Hackers have stolen over $1 million in cryptocurrency using AI-generated malicious Firefox extensions disguised as legitimate wallet tools.
The group, known as GreedyBear, created over 150 fake add-ons for platforms like MetaMask and Phantom, bypassing security checks to drain funds from thousands of users. Analysts say AI enabled the attackers to automate coding and deployment at an industrial scale.
The theft comes amid a record-breaking year for crypto crime, with Chainalysis data showing over $2.17 billion stolen so far in 2025. Many incidents exploit smart contract flaws and human error, with access control attacks accounting for the most recent losses.
Security experts warn that AI is now a double-edged sword, helping attackers and defenders. They urge exchanges, developers, and users to adopt AI-powered monitoring, stronger verification, and collaborative defences to restore trust in digital assets.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A critical flaw in the Windows version of WinRAR is being exploited to install malware that runs automatically at startup. Users are urged to update to version 7.13 immediately, as the software does not update itself.
Tracked as CVE-2025-8088, the vulnerability allows malicious RAR files to place content in protected system folders, including Windows startup locations. Once there, the malware can steal data, install further payloads and maintain persistent access.
ESET researchers linked the attacks to the RomCom hacking group, a Russian-speaking operation known for espionage and ransomware campaigns. The flaw has been used in spear-phishing attacks where victims opened infected archives sent via email.
WinRAR’s July update fixes the cybersecurity issue by blocking extractions outside user-specified folders. Security experts recommend caution with email attachments, antivirus scanning of archives and regular checks of startup folders for suspicious files.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UAE Ministry of Interior states that AI, surveillance, and modern laws are key to fighting crime. Offences are economic, traditional, or cyber, with data tools and legal updates improving investigations. Cybercrime is on the rise as digital technology expands.
Current measures include AI monitoring, intelligent surveillance, and new laws. Economic crimes like fraud and tax evasion are addressed through analytics and banking cooperation. Cross-border cases and digital evidence tampering continue to be significant challenges.
Traditional crimes, such as theft and assault, are addressed through cameras, patrols, and awareness drives. Some offences persist in remote or crowded areas. Technology and global cooperation have improved results in several categories.
UAE officials warn that AI and the internet of Things will lead to more sophisticated cyberattacks. Future risks include evolving criminal tactics, privacy threats, skills shortages, and balancing security and individual rights.
Opportunities include AI-powered security, stronger global ties, and better cybersecurity. Dubai Police have launched a bilingual platform to educate the public, viewing awareness as the first defence against online threats.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
US law enforcement, alongside nine other nations, dismantled the BlackSuit ransomware gang’s infrastructure, replacing its leak site with a takedown notice after a coordinated operation. The group, formerly known as Royal, had amassed over $370 million in ransoms since 2022.
More than 450 victims were targeted across critical infrastructure sectors, with ransom demands soaring up to $60 million. Dallas suffered severe disruption in a notable attack, affecting emergency services and courts.
German authorities seized key infrastructure, securing data that is now under analysis to identify further collaborators. The operation also included confiscating servers, domains and digital assets used for extortion and money laundering.
New research indicates that members of BlackSuit may already be shifting to a new ransomware operation called Chaos. US agencies seized $2.4 million in cryptocurrency linked to a Chaos affiliate, marking a significant blow to evolving cybercrime efforts.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A cyber‑attack on Bouygues Telecom has compromised the personal data of 6.4 million customers. The firm disclosed that a third party accessed personal and contractual information related to certain subscriptions.
Attackers gained access on 4 August and were blocked swiftly after detection, increasing the monitoring of the systems. Exposed data includes contact details, contractual and civil status information, business records for professional clients, and IBANs for affected users.
The cybersecurity breach did not include credit card numbers or passwords. Bouygues sent impacted customers notifications via email or text and advised vigilance against scam calls and messages.
The French data protection authority, the CNIL, has been informed, and a formal complaint has been filed. The company warned that perpetrators face up to five years in prison and a fine of €150,000 under French law.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Google has confirmed a data breach during its investigation into the ShinyHunters group, revealing the tech giant was also affected. The attackers accessed a Salesforce database used for storing small business customer information.
The breach exposed business names and contact details during a short window before access was revoked. Google stated no highly sensitive or personal data was compromised.
ShinyHunters used phishing and vishing tactics to trick users into authorising malicious Salesforce apps disguised as legitimate tools. The technique mirrors previous high-profile breaches involving firms like Santander and Ticketmaster.
Google warned the group may escalate operations by launching a data leak site. Organisations are urged to tighten their cybersecurity measures and access controls, train staff and apply multi-factor authentication across all accounts.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cybercriminals are increasingly targeting TikTok Shop users through a phishing and malware campaign known as ‘ClickTok‘. The scheme uses fake Meta ads and AI-generated TikTok videos imitating influencers to lure victims to fraudulent domains resembling real sites.
These domains are used to steal credentials and distribute trojanised applications. More than 10,000 fake sites have been identified, luring shoppers with heavily discounted products and urgency tactics such as countdown timers.
Victims are prompted to make payments in Tether, allowing scammers to exploit the irreversible nature of cryptocurrency transactions. The fraudulent storefronts are designed to appear convincing, encouraging rash purchases.
TikTok Shop affiliate members are also being targeted with advance fee scams. Criminals pose as TikTok affiliates on WhatsApp and Telegram, convincing victims to deposit funds into bogus wallets in exchange for fake commission payments.
The report warns that the younger demographic on TikTok, particularly those aged 18 to 34, may be more vulnerable to such schemes. The trend shows scams shifting from Facebook and X to new e-commerce platforms.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Infosys’ decision to launch a Centre for Advanced AI, Cybersecurity & Space Technology in Hubballi deepens its commitment to transforming North Karnataka into a thriving tech hub. The centre, forming part of the company’s global Living Labs network, signals strategic investment in emerging technologies grounded in regional development.
Over 1,000 employees are now based at Hubballi, where the new Living Lab delivers services across sectors such as manufacturing, healthcare, financial services, and space technology. Strategic ties with local academic institutions like IIIT Dharwad are intended to nurture future-ready talent close to operations.
Local leaders framed the centre as a corrective to past underutilisation concerns and a driver of industry-academia collaboration. By encouraging expansion to other districts, they set the tone for inclusive growth and long-term innovation across North Karnataka.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Australia’s eSafety commissioner report showed that tech giants, including Apple, Google, Meta, and Microsoft, have failed to act against online child sexual abuse. Namely, it was found that Apple and YouTube do not track the number of abuse reports they receive or how quickly they respond, raising serious concerns. Additionally, both companies failed to disclose the number of trust and safety staff they employ, highlighting ongoing transparency and accountability issues in protecting children online.
In July 2024, the eSafety Commissioner of Australia took action by issuing legally enforceable notices to major tech companies, pressuring them to improve their response to child sexual abuse online.
These notices legally require recipients to comply within a set timeframe. Under the order, each companies were required to report eSafety every six months over a two-year period, detailing their efforts to combat child sexual abuse material, livestreamed abuse, online grooming, sexual extortion, and AI-generated content.
While these notices were issued in 2022 and 2023, there has been minimal effort by the companies to take action to prevent such crimes, according to Australia’s eSafety Commissioner Julie Inman Grant.
Key findings from the eSafety commissioner are:
- Apple did not use hash-matching tools to detect known CSEA images on iCloud (which was opt-in, end-to-end encrypted) and did not use hash-matching tools to detect known CSEA videos on iCloud or iCloud email. For iMessage and FaceTime (which were end-to-end encrypted), Apple only used Communication Safety, Apple’s safety intervention to identify images or videos that likely contain nudity, as a means of ‘detecting’ CSEA.
- Discord did not use hash-matching tools for known CSEA videos on any part of the service (despite using hash-matching tools for known images and tools to detect new CSEA material).
- Google did not use hash-matching tools to detect known CSEA images on Google Messages (end-to-end encrypted), nor did it detect known CSEA videos on Google Chat, Google Messages, or Gmail.
- Microsoft did not use hash-matching tools for known CSEA images stored on OneDrive18, nor did it use hash-matching tools to detect known videos within content stored on OneDrive or Outlook.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A sweeping cyberattack has compromised the federal court filing system across multiple US states, exposing sensitive case data and informant identities. The breach affects core systems used by legal professionals and the public.
Sources say the Administrative Office of the US Courts first realised the scale of the hack in early July, with authorities still assessing the damage. Nation-state-linked actors or organised crime are suspected.
Critical systems like CM/ECF and PACER were impacted, raising fears over sealed indictments, search warrants and cooperation records now exposed. A dozen dockets were reportedly tampered with in at least one district.
Calls to modernise the ageing court infrastructure have intensified, with officials warning of rising cyber threats and the urgent need for system replacements.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
