Critical infrastructure

EU simplifies digital rules to save billions for companies

The European Commission has unveiled a digital package designed to simplify rules and reduce administrative burdens, allowing businesses to focus on innovation rather than compliance.

An initiative that combines the Digital Omnibus, Data Union Strategy, and European Business Wallet to strengthen competitiveness across the EU while maintaining high standards of fundamental rights, data protection, and safety.

The Digital Omnibus streamlines rules on AI, cybersecurity, and data. Amendments will create innovation-friendly AI regulations, simplify reporting for cybersecurity incidents, harmonise aspects of the GDPR, and modernise cookie rules.

Improved access to data and regulatory guidance will support businesses, particularly SMEs, allowing them to develop AI solutions and scale operations across member states more efficiently.

The Data Union Strategy aims to unlock high-quality data for AI, strengthen Europe’s data sovereignty, and support businesses with legal guidance and strategic measures to ensure fair treatment of the EU data abroad.

Meanwhile, the European Business Wallet will provide a unified digital identity for companies, enabling secure signing, storage, and exchange of documents and communication with public authorities across 27 member states.

By easing administrative procedures, the package could save up to €5 billion by 2029, with the Business Wallet alone offering up to €150 billion in annual savings.

The Commission has launched a public consultation, the Digital Fitness Check, to assess the impact of these rules and guide future steps, ensuring that businesses can grow and innovate instead of being held back by complex regulations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Azure weathers record 15.7 Tbps cloud DDoS attack

According to Microsoft, Azure was hit on 24 October 2025 by a massive multi-vector DDoS attack that peaked at 15.72 terabits per second and unleashed 3.64 billion packets per second on a single endpoint.

The attack was traced to the Aisuru botnet, a Mirai-derived IoT botnet. More than 500,000 unique IP addresses, mostly residential devices, participated in the assault. UDP floods with random ports made the attack particularly potent and harder to spoof.

Azure’s automated DDoS Protection infrastructure handled the traffic surge, filtering out malicious packets in real time and keeping customer workloads online.

From a security-policy viewpoint, this incident underscores how IoT devices continue to fuel some of the biggest cyber threats, and how major cloud platforms must scale defences rapidly to cope.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Europe’s digital sovereignty advances through SAP’s new AI collaborations

SAP has announced new partnerships with Bleu, Capgemini, and Mistral AI to advance Europe’s digital sovereignty. The collaboration combines SAP’s expertise in enterprise software with France’s AI ecosystem to develop secure, scalable, and sovereign cloud solutions for governments and regulated sectors.

Bleu and Delos Cloud have established a Franco-German alliance focused on crisis resilience, creating joint capabilities for early detection, analysis, and remediation of cyber incidents. Their cooperation supports rapid response in extreme scenarios and reinforces control over critical infrastructure.

SAP and Capgemini are expanding their partnership to advance sovereign agentic AI and strengthen cybersecurity across Europe. Their new Sovereign Technology Partnership will deliver data management, cloud services, and automation tools for public and regulated sectors.

SAP and Mistral AI are also deepening their collaboration to create Europe’s first full sovereign AI stack. SAP will offer Mistral’s frontier models through its sovereign AI foundation on SAP BTP, while both companies co-develop industry-specific AI applications designed for engineering and R&D workloads.

These partnerships form part of SAP’s broader sovereign cloud strategy, backed by more than €20bn in investment. SAP states that its aim is to provide a secure, compliant, and locally controlled infrastructure that enables innovation while safeguarding European data, assets, and long-term technological independence.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UNESCO and SAP selected the AI system EDiSON for the Solomon Islands

SAP and UNESCO have agreed to deploy the AI-supported disaster management system EDiSON in the Solomon Islands.

The platform, created by SAP Japan and the start-up INSPIRATION PLUS, utilises the SAP Business Technology Platform with machine learning to merge real-time meteorological information with historical records, rather than relying on isolated datasets.

A system that delivers predictive insights that help authorities act before severe weather strikes. It anticipates terrain damage, guides emergency services towards threatened areas and supports decisions on evacuation orders.

