Cybersecurity

Cyber Force proposal gains momentum in Washington

A new commission will begin work next month to explore creating a standalone Cyber Force as a military service. The Centre for Strategic and International Studies leads the effort in collaboration with the Cyber Solarium Commission 2.0.

The study responds to ongoing weaknesses in how the US military organises, trains and equips personnel for cyber operations. These shortcomings have prompted calls for a dedicated force with a focused mission.

The Cyber Force would aim to improve readiness and capability in the digital domain, mirroring the structure of other service branches. Cyber operations are seen as increasingly central to national security.

Details of the commission’s work will emerge in the coming months as discussions shape what such a force might look like.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Venice Film Festival hit by data breach

The Venice Film Festival has confirmed that a cyberattack compromised the personal data of accredited attendees, including journalists and industry members. The breach affected names, contact details, and tax information.

The cybersecurity attackers accessed the festival’s servers on 7 July and copied and stored documents. Festival organisers responded by isolating systems and informing authorities.

Those affected received a formal notification and are encouraged to contact the event’s data protection officer for support or updates.

Despite the breach, the 82nd edition of the festival will proceed as scheduled from 27 August to 9 September in Italy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Security flaw in Dell models affects millions

Millions of Dell laptops faced a serious security risk due to a flaw in a Broadcom chip used for storing sensitive data. Cisco Talos researchers uncovered the vulnerability, which could have allowed attackers to steal passwords and monitor activity.

Dell confirmed over 100 laptop models were impacted, especially those with its ‘ControlVault’ security software used in sensitive industries. A fix has been issued through security patches since March.

No evidence suggests the flaw was exploited, but experts warn users to install updates promptly to avoid exposure. The issue highlights the risks of storing biometrics and credentials directly on devices.

Users are advised to keep security patches current and use reliable antivirus software to help reduce threats from similar vulnerabilities in future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Security concerns mount as Microsoft rolls out NLWeb and MCP

Researchers have discovered a critical security flaw in Microsoft’s new NLWeb protocol, designed to bring ChatGPT-style search to websites and apps. The vulnerability, a simple path traversal bug, allowed remote access to sensitive files, including system configurations and API keys.

Although Microsoft has patched it, the incident raises concerns about security oversight, particularly as NLWeb is being adopted by major partners such as Shopify, Snowflake, and TripAdvisor.

According to The Verge, security researchers Aonan Guan and Lei Wang identified the flaw shortly after NLWeb’s launch, warning that traditional vulnerabilities now have the potential to compromise the ‘brains’ of AI systems themselves.

Microsoft issued a fix on 1 July, but has yet to assign the flaw a CVE, the industry standard for tracking security vulnerabilities, despite pressure from the researchers. Assigning a CVE would raise awareness and allow better monitoring of the issue, even though NLWeb is not yet widely used.

Microsoft is also continuing to roll out native support for the Model Context Protocol (MCP) in Windows, despite recent warnings from security researchers about its potential risks.

The NLWeb vulnerability highlights the need for Microsoft to balance the rapid rollout of new AI carefully features with maintaining security as its top priority.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Chinese nationals accused of bypassing US export controls on AI chips

Two Chinese nationals have been charged in the US with illegally exporting millions of dollars’ worth of advanced Nvidia AI chips to China, violating the export controls.

The Department of Justice (DOJ) said Chuan Geng and Shiwei Yang operated California-based ALX Solutions, which allegedly shipped restricted hardware without the required licences over the past three years.

The DOJ claims that the company exported Nvidia’s H100 and GeForce RTX 4090 graphics processing units to China via transit hubs in Singapore and Malaysia, concealing their ultimate destination.

Payments for the shipments allegedly came from firms in Hong Kong and mainland China, including a $1 million transfer in January 2024.

Court documents state that ALX falsely declared shipments to Singapore-based customers, but US export control officers could not confirm the deliveries.

One 2023 invoice for over $28 million reportedly misrepresented the buyer’s identity. Neither Geng nor Yang had sought export licences from the US Commerce Department.

Yang was arrested on Saturday, and Geng surrendered soon after. Both appeared in a Los Angeles federal court on Monday and could face up to 20 years in prison if convicted.

Nvidia and Super Micro, a supplier, said they comply with all export regulations and will cooperate with authorities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Korea’s LG CNS wins first overseas AI data centre deal in Indonesia

LG CNS has secured a 100 billion won ($72 million) contract to build an AI data centre in Jakarta, a first for a Korean firm in a project of this kind overseas. The centre is expected to be completed by 2026 and will house over 100,000 servers.

The deal was signed through LG Sinar Mas Technology Solutions, a joint venture between Sinar Mas Group of Indonesia and LG of South Korea. Local partner KMG, backed by Korea Investment Real Asset Management, is leading the project to create Indonesia’s largest hyperscale AI data centre.

