Cybercrime

EU considers further action against Grok over AI nudification concerns

The European Commission has signalled readiness to escalate action against Elon Musk’s AI chatbot Grok, following concerns over the spread of non-consensual sexualised images on the social media platform X.

The EU tech chief Henna Virkkunen told Members of the European Parliament that existing digital rules allow regulators to respond to risks linked to AI-driven nudification tools.

Grok has been associated with the circulation of digitally altered images depicting real people, including women and children, without consent. Virkkunen described such practices as unacceptable and stressed that protecting minors online remains a central priority for the EU enforcement under the Digital Services Act.

While no formal investigation has yet been launched, the Commission is examining whether X may breach the DSA and has already ordered the platform to retain internal information related to Grok until the end of 2026.

Commission President Ursula von der Leyen has also publicly condemned the creation of sexualised AI images without consent.

The controversy has intensified calls from EU lawmakers to strengthen regulation, with several urging an explicit ban on AI-powered nudification under the forthcoming AI Act.

A debate that reflects wider international pressure on governments to address the misuse of generative AI technologies and reinforce safeguards across digital platforms.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Browser extension malware hits millions worldwide

Millions of browser users installed popular extensions that later became spyware as part of a long-running malware operation. Researchers linked over 100 Chrome, Edge and Firefox extensions to the DarkSpectre hacker group.

Attackers kept extensions legitimate for years before quietly activating malicious behaviour. Hidden code embedded in image files helped bypass security reviews in official browser stores.

The campaign enabled large-scale surveillance by collecting real-time browsing activity and corporate meeting data. Analysts warn that such information supports phishing, impersonation and corporate espionage.

Experts urge users to remove unused extensions and question excessive permission requests. Regular browser updates and cautious extension management remain essential cyber defences.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Cyberviolence against women rises across Europe amid deepfake abuse

Digital violence targeting women and girls is spreading across Europe, according to new research highlighting cyberstalking, surveillance and online threats as the most common reported abuses.

Digital tools have expanded opportunities for communication, yet online environments increasingly expose women to persistent harassment instead of safety and accountability.

Image-based abuse has grown sharply, with deepfake pornography now dominating synthetic sexual content and almost exclusively targeting women.

More than half of European countries report rising cases of non-consensual intimate image sharing, while national data show women forming a clear majority of cyberstalking and online threat victims.

Algorithmic systems accelerate the circulation of misogynistic material, creating enclosed digital spaces where abuse is normalised rather than challenged. Researchers warn that automated recommendation mechanisms can quickly spread harmful narratives, particularly among younger audiences.

Recent generative technologies have further intensified concerns by enabling sexualised image manipulation with limited safeguards.

Investigations into chatbot-generated images prompted new restrictions, yet women’s rights groups argue that enforcement and prevention still lag behind the scale of online harm.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Gemini flaw exposed Google Calendar data through hidden prompts

A vulnerability in Google Calendar allowed attackers to bypass privacy controls by embedding hidden instructions in standard calendar invitations. The issue exploited how Gemini interprets natural language when analysing user schedules.

Researchers at Miggo found that malicious prompts could be placed inside event descriptions. When Gemini scanned calendar data to answer routine queries, it unknowingly processed the embedded instructions.

The exploit used indirect prompt injection, a technique in which harmful commands are hidden within legitimate content. The AI model treated the text as trusted context rather than a potential threat.

In the proof-of-concept attack, Gemini was instructed to summarise a user’s private meetings and store the information in a new calendar event. The attacker could then access the data without alerting the victim.

Google confirmed the findings and deployed a fix after responsible disclosure. The case highlights growing security risks linked to how AI systems interpret natural language inputs.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Finnish data breach exposed thousands of patients

A major data breach at Finnish psychotherapy provider Vastaamo exposed the private therapy records of around 33,000 patients in 2020. Hackers demanded bitcoin payments and threatened to publish deeply personal notes if victims refused to pay.

Among those affected was Meri-Tuuli Auer, who described intense fear after learning her confidential therapy details could be accessed online. Stolen records included discussions of mental health, abuse, and suicidal thoughts, causing nationwide shock.

The breach became the largest criminal investigation in Finland, prompting emergency government talks led by then prime minister Sanna Marin. Despite efforts to stop the leak, the full database had already circulated on the dark web.

Finnish courts later convicted cybercriminal Julius Kivimäki, sentencing him to more than six years in prison. Many victims say the damage remains permanent, with trust in therapy and digital health systems severely weakened.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

French regulator fines Free and Free Mobile €42 million

France’s data protection regulator CNIL has fined telecom operators Free Mobile and Free a combined €42 million over a major customer data breach. The sanctions follow an October 2024 cyberattack that exposed personal data linked to 24 million subscriber contracts.

