The US has approved its first export licences for Nvidia’s advanced AI chips destined for the United Arab Emirates, marking a concrete step in the bilateral AI partnership announced earlier in 2025.
These licences come under the oversight of the US Commerce Department’s Bureau of Industry and Security, aligned with a formal agreement between the two nations signed in May.
In return, the UAE has committed to investing in the United States, making this a two-way deal. The licences do not cover every project yet: some entities, such as the AI firm G42, are currently excluded from the approved shipments.
The UAE sees the move as crucial to its AI push under Vision 2031, particularly for funding data centre expansion and advancing research in robotics and intelligent systems. Nvidia already collaborates with Abu Dhabi’s Technology Innovation Institute (TII) in a joint AI and robotics lab.
Challenges remain. Some US officials cite national security risks, especially given the UAE’s ties and potential technology pathways to third countries.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Discord has confirmed that official ID images belonging to around 70,000 users may have been exposed in a cyberattack targeting a third-party service provider. The platform itself was not breached, but hackers targeted a company involved in age verification processes.
The leaked data may include personal information, partial credit card details, and conversations with Discord’s customer service agents. No full credit card numbers, passwords, or activity beyond support interactions were affected. Impacted users have been contacted, and law enforcement is investigating.
The platform has revoked the support provider’s access to its systems and has not named the third party involved. Zendesk, a customer service software supplier to Discord, said its own systems were not compromised and denied being the source of the breach.
Discord has rejected claims circulating online that the breach was larger than reported, calling them part of an attempted extortion. The company stated it would not comply with demands from the attackers. Cybercriminals often sell personal information on illicit markets for use in scams.
ID numbers and official documents are especially valuable because, unlike credit card details, they rarely change. Discord previously tightened its age-verification measures following concerns over the misuse of some servers to distribute illegal material.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Over 4.3 million New Zealand account details have been exposed online, according to the National Cyber Security Centre. As Cyber Smart Week begins, the agency is launching a free tool called ‘How Exposed Am I‘ through its Own Your Online platform to help people check their data and strengthen defences.
The tool utilises the Have I Been Pwned database to display users whose personal details have been compromised. It then provides steps to enhance security, giving individuals greater control over their digital safety. Authorities say scammers can easily exploit exposed information to compromise accounts.
New research highlights the scale of the threat. More than half of users in New Zealand faced an online security issue within six months, yet fewer than half felt personally vulnerable. Losses reached NZ$1.6 billion in 2024, affecting over 830,000 people, with an average loss of NZ$1,260 per incident.
NCSC’s Mike Jagusch says almost everyone leaves a digital footprint that exposes them to scammers. Simple steps, such as using long, unique passwords and enabling two-factor authentication, can greatly reduce risk. He notes that two-factor authentication alone can block 99% of automated attacks.
The initiative is part of Own Your Online’s broader push to improve national cyber resilience. Users are encouraged to start by securing their most critical accounts, such as banking, email, and social media, to build stronger protection against future scams.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Two 17-year-olds have been arrested in connection with a ransomware attack on the London-based nursery chain Kido, which led to the theft of data belonging to about 8,000 children. The Metropolitan Police confirmed the arrests took place in Bishop’s Stortford and Hertfordshire.
The suspects are accused of computer misuse and blackmail after hackers demanded a ransom of roughly £600,000 in Bitcoin. The stolen data included names, addresses, photographs, and parent contact details, some of which were briefly published on the darknet.
The hacking group, known as Radiant, claimed responsibility for the attack and later removed the files, saying they had deleted the data. Cybersecurity experts condemned the exposure of children’s personal details as one of the most serious breaches of its kind.
Kido said it fully cooperated with UK law enforcement and welcomed the police action, calling it an important step toward justice. The Metropolitan Police said the investigation remains ongoing as officers continue working to identify everyone involved.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A September breach at one of Discord’s customer service vendors has exposed user data, highlighting the growing cybersecurity risks associated with third-party providers. Attackers exploited vulnerabilities in the external platform, but Discord’s core systems were not compromised.
Exposed information includes usernames, email addresses, phone numbers, and partial payment details, such as the last four digits of credit card numbers. No full card numbers, passwords, or messages were accessed, which limited the scope of the incident compared to more severe breaches.
Discord revoked the vendor’s system access, launched an investigation, and engaged law enforcement and forensic experts. Only users who contacted support were affected. Individuals impacted are being notified by email and advised to remain vigilant for potential scams.
The incident underscores the growing risk of supply chain attacks, where external service providers become weak points in otherwise well-secured organisations. As companies rely more on vendors, attackers are increasingly targeting these indirect pathways.
