Google has warned that hackers are emailing company executives, claiming to have stolen sensitive data from Oracle business applications. The group behind the campaign identifies itself as affiliated with the Cl0p ransomware gang.
In a statement, Google said the attackers target executives at multiple organisations with extortion emails linked to Oracle’s E-Business Suite. The company stated that it lacks sufficient evidence to verify the claims or confirm whether any data has been taken.
Neither Cl0p nor Oracle responded to requests for comment. Google did not provide additional information about the scale or specific campaign targets.
The cl0p ransomware gang has been involved in several high-profile extortion cases, often using claims of data theft to pressure organisations into paying ransoms, even when breaches remain unverified.
Google advised recipients to treat such messages cautiously and report any suspicious emails to security teams while investigations continue.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The US National Institute of Standards and Technology (NIST) has updated its password guidelines, urging organisations to drop strict complexity rules. NIST states that requirements such as mandatory symbols and frequent resets often harm usability without significantly improving security.
Instead, the agency recommends using blocklists for breached or commonly used passwords, implementing hashed storage, and rate limiting to resist brute-force attacks. Multi-factor authentication and password managers are encouraged as additional safeguards.
Password length remains essential. Short strings are easily cracked, but users should be allowed to create longer passphrases. NIST recommends limiting only extremely long passwords that slow down hashing.
The new approach replaces mandatory resets with changes triggered only after suspected compromise, such as a data breach. NIST argues this method reduces fatigue while improving overall account protection.
Businesses adopting these guidelines must audit their existing policies, reconfigure authentication systems, deploy blocklists, and train employees to adapt accordingly. Clear communication of the changes will be key to ensuring compliance.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Researchers have uncovered a phishing toolkit disguised as a PDF attachment to bypass Gmail’s defences. Known as MatrixPDF, the technique blurs document text, embeds prompts, and uses hidden JavaScript to redirect victims to malicious sites.
The method exploits Gmail’s preview function, slipping past filters because the PDF contains no visible links. Users are lured into clicking a fake button to ‘open secure document,’ triggering the attack and fetching malware outside Gmail’s sandbox.
A second variation embeds scripts that connect directly to payload URLs when PDFs are opened in desktop or browser readers. Victims see permission prompts that appear legitimate, but allowing access launches downloads that compromise devices.
Experts warn that PDFs are trusted more than other file types, making this a dangerous evolution of social engineering. Once inside a network, attackers can move laterally, escalate privileges, and plant further malware.
Security leaders recommend restricting personal email access on corporate devices, increasing sandboxing capabilities, and expanding employee training initiatives. Analysts emphasise that awareness and recognition of suspicious files remain crucial in countering this new phishing threat.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Japanese beer maker Asahi Group Holdings has halted production at its main plant following a cyberattack that caused major system failures. Orders, shipments, and call centres were suspended across the company’s domestic operations, affecting most of its 30 breweries in Japan.
Asahi said it is still investigating the cause, believed to be a ransomware infection. The company confirmed there was no external leakage of personal information or employee data, but did not provide a timeline for restoring operations.
The suspension has raised concerns over possible shortages, as beer has limited storage capacity due to freshness requirements. Restaurants and retailers are expected to feel pressure if shipments continue to be disrupted.
The impact has also spread to other beverage companies such as Kirin and Sapporo, which share transport networks. Industry observers warn that supply chain delays could ripple across the food and drinks sectors in Japan.
In South Korea, the effect remains limited for now. Lotte Asahi Liquor, the official importer, declined to comment, but industry officials noted that if the disruption continues, import schedules could also be affected.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Hackers who stole data and images of children from Kido Schools have removed the material from the darknet and claimed to delete it. The group, calling itself Radiant, had demanded a £600,000 Bitcoin ransom, but Kido did not pay.
Radiant initially blurred the photos but kept the data online before later removing all content and issuing an apology. Experts remain sceptical, warning that cybercriminals often claim to delete stolen data while secretly keeping or selling it.
The breach exposed details of around 8,000 children and their families, sparking widespread outrage. Cybersecurity experts described the extortion attempt as a ‘new low’ for hackers and said Radiant likely backtracked due to public pressure.
Radiant said it accessed Kido’s systems by buying entry from an ‘initial access broker’ and then stealing data from accounts linked to Famly, an early years education platform. The Famly told the BBC its infrastructure was not compromised.
