Cybercrime

OpenAI boss, Sam Altman, fuels debate over dead internet theory

Sam Altman, chief executive of OpenAI, has suggested that the so-called ‘dead internet theory’ may hold some truth. The idea, long dismissed as a conspiracy theory, claims much of the online world is now dominated by computer-generated content rather than real people.

Altman noted on X that he had not previously taken the theory seriously but believed there were now many accounts run by large language models.

His remark drew criticism from users who argued that OpenAI itself had helped create the problem by releasing ChatGPT in 2022, which triggered a surge of automated content.

The spread of AI systems has intensified debate over whether online spaces are increasingly filled with artificially generated voices.

Some observers also linked Altman’s comments to his work on World Network, formerly Worldcoin, a project launched in 2019 to verify human identity online through biometric scans. That initiative has been promoted as a potential safeguard against the growing influence of AI-driven systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google Cloud study shows AI agents driving global business growth

A new Google Cloud study indicates that more than half of global enterprises are already using AI agents, with many reporting consistent revenue growth and faster return on investment.

The research, based on a survey of 3,466 executives across 24 countries, suggests agentic AI is moving from trial projects to large-scale deployment.

The findings by Google Cloud reveal that 52% of executives said their organisations actively use AI agents, while 39% reported launching more than ten. A group of early adopters, representing 13% of respondents, have gone further by dedicating at least half of their future AI budgets to agentic AI.

These companies are embedding agents across operations and are more likely to report returns in customer service, marketing, cybersecurity and software development.

The report also highlights how industries are tailoring adoption. Financial services focus on fraud detection, retail uses agents for quality control, and telecom operators apply them for network automation.

Regional variations are notable: European companies prioritise tech support, Latin American firms lean on marketing, while Asia-Pacific enterprises emphasise customer service.

Although enthusiasm is strong, challenges remain. Executives cited data privacy, security and integration with existing systems as key concerns.

Google Cloud executives said that early adopters are not only automating tasks but also reshaping business processes, with 2025 expected to mark a shift towards embedding AI intelligence directly into operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UK factories closed as cyberattack disrupts Jaguar Land Rover

Jaguar Land Rover (JLR) has ordered factory staff to work from home until at least next Tuesday as it recovers from a major cyberattack. Production remains suspended at key UK sites, including Halewood, Solihull, and Wolverhampton.

The disruption, first reported earlier this week, has ‘severely impacted’ production and sales, according to JLR. Reports suggest that assembly line workers have been instructed not to return before 9 September, while the situation remains under review.

The hack has hit operations beyond manufacturing, with dealerships unable to order parts and some customer handovers delayed. The timing is particularly disruptive, coinciding with the September release of new registration plates, which traditionally boosts demand.

A group of young hackers on Telegram, calling themselves Scattered Lapsus$ Hunters, has claimed responsibility for the incident. Linked to earlier attacks on Marks & Spencer and Harrods, the group reportedly shared screenshots of JLR’s internal IT systems as proof.

The incident follows a wider spate of UK retail and automotive cyberattacks this year. JLR has stated that it is working quickly to restore systems and emphasised that there is ‘no evidence’ that customer data has been compromised.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Google outage disrupts services across Türkiye and southeast europe

Google services experienced a widespread outage in Türkiye on Thursday morning, leaving core functions such as search and YouTube inaccessible.

Users reported search queries failing to return results, frozen pages, and an inability to connect to Google servers. Social media posts suggested the disruption extended beyond Türkiye, affecting users in Bulgaria, Greece, Georgia, Croatia, Serbia, Romania, Armenia, the Netherlands, and Germany.

The Turkish state-run Anadolu Agency confirmed outages across parts of Southeastern Europe. Turkish Deputy Minister of Transport and Infrastructure, Omer Fatih Sayan, said the issue impacted Android and related services in Türkiye and the wider European region.

He added that the National Cyber Incident Response Centre had requested a technical report from Google and is monitoring the situation closely.

As of 10:57 a.m. local time, 4 September 2025, access to Google services in Türkiye had been restored. Google has yet to issue an official statement regarding the cause of the disruption.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

SCO Tianjin Summit underscores economic cooperation and security dialogue

The Shanghai Cooperation Organisation (SCO) summit in Tianjin closed with leaders adopting the Tianjin Declaration, highlighting member states’ commitment to multilateralism, sovereignty, and shared security.

The discussions emphasised economic resilience, financial cooperation, and collective responses to security challenges.

Proposals included exploring joint financial mechanisms, such as common bonds and payment systems, to shield member economies from external disruptions.

Leaders also underlined the importance of strengthening cooperation in trade and investment, with China pledging additional funding and infrastructure support across the bloc. Observers noted that these measures reflect growing interest in alternative global finance and economic governance approaches.

Security issues are prominently featured, with agreements to enhance counter-terrorism initiatives and expand existing structures such as the Regional Anti-Terrorist Structure. Delegates also called for greater collaboration against cross-border crime, drug trafficking, and emerging security risks.

At the same time, they stressed the need for political solutions to ongoing regional conflicts, including those in Ukraine, Gaza, and Afghanistan.

