Cybersecurity

EVMbench from OpenAI, Paradigm and OtterSec measures AI smart contract risks

OpenAI, with Paradigm and OtterSec, introduced EVMbench to test how AI agents detect, patch, and exploit smart contract flaws. The benchmark draws on 120 real vulnerabilities from 40 blockchain projects to better reflect live conditions.

Researchers report that leading agents can now discover and exploit end-to-end vulnerabilities in live blockchain instances. Over six months, exploit success rates rose sharply, prompting both praise for improved auditing capabilities and concern over the rapid scaling of offensive skills.

EVMbench evaluates agents across three modes: detect, patch, and exploit. Each stage reflects increasing technical complexity and mirrors the responsibilities faced in production blockchain environments, where contracts are often immutable, and errors can lead to irreversible losses.

Recent incidents underline the stakes. A vulnerability in AI-generated Solidity code reportedly mispriced an asset, triggering liquidations and losses. Such cases highlight the risks of deploying AI-written financial logic without rigorous human review and governance safeguards.

While EVMbench advances measurement of AI capabilities, it remains limited to curated vulnerabilities and sandboxed conditions. As blockchain adoption expands and criminal misuse evolves, researchers stress the need for responsible AI development alongside stronger innovative contract security practices.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Lithuania selects Swiss firm Procivis for national eIDAS 2.0 wallet sandbox

Swiss firm Procivis has secured a contract to deliver Lithuania’s end-to-end Digital Identity Wallet sandbox, supporting the country’s preparations under eIDAS 2.0. The project will establish a national testbed for digital ID use cases and interoperability across the European Union.

Selected by Lithuania’s digitalisation agency, Procivis will build a platform for public authorities and relying parties to test secure digital wallet use cases. The sandbox will validate readiness ahead of the EU’s 2027 digital identity wallet deadline.

The updated eIDAS 2.0 technical framework sets out how wallets will store and share trusted digital credentials and electronic identification. Governments and private organisations will be able to integrate services into the wallets, streamlining authentication, onboarding, and cross-border access.

Across Lithuania and the EU, testbeds and large-scale pilots have been central to turning regulatory requirements into interoperable infrastructure. Lithuania’s sandbox will also support activities under the EU’s LSP Aptitude consortium, which is testing cross-sector digital identity solutions.

Procivis said the collaboration aims to accelerate practical validation while ensuring compliance with European standards on security, interoperability, and data protection. The company stated that supporting a timely, budget-aligned implementation of eIDAS 2.0 remains central to its mission.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

India’s UIDAI rolls out AI-enabled biometric deduplication and document verification platform

UIDAI has deployed an advanced platform that uses AI-enabled models to improve biometric deduplication, the process of ensuring that each resident has a unique identity record, by checking fingerprints, facial images and iris scans against the entire Aadhaar database.

The authority describes this system, developed with the International Institute of Information Technology, Hyderabad, as an ‘Invisible Shield’ that can perform billions of computations efficiently at a population scale, running on high-performance inference infrastructure such as NVIDIA DGX systems to enhance accuracy and speed nationwide.

In addition to biometric matching, the platform incorporates AI-based document metadata extraction and verification to curb enrolment fraud, using secure APIs (e.g. DigiLocker) for source-of-truth checks against submitted documents.

The system is already being rolled out in several states. It is expected to expand across India in the coming months, boosting service quality, reducing turnaround times for Aadhaar enrolment and update transactions, and reinforcing trust in the digital identity infrastructure.

The initiative is part of a broader push to leverage AI for fraud detection and identity assurance at a national scale. It comes amid ongoing efforts by UIDAI to modernise authentication processes as biometric and AI-based systems evolve.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Bremen trials AI-based safety system ‘AI Watch’ on city trams

The city of Bremen, Germany, has begun piloting an AI-based safety system called AI Watch on its tram fleet. The technology uses onboard cameras and computer vision models to automatically detect potential safety issues, such as passengers too close to doors, objects on the tracks, or unexpected pedestrian behaviour, and alerts tram operators in real time.

The goal is to reduce accidents and enhance situational awareness without replacing human oversight.

Developed with transport and AI specialists, AI Watch integrates with vehicles’ existing sensor suites and is designed to function in real-time operational environments. During the pilot, the system has been tested under various traffic and lighting conditions to refine hazard recognition accuracy and minimise false alarms.

BSAG representatives say the AI support tool complements human judgement, helping drivers focus on decision-making rather than continuously scanning for hazards.

The initiative comes as cities explore AI applications in urban mobility, from predictive maintenance to intelligent traffic management and automated incident detection, to improve safety, efficiency and passenger experience.

