Cybersecurity

Australia issues guidance for government use of agentic AI

Australia’s Digital Transformation Agency (DTA) has issued an agentic AI addendum to its AI Technical Standard, providing guidance for government agencies exploring, developing or deploying agentic AI systems. The document provides best-practice guidance for agencies exploring, developing, or using agentic AI and states that existing requirements in the AI technical standard remain applicable.

The addendum says agentic AI systems may autonomously plan tasks, coordinate work, and trigger actions in real-world contexts. The addendum notes that agentic AI could improve the responsiveness, efficiency and consistency of public services, particularly in high-volume administrative environments, while also introducing new risks related to oversight, control and system behaviour.

The guidance defines agentic AI as systems capable of perceiving and interpreting their environment, maintaining an internal state, reasoning about objectives and autonomously executing actions within defined permissions and constraints. Agencies are advised to implement human oversight, operational safeguards, continuous evaluation processes and mechanisms that allow systems to be rolled back when necessary.

The addendum sets out guidance across the AI lifecycle, including governance and safeguards, memory management, workflow design, secure data exchange, technology selection, evaluation, tool integration, monitoring, and decommissioning. It also calls for clear human accountability, human-in-the-loop or human-on-the-loop oversight, auditable decision records, and orchestration layers.

The guidance recommends ongoing monitoring of agent behaviour, tool usage, memory functions, operational costs, latency, authorisations and changes in the operating environment. The addendum also recommends centralised oversight mechanisms, referred to as ‘control towers’, and calls for the secure decommissioning of agentic AI resources, including agents, associated data, memory stores, tools and system logs.

Why does it matter?

Agentic AI represents a shift from AI systems that generate outputs in response to prompts to systems capable of planning, coordinating tasks and taking actions with limited human intervention. While these capabilities could improve efficiency and service delivery, they also create new governance, accountability and security challenges.

Australia’s guidance reflects growing international efforts to establish safeguards for increasingly autonomous AI systems. The emphasis on human oversight, auditability and lifecycle governance highlights concerns that public-sector AI deployments must remain transparent, controllable and accountable as the technology evolves.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

New Zealand’s NCSC warns frontier AI could amplify cybersecurity risks

New Zealand’s National Cyber Security Centre (NCSC) has issued guidance to help government agencies prepare for the cybersecurity implications of frontier AI systems. The advisory notes that frontier AI models may enable more advanced automation, reasoning and decision-making capabilities than previous generations of AI systems.

The guidance describes frontier AI as a dual-use technology, noting that the same capabilities that enhance cyber defence could also enable malicious actors to conduct cyber operations more quickly, at lower cost and on a larger scale. The NCSC warns that frontier AI could amplify risks associated with known vulnerabilities, legacy systems and poor cyber hygiene, creating what it describes as a ‘vulnerability storm’ for organisations.

According to the NCSC, organisations do not need access to the most advanced frontier AI models to strengthen their cyber resilience. Instead, it says effective readiness depends on existing cybersecurity mitigations and practices, including the New Zealand Information Security Manual, the NCSC Cyber Security Framework, Minimum Cyber Security Standards, and Protective Security Requirements.

The advisory urges government entities to treat several actions as immediate priorities, including reviewing compliance with existing standards, confirming executive accountability for frontier AI cyber risk, reviewing NCSC guidance, and identifying material gaps that AI-enabled threat actors could exploit.

The guidance also restates the NCSC Cyber Security Framework’s five functions: guide and govern, identify and understand, prevent and protect, detect and contain, and respond and recover. The advisory highlights a range of baseline cybersecurity measures, including risk management, security awareness, secure configuration, patch management, multi-factor authentication, least-privilege access controls, anomaly detection, data recovery and incident response planning.

Why does it matter?

Frontier AI is expected to increase the speed, scale and sophistication of cyber operations, potentially allowing attackers to identify vulnerabilities, automate exploitation and conduct campaigns more efficiently than before.

Rather than relying solely on new AI-specific defences, New Zealand’s guidance emphasises that strong cybersecurity fundamentals, including patching, access controls, monitoring and incident response, remain the most effective way to reduce risk. The advisory reflects a growing international view that AI is amplifying existing cyber challenges rather than replacing them with entirely new ones.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI and systemic risk analytics focus of Helsinki conference

The Bank of Finland and the European Systemic Risk Board are holding their 11th joint conference on AI and systemic risk analytics in Helsinki on 3 and 4 June.

The event focuses on how AI methods and new data sources can support financial stability analysis, while also creating new challenges for economies and financial markets.

The conference aims to present research on financial stability and systemic risk analysis using AI methods, novel techniques, and new data sources. Topics include the use of large language models and trustworthy AI, changing interdependencies in financial markets, cybersecurity and operational risks, and AI combined with quantum computing as a possible source of new systemic risks.

