Digital standards

LockBit ransomware platform breached again

LockBit, one of the most notorious ransomware groups of recent years, has suffered a significant breach of its dark web platform. Its admin and affiliate panels were defaced and replaced with a message linking to a leaked MySQL database, seemingly exposing sensitive operational details.

The message mocked the gang with the line ‘Don’t do crime CRIME IS BAD xoxo from Prague,’ raising suspicions of a rival hacker or vigilante group behind the attack.

The leaked database, first flagged by a threat actor known as Rey, contains 20 tables revealing details about LockBit’s affiliate network, tactics, and operations. Among them are nearly 60,000 Bitcoin addresses, payload information tied to specific targets, and thousands of extortion chat messages.

A ‘users’ table lists 75 affiliate and admin identities, many with passwords stored in plain text—some comically weak, like ‘Weekendlover69.’

While a LockBit spokesperson confirmed the breach via Tox chat, they insisted no private keys were exposed and that losses were minimal. However, the attack echoes a recent breach of the Everest ransomware site, suggesting the same actor may be responsible.

Combined with past law enforcement actions—such as Operation Cronos, which dismantled parts of LockBit’s infrastructure in 2024—the new leak could harm the group’s credibility with affiliates.

LockBit has long operated under a ransomware-as-a-service model, providing malware to affiliates in exchange for a cut of ransom profits. It has targeted both Linux and Windows systems, used double extortion tactics, and accounted for a large share of global ransomware attacks in 2022.

Despite ongoing pressure from authorities, the group has continued its operations—though this latest breach could prove harder to recover from.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Gemini Nano boosts scam detection on Chrome

Google has released a new report outlining how it is using AI to better protect users from online scams across its platforms.

The company says AI is now actively fighting scams in Chrome, Search and Android, with new tools able to detect and neutralise threats more effectively than before.

At the heart of these efforts is Gemini Nano, Google’s on-device AI model, which has been integrated into Chrome to help identify phishing and fraudulent websites.

The report claims the upgraded systems can now detect 20 times more harmful websites, many of which aim to deceive users by creating a false sense of urgency or offering fake promotions. These scams often involve phishing, cryptocurrency fraud, clone websites and misleading subscriptions.

Search has also seen major improvements. Google’s AI-powered classifiers are now better at spotting scam-related content before users encounter it. For example, the company says it has reduced scams involving fake airline customer service agents by over 80 per cent, thanks to its enhanced detection tools.

Meanwhile, Android users are beginning to see stronger safeguards as well. Chrome on Android now warns users about suspicious website notifications, offering the choice to unsubscribe or review them safely.

Google has confirmed plans to extend these protections even further in the coming months, aiming to cover a broader range of online threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI launches data residency in India for ChatGPT enterprise

OpenAI has announced that enterprise and educational customers in India using ChatGPT can now store their data locally instead of relying on servers abroad.

The move, aimed at complying with India’s upcoming data localisation rules under the Digital Personal Data Protection Act, allows conversations, uploads, and prompts to remain within the country. Similar options are now available in Japan, Singapore, and South Korea.

Data stored under this new residency option will be encrypted and kept secure, according to the company. OpenAI clarified it will not use this data for training its models unless customers choose to share it.

The change may also influence a copyright infringement case against OpenAI in India, where the jurisdiction was previously questioned due to foreign server locations.

Alongside this update, OpenAI has unveiled a broader international initiative, called OpenAI for Countries, as part of the US-led $500 billion Stargate project.

The plan involves building AI infrastructure in partner countries instead of centralising development, allowing nations to create localised versions of ChatGPT tailored to their languages and services.

OpenAI says the goal is to help democracies develop AI on their own terms instead of adopting centralised, authoritarian systems.

The company and the US government will co-invest in local data centres and AI models to strengthen economic growth and digital sovereignty across the globe.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

CrowdStrike cuts jobs amid AI shift

Cybersecurity firm CrowdStrike is laying off 500 employees—5% of its workforce—as it shifts towards an AI-led operating model to boost efficiency and hit a $10 billion annual revenue goal.

In a letter to staff, CEO George Kurtz described AI as a ‘force multiplier’ meant to reduce hiring needs instead of expanding headcount.

The restructure, expected to cost up to $53 million through mid-2026, will still see hiring in customer-facing and engineering roles.

Yet despite its optimism, the company’s regulatory filings flag notable risks in depending on AI, such as faulty outputs, legal uncertainty, and the challenge of managing fast-moving systems. Analysts have also linked the shift to wider market pressures, not merely strategic innovation.

Principal analyst Sofia Ali warned that the AI-first approach may backfire if transparency, governance, and human oversight are not prioritised. Over-reliance on automation—especially in threat detection or customer support—could erode user trust instead of reinforcing it, particularly during critical incidents.

CrowdStrike’s move mirrors a broader tech trend: over 52,000 tech jobs were cut in early 2025 as firms embraced AI to replace automatable roles. For cybersecurity leaders, the challenge now lies in balancing AI’s promise with the human expertise essential to trust and resilience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Musk denies OpenAI’s sabotage claims in court battle

Elon Musk has denied accusations from OpenAI that he is waging a campaign to undermine the startup, asserting that his legal actions are justified.

In a recent court filing, Musk’s lawyer dismissed claims that he used lawsuits, social media and press attacks to sabotage OpenAI, stating the real issue lies in the company’s alleged abandonment of its original nonprofit mission.

