Cybersecurity

CMC pegs JLR hack at £1.9bn with 5,000 firms affected

JLR’s cyberattack is pegged at £1.9bn, the UK’s costliest on record. Production paused for five weeks from 1 September across Solihull, Halewood, and Wolverhampton. CMC says 5,000 firms were hit, with full recovery expected by January 2026.

JLR is restoring manufacturing in phases and declined to comment on the estimate. UK dealer systems were intermittently down, orders were cancelled or delayed, and suppliers faced uncertainty. More than half of the losses fall on JLR; the remainder hits its supply chain and local economies.

The CMC classed the incident as Category 3 on its five-level scale. Chair Ciaran Martin warned organisations to harden critical networks and plan for disruption. The CMC’s assessment draws on public data, surveys, and interviews rather than on disclosed forensic evidence.

Researchers say costs hinge on the attack type, which JLR has not confirmed. Data theft is faster to recover than ransomware; wiper malware would be worse. A claimed hacker group linked to earlier high-profile breaches is unverified.

The CMC’s estimate excludes any ransom, which could add tens of millions of dollars. Earlier this year, retail hacks at M&S, the Co-op, and Harrods were tagged Category 2. Those were pegged at £270m–£440m, below the £506m cited by some victims.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

USB inventor and Phison CEO warns of an AI storage crunch

Datuk Pua Khein-Seng, inventor of the single-chip USB flash drive and CEO of Phison, warns that AI machines will generate 1,000 times more data than humans. He says the real bottleneck isn’t GPUs but memory, foreshadowing a global storage crunch as AI scales.

Speaking at GITEX Global, Pua outlined Phison’s focus on NAND controllers and systems that can expand effective memory. Adaptive tiering across DRAM and flash, he argues, will ease constraints and cut costs, making AI deployments more attainable beyond elite data centres.

Flash becomes the expansion valve: DRAM stays scarce and expensive, while high-end GPUs are over-credited for AI cost overruns. By intelligently offloading and caching to NAND, cheaper accelerators can still drive useful workloads, widening access to AI capacity.

Cloud centralisation intensifies the risk. With the US and China dominating the AI cloud market, many countries lack the capital and talent to build sovereign stacks. Pua calls for ‘AI blue-collar’ skills to localise open source and tailor systems to real-world applications.

Storage leadership is consolidating in the US, Japan, Korea, and China, with Taiwan rising as a fifth pillar. Hardware strength alone won’t suffice, Pua says; Taiwan must close the AI software gap to capture more value in the data era.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Scouts can now earn AI and cybersecurity badges

In the United States, Scouting America, formerly known as the Boy Scouts, has introduced two new merit badges in AI and cybersecurity. The badges give scouts the opportunity to explore modern technology and understand its applications, while the organisation continues to adapt its programs to a digital era. Scouting America has around a million members and offers hundreds of merit badges across a wide range of skills.

The AI badge challenges scouts to examine AI’s effects on daily life, study deepfakes, and complete projects that demonstrate AI concepts. The cybersecurity badge teaches practical tools to stay safe online, emphasises ethical behaviour, and introduces scouts to a career field with thousands of unfilled positions.

Earlier this year, Scouting America launched Scoutly, an AI-powered chatbot designed to answer questions about the organisation and its merit badges. The initiative is part of Scouting America’s broader effort to modernise its programs and prepare young people for opportunities in an increasingly digital world.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

YouTube launches likeness detection to protect creators from AI misuse

YouTube has expanded its AI safeguards with a new likeness detection system that identifies AI-generated videos imitating creators’ faces or voices. The tool is now available to eligible members of the YouTube Partner Program after a limited pilot phase.

Creators can review detected videos and request their removal under YouTube’s privacy rules or submit copyright claims.

YouTube said the feature aims to protect users from having their image used to promote products or spread misinformation without consent.

The onboarding process requires identity verification through a short selfie video and photo ID. Creators can opt out at any time, with scanning ending within a day of deactivation.

YouTube has backed recent legislative efforts, such as the NO FAKES Act in the US, which targets deceptive AI replicas. The move highlights growing industry concern over deepfake misuse and the protection of digital identity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Netherlands and China in talks to resolve Nexperia dispute

The Dutch Economy Minister has spoken with his Chinese counterpart to ease tensions following the Netherlands’ recent seizure of Nexperia, a major Dutch semiconductor firm.

China, where most of Nexperia’s chips are produced and sold, reacted by blocking exports, creating concern among European carmakers reliant on its components.

Vincent Karremans said he had discussed ‘further steps towards reaching a solution’ with Chinese Minister of Commerce Wang Wentao.

Both sides emphasised the importance of finding an outcome that benefits Nexperia, as well as the Chinese and European economies.

Meanwhile, Nexperia’s China division has begun asserting its independence, telling employees they may reject ‘external instructions’.

The firm remains a subsidiary of Shanghai-listed Wingtech, which has faced growing scrutiny from European regulators over national security and strategic technology supply chains.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta strengthens protection for older adults against online scams

The US giant, Meta, has intensified its campaign against online scams targeting older adults, marking Cybersecurity Awareness Month with new safety tools and global partnerships.

Additionally, Meta said it had detected and disrupted nearly eight million fraudulent accounts on Facebook and Instagram since January, many linked to organised scam centres operating across Asia and the Middle East.

The social media giant is joining the National Elder Fraud Coordination Center in the US, alongside partners including Google, Microsoft and Walmart, to strengthen investigations into large-scale fraud operations.

