Amazon is shutting down its AI research lab in Shanghai, marking another step in its gradual withdrawal from China. The move comes amid continuing US–China trade tensions and a broader trend of American tech companies reassessing their presence in the country.
The company said the decision was part of a global streamlining effort rather than a response to AI concerns.
A spokesperson for AWS said the company had reviewed its organisational priorities and decided to cut some roles across certain teams. The exact number of job losses has not been confirmed.
Before Amazon’s confirmation, one of the lab’s senior researchers noted on WeChat that the Shanghai site was the final overseas AWS AI research lab and attributed its closure to shifts in US–China strategy.
The team had built a successful open-source graph neural network framework known as DGL, which reportedly brought in nearly $1 billion in revenue for Amazon’s e-commerce arm.
Amazon has been reducing its footprint in China for several years. It closed its domestic online marketplace in 2019, halted Kindle sales in 2022, and recently laid off AWS staff in the US.
Other tech giants including IBM and Microsoft have also shut down China-based research units this year, while some Chinese AI firms are now relocating operations abroad instead of remaining in a volatile domestic environment.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A cyberattack on the Hong Kong Post has been confirmed. Targeting its EC‑Ship online shipping portal, the attack compromised personal address‑book information for approximately 60,000 to 70,000 users.
The data breach included names, physical addresses, phone and fax numbers, and email addresses of both senders and recipients.
The incident, detected late Sunday into Monday, involved an attacker using a legitimate EC‑Ship account to exploit a code vulnerability. Though the system’s security protocols identified unusual activity and suspended the account, the hacker persisted until the flaw was fully patched.
Affected customers received email alerts and were advised to monitor their information closely and alert contacts of potential phishing attempts.
Hong Kong Post is now collaborating with the Hong Kong Police Force, the Digital Policy Office, and the Office of the Privacy Commissioner. It implements a layered cybersecurity solution managed by the government’s Digital Policy Office.
The Postmaster General emphasised that remediation steps have been taken to close the loophole and pledged ongoing infrastructure improvements. An official investigation is underway to reinforce resilience and safeguard user data.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Millions of Android-based devices have been infected by a new strain of malware called BadBox 2.0, prompting urgent warnings from Google and the FBI. The malicious software can trigger ransomware attacks and collect sensitive user data.
The infected devices are primarily cheap, off-brand products manufactured in China, many of which come preloaded with the malware. Models such as the X88 Pro 10, T95, and QPLOVE Q9 are among those identified as compromised.
Google has launched legal action to shut down the illegal operation, calling BadBox 2.0 the largest botnet linked to internet-connected TVs. The FBI has advised the public to disconnect any suspicious devices and check for unusual network activity.
The malware generates illicit revenue through adware and poses broader cybersecurity threats, including denial-of-service attacks. Consumers are urged to avoid unofficial products and verify devices are Play Protect-certified before use.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Iran’s Minister of Communications has revealed the country’s digital economy shrank by 30% in just one month, losing around $170 million due to internet restrictions imposed during its recent 12-day conflict with Israel.
Sattar Hashemi told parliament on 22 July that roughly 10 million Iranians rely on digital jobs, but widespread shutdowns caused severe disruptions across platforms and services.
Hashemi estimated that every two days of restrictions inflicted 10 trillion rials in losses, totalling 150 trillion rials — an amount he said rivals the annual budgets of entire ministries.
While acknowledging the damage, he clarified that his ministry was not responsible for the shutdowns, attributing them instead to decisions made by intelligence and security agencies for national security reasons.
Alongside the blackouts, Iran endured over 20,000 cyberattacks during the conflict. Many of these targeted banks and payment systems, with platforms for Bank Sepah and Bank Pasargad knocked offline, halting salaries for military personnel.
Hacktivist groups such as Predatory Sparrow and Tapandegan claimed credit for the attacks, with some incidents reportedly wiping out crypto assets and further weakening the rial by 12%.
Lawmakers are now questioning the unequal structure of internet access. Critics have accused the government of enabling a ‘class-based internet’ in which insiders retain full access while the public faces heavy censorship.
MP Salman Es’haghi warned that Iran’s digital future cannot rely on filtered networks, demanding transparency about who benefits from unrestricted use.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Singapore is addressing cyberattacks on its critical information infrastructure attributed to the state-sponsored cyberespionage group UNC3886. On 18 July, Coordinating Minister for National Security K. Shanmugam identified the group as an advanced persistent threat (APT) actor capable of long-term network infiltration to gather intelligence or disrupt essential services. He noted that UNC3886 is currently targeting high-value strategic assets in Singapore but did not name any state sponsor.
