Cybersecurity

Meta faces fresh EU backlash over Digital Markets Act non-compliance

Meta is again under EU scrutiny after failing to fully comply with the bloc’s Digital Markets Act (DMA), despite a €200 million fine earlier this year.

The European Commission says Meta’s current ‘pay or consent’ model still falls short and could trigger further penalties. A formal warning is expected, with recurring fines likely if the company does not adjust its approach.

The DMA imposes strict rules on major tech platforms to reduce market dominance and protect digital fairness. While Meta claims its model meets legal standards, the Commission says progress has been minimal.

Over the past year, Meta has faced nearly €1 billion in EU fines, including €798 million for linking Facebook Marketplace to its central platform. The new case adds to years of tension over data practices and user consent.

The ‘pay or consent’ model offers users a choice between paying for privacy or accepting targeted ads. Regulators argue this does not meet the threshold for genuine consent and mirrors Meta’s past GDPR tactics.

Privacy advocates have long criticised Meta’s approach, saying users are left with no meaningful alternatives. Internal documents show Meta lobbied against privacy reforms and warned governments about reduced investment.

The Commission now holds greater power under the DMA than it did with GDPR, allowing for faster, centralised enforcement and fines of up to 10% of global turnover.

Apple has already been fined €500 million, and Google is also under investigation. The EU’s rapid action signals a stricter stance on platform accountability. The message for Meta and other tech giants is clear: partial compliance is no longer enough to avoid serious regulatory consequences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Broadcom challenges Nvidia with Tomahawk Ultra AI networking chip

Broadcom has introduced a new networking chip designed to boost AI data centre performance, positioning itself against Nvidia in the AI hardware race.

Called Tomahawk Ultra, the chip helps link hundreds of processors within close range, ensuring fast communication vital for large AI models.

Instead of using Nvidia’s proprietary NVLink system, Broadcom’s Tomahawk Ultra operates on an accelerated version of Ethernet and connects up to four times more chips within a server rack.

The chip acts as a traffic controller, enabling what the industry refers to as ‘scale-up’ computing — where AI models tap into combined computing power from tightly grouped chips.

According to Broadcom senior vice president Ram Velaga, it took engineers around three years to design the Tomahawk Ultra, which was originally aimed at high-performance computing but adapted for AI workloads as demand surged.

Taiwan Semiconductor Manufacturing Company (TSMC) is producing the processors using its five-nanometre process, and the chips are already shipping to customers.

Rather than requiring major hardware overhauls, the Tomahawk Ultra offers a scalable, Ethernet-based alternative for AI firms looking to build faster, more flexible data centres.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China deploys new malware tool for border phone searches

Chinese authorities reportedly use a powerful new malware tool called Massistant to extract data from seized Android phones. Developed by Xiamen Meiya Pico, the tool enables police to access messages, photos, locations, and app data once they have physical access to a device.

Cybersecurity firm Lookout revealed that Massistant operates via a desktop-connected tower, requiring unlocked devices but no advanced hacking techniques. Researchers said affected users include Chinese citizens and international travellers whose phones may be searched at borders.

The malware leaves traces on compromised phones, allowing for post-infection removal, but authorities already have the data by then. Forums in China have shown increasing user complaints about malware following police interactions.

Massistant is seen as the successor to an older tool, MSSocket, with Meiya Pico now controlling 40% of China’s digital forensics market. They previously sanctioned the firm for its surveillance tech links to the Chinese government’s use.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Military-trained hacker brought down in telecom data theft

A former US Army Private admitted in court to a sweeping cybercrime operation targeting major telecom providers AT&T and Verizon between April 2023 and December 2024.

Operating as ‘kiberphant0m,’ he infiltrated at least ten corporate networks, stealing login credentials and sensitive call logs, including those of senior officials.

Prosecutors revealed a sophisticated scheme: the hacker used brute‑force SSH attacks, coordinated with online accomplices via Telegram, and attempted extortion valued at over US$1 million. Stolen call records were posted and sold on dark‑web platforms such as BreachForums.

Wagenius pleaded guilty to charges including wire fraud conspiracy, computer extortion, and aggravated identity theft. He faces a combined sentence of up to 27 years, with his sentencing hearing scheduled for 6 October 2025.

Security analysts note this case highlights the increasing threat of insiders exploiting privileged access and illustrates how even service‑level employees can orchestrate wide‑scale cyber intrusions and extortion campaigns.

It also underscores the strategic role of public-private coordination in dismantling online illicit economies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Europe’s quantum ambitions meet US private power and China’s state drive

Quantum computing could fundamentally reshape technology, using quantum bits (qubits) instead of classical bits. Qubits allow complex calculations beyond classical computing, transforming sectors from pharmaceuticals to defence.

