Cybersecurity

Telegram bonds frozen amid ongoing international sanctions framework

Around $500 million in bonds issued by Telegram remain frozen within Russia’s financial settlement system following the application of international sanctions.

The situation reflects how global regulatory measures can continue to affect corporate assets even when companies operate across multiple jurisdictions.

According to reports, the frozen bonds were issued in 2021 and are held at Russia’s National Settlement Depository.

Telegram said its more recent $1.7 billion bond issuance in 2025 involved international investors, with no participation from Russian capital, and was purchased mainly by institutional funds based outside Russia.

Telegram stated that bond repayments follow established international procedures through intermediaries, meaning payment obligations are fulfilled regardless of whether individual bondholders face restrictions.

Financial results for 2025 also showed losses, linked in part to a decline in cryptocurrency valuations, which reflected broader market conditions rather than company-specific factors.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Lynx ransomware group claims Regis subsidiary on dark web leak site

Regis Resources, one of Australia’s largest unhedged gold producers, has confirmed it is investigating a cyber incident after its subsidiary was named on a dark web leak site operated by a ransomware group.

The Lynx ransomware group listed McPhillamys Gold on Monday, claiming a cyberattack and publishing the names and roles of senior company executives. The group did not provide technical details or evidence of data theft.

The Australia-based company stated that the intrusion was detected in mid-November 2025 through its routine monitoring systems, prompting temporary restrictions on access to protect internal networks. The company said its cybersecurity controls were designed to isolate threats and maintain business continuity.

A forensic investigation found no evidence of data exfiltration and confirmed that no ransom demand had been received. Authorities were notified, and Regis said the incident had no operational or commercial impact.

Lynx, which first emerged in July 2024, has claimed hundreds of victims worldwide. The group says it avoids targeting critical public services, though it continues to pressure private companies through data leak threats.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI receptionist begins work at UK GP surgery

A GP practice in North Lincolnshire, UK, has introduced an AI receptionist named Emma to reduce long wait times on calls. Emma collects patient details and prioritises appointments for doctors to review.

Doctors say the system has improved efficiency, with most patients contacted within hours. Dr Satpal Shekhawat explained that the information from Emma helps identify clinical priorities effectively.

Some patients reported issues, including mistakes with dates of birth and difficulties explaining health problems. The practice reassured patients that human receptionists remain available and that the AI supports staff rather than replacing them.

The technology has drawn attention from other practices in the region. NHS officials are monitoring feedback to refine the system and improve patient experience.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Grok incident renews scrutiny of generative AI safety

Elon Musk’s Grok chatbot has triggered international backlash after generating sexualised images of women and girls in response to user prompts on X, raising renewed concerns over AI safeguards and platform accountability.

The images, some depicting minors in minimal clothing, circulated publicly before being removed. Grok later acknowledged failures in its own safeguards, stating that child sexual abuse material is illegal and prohibited, while xAI initially offered no public explanation.

European officials reacted swiftly. French ministers referred the matter to prosecutors, calling the output illegal, while campaigners in the UK argued the incident exposed delays in enforcing laws against AI-generated intimate images.

In contrast, US lawmakers largely stayed silent despite xAI holding a major defence contract. Musk did not directly address the controversy; instead, posting unrelated content as criticism mounted on the platform.

The episode has intensified debate over whether current AI governance frameworks are sufficient to prevent harm, particularly when generative systems operate at scale with limited real-time oversight.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

ChatGPT reaches 40 million daily users for health advice

More than 40 million people worldwide now use ChatGPT daily for health-related advice, according to OpenAI.

Over 5 percent of all messages sent to the chatbot relate to healthcare, with three in five US adults reporting use in the past three months. Many interactions occur outside clinic hours, highlighting the demand for AI guidance in navigating complex medical systems.

Users primarily turn to AI to check symptoms, understand medical terms, and explore treatment options.

OpenAI emphasises that ChatGPT helps patients gain agency over their health, particularly in rural areas where hospitals and specialised services are scarce.

The technology also supports healthcare professionals by reducing administrative burdens and providing timely information.

Despite growing adoption, regulatory oversight remains limited. Some US states have attempted to regulate AI in healthcare, and lawsuits have emerged over cases where AI-generated advice has caused harm.

OpenAI argues that ChatGPT supplements rather than replaces medical services, helping patients interpret information, prepare for care, and navigate gaps in access.

Healthcare workers are also increasingly using AI. Surveys show that two in five US professionals, including nurses and pharmacists, use generative AI weekly to draft notes, summarise research, and streamline workflows.

OpenAI plans to release healthcare policy recommendations to guide the responsible adoption of AI in clinical settings.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplochatbot!

Sedgwick breach linked to TridentLocker ransomware attack

Sedgwick has confirmed a data breach at its government-focused subsidiary after the TridentLocker ransomware group claimed responsibility for stealing 3.4 gigabytes of data. The incident underscores growing threats to federal contractors handling sensitive US agency information.

The company said the breach affected only an isolated file transfer system used by Sedgwick Government Solutions, which serves agencies such as DHS, ICE, and CISA. Segmentation reportedly prevented any impact on wider corporate systems or ongoing client operations.

TridentLocker, a ransomware-as-a-service group that appeared in late 2025, listed Sedgwick Government Solutions on its dark web leak site and posted samples of stolen documents. The gang is known for double-extortion tactics, combining data encryption and public exposure threats.

Sedgwick has informed US law enforcement and affected clients while continuing to investigate with external cybersecurity experts. The firm emphasised operational continuity and noted no evidence of intrusion into its claims management servers.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU pushes for open-source commercialisation to reduce tech dependence

The European Commission is preparing a strategy to commercialise European open-source software in an effort to strengthen digital sovereignty and reduce dependence on foreign technology providers.

The plan follows a consultation highlighting that EU funding has delivered innovation, although commercial scale has often emerged outside Europe instead of within it.

Open-source software plays a strategic role by decentralising development and limiting reliance on dominant technology firms.

Commission officials argue that research funding alone cannot deliver competitive alternatives, particularly when public and private contracts continue to favour proprietary systems operated by non-European companies.

An upcoming strategy, due alongside the Cloud and AI Development Act in early 2026, that will prioritise community upscaling, industrial deployment and market integration.

Governance reforms and stronger supply chain security are expected to address vulnerabilities that can affect widely used open-source components.

Financial sustainability will also feature prominently, with public sector partnerships encouraged to support long-term viability.

Brussels hopes wider public adoption of open-source tools will replace expensive or data-extractive proprietary software, reinforcing Europe’s technological autonomy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Researchers launch AURA to protect AI knowledge graphs

A novel framework called AURA has been unveiled by researchers aiming to safeguard proprietary knowledge graphs in AI systems by deliberately corrupting stolen copies with realistic yet false data.

The approach is designed to preserve full utility for authorised users while rendering illicit copies ineffective instead of relying solely on traditional encryption or watermarking.

AURA works by injecting ‘adulterants’ into critical nodes of knowledge graphs, chosen using advanced algorithms to minimise changes while maximising disruption for unauthorised users.

Tests with GPT-4o, Gemini-2.5, Qwen-2.5, and Llama2-7B showed that 94–96% of correct answers in stolen data were flipped, while authorised access remained unaffected.

The framework protects valuable intellectual property in sectors such as pharmaceuticals and manufacturing, where knowledge graphs power advanced AI applications.

Unlike passive watermarking or offensive poisoning, AURA actively degrades stolen datasets, offering robust security against offline and private-use attacks.

With GraphRAG applications proliferating, major technology firms, including Microsoft, Google, and Alibaba, are evaluating AURA to defend critical AI-driven knowledge.

The system demonstrates how active protection strategies can complement existing security measures, ensuring enterprises maintain control over their data in an AI-driven world.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Healthcare systems face mounting risk from CrazyHunter ransomware

CrazyHunter ransomware has emerged as a growing threat to healthcare organisations, with repeated attacks targeting hospitals and medical service providers. The campaign focuses on critical healthcare infrastructure, raising concerns about service disruption and the exposure of sensitive patient data.

The malware is developed in Go and demonstrates a high level of technical maturity. Attackers gain initial access by exploiting weak Active Directory credentials, then use Group Policy Objects to distribute the ransomware rapidly across compromised networks.

Healthcare institutions in Taiwan have been among the most affected, with multiple confirmed incidents reported by security researchers. The pattern suggests a targeted campaign rather than opportunistic attacks, increasing pressure on regional healthcare providers to strengthen defences.

Once deployed, CrazyHunter turns off security tools and encrypts files to conceal its activity. Analysts note the use of extensive evasion techniques, including memory-based execution and redundant encryption methods, to ensure the delivery of the payload.

CrazyHunter employs a hybrid encryption scheme that combines ChaCha20 and elliptic curve cryptography, utilising partial file encryption to expedite the impact. Encrypted files receive a ‘.Hunter’ extension, with recovery dependent on the attackers’ private keys, reinforcing the pressure to pay ransoms.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

World Liberty Financial files to launch national trust bank for USD1

World Liberty Financial’s WLTC Holdings LLC has applied with the Office of the Comptroller of the Currency to establish World Liberty Trust Company, National Association (WLTC), a national trust bank designed for stablecoin operations.

The move aims to centralise issuance, custody, and conversion of USD1, the company’s dollar-backed stablecoin. USD1 has grown rapidly, reaching over $3.3 billion in circulation during its first year.

The trust company will serve institutional clients, providing stablecoin conversion and secure custody for USD1 and other supported stablecoins.

WLTC will operate under federal supervision, offering fee-free USD1 issuance and redemption, USD conversion, and custody with market-rate conversions. Operations will comply with the GENIUS Act and follow strict AML, sanctions, and cybersecurity protocols.

The stablecoin is fully backed by US dollars and short-duration Treasury obligations, operating across ten blockchain networks, including Ethereum, Solana, and TRON.

By combining regulatory oversight with full-stack stablecoin services, WLTC seeks to provide institutional clients with clarity and efficiency in digital asset operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot