Cybersecurity

EU introduces plan to strengthen consumer protection

The European Commission has unveiled the 2030 Consumer Agenda, a strategic plan to reinforce protection, trust, and competitiveness across the EU.

With 450 million consumers contributing over half of the Union’s GDP, the agenda aims to simplify administrative processes for businesses, rather than adding new burdens, while ensuring fair treatment for shoppers.

The agenda sets four priorities to adapt to rising living costs, evolving online markets, and the surge in e-commerce. Completing the Single Market will remove cross-border barriers, enhance travel and financial services, and evaluate the effectiveness of the Geo-Blocking Regulation.

A planned Digital Fairness Act will address harmful online practices, focusing on protecting children and strengthening consumer rights.

Sustainable consumption takes a central focus, with efforts to combat greenwashing, expand access to sustainable goods, and support circular initiatives such as second-hand markets and repairable products.

The Commission will also enhance enforcement to tackle unsafe or non-compliant products, particularly from third countries, ensuring that compliant businesses are shielded from unfair competition.

Implementation will be overseen through the Annual Consumer Summit and regular Ministerial Forums, which will provide political guidance and monitor progress.

The 2030 Consumer Agenda builds on prior achievements and EU consultations, aiming to modernise consumer protection instead of leaving gaps in a rapidly changing market.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Azure weathers record 15.7 Tbps cloud DDoS attack

According to Microsoft, Azure was hit on 24 October 2025 by a massive multi-vector DDoS attack that peaked at 15.72 terabits per second and unleashed 3.64 billion packets per second on a single endpoint.

The attack was traced to the Aisuru botnet, a Mirai-derived IoT botnet. More than 500,000 unique IP addresses, mostly residential devices, participated in the assault. UDP floods with random ports made the attack particularly potent and harder to spoof.

Azure’s automated DDoS Protection infrastructure handled the traffic surge, filtering out malicious packets in real time and keeping customer workloads online.

From a security-policy viewpoint, this incident underscores how IoT devices continue to fuel some of the biggest cyber threats, and how major cloud platforms must scale defences rapidly to cope.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Sundar Pichai warns users not to trust AI tools easily

Google CEO Sundar Pichai advises people not to unquestioningly trust AI tools, warning that current models remain prone to errors. He told the BBC that users should rely on a broader information ecosystem rather than treat AI as a single source of truth.

Pichai said generative systems can produce inaccuracies and stressed that people must learn what the tools are good at. The remarks follow criticism of Google’s own AI Overviews feature, which attracted attention for erratic and misleading responses during its rollout.

Experts say the risk grows when users depend on chatbots for health, science, or news. BBC research found major AI assistants misrepresented news stories in nearly half of the tests this year, underscoring concerns about factual reliability and the limits of current models.

Google is launching Gemini 3.0, which it claims offers stronger multimodal understanding and reasoning. The company says its new AI Mode in search marks a shift in how users interact with online information, as it seeks to defend market share against ChatGPT and other rivals.

Pichai says Google is increasing its investment in AI security and releasing tools to detect AI-generated images. He maintains that no single company should control such powerful technology and argues that the industry remains far from a scenario in which one firm dominates AI development.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Europe’s digital sovereignty advances through SAP’s new AI collaborations

SAP has announced new partnerships with Bleu, Capgemini, and Mistral AI to advance Europe’s digital sovereignty. The collaboration combines SAP’s expertise in enterprise software with France’s AI ecosystem to develop secure, scalable, and sovereign cloud solutions for governments and regulated sectors.

Bleu and Delos Cloud have established a Franco-German alliance focused on crisis resilience, creating joint capabilities for early detection, analysis, and remediation of cyber incidents. Their cooperation supports rapid response in extreme scenarios and reinforces control over critical infrastructure.

SAP and Capgemini are expanding their partnership to advance sovereign agentic AI and strengthen cybersecurity across Europe. Their new Sovereign Technology Partnership will deliver data management, cloud services, and automation tools for public and regulated sectors.

SAP and Mistral AI are also deepening their collaboration to create Europe’s first full sovereign AI stack. SAP will offer Mistral’s frontier models through its sovereign AI foundation on SAP BTP, while both companies co-develop industry-specific AI applications designed for engineering and R&D workloads.

These partnerships form part of SAP’s broader sovereign cloud strategy, backed by more than €20bn in investment. SAP states that its aim is to provide a secure, compliant, and locally controlled infrastructure that enables innovation while safeguarding European data, assets, and long-term technological independence.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UNESCO and SAP selected the AI system EDiSON for the Solomon Islands

SAP and UNESCO have agreed to deploy the AI-supported disaster management system EDiSON in the Solomon Islands.

The platform, created by SAP Japan and the start-up INSPIRATION PLUS, utilises the SAP Business Technology Platform with machine learning to merge real-time meteorological information with historical records, rather than relying on isolated datasets.

A system that delivers predictive insights that help authorities act before severe weather strikes. It anticipates terrain damage, guides emergency services towards threatened areas and supports decisions on evacuation orders.

The initiative aims to serve as a model for other small island states facing similar climate-related pressures.

UNESCO officials say the project strengthens early warning capacity and encourages long-term resilience. EDiSON will become operational in 2026 and aims to offer a scalable approach for nations with limited technical resources.

Its performance in Japan has already demonstrated how integrated data management can overcome fragmented information flows and restricted analytical tools.

The design of EDiSON enables governments to adopt advanced disaster preparedness systems instead of relying on costly, bespoke infrastructure. A partnership that seeks to improve national readiness in the Solomon Islands, where earthquakes, tsunamis, cyclones and floods regularly threaten communities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

FCC set to rescind cyber rules after Salt Typhoon hack

The FCC is scheduled this week to vote on rescinding rules imposed in January that required major telecommunications carriers to secure networks from unauthorised access and interception under Section 105 of the Communications Assistance for Law Enforcement Act.

