The Office of National Security of South Korea held a cybersecurity meeting to review how government agencies are responding to AI-driven cyber threats. The session focused on the growing risks posed by the misuse of advanced AI technologies.
Officials from multiple ministries attended, including science, defence and intelligence bodies, to coordinate responses. The government warned that AI-enabled hacking capabilities are becoming increasingly realistic as global technology companies release more advanced models.
Authorities have instructed relevant agencies to strengthen cooperation with businesses and institutions and distributed guidance on responding to AI-based security risks. Discussions also covered practical measures to support rapid responses to cybersecurity vulnerabilities across public and private sectors.
The government plans to establish a joint technical response team to improve information sharing and enable immediate action. Officials emphasised that while AI increases cyber risks, it also offers opportunities to strengthen security capabilities in South Korea.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The Council of the European Union has extended restrictive measures against individuals and entities involved in cyber-attacks threatening the EU and its member states until 18 May 2027. The legal framework behind the sanctions regime had already been extended until 18 May 2028.
The framework allows the EU to impose targeted sanctions on persons or entities involved in significant cyber-attacks that constitute an external threat to the Union or its member states. Measures can also be imposed in response to cyber-attacks against third countries or international organisations, where they support Common Foreign and Security Policy objectives.
Current listings under the regime apply to 19 individuals and seven entities. Sanctioned actors face asset freezes, while the EU citizens and companies are prohibited from making funds or economic resources available to them. Listed individuals are also subject to travel bans preventing them from entering or transiting through the EU territory.
The Council said the individual listings will continue to be reviewed every 12 months. It also said the measures are intended to deter malicious cyber activity and uphold the international rules-based order by ensuring accountability for those responsible.
The sanctions mechanism forms part of the EU’s broader cyber diplomacy toolbox, established in 2017 to strengthen coordinated diplomatic responses to malicious cyber activity. The Council said the EU and its member states would continue working with international partners to promote an open, free, stable and secure cyberspace.
Why does it matter?
The decision shows how cybersecurity has become part of the EU’s foreign policy and sanctions toolkit, not only a matter of technical defence. By extending cyber sanctions listings, the EU is reinforcing its use of diplomatic and economic measures to deter malicious cyber activity, attribute responsibility and signal that significant cyber-attacks can carry geopolitical consequences.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Australia’s New South Wales state has clarified that creating, sharing, or threatening to share sexually explicit images, videos, or audio of a person without consent is a criminal offence, including where the material has been digitally altered or generated using AI.
The state government strengthened protections in 2025 by amending the Crimes Act 1900 to cover digitally generated deepfakes. The law already applied to sexually explicit image material, but now also covers content created or altered by AI to place someone in a sexual situation they were never in.
The reforms mean that non-consensual sexual images or audio are covered regardless of how they were made. Threatening to create or share such material is also a criminal offence in New South Wales, with penalties of up to three years in prison, a fine of up to A$11,000, or both.
Courts can also order offenders to remove or delete the material. Failure to comply with such an order can result in up to 2 years’ imprisonment, a fine of up to A$5,500, or both.
The law operates alongside existing child abuse material offences. Under criminal law, any material depicting a person under 18 in a sexually explicit way can be treated as child abuse material, including AI-generated content.
Criminal proceedings against people under 16 can begin only with the approval of the Director of Public Prosecutions, which is intended to ensure that only the most serious matters involving young people enter the criminal justice system.
Limited exemptions apply for proper purposes, including genuine medical, scientific, law enforcement, or legal proceedings-related purposes. A review of the law will take place 12 months after it comes into effect to assess how it is working and whether changes are needed.
The changes are intended to address the misuse of AI and deepfake technology to harass, shame, or exploit people through fake digital content. New South Wales says its criminal law works alongside national online safety frameworks, including the work of Australia’s eSafety Commissioner, as It seeks to keep privacy and consent protections aligned with emerging technologies.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
With the rapid expansion of AI technologies, agentic AI is rapidly moving from experimentation to deployment on a scale larger than ever before. As a result, these systems have been given far greater autonomy to perform tasks with limited human input, much to the delight of enterprise magnates.
