Critical infrastructure

AI and quantum computing reshape the global cybersecurity landscape

Cybersecurity risks are increasing as digital connectivity expands across governments, businesses and households.

According to Thales Group, a growing number of connected devices and digital services has significantly expanded the potential entry points for cyberattacks.

AI is reshaping the cybersecurity landscape by enabling attackers to identify vulnerabilities at unprecedented speed.

Security specialists increasingly describe the environment as a contest in which defensive systems must deploy AI to counter adversaries using similar technologies to exploit weaknesses in digital infrastructure.

Security concerns also extend beyond large institutions. Connected devices in homes, including smart cameras and speakers, often lack robust security protections, increasing exposure for individuals and networks.

Policymakers in Europe are responding through measures such as the Cyber Resilience Act, which will introduce mandatory security requirements for connected products sold in the EU.

Long-term risks are also emerging from advances in quantum computing.

Experts warn that powerful future machines could eventually break widely used encryption systems that currently protect communications, financial data and government networks, prompting organisations to adopt quantum-resistant security methods.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Amazon launches Health AI to assist with medical queries

Amazon has launched a new AI-powered assistant, Health AI, on its website and mobile app. The tool is designed to answer health questions, explain medical records, manage prescriptions, and connect users with healthcare providers.

Health AI can also book appointments and guide users based on their health information if they grant access to their records. The feature is currently limited to the US, with a wider rollout planned in the coming weeks.

The assistant is linked with One Medical, Amazon’s healthcare service, allowing users to communicate with licensed professionals through messages, video consultations, or in-person visits. It can also send prescription renewal requests and suggest relevant health products.

Users can create an Amazon Health Profile and enable two-step authentication to start using Health AI. By allowing the AI to access their medical records, including medications, lab results, and diagnoses, users can receive more personalised responses.

Amazon emphasises that Health AI is a support tool rather than a replacement for doctors. It helps users understand health information and prepare for discussions with healthcare providers, but it does not provide independent diagnoses or treatment.

As part of an introductory offer, eligible US Prime members can receive up to five free message consultations with One Medical providers. The system runs on Amazon Bedrock and uses multiple AI agents to manage tasks, monitor interactions, and escalate to human professionals when necessary.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Moltbook founders join Meta’s AI research lab

Meta Platforms has acquired Moltbook, a social networking platform designed for AI agents. The deal brings co-founders Matt Schlicht and Ben Parr into Meta’s AI research division, the Superintelligence Labs, led by Alexandr Wang.

Financial terms of the acquisition were not disclosed, and the founders are expected to start on 16 March.

Moltbook, launched in January, allows AI-powered bots to exchange code and interact socially in a Reddit-like environment. The platform has sparked debate on AI autonomy and real-world capabilities, highlighting growing competition among tech giants for AI talent and technology.

Industry figures have offered differing views on the platform’s significance. OpenAI CEO Sam Altman called Moltbook a potential fad but acknowledged its underlying technology hints at the future of AI agents.

Meanwhile, Anthropic’s chief product officer, Mike Krieger, noted that most users are not ready to grant AI full autonomy over their systems.

The platform’s growth also highlighted security risks. Cybersecurity firm Wiz reported a vulnerability that exposed private messages, email addresses, and credentials, which was resolved after the owners were notified.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Japan expands strategic investment in AI, quantum computing, and drones

Japan has identified dozens of advanced technologies as priority investment targets as part of an economic strategy led by Sanae Takaichi.

The plan aims to channel public and private capital into industries expected to drive long-term economic growth.

Government officials selected 61 technologies and products for support across 17 strategic sectors. The list includes emerging fields such as AI, quantum computing, regenerative medicine and marine drones.

Many of these technologies are still in early development, but are considered important for economic security and global competitiveness.

The strategy forms a central pillar of Takaichi’s broader economic agenda to strengthen Japan’s industrial base and encourage investment in high-growth sectors. Authorities plan to release spending estimates and implementation timelines by summer as part of a detailed investment roadmap.