The programme also covers more traditional systemic risk analytics and macroprudential policy tools, including early-warning indicators, network and contagion analysis, macro stress-testing, big data analytics, market-based finance, and geopolitical risk modelling.

Speakers include Bank of Finland Governor and ESRB First Vice-Chair Olli Rehn, who will address systemic risk, resilience, and competitiveness in a changing technological landscape. Other sessions will examine systemic cyber risk in financial networks, AI and risk-taking in banking, generative AI in economics and finance research, and AI-related financial system interdependencies.

The hybrid conference will include keynotes, panel discussions, presentations, and poster sessions, with online participation available.

Why does it matter?

The conference shows that AI is becoming a financial stability issue, not only a tool for efficiency or market analysis. Central banks and systemic risk authorities are examining how AI can improve risk detection, stress testing, and data analysis, while also creating new vulnerabilities through cyber risk, operational dependencies, market interconnections, and potential herding behaviour.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU proposes Chips Act 2.0 to strengthen semiconductor ecosystem

The European Commission has proposed Chips Act 2.0, a new framework intended to strengthen Europe’s semiconductor ecosystem and build on the original European Chips Act.

The proposal aims to boost the EU’s competitiveness, technological sovereignty, and resilience while improving crisis preparedness in semiconductor supply chains. It forms part of the Commission’s wider European Technological Sovereignty Package, alongside the Cloud and AI Development Act, an Open Source Strategy, and a roadmap for digitalisation and AI in the energy sector.

The Commission says the EU remains structurally dependent on third countries for semiconductor design and manufacturing, including advanced and leading-edge chips needed for AI. It also points to gaps in crisis preparedness, noting that existing mechanisms rely heavily on voluntary information sharing outside crises and do not provide sufficient, timely supply-chain intelligence.

Chips Act 2.0 would support both mainstream and advanced semiconductors, including AI chips. Measures are expected to include stronger research and innovation support, faster permitting, supply-chain information tools, Semiconductor Regions of Excellence, skills investment, strategic projects, and innovation procurement.

The proposal also places greater emphasis on demand-side measures, including support for public procurement and industrial uptake of European semiconductor technologies. The Commission argues that stronger local demand can reinforce local supply, shorten supply chains, and better align European production capacity with the needs of strategic sectors.

The initiative complements the EU’s broader technological sovereignty agenda. The Commission says Chips Act 2.0 should help reduce strategic dependencies, improve security of supply, support industrial scale-up, and strengthen Europe’s role in semiconductor technologies needed for AI, cloud, defence, automotive, energy, and other critical sectors.

Why does it matter?

The Chips Act 2.0 shows how the EU is shifting from an emergency response to the global chip shortage to a broader semiconductor industrial strategy. The proposal links chip policy directly to AI competitiveness, cloud infrastructure, defence, energy, automotive supply chains, and technological sovereignty. Its emphasis on demand-side measures also matters: Europe is not only trying to attract semiconductor production, but also to create stronger domestic markets for European chip technologies.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU court annuls Meta Marketplace designation

The General Court of the European Union has annulled the European Commission’s decision designating Meta as a gatekeeper for Marketplace under the Digital Markets Act, while upholding the company’s designation for Messenger.

The case concerned the Commission’s 5 September 2023 decision designating Meta as a gatekeeper for several core platform services, including Facebook, Messenger, and Marketplace. Meta challenged the decision in part, contesting the classification of Messenger and Marketplace as important gateways under the DMA.

The General Court upheld the Commission’s assessment of Messenger, finding that the service is a number-independent interpersonal communications service distinct from Facebook. The court said Messenger is available through standalone applications, can be used independently of Facebook, and includes tools that allow businesses to engage with users.

The court also found that the Commission did not have to count only Messenger users who were not also Facebook users when assessing whether the quantitative threshold under the DMA was met. It also said the Commission was not required to open a market investigation in the absence of sufficiently substantiated arguments from Meta calling the DMA presumptions into question.

For Marketplace, the court found that the Commission erred in law by relying only on data from the three years preceding designation without taking account of changes made at the end of July 2023. Those changes limited the number of listings that could be published per user and led to the disappearance of the criterion used by the Commission to identify business users.

The court also found that the Commission had not provided sufficient reasoning for classifying Marketplace as an online intermediation service. It said the Commission failed to provide a concrete analysis of the July 2023 changes or to explain their effect on whether Marketplace-enabled business users could offer goods and services to consumers.

As a result, the decision was annulled only to the extent that it designated Meta as a gatekeeper for Marketplace. Meta’s Messenger designation remains in place.

Why does it matter?

