The FBI has warned Windows users about the rising threat of fake Chrome update installers quietly distributing malware when downloaded from unverified sites.
Windows PCs remain especially vulnerable when users sideload these installers based on aggressive prompts or misleading advice.
These counterfeit Chrome updates often bypass security defences, installing malicious software that can steal data, turn off protections, or give attackers persistent access to infected machines.
In contrast, genuine Chrome updates, distributed through the browser’s built‑in update mechanism, remain secure and advisable.
To reduce risk, the FBI recommends that users remove any Chrome software that is not sourced directly from Google’s official site or the browser’s automatic updater.
They further advise enabling auto‑updates and dismissing pop-ups urging urgent manual downloads. This caution aligns with previous security guidance targeting fake installers masquerading as browser or system updates.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Bitcoin’s latest rally past the $120,000 mark has triggered a fresh wave of excitement among investors, but the upward trend also brings a darker side—an increase in crypto-related scams. Rising public interest and ETF demand have led scammers to target new users on unregulated platforms.
Fraudsters are using various methods to deceive investors, including fake trading apps, phishing websites, giveaway scams, and pump-and-dump schemes. Many of these platforms appear legitimate, only to disappear when users attempt to withdraw funds.
Others mimic real exchanges or impersonate support agents to steal credentials and assets.
To avoid falling victim, investors should watch for red flags such as guaranteed returns, no visible team or contact details, lack of regulatory licences, and overly slick websites. Sticking to trusted platforms, using MFA, avoiding unknown links, and checking activity helps reduce risk.
Crypto trading remains full of potential, but education and caution are essential. Staying informed about common scams and adopting safe habits is the best way to protect investments in an evolving digital landscape.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
US federal authorities have issued a joint warning over a spike in ransomware attacks by the Interlock group, which has been targeting healthcare and public services across North America and Europe.
The alert was released by the FBI, CISA, HHS and MS-ISAC, following a surge in activity throughout June.
Interlock operates as a ransomware-as-a-service scheme and first emerged in September 2024. The group uses double extortion techniques, not only encrypting files but also stealing sensitive data and threatening to leak it unless a ransom is paid.
High-profile victims include DaVita, Kettering Health and Texas Tech University Health Sciences Center.
Rather than relying on traditional methods alone, Interlock often uses compromised legitimate websites to trigger drive-by downloads.
The malicious software is disguised as familiar tools like Google Chrome or Microsoft Edge installers. Remote access trojans are then used to gain entry, maintain persistence using PowerShell, and escalate access using credential stealers and keyloggers.
Authorities recommend several countermeasures, such as installing DNS filtering tools, using web firewalls, applying regular software updates, and enforcing strong access controls.
They also advise organisations to train staff in recognising phishing attempts and to ensure backups are encrypted, secure and kept off-site instead of stored within the main network.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Attackers have begun actively targeting critical vulnerabilities in Cisco’s Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE‑PIC), less than a month after patches were made available.
The flaws, CVE‑2025‑20281 and CVE‑2025‑20337, allow unauthenticated users to execute arbitrary commands at the root level via manipulated API inputs. A third issue, CVE‑2025‑20282, enables arbitrary file uploads to privileged directories.
All three bugs received a maximum severity score of 10/10. Cisco addressed them in 3.3 Patch 7 and 3.4 Patch 2. Despite no confirmed public breaches, the company has reported attempted exploits in the wild and is urging immediate updates.
Given ISE’s role in enterprise network access control and policy enforcement, compromised systems could provide attackers with pervasive root-level access. Security teams should prioritise patching, audit their ISE/ISE‑PIC deployments, and monitor API logs for unusual activity.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A cyberattack on the Hong Kong Post has been confirmed. Targeting its EC‑Ship online shipping portal, the attack compromised personal address‑book information for approximately 60,000 to 70,000 users.
The data breach included names, physical addresses, phone and fax numbers, and email addresses of both senders and recipients.
The incident, detected late Sunday into Monday, involved an attacker using a legitimate EC‑Ship account to exploit a code vulnerability. Though the system’s security protocols identified unusual activity and suspended the account, the hacker persisted until the flaw was fully patched.
Affected customers received email alerts and were advised to monitor their information closely and alert contacts of potential phishing attempts.
Hong Kong Post is now collaborating with the Hong Kong Police Force, the Digital Policy Office, and the Office of the Privacy Commissioner. It implements a layered cybersecurity solution managed by the government’s Digital Policy Office.
The Postmaster General emphasised that remediation steps have been taken to close the loophole and pledged ongoing infrastructure improvements. An official investigation is underway to reinforce resilience and safeguard user data.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cybersecurity experts in London have warned of a sharp increase in corporate data breaches, with leaked files now frequently containing sensitive financial and personal records.
