Cybersecurity

Claude Mythos AI model triggers global cyber risk review

Anthropic’s Claude Mythos Preview has drawn attention from financial regulators after the UK AI Security Institute found a notable increase in the model’s cybersecurity capabilities, including stronger performance on multi-step cyber-attack simulations.

AISI said earlier that its evaluation found continued improvement in capture-the-flag challenges and significant improvement in multi-step cyber-attack simulations. The institute said Mythos completed a previously unsolved 32-step simulated corporate network attack, marking the first time one of its tested models had completed that scenario.

Anthropic has also published its own technical assessment of Claude Mythos Preview, describing the model as a general-purpose system with advanced cybersecurity capabilities. The company has limited access to the model, reflecting concerns about the dual-use nature of systems that can support vulnerability discovery and cyber operations.

According to media reports, Anthropic is expected to brief the Financial Stability Board on the cybersecurity implications of Claude Mythos, as regulators examine whether frontier AI models could create new risks for banks and other financial institutions. The reports said the model has not been made publicly available because of concerns that its capabilities could be misused.

The scrutiny comes as financial authorities pay closer attention to the links between AI, cyber resilience and systemic risk. Advanced AI models support defenders by helping identify vulnerabilities and improve security testing, but similar capabilities could also lower the cost and complexity of offensive cyber activity.

Some experts have cautioned against treating Mythos as a wholly new category of threat, arguing that it amplifies existing cyber risks rather than replacing them. Weak authentication, unpatched systems and poor cyber hygiene remain central causes of breaches, making baseline resilience and governance critical as AI capabilities advance.

Why does it matter?

Claude Mythos shows how frontier AI models can become dual-use infrastructure: useful for strengthening cyber defence, but potentially risky if similar capabilities are misused. For financial institutions, the issue is systemic. If advanced models can accelerate vulnerability discovery or cyber operations across interconnected organisations, regulators may need to treat AI model oversight as part of financial stability and cyber resilience planning.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Interpol warns AI is increasing scale and accessibility of cybercrime

Interpol said AI tools are changing cybercrime operations by lowering technical barriers and enabling broader use of online fraud techniques. Interpol Cybercrime Director Neal Jetton said AI tools, including chatbots and automated phishing services, can enable individuals with limited technical expertise to conduct online scams.

According to Interpol, phishing-as-a-service models and AI-generated content are contributing to more scalable fraud campaigns.

Interpol said organised criminal groups are increasingly using outsourced technical services and AI-supported tools in cyber-enabled fraud operations. Law enforcement officials said AI-enabled fraud may increase the scale and profitability of some cybercrime activities.

Interpol said international law enforcement cooperation is expanding in response to cross-border fraud networks and evolving cyber threats. Authorities are focusing on disrupting cross-border fraud infrastructure and strengthening national cyber capabilities as AI-driven threats continue to evolve.

Why does it matter?

AI is effectively industrialising cybercrime by reducing the skill threshold required to execute sophisticated fraud at scale. That shift expands the pool of potential attackers and increases the speed, volume, and personalisation of scams, placing sustained pressure on digital trust in financial, governmental, and communication systems.

At the same time, it forces law enforcement and cybersecurity frameworks to adapt from reactive investigation models to more proactive, intelligence-led, and cross-border coordination mechanisms to keep pace with rapidly evolving threat capabilities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

UK regulator updates online safety guidance on AI-generated intimate imagery

Ofcom has announced proposed measures intended to strengthen protections against illegal intimate image abuse online, including AI-generated explicit deepfakes and non-consensual image sharing.

The UK regulator said it is updating its Illegal Content Codes to recommend that certain online platforms use automated detection technologies to identify illegal intimate images.

According to Ofcom, hash matching systems convert images into digital identifiers that can help platforms detect repeated uploads of harmful content. Ofcom specifically referenced the StopNCII database as a recommended tool for platforms implementing the technology.

Ofcom said the measures are intended to improve protections against AI-generated intimate imagery and digitally manipulated sexual content.

The recommendations complement recent UK legislation addressing non-consensual intimate imagery and AI-enabled nudification tools.

Ofcom said the updated Illegal Content Codes are expected to enter into force in autumn 2026, subject to parliamentary approval. The regulator also said additional online safety measures under consultation may be announced later in the year.

The measures form part of the UK’s implementation of the Online Safety Act and related online safety obligations for digital platforms.

Why does it matter?

AI-generated deepfakes and synthetic sexual imagery are rapidly becoming major online safety and digital rights concerns globally. Regulators increasingly fear that existing moderation systems cannot keep pace with the scale and speed of AI-generated abuse. Ofcom’s decision illustrates how governments are beginning to shift towards mandatory or strongly encouraged proactive detection systems, particularly for highly harmful content involving intimate imagery, harassment, and exploitation.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UK financial regulators highlight operational risks linked to frontier AI

Bank of England, Financial Conduct Authority and HM Treasury have issued a joint statement warning regulated firms about escalating cybersecurity risks associated with frontier AI models.

The authorities said current frontier AI systems already possess cyber capabilities that may exceed those of skilled practitioners in some areas while operating at greater speed and scale. According to the statement, malicious use of these capabilities could increase risks to financial stability, market integrity, customers, and firms’ operational resilience.

UK regulators warned that firms underinvesting in cybersecurity protections may face increased exposure as more advanced AI systems emerge. The statement said regulated firms and financial market infrastructures should strengthen resilience against AI-driven cyber threats.

The guidance highlighted several priority areas, including governance, vulnerability management, third-party and supply-chain risks, data protection, network security, and recovery planning. The authorities urged boards and senior management teams to improve their understanding of frontier AI cyber risks.

Bank of England, Financial Conduct Authority and HM Treasury also warned that frontier AI models could rapidly identify and exploit vulnerabilities across complex technology estates, forcing firms to accelerate patching, remediation, and threat-detection processes. Firms were encouraged to deploy automation and AI-enabled defensive tools capable of responding at a comparable speed to emerging AI-driven attacks.

The statement additionally emphasised growing risks linked to third-party providers, open-source software dependencies, and supply-chain exposure. Regulators said firms should strengthen capabilities to identify, monitor, and manage vulnerabilities linked to third-party providers and software dependencies.

The authorities confirmed they will continue monitoring AI developments and coordinating with industry through the Cross Market Operational Resilience Group.

Why does it matter?

The financial sector increasingly depends on interconnected digital infrastructure, cloud services, AI systems, and third-party software supply chains. Frontier AI could dramatically accelerate both offensive cyber capabilities and defensive security operations, creating a rapidly evolving threat environment where traditional cybersecurity practices may no longer be sufficient.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Indian science ministry outlines AI and quantum technology priorities

India’s Ministry of Science and Technology has outlined a strategy placing AI and quantum sovereignty at the centre of future growth, according to statements by Jitendra Singh. The announcement was made during a programme hosted by the Technology Development Board.

Minister Jitendra Singh said long-term progress in deep technology depends on a coordinated national approach. The minister linked the strategy to the Research, Development and Innovation Fund scheme, which aims to expand private-sector participation in research and innovation.

According to officials, five projects were approved under the scheme in areas including battery technology, satellite systems, healthcare, and unmanned aerial systems. Initial funding disbursement has begun, alongside the release of progress reports and outlining a national quantum safe ecosystem.

Officials said post-quantum cryptography and secure digital infrastructure are emerging priorities under the National Quantum Mission. The announcements were made during a programme hosted by the Technology Development Board in New Delhi, India.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Council of Europe highlights role of democracy and AI governance in security

The Council of Europe has called for a legal and democratic framework for European security in its 2026 annual report, warning that the continent cannot separate security from democracy, human rights, and the rule of law.

Secretary General Alain Berset presented his 2026 annual report, titled ‘The New Democratic Pact for Europe in times of rupture’, to foreign ministers from the Council of Europe’s 46 member states during the Committee of Ministers session in Chişinău on 15 May.

The report states that Europe is increasing defence spending and argues that military measures alone cannot provide lasting security. Berset said democratic security depends on legal safeguards, resilient institutions, and public trust.

The report links Europe’s security challenges to Russia’s invasion of Ukraine, foreign information manipulation, and declining trust in democratic systems. It also stresses that safeguards for human rights and democratic principles must keep pace with rapid technological change, including digital technology and AI.

