European Commission launches AI cyber defence strategy

The European Commission has presented an Action Plan on Cybersecurity and Artificial Intelligence to strengthen Europe’s response to AI-related cyber risks.

The plan aims to help member states, businesses and public authorities use AI safely while addressing the cybersecurity risks created by advanced AI models.

The Commission said AI can help detect vulnerabilities, prevent cyberattacks and protect critical infrastructure. However, it warned that malicious actors can also use AI to automate attacks, identify weaknesses and carry out cyber operations at greater speed and scale.

The Action Plan focuses on three objectives: promoting the safe and responsible use of advanced AI, reinforcing EU cybersecurity and resilience, and scaling up Europe’s AI capabilities for cybersecurity.

The Commission said it will strengthen Europe’s capacity to evaluate AI models before they are placed on the EU market, in line with the AI Act.

It will also work with ENISA to develop a European Blueprint for secure access to advanced AI systems for cybersecurity purposes.

A secure testing platform will support organisations in critical sectors, including energy, transport, health, finance and public administration, in testing and deploying AI solutions safely.

The plan also encourages the use of AI, including open-source models where appropriate, to detect vulnerabilities faster and improve prevention and response to cyberattacks.

The Commission said it will launch an EU Grand Challenge on AI for cybersecurity to support the development of new AI-powered security solutions.

Why does it matter?

AI is becoming central to both cyber defence and cybercrime. The EU Action Plan recognises that advanced models can help defenders detect vulnerabilities and respond faster, but can also help attackers automate operations and scale incidents. By linking AI model evaluation, critical-sector testing, ENISA cooperation, existing cybersecurity laws and investment in sovereign AI capabilities, the Commission is trying to turn AI cybersecurity into a coordinated EU policy area rather than leaving it to fragmented national or private-sector responses.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Claude Fable 5, frontier AI models and the future of cybersecurity

The release of Anthropic’s Claude Fable 5 may prove to be one of the most significant AI developments of 2026. At first glance, the launch appeared to be another milestone in the rapidly evolving frontier AI landscape, showcasing improvements in reasoning, software engineering and complex problem solving.

Yet within days, Fable 5 became the centre of an international debate involving cybersecurity, national security, export controls and technological sovereignty.

Anthropic introduced Fable 5 as a public-facing version of its more advanced Mythos 5 model, offering access to frontier-level capabilities while incorporating additional safeguards designed to limit misuse in sensitive domains.

Anthropic has launched Claude Fable 5

The company presented the model as a major step forward in AI performance, particularly in coding, reasoning and autonomous task completion. However, concerns surrounding its cybersecurity capabilities quickly caught the attention of policymakers and security agencies.

The situation escalated when the USA imposed export control restrictions, affecting access to Anthropic’s most advanced models. What began as a product launch rapidly evolved into a broader discussion about whether frontier AI systems should be treated as strategic technologies comparable to advanced semiconductors, encryption systems, or critical infrastructure.

The story, however, did not end there. Less than three weeks later, the US government lifted the restrictions after Anthropic introduced additional safeguards, strengthened collaboration with federal authorities, and agreed to participate in a broader framework for evaluating frontier AI security.

Rather than representing a simple regulatory dispute, the episode demonstrated how frontier AI governance is becoming an evolving process built upon continuous technical assessment, industry cooperation, and government oversight.

The Fable 5 episode highlights a reality that is increasingly difficult to ignore. AI is no longer simply a tool for productivity and innovation. Frontier models are emerging as technologies with profound implications for cybersecurity, national defence, economic competitiveness, and international relations.

As governments and companies struggle to understand the opportunities and risks associated with increasingly capable AI systems, Fable 5 offers an early glimpse into what could become one of the defining policy debates of the coming decade.

The rise of frontier AI models

The concept of a frontier AI model refers to the most advanced systems available at a given moment. These models represent the leading edge of AI capabilities and often demonstrate performance levels significantly beyond previous generations.

Claude Fable 5 belongs to this category. Anthropic designed the model to perform complex reasoning tasks, analyse large quantities of information, generate software code and assist users with sophisticated technical challenges.

Unlike earlier generations of AI assistants that primarily focused on conversational interactions, frontier models increasingly function as problem-solving systems capable of performing intricate tasks across multiple domains.

One of the most notable characteristics of Fable 5 is its ability to assist with software engineering and technical analysis. The model can review source code, identify patterns, suggest improvements and help users navigate highly complex technical environments.

Such capabilities are particularly valuable in cybersecurity, where analysts often face enormous volumes of code, logs and threat intelligence data.

Behind Fable 5 is Mythos 5, a model that Anthropic initially released only to trusted participants in Project Glasswing, a programme focused on defensive cybersecurity research.

More organisations gain access through Anthropic to advanced AI cyber defence tools.

While Mythos offers stronger offensive cybersecurity capabilities for vetted organisations, Fable 5 was designed for broader public use with significantly stronger safeguards that limit potentially dangerous behaviour without substantially reducing its usefulness for legitimate applications.

Anthropic has emphasised that Fable 5 was subjected to extensive testing and red teaming before its release. In the weeks preceding its launch, the company reportedly reassigned researchers and engineers from multiple teams to strengthen its cybersecurity protections, reflecting a growing recognition that frontier models require safety engineering on a scale previously unseen in commercial AI development.

The challenge is that the same qualities that make frontier models like the Fable 5 valuable also make them strategically important. As AI capabilities continue to advance, governments increasingly view these systems not merely as software products but as assets with potential national security implications.

Why the USA intervened

The US decision to restrict access to Anthropic’s most advanced models marked a significant turning point in the AI governance debate.

Historically, the release of AI systems has largely been managed by technology companies themselves. Governments have generally focused on regulation and oversight rather than direct intervention in model availability.

The response to Fable 5 suggests that such an approach may be changing.

The primary concern involved cybersecurity capabilities. Mythos-class models demonstrated the ability to identify software vulnerabilities and assist with highly advanced technical analysis. While such capabilities offer substantial defensive benefits, they also raise concerns about potential misuse.

The immediate trigger came after Amazon researchers identified a technique capable of bypassing some of Fable 5’s cybersecurity safeguards.

During testing, the model successfully identified several software vulnerabilities and, in one instance, generated code illustrating how one of those vulnerabilities could be exploited.

Although Anthropic argued that comparable outputs could also be obtained from several existing AI models and that the behaviour did not expose Mythos-level offensive capabilities, the incident convinced US authorities that additional safeguards were necessary before wider deployment.

From a national security perspective, policymakers increasingly fear that highly capable AI systems could assist malicious actors in discovering vulnerabilities, developing exploits or conducting cyber operations at a scale that exceeds existing defensive capabilities.

As a result, access to frontier models is beginning to resemble access to other strategically important technologies.

The restrictions also generated controversy because they affected not only geopolitical competitors but also close allies.

Since Anthropic had no practical method for verifying users’ nationality in real time, it temporarily suspended access to both Fable 5 and Mythos 5 for all users rather than attempting selective enforcement.

The incident highlighted the growing reality that access to frontier AI may increasingly become subject to geopolitical considerations.

Yet the restrictions ultimately proved temporary. Following intensive collaboration between Anthropic, Amazon, and US government agencies, the Department of Commerce lifted the export controls after Anthropic implemented stronger safeguards.

US Commerce Department Anthropic Claude Fable 5

The company introduced a new safety classifier capable of blocking reported behaviour in more than 99% of tested cases while redirecting potentially dangerous requests to its less capable Opus 4.8 model.

The episode represents a significant shift in frontier AI governance. Rather than relying solely on regulation or voluntary commitments, governments and developers increasingly appear to favour continuous technical evaluation, rapid safeguard improvements and close operational cooperation.

AI as a cybersecurity defender

Despite concerns about misuse, the defensive potential of frontier AI models is immense.

Cybersecurity professionals face an increasingly difficult environment. Organisations must defend against ransomware groups, state-sponsored actors, supply chain attacks, phishing campaigns and countless other threats.

At the same time, many organisations struggle with cybersecurity talent shortages and limited resources.

Frontier models offer a potential solution.

Systems such as Fable 5 can analyse software code, identify vulnerabilities, process threat intelligence and support incident response activities at speeds that would be impossible for human analysts alone. Tasks that previously required days of manual effort can often be completed in minutes.

The implications extend well beyond private sector organisations. Governments, healthcare providers, financial institutions, energy companies and critical infrastructure operators could all benefit from AI-assisted security capabilities.

Frontier models may help defenders identify vulneabilities before attackers discover them, improving overall resilience across digital ecosystems.

Anthropic argues that Mythos 5 was specifically developed to support trusted organisations engaged in defensive cybersecurity. Rather than serving as an offensive cyber tool, the model is intended to accelerate vulnerability discovery, strengthen software security and improve defensive research.

In many respects, it illustrates the central dilemma surrounding frontier AI. The same capability that appears dangerous in one context may become invaluable when deployed responsibly by trusted defenders.

The US government has increasingly recognised the potential. Recent policy initiatives encourage frontier AI developers to collaborate with federal agencies through pre-release testing, shared evaluations and coordinated threat intelligence.

Anthropic has now committed to expanding that cooperation by providing designated government partners with early access to future frontier models, supporting joint research efforts and participating in security evaluations before broader public deployment.

Perhaps most importantly, the Fable 5 episode demonstrates that cybersecurity is becoming one of the primary drivers of frontier AI development.

While public attention often focuses on conversational abilities or creative applications, governments increasingly judge advanced models by their ability to strengthen national cyber resilience.

As cyber threats continue to grow in scale and sophistication, frontier AI like Fable 5 may become an indispensable component of future defensive strategies.

The emergence of the AI-enabled attacker

The problem is that cybersecurity has always been a dual-use domain. Every major defensive innovation has historically created new opportunities for offensive actors, and frontier AI models are unlikely to be an exception.

Ironically, the same capabilities that help defenders can often help attackers.

A model capable of identifying vulnerabilities can potentially assist malicious actors in locating weaknesses within software systems. A system that helps defenders analyse code can also support offensive security research.

Likewise, a model capable of generating scripts for legitimate automation may also assist with harmful activities if appropriate safeguards are bypassed.

Frontier AI cybersecurity

Such a reality has led many experts to describe frontier AI as both a shield and a sword.

Security agencies have repeatedly warned that AI is lowering the barriers to entry for cybercriminals. Activities that once required extensive technical expertise may become increasingly accessible through AI assistance.

Phishing campaigns, malware development, reconnaissance operations, exploit research, and vulnerability discovery could all become faster and considerably more efficient.

The concern that extends beyond individual hackers is that organised cybercriminal groups and state-sponsored actors already possess substantial technical expertise.

Frontier AI does not necessarily replace that expertise, but it has the potential to amplify it significantly. Operations that previously required specialised teams and considerable preparation may eventually be conducted more rapidly, with greater precision, and at a much larger scale.

The emergence of AI agents further increases these concerns. Unlike traditional chat-based assistants, autonomous agents are increasingly capable of performing multi-step tasks with limited human supervision.

In a cybersecurity context, Fable 5 and similar systems could theoretically identify vulnerabilities, gather intelligence, write software, execute defensive workflows, or assist with incident response almost autonomously. The same autonomy, however, could also be abused if deployed for malicious purposes.

Rather than eliminating cyber threats, frontier AI may fundamentally change the nature of digital conflict. Success may increasingly depend not only on technological capability but also on who can adapt more quickly as AI systems continue to evolve.

The limits of safety guardrails

Recognising the risks associated with powerful AI systems, Anthropic implemented extensive safeguards within Fable 5.

The company sought to make the model widely accessible while limiting its ability to assist with highly sensitive activities. Certain cybersecurity, biological and other high-risk requests are subject to additional restrictions. Anthropic has argued that such measures significantly reduce the likelihood of misuse.

Unlike previous generations of AI models, Fable 5 relies on multiple overlapping layers of protection rather than a single safety mechanism. Anthropic describes this approach as defence in depth.

Fable 5 Anthropic multilayer protection AI model

The model combines behavioural training, specialised safety classifiers, continuous monitoring, and post-deployment analysis to detect potentially harmful cybersecurity requests before they reach the model itself.

One of the most important components of the system is the use of dedicated safety classifiers. These smaller AI systems analyse prompts in real time to determine whether they involve potentially dangerous cybersecurity activities.

Requests that appear harmful or sufficiently ambiguous are blocked before the model generates a response.

Following the June export control directive, Anthropic introduced an improved classifier specifically designed to detect the jailbreak technique identified by Amazon researchers. According to the company, the updated safeguard blocks the reported behaviour in more than 99 per cent of tested cases.

An additional layer of protection redirects blocked requests away from Fable 5 altogether. Instead of simply refusing to respond, certain requests are automatically transferred to Anthropic’s less capable Opus 4.8 model, allowing legitimate users to continue working while preventing access to Fable 5’s more advanced cybersecurity capabilities.

Yet the broader AI industry has learned that no safeguard system is perfect.

Researchers continue to demonstrate that even highly protected frontier models remain vulnerable to sophisticated jailbreak techniques and adversarial attacks. Determined users often find creative ways to circumvent restrictions, particularly when motivated by financial gain or malicious intent.

Anthropic itself acknowledges that it is probably impossible to develop a frontier AI model that is completely immune to jailbreaks. Rather than pursuing absolute protection, the company aims to make successful attacks sufficiently difficult, resource-intensive, and technically demanding enough to make the overwhelming majority of malicious attempts impractical.

Such a philosophy represents an important evolution in AI safety. Security is no longer viewed as a binary condition in which systems are either safe or unsafe. Instead, it is increasingly understood as a continuous process of risk reduction, rapid adaptation, and ongoing improvement.

Does it mean that safeguards are ineffective?

On the contrary, they play a critical role in reducing risk and raising barriers to misuse. However, the Fable 5 debate illustrates that AI safety should be understood as an ongoing process rather than a final destination.

As frontier models become increasingly capable, organisations will need to invest continuously in monitoring, testing and improving security measures. The challenge is not simply to build safeguards but to adapt them within an environment where both AI capabilities and attack techniques evolve rapidly.

AI sovereignty and strategic dependence

Perhaps the most unexpected consequence of the Fable 5 controversy was the renewed focus on AI sovereignty.

AI sovereignty security infrastructure

For years, discussions about technological sovereignty centred on semiconductors, telecommunications infrastructure and cloud computing. Frontier AI models are now becoming part of this debate.

The temporary disruption of access to Anthropic’s most advanced systems demonstrated how governments, businesses and research institutions can become dependent on technologies they do not control.

If access to frontier AI can be restricted through export controls or national security directives, organisations may face strategic vulnerabilities similar to those associated with dependence on foreign energy supplies or critical infrastructure.

Although the restrictions were ultimately lifted, the episode served as an important reminder that access to frontier AI increasingly depends not only on technological capability but also on trust between governments, developers and international partners.

Anthropic’s decision to strengthen safeguards, deepen cooperation with US authorities and expand information sharing became central to restoring global access to Fable 5.

The issue is particularly relevant for the EU and other allied nations. Many countries possess strong AI research communities but remain dependent on a relatively small number of companies for access to the world’s most advanced models.

As a result, policymakers are increasingly discussing sovereign AI capabilities, domestic model development and technological autonomy. What once seemed like a long-term aspiration is now viewed by many as an urgent strategic consideration.

The Fable 5 episode revealed that access to AI itself could become a geopolitical issue.

Frontier models and the future of cybersecurity

Looking ahead, frontier AI models are likely to transform cybersecurity in ways that far exceed current debates.

Future defensive systems could continuously monitor networks, analyse software, identify vulnerabilities, and recommend mitigations with minimal human intervention.

AI-powered assistants could become standard components of security operations centres, helping analysts respond to threats more effectively.

At the same time, offensive capabilities are likely to evolve. Adversaries may use AI to automate reconnaissance, analyse targets and adapt attack strategies dynamically. Cybersecurity may increasingly involve interactions between competing AI systems rather than interactions solely between human operators.

Some experts argue that the future of cyber conflict will be defined by machine-versus-machine competition, with humans providing oversight and strategic direction rather than performing every operational task themselves.

Equally significant is the emerging effort to establish common security standards for frontier AI.

One of the most important outcomes of the Fable 5 controversy has been Anthropic’s collaboration with Amazon, Microsoft, Google and other Project Glasswing partners to develop a shared framework for evaluating AI jailbreaks.

The proposed methodology assesses capability gains, breadth of misuse, ease of weaponisation, and discoverability, creating a common language through which developers and governments can evaluate the severity of newly identified vulnerabilities.

If successful, such a framework could play a role similar to the Common Vulnerability Scoring System, which has long provided the cybersecurity community with a common method for assessing software vulnerabilities.

Standardising how AI jailbreaks are evaluated would enable developers to prioritise responses more consistently while allowing governments to better understand the actual level of risk posed by newly discovered attacks.

The initiative also reflects a broader shift in frontier AI governance. Rather than relying exclusively on post-deployment regulation, governments and developers are increasingly cooperating during the development process through pre-release testing, shared evaluations, coordinated threat intelligence, and continuous red teaming.

2151977487

Such a future offers enormous potential benefits. It could significantly improve security outcomes, reduce response times, and strengthen resilience across critical infrastructure sectors.

Yet it also introduces new challenges involving accountability, transparency, control, and governance. Ensuring that increasingly autonomous systems remain aligned with human objectives will become one of the central cybersecurity questions of the AI era.

Conclusion

The release of Claude Fable 5 may ultimately be remembered as more than a technological milestone. It represents one of the clearest examples to date of how AI, cybersecurity, national security, and technological sovereignty are becoming deeply interconnected.

For defenders, frontier AI models offer unprecedented opportunities to strengthen security, improve resilience, and respond more effectively to an increasingly complex threat environment. For attackers, many of the same capabilities create opportunities to automate, scale, and enhance malicious operations.

The resulting tension lies at the heart of the Fable 5 debate. Frontier AI is neither inherently beneficial nor inherently harmful. Its impact depends on how it is developed, governed, and deployed.

Perhaps the most important lesson from the Fable 5 episode is that frontier AI governance is beginning to move from theory to practice.

The rapid sequence of export controls, technical reviews, stronger safeguards, renewed deployment and closer cooperation between Anthropic and the US government demonstrates that innovation and security do not necessarily have to be in opposition.

Instead, they increasingly depend on continuous collaboration between governments, researchers, technology companies, and the broader cybersecurity community.

Ultimately, we may remember Fable 5 not simply as another AI product launch, but as one of the first moments when the world began to recognise that access to advanced AI could become a strategic issue in its own right.

As governments, organisations, and citizens, each of us is becoming part of that transition.

The challenge is no longer whether AI will reshape cybersecurity, but whether we can establish the trust, standards and international cooperation necessary to ensure that frontier models like Fable 5 strengthen digital resilience rather than undermine it for generations to come.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

ENISA warns frontier AI is compressing cyberattack timelines

The European Union Agency for Cybersecurity has warned that frontier AI models are compressing cyberattack timelines and challenging traditional defence practices.

In a July 2026 paper, ENISA said advanced AI models are reducing the time between vulnerability discovery and exploitation, creating new pressure on vulnerability management, patching and incident response.

The agency said open-weight models may reach similar capabilities within 9 to 12 months, while existing models combined with skilled security experts can already produce comparable results.

ENISA warned that attackers may gain access to exploits before fixes are available, while legacy systems and end-of-life products could become more exposed to AI-assisted vulnerability discovery.

The agency also said more frequent patch releases may increase the risk of service disruption, while open-source maintainers could be overwhelmed by AI-generated vulnerability reports.

Security fundamentals still matter, but ENISA said defenders must apply them faster. It recommended shifting resources from vulnerability discovery towards risk-based prioritisation, rapid triage, remediation and risk reduction.

The paper also calls for defensive AI tools to be integrated into software development, incident response and threat modelling, with human-gated workflows and stronger workforce skills.

At the EU level, ENISA said existing frameworks, including NIS2, the Cyber Resilience Act, and the EU AI Act, should be used to assess and mitigate systemic risks linked to advanced AI models.

For defenders, the agency recommended near-real-time security operations, AI-assisted threat modelling, dynamic incident response pipelines and single-digit-minute detection and response targets.

Why does it matter?

ENISA’s paper frames frontier AI as a structural cybersecurity challenge, not just another tool for attackers or defenders. If vulnerability discovery, exploit development, and lateral movement happen at machine speed, organisations will need faster triage, stronger automation and clearer human oversight. The report also connects AI cybersecurity to the EU’s wider regulatory framework, showing that NIS2, the Cyber Resilience Act and the AI Act will all matter in managing systemic cyber risks from advanced models.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Europol denies bypassing EU data protection rules

Europol has rejected allegations that it operated a ‘secret’ or ‘shadow’ database outside the EU data protection rules.

In a new fact-check, the agency said recent reports misrepresented two long-established operational environments used to support digital investigations and online information analysis.

Europol said its Computer Forensic Network is used to analyse complex digital evidence securely in support of criminal investigations.

It also said the Internet-Facing Operational Environment is used to collect and triage publicly available online information before relevant material is transferred to Europol’s operational systems in accordance with applicable legal requirements.

The agency said neither environment was created to bypass oversight or data protection obligations.

Europol also published a timeline showing that both systems have existed for many years and have evolved alongside changes to its legal framework, governance and supervisory arrangements.

The agency said it has worked with the European Data Protection Supervisor on governance improvements, technical modernisation and safeguards, including after regulatory changes introduced in 2022.

Europol said public debate on law enforcement and privacy should be based on accurate descriptions of operational systems and their oversight.

Why does it matter?

The dispute highlights the tension between law enforcement’s need to process large volumes of digital evidence and the privacy safeguards required under the EU law. Europol’s response is important because operational data systems used in cybercrime, terrorism and serious organised crime investigations can affect fundamental rights if oversight, retention and access rules are unclear. The case also shows why transparency about investigative infrastructure matters for public trust, especially as law enforcement agencies modernise their data-processing capabilities.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Reddit expands AI moderation to combat spam and harmful content

Reddit has expanded its automated moderation systems to reduce spam, inauthentic activity and harmful content across the platform.

The company said it is using AI to detect manipulated and spam-like behaviour through new signals and faster enforcement.

Reddit said suspicious accounts can now be identified from the moment they are created, while large language models help detect coordinated fake behaviour and artificial hype that older systems may miss.

According to the company, updated automated systems are blocking 23 million spam views each day before they reach users.

They are also identifying around 25,000 new spam posts and comments daily and revoking nearly two million inauthentic votes per day.

Reddit said user exposure to spam fell by about 20% from January to March 2026 compared with the previous three months, followed by a further 10% to 15% decline in overall spam account exposure.

The company has also expanded automated enforcement against hate and violent content across all English-language text on Reddit.

The average enforcement time for such content has fallen to under 5 seconds, while enforcement actions have increased by more than 200%, according to Reddit.

The company said faster enforcement has reduced exposure to potentially harmful content by more than 40%, while false removals have also fallen by over 40%.

Reddit said AI-based tools remain part of a wider moderation model that includes site-wide safety teams, volunteer community moderators and user voting.

Why does it matter?

Reddit’s update shows how major platforms are using AI not only to generate or recommend content, but also to police authenticity, spam and harmful behaviour at scale. Faster automated enforcement can reduce user exposure before content spreads, but it also raises familiar governance questions around transparency, false positives, appeals and the balance between automation and human moderation. The company’s emphasis on layered moderation suggests that AI is becoming central to platform safety, while still depending on human teams, volunteer moderators and community signals.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UK firms sign Cyber Resilience Pledge amid rising AI threats

The UK government has launched a voluntary Cyber Resilience Pledge, with more than 60 businesses and strategic government suppliers committing to strengthening their cyber defences.

