Digital cooperation

AI agents face prompt injection and persistence risks, researchers warn

Zenity Labs warned at Black Hat USA that widely used AI agents can be hijacked without interaction. Attacks could exfiltrate data, manipulate workflows, impersonate users, and persist via agent memory. Researchers said knowledge sources and instructions could be poisoned.

Demos showed risks across major platforms. ChatGPT was tricked into accessing a linked Google Drive via email prompt injection. Microsoft Copilot Studio agents leaked CRM data. Salesforce Einstein rerouted customer emails. Gemini and Microsoft 365 Copilot were steered into insider-style attacks.

Vendors were notified under coordinated disclosure. Microsoft stated that ongoing platform updates have stopped the reported behaviour and highlighted built-in safeguards. OpenAI confirmed a patch and a bug bounty programme. Salesforce said its issue was fixed. Google pointed to newly deployed, layered defences.

Enterprise adoption of AI agents is accelerating, raising the stakes for governance and security. Aim Labs, which had previously flagged similar zero-click risks, said frameworks often lack guardrails. Responsibility frequently falls on organisations deploying agents, noted Aim Labs’ Itay Ravia.

Researchers and vendors emphasise layered defence against prompt injection and misuse. Strong access controls, careful tool exposure, and monitoring of agent memory and connectors remain priorities as agent capabilities expand in production.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Staff welcome AI but call for clear boundaries

New research shows that most workers are open to using AI tools at work, but resist the idea of being managed by them. Workers are far more positive about AI recommending skills or collaborating alongside them.

The Workday study found that while 82% of organisations are expanding AI agent use, only 30% of employees feel comfortable being overseen by such systems.

Nine in ten respondents believe AI can boost productivity, yet nearly half fear it could erode critical thinking and add to workloads. Trust in the technology grows with experience, with 95% of regular users expressing confidence compared with 36% of those new to AI.

Sensitive functions such as hiring, finance, and legal work remain areas where human oversight is preferred. Many see AI as a partner that complements judgement and empathy rather than replacing them entirely.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UK minister defends use of live facial recognition vans

Dame Diana Johnson, the UK policing minister, has reassured the public that expanded use of live facial recognition vans is being deployed in a measured and proportionate manner.

She emphasised that the tools aim only to assist police in locating high-harm offenders, not to create a surveillance society.

Addressing concerns raised by Labour peer Baroness Chakrabarti, who argued the technology was being introduced outside existing legal frameworks, Johnson firmly rejected such claims.

She stated that UK public acceptance would depend on a responsible and targeted application.

By framing the technology as a focused tool for effective law enforcement rather than pervasive monitoring, Johnson seeks to balance public safety with civil liberties and privacy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Russia to phase out Mastercard and Visa

The Bank of Russia is preparing to phase out Mastercard and Visa cards and to switch to the domestic Mir payment system. Authorities plan a gradual timeline for banks to replace international cards, letting consumers switch at their own pace while keeping access to current accounts.

Visa and Mastercard have operated only domestically since leaving the Russian market after the 2022 invasion of Ukraine. The share of these cards in circulation is declining as more Russians adopt Mir.

The Central Bank has extended its validity temporarily, but a clear deadline for complete replacement is now being discussed.

Russia plans to launch the digital rouble alongside the card transition in September 2026. Only a limited framework for digital coins in foreign trade is expected to remain, highlighting Russia’s broader push for financial sovereignty.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Crypto crime unit expands with Binance

Tron, Tether, and TRM Labs have announced the expansion of their T3 Financial Crime Unit (T3 FCU) with Binance as the first T3+ partner. The unit has frozen over $250 million in illicit crypto assets since its launch in September 2024.

The T3 FCU works with global law enforcement to tackle money laundering, investment fraud, terrorism financing, and other financial crimes. The new T3+ programme unites exchanges and institutions to share intelligence and tackle threats in real time.

Recent reports highlight the urgency of these efforts. Over $3 billion in crypto was stolen in the first half of 2025, with some hacks laundering funds in under three minutes. Only around 4% of stolen assets were recovered during this period, underscoring the speed and sophistication of modern attacks.

Debate continues over the role of stablecoin issuers and exchanges in freezing funds. Tether’s halt of $86,000 in stolen USDt highlights fast recovery but raises concerns over decentralised principles amid calls for stronger industry-wide security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

West Midlands to train 2.3 million adults in AI skills

All adults in the West Midlands will be offered free training on using AI in daily life, work and community activities. Mayor Richard Parker confirmed the £10m initiative, designed to reach 2.3 million residents, as part of a wider £30m skills package.

A newly created AI Academy will lead the programme, working with tech companies, education providers and community groups. The aim is to equip people with everyday AI know-how and the advanced skills needed for digital and data-driven jobs.

Parker said AI should become as fundamental as English or maths and warned that failure to prioritise training would risk deepening a skills divide. The programme will sit alongside other £10m projects focused on bespoke business training and a more inclusive skills system.