Companies such as Microsoft, Google, Anthropic, and OpenAI are increasingly developing agentic AI systems capable of automating vulnerability detection, incident response, code analysis, and other security tasks traditionally handled by human teams.
The appeal of using agentic AI as a first line of defence is palpable, as cybersecurity teams face mounting pressure from the growing volume of attacks. According to the Microsoft Digital Defense Report 2025, the company now detects more than 600 million cyberattacks daily, ranging from ransomware and phishing campaigns to identity attacks. Additionally, the International Monetary Fund has also warned that cyber incidents have more than doubled since the COVID-19 pandemic, potentially triggering institutional failures and incurring enormous financial losses.
To add insult to injury, ransomware groups such as Conti, LockBit, and Salt Typhoon have shown increased activity from 2024 through early 2026, targeting critical infrastructure and global communications, as if aware of the upcoming cybersecurity fortifications and using a limited window of time to incur as much damage as possible.
In such circumstances, fully embracing agentic AI may seem like an ideal answer to the cybersecurity challenges looming on the horizon. Systems capable of autonomously detecting threats, analysing vulnerabilities, and accelerating response times could significantly strengthen cyber resilience.
Yet the same autonomy that makes these systems attractive to defenders could also be exploited by malicious actors. If agentic AI becomes a defining feature of cyber defence, policymakers and companies may soon face a more difficult question: how can they maximise its benefits without creating an entirely new layer of cyber risk?
Why cybersecurity is turning to agentic AI
The growing interest in agentic AI is not simply driven by the rise in cyber threats. It is also a response to the operational limitations of modern security teams, which are often overwhelmed by repetitive tasks that consume time and resources.
Security analysts routinely handle phishing alerts, identity verification requests, vulnerability assessments, patch management, and incident prioritisation — processes that can become difficult to manage at scale. Many of these tasks require speed rather than strategic decision-making, creating a natural opening for AI systems to operate with greater autonomy.
Microsoft has aggressively moved into this space. In March 2025, the company introduced Security Copilot agents designed to autonomously handle phishing triage, data security investigations, and identity management. Rather than replacing human analysts, Microsoft positioned the tools to reduce repetitive workloads and enable security teams to focus on more complex threats.
Google has approached the issue through vulnerability research. Through Project Naptime, the company demonstrated how AI systems could replicate parts of the workflow traditionally handled by human security researchers by identifying vulnerabilities, testing hypotheses, and reproducing findings.
Anthropic introduced another layer of complexity through Claude Mythos, a model built for high-risk cybersecurity tasks. While the company presented the model as a controlled release for defensive purposes, the announcement also highlighted how advanced cyber capabilities are becoming increasingly embedded in frontier AI systems.
Meanwhile, OpenAI has expanded partnerships with cybersecurity organisations and broadened access to specialised tools for defenders, signalling that major AI firms increasingly view cybersecurity as one of the most commercially viable applications for autonomous systems.
Together, these developments show that agentic AI is gradually becoming embedded in the cybersecurity infrastructure. For many companies, the question is no longer whether autonomous systems can support cyber defence, but how much responsibility they should be given.
When agentic AI tools become offensive weapons
The same capabilities that make agentic AI valuable to defenders also make it attractive to malicious actors. Systems designed to identify vulnerabilities, analyse code, automate workflows, and accelerate decision-making can be repurposed for offensive cyber operations.
Anthropic offered one of the clearest examples of that risk when it disclosed that malicious actors had used Claude in cyber campaigns. The company said attackers were not simply using the model for basic assistance, but were integrating it into broader operational workflows. The incident showed how agentic AI can move cyber misuse beyond advice and into execution.
The risk extends beyond large-scale cyber operations. Agentic AI systems could make phishing campaigns more scalable, automate reconnaissance, accelerate vulnerability discovery, and reduce the technical expertise needed to launch certain attacks. Tasks that once required specialist teams could become easier to coordinate through autonomous systems.
