Cybersecurity

US senator calls for AI chip tracking to protect national security

A new bill introduced by Republican Senator Tom Cotton aims to bolster national security by requiring location verification features on American-made AI chips.

The Chip Security Act, announced on 9 May, would ensure such technology does not end up in the hands of foreign adversaries, particularly China.

Cotton urged the US Departments of Commerce and Defence to assess how tracking mechanisms could help detect and prevent illegal chip exports.

He also called for stricter obligations for companies exporting AI chips, including notifying authorities if devices are tampered with or redirected from their original destinations.

The proposed legislation follows a policy shift announced on 7 May by the Trump administration to ease restrictions on AI chip exports previously imposed under President Biden.

Cotton argued that better security practices could allow US firms to expand globally without undermining the country’s technological edge.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cybercriminals trick users with fake AI apps

Cybercriminals are tricking users into downloading a dangerous new malware called Noodlophile by disguising it as AI software. Rather than using typical phishing tactics, attackers create convincing fake platforms that appear to offer AI-powered tools for editing videos or images.

These are promoted through realistic-looking Facebook groups and viral social media posts, some of which have received over 62,000 views.

Users are lured with promises of AI-generated content and are directed to bogus sites, one of which pretends to be CapCut AI, offering video editing features. Once users upload prompts and attempt to download the content, they unknowingly receive a malicious ZIP file.

Inside, it is a disguised program that kicks off a chain of infections, eventually installing the Noodlophile malware. However, this software can steal browser credentials, crypto wallet details, and other sensitive data.

The malware is linked to a Vietnamese developer who identifies themselves as a ‘passionate Malware Developer’ on GitHub. Vietnam has a known history of cybercrime activity targeting social media platforms like Facebook.

In some cases, the Noodlophile Stealer has been bundled with remote access tools like XWorm, which allow attackers to maintain long-term control over victims’ systems.

This isn’t the first time attackers have used public interest in AI for malicious purposes. Meta removed over 1,000 dangerous links in 2023 that exploited ChatGPT’s popularity to spread malware.

Meanwhile, cybersecurity experts at CYFIRMA have reported another threat: a new, simple yet effective malware called PupkinStealer, which secretly sends stolen information to hackers using Telegram bots.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

€34 million in crypto seized from eXch for facilitating money laundering

German authorities have seized cryptocurrency and server infrastructure worth €34 million ($37.4 million) from the now-defunct eXch crypto exchange. Prosecutors allege the platform operated without proper licences, facilitating money laundering for North Korean hackers involved in the Bybit hack.

The exchange reportedly processed transactions without implementing necessary anti-money laundering controls, attracting criminals seeking to launder stolen funds.

Authorities also claim that eXch was involved in laundering millions from multiple high-profile crypto thefts, including the $1.4 billion Bybit hack. The exchange’s services were available on both the clearnet and the darknet, and advertised on underground criminal platforms.

In addition to cryptocurrency holdings, the confiscated assets include server hardware and other digital infrastructure linked to the exchange’s operations.

While eXch announced its closure last month, blockchain analytics firm TRM Labs suggested that it continued operating. The exchange’s involvement in illicit activities, including refusal to block addresses linked to phishing schemes, has sparked further scrutiny.

As Germany prepares to discuss North Korean crypto hacks at the G7 summit, these latest developments are likely to be high on the agenda.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Microsoft expands cloud push across Europe

Microsoft has unveiled a new set of commitments aimed at strengthening its digital presence across Europe, pledging to expand cloud and AI infrastructure while supporting the region’s economic competitiveness.

Announced by Microsoft President Brad Smith in Brussels, the ‘European Digital Commitments’ include a promise to increase European data centre capacity by 40% within two years, bringing the total to over 200 across 16 countries.

Smith explained that Microsoft’s goal is to provide technology that helps individuals and organisations succeed, rather than simply expanding its reach. He highlighted AI as essential to modern economies, describing it as a driving force behind what he called the ‘AI economy.’

Alongside job creation, Microsoft hopes its presence will spark wider economic benefits for customers and partners throughout the continent.

To ease concerns around data security, particularly in light of USEU geopolitical tensions, Microsoft has added clauses in agreements with European institutions allowing it to legally resist any external order to halt operations in Europe.

If such efforts failed, Microsoft has arranged for European partners to access its code stored securely in Switzerland, instead of allowing disruptions to affect vital digital services.

Although Microsoft’s investments stand to benefit Europe, they also underscore the company’s deep dependence on the region, with over a quarter of its business based there.

