Cybersecurity

AI-generated photo falsely claims to show a downed Israeli jet

Following Iranian state media claims that its forces shot down two Israeli fighter jets, an image circulated online falsely purporting to show the wreckage of an F-35.

The photo, which shows a large jet crash-landing in a desert, quickly spread across platforms like Threads and South Korean forums, including Aagag and Ruliweb. An Israeli official dismissed the shootdown claim as ‘fake news’.

The image’s caption in Korean read: ‘The F-35 shot down by Iran. Much bigger than I thought.’ However, a detailed AFP analysis found the photo contained several hallmarks of AI generation.

People near the aircraft appear the same size as buses, and one vehicle appears to merge with the road — visual anomalies common in synthetic images.

In addition to size distortions, the aircraft’s markings did not match those used on actual Israeli F-35s. Lockheed Martin specifications confirm the F-35 is just under 16 metres long, unlike the oversized version shown in the image.

Furthermore, the wing insignia in the image differed from the Israeli Air Force’s authentic emblem.

Amid escalating tensions between Iran and Israel, such misinformation continues to spread rapidly. Although AI-generated content is becoming more sophisticated, inconsistencies in scale, symbols, and composition remain key indicators of digital fabrication.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Massive data leak exposes 16 billion login credentials from Google, Facebook, and more

One of the largest-ever leaks of stolen login data has come to light, exposing more than 16 billion records across widely used services, including Facebook, Google, Telegram, and GitHub. The breach, uncovered by researchers at Cybernews, highlights a growing threat to individuals and organisations.

The exposed data reportedly originated from info stealer malware, previous leaks, and credential-stuffing tools. A total of 30 separate datasets were identified, some containing over 3.5 billion entries.

These were briefly available online due to unsecured cloud storage before being removed. Despite the swift takedown, the data had already been collected and analysed.

Experts have warned that the breach could lead to identity theft, phishing, and account takeovers. Smaller websites and users with poor cybersecurity practices are especially vulnerable. Many users continue to reuse passwords or minor variations of them, increasing the risk of exploitation.

While the leak is severe, users employing two-factor authentication (2FA), password managers, or passkeys are less likely to be affected.

Passkeys, increasingly adopted by companies like Google and Apple, offer a phishing-resistant login method that bypasses the need for passwords altogether.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Iran enforces crypto exchange curfew after Nobitex breach

Iran’s central bank has imposed strict operating hours on domestic crypto exchanges following a massive $100 million hack on Nobitex, the country’s largest digital asset platform. The move comes amid accusations that the incident was politically motivated.

According to blockchain analytics firm Chainalysis, exchanges in Iran are now required to operate between 10 am and 8 pm only. Analysts believe the curfew is aimed at improving monitoring capabilities and limiting capital flight during heightened Iran-Israel hostilities.

Andrew Fierman, head of national security intelligence at Chainalysis, suggested the decision was both a technical response to the hack and a strategic move to maintain tighter control over outflows.

The cyberattack, allegedly orchestrated by pro-Israel group Predatory Sparrow, targeted Nobitex’s internal systems, draining hot wallets of Bitcoin, Ether, Dogecoin, XRP, and Solana.

Cybersecurity experts say the stolen assets were transferred to burner wallets without access keys, effectively destroying them in a rare politically charged crypto burn. Nobitex stated it has isolated its systems and will compensate users using its reserve fund.

Nobitex plays a crucial role in Iran’s crypto economy, having processed over $11 billion in inflows, far outpacing all other domestic exchanges. Chainalysis notes the platform also has ties to sanctioned entities and terrorist-linked groups.

The incident is one in a series of recent cyberattacks on Iranian infrastructure, suggesting a growing digital front in the long-standing Iran-Israel conflict.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI diplomacy enters the spotlight with Gulf region partnerships

In a groundbreaking shift in global diplomacy, recent US-brokered AI partnerships in the Gulf region have propelled AI to the centre of international strategy. As highlighted by Slobodan Kovrlija, this development transforms the Gulf into a key AI hub, alongside the US and China.

Countries like Saudi Arabia, the UAE, and Qatar are investing heavily in AI infrastructure—from quantum computing to sprawling data centres—as part of a calculated effort to integrate more deeply into a US-led technological sphere and counter China’s Digital Silk Road ambitions. That movement is already reshaping global dynamics.

