Cybersecurity

Sedgwick breach linked to TridentLocker ransomware attack

Sedgwick has confirmed a data breach at its government-focused subsidiary after the TridentLocker ransomware group claimed responsibility for stealing 3.4 gigabytes of data. The incident underscores growing threats to federal contractors handling sensitive US agency information.

The company said the breach affected only an isolated file transfer system used by Sedgwick Government Solutions, which serves agencies such as DHS, ICE, and CISA. Segmentation reportedly prevented any impact on wider corporate systems or ongoing client operations.

TridentLocker, a ransomware-as-a-service group that appeared in late 2025, listed Sedgwick Government Solutions on its dark web leak site and posted samples of stolen documents. The gang is known for double-extortion tactics, combining data encryption and public exposure threats.

Sedgwick has informed US law enforcement and affected clients while continuing to investigate with external cybersecurity experts. The firm emphasised operational continuity and noted no evidence of intrusion into its claims management servers.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU pushes for open-source commercialisation to reduce tech dependence

The European Commission is preparing a strategy to commercialise European open-source software in an effort to strengthen digital sovereignty and reduce dependence on foreign technology providers.

The plan follows a consultation highlighting that EU funding has delivered innovation, although commercial scale has often emerged outside Europe instead of within it.

Open-source software plays a strategic role by decentralising development and limiting reliance on dominant technology firms.

Commission officials argue that research funding alone cannot deliver competitive alternatives, particularly when public and private contracts continue to favour proprietary systems operated by non-European companies.

An upcoming strategy, due alongside the Cloud and AI Development Act in early 2026, that will prioritise community upscaling, industrial deployment and market integration.

Governance reforms and stronger supply chain security are expected to address vulnerabilities that can affect widely used open-source components.

Financial sustainability will also feature prominently, with public sector partnerships encouraged to support long-term viability.

Brussels hopes wider public adoption of open-source tools will replace expensive or data-extractive proprietary software, reinforcing Europe’s technological autonomy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Researchers launch AURA to protect AI knowledge graphs

A novel framework called AURA has been unveiled by researchers aiming to safeguard proprietary knowledge graphs in AI systems by deliberately corrupting stolen copies with realistic yet false data.

The approach is designed to preserve full utility for authorised users while rendering illicit copies ineffective instead of relying solely on traditional encryption or watermarking.

AURA works by injecting ‘adulterants’ into critical nodes of knowledge graphs, chosen using advanced algorithms to minimise changes while maximising disruption for unauthorised users.

Tests with GPT-4o, Gemini-2.5, Qwen-2.5, and Llama2-7B showed that 94–96% of correct answers in stolen data were flipped, while authorised access remained unaffected.

The framework protects valuable intellectual property in sectors such as pharmaceuticals and manufacturing, where knowledge graphs power advanced AI applications.

Unlike passive watermarking or offensive poisoning, AURA actively degrades stolen datasets, offering robust security against offline and private-use attacks.

With GraphRAG applications proliferating, major technology firms, including Microsoft, Google, and Alibaba, are evaluating AURA to defend critical AI-driven knowledge.

The system demonstrates how active protection strategies can complement existing security measures, ensuring enterprises maintain control over their data in an AI-driven world.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Healthcare systems face mounting risk from CrazyHunter ransomware

CrazyHunter ransomware has emerged as a growing threat to healthcare organisations, with repeated attacks targeting hospitals and medical service providers. The campaign focuses on critical healthcare infrastructure, raising concerns about service disruption and the exposure of sensitive patient data.

The malware is developed in Go and demonstrates a high level of technical maturity. Attackers gain initial access by exploiting weak Active Directory credentials, then use Group Policy Objects to distribute the ransomware rapidly across compromised networks.

Healthcare institutions in Taiwan have been among the most affected, with multiple confirmed incidents reported by security researchers. The pattern suggests a targeted campaign rather than opportunistic attacks, increasing pressure on regional healthcare providers to strengthen defences.

Once deployed, CrazyHunter turns off security tools and encrypts files to conceal its activity. Analysts note the use of extensive evasion techniques, including memory-based execution and redundant encryption methods, to ensure the delivery of the payload.

CrazyHunter employs a hybrid encryption scheme that combines ChaCha20 and elliptic curve cryptography, utilising partial file encryption to expedite the impact. Encrypted files receive a ‘.Hunter’ extension, with recovery dependent on the attackers’ private keys, reinforcing the pressure to pay ransoms.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

World Liberty Financial files to launch national trust bank for USD1

World Liberty Financial’s WLTC Holdings LLC has applied with the Office of the Comptroller of the Currency to establish World Liberty Trust Company, National Association (WLTC), a national trust bank designed for stablecoin operations.

The move aims to centralise issuance, custody, and conversion of USD1, the company’s dollar-backed stablecoin. USD1 has grown rapidly, reaching over $3.3 billion in circulation during its first year.

The trust company will serve institutional clients, providing stablecoin conversion and secure custody for USD1 and other supported stablecoins.

WLTC will operate under federal supervision, offering fee-free USD1 issuance and redemption, USD conversion, and custody with market-rate conversions. Operations will comply with the GENIUS Act and follow strict AML, sanctions, and cybersecurity protocols.

