Avocado Consulting urges Australian organisations to boost software supply chain security after a high-alert warning from the Australian Cyber Security Centre (ACSC). The alert flagged threats, including social engineering, stolen tokens, and manipulated software packages.
Dennis Baltazar of Avocado Consulting said attackers combine social engineering with living-off-the-land techniques, making attacks appear routine. He warned that secrets left across systems can turn small slips into major breaches.
Baltazar advised immediate audits to find unmanaged privileged accounts and non-human identities. He urged embedding security into workflows by using short-lived credentials, policy-as-code, and default secret detection to reduce incidents and increase development speed for users in Australia.
Avocado Consulting advises organisations to eliminate secrets from code and pipelines, rotate tokens frequently, and validate every software dependency by default using version pinning, integrity checks, and provenance verification. Monitoring CI/CD activity for anomalies can also help detect attacks early.
Failing to act could expose cryptographic keys, facilitate privilege escalation, and result in reputational and operational damage. Avocado Consulting states that secure development practices must become the default, with automated scanning and push protection integrated into the software development lifecycle.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A Canadian privacy investigation has found that TikTok has not taken sufficient measures to prevent children under 13 from accessing its platform or to protect their personal data.
Despite stating that the app is not intended for young users, the report states that hundreds of thousands of Canadian children use it yearly.
The investigation also found that TikTok collects vast amounts of data from users, including children, and uses it for targeted ads and content, potentially harming youth.
In response, TikTok agreed to strengthen safeguards and clarify data practices but disagreed with some findings.
The probe is part of growing global scrutiny over TikTok’s privacy and security practices, with similar actions taken in the USA and EU amid ongoing concerns about the Chinese-owned app’s data handling and national security implications.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A new AI system developed by the UK Cabinet Office has helped reclaim nearly £500m in fraudulent payments, marking the government’s most significant recovery of public funds in a single year.
The Fraud Risk Assessment Accelerator analyses data across government departments to identify weaknesses and prevent scams before they occur.
It uncovered unlawful council tax claims, social housing subletting, and pandemic-related fraud, including £186m linked to Covid support schemes. Ministers stated the savings would be redirected to fund nurses, teachers, and police officers.
Officials confirmed the tool will be licensed internationally, with the US, Canada, Australia, and New Zealand among the first partners expected to adopt it.
The UK announced the initiative at an anti-fraud summit with these countries, describing it as a step toward global cooperation in securing public finances through AI.
However, civil liberties groups have raised concerns about bias and oversight. Previous government AI systems used to detect welfare fraud were found to produce disparities based on age, disability, and nationality.
Campaigners warned that the expanded use of AI in fraud detection risks embedding unfair outcomes if left unchecked.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Officials want to know how these companies detect fraudulent content and what safeguards they use to prevent scams. For app stores, the focus is on fake financial applications imitating legitimate banking or trading services.
For Booking.com, attention is paid to fraudulent accommodation listings, while Bing and Google Search face scrutiny over links and ads, leading to scam websites.
The Commission asked platforms how they verify business identities under ‘Know Your Business Customer’ rules to prevent harm from suspicious actors. Companies must also share details of their ad repositories, enabling regulators and researchers to spot fraudulent ads and patterns.
By taking these steps, the Commission aims to ensure that actions under the DSA complement broader consumer protection measures already in force across the European Union.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A collaboration between OpenAI, Oracle, and SoftBank has announced five new data centres under the Stargate initiative, a $500 billion plan to expand US AI computing infrastructure.
The latest sites bring total planned capacity to nearly 7 gigawatts, with over $400 billion already committed, putting the project ahead of schedule to meet its 2025 target of 10 gigawatts.
Oracle will lead three projects in Texas, New Mexico and the Midwest, adding over 5.5 gigawatts of capacity and creating more than 25,000 jobs.
SoftBank will develop facilities in Ohio and Texas, expected to scale to 1.5 gigawatts within 18 months. SB Energy, its affiliate, will provide rapid-build infrastructure for the Texas site.
The companies described the expansion as a step toward faster deployment and greater cost efficiency, making high-performance computing more widely accessible.
Site selection followed a nationwide review of more than 300 proposals, with further projects under evaluation, suggesting investment could surpass the original commitment.