It is also collaborating with law enforcement and research groups such as Graphika to identify scams involving fake customer service pages, fraudulent financial recovery services and deceptive home renovation schemes.

Meta continues to roll out product updates to improve online safety. WhatsApp now warns users when they share screens with unknown contacts, while Messenger is testing AI-powered scam detection that alerts users to suspicious messages.

Across Facebook, Instagram and WhatsApp, users can activate passkeys and complete a Security Checkup to reinforce account protection.

The company has also partnered with organisations worldwide to raise scam awareness among older adults, from digital literacy workshops in Bangkok to influencer-led safety campaigns across Europe and India.

These efforts form part of Meta’s ongoing drive to protect users through a mix of education, advanced technology and cross-industry cooperation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Nexos.ai raises €30 m to ease enterprise AI adoption

The European startup Nexos.ai, headquartered in Vilnius, Lithuania, has closed a €30 million Series A funding round, co-led by Index Ventures and Evantic Capital, valuing the company at about €300 million (~US $350 million).

Founded by the duo behind cybersecurity unicorn Nord Security (Tomas Okmanas and Eimantas Sabaliauskas), Nexos.ai aims to solve what they describe as the ‘enterprise AI adoption crisis’. In their view, many organisations struggle with governance, cost control, fragmentation and security risks when using large-language models (LLMs).

Nexos.ai’s platform comprises two main components: an AI Workspace for employees and an AI Gateway for developers.

The Gateway offers orchestration across 200+ models, unified access, guardrails, cost monitoring and compliance oversight. The Workspace enables staff to work across formats, compare models and collaborate in a secure interface.

The company’s positioning as a neutral intermediary, likened to ‘Switzerland for LLMs’, underscores its mission to allow enterprises to gain productivity with AI without giving up data control or security.

The new funds will be used to extend support for private model deployment, expand into regulated sectors (finance, public institutions), grow across Europe and North America, and deepen product capabilities in routing, model fallback, and observability.

It’s an illustration of how investors are backing infrastructure plays in the enterprise-AI space: not just building new models, but creating the scaffolding for how organisations adopt, govern and deploy them safely.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Judge bars NSO Group from using spyware to target WhatsApp in landmark ruling

A US federal judge has permanently barred NSO Group, a commercial spyware company, from targeting WhatsApp and, in the same ruling, cut damages owed to Meta from $168 million to $4 million.

The decision by Judge Phyllis Hamilton of the Northern District of California stems from NSO’s 2019 hack of WhatsApp, when the company’s Pegasus spyware targeted 1,400 users through a zero-click exploit. The injunction bans NSO from accessing or assisting access to WhatsApp’s systems, a restriction the firm previously warned could threaten its business model.

An NSO spokesperson said the order ‘will not apply to NSO’s customers, who will continue using the company’s technology to help protect public safety,’ but declined to clarify how that interpretation aligns with the court’s wording. By contrast, Will Cathcart, head of WhatsApp, stated on X that the decision ‘bans spyware maker NSO from ever targeting WhatsApp and our global users again.’

Pegasus has allegedly been used against journalists, activists, and dissidents worldwide. The ruling sets an important precedent for US companies whose platforms have been compromised by commercial surveillance firms.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

ChatGPT to exit WhatsApp after Meta policy change

OpenAI says ChatGPT will leave WhatsApp on 15 January 2026 after Meta’s new rules banning general-purpose AI chatbots on the platform. ChatGPT will remain available on iOS, Android, and the web, the company said.

Users are urged to link their WhatsApp number to a ChatGPT account to preserve history, as WhatsApp doesn’t support chat exports. OpenAI will also let users unlink their phone numbers after linking.

Until now, users could message ChatGPT on WhatsApp to ask questions, search the web, generate images, or talk to the assistant. Similar third-party bots offered comparable features.

Meta quietly updated WhatsApp’s business API to prohibit AI providers from accessing or using it, directly or indirectly. The change effectively forces ChatGPT, Perplexity, Luzia, Poke, and others to shut down their WhatsApp bots.

The move highlights platform risk for AI assistants and shifts demand toward native apps and web. Businesses relying on WhatsApp AI automations will need alternatives that comply with Meta’s policies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Innovation versus risk shapes Australia’s AI debate

Australia’s business leaders were urged to adopt AI now to stay competitive, despite the absence of hard rules, at the AI Leadership Summit in Brisbane. The National AI Centre unveiled revised voluntary guidelines, and Assistant Minister Andrew Charlton said a national AI plan will arrive later this year.

The guidance sets six priorities, from stress-testing and human oversight to clearer accountability, aiming to give boards practical guardrails. Speakers from NVIDIA, OpenAI, and legal and academic circles welcomed direction but pressed for certainty to unlock stalled investment.

Charlton said the plan will focus on economic opportunity, equitable access, and risk mitigation, noting some harms are already banned, including ‘nudify’ apps. He argued Australia will be poorer if it hesitates, and regulators must be ready to address new threats directly.

The debate centred on proportional regulation: too many rules could stifle innovation, said Clayton Utz partner Simon Newcomb, yet delays and ambiguity can also chill projects. A ‘gap analysis’ announced by Treasurer Jim Chalmers will map which risks existing laws already cover.

CyberCX’s Alastair MacGibbon warned that criminals are using AI to deliver sharper phishing attacks and flagged the return of erotic features in some chatbots as an oversight test. His message echoed across panels: move fast with governance, or risk ceding both competitiveness and safety.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!