With its expanding membership and combined economic weight, the SCO continues to position itself as a platform for cooperation beyond traditional regional security concerns.

While challenges remain, including diverging interests among key members, the Tianjin summit indicated the bloc’s growing role in discussions on multipolar governance and collective stability.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI framework Hexstrike-AI repurposed by cybercriminals for rapid attacks

Within hours of its public release, the offensive security framework Hexstrike-AI has been weaponised by threat actors to exploit zero-day vulnerabilities, most recently affecting Citrix NetScaler ADC and Gateway, within just ten minutes.

Automated agents execute actions such as scanning, exploiting CVEs and deploying webshells, all orchestrated through high-level commands like ‘exploit NetScaler’.

Researchers from CheckPoint note that attackers are now using Hexstrike-AI to achieve unauthenticated remote code execution automatically.

The AI framework’s design, complete with retry logic and resilience, makes chaining reconnaissance, exploitation and persistence seamless and more effective.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Salt Typhoon espionage campaign revealed through global cybersecurity advisory

Intelligence and cybersecurity agencies from 13 countries, including the NSA, CISA, the UK’s NCSC and Canada’s CSIS, have jointly issued an advisory on Salt Typhoon, a Chinese state-sponsored advanced persistent threat group.

The alert highlights global intrusions into telecommunications, military, government, transport and lodging sectors.

Salt Typhoon has exploited known, unpatched vulnerabilities in network-edge appliances, such as routers and firewalls, to gain initial access. Once inside, it covertly embeds malware and employs living-off-the-land tools for persistence and data exfiltration.

The advisory also warns that stolen data from compromised ISPs can help intelligence services track global communications and movements.

It pinpoints three Chinese companies with links to the Ministry of State Security and the People’s Liberation Army as central to Salt Typhoon’s operations.

Defensive guidelines accompany the advisory, urging organisations to apply urgent firmware patches, monitor for abnormal network activity, verify firmware integrity and tighten device configurations, especially for telecom infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hackers exploit Ethereum smart contracts to spread malware

Cybersecurity researchers have uncovered a new method hackers use to deliver malware, which hides malicious commands inside Ethereum smart contracts. ReversingLabs identified two compromised NPM packages on the popular Node Package Manager repository.

The packages, named ‘colortoolsv2’ and ‘mimelib2,’ were uploaded in July and used blockchain queries to fetch URLs that delivered downloader malware. The contracts hid command and control addresses, letting attackers evade scans by making blockchain traffic look legitimate.

Researchers say the approach marks a shift in tactics. While the Lazarus Group previously leveraged Ethereum smart contracts, the novel element uses them as hosts for malicious URLs. Analysts warn that open-source repositories face increasingly sophisticated evasion techniques.

The malicious packages formed part of a broader deception campaign involving fake GitHub repositories posing as cryptocurrency trading bots. With fabricated commits, fake user accounts, and professional-looking documentation, attackers built convincing projects to trick developers.

Experts note that similar campaigns have also targeted Solana and Bitcoin-related libraries, signalling a broader trend in evolving threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Jaguar Land Rover production disrupted by cyber incident

Jaguar Land Rover (JLR) has confirmed its production and retail operations were ‘severely disrupted’ due to a cyber incident, prompting a precautionary system shutdown.

The company stated there is currently ‘no evidence’ that any customer data has been compromised and assured it is working at pace to restore systems in a controlled manner.

The incident disrupted output at key UK plants, including Halewood and Solihull, led to operational bottlenecks such as halted vehicle registrations, and impacted a peak retail period following the release of ’75’ number plates.

A Telegram group named Scattered Lapsus$ Hunters, a conflation of known hacking collectives, claimed responsibility, posting what appeared to be internal logs. Cybersecurity experts caution that such claims should be viewed sceptically, as attribution via Telegram may be misleading.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Disney to pay $10 Million to settle allegations of unlawfully collecting childrens personal data

The Walt Disney Company will pay $10 million to settle allegations that it breached children’s privacy laws by mislabelling videos aimed at young audiences on YouTube, allowing personal data to be collected without parental consent.

In a complaint filed by the US Department of Justice, following a Federal Trade Commission (FTC) referral, Disney was accused of incorrectly designing hundreds of child-directed videos as ‘Made for Kids’.

Instead, the company applied a blanket ‘Not Made for Kids’ label at the channel level, enabling YouTube to collect data and serve targeted advertising to viewers under 13, contrary to the Children’s Online Privacy Protection Act (COPPA).

The FTC claims Disney profited through direct ad sales and revenue-sharing with YouTube. Despite being notified by YouTube in 2020 that over 300 videos had been misclassified, Disney did not revise its labelling policy.

Under the proposed settlement, Disney must pay the civil penalty, fully comply with COPPA by obtaining parental consent before data collection, and implement a video review programme to ensure accurate classification, unless YouTube introduces age assurance technologies to determine user age reliably.

“This case underscores the FTC’s commitment to protecting children’s privacy online,” said FTC Chair Andrew Ferguson. “Parents, not corporations like Disney, should decide how their children’s data is collected and used.”

The agreement, which a federal judge must still approve, reflects growing pressure on tech platforms and content creators to safeguard children’s digital privacy.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!