Cybersecurity

US charges four over global romance scam and BEC scheme

Four Ghanaian nationals have been extradited to the United States over an international cybercrime scheme that stole more than $100 million, allegedly through sophisticated romance scams and business email compromise (BEC) attacks targeting individuals and companies nationwide.

The syndicate, led by Isaac Oduro Boateng, Inusah Ahmed, Derrick van Yeboah, and Patrick Kwame Asare, used fake romantic relationships and email spoofing to deceive victims. Businesses were targeted by altering payment details to divert funds.

US prosecutors say the group maintained a global infrastructure, with command and control elements in West Africa. Stolen funds were laundered through a hierarchical network to ‘chairmen’ who coordinated operations and directed subordinate operators executing fraud schemes.

Investigators found the romance scams used detailed victim profiling, while BEC attacks monitored transactions and swapped banking details. Multiple schemes ran concurrently under strict operational security to avoid detection.

Following their extradition, three suspects arrived in the United States on 7 August 2025, arranged through cooperation between US authorities and the Economic and Organised Crime Office of Ghana.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

China pushes back on Nvidia chip sales, undercutting Trump’s proposed export deal

China is quietly urging domestic companies to steer clear of Nvidia’s H20 processors, especially for government or security-related projects, throwing a wrench into US efforts to turn those sales into a revenue source for Washington.

Over recent weeks, Chinese authorities have sent private notices to firms questioning their reliance on US chips and promoting domestic alternatives.

The guidance comes just as Nvidia and AMD gained approval from the Trump administration to resume selling certain AI chips to China, under a rare arrangement that requires the companies to share 15% of related revenue with the US government.

While the directive stops short of an outright ban, Beijing has placed the H20 under the same kind of partial restrictions previously imposed on Tesla vehicles, Apple iPhones, and Micron chips, citing security concerns.

Officials have floated fears that Nvidia hardware could carry location-tracking or remote shutdown features, claims the company firmly denies. At the same time, China is accelerating efforts to boost its homegrown semiconductor industry, urging firms to shift away from Western technology in favour of local suppliers, such as Huawei, even though domestic capacity still falls short of market demand.

The campaign highlights a broader geopolitical irony: US officials defended the resumption of H20 exports by arguing that the chip was already widely available in China and technologically inferior to top US models.

Trump has called it ‘obsolete,’ framing the sales as a way to keep Chinese AI systems dependent on American-made, less advanced hardware.

Behind the scenes, officials have linked the deal to a broader trade arrangement involving Chinese rare-earth minerals, though Beijing has publicly denied any such quid pro quo.

For Nvidia, the H20 remains strategically important. Although less potent than its flagship Blackwell series, the chip’s high memory bandwidth makes it well-suited for AI inference, a crucial stage in which models interpret and respond to data.

Chinese tech giants like Alibaba and Tencent have sought the H20 to offset supply shortages from Huawei, which is struggling to produce enough advanced chips to meet domestic demand.

Analysts warn that losing access to the H20 could raise the cost of running AI models in China by up to six times.

Still, Beijing’s stance appears to be a balancing act. RAND researcher Lennart Heim notes that China uses regulatory pressure to channel demand toward Huawei without cutting off access to Nvidia products, ensuring that companies can still meet their needs while domestic capabilities mature.

However, the Chinese government’s selective pressure could deepen uncertainty for US chipmakers counting on China, the world’s largest semiconductor market, to offset lost sales elsewhere.

While Washington’s new export-for-revenue-sharing model is already unprecedented, Beijing’s countermeasures show that even approved sales may face political headwinds.

For Nvidia and AMD, the challenge is no longer just securing US permission, but also convincing China to buy.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Quantum computing breakthroughs push 2025 into a new era

Quantum computing is set to shift from theory to real-world applications in 2025, driven by breakthroughs from Google and IBM. With error-corrected qubits and faster processing, the market is projected to reach $292 billion by 2035.

New chips, such as Google’s Willow, have significantly reduced errors, while interconnect innovations link multiple processors. Hybrid quantum-classical systems are emerging, with AI refining results for logistics, energy grids, and secure financial transactions.

The technology is accelerating drug discovery, climate modelling, and materials science, cutting R&D timelines and improving simulation accuracy. Global firms like Pasqal are scaling production in Saudi Arabia and South Korea, even as geopolitical tensions rise.

Risks remain high, from the energy demands of quantum data centres to threats against current encryption. Experts urge rapid adoption of post-quantum cryptography and fault-tolerant systems before mass deployment.