The initiative aims to serve as a model for other small island states facing similar climate-related pressures.

UNESCO officials say the project strengthens early warning capacity and encourages long-term resilience. EDiSON will become operational in 2026 and aims to offer a scalable approach for nations with limited technical resources.

Its performance in Japan has already demonstrated how integrated data management can overcome fragmented information flows and restricted analytical tools.

The design of EDiSON enables governments to adopt advanced disaster preparedness systems instead of relying on costly, bespoke infrastructure. A partnership that seeks to improve national readiness in the Solomon Islands, where earthquakes, tsunamis, cyclones and floods regularly threaten communities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

FCC set to rescind cyber rules after Salt Typhoon hack

The FCC is scheduled this week to vote on rescinding rules imposed in January that required major telecommunications carriers to secure networks from unauthorised access and interception under Section 105 of the Communications Assistance for Law Enforcement Act.

These measures were introduced after the Salt Typhoon cyber-espionage campaign exposed vulnerabilities in US telecom infrastructure.

Current FCC Chair Brendan Carr argues the prior policy exceeded the agency’s legal authority and did not offer flexible or targeted protections. The proposed reversal follows lobbying by major carriers who claim the rules could undermine partnership efforts between public and private sectors.

Lawmakers, including Maria Cantwell, ranking Democrat on the Senate Commerce Committee, have strongly opposed the move. They describe the Salt Typhoon campaign, attributed to Chinese-linked actors targeting numerous US carriers, as one of the most serious telecom breaches in US history, emphasising that loosening these rules could undermine national security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Chrome receives emergency update to fix high-severity zero-day flaw

Google has issued an emergency update to fix the seventh Chrome zero-day exploited in attacks this year. The flaw, tracked as CVE-2025-13223, is caused by a type confusion bug in the browser’s V8 JavaScript engine and was used in the wild before the patch was released.

The company says updates will roll out across the Stable Desktop channel in the coming weeks, though users can install the fix immediately by checking for updates in Chrome’s settings. Google is withholding technical details until most users have upgraded to avoid encouraging further exploitation.

The vulnerability was reported by a member of Google’s Threat Analysis Group and allowed attackers to trigger code execution or browser crashes through malicious HTML pages. It continues a pattern of high-severity zero-days discovered and patched throughout 2025.

Google stresses that prompt updates remain essential, as attackers often target unpatched systems. Automatic updates can help ensure that newly released fixes reach users quickly and reduce exposure to emerging threats.

Security experts also recommend enabling scheduled antivirus scans and using protective features, such as hardened browsers or VPNs. With multiple zero-days already patched this year, analysts say more are likely, and users should keep Chrome’s update settings enabled.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

NVIDIA pushes forward with AI-ready data

Enterprises are facing growing pressure to prepare unstructured data for use in modern AI systems as organisations struggle to turn prototypes into production tools.

Around forty percent of AI projects advance beyond the pilot phase, largely due to limits in data quality and availability. Most organisational information now comes in unstructured form, ranging from emails to video files, which offers little coherence and places a heavy load on governance systems.

AI agents need secure, recent and reliable data instead of fragmented information scattered across multiple storage silos. Preparing such data demands extensive curation, metadata work, semantic chunking and the creation of vector embeddings.

Enterprises also struggle with the rising speed of data creation and the spread of duplicate copies, which increases both operational cost and security concerns.

An emerging approach by NVIDIA, known as the AI data platform, aims to address these challenges by embedding GPU acceleration directly into the data path. The platform prepares and indexes information in place, allowing enterprises to reduce data drift, strengthen governance and avoid unnecessary replication.

Any change to a source document is immediately reflected in the associated AI representations, improving accuracy and consistency for business applications.

NVIDIA is positioning its own AI Data Platform reference design as a next step for enterprise storage. The design combines RTX PRO 6000 Blackwell Server Edition GPUs, BlueField three DPUs and integrated AI processing pipelines.

