Cybercrime

AI-generated video falsely claims US military to ‘take over’ Nigerian army

A video circulating online, purported to show a US military officer announcing that the United States would take control of the Nigerian Army, is false.

Independent analysis has revealed that the clip was likely generated or heavily manipulated using AI, and no official announcement or credible source supports this claim.

Fact-checkers used AI-detection tools and found high levels of manipulation, and investigations uncovered inconsistencies in uniform insignia and microphones linked to non-existent media outlets. No verified reports indicate that US military forces are intervening in Nigerian defence operations.

The false claim has spread on platforms including X (formerly Twitter), generating alarm and misinterpretation about foreign military involvement in Nigeria.

Experts warn that deepfakes and AI-generated misinformation are becoming harder to spot without specialised tools and verification.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UK Foreign Office hit by cyber-attack

The UK Foreign, Commonwealth and Development Office was hacked in October, according to minister Chris Bryant. Officials say there is a low risk to any individual from the breach.

Reports suggest that a Chinese group, Storm 1849, may have been involved, but Bryant cautioned that the perpetrator has not been confirmed. Tens of thousands of visa details could have been targeted, though the exact scope remains unclear.

The attack shares similarities with a 2024 campaign called ArcaneDoor, linked to state-sponsored actors. Cybersecurity experts warn that the incidents may be connected and highlight risks of large-scale data targeting.

Officials have quickly closed the vulnerability and continue to investigate the matter. Bryant emphasised that speculation is unhelpful and said the investigation could take some time to identify the responsible party.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Digital fraud declines in Russia after rollout of Cyberbez measures

Russia has reported a sharp decline in cyber fraud following the introduction of new regulatory measures in 2025. Officials say legislative action targeting telephone and online scams has begun to deliver measurable results.

State Secretary and Deputy Minister of Digital Development Ivan Lebedev told the State Duma that crimes covered by the first package of reforms, known as ‘Cyberbez 1.0’, have fallen by 40%, according to confirmed statistics.

Earlier this year, Lebedev said Russia records roughly 677,000 cases of phone and online fraud annually, with incidents rising by more than 35% since 2022, highlighting the scale of the challenge faced by authorities.

In April, President Vladimir Putin signed a law introducing a range of countermeasures, including a state information system to combat fraud, limits on unsolicited marketing calls, stricter SIM card issuance rules, and new compliance obligations for banks.

Further steps are now under discussion. Officials say a second package is being prepared, while a third set of initiatives was announced in December as Russia continues to strengthen its digital security framework.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

New Kimwolf Android botnet linked to a record-breaking DDoS attacks

Cybersecurity researchers have uncovered a rapidly expanding Android botnet known as Kimwolf, which has already compromised approximately 1.8 million devices worldwide.

The malware primarily targets smart TVs, set-top boxes, and tablets connected to residential networks, with infections concentrated in countries including Brazil, India, the US, Argentina, South Africa, and the Philippines.

Analysis by QiAnXin XLab indicates that Kimwolf demonstrates a high degree of operational resilience.

Despite multiple disruptions to its command-and-control infrastructure, the botnet has repeatedly re-emerged with enhanced capabilities, including the adoption of Ethereum Name Service to harden its communications against takedown efforts.

Researchers also identified significant similarities between Kimwolf and AISURU, one of the most powerful botnets observed in recent years. Shared source code, infrastructure, and infection scripts suggest both botnets are operated by the same threat group and have coexisted on large numbers of infected devices.

AISURU has previously drawn attention for launching record-setting distributed denial-of-service attacks, including traffic peaks approaching 30 terabits per second.

The emergence of Kimwolf alongside such activity highlights the growing scale and sophistication of botnet-driven cyber threats targeting global internet infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI and security trends shape the internet in 2025

Cloudflare released its sixth annual Year in Review, providing a comprehensive snapshot of global Internet trends in 2025. The report highlights rising digital reliance, AI progress, and evolving security threats across Cloudflare’s network and Radar data.

Global Internet traffic rose 19 percent year-on-year, reflecting increased use for personal and professional activities. A key trend was the move from large-scale AI training to continuous AI inference, alongside rapid growth in generative AI platforms.

Google and Meta remained the most popular services, while ChatGPT led in generative AI usage.

Cybersecurity remained a critical concern. Post-quantum encryption now protects 52 percent of Internet traffic, yet record-breaking DDoS attacks underscored rising cyber risks.

Civil society and non-profit organisations were the most targeted sectors for the first time, while government actions caused nearly half of the major Internet outages.