Europe is investing billions in quantum technology, emphasising technological sovereignty. Yet, it competes fiercely with the United States, which enjoys substantial private investment, and China, powered by significant state-backed funding.

The UK began quantum initiatives early, launching the National Quantum Programme 2014. It recently pledged £2.5 billion more, supporting start-ups like Orca Computing and Universal Quantum, alongside nations like Canada, Israel, and Japan.

Europe accounted for eight of the nineteen quantum start-ups established globally in 2024, including IQM Quantum Computers and Pasqal. Despite Europe’s scientific strengths, it only captured 5% of global quantum investments, versus 50% for the US.

The European Commission aims to strengthen quantum capabilities by funding six chip factories and a continent-wide Quantum Skills Academy. However, attracting sufficient private investment remains a significant challenge.

The US quantum industry thrives, driven by giants such as IBM, Google, Microsoft, IonQ, Rigetti, and D-Wave Quantum. Recent breakthroughs include Microsoft’s topological qubit and Google’s Willow quantum chip.

D-Wave Quantum has demonstrated real-world quantum advantages, solving complex optimisation problems in minutes. Its technology is now used commercially in logistics, traffic management, and supply chains.

China, meanwhile, leads in state-driven quantum funding, investing $15 billion directly and managing a $138 billion tech venture fund. By contrast, US federal investment totals about $6 billion, underscoring China’s aggressive approach.

Global investment in quantum start-ups reached $1.25 billion in Q1 2025 alone, reflecting a shift towards practical applications. By 2040, the quantum market is projected to reach $173 billion, influencing global economics and geopolitics.

Quantum computing raises geopolitical concerns, prompting democratic nations to coordinate through bodies like the OECD and G7. Interoperability, trust, and secure infrastructure have become essential strategic considerations.

Europe’s quantum ambitions require sustained investment, standard-setting leadership, and robust supply chains. Its long-term technological independence hinges on moving swiftly beyond initial funding towards genuine strategic autonomy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI Appreciation Day highlights progress and growing concerns

AI is marking another milestone as experts worldwide reflect on its rapid rise during AI Appreciation Day. From reshaping business workflows to transforming customer experiences, AI’s presence is expanding — but so are concerns over its long-term implications.

Industry leaders point to AI’s growing role across sectors. Patrick Harrington from MetaRouter highlights how control over first-party data is now seen as key instead of just processing large datasets.

Vall Herard of Saifr adds that successful AI implementations depend on combining curated data with human oversight rather than relying purely on machine-driven systems.

Meanwhile, Paula Felstead from HBX Group believes AI could significantly enhance travel experiences, though scaling it across entire organisations remains a challenge.

Voice AI is changing industries that depend on customer interaction, according to Natalie Rutgers from Deepgram. Instead of complex interfaces, voice technology is improving communication in restaurants, hospitals, and banks.

At the same time, experts like Ivan Novikov from Wallarm stress the importance of securing AI systems and the APIs connecting them, as these form the backbone of modern AI services.

While some celebrate AI’s advances, others raise caution. SentinelOne’s Ezzeldin Hussein envisions AI becoming a trusted partner through responsible development rather than unchecked growth.

Naomi Buckwalter from Contrast Security warns that AI-generated code could open security gaps instead of fully replacing human engineering, while Geoff Burke from Object First notes that AI-powered cyberattacks are becoming inevitable for businesses unable to keep pace with evolving threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Co-op CEO apologises after cyberattack hits 6.5 million members

Co-op CEO Shirine Khoury-Haq has confirmed that all 6.5 million members had their data stolen during a cyberattack in April.

‘I’m devastated that information was taken,’ Khoury-Haq told BBC Breakfast. ‘It hurt my members; they took their data, and it hurt our customers, whom I take personally.’

The stolen data included names, addresses, and contact details, but no financial or transaction information. Khoury-Haq said the incident felt ‘personal’ due to its impact on Co-op staff, adding that IT teams ‘fought off these criminals’ under immense pressure.

Although the hackers were removed from Co-op’s systems, the stolen information could not be recovered. The company monitored the breach and reported it to the authorities.

Co-op, which operates a membership profit-sharing model, is still working to restore its back-end systems. The financial impact has not been disclosed.

In response, Co-op is partnering with The Hacking Games — a cybersecurity recruitment initiative — to guide young talent towards legal tech careers. A pilot will launch in Co-op Academies Trust schools.

The breach was part of a wider wave of cyberattacks on UK retailers, including Marks & Spencer and Harrods. Four people aged 17 to 20 have been arrested concerning the incidents.