Smith insisted that Microsoft’s global success would not have been possible without its European footprint, and called for continued cooperation across the Atlantic—even in the face of potential tariff disputes or political strains.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Quantum AI interest surges in data science and cybersecurity

Quantum AI is no longer a distant concept for many businesses, with over 60 percent actively investing in or exploring the technology, according to new research from SAS.

The report highlights that the most common area of application is in data analytics and machine learning, accounting for 48 percent of use cases. Research and development follows at 41 percent, while cybersecurity ranks third at 35 percent.

The emerging field of quantum AI combines current AI with the immense processing power of quantum computing. This fusion promises breakthroughs in algorithm development, complex model training, and solving data problems that today’s systems struggle with.

Industries are also examining its potential in supply chain and logistics (31 percent), finance and risk management (26 percent), and even marketing (20 percent).

Despite growing interest, several barriers still hinder adoption. These include high costs (38 percent), a lack of understanding (35 percent), uncertainty around practical use cases (31 percent), a shortage of skilled workers (31 percent), and limited regulatory guidance (26 percent).

SAS Principal Quantum Architect Bill Wisotsky acknowledged the surrounding hype but stressed that research underway today is crucial groundwork.

Key sectors poised to benefit include life sciences, financial services, and manufacturing, particularly in areas such as drug discovery, risk analysis, and process optimisation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Starkville Utilities hit by cyberattack

Starkville Utilities, a Mississippi-based electricity and water provider that also services Mississippi State University, has revealed a data breach that may have exposed sensitive information belonging to over 11,000 individuals.

The breach, which was first detected in late October last year, led the company to disconnect its network in an attempt to contain the intrusion.

Despite these efforts, an investigation later found that attackers may have accessed personal data, including full names and Social Security numbers. Details were submitted to the Maine Attorney General’s Office, confirming the scale of the breach and the nature of the data involved.

While no reports of identity theft have emerged since the incident, Starkville Utilities has chosen to offer twelve months of free identity protection services to those potentially affected. The company maintains that it is taking additional steps to improve its cybersecurity defences.

Stolen data such as Social Security numbers often ends up on underground marketplaces instead of staying idle, where it can be used for identity fraud and other malicious activities.

The incident serves as yet another reminder of the ongoing threat posed by cybercriminals targeting critical infrastructure and user data.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LockBit ransomware hacked, data on affiliates leaked

Internal data from the notorious LockBit ransomware group has been leaked following a hack of one of its administration panels. Over 200 conversations between affiliates and victims were also uncovered, revealing aggressive ransom tactics ranging from demands of a few thousand to over $100,000.

The breach, discovered on 7 May, exposed sensitive information including private chats with victims, affiliate account details, Bitcoin wallet addresses, and insights into LockBit’s infrastructure.

A defaced message on the group’s domain read: ‘Don’t do crime, crime is bad xoxo from Prague,’ linking to a downloadable archive of the stolen data. Although LockBit confirmed the breach, it downplayed its impact and denied that any victim decryptors were compromised.

Security researchers believe the leak could provide crucial intelligence for law enforcement. Searchlight Cyber identified 76 user credentials, 22 of which include TOX messaging IDs, commonly used by hackers and connected some users to aliases on criminal forums.

Speculation suggests the hack may be the result of infighting within the cybercriminal community, echoing a recent attack on the Everest ransomware group’s site. Authorities continue to pursue LockBit, but the group remains active despite previous takedowns.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

China’s quantum breakthroughs push urgent need for post-quantum security

The global cybersecurity community faces a ticking clock. China’s rapid advances in quantum computing, combined with insufficient global investment in quantum-safe cryptography, have placed Chief Information Security Officers (CISOs) at a critical crossroads.

With an estimated remediation timeline of seven years for most organisations, experts warn that critical systems are already at risk of future quantum attacks.

Quantum computing’s potential is often likened to a ‘Quantum Key’ capable of simultaneously testing every possible lock combination—effectively rendering today’s encryption obsolete.

If realised, such capabilities could expose every encrypted email, financial transaction, and state secret currently thought to be secure.

A 2024 report from the Global Risk Institute estimated a 5–14% chance that RSA-2048 encryption could be broken by 2029, rising to 19–34% by 2034. Those estimates, however, may already be outdated.

In early 2025, Chinese researchers unveiled breakthroughs in photonic quantum chips and a 72-qubit quantum processor named ‘Origin Wukong,’ capable of fine-tuning billion-parameter AI models. Earlier, in October 2024, Chinese scientists published a method for breaking RSA encryption.

With China reportedly investing $10–15 billion in quantum development—vastly outpacing the US, EU, and Microsoft’s combined commitments—there are growing fears that the West is losing the quantum arms race.