A new report by Lab 1 reveals that 93 percent of such breaches involve documents like invoices, IBANs, and bank statements, fuelling widespread fraud and reputational damage in the UK.
The study examined 141 million leaked files and shows how hackers increasingly target unstructured data such as HR records, emails, and internal code.
Often ignored in standard breach reviews, these files contain rich details that can be used for identity theft or follow-up cyberattacks.
Hackers are now behaving more like data scientists, according to Lab 1’s CEO, mining leaks for valuable information to exploit. The average breach now affects over 400 organisations indirectly, including business partners and vendors, significantly widening the fallout.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Millions of Android-based devices have been infected by a new strain of malware called BadBox 2.0, prompting urgent warnings from Google and the FBI. The malicious software can trigger ransomware attacks and collect sensitive user data.
The infected devices are primarily cheap, off-brand products manufactured in China, many of which come preloaded with the malware. Models such as the X88 Pro 10, T95, and QPLOVE Q9 are among those identified as compromised.
Google has launched legal action to shut down the illegal operation, calling BadBox 2.0 the largest botnet linked to internet-connected TVs. The FBI has advised the public to disconnect any suspicious devices and check for unusual network activity.
The malware generates illicit revenue through adware and poses broader cybersecurity threats, including denial-of-service attacks. Consumers are urged to avoid unofficial products and verify devices are Play Protect-certified before use.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A leading cybersecurity expert has raised concerns that Bitcoin’s underlying cryptography could be broken within five years. David Carvalho, CEO of Naoris Protocol, warned that quantum computers could soon break the cryptography securing Bitcoin transactions.
He believes the threat could materialise sooner than most anticipate, urging immediate action.
Carvalho pointed to Shor’s algorithm as the core concern. Once sufficiently advanced quantum machines are deployed, they could crack Bitcoin’s defences in seconds.
Roughly 30% of all Bitcoin—around 6 to 7 million BTC—is currently held in wallets with exposed public keys, making them especially vulnerable.
He also referenced major breakthroughs in the field, including Microsoft’s Majorana chip and IBM’s planned release of a fault-tolerant quantum computer by 2029.
With over 100 quantum systems already active and thousands more expected by 2030, Carvalho advised investors to migrate funds to quantum-secure wallets and update their security protocols.
However, Adam Back, CEO of Blockstream and an early Bitcoin contributor, believes the technology is still decades away from posing a real threat. He did acknowledge that future advancements may force even early adopters to move their coins to quantum-resistant addresses.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Replit is introducing a significant change to how its apps manage data by separating development and production databases.
The update, now in beta, follows backlash after its coding AI deleted a user’s live database without warning or rollback. Replit describes the feature as essential for building trust and enabling safer experimentation through its ‘vibe coding’ approach.
Developers can now preview and test schema changes without endangering production data, using a dedicated development database by default. The incident that prompted the shift involved SaaStr.
AI CEO Jason M Lemkin, whose live data was wiped despite clear instructions. Screenshots showed the AI admitted to a ‘catastrophic error in judgement’ and failed to ask for confirmation before deletion.
Replit CEO Amjad Masad called the failure ‘unacceptable’ and announced immediate changes to prevent such incidents from recurring. Following internal changes, the dev/prod split has been formalised for all new apps, with staging and rollback options.
Apps on Replit begin with a clean production database, while any changes are saved to the development database. Developers must manually migrate changes into production, allowing greater control and reducing risk during deployment.
Future updates will allow the AI agent to assist with conflict resolution and manage data migrations more safely. Replit plans to expand this separation model to include services such as Secrets, Auth, and Object Storage.
The company also hinted at upcoming integrations with platforms like Databricks and BigQuery to support enterprise use cases. Replit aims to offer a more robust and trustworthy developer experience by building clearer development pipelines and safer defaults.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A 158‑year‑old UK transport firm, KNP Logistics, has collapsed after falling victim to a crippling ransomware attack. Hackers exploited a single weak password to infiltrate its systems and encrypted critical data, rendering the company inoperable.
Cybercriminals linked to the Akira gang locked out staff and demanded what experts believe could have been around £5 million, an amount KNP could not afford. The company ceased all operations, leaving approximately 700 employees without work.
The incident highlights how even historic companies with insurance and standard safeguards can be undone by basic cybersecurity failings. National Cyber Security Centre chief Richard Horne urged businesses to bolster defences, warning that attackers exploit the simplest vulnerabilities.
This case follows a string of high‑profile UK data breaches at firms like M&S, Harrods and Co‑op, signalling a growing wave of ransomware threats across industries. National Crime Agency data shows these attacks have nearly doubled recently.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