Cybersecurity firm Mandiant, which first reported on UNC3886 in 2022, has characterised it as a ‘China-nexus espionage group‘ that has previously targeted organisations in the defence, technology, and telecommunications sectors across the United States and Asia.
In response, the Chinese embassy in Singapore denied any connection to UNC3886. In a statement published over the weekend, it described the allegations as ‘groundless smears and accusations’ and reiterated that China opposes all forms of cyberattacks under its laws. The embassy stated that China does not encourage, support, or condone hacking activities.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A GIS Reports analysis emphasises that as AI systems become pervasive, they create significant global challenges, including surveillance risks, algorithmic bias, cyber vulnerabilities, and environmental pressures.
Unlike legacy regulatory regimes, AI technology blurs the lines among privacy, labour, environmental, security, and human rights domains, demanding a uniquely coordinated governance approach.
The report highlights that leading AI research and infrastructure remain concentrated in advanced economies: over half of general‑purpose AI models originated in the US, exacerbating global inequalities.
Meanwhile, facial recognition or deepfake generators threaten civic trust, amplify disinformation, and even provoke geopolitical incidents if weaponised in defence systems.
The analysis calls for urgent public‑private cooperation and a new regulatory paradigm to address these systemic issues.
Recommendations include forming international expert bodies akin to the IPCC, and creating cohesive governance that bridges labour rights, environmental accountability, and ethical AI frameworks.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
South Korea’s Cyber Operations Command is participating in a US-led multinational cyber exercise this week, the Ministry of National Defence in Seoul announced on Monday.
Seven personnel from the command are taking part in the five-day Cyber Flag exercise, which began in Virginia, United States. This marks South Korea’s fourth participation in the exercise since first joining in 2022.
Launched in 2011, Cyber Flag is an annual exercise designed to enhance cooperation between the United States and its allies, particularly the Five Eyes intelligence alliance, which includes Australia, Canada, New Zealand, the United Kingdom, and the United States. The exercise provides a platform for partner nations to strengthen their collective ability to detect, respond to, and mitigate cyber threats through practical, scenario-based training.
According to the Ministry, Cyber Flag, together with bilateral exercises between South Korean and US cyber commands and the exchange of personnel and technologies, is expected to further advance cooperation between the two countries in the cyber domain.
The Cyber Flag exercise involves the Five Eyes intelligence alliance—comprising the United States, United Kingdom, Australia, Canada, and New Zealand—alongside other partner countries. The program focuses on enhancing collective capabilities to counter cyber threats through practical training.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Exploiting known but unpatched vulnerabilities, attackers gained persistent access to these network devices, potentially enabling further intrusions into core telecom systems.
Affected providers emphasised that only client-owned hardware was breached and confirmed no internal networks were compromised, but the campaign raises deeper concerns.
The European Union and Vietnam have conducted specialised cyber‑defence training to enhance the resilience of key infrastructure sectors such as power, transportation, telecoms and finance.
Participants, including government officials, network operators and technology experts, engaged in interactive threat-hunting exercises and incident simulation drills designed to equip teams with practical cyber‑response skills.
This effort builds on existing international partnerships, including collaboration with the US Cybersecurity and Infrastructure Security Agency, to align Vietnam’s security posture with global standards.
Vietnam faces an alarming shortfall of more than 700,000 cyber professionals, with over half of organisations reporting at least one breach in recent years.
The training initiative addresses critical skills gaps and contributes to national digital security resilience.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A US state’s Army National Guard network was thoroughly compromised by the Chinese cyberespionage group Salt Typhoon from March to December 2024. According to a confidential federal memo, hackers extracted highly sensitive information, including administrator credentials, network maps, and interstate communication data, raising alarm over data leaked across all 50 states and four US territories.
Security analysts caution that the breach goes beyond intelligence gathering. With access to National Guard systems, integral to state-level threat response and civilian support, the group is poised to exploit vulnerabilities in critical infrastructure, particularly during crises or conflict.
Salt Typhoon, linked to China’s Ministry of State Security, has a track record of penetrating telecommunications, energy grids, transport systems, and water utilities. Often leveraging known vulnerabilities in Cisco and Palo Alto equipment, the group has exfiltrated over 1,400 network configuration files from more than 70 US critical infrastructure providers.
Federal agencies, including DHS and CISA, are sounding the alarm: this deep infiltration presents a serious national security threat and indicates a strategic shift in cyber warfare. Navigating Sun Typhoon’s persistent access through local and federal networks is now a top priority in defending the critical systems on which communities rely.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
