Critical infrastructure

New Kimwolf Android botnet linked to a record-breaking DDoS attacks

Cybersecurity researchers have uncovered a rapidly expanding Android botnet known as Kimwolf, which has already compromised approximately 1.8 million devices worldwide.

The malware primarily targets smart TVs, set-top boxes, and tablets connected to residential networks, with infections concentrated in countries including Brazil, India, the US, Argentina, South Africa, and the Philippines.

Analysis by QiAnXin XLab indicates that Kimwolf demonstrates a high degree of operational resilience.

Despite multiple disruptions to its command-and-control infrastructure, the botnet has repeatedly re-emerged with enhanced capabilities, including the adoption of Ethereum Name Service to harden its communications against takedown efforts.

Researchers also identified significant similarities between Kimwolf and AISURU, one of the most powerful botnets observed in recent years. Shared source code, infrastructure, and infection scripts suggest both botnets are operated by the same threat group and have coexisted on large numbers of infected devices.

AISURU has previously drawn attention for launching record-setting distributed denial-of-service attacks, including traffic peaks approaching 30 terabits per second.

The emergence of Kimwolf alongside such activity highlights the growing scale and sophistication of botnet-driven cyber threats targeting global internet infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

PwC automates AI governance with Agent Mode

The global professional services network, PwC, has expanded its Model Edge platform with the launch of Agent Mode, an AI assistant designed to automate governance, compliance and documentation across enterprise AI model lifecycles.

The capability targets the growing administrative burden faced by organisations as AI model portfolios scale and regulatory expectations intensify.

Agent Mode allows users to describe governance tasks in natural language, instead of manually navigating workflows.

A system that executes actions directly within Model Edge, generates leadership-ready documentation and supports common document and reporting formats, significantly reducing routine compliance effort.

PwC estimates weekly time savings of between 20 and 50 percent for governance and model risk teams.

Behind the interface, a secure orchestration engine interprets user intent, verifies role based permissions and selects appropriate large language models based on task complexity. The design ensures governance guardrails remain intact while enabling faster and more consistent oversight.

PwC positions Agent Mode as a step towards fully automated, agent-driven AI governance, enabling organisations to focus expert attention on risk assessment and regulatory judgement instead of process management as enterprise AI adoption accelerates.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI and security trends shape the internet in 2025

Cloudflare released its sixth annual Year in Review, providing a comprehensive snapshot of global Internet trends in 2025. The report highlights rising digital reliance, AI progress, and evolving security threats across Cloudflare’s network and Radar data.

Global Internet traffic rose 19 percent year-on-year, reflecting increased use for personal and professional activities. A key trend was the move from large-scale AI training to continuous AI inference, alongside rapid growth in generative AI platforms.

Google and Meta remained the most popular services, while ChatGPT led in generative AI usage.

Cybersecurity remained a critical concern. Post-quantum encryption now protects 52 percent of Internet traffic, yet record-breaking DDoS attacks underscored rising cyber risks.

Civil society and non-profit organisations were the most targeted sectors for the first time, while government actions caused nearly half of the major Internet outages.

Connectivity varied by region, with Europe leading in speed and quality and Spain ranking highest globally. The report outlines 2025’s Internet challenges and progress, providing insights for governments, businesses, and users aiming for greater resilience and security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Crypto theft soars in 2025 with fewer but bigger attacks

Cryptocurrency theft intensified in 2025, with total stolen funds exceeding $3.4 billion despite fewer large-scale incidents. Losses became increasingly concentrated, with a few major breaches driving most of the annual damage and widening the gap between typical hacks and extreme outliers.

North Korea remained the dominant threat actor, stealing at least $2.02 billion in digital assets during the year, a 51% increase compared with 2024.

Larger thefts were achieved through fewer operations, often relying on insider access, executive impersonation, and long-term infiltration of crypto firms rather than frequent attacks.

Laundering activity linked to North Korean actors followed a distinctive and disciplined pattern. Stolen funds moved in smaller tranches through Chinese-language laundering networks, bridges, and mixing services, usually following a structured 45-day cycle.

Individual wallet attacks surged, impacting tens of thousands of victims, while the total value stolen from personal wallets fell. Decentralised finance remained resilient, with hack losses low despite rising locked capital, indicating stronger security practices.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

DDoS attacks in 2025 become faster and smarter

DDoS attacks in 2025 became short and automated, often ending in minutes with minimal warning. Traditional response times are now insufficient against these high-speed threats.