Bremen’s pilot will be evaluated for scalability across additional routes and potentially other types of public transport vehicles.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

South Africa balances fintech innovation with financial stability

South Africa’s fintech sector has evolved from a niche disruptor into a pillar of the digital economy, fuelled by rapid digital adoption and entrepreneurial growth. Regulators are now tasked with supporting innovation in decentralised finance and AI while safeguarding market stability and consumer protection.

Coordinated oversight has been central to that effort. The Intergovernmental Fintech Working Group, bringing together the National Treasury, the South African Reserve Bank and the Financial Sector Conduct Authority, promotes a harmonised and principle-based regulatory approach.

A significant turning point came when crypto assets were classified as financial products under the Financial Advisory and Intermediary Services Act. Licensing requirements for Crypto Asset Service Providers and alignment with Financial Action Task Force standards strengthened consumer safeguards and anti-money laundering controls.

Fintech also plays a growing role in financial inclusion, particularly through mobile money, digital lending and digital payments. Wider access to affordable financial tools supports inclusive economic growth across underserved communities.

AI presents fresh regulatory questions around bias, transparency and operational resilience. Ensuring compliance with the Protection of Personal Information Act while encouraging responsible experimentation remains central to South Africa’s evolving fintech strategy.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

US freedom.gov and the EU’s DSA in a transatlantic fight over online speech

The transatlantic debate over ‘digital sovereignty’ is also, in a discrete measure, about whose rules govern online speech. In the EU, digital sovereignty has essentially meant building enforceable guardrails for platforms, especially around illegal content, systemic risks, and transparency, through instruments such as the Digital Services Act (DSA) and its transparency mechanisms for content moderation decisions. In Washington, the emphasis has been shifting toward ‘free speech diplomacy‘, framing some EU online-safety measures as de facto censorship that spills across borders when US-based platforms comply with the EU requirements.

What is ‘freedom.gov’?

The newest flashpoint is a reported US State Department plan to develop an online portal, widely described as ‘freedom.gov‘, intended to help users in the EU and elsewhere access content blocked under local rules, and it aligns with the Trump administration policy and a State Department programme called Internet Freedom. The ‘freedom.gov’ plan reportedly includes adding VPN-like functionality so traffic would appear to originate in the US, effectively sidestepping geographic enforcement of content restrictions. According to the US House of Representatives’ legal framework, the idea could be seen as a digital-rights tool, but experts warn it would export a US free-speech standard into jurisdictions that regulate hate speech and extremist material more tightly.

The ‘freedom.gov’ portal story occurs within a broader escalation that has already moved from rhetoric to sanctions. In late 2025, the US imposed visa bans on several EU figures it accused of pressuring platforms to suppress ‘American viewpoints,’ a move the EU governments and officials condemned as unjustified and politically coercive. The episode brought to the conclusion that Washington is treating some foreign content-governance actions not as domestic regulation, but as a challenge to US speech norms and US technology firms.

The EU legal perspective

From the EU perspective, this framing misses the point of to DSA. The Commission argues that the DSA is about platform accountability, requiring large platforms to assess and mitigate systemic risks, explain moderation decisions, and provide users with avenues to appeal. The EU has also built new transparency infrastructure, such as the DSA Transparency Database, to make moderation decisions more visible and auditable. Civil-society groups broadly supportive of the DSA stress that it targets illegal content and opaque algorithmic amplification; critics, especially in US policy circles, argue that compliance burdens fall disproportionately on major US platforms and can chill lawful speech through risk-averse moderation.

That’s where the two sides’ risk models diverge most sharply. The EU rules are shaped by the view that disinformation, hate speech, and extremist propaganda can create systemic harms that platforms must proactively reduce. On the other side, the US critics counter that ‘harm’ categories can expand into viewpoint policing, and that tools like a government-backed portal or VPN could be portrayed as restoring access to lawful expression. Yet the same reporting that casts the portal as a speech workaround also notes it may facilitate access to content the EU considers dangerous, raising questions about whether the initiative is rights-protective ‘diplomacy,’ a geopolitical pressure tactic, or something closer to state-enabled circumvention.

Why does it matter?

The dispute has gone from theoretical to practical, reshaping digital alliances, compliance strategies, and even travel rights for policy actors, not to mention digital sovereignty in the governance of online discourse and data. The EU’s approach is to make platforms responsible for systemic online risks through enforceable transparency and risk-reduction duties, while the US approach is increasingly to contest those duties as censorship with extraterritorial effects, using instruments ranging from public messaging to visa restrictions, and, potentially, state-backed bypass tools.

What could we expect then, if not a more fragmented internet, with platforms pulled between competing legal expectations, users encountering different speech environments by region, and governments treating content policy as an extension of foreign policy, complete with retaliation, countermeasures, and escalating mistrust?

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UK sets 48-hour deadline for removing intimate images

The UK government plans to require technology platforms to remove intimate images shared without consent within forty-eight hours instead of allowing such content to remain online for days.

