Cybersecurity

Adaptive Security raises millions to fight AI scams

OpenAI has made its first move into the cybersecurity space by co-leading a US$43 million Series A funding round for New York-based startup Adaptive Security.

The round was also backed by venture capital firm Andreessen Horowitz, highlighting growing investor interest in solutions aimed at tackling AI-driven threats.

Adaptive Security specialises in simulating social engineering attacks powered by AI, such as fake phone calls, text messages, and emails. These simulations are designed to train employees and identify weak points within an organisation’s defences.

With over 100 customers already on board, the platform is proving to be a timely solution as generative AI continues to fuel increasingly convincing cyber scams.

The funding will be used to scale up the company’s engineering team and enhance its platform to meet growing demand.

As AI-powered threats evolve, Adaptive Security aims to stay ahead of the curve by helping organisations better prepare their staff to recognise and respond to sophisticated digital deception.

For more information on these topics, visit diplomacy.edu.

Apple challenges UK government over encrypted iCloud access order

A British court has confirmed that Apple is engaged in legal proceedings against the UK government concerning a statutory notice linked to iCloud account encryption. The Investigatory Powers Tribunal (IPT), which handles cases involving national security and surveillance, disclosed limited information about the case, lifting previous restrictions on its existence.

The dispute centres on a government-issued Technical Capability Notice (TCN), which, according to reports, required Apple to provide access to encrypted iCloud data for users in the UK. Apple subsequently removed the option for end-to-end encryption on iCloud accounts in the region earlier this year. While the company has not officially confirmed the connection, it has consistently stated it does not create backdoors or master keys for its products.

The government’s position has been to neither confirm nor deny the existence of individual notices. However, in a rare public statement, a government spokesperson clarified that TCNs do not grant direct access to data and must be used in conjunction with appropriate warrants and authorisations. The spokesperson also stated that the notices are designed to support existing investigatory powers, not expand them.

The IPT allowed the basic facts of the case to be released following submissions from media outlets, civil society organisations, and members of the United States Congress. These parties argued that public interest considerations justified disclosure of the case’s existence. The tribunal concluded that confirming the identities of the parties and the general subject matter would not compromise national security or the public interest.

Previous public statements by US officials, including the former President and the current Director of National Intelligence, have acknowledged concerns surrounding the TCN process and its implications for international technology companies. In particular, questions have been raised regarding transparency and oversight of such powers.

Legal academics and members of the intelligence community have also commented on the broader implications of government access to encrypted platforms, with some suggesting that increased openness may be necessary to maintain public trust.

The case remains ongoing. Future proceedings will be determined once both parties have reviewed a private judgment issued by the court. The IPT is expected to issue a procedural timetable following input from both Apple and the UK Home Secretary.

For more information on these topics, visit diplomacy.edu.

Hackers exploit ESET vulnerability to deploy malware, Kaspersky warns

A recently disclosed software vulnerability in ESET security products has been identified as a potential vector for discreet malware installation, according to findings published by the cybersecurity company Kaspersky.

Catalogued as CVE-2024-11859, the flaw permits the execution of a malicious dynamic-link library (DLL) by leveraging ESET’s own antivirus scanning process. If exploited, the technique allows unauthorised code to run silently, bypassing standard system warnings and activity logs.

ESET, headquartered in Slovakia, acknowledged the issue in an advisory and issued a software update addressing the flaw. The company assigned it a medium severity rating, with a Common Vulnerability Scoring System (CVSS) score of 6.8 out of 10. ESET further indicated there is no current evidence that the vulnerability has been actively exploited in operational environments.

Kaspersky attributed the technique to a threat actor group known as ToddyCat, which has been observed since 2020 conducting operations against governmental and defence-related targets. While Kaspersky referenced the use of two specific DLLs in its analysis, ESET reported that it had not received samples of the files and could not independently confirm the attribution.

The malicious tool deployed in this case, named TCDSB by researchers, was disguised as a legitimate Windows DLL and designed to evade monitoring tools. The code appears to be a modified variant of EDRSandBlast, a known framework used to circumvent endpoint detection systems.

Modifications introduced in TCDSB are believed to enable interference with operating system components, suppressing alerts typically generated when new processes are initiated or external files loaded. Kaspersky reported multiple instances of the tool but did not identify affected organisations.

While no specific nation-state connection has been confirmed, ToddyCat has previously been associated with activities targeting institutions in Europe and Asia, as well as digital infrastructure in locations such as Taiwan and Vietnam. Some prior research has linked the group to broader cyber-espionage efforts attributed to Chinese interests.

