-powered investigation platform developed with Microsoft to tackle the rapid growth of cybercrime.
MahaCrimeOS AI, already in use across Nagpur district, will now be deployed to more than 1,100 police stations statewide, significantly accelerating case handling and investigation workflows.
The system acts as an investigation copilot, automating complaint intake, evidence extraction and legal documentation across multiple languages.
Officers can analyse transaction trails, request data from banks and telecom providers and follow standardised investigation pathways, instead of relying on slow manual processes.
Built using Microsoft Foundry and Azure OpenAI Service, MahaCrimeOS AI integrates policing protocols, criminal law references and open-source intelligence.
Investigators report major efficiency gains, handling several cases monthly where only one was previously possible, while maintaining procedural accuracy and accountability.
The initiative highlights how responsible AI deployment can strengthen public institutions.
By reducing administrative burden and improving investigative capacity, the platform allows officers to focus on victim support and crime resolution, marking a broader shift toward AI-assisted governance in India.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cyber capabilities in advanced AI models are improving rapidly, delivering clear benefits for cyberdefence while introducing new dual-use risks that require careful management, according to OpenAI’s latest assessment.
The company points to sharp gains in capture-the-flag performance, with success rates rising from 27 percent in August to 76 percent by November 2025. OpenAI says future models could reach high cyber capability, including assistance with sophisticated intrusion techniques.
To address this, OpenAI says it is prioritising defensive use cases, investing in tools that help security teams audit code, patch vulnerabilities, and respond more effectively to threats. The goal is to give defenders an advantage in an often under-resourced environment.
OpenAI argues that cybersecurity cannot be governed through a single safeguard, as defensive and offensive techniques overlap. Instead, it applies a defence-in-depth approach that combines access controls, monitoring, detection systems, and extensive red teaming to limit misuse.
Alongside these measures, the company plans new initiatives, including trusted access programmes for defenders, agent-based security tools in private testing, and the creation of a Frontier Risk Council. OpenAI says these efforts reflect a long-term commitment to cyber resilience.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The United Nations Office on Drugs and Crime (UNODC), in cooperation with the International Criminal Police Organization (INTERPOL), will convene the Global Fraud Summit 2026 at the Vienna International Centre, Austria, from 16 to 17 March 2026.
UNODC and INTERPOL invite applications for participation from private sector entities, civil society organisations, and academic institutions. Applications must be submitted by 12 December 2025.
The Summit will provide a platform for discussion on current trends, risks, and responses related to fraud, including its digital and cross-border dimensions. Discussions will address challenges associated with detection, investigation, prevention, and international cooperation in fraud-related cases.
The objectives of the Summit include:
- Facilitating coordination among national and international stakeholders
- Supporting information exchange across sectors and jurisdictions
- Sharing policy, operational, and technical approaches to fraud prevention and response
- Identifying areas for further cooperation and capacity-building
The ministerial-level meeting will bring together senior representatives from governments, international and regional organisations, law enforcement authorities, the private sector, academia, and civil society. Participating institutions are encouraged to nominate delegates at an appropriate senior level.
The Summit is supported by a financial contribution from the Government of the United Kingdom of Great Britain and Northern Ireland.
Applications must be submitted through the application at the official website.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