Kido confirmed the incident and stated that they are working with external specialists and authorities. With no ransom paid and Radiant abandoning its attempt, the hackers appear to have lost money on the operation.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A global survey commissioned by Yubico suggests that younger workers are more vulnerable to phishing scams than older generations. Gen Z respondents reported the highest level of interaction with phishing messages, with 62 percent admitting they engaged with a scam in the past year.
The study gathered responses from 18,000 employed adults in nine countries, including the UK, US, France, and Japan. In the past twelve months, 44 percent of participants admitted to clicking on or replying to a phishing message.
AI is raising the stakes for cybersecurity. Seventy percent of those surveyed believe phishing has become more effective due to AI, and 78 percent said the attacks seem more sophisticated. More than half could not confidently identify a phishing email when shown one.
Despite growing risks, cyber defences remain patchy. Only 48 percent said their workplace used multi-factor authentication across all services, and 40 percent reported never receiving cybersecurity training from their employer.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Burnout is a significant challenge in the cybersecurity sector, as workers face rising threats and constant pressure to defend organisations. A BBC report highlights how professionals often feel overworked and undervalued, with stress levels leading some to take extended leave.
UK-based surveys reflect growing strain. Membership body ISC2 found that job satisfaction among cybersecurity staff dropped in 2024, with burnout cited as a key issue. Experts say demands have increased while resources remain stretched, leaving staff expected to stay on call around the clock.
Hackers are becoming more aggressive, targeting health services, retailers, and critical national infrastructure. Nation-state actors, including North Korean groups linked to large crypto thefts, are also stepping up activity. These attacks add to the psychological burden on frontline defenders.
Industry figures warn that high turnover risks weakening cyber resilience, especially in junior roles. Initiatives like Cybermindz call for better mental health support, while some argue for protections akin to those for first responders.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Japanese brewing giant Asahi has suffered a cyberattack that triggered a systems failure, disrupting shipping and customer services in Japan. The company stressed that European operations, including the UK, remain unaffected.
Order and shipment processes in its domestic market have been suspended, alongside customer service functions. Asahi apologised to customers and business partners, saying the cause is under investigation and there is no clear timeline for recovery.
The brewer is the largest in Japan, owning global beer brands such as Peroni, Pilsner Urquell, and Grolsch. It operates Fuller’s in the UK, which produces London Pride and Cornish Orchards cider.
Asahi has identified cyberattacks as a key business risk, with concerns over cash flow and brand damage. The incident comes as several major UK companies, including Harrods and Jaguar Land Rover, have also faced recent cyber breaches.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
PayOS and Mastercard have completed the first live agentic payment using a Mastercard Agentic Token, marking a pivotal step for AI-driven commerce. The demonstration, powered by Mastercard Agent Pay, extends the tokenisation infrastructure that already underpins mobile payments and card storage.
The system enables AI agents to initiate payments while enforcing consent, authentication, and fraud checks, thereby forming what Mastercard refers to as the trust layer. It shows how card networks are preparing for agentic transactions to become central to digital commerce.
Mastercard’s Chief Digital Officer, Pablo Fourez, stated that the company is developing a secure and interoperable ecosystem for AI-driven payments, underpinned by tokenized credentials. The framework aims to prepare for a future where the internet itself supports native agentic commerce.
For PayOS, the milestone represents a shift from testing to commercialisation. Chief executive Johnathan McGowan said the company is now onboarding customers and offering tools for fraud prevention, payments risk management, and improved user experiences.
The achievement signals a broader transition as agentic AI moves from pilot to real-world deployment. If security models remain effective, agentic payments could soon differentiate platforms, merchants, and issuers, embedding autonomy into digital transactions.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Hackers have targeted up to two million Cisco devices using a newly disclosed vulnerability in the company’s networking software. The flaw, tracked as CVE-2025-20352, affects all supported versions of Cisco IOS and IOS XE, which power many routers and switches.
Cisco confirmed that attackers have exploited the weakness in the wild, crashing systems, implanting malware, and potentially extracting sensitive data. The campaign builds on previous activity by the same threat group, which has also exploited Cisco Adaptive Security Appliance devices.
Attackers gained access after local administrator credentials were compromised, allowing them to implant malware and execute commands. The company’s Product Security Incident Response Team urged customers to upgrade immediately to fixed software releases to secure their systems.
The Canadian Centre for Cyber Security has warned organisations about sophisticated malware exploiting flaws in outdated Cisco ASA devices, urging immediate patching and stronger defences to protect critical systems.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