As the UN marks 2025 as the International Year of Quantum Science, quantum computing is quietly being integrated into operations worldwide, solving problems that surpass those of classical machines. The revolution has begun, largely unnoticed but poised to redefine economies and technology.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Black Hat demo reveals risks in hybrid Microsoft environments

Security researcher Dirk-jan Mollema demonstrated methods for bypassing authentication in hybrid Active Directory (AD) and Entra ID environments at the Black Hat conference in Las Vegas. The techniques could let attackers impersonate any synced hybrid user, including privileged accounts, without triggering alerts.

Mollema demonstrated how a low-privilege cloud account can be converted into a hybrid user, granting administrative rights. He also demonstrated ways to modify internal API policies, bypass enforcement controls, and impersonate Exchange mailboxes to access emails, documents, and attachments.

Microsoft has addressed some issues by hardening global administrator security and removing specific API permissions from synchronised accounts. However, a complete fix is expected only in October 2025, when hybrid Exchange and Entra ID services will be separated.

Until then, Microsoft recommends auditing synchronisation servers, using hardware key storage, monitoring unusual API calls, enabling hybrid application splitting, rotating SSO keys, and limiting user permissions.

Experts say hybrid environments remain vulnerable if the weakest link is exploited, making proactive monitoring and least-privilege policies critical to defending against these threats.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Trump’s potential Nvidia deal with China raises national security risks

The US President Donald Trump has shattered decades of US national security precedent by striking a deal with Nvidia and AMD that allows the sale of certain banned AI chips to China, but at a certain price.

In an arrangement without modern parallels, the companies will resume exports of their H20 processors to the Chinese market in exchange for giving the US government a 15% share of related revenues.

The move reopens a channel for sensitive technology sales and introduces a transactional element into what had long been treated as a matter of uncompromising national security.

For decades, Washington’s export controls on strategic technologies were blunt instruments: if a product was deemed too sensitive, no amount of corporate lobbying or lost revenue could override the ban.

Trump’s approach breaks from that tradition, effectively monetising access to restricted technologies. He has even floated the idea of allowing a weakened version of Nvidia’s cutting-edge Blackwell chip to be sold in China, a possibility that has set off alarm bells among national security hawks.

Republican and Democratic lawmakers have condemned the decision, warning it risks transforming US security policy into a ‘pay-for-play’ system.

Representative John Moolenaar, who chairs the House Select Committee on China, argued that export controls should remain a first line of defence against adversaries, not a bargaining chip. His Democratic counterpart, Raja Krishnamoorthi, cautioned that putting a dollar value on national security sends the wrong message to both allies and rivals.

The Trump administration has defended the arrangement by downplaying the risk. Commerce Secretary Howard Lutnick called the H20 Nvidia’s ‘fourth-best’ chip, noting that it is already widely used in China. The administration also framed the move to keep Chinese companies tied to US technology rather than turning to rival suppliers. Yet questions loom over the legality of the revenue-sharing scheme.

Trade experts have raised the possibility that it could be interpreted as an export tax, something the US Constitution prohibits, though details of the agreement remain opaque.

Beyond legal debates, the financial implications are significant. Analysts predict the levy could cut gross margins on China-bound chips by as much as 15 percentage points, trimming overall profitability for Nvidia and AMD.

In turn, this change of course could prompt other US companies selling strategic goods to China, from aerospace to advanced materials, to wonder if they too will face similar revenue-sharing requirements.

For some, it could be a costly burden; for others, it might be the only way to retain access to China’s lucrative market.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

University of Western Australia hit by password breach

The University of Western Australia has ordered a mass password reset for all staff and students after detecting unauthorised access to stored password data.

The incident was contained over the weekend by the university’s IT and security teams, who then moved to recovery and investigation. Australian authorities have been notified.

While no other systems are currently believed to have been compromised, access to UWA services remains locked until credentials are changed.

The university has not confirmed if its central access management system was targeted.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trump weighs scaled-down Nvidia chip sales to China

President Donald Trump has signalled that he may permit Nvidia to sell a toned-down version of its latest Blackwell AI chip to China, which could substantially shift US tech export policy.

The idea, still under discussion with Nvidia CEO Jensen Huang, would involve reducing the chip’s computing power by 30% to 50%, creating what Trump described as an ‘unenhanced’ model for the Chinese market. While framed as a compromise, critics warn that even these stripped-down chips could fuel Beijing’s AI ambitions.

