Cybersecurity

Healthcare cybersecurity failures put patient safety at risk, Modat warns

Over 1.2 million internet-connected healthcare devices and systems that expose patient data have been identified in research by Modat. The United States, South Africa, and Australia topped the list, with vulnerable systems including MRI scanners, CT machines, and hospital management platforms.

Using its Modat Magnify platform, the company identified misconfigurations, weak passwords, and unpatched software as common risks. Some devices had no authentication, while others used factory-default passwords such as ‘admin’ or ‘123456’. Sensitive MRI, dental X-ray, and blood test records were accessed.

Modat worked with Health-ISAC and Dutch CERT Z-CERT for responsible disclosure, alerting organisations to secure exposed systems. CEO Soufian El Yadmani said devices should never be open to the internet without safeguards, warning that remote access must be secure.

The research stressed that healthcare cybersecurity is a patient safety issue. Outdated or unprotected devices could enable fraud, extortion, or network breaches. Regular security checks, asset inventories, and monitoring were recommended to reduce risks.

Founded in 2024, Modat uses its Device DNA dataset to catalogue internet-connected devices globally. It aims to help healthcare and other sectors close the gap between rising cyber threats and effective resilience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU member states clash over the future of encrypted private messaging

The ongoing controversy around the EU’s proposed mandatory scanning of private messages has escalated with the European Parliament intensifying pressure on the Council to reach a formal agreement.

A leaked memo reveals that the Parliament threatens to block the extension of the current voluntary scanning rules unless mandatory chat control is agreed upon.

Denmark, leading the EU Council Presidency, has pushed a more stringent version of the so-called Chat Control law that could become binding as soon as 14 October 2025.

While the Parliament argues the law is essential for protecting children online, many legal experts and rights groups warn the proposal still violates fundamental human rights, particularly the right to privacy and secure communication.

The Council’s Legal Service has repeatedly noted that the draft infringes on these rights since it mandates scanning all private communications, undermining end-to-end encryption that most messaging apps rely on.

Some governments, including Germany and Belgium, remain hesitant or opposed, citing these serious concerns.

Supporters like Italy, Spain, and Hungary have openly backed Denmark’s proposal, signalling a shift in political will towards stricter measures. France’s position has also become more favourable, though internal debate continues.

Opponents warn that weakening encryption could open the door to cyber attacks and foreign interference, while proponents emphasise the urgent need to prevent abuse and close loopholes in existing law.

The next Council meeting in September will be critical in shaping the final form of the regulation.

The dispute highlights the persistent tension between digital privacy and security, reflecting broader European challenges in regulating encrypted communications.

As the October deadline approaches, the EU faces a defining moment in balancing child protection with protecting the confidentiality of citizens’ communications.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft Copilot launches GPT-5 Smart Mode for users

Microsoft has upgraded all its Copilot tools with OpenAI’s latest GPT-5 model, now available through a new Smart Mode.

The update brings enhanced speed and better performance across Microsoft 365 Copilot, Azure AI Foundry, GitHub Copilot, and the Windows AI chatbot pre-installed on PCs.

Users can try the Smart Mode via the Copilot website, which can be selected from a model selector below the text input. Notably, a Microsoft account is not required to use this new mode.

The Smart Mode rollout is gradual, and while not yet visible in the Windows Copilot app for everyone, early users have reported that GPT-5 delivers faster and more accurate responses compared to earlier models.

Unlike the free ChatGPT tier that limits queries and switches automatically to older versions after usage caps, Copilot offers fewer restrictions, allowing more extensive use.

Microsoft’s AI Red Team tested GPT-5 thoroughly before release, highlighting its strong safety profile and improved reasoning capabilities.

Microsoft 365 Copilot benefits from GPT-5’s advanced abilities to answer complex questions, maintain coherence over long conversations, assist with email replies, and analyse documents effectively.

GitHub Copilot has also been enhanced with GPT-5, significantly improving reasoning, code quality, and overall user experience. The upgrade positions Microsoft’s AI tools to support developers and professionals across multiple platforms better.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

ShinyHunters breach Google’s Salesforce database

Google has confirmed a data breach during its investigation into the ShinyHunters group, revealing the tech giant was also affected. The attackers accessed a Salesforce database used for storing small business customer information.

The breach exposed business names and contact details during a short window before access was revoked. Google stated no highly sensitive or personal data was compromised.

ShinyHunters used phishing and vishing tactics to trick users into authorising malicious Salesforce apps disguised as legitimate tools. The technique mirrors previous high-profile breaches involving firms like Santander and Ticketmaster.

Google warned the group may escalate operations by launching a data leak site. Organisations are urged to tighten their cybersecurity measures and access controls, train staff and apply multi-factor authentication across all accounts.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

TikTok Shop faces surge in crypto phishing scams

Cybercriminals are increasingly targeting TikTok Shop users through a phishing and malware campaign known as ‘ClickTok‘. The scheme uses fake Meta ads and AI-generated TikTok videos imitating influencers to lure victims to fraudulent domains resembling real sites.