Connectivity varied by region, with Europe leading in speed and quality and Spain ranking highest globally. The report outlines 2025’s Internet challenges and progress, providing insights for governments, businesses, and users aiming for greater resilience and security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Crypto theft soars in 2025 with fewer but bigger attacks

Cryptocurrency theft intensified in 2025, with total stolen funds exceeding $3.4 billion despite fewer large-scale incidents. Losses became increasingly concentrated, with a few major breaches driving most of the annual damage and widening the gap between typical hacks and extreme outliers.

North Korea remained the dominant threat actor, stealing at least $2.02 billion in digital assets during the year, a 51% increase compared with 2024.

Larger thefts were achieved through fewer operations, often relying on insider access, executive impersonation, and long-term infiltration of crypto firms rather than frequent attacks.

Laundering activity linked to North Korean actors followed a distinctive and disciplined pattern. Stolen funds moved in smaller tranches through Chinese-language laundering networks, bridges, and mixing services, usually following a structured 45-day cycle.

Individual wallet attacks surged, impacting tens of thousands of victims, while the total value stolen from personal wallets fell. Decentralised finance remained resilient, with hack losses low despite rising locked capital, indicating stronger security practices.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Customer trust at risk as retail cyberattacks grow

Retailers face escalating cyber threats as hackers increasingly target customer data, eroding trust and damaging long-term brand value.

Deloitte warns that data breaches and ransomware attacks are becoming more frequent and costly, with some retailers facing losses reaching hundreds of millions, alongside declining consumer confidence.

The expansion of AI-driven personalisation has intensified privacy concerns, as customers weigh convenience against data protection.

While many shoppers accept sharing personal information in exchange for value, confidence depends on clear safeguards, transparent data use and credible security practices across digital channels.

Deloitte argues that leading retailers integrate cybersecurity into their core business strategy, rather than treating it as a compliance obligation.

Priorities include protecting critical digital assets, modernising security operations and building cyber-aware cultures capable of responding to AI-enabled fraud, preserving customer trust and sustaining revenue growth.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI-driven Christmas scams surge online

Cybersecurity researchers are urging greater caution as Christmas approaches, warning that seasonal scams are multiplying rapidly. Check Point has recorded over 33,500 festive phishing emails and more than 10,000 deceptive social ads within two weeks.

AI tools are helping criminals craft convincing messages that mirror trusted brands and local languages. Attackers are also deploying fake e-commerce sites with AI chatbots, as well as deepfake audio and scripted calls to strengthen vishing attempts.

Smishing alerts imitating delivery firms are becoming more widespread, with recent months showing a marked rise in fraudulent parcel scams. Victims are often tricked into sharing payment details through links that imitate genuine logistics updates.

Experts say fake shops and giveaway scams remain persistent risks, frequently launched from accounts created within the past three months. Users are being advised to ignore unsolicited links, verify retailers and treat unexpected offers with scepticism.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Credit reporting breach exposes 5.6 millions consumers through third party API

US credit reporting company 700Credit has confirmed a data breach affecting more than 5.6 million individuals after attackers exploited a compromised third-party API used to exchange consumer data with external integration partners.

An incident that originated from a supply chain failure after one partner was breached earlier in 2025 and failed to notify 700Credit.

The attackers launched a sustained, high-volume data extraction campaign starting on October 25, 2025, which operated for more than two weeks before access was shut down.

Around 20 percent of consumer records were accessed, exposing names, home addresses, dates of birth and Social Security numbers, while internal systems, payment platforms and login credentials were not compromised.

Despite the absence of financial system access, the exposed personal data significantly increases the risk of identity theft and sophisticated phishing attacks impersonating credit reporting services.

The breach has been reported to the Federal Trade Commission and the FBI, with regulators coordinating responses through industry bodies representing affected dealerships.

Individuals impacted by the incident are currently being notified and offered two years of free credit monitoring, complimentary credit reports and access to a dedicated support line.

Authorities have urged recipients to act promptly by monitoring their credit activity and taking protective measures to minimise the risk of fraud.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

No sensitive data compromised in SoundCloud incident

SoundCloud has confirmed a recent security incident that temporarily affected platform availability and involved the limited exposure of user data. The company detected unauthorised activity on an ancillary service dashboard and acted immediately to contain the situation.

Third-party cybersecurity experts were engaged to investigate and support the response. The incident resulted in two brief denial-of-service attacks, temporarily disrupting web access.

Approximately 20% of users were affected; however, no sensitive data, such as passwords or financial details, were compromised. Only email addresses and publicly visible profile information were involved.

In response, SoundCloud has strengthened its systems, enhancing monitoring, reviewing identity and access controls, and auditing related systems. Some configuration updates have led to temporary VPN connectivity issues, which the company is working to resolve.

SoundCloud emphasises that user privacy remains a top priority and encourages vigilance against phishing. The platform will continue to provide updates and take steps to minimise the risk of future incidents.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot