E-commerce and trade

China says the US used a Microsoft server vulnerability to launch cyberattacks

China has accused the US of exploiting long-known vulnerabilities in Microsoft Exchange servers to launch cyberattacks on its defence sector, escalating tensions in the ongoing digital arms race between the two superpowers.

In a statement released on Friday, the Cyber Security Association of China claimed that US hackers compromised servers belonging to a significant Chinese military contractor, allegedly maintaining access for nearly a year.

The group did not disclose the name of the affected company.

The accusation is a sharp counterpunch to long-standing US claims that Beijing has orchestrated repeated cyber intrusions using the same Microsoft software. In 2021, Microsoft attributed a wide-scale hack affecting tens of thousands of Exchange servers to Chinese threat actors.

Two years later, another incident compromised the email accounts of senior US officials, prompting a federal review that criticised Microsoft for what it called a ‘cascade of security failures.’

Microsoft, based in Redmond, Washington, has recently disclosed additional intrusions by China-backed groups, including attacks exploiting flaws in its SharePoint platform.

Jon Clay of Trend Micro commented on the tit-for-tat cyber blame game: ‘Every nation carries out offensive cybersecurity operations. Given the latest SharePoint disclosure, this may be China’s way of retaliating publicly.’

Cybersecurity researchers note that Beijing has recently increased its use of public attribution as a geopolitical tactic. Ben Read of Wiz.io pointed out that China now uses cyber accusations to pressure Taiwan and shape global narratives around cybersecurity.

In April, China accused US National Security Agency (NSA) employees of hacking into the Asian Winter Games in Harbin, targeting personal data of athletes and organisers.

While the US frequently names alleged Chinese hackers and pursues legal action against them, China has historically avoided levelling public allegations against American intelligence agencies, until now.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China’s Silk Typhoon hackers filed patents for advanced spyware tools

A Chinese state-backed hacking group known as Silk Typhoon has filed more than ten patents for intrusive cyberespionage tools, shedding light on its operations’ vast scope and sophistication.

These patents, registered by firms linked to China’s Ministry of State Security, detail covert data collection software far exceeding the group’s previously known attack methods.

The revelations surfaced following a July 2025 US Department of Justice indictment against two alleged members of Silk Typhoon, Xu Zewei and Zhang Yu.

Both are associated with companies tied to the Shanghai State Security Bureau and connected to the Hafnium group, which Microsoft rebranded as Silk Typhoon in 2022.

Instead of targeting only Windows environments, the patent filings reveal a sweeping set of surveillance tools designed for Apple devices, routers, mobile phones, and even smart home appliances.

Submissions include software for bypassing FileVault encryption, extracting remote cellphone data, decrypting hard drives, and analysing smart devices. Analysts from SentinelLabs suggest these filings offer an unprecedented glimpse into the architecture of China’s cyberwarfare ecosystem.

Silk Typhoon gained global attention in 2021 with its Microsoft Exchange ProxyLogon campaign, which prompted a rare coordinated condemnation by the US, UK, and EU. The newly revealed capabilities show the group’s operations are far more advanced and diversified than previously believed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI and Nscale to build an AI super hub in Norway

OpenAI has revealed its first European data centre project in partnership with British startup Nscale, selecting Norway as the location for what is being called ‘Stargate Norway’.

The initiative mirrors the company’s ambitious $500 billion US ‘Stargate’ infrastructure plan and reflects Europe’s growing demand for large-scale AI computing capacity.

Nscale will lead the development of a $1 billion AI gigafactory in Norway, with engineering firm Aker matching the investment. These advanced data centres are designed to meet the heavy processing requirements of cutting-edge AI models.

OpenAI expects the facility to deliver 230MW of computing power by the end of 2026, making it a significant strategic foothold for the company on the continent.

Sam Altman, CEO of OpenAI, stated that Europe needs significantly more computing to unlock AI’s full potential for researchers, startups, and developers. He said Stargate Norway will serve as a cornerstone for driving innovation and economic growth in the region.

Nscale confirmed that Norway’s AI ecosystem will receive priority access to the facility, while remaining capacity will be offered to users across the UK, Nordics and Northern Europe.

The data centre will support 100,000 of NVIDIA’s most advanced GPUs, with long-term plans to scale as demand grows.

The move follows broader European efforts to strengthen AI infrastructure, with the UK and France pushing for major regulatory and funding reforms.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NHS trial shows AI app halves treatment delays

An AI-powered physiotherapy app has significantly reduced NHS back pain treatment waiting lists in Cambridgeshire and Peterborough by 55%.

The trial, run by Cambridgeshire Community Services NHS Trust, diverted 2,500 clinician hours to more complex cases while offering digital care to routine patients.

The app assesses musculoskeletal (MSK) pain through questions and provides personalised video-guided exercises. It became the first AI physiotherapy tool regulated by the Care Quality Commission and is credited with cutting average MSK wait times from 18 to under 10 weeks.

Patients like Annys Bossom, who initially doubted its effectiveness, found the tool more engaging and valuable than traditional paper instructions.

Data showed that 98% of participants were treated and discharged digitally, while only 2% needed a face-to-face referral.

With growing demand and staff shortages in NHS MSK services, physiotherapists and developers say the technology offers scalable support.

Experts emphasise the need for human oversight and public trust as AI continues to play a larger role in UK healthcare.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI annual revenue doubles to 12 billion

OpenAI has doubled its revenue in the first seven months of 2025, reaching an annualised run rate of about $12 billion.

Surging demand for both consumer ChatGPT products and enterprise-level AI services is the main driver for this rapid growth.

Weekly active users of ChatGPT have soared to approximately 700 million, reflecting the platform’s expanding global reach and wide penetration. 

At the same time, costs have risen sharply, with cash burn projected around $8 billion in 2025, up from previous estimates.

OpenAI is preparing to release its next-generation AI model GPT‑5 in early August, underscoring its focus on innovation to maintain leadership in the AI market.

Despite growing competition from rival firms like DeepSeek, OpenAI remains confident that its technological edge and expanding product portfolio will sustain momentum.

Financial projections suggest potential revenue of $11 billion this year, with continued expansion into enterprise services.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Scattered Spider cyberattacks set to intensify, warn FBI and CISA

The cybercriminal group known as Scattered Spider is expected to intensify its attacks in the coming weeks, according to a joint warning issued by the FBI, CISA, and cybersecurity agencies in Canada, the UK and Australia.

These warnings highlight the group’s increasingly sophisticated methods, including impersonating employees to bypass IT support and hijack multi-factor authentication processes.

Instead of relying on old techniques, the hackers now deploy stealthy tools like RattyRAT and DragonForce ransomware, particularly targeting VMware ESXi servers.

Their attacks combine social engineering with SIM swapping and phishing, enabling them to exfiltrate sensitive data before locking systems and demanding payment — a tactic known as double extortion.

Scattered Spider, also referred to as Okta Tempest, is reportedly creating fake online identities and infiltrating internal communication channels like Slack and Microsoft Teams. In some cases, they have even joined incident response calls to gain insight into how companies are reacting.

Security agencies urge organisations to adopt phishing-resistant multi-factor authentication, audit remote access software, monitor unusual logins and behaviours, and ensure offline encrypted backups are maintained.

More incidents are expected, as the group continues refining its strategies instead of slowing down.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft’s Cloud and AI strategy lifts revenue beyond expectations

Microsoft has reported better-than-expected results for the fourth quarter of its 2025 fiscal year, attributing much of its success to the continued expansion of its cloud services and the integration of AI.

‘Cloud and AI are the driving force of business transformation across every industry and sector,’ said Satya Nadella, Microsoft’s chairman and chief executive, in a statement on Wednesday.

For the first time, Nadella disclosed annual revenue figures for Microsoft Azure, the company’s cloud computing platform. Azure generated more than $75 billion in the fiscal year ending 30 June, representing a 34 percent increase compared to the previous year.

Nadella noted that this growth was ‘driven by growth across all workloads’, including those powered by AI. On average, Azure contributed approximately $19 billion in revenue per quarter.

While this trails Amazon Web Services (AWS), which posted net sales of $29 billion in the first quarter alone, Azure remains a strong second in the cloud market. Google Cloud, by comparison, has an annual run rate of $50 billion, according to parent company Alphabet’s Q2 2025 earnings report.

‘We continue to lead the AI infrastructure wave and took share each quarter this year,’ Nadella told investors during the company’s earnings call.

However, he did not provide specific figures showing how AI factored into the results, a point of interest for financial analysts given Microsoft’s projected $80 billion in capital expenditures this fiscal year to support AI-related data centre expansion.

During the call, Bernstein Research senior analyst Mark Moerdler asked how businesses might ultimately monetise AI as a software service.

Nadella responded with a broad comparison to the cloud business, suggesting the two were now deeply connected. It was left to CFO Amy Hood to offer a more structured explanation.

‘There’s a per-user logic,’ Hood explained. ‘There are tiers of per-user. Sometimes those tiers relate to consumption. Sometimes there are pure consumption models. I think you’ll continue to see a blending of these, especially as the AI model capability grows.’

In essence, Microsoft intends to monetise AI in a manner similar to its traditional software offerings—charging either per user, by usage tier, or based on consumption.

With AI now embedded across Microsoft’s portfolio of products and services, the company appears to be positioning itself to keep attributing more of its revenue to AI-powered innovation.

The numbers suggest there is plenty of revenue to go around. Microsoft posted $76.4 billion in revenue for the quarter, up 18 percent compared to the same period last year.

Operating income stood at $34.3 billion (up 23 percent), with net income reaching $27.2 billion (up 24 percent). Earnings per share climbed 24 percent to $3.65.

For the full fiscal year, Microsoft reported $281.7 billion in revenue—an increase of 15 percent. Operating income rose to $128.5 billion (up 17 percent), while net income hit $101.8 billion (up 16 percent). Annual earnings per share reached $13.64, also up by 16 percent.

Azure forms part of Microsoft’s Intelligent Cloud division, which generated $29.9 billion in quarterly revenue, a 26 percent year-on-year increase.

The Productivity and Business Processes group, which includes Microsoft 365, LinkedIn, and Dynamics, managed to earn $33.1 billion, upping its revenue by 16 percent. Meanwhile, the More Personal Computing segment, covering Windows, Xbox, and advertising, grew nine percent to $13.5 billion.

Despite some concerns among analysts regarding Microsoft’s significant capital spending and the ambiguous short-term returns on AI investments, investor confidence remains strong.

Microsoft’s share price jumped roughly eight percent after the earnings announcement, pushing its market capitalisation above $4 trillion in after-hours trading. It became only the second company, after Nvidia, to cross that symbolic threshold.

Market observers noted that while questions remain over the precise monetisation of AI, Microsoft’s aggressive positioning in cloud infrastructure and AI services has clearly resonated with shareholders.

With AI now woven into the company’s strategic fabric, Microsoft appears determined to maintain its lead in the next phase of enterprise computing.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Taiwan university launches smart farming lab

A new AI-powered agriculture lab in southern Taiwan has opened at the National Pingtung University of Science and Technology. The facility has cutting-edge sensors and automation systems to boost innovative farming capabilities.

Funded by a donation from Taiwan Hipoint, the lab enables real-time monitoring of crop conditions and automated adjustments to growing environments. The AI system analyses sensor and image data to optimise greenhouse conditions and detect early signs of pests or diseases.

Specialised chambers inside the lab simulate various environmental conditions, helping researchers identify ideal settings for plant growth. University staff say the technology is expected to play a crucial role in making agriculture more precise and resource-efficient.

The university also hosted a hands-on greenhouse training camp and showcased its innovations at a major food expo. Located near key research centres, the university aims to become Taiwan’s leading hub for agricultural technology and innovation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China demands Nvidia explain security flaws in H20 chips

China’s top internet regulator has summoned Nvidia to explain alleged security concerns linked to its H20 computing chips.

The Cyberspace Administration of China stated that the chips, which are sold domestically, may contain backdoor vulnerabilities that could pose risks to users and systems.

Instead of ignoring the issue, Nvidia has been asked to submit technical documents and provide a formal response addressing these potential flaws.

The chips are part of Nvidia’s tailored product line for the Chinese market following US export restrictions on advanced AI processors.

The investigation signals tighter scrutiny from Chinese authorities on foreign technology amid ongoing geopolitical tensions and a global race for semiconductor dominance.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

VPN dangers highlighted as UK’s Online Safety Act comes into force

Britons are being urged to proceed with caution before turning to virtual private networks (VPNs) in response to the new age verification requirements set by the Online Safety Act.

The law, now in effect, aims to protect young users by restricting access to adult and sensitive content unless users verify their age.

Instead of offering anonymous access, some platforms now demand personal details such as full names, email addresses, and even bank information to confirm a user’s age.

Although the legislation targets adult websites, many people have reported being blocked from accessing less controversial content, including alcohol-related forums and parts of Wikipedia.

As a result, more users are considering VPNs to bypass these checks. However, cybersecurity experts warn that many VPNs can pose serious risks by exposing users to scams, data theft, and malware. Without proper research, users might install software that compromises their privacy rather than protecting it.

With Ofcom reporting that eight per cent of children aged 8 to 14 in the UK have accessed adult content online, the new rules are viewed as a necessary safeguard. Still, concerns remain about the balance between online safety and digital privacy for adult users.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!