The WMCA, established in 2017, covers Birmingham, Coventry, Wolverhampton and 14 other local authority areas in the UK. Officials say the AI drive is central to the region’s Growth Plan and ambition to become the UK’s leading hub for AI skills.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU targets eight members states over cybersecurity directive implementation delay

Eight EU countries, including Ireland, Spain, France, Bulgaria, Luxembourg, the Netherlands, Portugal, and Sweden, have been warned by the European Commission for failing to meet the deadline on the implementation of the NIS2 Directive.

What is the NIS2 Directive about?

The NIS2 Directive, adopted by the EU in 2022, is an updated legal framework designed to strengthen the cybersecurity and resilience of critical infrastructure and essential services. Essentially, this directive replaces the 2016 NIS Directive, the EU’s first legislation to improve cybersecurity across crucial sectors such as energy, transport, banking, and healthcare. It set baseline security and incident reporting requirements for critical infrastructure operators and digital service providers to enhance the overall resilience of network and information systems in the EU.

With the adoption of the NIS2 Directive, the EU aims to broaden the scope to include not only traditional sectors like energy, transport, banking, and healthcare, but also public administration, space, manufacturing of critical products, food production, postal services, and a wide range of digital service providers.

NIS2 introduces stricter risk management, supply-chain security requirements, and enhanced incident reporting rules, with early warnings due within 24 hours. It increases management accountability, requiring leadership to oversee compliance and undergo cybersecurity training.

It also imposes heavy penalties for violations, including up to €10 million or 2% of global annual turnover for essential entities. The Directive also aims to strengthen EU-level cooperation through bodies like ENISA and EU-CyCLONe.

Member States were expected to transpose NIS2 into national law by 17 October 2024, making timely compliance preparation critical.

What is a directive?

There are two main types of the EU laws: regulations and directives. Regulations apply automatically and uniformly across all member states once adopted by the EU.

In contrast, directives set specific goals that member states must achieve but leave it up to each country to decide how to implement them, allowing for different approaches based on each member state’s capacities and legal systems.

So, why is there a delay in implementing the NIS2 Directive?

According to Insecurity Magazine, the delay is due to member states’ implementation challenges, and many companies across the EU are ‘not fully ready to comply with the directive.’ Six critical infrastructure sectors are facing challenges, including:

  • IT service management is challenged by its cross-border nature and diverse entities
  • Space, with limited cybersecurity knowledge and heavy reliance on commercial off-the-shelf components
  • Public administrations, which “lack the support and experience seen in more mature sectors”
  • Maritime, facing operational technology-related challenges and needing tailored cybersecurity risk management guidance
  • Health, relying on complex supply chains, legacy systems, and poorly secured medical devices
  • Gas, which must improve incident readiness and response capabilities

The deadline for the implementation was 17 October 2024. In May 2025, the European Commission warned 19 member states about delays, giving them two months to act or risk referral to the Court of Justice of the EU. It remains unclear whether the eight remaining holdouts will face further legal consequences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Anthropic adds recall ability to Claude

Anthropic has added a user-triggered memory function to its Claude chatbot, allowing it to search and summarise previous chats on request. The feature helps users resume projects without repeating themselves.

The upgrade works across web, desktop and mobile platforms and is currently available to Max, Team and Enterprise subscribers, with wider rollout planned.

Claude’s memory does not automatically store personal profiles. Instead, when prompted, it retrieves relevant past chats, prioritising user privacy while enhancing usability.

With this feature, Anthropic aims to make Claude more competitive against rivals like ChatGPT by improving AI continuity in user experience across sessions.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Elderly patient hospitalised after ChatGPT’s dangerous dietary advice

Hospital records show that a man in his sixties ended up hospitalised with neurological and psychiatric symptoms after replacing table salt with sodium bromide, based on AI-generated advice from ChatGPT. The condition, known as bromism, includes paranoia, hallucinations and coordination issues.

Medical staff noted unusual thirst and paranoia around drinking water. Shortly after admission, the patient experienced auditory and visual hallucinations and was placed under an involuntary psychiatric hold due to grave disability.

The incident underscores the serious risks of relying on AI tools for health guidance. In this case, ChatGPT did not issue warnings or ask for medical context when recommending sodium bromide, a toxic alternative.

Experts stress that AI should never replace professional healthcare consultation, particularly for complex or rare conditions.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Blue Origin begins accepting cryptocurrency for space travel

Blue Origin has opened its doors to cryptocurrency enthusiasts, allowing passengers to pay for suborbital spaceflights in Bitcoin, Ether, Solana, USDt and USDC. Partnering with Shift4 Payments, Blue Origin will take direct wallet transfers from MetaMask and Coinbase for New Shepard flights.

The move adds to a growing trend of blockchain ventures in aerospace. Past projects have ranged from NFTs sent to space to the launch of satellites hosting decentralised networks.

Spacecoin XYZ recently began building an orbital blockchain network. World Mobile is also rolling out a decentralised 5G system using hydrogen-powered drones to deliver affordable, high-speed internet to underserved regions.

Blue Origin’s ties to crypto go back years. In 2021, Tron founder Justin Sun purchased a $28 million ticket for a Blue Origin flight, with the funds benefiting 19 space-related charities.

Following the journey, Sun called for global action to protect Earth, a message that resonates as technology and space exploration continue to intersect.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot