Cybersecurity

Milei cleared of ethics breach over LIBRA token post

Argentina’s Anti-Corruption Office has concluded that President Javier Milei did not violate ethics laws when he published a now-deleted post promoting the LIBRA memecoin. The agency stated the February post was made in a personal capacity and did not constitute an official act.

The ruling clarified that Milei’s X account, where the post appeared, is personally managed and predates his political role. It added that the account identifies him as an economist rather than a public official, meaning the post is protected as a private expression under the constitution.

The investigation had been launched after LIBRA’s price soared and then crashed following Milei’s endorsement, which linked to the token’s contract and a promotional site. Investors reportedly lost millions, and allegations of insider trading surfaced.

Although the Anti-Corruption Office cleared him, a separate federal court investigation remains ongoing, with Milei and his sister’s assets temporarily frozen.

Despite the resolution, the scandal damaged public trust. Milei has maintained he acted in good faith, claiming the aim was to raise awareness of a private initiative to support small Argentine businesses through crypto.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

FBI warns BADBOX 2.0 malware is infecting millions

The FBI has issued a warning about the resurgence of BADBOX 2.0, a dangerous form of malware infecting millions of consumer electronics globally.

Often preloaded onto low-cost smart TVs, streaming boxes, and IoT devices, primarily from China, the malware grants cyber criminals backdoor access, enabling theft, surveillance, and fraud while remaining essentially undetectable.

BADBOX 2.0 forms part of a massive botnet and can also infect devices through malicious apps and drive-by downloads, especially from unofficial Android stores.

Once activated, the malware enables a range of attacks, including click fraud, fake account creation, DDoS attacks, and the theft of one-time passwords and personal data.

Removing the malware is extremely difficult, as it typically requires flashing new firmware, an option unavailable for most of the affected devices.

Users are urged to check their hardware against a published list of compromised models and to avoid sideloading apps or purchasing unverified connected tech.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Kraken warns crypto users to stay alert

Kraken has raised concerns over the lack of basic security awareness among crypto users attending industry events. Kraken’s security team observed unlocked devices, unattended phones, and careless talk of personal wealth at conferences, exposing attendees to potential exploitation.

Head of Security Nick Percoco warned that these behaviours compromise individual assets and the safety of entire projects.

Percoco highlighted how scammers easily blend in by posing as legitimate attendees. Tactics include juice jacking, compromised Wi-Fi networks, and malicious QR codes.

He advised using burner wallets with minimal funds during conferences, locking all devices, and avoiding unsecured public connections.

There has also been a rise in offline threats targeting crypto holders. Kraken observed attendees casually discussing trades while wearing conference badges with full names and company details.

With reports of kidnappings and in-person crypto thefts increasing globally, experts say discretion and strong operational security are more crucial than ever.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU launches global digital strategy

The European Union has launched a sweeping international digital strategy to bolster its global tech leadership and secure a human-centric digital transformation. With the digital and AI revolution reshaping economies and societies worldwide, the EU is positioning itself as a reliable partner in building resilient, open, and secure digital ecosystems.

The strategy prioritises collaboration with international partners to scale digital infrastructure, strengthen cybersecurity, and support emerging technologies like AI, quantum computing, and semiconductors while promoting democratic values and human rights in digital governance. The EU will deepen and expand its global network of Digital Partnerships and Dialogues to remain competitive and secure in a fast-changing geopolitical landscape.

These collaborations focus on research, industrial innovation, regulatory cooperation, and secure supply chains, while engaging countries across Africa, Latin America, Asia, and the EU’s own neighbourhood. The strategy also leverages trade instruments and investment frameworks such as the Global Gateway to support secure 5G and 6G networks, submarine cables, and digital public infrastructure, helping partner countries improve connectivity, resilience, and sustainability.

To enhance global digital governance, the EU is pushing for international standards that uphold privacy, security, and openness, and opposing efforts to fragment the internet. It supports inclusive multilateralism, working through institutions like the UN, G7, and OECD to shape rules for the digital age.

With initiatives ranging from AI safety cooperation and e-signature mutual recognition to safeguarding children online and combating disinformation, the EU aims to set the benchmark for ethical and secure digital transformation. At the heart of this vision is the EU Tech Business Offer—a modular, cross-border platform combining technology, capacity-building, and financing.

Through Team Europe and partnerships with industry, the EU seeks to bridge the digital divide, export trusted digital solutions, and foster an interconnected world aligned with European democratic principles. The strategy underscores that in today’s interconnected world, the EU’s prosperity and security hinge on shaping a digital future that is competitive, inclusive, and values-driven.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S CEO targeted by hackers in abusive ransom email

Marks & Spencer has been directly targeted by a ransomware group calling itself DragonForce, which sent a vulgar and abusive ransom email to CEO Stuart Machin using a compromised employee email address.

The message, laced with offensive language and racist terms, demanded that Machin engage via a darknet portal to negotiate payment. It also claimed that the hackers had encrypted the company’s servers and stolen customer data, a claim M&S eventually acknowledged weeks later.

The email, dated 23 April, appears to have been sent from the account of an Indian IT worker employed by Tata Consultancy Services (TCS), a long-standing M&S tech partner.

TCS has denied involvement and stated that its systems were not the source of the breach. M&S has remained silent publicly, neither confirming the full scope of the attack nor disclosing whether a ransom was paid.

The cyber attack has caused major disruption, costing M&S an estimated £300 million and halting online orders for over six weeks.

DragonForce has also claimed responsibility for a simultaneous attack on the Co-op, which left some shelves empty for days. While nothing has yet appeared on DragonForce’s leak site, the group claims it will publish stolen information soon.