The stablecoin is fully backed by US dollars and short-duration Treasury obligations, operating across ten blockchain networks, including Ethereum, Solana, and TRON.

By combining regulatory oversight with full-stack stablecoin services, WLTC seeks to provide institutional clients with clarity and efficiency in digital asset operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

New UK cyber strategy focuses on trust in online public services

The UK government has announced new measures to strengthen the security and resilience of online public services as more interactions with the state move online. Ministers say public confidence is essential as citizens increasingly rely on digital systems for everyday services.

Backed by more than £210 million, the UK Government Cyber Action Plan outlines how cyber defences and digital resilience will be improved across the public sector. A new Government Cyber Unit will coordinate risk identification, incident response, and action on complex threats spanning multiple departments.

The plan underpins wider efforts to digitise public services, including benefits applications, tax payments, and healthcare access. Officials argue that secure systems can reduce bureaucracy and improve efficiency, but only if users trust that their data is protected.

The announcement coincides with parliamentary debate on the Cyber Security and Resilience Bill, which sets clearer expectations for companies supplying services to the government. The legislation is intended to strengthen cyber resilience across critical supply chains.

Ministers also highlighted new steps to address software supply chain risks, including a Software Security Ambassador Scheme promoting basic security practices. The government says stronger cyber resilience is essential to protect public services and maintain public trust.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Universal Music Group partners with NVIDIA on AI music strategy

UMG has entered a strategic collaboration with NVIDIA to reshape how billions of fans discover, experience and engage with music by using advanced AI.

An initiative that combines NVIDIA’s AI infrastructure with UMG’s extensive global catalogue, aiming to elevate music interaction instead of relying solely on traditional search and recommendation systems.

The partnership will focus on AI-driven discovery and engagement that interprets music at a deeper cultural and emotional level.

By analysing full-length tracks, the technology is designed to surface music through narrative, mood and context, offering fans richer exploration while helping artists reach audiences more meaningfully.

Artist empowerment sits at the centre of the collaboration, with plans to establish an incubator where musicians and producers help co-design AI tools.

The goal is to enhance originality and creative control instead of producing generic outputs, while ensuring proper attribution and protection of copyrighted works.

Universal Music Group and NVIDIA also emphasise responsible AI development, combining technical safeguards with industry oversight.

By aligning innovation with artist rights and fair compensation, both companies aim to set new standards for how AI supports creativity across the global music ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Roblox rolls out facial age checks for chat

The online gaming platform, Roblox, has begun a global rollout requiring facial age checks before users can access chat features, expanding a system first tested in selected regions late last year.

The measure applies wherever chat is available and aims to create age-appropriate communication environments across the platform.

Instead of relying on self-declared ages, Roblox uses facial age estimation to group users and restrict interactions, limiting contact between adults and children under 16. Younger users need parental consent to chat, while verified users aged 13 and over can connect more freely through Trusted Connections.

The company says privacy safeguards remain central, with images deleted immediately after secure processing and no image sharing allowed in chat. Appeals, ID verification and parental controls support accuracy, while ongoing behavioural checks may trigger repeat age verification if discrepancies appear.

Roblox plans to extend age checks beyond chat later in 2026, including creator tools and community features, as part of a broader push to strengthen online safety and rebuild trust in youth-focused digital platforms.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Digi Yatra glitch delays identical twins at Mumbai airport

Identical twins were briefly delayed at Mumbai airport after Digi Yatra facial recognition failed to distinguish between them. The incident occurred during automated entry at Chhatrapati Shivaji Maharaj International Airport.

Mumbai airport staff stepped in quickly, carrying out manual identity checks using physical documents. Both passengers were cleared to travel without missing their flight.

Digi Yatra officials stated that such mismatches are rare and can occur in cases of identical twins. Passengers always retain the option of conventional ID-based verification.

The episode has renewed debate around biometric reliability and the need for human oversight. Experts stress technology must support, not replace, assisted passenger checks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

NVIDIA and Siemens build new industrial AI operating system

Siemens and NVIDIA have expanded their strategic partnership to build what they describe as an Industrial AI operating system.

The collaboration aims to embed AI-driven intelligence throughout the entire industrial lifecycle, from product design and engineering to manufacturing, operations and supply chains.

Siemens will contribute industrial AI expertise alongside hardware and software, while NVIDIA will provide AI infrastructure, simulation technologies and accelerated computing platforms.

The companies plan to develop fully AI-driven adaptive manufacturing sites, beginning in 2026 with Siemens’ electronics factory in Erlangen, Germany.

Digital twins will be used as active intelligence tools instead of static simulations, allowing factories to analyse performance in real time, test improvements virtually and convert successful adjustments directly into operational changes.

Both firms will also accelerate semiconductor design by combining Siemens’ EDA tools with NVIDIA’s GPU-accelerated computing and AI models. The goal is to shorten design cycles, improve manufacturing yields and support the development of advanced AI-enabled products.

The partnership also aims to create next-generation AI factories that optimise power, cooling, automation and infrastructure efficiency.

Siemens and NVIDIA intend to use the same technologies internally to improve their own operations before scaling them to customers. They argue the partnership will help industries adopt AI more rapidly and reliably, while supporting more resilient and sustainable manufacturing worldwide.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!