Through an amendment to the Crime and Policing Bill, firms that fail to comply could face fines amounting to ten percent of their global revenue or risk having their services blocked in the UK.

A move that reflects ministers’ commitment to treat intimate image abuse with the same seriousness as child sexual abuse material and extremist content.

The action follows mounting concern after non-consensual sexual deepfakes produced by Grok circulated widely, prompting investigations by Ofcom and political pressure on platforms owned by Elon Musk.

The government now intends victims to report an image once instead of repeating the process across multiple services. Once flagged, the content should disappear across all platforms and be blocked automatically on future uploads through hash-matching or similar detection tools.

Ministers also aim to address content hosted outside the reach of the Online Safety Act by issuing guidance requiring internet providers to block access to sites that refuse to comply.

Keir Starmer, Liz Kendall and Alex Davies-Jones emphasised that no woman should be forced to pursue platform after platform to secure removal and that the online environment must offer safety and respect.

The package of reforms forms part of a broader pledge to halve violence against women and girls during the next decade.

Alongside tackling intimate image abuse, the government is legislating against nudification tools and ensuring AI chatbots fall within regulatory scope, using this agenda to reshape online safety instead of relying on voluntary compliance from large technology firms.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Microsoft outlines challenges in verifying AI-generated media

In an era of deepfakes and AI-manipulated content, determining what is real online has become increasingly complex. Microsoft’s report Media Integrity and Authentication reviews current verification methods, their limits, and ways to boost trust in digital media.

The study emphasises that no single solution can prevent digital deception. Techniques such as provenance tracking, watermarking, and digital fingerprinting can provide useful context about a media file’s origin, creation tools, and whether it has been altered.

Microsoft has pioneered these technologies, cofounding the Coalition for Content Provenance and Authenticity (C2PA) to standardise media authentication globally.

The report also addresses the risks of sociotechnical attacks, where even subtle edits can manipulate authentication results to mislead the public.

Researchers explored how provenance information can remain durable and reliable across different environments, from high-security systems to offline devices, highlighting the challenge of maintaining consistent verification.

As AI-generated or edited content becomes commonplace, secure media provenance is increasingly important for news outlets, public figures, governments, and businesses.

Reliable provenance helps audiences spot manipulated content, with ongoing research guiding clearer, practical verification displays for the public.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Reload launches Epic to bring shared memory and structure to AI agents

Founders of the Reload platform say AI is moving from simple automation toward something closer to teamwork.

Newton Asare and Kiran Das noticed that AI agents were completing tasks normally handled by employees, which pushed them to design a system that treats digital workers as part of a company’s structure instead of disposable tools.

Their platform, Reload, offers a way for organisations to manage these agents across departments, assign responsibilities and monitor performance. The firm has secured 2.275 million dollars in new funding led by Anthemis with several other investors joining the round.

The shift toward agent-driven development exposed a recurring limitation. Most agents retain only short-term memory, which means they often lose context about a product or forget why a task matters.

Reload’s answer is Epic, a new product built on its platform that acts as an architect alongside coding agents. Epic defines requirements and constraints at the start of a project, then continuously preserves the shared understanding that agents need as software evolves.

Epic integrates with popular AI-assisted code editors such as Cursor and Windsurf, allowing developers to keep a consistent system memory without changing their workflow.

The tool generates key project artefacts from the outset, including data models and technical decisions, then carries them forward even when teams switch agents. It creates a single source of truth so that engineers and digital workers develop against the same structure.

Competing systems such as LongChain and CrewAI also offer support for managing agents, but Reload argues that Epic’s ability to maintain project-level context sets it apart.

Asare and Das, who already built and sold a previous company together, plan to use the fresh capital to grow their team and expand the infrastructure needed for a future in which human workers manage AI employees instead of the other way around.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Greece positions itself as a global AI bridge

The PM of Greece, Kyriakos Mitsotakis, took part in the India AI Impact Summit in New Delhi as part of a two-day visit that highlighted the country’s ambition to deepen its presence in global technology governance.

A gathering that focuses on creating a coherent international approach to AI under the theme ‘People-Planet-Progress’, with an emphasis on practical outcomes instead of abstract commitments.

Greece presents itself as a link between Europe and the Global South, seeking a larger role in debates over AI policy and geoeconomic strategy.

Mitsotakis is joined by Minister of Digital Governance Dimitris Papastergiou, underscoring Athens’ intention to strengthen partnerships that support technological development.

During the visit, Mitsotakis attended an official dinner hosted by Narendra Modi.

On Thursday, he will address the summit at Bharat Mandapam before holding a scheduled meeting with his Indian counterpart, reinforcing efforts to expand cooperation between Greece and India in emerging technologies.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!