Berset argues that social rights, health, education, and institutional trust have too often been treated as ‘soft security’. He said security depends on public trust in institutions and resilient democratic systems.

The report presents the state of play of the New Democratic Pact for Europe, launched in 2025 to identify integrated responses to democratic backsliding and renew democratic governance across the continent. Its first consultation phase runs until December 2026.

The annual report is structured around six areas: countering information manipulation and disinformation; promoting social rights; defending equal rights and inclusion; safeguarding elections and democratic processes; supporting civic space and fundamental freedoms; and promoting positive use of digital technology and AI, including action against cyber-enabled threats.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

WEF highlights cybersecurity as a strategic economic priority in the AI era

The World Economic Forum said cybersecurity is rapidly evolving into a strategic economic and national security priority as AI systems, geopolitical tensions, and increasingly interconnected digital ecosystems reshape global cyber risks.

During the Annual Meeting on Cybersecurity 2026 held in Geneva, participants discussed how cyber threats are increasingly affecting economic activity, supply chains, financial systems, and critical infrastructure.

The forum said large-scale cyber incidents can disrupt national economies and critical infrastructure. The report referenced a major 2025 cyberattack that disrupted UK automotive production and reportedly contributed to weaker GDP growth, with estimated economic losses reaching approximately £1.9 billion.

WEF argued that organisations are increasingly abandoning compliance-driven cybersecurity models in favour of measurable resilience strategies focused on rapid recovery, operational continuity, incident response readiness, and stronger governance structures.

AI featured heavily throughout the discussions. The forum warned that attackers are using AI almost universally, allowing cyber operations to become faster, more autonomous, and more scalable. Leaders also highlighted emerging risks linked to agentic AI systems, software supply chain vulnerabilities, and quantum computing developments.

Participants stressed that cyber resilience now requires far broader coordination between governments, regulators, businesses, insurers, and infrastructure operators. Public-private cooperation, information-sharing systems, interoperable intelligence frameworks, and cross-border regulatory coordination were described as increasingly necessary to manage systemic cyber risks.

The discussions also focused on cyber-enabled fraud, scams, and online criminal operations that increasingly target both institutions and ordinary citizens across digital ecosystems. Experts argued that cybersecurity strategies must combine technological protection, digital literacy, public awareness, and platform-level safeguards instead of relying solely on reactive responses.

WEF concluded that cybersecurity is becoming inseparable from economic security and strategic stability in the AI era, with future resilience depending heavily on how effectively governments and industries align incentives, quantify cyber risk, and strengthen cooperation across interconnected systems.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UK’s Ofcom accepts X commitments on illegal hate and terror content moderation

Ofcom has accepted a series of public commitments from X aimed at strengthening protections for UK users against illegal hate speech and terrorist content under the Online Safety Act framework.

Under the commitments, X will review suspected illegal terrorist and hate content reported through its dedicated UK illegal content reporting tool within an average of 24 hours. As a backstop, the platform will review at least 85% of such reports within 48 hours. Ofcom said the targets, if met, would give UK users some of the strongest protections on X globally.

X is also committed to engaging external experts on reporting systems for illegal hate and terror content, following concerns from organisations that reports submitted to the platform were not always clearly acknowledged or acted on. The company also said it would withhold access to accounts reported for posting illegal terrorist content in the UK if it determines they are operated by or on behalf of a terrorist organisation proscribed in the UK.

Ofcom said X will submit quarterly performance data over the next 12 months so the regulator can monitor whether the platform is meeting its commitments. The regulator added that its broader compliance programme examining how major social media services handle illegal hate and terrorist material remains ongoing.

The announcement comes amid wider scrutiny of illegal hate content on major social media platforms. Ofcom said evidence gathered from civil society and expert organisations, including the Antisemitism Policy Trust, Tech Against Terrorism and Tell MAMA, indicates that such content persists on some of the largest social media sites.

Ofcom also noted that its investigation into X’s Grok remains ongoing, focusing on the company’s compliance with duties to deal with illegal content and the systems it has in place to do so.

Why does it matter?

