Cybersecurity

Quantum sector surges as Rigetti unveils modular machine

Quantum computing is progressing faster than expected, with Rigetti Computing achieving a major breakthrough. The company reached 99.5% median 2-qubit gate fidelity using a modular 36-qubit system—halving its error rate and moving closer to fault-tolerant computing.

The new machine, built from four 9-qubit chiplets, represents the industry’s largest multichip quantum system. Its modular design addresses the scalability challenges of single-chip models.

Rigetti’s superconducting qubits also outperform rivals by operating at significantly faster speeds.

Plans are in place to launch a 100+-qubit system before the end of 2025. Backing from DARPA, the US Air Force, and the UK government further validates Rigetti’s approach. Partnerships with Nvidia and Quanta Computer add commercial strength.

Despite modest revenue, Rigetti holds $575 million in cash with no debt and owns the sector’s first dedicated quantum chip factory. True commercial quantum advantage is expected between 2026 and 2028.

Shares of Rigetti, along with other quantum computing firms like IonQ and D-Wave, have surged in recent months, outperforming the broader market.

Rigetti offers strong potential—but remains a high-risk pick in a competitive field.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU helps Vietnam prepare for cyber emergencies

The European Union and Vietnam have conducted specialised cyber‑defence training to enhance the resilience of key infrastructure sectors such as power, transportation, telecoms and finance.

Participants, including government officials, network operators and technology experts, engaged in interactive threat-hunting exercises and incident simulation drills designed to equip teams with practical cyber‑response skills.

This effort builds on existing international partnerships, including collaboration with the US Cybersecurity and Infrastructure Security Agency, to align Vietnam’s security posture with global standards.

Vietnam faces an alarming shortfall of more than 700,000 cyber professionals, with over half of organisations reporting at least one breach in recent years.

The training initiative addresses critical skills gaps and contributes to national digital security resilience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trojanised Telegram APKs target Android users with Janus exploit

A large Android malware campaign has been uncovered, distributing trojanised versions of Telegram Messenger via more than 600 malicious domains. The operation uses phishing infrastructure and evasion techniques to deceive users and deliver infected APK files.

Domains exploit typosquatting, with names like ‘teleqram’ and ‘apktelegram’, and mimic Telegram’s website using cloned visuals and QR code redirects. Users are sent to zifeiji[.]asia, which hosts a fake Telegram site offering APK downloads between 60MB and 70MB.

The malware targets Android versions 5.0 to 8.0, exploiting the Janus vulnerability and bypassing security via legacy signature schemes. After installation, it establishes persistent access using socket callbacks, enabling remote control.

It communicates via unencrypted HTTP and FTP, and uses Android’s MediaPlayer component to trigger background activity unnoticed. Once installed, it requests extensive permissions, including access to all locally stored data.

Domains involved include over 300 on .com, with many registered through Gname, suggesting a coordinated and resilient campaign structure.

Researchers also found a JavaScript tracker embedded at telegramt.net, which collects browser and device data and sends it to dszb77[.]com. The goal appears to be user profiling and behavioural analysis.

Experts warn that the campaign’s scale and technical sophistication pose a significant risk to users running outdated Android systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Experts link Qantas data breach to AI voice impersonation

Cybersecurity experts believe criminals may have used AI-generated voice deepfakes to breach Qantas systems, potentially deceiving contact centre staff in Manila. The breach affected nearly six million customers, with links to a group known as Scattered Spider.

Qantas confirmed the breach after detecting suspicious activity on a third-party platform. Stolen data included names, phone numbers, and addresses—but no financial details. The airline has not confirmed whether voice impersonation was involved.

Experts point to Scattered Spiders’ history of using synthetic voices to trick help desk staff into handing over credentials. Former FBI agent Adam Marré said the technique, known as vishing, matches the group’s typical methods and links them to The Com, a cybercrime collective.

Other members of The Com have targeted companies like Salesforce through similar tactics. Qantas reportedly warned contact centre staff shortly before the breach, citing a threat advisory connected to Scattered Spider.

Google and CrowdStrike reported that the group frequently impersonates employees over the phone to bypass multi-factor authentication and reset passwords. The FBI has warned that Scattered Spider is now targeting airlines.

Qantas says its core systems remain secure and has not confirmed receiving a ransom demand. The airline is cooperating with authorities and urging affected customers to watch for scams using their leaked information.

Cybersecurity firm Trend Micro notes that voice deepfakes are now easy to produce, with convincing audio clips available for as little as $5. The deepfakes can mimic language, tone, and emotion, making them powerful tools for deception.

Experts recommend biometric verification, synthetic signal detection, and real-time security challenges to counter deepfakes. Employee training and multi-factor authentication remain essential defences.

Recent global cases illustrate the risk. In one instance, a deepfake mimicking US Senator Marco Rubio attempted to access sensitive systems. Other attacks involved cloned voices of US political figures Joe Biden and Susie Wiles.

As voice content becomes more publicly available, experts warn that anyone sharing audio online could become a target for AI-driven impersonation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

South Korea’s new Science Minister pledges AI-led national transformation

South Korea’s new Science and ICT Minister, Bae Kyung-hoon, has pledged to turn the nation into one of the world’s top three AI powerhouses.

Instead of following outdated methods, Bae outlined a bold national strategy centred on AI, science and technology, aiming to raise Korea’s potential growth rate to 3 per cent and secure a global economic leadership position.

Bae, a leading AI expert and former president of LG AI Research, officially assumed office on Thursday.

Drawing from experience developing hyperscale AI models like LG’s Exaone, he emphasised the need to build a unique competitive advantage rooted in AI transformation, talent development and technological innovation.