The geopolitical consequences of quantum dominance could be immediate and devastating. From unlocking encrypted communications to enabling undetectable weapons systems, a lead in quantum technology may deliver military and economic supremacy

The ‘harvest now, decrypt later’ strategy—where sensitive data is collected now to be decrypted when quantum computing is mature—presents an especially urgent concern for governments, banks, and healthcare providers.

Despite the looming threat, many organisations are underprepared. The long remediation period—estimated at over seven years for full transition—means that even proactive companies are not immune to future breaches.

The National Institute of Standards and Technology (NIST) has recommended the ML-KEM algorithm for post-quantum cryptography, with the HQC algorithm selected as a backup.

In contrast, China launched its own national cryptographic competition (NGCC) in early 2025, signalling distrust of foreign standards and intent to develop domestic alternatives.

To prepare for a post-quantum world, organisations should act now:

  • Conduct discovery: Identify systems reliant on RSA or ECC encryption, and catalogue keys based on risk.
  • Engage vendors: Ask suppliers about their post-quantum transition plans and expected compliance timelines.
  • Build a team: Assemble a multidisciplinary group including cryptography specialists, project managers, architects, and change leaders to lead a 5–7 year remediation program.

The systems most vulnerable to quantum threats include public-key cryptography (RSA, ECC), SSL/TLS protocols, secure messaging platforms, and cryptocurrency infrastructure.

By contrast, legacy and non-networked systems without encryption are generally considered low risk.

While some may compare this to the Y2K scare, there’s a critical difference: Y2K had a known deadline. The quantum threat has no set arrival date.

As with a surprise exam, unpreparedness can be far more dangerous. Still, the transition will likely unfold gradually rather than overnight, giving early movers a significant advantage.

The message is clear: the time to begin migrating to quantum-resistant cryptography is now. The future of national security, economic stability, and digital privacy may well depend on who gets there first.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft bans DeepSeek app for staff use

Microsoft has confirmed it does not allow employees to use the DeepSeek app, citing data security and propaganda concerns.

Speaking at a Senate hearing, company president Brad Smith explained the decision stems from fears that data shared with DeepSeek could end up on Chinese servers and be exposed to state surveillance laws.

Although DeepSeek is open source and widely available, Microsoft has chosen not to list the app in its own store.

Smith warned that DeepSeek’s answers may be influenced by Chinese government censorship and propaganda, and its privacy policy confirms data is stored in China, making it subject to local intelligence regulations.

Interestingly, Microsoft still offers DeepSeek’s R1 model via its Azure cloud service. The company argued this is a different matter, as customers can host the model on their servers instead of relying on DeepSeek’s infrastructure.

Even so, Smith admitted Microsoft had to alter the model to remove ‘harmful side effects,’ although no technical details were provided.

While Microsoft blocks DeepSeek’s app for internal use, it hasn’t imposed a blanket ban on all chatbot competitors. Apps like Perplexity are available in the Windows store, unlike those from Google.

The stance against DeepSeek marks a rare public move by Microsoft as the tech industry navigates rising tensions over AI tools with foreign links.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LockBit ransomware platform breached again

LockBit, one of the most notorious ransomware groups of recent years, has suffered a significant breach of its dark web platform. Its admin and affiliate panels were defaced and replaced with a message linking to a leaked MySQL database, seemingly exposing sensitive operational details.

The message mocked the gang with the line ‘Don’t do crime CRIME IS BAD xoxo from Prague,’ raising suspicions of a rival hacker or vigilante group behind the attack.

The leaked database, first flagged by a threat actor known as Rey, contains 20 tables revealing details about LockBit’s affiliate network, tactics, and operations. Among them are nearly 60,000 Bitcoin addresses, payload information tied to specific targets, and thousands of extortion chat messages.

A ‘users’ table lists 75 affiliate and admin identities, many with passwords stored in plain text—some comically weak, like ‘Weekendlover69.’

While a LockBit spokesperson confirmed the breach via Tox chat, they insisted no private keys were exposed and that losses were minimal. However, the attack echoes a recent breach of the Everest ransomware site, suggesting the same actor may be responsible.

Combined with past law enforcement actions—such as Operation Cronos, which dismantled parts of LockBit’s infrastructure in 2024—the new leak could harm the group’s credibility with affiliates.

LockBit has long operated under a ransomware-as-a-service model, providing malware to affiliates in exchange for a cut of ransom profits. It has targeted both Linux and Windows systems, used double extortion tactics, and accounted for a large share of global ransomware attacks in 2022.

Despite ongoing pressure from authorities, the group has continued its operations—though this latest breach could prove harder to recover from.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.