The announcement follows an unprecedented agreement between the Trump administration, Nvidia, and AMD, under which the US government would collect 15% of revenue from certain AI chip sales to China.

Washington insiders have expressed unease, noting that, with enough scaled-down hardware, China could still build AI supercomputers capable of competing with or surpassing American capabilities.

Saif Khan, a former White House technology adviser, cautioned that the move could accelerate China’s path toward AI dominance, undoing years of strict export controls.

Currently, Nvidia’s most advanced chip approved for sale in China is the H20, built on older Hopper architecture. The H20 was specifically designed to comply with restrictions imposed under President Biden and entered the Chinese market in 2024.

Although shipments were halted earlier this year, the Trump administration recently granted clearance for exports to resume. Trump dismissed the H20 as ‘obsolete’ and claimed China had already mastered it, suggesting the new Blackwell variant would offer a fresh revenue stream while staying within national security boundaries.

Nvidia’s flagship US Blackwell chip, unveiled in March 2024, is up to 30 times faster than its predecessor, making it a significant leap in AI performance. Details about the proposed Chinese variant remain undisclosed, but Reuters previously reported it would come at a lower cost and reduced power.

The US Commerce Department has begun issuing licenses for the H20, with officials insisting these exports do not threaten national security.

For Nvidia and AMD, the deal represents a rare case of direct government revenue-sharing tied to foreign sales, reflecting Trump’s hands-on approach to corporate negotiations. His administration has previously pressured tech executives to prioritise domestic manufacturing and has intervened in leadership appointments.

Nvidia, for its part, has stated it will follow all US export rules, while AMD confirmed receiving approval to ship some AI processors to China without directly addressing the revenue-sharing clause.

Beijing’s reaction so far has been muted. China’s foreign ministry declined to comment on the potential Blackwell deal but has repeatedly accused Washington of using technology controls to ‘maliciously contain and suppress’ Chinese industry.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

US Judiciary confirms cyberattack, moves to reinforce systems

The US Judiciary has confirmed suffering a cyberattack and says it is reinforcing systems to prevent further breaches. In a press release, it described ‘escalated cyberattacks of a sophisticated and persistent nature’ targeting its case management system and sensitive files.

Most documents in the judiciary’s electronic system are public; however, some contain confidential or proprietary information that is sealed from public view. The documents, it warned, are of interest to threat actors, prompting courts to introduce stricter controls on access under monitored conditions.

The Administrative Office of the US Courts is collaborating with Congress, the Department of Justice, the Department of Homeland Security, and other relevant agencies on security measures. No details were given on the exact methods of reinforcement.

The US court system has been a frequent target of cybercrime. Previous incidents include a 2020 federal court breach, a 2024 attack on Washington state courts, and a ransomware strike on the Los Angeles Superior Court in summer 2024.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI-powered heist drains $1m from crypto wallets via Firefox add-ons

Hackers have stolen over $1 million in cryptocurrency using AI-generated malicious Firefox extensions disguised as legitimate wallet tools.

The group, known as GreedyBear, created over 150 fake add-ons for platforms like MetaMask and Phantom, bypassing security checks to drain funds from thousands of users. Analysts say AI enabled the attackers to automate coding and deployment at an industrial scale.

The theft comes amid a record-breaking year for crypto crime, with Chainalysis data showing over $2.17 billion stolen so far in 2025. Many incidents exploit smart contract flaws and human error, with access control attacks accounting for the most recent losses.

Security experts warn that AI is now a double-edged sword, helping attackers and defenders. They urge exchanges, developers, and users to adopt AI-powered monitoring, stronger verification, and collaborative defences to restore trust in digital assets.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Users warned to update WinRAR after active attacks

A critical flaw in the Windows version of WinRAR is being exploited to install malware that runs automatically at startup. Users are urged to update to version 7.13 immediately, as the software does not update itself.

Tracked as CVE-2025-8088, the vulnerability allows malicious RAR files to place content in protected system folders, including Windows startup locations. Once there, the malware can steal data, install further payloads and maintain persistent access.

ESET researchers linked the attacks to the RomCom hacking group, a Russian-speaking operation known for espionage and ransomware campaigns. The flaw has been used in spear-phishing attacks where victims opened infected archives sent via email.

WinRAR’s July update fixes the cybersecurity issue by blocking extractions outside user-specified folders. Security experts recommend caution with email attachments, antivirus scanning of archives and regular checks of startup folders for suspicious files.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!