Investigators believe DragonForce operates as a ransomware-as-a-service collective, offering tools and platforms to cybercriminals in exchange for a 20% share of any ransom.

Some experts suspect the real perpetrators may be young hackers from the West, linked to a loosely organised online community called Scattered Spider. The UK’s National Crime Agency has confirmed it is focusing on the group as part of its inquiry into the recent retail hacks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Apple sues European Commission over DMA interoperability ruling

Apple is mounting a legal challenge against the European Commission after being ordered to open up its tightly controlled ecosystem to rival companies under the Digital Markets Act (DMA).

The tech giant filed its appeal with the EU’s General Court, claiming the decision would undermine user privacy and harm innovation.

The dispute centres on a March ruling by the Commission following months of dialogue, which concluded that Apple must guarantee interoperability—a requirement that would allow third-party developers to connect non-Apple products, such as smartwatches and headphones, to iPhones and iPads.

Apple has pushed back strongly, arguing that the mandate is ‘unreasonable, costly and stifles innovation.’ A company spokesperson said the move would benefit what Apple describes as ‘data-hungry companies’ like Meta and Samsung, who could gain access to users’ most sensitive data through third-party connections.

Since December 2024, the European Commission has been pressing Apple to make its ecosystem more open to promote competition across the digital sector. However, Apple maintains that complying with the order would compromise the company’s privacy-first approach and violate its data protection standards.

The Commission, meanwhile, insists the measures are proportionate and fully aligned with the EU’s stringent privacy and security framework. It argues that the order would not strip Apple of control over its devices, but rather enable fairer access for other tech players while keeping user protections intact.

The case is set to become a major test of how far the EU can push tech giants to comply with the Digital Markets Act, which was designed to curb the dominance of so-called ‘gatekeepers’ in digital markets.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google warns users to switch to passkeys after new phishing attacks

Google is once again urging users to upgrade their account security by moving away from password-only access, as cyber scams grow increasingly sophisticated.

The warning follows an attempted phishing attack on Instagram boss Adam Mosseri, who revealed he had been targeted by a convincing scam involving a fake Google phone call and a seemingly legitimate email prompting him to change his password.

Though Google quickly traced and suspended the accounts involved, the incident highlights the evolving nature of online threats. The company has reiterated that it never contacts users by phone or email about password changes or account issues. Any such message should be considered a scam.

In response, Google is encouraging users to adopt stronger security methods, such as Passkeys—a login system that replaces passwords with biometric authentication via a trusted device like a smartphone. This can include fingerprint recognition, facial scan, or the phone’s screen lock.

The tech giant also recommends using two-factor authentication (2FA), but advises against relying on SMS codes or email-based verification, which can be intercepted. Instead, users should opt for an authentication app or use Passkeys for greater protection.

With scams becoming more difficult to detect, Google’s message is clear: take proactive steps to secure your account. Users who receive suspicious communication claiming to be from Google are advised to avoid engaging and verify concerns through Google’s official support channels.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI and India plan AI infrastructure push

OpenAI is in discussions with the Indian government to collaborate on data centre infrastructure as part of its new global initiative, ‘OpenAI for Countries’.

The programme aims to help partner nations expand AI capabilities through joint investment and strategic coordination with the US. India could become one of the ten initial countries in the effort, although specific terms remain under wraps.

During a visit to Delhi, OpenAI’s chief strategy officer Jason Kwon emphasised India’s potential, citing the government’s clear focus on infrastructure and AI talent.

Similar to the UAE’s recently announced Stargate project in Abu Dhabi, India may host large-scale AI computing infrastructure while also investing in the US under the same framework.

To nurture AI skills, OpenAI and the Ministry of Electronics and IT’s IndiaAI Mission launched the ‘OpenAI Academy’. It marks OpenAI’s first international rollout of its educational platform.

The partnership will provide free access to AI tools, developer training, and events, with content in English, Hindi, and four additional regional languages. It will also support government officials and startups through dedicated learning platforms.

The collaboration includes hackathons, workshops in six cities, and up to $100,000 in API credits for selected IndiaAI fellows and startups. The aim is to accelerate innovation and help Indian developers and researchers scale AI solutions more efficiently, according to IT Minister Ashwini Vaishnaw.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Gmail accounts at risk as attacks rise

Google has urged Gmail users to upgrade their account security after revealing that over 60% have been targeted by cyberattacks. Despite the increasing threat, most people still rely on outdated protections like passwords and SMS-based two-factor authentication.

Google is now pushing users to adopt passkeys and social sign-ins to improve their defences. Passkeys offer phishing-resistant access and use biometric methods such as fingerprint or facial recognition tied to a user’s device, removing the need for traditional passwords.

While digitally savvy Gen Z users are more likely to adopt these new methods, but many still reuse passwords, leaving their accounts exposed to breaches and scams. Google emphasised that passwords are both insecure and inconvenient and called on users to switch to tools that offer stronger protection.

Microsoft, meanwhile, has gone even further by encouraging users to eliminate passwords entirely. Google’s long-term goal is to simplify sign-ins while increasing security across its platforms.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Europe gets new cybersecurity support from Microsoft

Microsoft has launched a free cybersecurity initiative for European governments aimed at countering increasingly sophisticated cyber threats powered by AI. Company President Brad Smith said Europe would benefit from tools already developed and deployed in the US.

The programme is designed to identify and disrupt AI-driven threats, including deepfakes and disinformation campaigns, which have previously been used to target elections and undermine public trust.

Smith acknowledged that AI is a double-edged sword, with malicious actors exploiting it for attacks, while defenders increasingly use it to stay ahead. Microsoft continues to monitor how its AI products are used, blocking known cybercriminals and working to ensure AI serves as a stronger shield than weapon.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!