Founding signatories include companies from retail, finance, media, technology and utilities, including M&S, Nationwide, ITV, Microsoft UK, Cloudflare, Deloitte, Accenture UK, Vodafone Group and VodafoneThree.

The pledge asks organisations to take three practical steps: make cybersecurity a board-level responsibility, register for the National Cyber Security Centre’s Early Warning service and take a risk-based approach to requiring Cyber Essentials certification across supply chains.

The government said the pledge is designed mainly for medium and large organisations, but is open to organisations of all sizes and sectors.

Signatories will be asked to publish a signed pledge letter and provide an annual update on progress.

The launch comes ahead of the government’s National Cyber Action Plan, which is expected to set out further cooperation with industry on cyber resilience in the AI era.

According to the government, cyberattacks cost UK organisations an estimated £14.7 billion a year, while the NCSC handled 204 nationally significant incidents in the year to September, up from 89 the previous year.

Officials also warned that AI is lowering barriers for attackers by helping them find software weaknesses, write exploit code and scale attacks more quickly.

Why does it matter?

The pledge elevates cyber resilience to board-level corporate governance, rather than treating it solely as an IT function. Its supply-chain focus is also important because major cyber incidents often spread through vendors, service providers and connected business partners. By linking the pledge to AI-enabled threats, the UK government is signalling that basic cyber hygiene, governance and supply-chain assurance remain essential even as attacks become faster and more automated.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Alberta uses Claude Code to review government systems

The Government of Alberta has used Anthropic’s Claude Code to review and secure provincial government systems, according to a case study published by the company. Anthropic said Alberta’s Ministry of Technology and Innovation used Claude Code with its Opus and Sonnet models to analyse code, identify vulnerabilities and support remediation.

According to Anthropic, the ministry scanned 466 million lines of code in about 20 hours, covering systems used across 27 provincial ministries. Around 50 AI agents worked in parallel to identify security vulnerabilities, infrastructure weaknesses and documentation gaps.

The ministry manages about 1,280 applications and 3,400 code repositories supporting services including social services, public safety and wildfire response. Anthropic said many had never undergone comprehensive security reviews, resulting in accumulated technical debt and incomplete documentation.

Alberta used a two-stage review process. A rules engine first identified known patterns, after which Claude Code analysed the results and cited the relevant files and lines for each finding. Anthropic said the approach uncovered issues that conventional automated scanning tools had missed.

Claude Code was also used to generate fixes, write tests where needed and assist with modernising legacy systems. Anthropic said ministry engineers reviewed and approved all proposed patches before deployment, maintaining human oversight throughout the remediation process.

Alberta also developed specialised Claude-based review agents for continuous security testing during software development. These include red-team agents that probe applications for vulnerabilities, blue-team agents that assess compliance with security standards, and additional agents that review code quality and public-facing content.

Why does it matter?

The case illustrates how governments are beginning to use AI coding agents to modernise and secure large portfolios of legacy software, an area that has traditionally required significant time and specialised expertise. If these tools prove reliable, they could help public administrations reduce technical debt, improve cybersecurity and accelerate software maintenance across critical public services.

At the same time, the deployment highlights the importance of governance in public-sector AI adoption. Alberta’s reported use of human review before implementing AI-generated changes reflects a growing emphasis on combining AI-assisted development with oversight, accountability and established security practices.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Australia records highest data breach notifications since 2018

Australia recorded its highest annual number of data breach notifications in 2025 since mandatory reporting began in 2018, according to the Office of the Australian Information Commissioner.

The regulator received 1,205 notifications under the Notifiable Data Breaches scheme in 2025, an 8% increase from 1,112 in 2024.

Organisations covered by the Privacy Act must notify the OAIC of data breaches that are likely to result in serious harm to affected individuals.

Malicious or criminal activity remained the leading cause of reported breaches, accounting for 716 notifications. Cyber hacking continued to be the main cause of reported incidents.

Health service providers were the most affected sector, reporting 225 breaches, or 19% of the annual total. Financial services, Australian government agencies, business and professional associations, education providers and legal, accounting and management services were also among the most affected sectors.

The OAIC has released a new quick reference guide to help organisations assess potential breaches, decide whether notification is required and understand how to report incidents.

Privacy Commissioner of Australia, Carly Kind, said the threat posed by data breaches to Australian businesses and organisations is substantial and rising year on year.

The regulator’s latest privacy attitudes survey also found that data breaches remain the top privacy concern for Australians, with 82% expressing concern, up from 74% in 2023.

Why does it matter?

Rising breach notifications show that data protection is becoming a persistent operational and regulatory challenge for Australian organisations. The dominance of malicious activity and cyber hacking links privacy compliance directly to cybersecurity preparedness, especially in sensitive sectors such as health. OAIC’s new guide also signals a push towards faster, clearer breach assessment and notification, which matters for affected individuals as well as regulated entities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Sysdig reports first documented agentic ransomware case

Cloud security firm Sysdig says it has documented the first known case of agentic ransomware, after observing an AI-driven extortion operation it tracks as JADEPUFFER.

According to Sysdig, the operation began with exploiting CVE-2025-3248 on an internet-facing Langflow instance. Langflow is an open-source framework for building LLM-driven applications and agent workflows.

The attacker then pivoted towards a production database server running MySQL and Alibaba Nacos.

Sysdig said the operation was driven by a large language model rather than a traditional human-led toolkit. The agent carried out reconnaissance, credential harvesting, lateral discovery, persistence and destructive database activity.

The company said JADEPUFFER executed more than 600 distinct payloads and adapted to failures in real time. In one case, the agent moved from a failed login attempt to a corrected working approach in 31 seconds.

CyberScoop later reported Sysdig’s clarification that the attack was not fully human-free. A person still set up and directed the operation, provisioned command-and-control and staging infrastructure, chose the victim, and supplied credentials likely obtained through a prior compromise.

Sysdig also said API keys for OpenAI, Anthropic, DeepSeek and Gemini were among the material the agent collected from the compromised environment. That does not confirm which model powered the attack.

The case is notable less for novel techniques than for automation. Sysdig said the attack relied on known vulnerabilities and exposed infrastructure, but an AI agent chained the steps together quickly and carried out a ransomware-style database extortion workflow.

Why does it matter?

JADEPUFFER shows how agentic AI could change cybercrime by automating work that previously required skilled operators. Even if humans still choose targets and set up infrastructure, agents can speed up reconnaissance, credential theft, lateral movement and destructive activity once access is available. The defensive lesson is immediate: exposed AI tools, unpatched systems, leaked credentials, and internet-facing databases become more dangerous when attackers can automate exploitation and adaptation at machine speed.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

MEPs to debate EU AI cybersecurity strategy

Members of the European Parliament are set to question the European Commission on its latest AI and cybersecurity proposals, including a new AI cybersecurity strategy expected to be unveiled on 7 July.

According to the European Parliament’s plenary newsletter, the Commission’s action plan is expected to include measures to help EU member states and companies address AI-related cybersecurity risks.

The strategy is also expected to strengthen Europe’s AI cybersecurity capabilities as policymakers examine how AI is reshaping both cyber threats and cyber defence.

The debate follows the European Commission’s welcome of the G7 cybersecurity declaration on strengthening global cyber resilience. Parliament is also considering two legislative proposals collectively referred to as the ‘Cybersecurity Act 2‘.

The proposals are expected to address issues including the NIS2 framework, the role of the EU Agency for Cybersecurity (ENISA), the EU cybersecurity certification framework and ICT supply chain security.

The debate is scheduled for 7 July, as part of a European Commission statement followed by parliamentary scrutiny.

Why does it matter?

The debate shows that AI-related cybersecurity risks are becoming part of the EU’s broader cyber resilience agenda. By linking AI policy with NIS2, ENISA, certification and supply chain security, the EU is preparing to treat AI not only as an innovation priority but also as a cybersecurity concern.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!