Rather than focusing only on industrial growth, Bae’s policy agenda targets a broad AI ecosystem, revitalised research and development, world-class talent nurturing, and addressing issues affecting daily life.

His plans include establishing AI-centred universities, enhancing digital infrastructure, promoting AI semiconductors, restoring grassroots research funding, and expanding consumer rights in telecommunications.

With these strategies, Bae aims to make AI accessible to all citizens instead of limiting it to large corporations or research institutes. His vision is for South Korea to lead in AI development while supporting social equity, cybersecurity, and nationwide innovation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU confirms AI Act rollout and releases GPAI Code of Practice

The European Commission has confirmed it will move forward with the EU AI Act exactly as scheduled, instead of granting delays requested by tech giants and businesses.

On 10 July 2025, it published the final General-Purpose AI (GPAI) Code of Practice alongside FAQs to guide organisations aiming to comply with the new law.

Rather than opting for a more flexible timetable, the Commission is standing firm on its regulatory goals. The GPAI Code of Practice, now in its final form, sets out voluntary but strongly recommended steps for companies that want reduced administrative burdens and clearer legal certainty under the AI Act.

The document covers transparency, copyright, and safety standards for advanced AI models, including a model documentation form for providers.

Key dates have already been set. From 2 August 2025, rules covering notifications, governance, and penalties will come into force. By February 2026, official guidelines on classifying high-risk AI systems are expected.

The remaining parts of the legislation will take effect by August 2026, instead of being postponed further.

With the publication of the GPAI Code of Practice, the EU takes another step towards building a unified ethical framework for AI development and deployment across Europe, focusing on transparency, accountability, and respect for fundamental rights.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US moves to block Chinese tech in undersea Internet cables

The United States is moving to strengthen the security of its digital infrastructure by proposing new regulations on undersea internet cables.

The Federal Communications Commission (FCC) plans to ban the connection of submarine cables to the US if they involve Chinese technology or equipment. It also aims to prohibit companies that are flagged as national security threats, including Huawei and ZTE.

Additionally, the FCC will seek public comments on further measures to protect undersea cable infrastructure, as part of an ongoing review of regulations overseeing the global network of submarine cables that carry 99% of international internet traffic.

These policy moves reflect US concerns over China’s role in internet infrastructure and potential espionage. Since 2020, regulators have blocked multiple cable projects linking the US to Hong Kong due to security risks.

Recent incidents, such as suspected sabotage in the Baltic Sea, Taiwan’s accusations of cable cutting by Chinese vessels, and Houthi-linked damage to cables in the Red Sea, highlight the growing vulnerability of global communications networks.

These steps guard against foreign adversary ownership, cyber threats, and physical sabotage.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Salt Typhoon compromises critical US infrastructure

A US state’s Army National Guard network was thoroughly compromised by the Chinese cyberespionage group Salt Typhoon from March to December 2024. According to a confidential federal memo, hackers extracted highly sensitive information, including administrator credentials, network maps, and interstate communication data, raising alarm over data leaked across all 50 states and four US territories.

Security analysts caution that the breach goes beyond intelligence gathering. With access to National Guard systems, integral to state-level threat response and civilian support, the group is poised to exploit vulnerabilities in critical infrastructure, particularly during crises or conflict.

Salt Typhoon, linked to China’s Ministry of State Security, has a track record of penetrating telecommunications, energy grids, transport systems, and water utilities. Often leveraging known vulnerabilities in Cisco and Palo Alto equipment, the group has exfiltrated over 1,400 network configuration files from more than 70 US critical infrastructure providers.

Federal agencies, including DHS and CISA, are sounding the alarm: this deep infiltration presents a serious national security threat and indicates a strategic shift in cyber warfare. Navigating Sun Typhoon’s persistent access through local and federal networks is now a top priority in defending the critical systems on which communities rely.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU sends warning to crypto platforms over AML risks

The EU’s Anti-Money Laundering Authority (AMLA) has warned that fragmented oversight and inconsistent rules pose significant risks to the bloc’s financial integrity. Chair Bruna Szego urged regulators and crypto firms to prepare for stricter anti-money laundering rules.

The Frankfurt-based agency, now operational, will oversee the enforcement of new EU-wide anti-money laundering regulations. Szego stressed the importance of identifying the beneficial owners of crypto platforms and ensuring they are not linked to criminal networks.

Concerns over inconsistent controls across EU countries and diverging interpretations of MiCA requirements have grown. Crypto firms must be prepared to meet the different standards across all jurisdictions they plan to operate.

From July 2027, crypto platforms will be required to block anonymous wallets and provide authorities with complete, real-time access to account data.

Major firms like Binance have already faced regulatory penalties, with ongoing investigations highlighting the rising pressure on the sector.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Netherlands urges EU to reduce reliance on US cloud providers

The Dutch government has released a policy paper urging the European Union to take coordinated action to reduce its heavy dependence on non-EU cloud providers, especially from the United States.

The document recommends that the European Commission introduce a clearer and harmonized approach at the EU level.

Key proposals include creating a consistent definition of ‘cloud sovereignty,’ adjusting public procurement rules to allow prioritizing sovereignty, promoting open-source technologies and standards, setting up a common European decision-making framework for cloud choices, and ensuring sufficient funding to support the development and deployment of sovereign cloud technologies.

These measures aim to strengthen the EU’s digital independence and protect public administrations from external political or economic pressures.

A recent investigation found that over 20,000 Dutch institutions rely heavily on US cloud services, with Microsoft holding about 60% of the market.

The Dutch government warned this dependence risks national security and fundamental rights. Concerns escalated after Microsoft blocked the ICC prosecutor’s email following US sanctions, sparking political outrage.

In response, the Dutch parliament called for reducing reliance on American providers and urged the government to develop a roadmap to protect digital infrastructure and regain control.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!