According to ESET, successful use of the CVE-2024-11859 vulnerability requires existing administrative access to the target system, limiting the attack vector to post-compromise scenarios.

Kaspersky noted that the group employs a range of tunnelling techniques for data exfiltration, including abuse of virtual private networks and cloud services, often maintaining multiple exfiltration routes to ensure persistence even when individual channels are disrupted.

For more information on these topics, visit diplomacy.edu.

Minister urges Indian start-ups to shift focus from ice cream to semiconductors

India’s Commerce Minister Piyush Goyal has sparked controversy by questioning whether Indian start-ups should focus on semiconductor chips instead of gluten-free ice creams and food delivery apps.

Speaking at a start-up conference, he compared India’s consumer internet boom unfavourably with China’s advances in robotics and AI, urging entrepreneurs to pursue more ambitious tech innovations instead of safe lifestyle products.

While acknowledging the position of India as the world’s third-largest start-up ecosystem, Goyal faced pushback from founders who argued consumer apps often evolve into tech pioneers.

Quick-commerce CEO Aadit Palicha noted that companies like Amazon began as consumer platforms before revolutionising cloud computing. However, investors admitted deep-tech struggles for funding, with most capital chasing quick-return ventures instead of long-term hardware or AI projects.

The debate highlights India’s innovation crossroads. Despite having 4,000 deep-tech start-ups, projected to reach 10,000 by 2030, they attracted just 5% of 2023 funding instead of China’s 35%.

Experts suggest the government could help by offering tax incentives instead of criticism, and building research bridges between academia and start-ups to compete globally in advanced technologies

For more information on these topics, visit diplomacy.edu.

Trump moves to prop up struggling coal industry

President Trump is set to sign an executive order designating coal as a critical mineral instead of allowing its continued decline in the energy sector.

The order will force some coal-fired power plants slated for closure to remain operational, with the administration citing rising electricity demand from data centres instead of acknowledging coal’s dwindling competitiveness.

Currently, coal generates just 15% of US electricity instead of its 51% share in 2001, having been overtaken by cheaper natural gas and renewables.

Environmental experts warn coal remains the dirtiest energy source instead of cleaner alternatives, releasing harmful pollutants linked to health issues like heart disease and mercury poisoning. While the order may temporarily slow plant closures, analysts note it won’t reverse coal’s decline.

Solar and wind power now undercut operating costs at nearly all US coal plants instead of being more expensive, as was once the case.

The move could have more impact in steelmaking, where coal is still used instead of newer green steel techniques in most production. However, for power generation, renewables can be deployed faster than new coal plants instead of struggling to meet demand.

The order appears to prioritise political symbolism instead of addressing energy market realities, as even existing coal plants struggle to compete with increasingly affordable clean energy alternatives.

For more information on these topics, visit diplomacy.edu.

FBI and INTERPOL investigate Oracle Health data breach

Oracle Health has reportedly suffered a data breach that compromised sensitive patient information stored by American hospitals.

The cyberattack, discovered in February 2025, involved threat actors using stolen customer credentials to access an old Cerner server that had not yet migrated to the Oracle Cloud. Oracle acquired healthcare tech company Cerner in 2022 for $28.3 billion.

In notifications sent to affected customers, Oracle acknowledged that data had been downloaded by unauthorised users. The FBI is said to be investigating the incident and exploring whether ransom demands are involved. Oracle has yet to publicly comment on the breach.

The news comes amid growing cybersecurity concerns. A recent report from Horizon3.ai revealed that over half of IT professionals delay critical software patches, leaving organisations vulnerable. Meanwhile, OpenAI has boosted its bug bounty rewards to encourage more proactive security research.

In a broader crackdown on cybercrime, INTERPOL recently arrested over 300 suspects in seven African countries for online scams, seizing devices, properties, and other assets linked to more than 5,000 victims.

For more information on these topics, visit diplomacy.edu.

Neptune RAT malware targeting Windows users

A highly advanced malware known as Neptune RAT is making waves in the cybersecurity world, posing a major threat to Windows PC users. Labelled by experts as the ‘most advanced RAT ever,’ it is capable of hijacking systems, stealing cryptocurrency, extracting passwords, and even launching ransomware attacks.

According to cybersecurity firm CYFIRMA, Neptune RAT is being distributed via platforms like GitHub, Telegram and YouTube, and is available as malware-as-a-service, allowing virtually anyone to deploy it for a fee.

Neptune RAT’s feature set is alarmingly broad. It includes a crypto clipper that silently redirects cryptocurrency transactions by replacing wallet addresses with those controlled by the attackers.