The commitments show how the UK’s Online Safety Act is beginning to translate into concrete performance expectations for major platforms. Review-time targets, expert engagement and regular reporting to Ofcom could make illegal hate and terrorist content moderation more measurable. Still, the wider test will be whether X delivers these protections in practice and whether similar pressure is applied across other large platforms.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Europe’s AI future increasingly depends on electricity and power infrastructure

A new opinion piece published by the World Economic Forum argues that the global AI race is rapidly shifting from software and models towards electricity generation, power infrastructure, and compute capacity.

The analysis by Lucy Yu, CEO for Centre for Net Zero, suggests that Europe’s future competitiveness in AI may depend less on research talent and more on whether the region can deliver clean and reliable energy fast enough to support expanding AI infrastructure.

The article highlights how the US and China continue to dominate the global AI ecosystem through massive investments in data centres, cloud infrastructure, and semiconductor capacity. Europe, meanwhile, faces growing concerns over digital dependence, particularly because US hyperscalers control most of the European cloud market while China maintains a leading position in AI patent filings and industrial deployment.

One of the central concerns involves the speed of infrastructure deployment. Grid connection timelines in some European markets can reportedly stretch close to a decade, while energy prices remain significantly higher than in the USA.

Such delays are already affecting investment decisions, with some operators reportedly bypassing congested electricity networks through direct links to gas-fired power plants, despite Europe’s broader net-zero objectives.

One more argument is that Europe’s challenge is not necessarily a shortage of renewable energy resources, but rather the inability to coordinate energy generation, electricity demand, and infrastructure deployment efficiently.

Offshore wind in the North Sea, southern European solar generation, and Scandinavian hydropower are identified as major strategic assets that remain underutilised because of fragmented infrastructure planning.

Large-scale data centres may help stabilise electricity systems by creating predictable demand patterns capable of improving grid utilisation and spreading infrastructure costs across greater consumption volumes.

Flexible AI data centres, battery systems, distributed energy resources, and AI-powered energy management systems are presented as possible solutions capable of reducing network strain and supporting cleaner electricity integration.

Lucy Yu’s analysis concludes that Europe still has an opportunity to compete in the next phase of AI development, but warns that the window is narrowing quickly. Without faster regulatory coordination, grid modernisation, and energy infrastructure reform, AI investment could increasingly shift towards regions capable of delivering power and compute capacity more rapidly.

Why does it matter?

The debate reflects a major structural shift in the global AI economy. Instead of competing only on algorithms and talent, countries are increasingly competing on access to electricity, semiconductor infrastructure, and data centre capacity. Decisions taken during the next few years could determine whether Europe becomes a major AI infrastructure hub or remains dependent on foreign cloud providers and external compute ecosystems.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UK committee urges stronger online safety protections

The UK Parliament’s Science, Innovation and Technology Committee has urged the government to strengthen online safety protections for young people, following evidence on proposals to restrict social media access for under-16s.

Committee Chair Dame Chi Onwurah wrote to Science, Innovation and Technology Secretary Liz Kendall and AI and Online Safety Minister Kanishka Narayan after an evidence session on age-based restrictions.

The committee said there is strong and consistent evidence of significant individual harms linked to social media use, alongside a growing body of evidence showing wider negative impacts. It said there is a clear need to protect people, especially young users, from those harms.

The letter argues that responsibility for preventing harm should not rest solely on young people or parents. It says government inaction on online safety is not an option and calls for stronger enforcement of existing age restrictions

The committee also urged the government to revisit its July 2025 report on social media misinformation. Although the government accepted almost all of the report’s conclusions, the committee said it rejected almost all recommendations for change. It is now calling for action on misinformation, harmful algorithms, and online harms in the new parliamentary session.

Dame Chi Onwurah said: ‘The status quo, where social media companies are neither accountable nor responsible for preventing harms, isn’t acceptable. It’s clear social media can cause real harm and more must be done to protect people, especially young users. If any other consumer product caused these harms, it would’ve been recalled or changed. Shouldn’t the same be true for social media services and design features?’

She added: ‘The government must urgently address gaps in the regulation, legislation and enforcement of online safety. It should revisit and adopt my committee’s previous recommendations on tackling misinformation and harmful algorithms and bring forward legislation to effectively tackle online harms in the new parliamentary session.’

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.