China is racing to deepen its AI alliances with developing nations, while Russia is leveraging the expanded BRICS bloc to build alternative AI systems and promote its AI Code of Ethics. On the other hand, Europe is stepping up efforts to internationalise its ‘human-centric AI’ regulatory approach under the EU AI Act.

These divergent paths underscore how AI capabilities are now as essential to diplomacy as traditional military or economic tools, forming emerging ‘AI blocs’ that may redefine geopolitics for decades. Kovrlija emphasises that AI diplomacy is no longer a theoretical concept but a practical necessity.

Being a technological front-runner now means possessing enhanced diplomatic influence, with partnerships based on AI potentially replacing older alliance models. However, this new terrain also presents serious challenges, such as ensuring ethical standards, data privacy, and equitable access. The Gulf deals, while strategic, also open a space for joint efforts in responsible AI governance.

Why does it matter?

As the era of AI diplomacy dawns, institutions like Diplo are stepping in to prepare diplomats for this rapidly evolving landscape. Kovrlija concludes that understanding and engaging with AI diplomacy is now essential for any nation wishing to maintain its relevance and influence in global affairs.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Episource data breach impacts patients at Sharp Healthcare

Episource, a UnitedHealth Group-owned health analytics firm, has confirmed that patient data was compromised during a ransomware attack earlier this year.

The breach affected customers, including Sharp Healthcare and Sharp Community Medical Group, who have started notifying impacted patients. Although electronic health records and patient portals remained untouched, sensitive data such as health plan details, diagnoses and test results were exposed.

The cyberattack, which occurred between 27 January and 6 February, involved unauthorised access to Episource’s internal systems.

A forensic investigation verified that cybercriminals viewed and copied files containing personal information, including insurance plan data, treatment plans, and medical imaging. Financial details and payment card data, however, were mostly unaffected.

Sharp Healthcare confirmed that it was informed of the breach on 24 April and has since worked closely with Episource to identify which patients were impacted.

Compromised information may include names, addresses, insurance ID numbers, doctors’ names, prescribed medications, and other protected health data.

The breach follows a troubling trend of ransomware attacks targeting healthcare-related businesses, including Change Healthcare in 2024, which disrupted services for months. Comparitech reports at least three confirmed ransomware attacks on healthcare firms already in 2025, with 24 more suspected.

Given the scale of patient data involved, experts warn of growing risks tied to third-party healthcare service providers.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UBS employee data leaked after Chain IQ ransomware attack

UBS Group AG has confirmed a serious data breach affecting around 130,000 of its employees, following a cyberattack on its third-party supplier, Chain IQ Group AG.

The exposed information included employee names, emails, phone numbers, roles, office locations, and preferred languages. No client data has been impacted, according to UBS.

Chain IQ, a procurement services firm spun off from UBS in 2013, was reportedly targeted by the cybercrime group World Leaks, previously known as Hunters International.

Unlike traditional ransomware operators, World Leaks avoids encryption and instead steals data, threatening public release if ransoms are not paid.

While Chain IQ has acknowledged the breach, it has not disclosed the extent of the stolen data or named all affected clients. Notably, companies such as Swiss Life, AXA, FedEx, IBM, KPMG, Swisscom, and Pictet are among its clients—only Pictet has confirmed it was impacted.

Cybersecurity experts warn that the breach may have long-term implications for the Swiss banking sector. Leaked employee data could be exploited for impersonation, fraud, phishing scams, or even blackmail.

The increasing availability of generative AI may further amplify the risks through voice and video impersonation, potentially aiding in money laundering and social engineering attacks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ryuk ransomware hacker extradited to US after arrest in Ukraine

A key member of the infamous Ryuk ransomware gang has been extradited to the US after his arrest in Kyiv, Ukraine.

The 33-year-old man was detained in April 2025 at the request of the FBI and arrived in the US on 18 June to face multiple charges.

The suspect played a critical role within Ryuk by gaining initial access to corporate networks, which he then passed on to accomplices who stole data and launched ransomware attacks.