Investigators found security safeguards were inadequate, allowing attackers to access sensitive personal data, including bank account details. Weak VPN authentication and poor detection of abnormal system activity were highlighted as key failures under the GDPR.

The French regulator also ruled that affected customers were not adequately informed about the risks they faced. Notification emails lacked sufficient detail to explain potential consequences or protective steps, thereby breaching obligations to clearly communicate data breach impacts.

Free Mobile faced an additional penalty for retaining former customer data longer than permitted. Authorities ordered both companies to complete security upgrades and data clean-up measures within strict deadlines.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

CIRO discloses scale of August 2025 cyber incident

Canada’s investment regulator has confirmed a major data breach affecting around 750,000 people after a phishing attack in August 2025.

The Canadian Investment Regulatory Organization (CIRO) said threat actors accessed and copied a limited set of investigative, compliance, and market surveillance data. Some internal systems were taken offline as a precaution, but core regulatory operations continued across the country.

CIRO reported that personal and financial information was exposed, including income details, identification records, contact information, account numbers, and financial statements collected during regulatory activities in Canada.

No passwords or PINs were compromised, and the organisation said there is no evidence that the stolen data has been misused or shared on the dark web.

Affected individuals are being offered two years of free credit monitoring and identity theft protection as CIRO continues to monitor for further malicious activity nationwide.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Verizon responds to major network outage

A large-scale network disruption has been confirmed by Verizon, affecting wireless voice, messaging, and mobile data services and leaving many customer devices operating in SOS mode across several regions.

The company acknowledged service interruptions during Wednesday afternoon and evening, while emergency calling capabilities remained available.

Additionally, the telecom provider issued multiple statements apologising for the disruption and pledged to provide account credits to impacted customers. Engineering teams were deployed throughout the incident, with service gradually restored later in the day.

Verizon advised users still experiencing connectivity problems to restart their devices once normal operations resumed.

Despite repeated updates, the company has not disclosed the underlying cause of the outage. Independent outage-tracking platforms described the incident as a severe breakdown in cellular connectivity, with most reports citing complete signal loss and mobile phone failures.

Verizon stated that further updates would be shared following internal reviews, while rival mobile networks reported no comparable disruptions during the same period.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI hoax targets Kate Garraway and family

Presenter Kate Garraway has condemned a cruel AI-generated hoax that falsely showed her with a new boyfriend. The images appeared online shortly after the death of her husband, Derek Draper.

Fake images circulated mainly on Facebook through impersonation accounts using her name and likeness. Members of the public and even friends mistakenly believed the relationship was real.

The situation escalated when fabricated news sites began publishing false stories involving her teenage son Billy. Garraway described the experience as deeply hurtful during an already raw period.

Her comments followed renewed scrutiny of AI image tools and platform responsibility. Recent restrictions aim to limit harmful and misleading content generated using artificial intelligence.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft obtains UK and US court orders to disable cybercrime infrastructure

Microsoft has obtained court orders in the United Kingdom and the United States to disrupt the cybercrime-as-a-service platform RedVDS, marking the first time its Digital Crimes Unit (DCU) has pursued a major civil action outside the US.

According to Microsoft, the legal action targeted infrastructure supporting RedVDS, a service that provided virtualised computing resources used in fraud and other cyber-enabled criminal activity. The company sought relief in the UK courts because elements of the platform’s infrastructure were hosted by a UK-based provider, and a significant number of affected victims were located in the UK.

It is reported that the action was conducted with support from Europol’s European Cybercrime Centre (EC3), as well as German authorities, including the Central Office for Combating Internet Crime (ZIT) at the Frankfurt-am-Main Public Prosecutor’s Office and the Criminal Police Office of the state of Brandenburg.

RedVDS operated on a subscription basis, with access reportedly available for approximately $24 per month. The service provided customers with short-lived virtual machines, which could be used to support activities such as phishing campaigns, hosting malicious infrastructure, and facilitating online fraud.

Microsoft states that RedVDS infrastructure has been used in a range of cyber-enabled criminal activities since September 2025, including business email compromise (BEC). In BEC cases, attackers impersonate trusted individuals or organisations to induce victims to transfer funds to accounts under the attackers’ control.

According to Microsoft’s assessment, users of the service targeted organisations across multiple sectors and regions. The real estate sector was among those affected, with estate agents, escrow agents, and title companies reportedly targeted in Australia and Canada. Microsoft estimates that several thousand organisations in that sector experienced some level of impact.

The company also noted that RedVDS users combined the service with other tools, including generative AI technologies, to scale operations, identify potential targets, and generate fraudulent content.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!