Musk’s attorney argued that this move fails to address concerns about OpenAI prioritising profit over its charitable goals, labelling the nonprofit structure an ‘inconvenience’ to CEO Sam Altman’s ambitions.

The US legal battle, set for trial in March 2026, stems from Musk’s accusations that OpenAI strayed from its founding principles after taking significant investment from Microsoft.

Meanwhile, OpenAI has countersued, claiming Musk is actively working to harm the company and its relationships with investors and customers.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Indian stock exchanges curb foreign access amid cybersecurity concerns

India’s two largest stock exchanges, the National Stock Exchange (NSE) and BSE Ltd, have temporarily restricted overseas access to their websites amid rising concerns over cyber threats. The move does not affect foreign investors’ ability to trade on Indian markets.

Sources familiar with the matter confirmed the decision followed a joint meeting between the exchanges, although no recent direct attack has been specified.

Despite the restrictions, market operations remain fully functional, with officials emphasising that the measures are purely preventive.

The precautionary step comes during heightened regional tensions between India and Pakistan, though no link to the geopolitical situation has been confirmed. The NSE has yet to comment publicly on the situation.

A BSE spokesperson noted that the exchanges are monitoring cyber risks both domestically and internationally and that website access is now granted selectively to protect users and infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Palantir and partners promise rapid AI deployment in banking

Palantir Technologies, xAI, and TWG Global have announced a new partnership aimed at accelerating the adoption of artificial intelligence across the financial services industry. The initiative promises faster deployment and measurable results within just 90 days.

The collaboration seeks to help financial institutions integrate AI into their core operations. As financial institutions strive to modernise, the companies aim to overcome what they call the ‘agentic tech debt bubble’ and deliver real, scalable value.

The offering combines Palantir’s platform, xAI’s advanced language models, and TWG Global’s operational expertise, including a Governance Foundation for data readiness and a suite of AI-driven tools.

TWG Global will lead implementation efforts, focusing on involving senior executives directly to ensure AI integration becomes a central business strategy rather than a sidelined tech project. The partnership builds on an earlier venture between Palantir and TWG Global.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Apple may replace Google with AI in Safari

Apple may soon reshape how users search the web on iPhones and other devices by integrating AI-powered search engines directly into Safari instead of relying solely on Google.

According to Bloomberg, the company is ‘actively looking at’ expanding options in its browser to include AI systems such as OpenAI’s ChatGPT and Perplexity, potentially disrupting Google’s long-held dominance in online search.

Currently, Google pays Apple around $20 billion a year to remain the default search engine in Safari — about 36% of the search ad revenue generated through Apple devices. But that relationship may be under pressure, especially as AI tools gain popularity.

Apple has already partnered with OpenAI to bring ChatGPT into Siri, while Google is now pushing to include its Gemini AI system in future Apple products.

Alphabet’s shares dropped 6% following the news, while Apple saw a 2% dip. Apple executive Eddy Cue, testifying in an ongoing antitrust case, noted a recent decline in Safari searches and said he expects AI search tools to eventually replace traditional engines like Google.

Apple, he added, plans to introduce these AI services as built-in alternatives in Safari in the near future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LockBit ransomware Bitcoin addresses exposed

Nearly 60,000 Bitcoin addresses linked to LockBit’s ransomware operations have been exposed following a major breach of the group’s dark web affiliate panel.

The leak, which included a MySQL database dump, was shared publicly online and could assist blockchain analysts in tracing LockBit’s financial activity instead of leaving such transactions untracked.

Despite the scale of the breach, no private keys were leaked. A LockBit representative reportedly confirmed the incident in a message, stating that no sensitive access data was compromised.

However, the exposed database included 20 tables, such as one labelled ‘builds’ that contained details about ransomware created by affiliates and their targeted companies.

Another table, ‘chats,’ revealed over 4,400 messages from negotiations between victims and LockBit operators, offering a rare glimpse into the inner workings of ransomware extortion tactics.

Analysts believe the hack may be connected to a separate breach of the Everest ransomware site, as both featured identical messages, hinting at a possible link.

The incident has again underscored the central role of cryptocurrency in the ransomware economy. Each victim is typically given a unique address for payments, making tracking difficult.

Instead of remaining hidden, these addresses now give law enforcement and blockchain experts a chance to trace payments and potentially link them to previously unidentified actors.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Netflix introduces AI chatbot to help you pick what to watch

Netflix is trialling an AI chatbot inside its iOS app, offering a new way for users to find content by simply typing natural phrases instead of relying on standard searches. In this small, opt-in beta, users might say things like ‘I want something funny and upbeat; to receive tailored recommendations.

The company believes the AI chatbot could soon become a core part of its app on both iOS and Android, and perhaps even land on TVs in future.

Alongside this, Netflix is reshaping the user experience by surfacing helpful labels like ‘Emmy Award Winner’ and ‘#1 in TV Shows’ to help viewers choose faster instead of scrolling endlessly.

Search and My List are moving to the top of TV screens for better visibility, and the homepage is getting a cleaner, more modern design.

Netflix says recommendations will also shift dynamically based on a viewer’s mood or interests, although it hasn’t explained exactly how this will work.

On mobile, Netflix plans to roll out a vertical feed of show and movie clips in the coming weeks. You’ll be able to tap to watch, save, or share immediately—turning content discovery into a quick and interactive experience instead of a chore.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!