Leading technology providers including Cisco, Dell Technologies, IBM, HPE, NetApp, Pure Storage and others have adopted the model as they prepare storage systems for broader use of generative AI in the enterprise sector.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Web services recover after Cloudflare restores its network systems

Cloudflare has resolved a technical issue that briefly disrupted access to major platforms, including X, ChatGPT, and Letterboxd. Users had earlier reported internal server error messages linked to Cloudflare’s network, indicating that pages could not be displayed.

The disruption began around midday UK time, with some sites loading intermittently as the problem spread across the company’s infrastructure. Cloudflare confirmed it was investigating an incident affecting multiple customers and issued rolling updates as engineers worked to identify the fault.

Outage tracker Down Detector also experienced difficulties during the incident, later showing a sharp rise in reports once it came back online. The pattern pointed to a broad network-level failure rather than isolated platform issues.

Users saw repeated internal server error warnings asking them to try again, though services began recovering as Cloudflare isolated the cause. The company has not yet released full technical details, but said the fault has been fixed and that systems are stabilising.

Cloudflare provides routing, security, and reliability tools for a wide range of online services, making a single malfunction capable of cascading globally. The company said it would share further information on the incident and steps taken to prevent similar failures.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Misconfigured database triggered global Cloudflare failure, CEO says

Cloudflare says its global outage on 18 November was caused by an internal configuration error, not a cyberattack. CEO Matthew Prince apologised to users after a permissions update to a ClickHouse cluster generated a malformed feature file that caused systems worldwide to crash.

The oversized file exceeded a hard limit in Cloudflare’s routing software, triggering failures across its global edge. Intermittent recoveries during the first hours of the incident led engineers to suspect a possible attack, as the network randomly stabilised when a non-faulty file propagated.

Confusion intensified when Cloudflare’s externally hosted status page briefly became inaccessible, raising fears of coordinated targeting. The root cause was later traced to metadata duplication from an unexpected database source, which doubled the number of machine-learning features in the file.

The outage affected Cloudflare’s CDN, security layers, and ancillary services, including Turnstile, Workers KV, and Access. Some legacy proxies kept limited traffic moving, but bot scores and authentication systems malfunctioned, causing elevated latencies and blocked requests.

Engineers halted the propagation of the faulty file by mid-afternoon and restored a clean version before restarting affected systems. Prince called it Cloudflare’s most serious failure since 2019 and said lessons learned will guide major improvements to the company’s infrastructure resilience.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Google enters a new frontier with Gemini 3

A new phase of its AI strategy has begun for Google with the release of Gemini 3, which arrives as the company’s most advanced model to date.

The new system prioritises deeper reasoning and more subtle multimodal understanding, enabling users to approach difficult ideas with greater clarity instead of relying on repetitive prompting. It marks a major step for Google’s long-term project to integrate stronger intelligence into products used by billions.

Gemini 3 Pro is already available in preview across the Gemini app, AI Mode in Search, AI Studio, Vertex AI and Google’s new development platform known as Antigravity.

A model that performs at the top of major benchmarks in reasoning, mathematics, tool use and multimodal comprehension, offering substantial improvements compared with Gemini 2.5 Pro.

Deep Think mode extends the model’s capabilities even further, reaching new records on demanding academic and AGI-oriented tests, although Google is delaying wider release until additional safety checks conclude.

Users can rely on Gemini 3 to learn complex topics, analyse handwritten material, decode long academic texts or translate lengthy videos into interactive guides instead of navigating separate tools.

Developers benefit from richer interactive interfaces, more autonomous coding agents and the ability to plan tasks over longer horizons.

Google Antigravity enhances this shift by giving agents direct control of the development environment, allowing them to plan, write and validate code independently while remaining under human supervision.

Google emphasises that Gemini 3 is its most extensively evaluated model, supported by independent audits and strengthened protections against manipulation. The system forms the foundation for Google’s next era of agentic, personalised AI and will soon expand with additional models in the Gemini 3 series.

The company expects the new generation to reshape how people learn, build and organise daily tasks instead of depending on fragmented digital services.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!