Attackers increasingly use multiple hosts and blended vectors, including TCP, UDP, DNS, and SYN floods. IoT botnets and residential proxies amplify scale, with global capacity exceeding 250 Tbps.

Algorithmic orchestration allows attacks to adapt and escalate automatically. Even low-tech campaigns remain disruptive to weaker networks, highlighting the need for continuous monitoring.

Defenders must adopt AI-driven, sub-minute mitigation and self-defending architectures. Real-time detection is now essential to maintain uptime and prevent reputational damage.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

New 5G-advanced upgrade boosts UAE connectivity

UAE telecom operator ‘du’ has deployed the country’s first tri-band Radio Remote Unit on the 600MHz spectrum in partnership with Huawei. The rollout marks progress in the UAE’s 5G-Advanced network development.

Improved indoor coverage and faster speeds are delivered through dynamic power sharing and multi-band functionality. The upgrade supports services such as 5G Fixed Wireless Access and Voice over New Radio.

Lower energy consumption and a compact design reduce the environmental footprint of network infrastructure. The deployment aligns with national sustainability goals while improving long-term network efficiency.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Solana withstands massive DDoS pressure

Reports suggest Solana was targeted by a sustained DDoS campaign in mid-December, with peak traffic estimates close to 6 Tbps. Public dashboards showed full uptime and no visible disruption for users.

Recent upgrades appear central to the outcome, as they move spam filtering and prioritisation closer to the network edge. QUIC traffic handling, stake-weighted routing and local fee markets helped limit congestion.

Focus is shifting from outage risks to resilience under pressure. The episode suggests major blockchains are now engineered and attacked like Tier 1 internet infrastructure.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Salesforce expands Stockholm office to advance agentic AI

The San Francisco-based software company Salesforce has opened a significantly expanded office in Stockholm, reinforcing its long-term investment in Sweden and its broader Northern European strategy.

A new location that reflects the growing demand for AI-driven enterprise tools as regional businesses increasingly adopt agent-based technologies across their operations.

Located at Sveavägen 20, the Stockholm office is four times larger than Salesforce’s previous space and has been designed to support hybrid work, collaboration and innovation.

The opening event highlighted the focus of Salesforce on real estate as a strategic enabler for AI transformation, bringing together employees, partners, customers and community organisations.

A launch that also featured the Agentforce Sweden Nonprofit Hackathon, where Swedish charities presented AI agent solutions to improve efficiency and impact.

Majblomman received SEK 150,000 for an autonomous financial aid agent, underlining Salesforce’s ambition to position the Stockholm office as a regional hub for agentic enterprise development and responsible AI adoption.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU approves €1.8 billion clean energy boost through Modernisation Fund

The European Commission and the European Investment Bank have approved €1.8 billion in new clean energy funding under the EU Modernisation Fund, supporting 45 projects across 12 member states.

Portugal receives funding for the first time after becoming eligible in 2024, while total support from the Fund since 2021 has now reached €20.7 billion across 294 investments.

Financed through revenues from the EU Emissions Trading System, the Fund targets high-impact projects that reduce greenhouse gas emissions in energy, industry and transport, while improving energy efficiency and strengthening energy security.

In 2025 alone, total disbursements reached €5.46 billion, with significant allocations directed to Czechia, Poland, Romania and Hungary, alongside support for Greece, Portugal and Slovenia.

All projects approved during 2025 focus on renewable electricity generation, energy storage, grid modernisation and efficiency upgrades in public infrastructure and industry.

The Modernisation Fund plays a central role in supporting national climate plans, reducing dependence on fossil fuel imports and advancing the EU’s Fit for 55 and REPowerEU objectives, with further investment proposals scheduled for early 2026.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Customer trust at risk as retail cyberattacks grow

Retailers face escalating cyber threats as hackers increasingly target customer data, eroding trust and damaging long-term brand value.

Deloitte warns that data breaches and ransomware attacks are becoming more frequent and costly, with some retailers facing losses reaching hundreds of millions, alongside declining consumer confidence.

The expansion of AI-driven personalisation has intensified privacy concerns, as customers weigh convenience against data protection.

While many shoppers accept sharing personal information in exchange for value, confidence depends on clear safeguards, transparent data use and credible security practices across digital channels.

Deloitte argues that leading retailers integrate cybersecurity into their core business strategy, rather than treating it as a compliance obligation.

Priorities include protecting critical digital assets, modernising security operations and building cyber-aware cultures capable of responding to AI-enabled fraud, preserving customer trust and sustaining revenue growth.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!