These domains are used to steal credentials and distribute trojanised applications. More than 10,000 fake sites have been identified, luring shoppers with heavily discounted products and urgency tactics such as countdown timers.

Victims are prompted to make payments in Tether, allowing scammers to exploit the irreversible nature of cryptocurrency transactions. The fraudulent storefronts are designed to appear convincing, encouraging rash purchases.

TikTok Shop affiliate members are also being targeted with advance fee scams. Criminals pose as TikTok affiliates on WhatsApp and Telegram, convincing victims to deposit funds into bogus wallets in exchange for fake commission payments.

The report warns that the younger demographic on TikTok, particularly those aged 18 to 34, may be more vulnerable to such schemes. The trend shows scams shifting from Facebook and X to new e-commerce platforms.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Jio reports growth as it ramps up 6G and AI strategy

According to its latest annual report, Reliance Jio plans to lead in 6G and AI, aiming to deliver long-term returns for shareholders. With 191 million users, Jio is the world’s second-largest 5G provider after China.

The company is launching JioBrain, a wide-ranging AI platform for network planning, resource optimisation, and customer service. Jio intends to expand this platform beyond telecoms within India and globally.

Jio is also building a satellite communication platform and partnering with SpaceX to bring Starlink broadband to India. The company stated that it will combine its infrastructure and data with global partners to achieve the lowest AI operating costs globally.

Its JioFiber and JioAirFiber services have reached 18 million and 6 million homes, respectively. The goal is to connect 100 million premises through fibre and fixed wireless access technologies.

Jio has filed over 3,341 patents, including 1,654 in FY25, and now holds 485 patents in 5G and 6G, reportedly the most in India. Its digital services revenue reached ₹154,119 crore with an EBITDA of ₹65,001 crore, driven by mobility tariffs, enterprise demand, and platform expansion.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Visa boosts cyber defence support for clients

Visa has launched a new Cybersecurity Advisory Practice to support businesses in identifying and countering growing cyber risks. The initiative aims to provide practical insights tailored to clients of all sizes.

The practice will be powered by Visa Consulting & Analytics, which brings together a global team of consultants, product specialists and data scientists. Services include training, threat analysis and cybersecurity maturity assessments.

Jeremiah Dewey, a veteran with over 20 years of experience in the field, has been named global head of cyber products. He will lead product development and build strategic partnerships.

Visa says the goal is to offer scalable solutions to both small businesses and large enterprises, enabling them to stay resilient in an evolving digital threat market.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Colorado’s AI law under review amid budget crisis

Colorado lawmakers face a dual challenge as they return to the State Capitol on 21 August for a special session: closing a $1.2 billion budget shortfall and revisiting a pioneering yet controversial law regulating AI.

Senate Bill 24-205, signed into law in May 2024, aims to reduce bias in AI decision-making affecting areas such as lending, insurance, education, and healthcare. While not due for implementation until February 2026, critics and supporters now expect that deadline to be extended.

Representative Brianna Titone, one of the bill’s sponsors, emphasised the importance of transparency and consumer safeguards, warning of the risks associated with unregulated AI. However, unexpected costs have emerged. State agencies estimate implementation could cost up to $5 million, a far cry from the bill’s original fiscal note.

Governor Polis has called for amendments to prevent excessive financial and administrative burdens on state agencies and businesses. The Judicial Department now expects costs to double from initial projections, requiring supplementary budget requests.

Industry concerns centre on data-sharing requirements and vague regulatory definitions. Critics argue the law could erode competitive advantage and stall innovation in the United States. Developers are urging clarity and more time before compliance is enforced.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Hubballi emerges as Infosys’ tech hub with Center for AI, cybersecurity, space

Infosys’ decision to launch a Centre for Advanced AI, Cybersecurity & Space Technology in Hubballi deepens its commitment to transforming North Karnataka into a thriving tech hub. The centre, forming part of the company’s global Living Labs network, signals strategic investment in emerging technologies grounded in regional development.

Over 1,000 employees are now based at Hubballi, where the new Living Lab delivers services across sectors such as manufacturing, healthcare, financial services, and space technology. Strategic ties with local academic institutions like IIIT Dharwad are intended to nurture future-ready talent close to operations.

Local leaders framed the centre as a corrective to past underutilisation concerns and a driver of industry-academia collaboration. By encouraging expansion to other districts, they set the tone for inclusive growth and long-term innovation across North Karnataka.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NVIDIA pushes back against chip backdoor demands

NVIDIA has publicly rejected calls to embed kill switches or backdoors in its AI chips amid growing political pressure. The statement follows proposals from US lawmakers and accusations by Chinese authorities.

Chief Security Officer David Reber Jr. said any such backdoor would endanger global digital infrastructure and open doors for hackers. He reaffirmed NVIDIA’s commitment to fixing vulnerabilities, not creating them.

The controversy arises as the chipmaker navigates strict US export controls while maintaining its foothold in China with the H20 chip. A Chinese agency recently claimed these chips already contain hidden controls.

Reber distinguished transparent, user-controlled tools like remote wipe from covert backdoors, arguing they serve customers without risking the system integrity of the chips.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!