These measures were introduced after the Salt Typhoon cyber-espionage campaign exposed vulnerabilities in US telecom infrastructure.

Current FCC Chair Brendan Carr argues the prior policy exceeded the agency’s legal authority and did not offer flexible or targeted protections. The proposed reversal follows lobbying by major carriers who claim the rules could undermine partnership efforts between public and private sectors.

Lawmakers, including Maria Cantwell, ranking Democrat on the Senate Commerce Committee, have strongly opposed the move. They describe the Salt Typhoon campaign, attributed to Chinese-linked actors targeting numerous US carriers, as one of the most serious telecom breaches in US history, emphasising that loosening these rules could undermine national security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Chrome receives emergency update to fix high-severity zero-day flaw

Google has issued an emergency update to fix the seventh Chrome zero-day exploited in attacks this year. The flaw, tracked as CVE-2025-13223, is caused by a type confusion bug in the browser’s V8 JavaScript engine and was used in the wild before the patch was released.

The company says updates will roll out across the Stable Desktop channel in the coming weeks, though users can install the fix immediately by checking for updates in Chrome’s settings. Google is withholding technical details until most users have upgraded to avoid encouraging further exploitation.

The vulnerability was reported by a member of Google’s Threat Analysis Group and allowed attackers to trigger code execution or browser crashes through malicious HTML pages. It continues a pattern of high-severity zero-days discovered and patched throughout 2025.

Google stresses that prompt updates remain essential, as attackers often target unpatched systems. Automatic updates can help ensure that newly released fixes reach users quickly and reduce exposure to emerging threats.

Security experts also recommend enabling scheduled antivirus scans and using protective features, such as hardened browsers or VPNs. With multiple zero-days already patched this year, analysts say more are likely, and users should keep Chrome’s update settings enabled.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Fight over state AI authority heats up in US Congress

US House Republicans are mounting a new effort to block individual states from regulating AI, reviving a proposal that the Senate overwhelmingly rejected just four months ago. Their push aligns with President Donald Trump’s call for a single federal AI standard, which he argues is necessary to avoid a ‘patchwork’ of state-level rules that he claims hinder economic growth and fuel what he described as ‘woke AI.’

House Majority Leader Steve Scalise is now attempting to insert the measure into the National Defence Authorisation Act, a must-pass annual defence spending bill expected to be finalised in the coming weeks. If successful, the move would place a moratorium on state-level AI regulation, effectively ending the states’ current role as the primary rule-setters on issues ranging from child safety and algorithmic fairness to workforce impacts.

The proposal faces significant resistance, including from within the Republican Party. Lawmakers who blocked the earlier attempt in July warned that stripping states of their authority could weaken protections in areas such as copyright, child safety, and political speech.

Critics, such as Senator Marsha Blackburn and Florida Governor Ron DeSantis, argue that the measure would amount to a handout to Big Tech and leave states unable to guard against the use of predatory or intrusive AI.

Congressional leaders hope to reach a deal before the Thanksgiving recess, but the ultimate fate of the measure remains uncertain. Any version of the moratorium would still need bipartisan support in the Senate, where most legislation requires 60 votes to advance.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

NVIDIA pushes forward with AI-ready data

Enterprises are facing growing pressure to prepare unstructured data for use in modern AI systems as organisations struggle to turn prototypes into production tools.

Around forty percent of AI projects advance beyond the pilot phase, largely due to limits in data quality and availability. Most organisational information now comes in unstructured form, ranging from emails to video files, which offers little coherence and places a heavy load on governance systems.

AI agents need secure, recent and reliable data instead of fragmented information scattered across multiple storage silos. Preparing such data demands extensive curation, metadata work, semantic chunking and the creation of vector embeddings.

Enterprises also struggle with the rising speed of data creation and the spread of duplicate copies, which increases both operational cost and security concerns.

An emerging approach by NVIDIA, known as the AI data platform, aims to address these challenges by embedding GPU acceleration directly into the data path. The platform prepares and indexes information in place, allowing enterprises to reduce data drift, strengthen governance and avoid unnecessary replication.

Any change to a source document is immediately reflected in the associated AI representations, improving accuracy and consistency for business applications.

NVIDIA is positioning its own AI Data Platform reference design as a next step for enterprise storage. The design combines RTX PRO 6000 Blackwell Server Edition GPUs, BlueField three DPUs and integrated AI processing pipelines.

Leading technology providers including Cisco, Dell Technologies, IBM, HPE, NetApp, Pure Storage and others have adopted the model as they prepare storage systems for broader use of generative AI in the enterprise sector.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Web services recover after Cloudflare restores its network systems

Cloudflare has resolved a technical issue that briefly disrupted access to major platforms, including X, ChatGPT, and Letterboxd. Users had earlier reported internal server error messages linked to Cloudflare’s network, indicating that pages could not be displayed.

The disruption began around midday UK time, with some sites loading intermittently as the problem spread across the company’s infrastructure. Cloudflare confirmed it was investigating an incident affecting multiple customers and issued rolling updates as engineers worked to identify the fault.

Outage tracker Down Detector also experienced difficulties during the incident, later showing a sharp rise in reports once it came back online. The pattern pointed to a broad network-level failure rather than isolated platform issues.

Users saw repeated internal server error warnings asking them to try again, though services began recovering as Cloudflare isolated the cause. The company has not yet released full technical details, but said the fault has been fixed and that systems are stabilising.

Cloudflare provides routing, security, and reliability tools for a wide range of online services, making a single malfunction capable of cascading globally. The company said it would share further information on the incident and steps taken to prevent similar failures.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!