Critical infrastructure

Google Cloud boosts AI security with agentic defence tools

Google Cloud has unveiled a suite of security enhancements at its Security Summit 2025, focusing on protecting AI innovations and empowering cybersecurity teams with AI-driven defence tools.

VP and GM Jon Ramsey highlighted the growing need for specialised safeguards as enterprises deploy AI agents across complex environments.

Central to the announcements is the concept of an ‘agentic security operations centre,’ where AI agents coordinate actions to achieve shared security objectives. It represents a shift from reactive security approaches to proactive, agent-supported strategies.

Google’s platform integrates automated discovery, threat detection, and response mechanisms to streamline security operations and cover gaps in existing infrastructures.

Key innovations include extended protections for AI agents through Model Armour, covering Agentspace prompts and responses to mitigate prompt injection attacks, jailbreaking, and data leakage.

The Alert Investigation agent, available in preview, automates enrichment and analysis of security events while offering actionable recommendations, reducing manual effort and accelerating response times.

Integrating Mandiant threat intelligence feeds and Gemini AI strengthens detection and incident response across agent environments.

Additional tools, such as SecOps Labs and native SOAR dashboards, provide organisations with early access to AI-powered threat detection experiments and comprehensive security visualisation capabilities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Rapper Bot dismantled after 370,000 global cyberattacks

A 22-year-old man from Oregon has been charged with operating one of the most powerful botnets ever uncovered, Rapper Bot.

Federal prosecutors in Alaska said the network was responsible for over 370,000 cyberattacks worldwide since 2021, targeting technology firms, a central social media platform and even a US government system.

The botnet relied on malware that infected everyday devices such as Wi-Fi routers and digital video recorders. Once hijacked, the compromised machines were forced to overwhelm servers with traffic in distributed denial-of-service (DDoS) attacks.

Investigators estimate that Rapper Bot infiltrated as many as 95,000 devices at its peak.

The accused administrator, Ethan Foltz, allegedly ran the network as a DDoS-for-hire service, temporarily charging customers to control its capabilities.

Authorities said its most significant attack generated more than six terabits of data per second, making it among the most destructive DDoS networks. Foltz faces up to 10 years in prison if convicted.

The arrest was carried out under Operation PowerOFF, an international effort to dismantle criminal groups offering DDoS-for-hire services.

US Attorney Michael J. Heyman said the takedown had effectively disrupted a transnational threat, ending Foltz’s role in the sprawling cybercrime operation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Comet browser caught submitting private info in fake shop

Cybersecurity researchers have uncovered a new AI browser exploit that allows attackers to manipulate autonomous systems using fake CAPTCHA checks.

The PromptFix method tricks agentic AI models into executing commands embedded in deceptive web elements invisible to the user.

Guardio Labs demonstrated that the Comet AI browser could be misled into adding items to a cart and auto-filling sensitive data.

Comet completed fake purchases without user confirmation in some tests, raising concerns over AI trust chains and phishing exposure.

Attackers can also exploit AI email agents by embedding malicious links, prompting the system to bypass user review and reveal credentials.

ChatGPT’s Agent Mode showed similar vulnerabilities but confined actions to a sandbox, preventing direct exposure to user systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google urges users to update Chrome after V8 flaw patched

Google has patched a high-severity flaw in its Chrome browser with the release of version 139, addressing vulnerability CVE-2025-9132 in the V8 JavaScript engine.

The out-of-bounds write issue was discovered by Big Sleep AI, a tool built by Google DeepMind and Project Zero to automate vulnerability detection in real-world software.

Chrome 139 updates (Windows/macOS: 139.0.7258.138/.139, Linux: 139.0.7258.138) are now rolling out to users. Google has not confirmed whether the flaw is being actively exploited.

Users are strongly advised to install the latest update to ensure protection, as V8 powers both JavaScript and WebAssembly within Chrome.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Vulnerabilities in municipal software expose sensitive data in Wisconsin

Two critical vulnerabilities have been discovered in an accounting application developed by Workhorse Software and used by more than 300 municipalities in Wisconsin.

The first flaw, CVE-2025-9037, involved SQL server connection credentials stored in plain text within a shared network folder. The second, CVE-2025-9040, allowed backups to be created and restored from the login screen without authentication.