Japan has also set ambitious market goals in several sectors. Officials aim to secure more than 30% of the global AI robotics market by 2040 while increasing annual sales of domestically produced semiconductors to ¥40 trillion.

Several Japanese technology companies could benefit from the policy direction. Firms such as Fanuc, Yaskawa Electric and Mitsubishi Electric are integrating AI into industrial robots, while Sony Group produces sensors used in robotic systems.

Chipmakers, including Rohm, Kioxia and Renesas Electronics, may also benefit from increased investment in semiconductor manufacturing and related supply chains.

Despite strong investor interest, analysts note uncertainty about how the programme will be financed, particularly as Japan faces rising spending pressures from social security, defence and public debt.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Malicious npm package targets developers with Openclaw impersonation

Security researchers uncovered a malicious npm package impersonating an Openclaw AI installer, designed to infect developer machines with credential-stealing malware.

JFrog Security Research identified the attack in early March 2026 after the package appeared on the npm registry and was downloaded roughly 178 times.

The deceptive package mimics legitimate Openclaw tools and contains ordinary-looking JavaScript files and documentation. Hidden scripts run during installation, displaying a fake command-line interface and a fabricated system prompt that requests the user’s password.

Entering the password grants the malware elevated access and allows it to download an encrypted payload from a remote command server. Once installed, the payload deploys Ghostloader, a remote access trojan that persists on the system and communicates with attacker servers.

Researchers say the malware targets sensitive information, including saved passwords, browser cookies, SSH keys, and cryptocurrency wallet files. Developers are advised to remove the package immediately, rotate credentials, and install software only from verified sources.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

New York moves to ban chatbots from giving legal and medical advice

New York lawmakers are considering legislation that would ban AI chatbots from providing legal or medical advice. The bill aims to stop automated systems from impersonating licensed professionals such as doctors and lawyers.

The proposal would also require chatbot operators to clearly inform users that they are interacting with an AI system. Notices must be prominent, written in the same language as the chatbot, and use a readable font.

A key feature of the bill is a private right of action. However, this would allow users to file civil lawsuits against chatbot owners who violate the law, recovering damages and legal fees. Experts say this enforcement tool strengthens the rules and deters abuse.

Supporters of the legislation argue it protects New Yorkers’ safety, particularly minors. Other bills in the same package would regulate online platforms like Roblox and set standards for generative AI, synthetic content, and the handling of biometric data.

The bill’s author, state Senator Kristen Gonzalez, said AI innovation should not come at the expense of public safety. She pointed to recent cases where AI chatbots were linked to harmful outcomes for minors, highlighting the need for transparency and accountability.

If passed, the law would take effect 90 days after the governor signs it. Lawmakers hope it will balance innovation with user protection, ensuring AI tools are used responsibly and safely across the state.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

GitHub malware campaign uses SEO tricks to steal browser data

Cybersecurity researchers have uncovered a malware campaign spreading through over 100 GitHub repositories disguised as free software tools. Hackers used SEO-heavy descriptions to make their fake repositories appear high in search results, close to legitimate software.

Users searching for popular programs were directed to counterfeit download pages. These pages offered ZIP files containing BoryptGrab, a malware designed to steal data from infected Windows systems. The files were disguised as cracked software, gaming cheats, or utility tools.

The malware collects sensitive information, including browser passwords, cookies, and cryptocurrency wallet details. It can access nine major browsers, including Chrome, Edge, Firefox, Opera, Brave, and Vivaldi, and bypass some security protections.

Certain variants also install additional tools allowing remote access and persistent control over infected machines. However, this enables hackers to run commands, maintain ongoing access, and steal more information without the user’s knowledge.

Trend Micro, the cybersecurity firm that reported the campaign, noted some code and logs suggest a possible Russian origin, though attribution is not confirmed. Experts warn that GitHub and search engine manipulation make this attack method especially dangerous.