The judgement is an important test of how the EU courts will review Digital Markets Act gatekeeper designations. It confirms that the Commission can rely on DMA presumptions where companies do not provide sufficiently substantiated counterarguments, as seen with Messenger. But it also shows that the Commission must properly assess relevant changes and provide sufficient reasoning when classifying a service as a core platform service, as the Marketplace annulment demonstrates.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

European Union unveils tech sovereignty plan to boost digital independence

The European Commission has presented a European Technological Sovereignty Package aimed at strengthening Europe’s capacity in semiconductors, AI, cloud infrastructure, and open source technologies.

The package includes two legislative proposals, the Chips Act 2.0 and the Cloud and AI Development Act, alongside an Open Source Strategy and a Strategic Roadmap for Digitalisation and AI in Energy.

The Commission said the measures are designed to support Europe’s ambition to become an AI continent, strengthen digital autonomy, build a more sustainable digital future, and widen choice in core technologies for businesses, citizens, and public administrations.

Rising global demand for computing capacity, driven by the spread of AI, has intensified concerns over Europe’s dependence on non-EU suppliers for core digital technologies. The Commission said the package is intended to reduce structural dependencies and ensure Europe can develop, deploy, and secure the technologies it relies on.

The proposed Chips Act 2.0 aims to strengthen Europe’s semiconductor capabilities, while the Cloud and AI Development Act focuses on expanding cloud and AI infrastructure. The Open Source Strategy is intended to support Europe’s software ecosystem, and the energy roadmap links digitalisation and AI to a more sustainable energy system.

Commission President Ursula von der Leyen said Europe cannot afford to depend on others for technologies that keep hospitals running, energy grids stable, and services secure. She said the package is about protecting citizens, defending European interests, and making independent technological choices.

Why does it matter?

The package brings several major EU technology priorities under one sovereignty agenda. By linking chips, cloud, AI infrastructure, open source, and energy digitalisation, the Commission is trying to reduce structural dependencies while strengthening Europe’s capacity to build, deploy, and secure critical technologies. The key test will be whether legislative proposals and strategies translate into investment, infrastructure, and industrial scale.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Anthropic offers ENISA access to advanced AI security model

Anthropic has invited the European Commission to facilitate access for ENISA, the EU agency for cybersecurity, to its cybersecurity-focused AI model Mythos, according to Bloomberg. The invitation followed a meeting between Anthropic and the Commission in San Francisco on 29 May. The EU must now establish a mechanism with appropriate security safeguards before access can be implemented; an ENISA official confirmed the agency does not currently have active access.

Anthropic unveiled Mythos in April, describing it as a model capable of identifying and exploiting cybersecurity vulnerabilities at a level that surpasses most human experts. Bloomberg reported on 2 June that ENISA was set to receive access to the model.

European Commission spokesperson Thomas Regnier welcomed the development, saying that access could help authorities build a clearer understanding of potential risks as increasingly capable AI models enter the market. The invitation follows calls from European policymakers and cybersecurity officials for greater access to advanced AI systems and for the development of comparable European capabilities.

Why does it matter?

The emergence of AI models capable of identifying software vulnerabilities at scale is reshaping cybersecurity risk assessments for governments, regulators and critical infrastructure operators. Access to such systems can help authorities better understand their capabilities, evaluate potential threats and develop appropriate safeguards.

For the EU, granting ENISA access to Mythos could support evidence-based policymaking and strengthen preparedness as increasingly powerful cybersecurity-focused AI models become available. The move also highlights a broader challenge: ensuring that public institutions can keep pace with rapidly advancing AI capabilities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Supply chain attack compromises Red Hat software packages on npm

Security researchers at Aikido and JFrog identified malicious code in more than 30 software packages published through a verified Red Hat Cloud Services account on npm, the widely used software package repository for developers. The packages are used across cloud application development and are installed by developers and automated systems worldwide.

According to the researchers, the attackers did not initially target individual developers. Instead, evidence suggests they gained access to the automated pipeline used to publish Red Hat Cloud Services packages to npm. Evidence indicates they gained access to the automated pipeline that publishes Red Hat Cloud Services software to npm, allowing them to distribute modified packages through an officially trusted channel. Developers and organisations following standard security practice, only installing software from verified, trusted sources, would have had no reason to suspect these packages.

Systems that installed the affected packages from 1 June onward may have executed hidden malicious code capable of harvesting credentials and transmitting them to the attackers. That code collected a wide range of credentials from the affected machine: access keys for Amazon, Google, and Microsoft cloud services; tokens used in automated software pipelines; passwords stored in cloud-based vaults; and credentials for a range of developer tools. The collected data was then transmitted to the attackers.

Researchers said the malware attempted to disguise its outbound communications by mimicking requests to an Anthropic-related service address, potentially making malicious traffic less conspicuous in network logs. The specific path used does not correspond to any real Anthropic end point, but its appearance in network logs would be inconspicuous at organisations using Anthropic products. Network defenders should treat any automated process contacting that address as a potential indicator of compromise.