The 11-storey facility will launch with a power capacity of 30 megawatts, with plans to expand to 220 megawatts in future phases. LG CNS will manage key infrastructure, including electricity, cooling, and telecoms systems, using technologies across the LG Group.

Safety has been a key selling point. The centre will utilise seismic isolation systems to safeguard equipment in earthquake-prone Southeast Asia. Redundant power systems will also ensure continuous operation even during outages.

Southeast Asia is emerging as a cost-effective hub for AI among global technology giants. LG CNS plans to leverage the Jakarta project as a launchpad for expanding into Singapore, Malaysia, and other international markets.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK GP surgery praised for using AI to boost efficiency and patient care

UK Health Minister Karin Smyth praised St George’s Surgery in Weston-super-Mare for utilising AI to enhance efficiency. Serving nearly 14,000 patients, the surgery uses AI to automate note-taking and letter drafting, reducing administrative burdens on staff.

It has been reported that, in June of 2025, St George’s Surgery handled over 9,000 appointments, with more than half booked and held on the same day. As part of the UK’s 10-Year Health Plan, the government stated it aims to expand AI adoption in healthcare, potentially freeing up the capacity of over 2,000 full-time GPs.

Andy Carpenter, Digital Director at Mendip Vale Medical Group, highlighted that AI is helping to manage growing patient demand, increase face-to-face time with GPs, and maintain strong data protection standards. Health Minister Karin Smyth also stressed the need for safe, well-regulated AI in healthcare, noting its practical uses, such as remote monitoring of vaccine fridge temperatures.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Android spyware posing as antivirus

LunaSpy is a new Android spyware campaign disguised as an antivirus or banking protection app. It spreads via messenger links and fake channels, tricking users into installing what appears to be a helpful security tool.

Once installed, the app mimics a real scanner, shows fake threat detections and operates unnoticed. In reality, it monitors everything on the device and sends sensitive data to attackers.

Active since at least February 2025, LunaSpy spreads through hijacked contact accounts and emerging Telegram channels. It poses as legitimate software to build trust before beginning surveillance.

Android users must avoid apps from unofficial links, scrutinise messenger invites, and only install from trusted stores. Reliable antivirus software and cautious permission granting provide essential defence.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Malaysia tackles online scams with AI and new cyber guidelines

Cybercrime involving financial scams continues to rise in Malaysia, with 35,368 cases reported in 2024, a 2.53 per cent increase from the previous year, resulting in losses of RM1.58 billion.

The situation remains severe in 2025, with over 12,000 online scam cases recorded in the first quarter alone, involving fake e-commerce offers, bogus loans, and non-existent investment platforms. Losses during this period reached RM573.7 million.

Instead of waiting for the situation to worsen, the Digital Ministry is rolling out proactive safeguards. These include new AI-related guidelines under development by the Department of Personal Data Protection, scheduled for release by March 2026.

The documents will cover data protection impact assessments, automated decision-making, and privacy-by-design principles.

The ministry has also introduced an official framework for responsible AI use in the public sector, called GPAISA, to ensure ethical compliance and support across government agencies.

Additionally, training initiatives such as AI Untuk Rakyat and MD Workforce aim to equip civil servants and enforcement teams with skills to handle AI and cyber threats.

In partnership with CyberSecurity Malaysia and Universiti Kebangsaan Malaysia, the ministry is also creating an AI-powered application to verify digital images and videos.

Instead of relying solely on manual analysis, the tool will help investigators detect online fraud, identity forgery, and synthetic media more effectively.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Law curbs AI use in mental health services across US state

A new law in a US state has banned the use of AI for delivering mental health care, drawing a firm line between digital tools and licensed professionals. The legislation limits AI systems to administrative tasks such as note-taking and scheduling, explicitly prohibiting them from offering therapy or clinical advice.

The move comes as concerns grow over the use of AI chatbots in sensitive care roles. Lawmakers in the midwestern state of Illinois approved the measure, citing the need to protect residents from potentially harmful or misleading AI-generated responses.

Fines of up to $10,000 may be imposed on companies or individuals who violate the ban. Officials stressed that AI lacks the empathy, accountability and clinical oversight necessary to ensure safe and ethical mental health treatment.

One infamous case saw an AI-powered chatbot suggest drug use to a fictional recovering addict, a warning signal, experts say, of what can go wrong without strict safeguards. The law is named the Wellness and Oversight for Psychological Resources Act.

Other parts of the United States are considering similar steps. Florida’s governor recently described AI as ‘the biggest issue’ facing modern society and pledged new state-level regulations within months.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!