Security researchers have repeatedly warned that generative AI is already making social engineering more convincing through realistic phishing emails, cloned voices, and synthetic identities. More autonomous systems could further push those risks by combining content generation with independent action.
The concern is not that agentic AI will replace human hackers. Cybercrime could become faster, cheaper, and more scalable, mirroring the same efficiencies that organisations hope to achieve through AI-powered defence.
The agentic AI governance gap
The governance challenge surrounding agentic AI is no longer theoretical. As autonomous systems gain access to internal networks, cloud infrastructure, code repositories, and sensitive datasets, companies and regulators are being forced to confront risks that existing cybersecurity frameworks were not designed to manage.
Policymakers are starting to respond. In February 2026, the US National Institute of Standards and Technology (NIST) launched its AI Agent Standards Initiative, focused on identity verification and authentication frameworks for AI agents operating across digital environments. The aim is simple but important: organisations need to know which agents can be trusted, what they are allowed to do, and how their actions can be traced.
Governments are also becoming more cautious about deployment risks. In May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) joined cybersecurity agencies from Australia, Canada, New Zealand, and the United Kingdom in issuing guidance on the secure adoption of agentic AI services. The warning was clear: autonomous systems become more dangerous when they are connected to sensitive infrastructure, external tools, and internal permissions.
The private sector is adjusting as well. Companies are increasingly discussing safeguards such as restricted permissions, audit logs, human approval checkpoints, and sandboxed environments to limit the degree of autonomy granted to AI agents.
The questions facing businesses are becoming practical. Should an AI agent be allowed to patch vulnerabilities without approval? Can it disable accounts, quarantine systems, or modify infrastructure independently? Who is held accountable when an autonomous system makes the wrong decision?
Agentic AI may become one of cybersecurity’s most effective defensive tools. Its success, however, will depend on whether governance frameworks evolve quickly enough to keep pace with the technology itself.
How companies are building guardrails around agentic AI
As concerns around autonomous cyber systems grow, companies are increasingly experimenting with safeguards designed to prevent agentic AI from becoming an uncontrolled risk. Rather than granting unrestricted access, many organisations are limiting what AI agents can see, what systems they can interact with, and what actions they can execute without human approval.
Anthropic has restricted access to Claude Mythos over concerns about offensive misuse, while OpenAI has recently expanded its Trusted Access for Cyber programme to provide vetted defenders with broader access to advanced cyber tools. Both approaches reflect a growing consensus that powerful cyber capabilities may require tiered access rather than unrestricted deployment.
The broader industry is moving in a similar direction. CrowdStrike has increasingly integrated AI-driven automation into threat intelligence and incident response workflows while maintaining human oversight for critical decisions. Palo Alto Networks has also expanded its AI-powered security automation tools designed to reduce response times without fully removing human analysts from the decision-making process.
Cloud providers are also becoming more cautious about autonomous access. Amazon Web Services, Google Cloud, and Microsoft Azure have increasingly emphasised zero-trust security models, role-based permissions, and segmented access controls as enterprises deploy more automated tools across sensitive infrastructure.
Meanwhile, sectors such as finance, healthcare, and critical infrastructure remain particularly cautious about fully autonomous deployment due to the potential consequences of false positives, accidental shutdowns, or disruptions to essential services.
As a result, security teams are increasingly discussing safeguards such as audit logs, sandboxed environments, role-based permissions, staged deployments, and human approval checkpoints to balance speed with accountability. For now, many companies seem ready to embrace agentic AI, but without keeping one hand on the emergency brake.
The future of cybersecurity may be agentic
Agentic AI is unlikely to remain a niche experiment for long. The scale of modern cyber threats, combined with the mounting pressure on security teams, means organisations will continue to look for faster and more scalable defensive tools.
That shift could significantly improve cybersecurity resilience. Autonomous systems may help organisations detect threats earlier, reduce response times, address workforce shortages, and manage the growing volume of attacks that human teams increasingly struggle to handle alone.
At the same time, the technology’s long-term success will depend as much on restraint as on innovation. Without clear governance frameworks, operational safeguards, and human oversight, the same tools designed to strengthen cyber defence could introduce entirely new vulnerabilities.