Cybersecurity analysts warn that third-party breaches are on the rise amid increasingly sophisticated phishing and AI-enabled scams. Strengthening vendor oversight, improving internal training, and maintaining clear communication with users are seen as essential next steps.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A new global survey by 11:11 Systems highlights growing concerns among IT leaders over cyber incident recovery. More than 800 senior IT professionals across North America, Europe, and the Asia Pacific report a rising strain from evolving threats, staffing gaps, and limited clean-room infrastructure.
Over 80% of respondents experienced at least one major cyberattack in the past year, with more than half facing multiple incidents. Nearly half see recovery planning complexity as their top challenge, while over 80% say their organisations are overconfident in their recovery capabilities.
The survey also reveals that 74% believe integrating AI could increase cyberattack vulnerability. Despite this, 96% plan to invest in cyber incident recovery within the next 12 months, underlining its growing importance in budget strategies.
The financial stakes are high. Over 80% of respondents reported spending at least six figures during just one hour of downtime, with the top 5% incurring losses of over one million dollars per hour. Yet 30% of businesses do not test their recovery plans annually, despite these risks.
11:11 Systems’ CTO Justin Giardina said organisations must adopt a proactive, AI-driven approach to recovery. He emphasised the importance of advanced platforms, secure clean rooms, and tailored expertise to enhance cyber resilience and expedite recovery after incidents.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Several major gaming and online platforms have reportedly faced simultaneous disruptions across multiple devices and regions. Platforms like Steam and Riot Games experienced connection issues, blocking access to major titles such as Counter-Strike, Dota 2, Valorant, and League of Legends.
Some users reported issues with PlayStation Network, Epic Games, Hulu, AWS, and other services.
Experts suggest the outages may be linked to a possible DDoS attack from the Aisuru botnet. While official confirmations remain limited, reports indicate unusually high traffic, with one source claiming bandwidth levels near 30 terabits per second.
Similar activity from Aisuru has been noted in incidents dating back to 2024, targeting a range of internet-connected devices.
The botnet is thought to exploit vulnerabilities in routers, cameras, and other connected devices, potentially controlling hundreds of thousands of nodes. Researchers say the attacks are widespread across countries and industries, though their full scale and purpose remain uncertain.
Further investigations are ongoing, and platforms continue to monitor and respond to potential threats. Users are advised to remain aware of service updates and exercise caution when accessing online networks during periods of unusual activity.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Brazil is set to approve its first comprehensive Cybersecurity Legal Framework with Bill No. 4752/2025. The legislation creates a National Cybersecurity Authority and requires compliance for government procurement, with shared responsibility for supply chain security incidents.
The framework aims to unify the country’s fragmented cybersecurity policies. Government agencies will follow ANC standards, while companies delivering services to public entities must meet minimum cybersecurity requirements.
The ANC will also publish lists of compliant suppliers, providing a form of certification that could enhance trust in both public and private partnerships.
Supply chain oversight is a key element of the bill. Public bodies must assess supplier risks, and liability will be shared in the event of breaches.
The law encourages investment in national cybersecurity technologies and offers opportunities for companies to access financing and participate in the National Cybersecurity Program.
Approval would make Brazil one of the first Latin American countries with a robust federal cybersecurity law. The framework aims to strengthen protections, encourage innovation, and boost confidence for citizens, businesses, and international partners.
Companies that prepare now will gain a competitive advantage when the law comes into effect.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Discord has disclosed a security incident after a third-party customer service provider was compromised. The breach exposed personal data from users who contacted Discord’s support and Trust & Safety teams.
An unauthorised party accessed the provider’s ticketing system and targeted user data in an extortion attempt. Discord revoked access, launched an investigation with forensic experts, and notified law enforcement. Impacted users will be contacted via official email.
Compromised information may include usernames, contact details, partial billing data, IP addresses, customer service messages, and limited government-ID images. Passwords, authentication data, and full credit card numbers were not affected.
Discord has notified data protection authorities and strengthened security controls for third-party providers. It has also reviewed threat detection systems to prevent similar incidents.
The company urges affected users to remain vigilant against suspicious messages. Service agents are available to answer questions and provide additional support.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A major data breach has affected the Northern Rivers Resilient Homes Program in New South Wales.
Authorities confirmed that personal information was exposed after a former contractor uploaded data to the AI platform ChatGPT between 12 and 15 March 2025.
The leaked file contained over 12,000 records, with details including names, addresses, contact information and health data. Up to 3,000 individuals may be impacted.
While there is no evidence yet that the information has been accessed by third parties, the NSW Reconstruction Authority (RA) and Cyber Security NSW have launched a forensic investigation.
Officials apologised for the breach and pledged to notify all affected individuals in the coming week. ID Support NSW is offering free advice and resources, while compensation will be provided for any costs linked to replacing compromised identity documents.
The RA has also strengthened its internal policies to prevent unauthorised use of AI platforms. An independent review of the incident is underway to determine how the breach occurred and why notification took several months.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