The malware also installs persistent background processes that survive system restarts, and embeds hooks into several widely used AI coding assistants and developer tools. Researchers also warned that the malware may delete files if compromised credentials are revoked before the malicious software is fully removed from the affected system. Organisations investigating this incident should remove all traces of the malware before revoking any compromised credentials.

Aikido and JFrog have published a list of affected package versions and recommend treating any system that installed them on or after 1 June 2026 as potentially compromised until investigated.

Why does it matter?

Software supply chain attacks are particularly difficult to defend against because they exploit trusted distribution channels rather than relying on phishing, malware downloads or other forms of user error. In this case, developers and organisations installing software from a verified source could have unknowingly introduced malicious code into their environments.

The incident also highlights growing concerns around the security of software publishing infrastructure. As organisations increasingly depend on open-source components and automated development pipelines, compromises affecting trusted repositories can have far-reaching consequences across cloud environments, development systems and critical digital services.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Hong Kong details rules on online advertisements

Hong Kong’s government has said existing laws cover deceptive online advertisements, including scam-related content, misleading trade practices, and false claims in regulated sectors.

The written reply was issued in the Legislative Council on 3 June in response to a question about pop-up advertisements, programmatic advertising, and AI deepfake scams.

The government said the Trade Descriptions Ordinance prohibits false or misleading descriptions of goods or services, including in advertisements and on online platforms. Traders engaging in bait advertising or other prohibited conduct can face up to five years in prison and a fine of HK$500,000.

The reply also said online advertisements involving deception may fall under the Theft Ordinance. Fraud carries a maximum penalty of 14 years in prison, while obtaining property by deception carries a maximum penalty of 10 years.

Advertisements for specific sectors, including real estate, education, securities, and banking, are also subject to separate laws prohibiting false or misleading claims.

Hong Kong police have been working with online platform operators and conducting regular online patrols. In 2025, police asked social media platforms to remove or review more than 116,000 scam-related pages or accounts.

The government also pointed to Scameter and Scameter+, its scam and pitfall search tools. New features introduced in October 2025 use AI to analyse suspicious website links and web page screenshots reported by the public, and to detect potential scam domain names. Within five months, the tools proactively identified more than 900 fraudulent webpages, while Scameter+ issued more than 320,000 alerts in the first quarter of 2026.

Why does it matter?

The reply shows how Hong Kong is using existing consumer protection, fraud, and sector-specific laws to address online advertising risks, rather than introducing a dedicated online advertising regime for now. The inclusion of AI deepfake scams and AI-assisted Scameter+ detection also highlights how online advertising, platform governance, fraud prevention, and automated enforcement tools are increasingly interconnected.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Hong Kong launches AI-focused cybersecurity initiatives for 2026

Hong Kong’s Digital Policy Office has announced a series of AI-related cybersecurity initiatives for the second half of 2026, following a briefing on cyber resilience and emerging technology risks. The office said it would focus on improving AI security awareness and digital literacy among both organisations and the public.

Planned initiatives include a Secure AI@Work Enablement Campaign, organised with the Hong Kong Internet Registration Corporation, to help enterprises develop secure and compliant AI ecosystems. The Digital Policy Office will also collaborate with industry on an AI x Cybersecurity Challenge focused on AI-powered threat detection, cyber resilience and cybersecurity skills development.

The office said it would continue enterprise support and practical drills, including an enhanced Cybersec One+, the Cybersecurity Service Providers Connect Programme and the third Hong Kong Cybersecurity Attack and Defence Drill. Hong Kong will also consolidate the Cyber Security Summit Hong Kong and the Cybersecurity Symposium into a single Cybersecurity Symposium and Summit in December.

The Cyber Security and Technology Crime Bureau said the volume of cyber threat intelligence related to threats targeting Hong Kong continues to increase. Its Cyber Security Centre analysed more than 330,000 threat intelligence records during the first quarter of 2026, identifying phishing as the most prevalent threat category.

The bureau said it would deepen international law enforcement cooperation, strengthen intelligence sharing with sectors including critical infrastructure, and use AI and big data to improve cyber threat detection, early warning analysis, and incident response. The Hong Kong Police Force and Cyberport have also established the Smart Policing Joint AI Lab to develop technologies for detecting deepfakes and strengthening network defence capabilities.

Why does it matter?

The initiatives reflect growing efforts by governments to address the cybersecurity implications of wider AI adoption. As organisations increasingly integrate AI into business operations, concerns around secure deployment, cyber resilience and workforce readiness are becoming key policy priorities.

The programme also highlights how AI is being used both as a potential source of cyber risk and as a tool for improving threat detection, incident response and cyber defence capabilities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.