Ukrainian authorities identified him during a larger investigation into ransomware groups like LockerGoga, Dharma, Hive, and MegaCortex that targeted companies across Europe and North America.

According to Ukraine’s National Police, forensic analysis revealed the man’s responsibility for locating security flaws in enterprise networks.

Information gathered by the hacker allowed others in the gang to infiltrate systems, steal data, and deploy ransomware payloads that disrupted various industries, including healthcare, during the COVID pandemic.

Ryuk operated from 2018 until mid-2020 before rebranding as the notorious Conti gang, which later fractured into several smaller but still active groups. Researchers estimate that Ryuk alone collected over $150 million in ransom payments before shutting down.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI helps Google curb scams and deepfakes in India

Google has introduced its Safety Charter for India to combat rising online fraud, deepfakes and cybersecurity threats. The charter outlines a collaborative plan focused on user safety, responsible AI development and protection of digital infrastructure.

AI-powered measures have already helped Google detect 20 times more scam-related pages, block over 500 million scam messages monthly, and issue 2.5 billion suspicious link warnings. Its ‘Digikavach’ programme has reached over 177 million Indians with fraud prevention tools and awareness campaigns.

Google Pay alone averted financial fraud worth ₹13,000 crore in 2024, while Google Play Protect stopped nearly 6 crore high-risk app installations. These achievements reflect the company’s ‘AI-first, secure-by-design’ strategy for early threat detection and response.

The tech giant is also collaborating with IIT-Madras on post-quantum cryptography and privacy-first technologies. Through language models like Gemini and watermarking initiatives such as SynthID, Google aims to build trust and inclusion across India’s digital ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LACNIC launches regional internet skills program

LACNIC has launched the Research and Development (R&D) Ambassadors Program to improve internet infrastructure in Latin America and the Caribbean. That initiative is designed to identify and support emerging technical leaders who can help address persistent connectivity challenges in the region.

The program focuses on enhancing expertise in areas such as internet measurement, routing, and IPv6, to build stronger local digital ecosystems. The first cohort of ambassadors, presented during LACNIC 43, showcased projects demonstrating strong local involvement, such as the expansion of the RIPE Atlas measurement network in Chile and increased active probes in Bolivia.

The ambassadors actively engaged their communities to promote best practices and build technical skills, fostering collaboration and knowledge sharing at the local level. However, despite these promising initiatives, the program’s long-term effectiveness remains uncertain.

Challenges, such as limited resources and uneven technical expertise across countries, raise questions about whether these efforts can scale or lead to broader improvements in regional connectivity. Sustainability remains a key concern, especially in uneven infrastructure development areas.

Despite challenges, the program is key in promoting digital inclusion in Latin America and the Caribbean, where internet access remains limited. LACNIC’s efforts support global goals to close the digital divide by empowering local leaders and building capacity. Continued investment in infrastructure and skills is essential for lasting impact and regional digital growth.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Orange, AFD, and Proparco unite for inclusive and sustainable digital growth

Orange, AFD Group, and Proparco have signed a three-year agreement to accelerate digital inclusion and promote sustainable development across 20 countries, primarily in Africa and the Middle East. The partnership will focus on deploying high-speed digital infrastructure, including network backbones and submarine cables, to address connectivity gaps in underserved and rural regions.

That initiative responds to stark disparities in internet access, with only 37% of Sub-Saharan Africa connected compared to over 91% in Europe. Beyond infrastructure, the partnership focuses on improving access to essential digital services in key sectors such as agriculture, healthcare, and education, while also promoting financial and energy inclusion to reduce inequalities and empower remote communities.

A major priority is supporting youth and fostering local innovation through programs that provide digital skills training and professional integration opportunities, enabling young people to participate actively in the digital economy. At the same time, the initiative aims to build vibrant entrepreneurship ecosystems so that communities can become creators, not just consumers, of technology.

Environmental sustainability and ethical responsibility are also at the heart of the collaboration, with strong commitments to reducing the digital sector’s ecological footprint and ensuring responsible practices in areas like data use, cybersecurity, and AI. The partnership seeks to embed inclusivity, innovation, and sustainability into the digital transformation process.

That partnership reflects a shared goal of using digital technology to promote equality and sustainable development, focusing on sovereign, innovative, and locally driven digital services.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!