In a related case, Australian airline Qantas also confirmed a recent breach involving its frequent flyer programme. As with Co-op, financial data was not affected, but personal contact information was accessed.

Experts warn of increasingly sophisticated attacks on public and private institutions, calling for stronger digital defences and proactive cybersecurity strategies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Air Serbia suffers deep network compromise in July cyberattack

Air Serbia delayed issuing June payslips after a cyberattack disrupted internal systems, according to internal memos obtained by The Register. A 10 July note told staff: ‘Given the ongoing cyberattacks, for security reasons, we will postpone the distribution of June 2025 payslips.’

The IT department is reportedly working to restore operations, and payslips will be emailed once systems are secure again. Although salaries were paid, staff could not access their payslip PDFs due to the disruption.

HR warned employees not to open suspicious emails, particularly those appearing to contain payslips or that seemed self-addressed. ‘We kindly ask that you act responsibly given the current situation,’ said one memo.

Air Serbia first informed staff about the cyberattack on 4 July, with IT teams warning of possible disruptions to operations. Managers were instructed to activate business continuity plans and adapt workflows accordingly.

By 7 July, all service accounts had been shut down, and staff were subjected to company-wide password resets. Security-scanning software was installed on endpoints, and internet access was restricted to selected airserbia.com pages.

A new VPN client was deployed due to security vulnerabilities, and data centres were shifted to a demilitarised zone. On 11 July, staff were told to leave their PCs locked but running over the weekend for further IT intervention.

An insider told The Register that the attack resulted in a deep compromise of Air Serbia’s Active Directory environment. The source claims the attackers may have gained access in early July, although exact dates remain unclear due to missing logs.

Staff reportedly fear that the breach could have involved personal data, and that the airline may not disclose the incident publicly. According to the insider, attackers had been probing Air Serbia’s exposed endpoints since early 2024.

The airline also faced several DDoS attacks earlier this year, although the latest intrusion appears far more severe. Malware, possibly an infostealer, is suspected in the breach, but no ransom demands had been made as of 15 July.

Infostealers are often used in precursor attacks before ransomware is deployed, security experts warn. Neither Air Serbia nor the government of Serbia responded to media queries by the time of publication.

Air Serbia had a record-breaking year in 2024, carrying 4.4 million passengers — a 6 percent increase over the previous year. Cybersecurity experts recently warned of broader attacks on the aviation industry, with groups such as Scattered Spider under scrutiny.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trump unveils AI economy with $100 billion investment push

Donald Trump revealed during the Pittsburgh, Pennsylvania Energy and Innovation Summit that the US will receive over $100 billion in investments to drive its AI economy and energy infrastructure.

The funding is set to create tens of thousands of jobs across the energy and AI sectors, with Pennsylvania positioned as a central hub.

Trump stated the US is already ‘way ahead of China’ in AI development, adding that staying in the lead will require expanding power production.

Instead of relying solely on renewables, Trump highlighted ‘clean, beautiful coal, oil, and nuclear energy as key pillars supporting AI-related growth.

Westinghouse plans to build several nuclear plants nationwide, while Knighthead Capital will invest $15 billion in North America’s largest natural gas power plant in Homer City, Pennsylvania.

Additionally, Google will revitalise two hydropower facilities within the state, contributing to the broader investment wave. Trump mentioned that 20 major technology and energy firms are preparing further commitments in Pennsylvania, reinforcing its role in what he calls the US ‘AI economy’.

The event, hosted by Senator Dave McCormick at Carnegie Mellon University, also featured discussions with Pennsylvania Governor Josh Shapiro.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Scalable quantum light factory chip unveiled

A milestone in quantum technology was achieved with the world’s first silicon chip that integrates quantum light sources and stabilising control electronics, fabricated using a standard commercial 45 nm semiconductor process. The compact chip, roughly 1 mm square, generates correlated photon pairs, key for secure communication, sensing, and computing, while built-in feedback circuits maintain performance under variable conditions.

Engineers from Northwestern University, Boston University and UC Berkeley collaborated to embed microring resonators, photodiodes, on-chip heaters and control logic, packaging them into a single, scalable system. The result is the first demonstration of a “quantum light factory” chip produced in mass-production foundries, bypassing bulky lab setups and paving the path for widespread deployment.

Researchers believe this advancement marks a crucial step forward. The ability to manufacture quantum photonic systems at scale could lead to secure quantum networks, advanced sensing platforms, and eventually photonic quantum computers. By proving the integration of quantum and classical electronics on shared silicon technologies is possible, the team has opened a new frontier in quantum engineering.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!