The future of cybersecurity may increasingly belong to agentic AI. Whether that future becomes safer or more volatile may depend on how responsibly governments, companies, and security teams manage the transition.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Cybercrime Atlas has launched Cosmos, an open-source platform designed to map global cybercrime networks and strengthen cooperation among defenders, investigators, prosecutors and policymakers.
Hosted by the World Economic Forum’s Centre for Cybersecurity, Cybercrime Atlas aims to build a shared understanding of cybercriminal ecosystems at a time when ransomware, fraud and illicit digital services are becoming increasingly organised and industrialised.
Cosmos links cybercriminal groups, tools, infrastructure, markets and services in an interactive framework. It was developed by the Cybercrime Atlas community, led by Orange Cyberdefense, with contributions from Banco Santander, Universitat de Girona, Scitum and TrendAI.
The initiative responds to a long-standing problem in cybercrime disruption: fragmented terminology, isolated investigations and inconsistent reporting structures. Cosmos aims to standardise definitions, organise threat intelligence into a shared structure and help different actors coordinate more effectively across borders.
The first version of the platform contains nine core categories, 229 identified cybercrime-related elements and 849 mapped connections showing how criminal networks, tools and services interact. The dataset is designed to expand as the wider community contributes new intelligence.
Why does it matter?
Cybercrime increasingly functions as an interconnected ecosystem, with specialised groups, tools, infrastructure providers and illicit services supporting one another across borders. A shared map of those relationships could help shift cyber defence from isolated incident response towards more coordinated disruption of criminal networks, while giving investigators and policymakers a clearer view of how digital crime is organised.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!
AI is rapidly reshaping the global financial system’s cyber risk landscape, according to analysis associated with the International Monetary Fund. While AI improves defence, it also helps attackers find and exploit vulnerabilities more quickly, increasing the risk of systemic disruption.
Financial infrastructure is highly interconnected, relying on shared software, cloud services, and payment networks. IMF analysis suggests that AI-enabled cyberattacks could trigger correlated institutional failures, leading to funding stress, solvency risks, and disruptions to payments and market operations.
Recent developments in advanced AI models demonstrate how quickly offensive capabilities are evolving, with systems now able to identify weaknesses across widely used platforms.
At the same time, defensive AI tools are being deployed to detect threats and strengthen resilience, but their effectiveness depends on governance, oversight, and integration within financial institutions.
Authorities are now being urged to treat cyber risk as a core financial stability issue rather than a purely technical challenge. Stronger supervision, resilience standards, and international coordination are viewed as essential, particularly as cyber threats increasingly cross borders and exploit shared global infrastructure.
Why does it matter?
Cyber risks related to AI are a macroeconomic threat that can affect liquidity, confidence, and core financial intermediation. At the same time, the same technology is essential for defence, meaning resilience now depends on how quickly supervision, governance, and international coordination can keep pace with rapidly scaling offensive capabilities.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!
Advanced AI models are reshaping cybersecurity by accelerating both offensive and defensive capabilities, forcing organisations to rethink how they detect, assess and respond to cyber threats.
A new World Economic Forum report argues that AI is becoming a defining force in cybersecurity, with organisations increasingly moving from pilot projects to operational deployment. According to the WEF, AI is already being used to improve vulnerability identification, threat detection, response speed and resilience.
The report highlights how AI can help security teams process large volumes of data, detect threats faster and support more efficient responses. At the same time, it warns that threat actors are also using AI to automate deception, generate malware and scale attacks at machine speed.
WEF’s analysis says the growing speed and scale of AI-enabled cyber operations are putting pressure on traditional cybersecurity models. Instead of relying mainly on prevention and scheduled patching cycles, organisations are being pushed towards continuous detection, automated response, stronger access controls and more resilient infrastructure.
The report also stresses that AI’s value in cybersecurity depends on strategy, governance and human oversight. Rather than treating AI as a standalone tool, organisations are encouraged to test use cases carefully, build appropriate safeguards and invest in the skills and processes needed to defend at machine speed.
Why does it matter?
AI is changing cybersecurity on both sides of the equation. It can lower the barriers for faster and more scalable attacks, but it can also help defenders improve detection, response and resilience. The wider significance is that cybersecurity strategies built around periodic assessment and manual response may become less effective as AI-driven threats and defences operate at greater speed and scale.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cybersecurity researchers at Kaspersky have identified a growing network of so-called ‘grey’ websites that exploit user trust to generate financial gain and harvest personal data. Unlike traditional phishing attacks, these platforms rely on manipulation, misleading design and hidden conditions rather than direct credential theft.
The report shows that gray websites often imitate legitimate services, including financial tools, e-commerce platforms, AI services and subscription-based content.
Common categories include fake browser extensions, fraudulent investment schemes, subscription traps and counterfeit online shops, many of which are designed to encourage voluntary payment or data sharing.
Kaspersky notes that these threats are spreading globally but vary by region.
Europe is seeing a rise in fake privacy tools and browser hijackers, Africa is heavily affected by fraudulent trading platforms, while Latin America faces betting scams and pyramid schemes. Asia-Pacific shows a broader mix, including crypto fraud, AI-themed scams and malicious download services.
Across all regions, attackers are increasingly aligning scams with current digital trends to appear more credible. Kaspersky warns that even well-designed platforms can hide risks, making user awareness, verification and security tools key to reducing financial and data harm.
Why does it matter?
The rise of ‘grey’ websites signals a shift in online fraud away from obvious phishing towards more subtle, trust-based manipulation. Instead of breaking systems, attackers increasingly exploit user behaviour, interfaces, and familiarity with digital services.
That lowers the ‘visibility’ of fraud. Users are not being forced into breaches; they are being guided into consent- signing up, subscribing, investing, or installing tools that appear legitimate. It makes scams harder to detect, harder to regulate, and easier to scale globally.
It also shows how cybercrime is adapting to current technological trends, especially AI services, crypto tools, and digital platforms that people already expect to be trustworthy. As a result, the boundary between legitimate innovation and fraud becomes less clear, increasing systemic risk for both consumers and digital economies.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The European Union Agency for Cybersecurity (ENISA) has announced its Telecom and Digital Infrastructure Security Forum 2026, bringing together telecom experts, policymakers and national authorities to address emerging cybersecurity risks.
The forum will focus on challenges, including cyberattacks on telecom networks, resilience issues such as power dependencies, and the security implications of new technologies. It aims to support strategic and technical dialogue across the sector.
Organised with the Cyprus Presidency of the Council of the EU, the event provides a private setting for collaboration among industry specialists, regulators and the wider cybersecurity community, without public broadcasting.
Discussions will contribute to ongoing efforts to strengthen coordinated telecom security measures and policy development across the EU, with the event taking place in Nicosia, Cyprus.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Microsoft has disclosed a phishing campaign aimed at stealing credentials from more than 35,000 users across 26 countries. The attack, detected in April 2026, targeted over 13,000 organisations, with a heavy concentration in healthcare, financial services, professional services, and technology sectors.
Microsoft said the campaign used email templates designed to mimic internal corporate communications, often framed as code of conduct or compliance-related notices.
Attackers created a sense of urgency through time-sensitive prompts and attached PDFs that redirected victims to credential-harvesting pages hosted on attacker-controlled infrastructure, Microsoft added.
The attack chain included multiple verification steps, such as CAPTCHA screens and intermediate landing pages intended to bypass automated defences and increase legitimacy.
Ultimately, victims were directed to fake sign-in portals using adversary-in-the-middle techniques, enabling real-time capture of credentials and authentication tokens, including multi-factor authentication bypass.
The disclosure comes amid a wider surge in phishing activity, with Microsoft reporting billions of attempts and a rapid rise in QR code-based attacks and CAPTCHA-gated phishing flows.
Why does it matter?
The campaign shows phishing evolving into highly convincing, enterprise-style attacks that are harder to detect and increasingly scalable. By bypassing both human judgment and security controls like multi-factor authentication, it significantly raises the risk of large-scale account compromise.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