Both issues were disclosed by the CERT Coordination Centre at Carnegie Mellon University following a report from Sparrow IT Solutions. Exploitation could give attackers access to personally identifiable information such as Social Security numbers, financial records and audit logs.

Workhorse has since released version 1.9.4.48019 with security patches, urging municipalities to update their systems immediately. The incident underscores the risks posed by vulnerable software in critical public infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU and Bangladesh strengthen cooperation on cybersecurity and digital economy

The EU has engaged in talks with the Bangladesh Telecommunication Regulatory Commission to strengthen cooperation on data protection, cybersecurity, and the country’s digital economy.

The meeting was led by EU Ambassador Michael Miller and BTRC Chairman Major General (retd) Md Emdad ul Bari.

The EU emphasised safeguarding fundamental rights while encouraging innovation and investment. With opportunities in broadband expansion, 5G deployment, and last-mile connectivity, the EU reaffirmed its commitment to supporting Bangladesh’s vision for a secure and inclusive digital future.

Both parties agreed to deepen collaboration, with the EU offering technical expertise under its Global Gateway strategy to help Bangladesh build a safer and more connected digital landscape.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google sees growing demand for cloud data sovereignty

Google’s Cloud Experience lead Hayete Gallot says developer interest in sovereign cloud solutions is rising sharply amid AI concerns. More clients are asking to control how and where their data is stored, processed, and encrypted within public cloud environments.

Microsoft said it could not guarantee full cloud data sovereignty in July, increasing pressure on rivals to offer stronger protections.

Gallot noted that sovereignty is more than location. Cybersecurity measures such as encryption, ownership, and administrative access are now top priorities for businesses.

On AI, Gallot dismissed fears that assistants will replace developers, saying skills like prompt writing still require critical thinking.

She believes modern developers must adapt, comparing today’s AI tools to learning older languages like Pascal or Fortran.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft and AMD develop new gaming chips

Microsoft plans to equip its next-generation Xbox console with AI-focused hardware, including a dedicated neural processing unit.

Vice President Jason Ronald confirmed that the company is working with AMD to develop chips for gaming consoles, PCs and cloud platforms.

New AI capabilities are expected to transform gameplay and provide developers with tools to create immersive, previously unattainable experiences.

Microsoft’s experimental Xbox Ally X device, developed with ASUS, is already used to test AI integration in real-world scenarios.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Zimbabwe to launch national AI policy by October to boost digital sovereignty

Zimbabwe’s Information and Communication Technology Minister, Tendai Mavetera, revealed the second draft of the National AI Policy during the AI Summit for Africa 2025 in Victoria Falls, hosted by Alpha Media Holdings and AIIA.

Though the policy was not formalised during the summit, Mavetera stated it is expected to be launched by 1 October 2025 at the new Parliament building, with presidential presence anticipated.

The strategy is designed to foster an Africa where AI serves humanity, ensuring connectivity in every village, education access for every child, and opportunity for every young person.

Core features include data sovereignty and secure data storage, with institutions like TelOne expected to host localised solutions, moving away from past practices of storing data abroad.

Speakers at the summit underscored AI’s role in economic and social transformation rather than job displacement; Africa’s investment in AI surpassed US$200 billion in 2024.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Applied Digital unveils $3 billion AI factory in North Dakota

Applied Digital is expanding in North Dakota with Polaris Forge 2, a $3 billion AI factory breaking ground in September 2025. The Harwood site will add 280 megawatts of capacity by 2027, cementing the state’s role in US AI infrastructure.

The project reflects demand and Applied Digital’s push to deliver high-performance compute power at scale. CEO Wes Cummins confirmed strong partner interest, including discussions with a US hyperscaler, and stated that the development will enhance growth and community value.

North Dakota has become a key destination for data centres, with abundant power, land, and a business-friendly climate. Polaris Forge 2 builds on the success of the Ellendale campus, with over 900 acres contracted and energy secured from Cass County Electric Cooperative.

The campus will employ more than 200 staff and contractors upon completion of operations. Governor Kelly Armstrong welcomed the investment, praising Applied Digital’s housing and workforce initiatives in Ellendale as a model for rural innovation and economic resilience.

Commerce Commissioner Chris Schilken said the Harwood site extends that success, reinforcing North Dakota as a hub for sustainable AI infrastructure. Applied Digital sees Polaris Forge 2 as advancing its mission to deliver innovation while driving local development and long-term growth.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.