Cybercrime

Deepfake videos raises environmental worries

Deepfake videos powered by AI are spreading across social media at an unprecedented pace, but their popularity carries a hidden environmental cost.

Creating realistic AI videos depends on vast data centres that consume enormous amounts of electricity and use fresh water to cool powerful servers. Each clip quietly produced adds to the rising energy demand and increasing pressure on local water supplies.

Apps such as Sora have made generating these videos almost effortless, resulting in millions of downloads and a constant stream of new content. Users are being urged to consider how frequently they produce and share such media, given the heavy energy and water footprint behind every video.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Italian political elite targeted in hacking scandal using stolen state data

Italian authorities have uncovered a vast hacking operation that built detailed dossiers on politicians and business leaders using data siphoned from state databases. Prosecutors say the group, operating under the name Equalize, tried to use the information to manipulate Italy’s political class.

The network, allegedly led by former police inspector Carmine Gallo, businessman Enrico Pazzali and cybersecurity expert Samuele Calamucci, created a system called Beyond to compile thousands of records from state systems, including confidential financial and criminal records.

Police wiretaps captured suspects boasting they could operate all over Italy. Targets included senior officials such as former Prime Minister Matteo Renzi and the president of the Senate Ignazio La Russa.

Investigators say the gang presented itself as a corporate intelligence firm while illegally accessing phones, computers and government databases. The group allegedly sold reputational dossiers to clients, including major firms such as Eni, Barilla and Heineken, which have all denied wrongdoing or said they were unaware of any illegal activity.

The probe began when police monitoring a northern Italian gangster uncovered links to Gallo. Gallo, who helped solve cases including the 1995 murder of Maurizio Gucci, leveraged contacts in law enforcement and intelligence to arrange unlawful data searches for Equalize.

The operation collapsed in autumn 2024, with four arrests and dozens questioned. After months of questioning and plea bargaining, 15 defendants are due to enter pleas this month. Officials warn the case shows how hackers can weaponise state data, calling it ‘a real and actual attack on democracy’.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UN cybercrime treaty signed in Hanoi amid rights concerns

Around 60 countries signed a landmark UN cybercrime convention in Hanoi, seeking faster cooperation against online crime. Leaders cited trillions in annual losses from scams, ransomware, and trafficking. The pact enters into force after 40 ratifications.

UN supporters say the treaty will streamline evidence sharing, extradition requests, and joint investigations. Provisions target phishing, ransomware, online exploitation, and hate speech. Backers frame the deal as a boost to global security.

Critics warn the text’s breadth could criminalise security research and dissent. The Cybersecurity Tech Accord called it a surveillance treaty. Activists fear expansive data sharing with weak safeguards.

The UNODC argues the agreement includes rights protections and space for legitimate research. Officials say oversight and due process remain essential. Implementation choices will decide outcomes on the ground.

The EU, Canada, and Russia signed in Hanoi, underscoring geopolitical buy-in. Vietnam, being the host, drew scrutiny over censorship and arrests. Officials there cast the treaty as a step toward resilience and stature.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Copilot Mode turns Edge into an active assistant

Edge says the browser should work with you, not just wait for clicks. Copilot Mode adds chat-first tabs, multi-tab reasoning, and a dynamic pane for in-context help. Plan trips, compare options, and generate schedules without tab chaos.

Microsoft Copilot now resumes past sessions, so projects pick up exactly where you stopped. It can execute multi-step actions, like building walking tours, end-to-end. Optional history signals improve suggestions and speed up research-heavy tasks.

Voice controls handle quick actions and deeper chores with conversational prompts. Ask Copilot to open pages, summarise threads, or unsubscribe you from promo emails. Reservations and other multi-step chores are rolling out next.

Journeys groups past browsing into topic timelines for fast re-entry, with explicit opt-in. Privacy controls are prominent: clear cues when Copilot listens, acts, or views. You can toggle Copilot Mode off anytime.

Security features round things out: local AI blocks scareware overlays by default. Built-in password tools continuously create, store, and monitor credentials. Copilot Mode is in all Copilot markets on Edge desktop and mobile and is coming soon.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

US Department of Justice charges former L3Harris executive with selling trade secrets to Russian buyer

The US Department of Justice has accused a former executive at defense contractor L3Harris of stealing and selling trade secrets to a buyer in Russia.

According to court filings, Peter Williams, a 39-year-old Australian citizen and former general manager of L3Harris division Trenchant, allegedly sold eight trade secrets from two unnamed companies between April 2022 and August 2025, earning about $1.3 million.

Williams, known internally as ‘Doogie,’ led Trenchant, which develops hacking and surveillance tools for Western governments, including the United States. He joined the company in October 2024 and left in August 2025, according to U.K. business records.

The DOJ’s ‘criminal information’ document, which, similar to an indictment, represents a formal accusation, did not identify the companies involved or the Russian buyer. Prosecutors are seeking to recover assets they say Williams acquired through the sale of trade secrets.

The case is being prosecuted by the DOJ’s National Security Division under the Counterintelligence and Export Control Section. An arraignment and plea hearing is scheduled for October 29 in Washington, DC.

Would you like to learn more aboutAI, tech and digital diplomacyIf so, ask our Diplo chatbot!

$MELANIA coin faces court claims over price manipulation

Executives behind the $MELANIA cryptocurrency, launched by Melania Trump in January, are accused in court filings of orchestrating a pump-and-dump scheme. The coin surged from a few cents to $13.73 before falling to 10 cents, while $TRUMP dropped from $45.47 to $5.79.

Investors allege the creators planned the price surge and collapse to profit from rapid trading. Court papers allege Meteora executives used accomplices to buy and sell $MELANIA quickly, securing large profits while ordinary investors lost money.

Melania Trump herself is not named in the lawsuit, which describes her as unaware of the alleged scheme.

The $MELANIA allegations are now part of broader legal proceedings involving multiple cryptocurrencies that began earlier this year. Meteora has not commented, while the Trump family reportedly earned over $1bn from crypto ventures in the past year.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

CMC pegs JLR hack at £1.9bn with 5,000 firms affected

JLR’s cyberattack is pegged at £1.9bn, the UK’s costliest on record. Production paused for five weeks from 1 September across Solihull, Halewood, and Wolverhampton. CMC says 5,000 firms were hit, with full recovery expected by January 2026.

JLR is restoring manufacturing in phases and declined to comment on the estimate. UK dealer systems were intermittently down, orders were cancelled or delayed, and suppliers faced uncertainty. More than half of the losses fall on JLR; the remainder hits its supply chain and local economies.

The CMC classed the incident as Category 3 on its five-level scale. Chair Ciaran Martin warned organisations to harden critical networks and plan for disruption. The CMC’s assessment draws on public data, surveys, and interviews rather than on disclosed forensic evidence.

Researchers say costs hinge on the attack type, which JLR has not confirmed. Data theft is faster to recover than ransomware; wiper malware would be worse. A claimed hacker group linked to earlier high-profile breaches is unverified.

The CMC’s estimate excludes any ransom, which could add tens of millions of dollars. Earlier this year, retail hacks at M&S, the Co-op, and Harrods were tagged Category 2. Those were pegged at £270m–£440m, below the £506m cited by some victims.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta strengthens protection for older adults against online scams

The US giant, Meta, has intensified its campaign against online scams targeting older adults, marking Cybersecurity Awareness Month with new safety tools and global partnerships.

Additionally, Meta said it had detected and disrupted nearly eight million fraudulent accounts on Facebook and Instagram since January, many linked to organised scam centres operating across Asia and the Middle East.

The social media giant is joining the National Elder Fraud Coordination Center in the US, alongside partners including Google, Microsoft and Walmart, to strengthen investigations into large-scale fraud operations.

It is also collaborating with law enforcement and research groups such as Graphika to identify scams involving fake customer service pages, fraudulent financial recovery services and deceptive home renovation schemes.

Meta continues to roll out product updates to improve online safety. WhatsApp now warns users when they share screens with unknown contacts, while Messenger is testing AI-powered scam detection that alerts users to suspicious messages.

Across Facebook, Instagram and WhatsApp, users can activate passkeys and complete a Security Checkup to reinforce account protection.

The company has also partnered with organisations worldwide to raise scam awareness among older adults, from digital literacy workshops in Bangkok to influencer-led safety campaigns across Europe and India.

These efforts form part of Meta’s ongoing drive to protect users through a mix of education, advanced technology and cross-industry cooperation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Innovation versus risk shapes Australia’s AI debate

Australia’s business leaders were urged to adopt AI now to stay competitive, despite the absence of hard rules, at the AI Leadership Summit in Brisbane. The National AI Centre unveiled revised voluntary guidelines, and Assistant Minister Andrew Charlton said a national AI plan will arrive later this year.

The guidance sets six priorities, from stress-testing and human oversight to clearer accountability, aiming to give boards practical guardrails. Speakers from NVIDIA, OpenAI, and legal and academic circles welcomed direction but pressed for certainty to unlock stalled investment.

Charlton said the plan will focus on economic opportunity, equitable access, and risk mitigation, noting some harms are already banned, including ‘nudify’ apps. He argued Australia will be poorer if it hesitates, and regulators must be ready to address new threats directly.

The debate centred on proportional regulation: too many rules could stifle innovation, said Clayton Utz partner Simon Newcomb, yet delays and ambiguity can also chill projects. A ‘gap analysis’ announced by Treasurer Jim Chalmers will map which risks existing laws already cover.

CyberCX’s Alastair MacGibbon warned that criminals are using AI to deliver sharper phishing attacks and flagged the return of erotic features in some chatbots as an oversight test. His message echoed across panels: move fast with governance, or risk ceding both competitiveness and safety.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Medical group hit with £100,000 penalty after cyberattack exposes patient data

Emails containing sensitive health data were stolen from the Medical Specialist Group (MSG) in a 2021 cyberattack. The data has been later used in phishing campaigns, prompting the Office of the Data Protection Authority (ODPA) to fine MSG £100,000 for insufficiently safeguarding personal data and breaching data protection legislation.

Investigators found the clinic’s email server was compromised in August 2021 and went undetected for more than three months. Health data is sensitive information that requires stringent protection. However, the ODPA found MSG neglected to install routine security updates for thirteen months, and weaknesses in its threat-detection system led to multiple missed chances to identify unauthorised access to its email server.

The ODPA has ordered MSG to pay £75,000 within 60 days and a further £25,000 after 14 months, with the final amount being waived if it completes an agreed security action plan. MSG stated it has invested in new technology, system monitoring and staff training. The exact number of stolen emails remains unclear, though thousands were left exposed to unauthorised access.

The breach adds to a growing list of cyberattacks targeting the healthcare sector over the past year, including incidents like the Anne Arundel Dermatology cyberattack affecting nearly two million patients and the McLaren Health Care ransomware attack, affecting over 700,000 individuals.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!