It also comes with a password-stealing tool that can extract credentials from over 270 applications, including popular browsers like Chrome. Beyond theft, the malware can spy on users in real-time, disable antivirus tools including Windows Defender, and encrypt files for ransom, making it a formidable threat.

Cybersecurity experts are urging users to avoid clicking on unknown links or downloading suspicious files from platforms where the malware is circulating. In extreme cases, Neptune RAT even includes a data-wiping feature, allowing attackers to destroy all data on a compromised system.

Users are advised to stay cautious online and consider identity theft protection plans that offer financial recovery and insurance should a system replacement become necessary.

For more information on these topics, visit diplomacy.edu.

Dangerous WhatsApp desktop bug prompts update

A critical vulnerability has been discovered in WhatsApp Desktop for Windows, potentially allowing attackers to execute malicious code through deceptive file attachments.

Tracked as CVE-2025-30401, the flaw affects all versions prior to 2.2450.6 and poses a high security risk. The issue arises from a mismatch between how WhatsApp displays attachments and how the system opens them, enabling attackers to disguise executable files as harmless media.

When a user opens an attachment from within WhatsApp, the app displays the file based on its MIME type, such as an image. However, Windows opens the file using its extension, which could be malicious, like .exe.

The inconsistency could lead users to unknowingly launch harmful programs by trusting the attachment’s appearance. Security experts warn the exploit is especially dangerous in group chats, where a single malicious file could target several people at once.

Meta, WhatsApp’s parent company, has released version 2.2450.6 to fix the issue and is urging all users to update immediately.

Security researchers have likened the threat to previous vulnerabilities in the app, including one in 2024 that allowed silent execution of scripts. Given the high severity rating and ease of exploitation, users are advised not to delay updating their software.

For more information on these topics, visit diplomacy.edu.

Metro Bank teams up with Ask Silver to fight fraud

Metro Bank has introduced an AI-powered scam detection tool, becoming the first UK bank to offer customers instant scam checks through a simple WhatsApp service.

Developed in partnership with Ask Silver, the Scam Checker allows users to upload images or screenshots of suspicious emails, websites, or documents for rapid analysis and safety advice.

The tool is free for personal and business customers, who receive alerts if the communication is flagged as fraudulent. Ask Silver’s technology not only identifies potential scams but also automatically reports them to relevant authorities.

The company was founded after one of the co-founders’ family members lost £150,000 to a scam, fuelling its mission to prevent similar crimes.

The launch comes amid a surge in impersonation scams across the United Kingdom, with over £1 billion lost to fraud in 2023. Metro Bank’s head of fraud, Baz Thompson, said the tool helps counter tactics that rely on urgency and pressure.

Customers are also reminded that the bank will never request sensitive information or press them to act quickly via emails or texts.

For more information on these topics, visit diplomacy.edu.

Russia fines Telegram over extremist content

A Moscow court has fined the messaging platform Telegram 7 million roubles (approximately $80,000) for failing to remove content allegedly promoting terrorist acts and inciting anti-government protests, according to TASS (Russian state news agency).

The court ruled that Telegram did not comply with legal obligations to take down materials deemed extremist, including calls to sabotage railway systems in support of Ukrainian forces and to overthrow the Russian government.

The judgement cited specific Telegram channels accused of distributing such content. Authorities argue that these channels played a role in encouraging public unrest and potentially supporting hostile actions against the Russian state.

The decision adds to the long-standing tension between Russia’s media watchdogs and Telegram, which remains one of the most widely used messaging platforms across Russia and neighbouring countries.

Telegram has not stated in response to the fine, and it is unclear whether the company plans to challenge the court’s ruling. 

The platform was founded by Russian-born entrepreneur Pavel Durov and is currently headquartered in Dubai, boasting close to a billion users globally. 

Telegram’s decentralised nature and encrypted messaging features have made it popular among users seeking privacy, but it has also drawn criticism from governments citing national security concerns.

Durov himself returned to Dubai in March after months in France following his 2024 arrest linked to accusations that Telegram was used in connection with fraud, money laundering, and the circulation of illegal content.

Although he has denied any wrongdoing, the incident has further strained the company’s relationship with authorities in Russia.

This latest legal action reflects Russia’s ongoing crackdown on digital platforms accused of facilitating dissent or undermining state control.

With geopolitical tensions still high, especially surrounding the conflict in Ukraine, platforms like Telegram face increasing scrutiny and legal pressure in multiple jurisdictions.