Users are advised to download software only from trusted sources and to verify the authenticity of the repository. Organisations should follow security best practices such as software allowlisting, maintaining inventory, and removing unauthorised applications to prevent similar attacks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

The US releases national cyber strategy, prioritising offense and AI

President Donald Trump released his administration’s national cybersecurity strategy, outlining priorities across six policy areas: offensive and defensive cyber operations, federal network security, critical infrastructure protection, regulatory reform, emerging technology leadership, and workforce development. Trump also signed an executive order the same day, directing federal agencies to increase the prosecution of cybercrime and fraud.

The strategy document spans five pages of substantive text, with administration officials describing it as intentionally high-level. The White House stated that more detailed implementation guidance would follow.

The strategy’s six pillars include the following provisions:

Shaping adversary behaviour requires deploying US offensive and defensive cyber capabilities and incentivising private-sector disruption of adversary networks. It also states the administration will “counter the spread of the surveillance state and authoritarian technologies.”

Promoting regulation advocates for reducing compliance requirements characterised as ‘costly checklists’ and addresses liability frameworks — a priority also present in the prior administration’s approach.

Modernising federal networks involves adopting post-quantum cryptography, AI, zero-trust architecture, and reducing procurement barriers for technology vendors.

Securing critical infrastructure emphasises supply chain resilience and preference for domestically produced technology, alongside a role for state, local, tribal, and territorial governments.

Sustaining technological superiority focuses primarily on AI, quantum cryptography, data centre security, and privacy protection.

Building cyber talent commits to removing barriers among industry, academia, government, and the military to develop a skilled cybersecurity workforce. This pillar follows a period in which the administration reduced the number of federal cyber positions.

The accompanying executive order directs the attorney general to prioritise cybercrime prosecution, tasks agencies with reviewing tools to counter international criminal organisations, and assigns the Department of Homeland Security expanded training responsibilities. The strategy itself references cybercrime once.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Promptfoo joins OpenAI to secure AI deployments

OpenAI is acquiring Promptfoo, a platform designed to help enterprises identify and remediate vulnerabilities in AI systems during development. Once finalised, Promptfoo’s technology will be integrated into OpenAI Frontier, OpenAI’s platform for building and managing AI coworkers.

Promptfoo, led by Ian Webster and Michael D’Angelo, provides tools trusted by over a quarter of Fortune 500 companies. Its open-source CLI and library support evaluation and red-teaming of large language model applications.

The acquisition allows OpenAI to enhance both open-source initiatives and enterprise capabilities within Frontier.

Integration will introduce native security and evaluation features into Frontier. Enterprises will gain automated tools to detect risks such as prompt injections, jailbreaks, data leaks, tool misuse, and out-of-policy agent behaviour.

Security testing will be built into development workflows to catch issues early and support safe AI deployment.

Oversight and accountability features will also be strengthened. Integrated reporting and traceability will allow organisations to document testing, monitor changes over time, and meet governance, risk, and compliance requirements.

The acquisition is expected to expand OpenAI’s ability to deliver secure and reliable AI for enterprise applications.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

US government faces lawsuits over Anthropic AI move

Anthropic has launched two lawsuits against the US Department of Defence, disputing its recent designation of the AI firm as a ‘supply chain risk.’ The company claims the move is unlawful and infringes on its First Amendment rights.

The company argues that the government is punishing it for refusing to allow the military to use its AI for domestic surveillance or for fully autonomous weapons.

The lawsuits, filed in California and Washington, DC courts, follow the Pentagon’s unprecedented use of the supply chain risk tool against a US company. The designation requires other government contractors to sever ties with Anthropic, posing a serious threat to its business operations.

The company maintains it remains committed to supporting national security applications of its AI.

The Department of Defence has used anthropic’s AI model Claude in operations targeting Iran. The company says it has worked with the DoD on system adaptations and seeks to continue negotiations while protecting its business and partners.

The firm claims government actions cause harm, though CEO Dario Amodei said the designation’s impact is limited. Anthropic insists judicial review is a necessary step to defend its business and ensure the responsible deployment of its technology.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.