OpenAI CEO Sam Altman stressed that compute power is key to unlocking AI’s promise, while Oracle and SoftBank leaders highlighted scalable infrastructure and energy expertise as central to the initiative. With Stargate, the partners aim to anchor the next wave of AI innovation on US soil.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Meta will provide its Llama AI model to key European institutions, NATO, and several allied countries as part of efforts to strengthen national security capabilities.
The company confirmed that France, Germany, Italy, Japan, South Korea, and the EU will gain access to the open-source model. US defence and security agencies and partners in Australia, Canada, New Zealand, and the UK already use Llama.
Meta stated that the aim is to ensure democratic allies have the most advanced AI tools for decision-making, mission planning, and operational efficiency.
Although its terms bar use for direct military or espionage applications, the company emphasised that supporting allied defence strategies is in the interest of nations.
The move highlights the strategic importance of AI models in global security. Meta has positioned Llama as a counterweight to other countries’ developments, after allegations that researchers adapted earlier versions of the model for military purposes.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Google is rapidly expanding AI Mode, its generative AI-powered search assistant. The company has announced that the feature is now rolling out globally in Spanish. Spanish speakers can now interact with AI Mode to ask complex questions that traditional Search handles poorly.
AI Mode has seen swift adoption since its launch earlier this year. First introduced in March, the feature was rolled out to users across the US in May, followed by its first language expansion earlier this month.
Hindi, Indonesian, Japanese, Korean, and Brazilian Portuguese were the first languages added, and Spanish now joins the list. Google says more languages will follow soon as part of its global AI Mode rollout.
Google says the feature is designed to work alongside Search, not replace it, offering conversational answers with links to supporting sources. The company has stressed that responses are generated with safety filters and fact-checking layers.
The rollout reflects Google’s broader strategy to integrate generative AI into its ecosystem, spanning Search, Workspace, and Android. AI Mode will evolve with multimodal support and tighter integration with other Google services.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
ByteDance has unveiled Seedream 4.0, its latest AI-powered image generation model, which it claims outperforms Google DeepMind’s Gemini 2.5 Flash Image. The launch signals ByteDance’s bid to rival leading creative AI tools.
Developed by ByteDance’s Seed division, the model combines advanced text-to-image generation with fast, precise image editing. Internal testing reportedly showed superior prompt accuracy, image alignment, and visual quality compared to US-developed DeepMind’s system.
Artificial Analysis, an independent AI benchmarking firm, called Seedream 4.0 a significant step forward. The model integrates Seedream 3.0’s generation capability with SeedEdit 3.0’s editing tools while maintaining a price of US$30 per 1,000 generations.
ByteDance claims that Seedream 4.0 runs over 10 times faster than earlier versions, enhancing the user experience with near-instant image inference. Early users have praised its ability to make quick, text-prompted edits with high accuracy.
The tool is now available to users in China through Jimeng and Doubao AI apps and businesses via Volcano Engine, ByteDance’s cloud platform. A formal technical report supporting the company’s claims has not yet been released.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Eurojust has coordinated a large-scale operation to dismantle a cryptocurrency fraud scheme worth more than €100 million across Europe. The action, requested by Spanish and Portuguese authorities, resulted in the arrest of five suspects, including the alleged mastermind.
Victims from Germany, France, Italy, Spain and other countries were lured into false investment platforms promising high returns.
Investigations revealed that funds were funnelled mainly through Lithuanian bank accounts to launder the illicit proceeds. Victims were later asked to pay additional fees to recover their money, after which the fraudulent websites vanished, leaving many with severe losses.
The scheme has been running since 2018, affecting people in 23 countries.
Authorities in Spain, Portugal, Italy, Romania and Bulgaria conducted searches and froze bank accounts and financial assets. Eurojust backed a Spain-Lithuania investigation team, while Europol sent a cryptocurrency expert to support operations in Portugal.
The coordinated action also relied on European Arrest Warrants, Investigation Orders and freezing orders. National agencies and prosecutors across Europe united in one of the most significant efforts against cryptocurrency fraud.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The European Union and Indonesia have concluded negotiations on a Comprehensive Economic Partnership Agreement (CEPA) and an Investment Protection Agreement (IPA), strongly emphasising technology, digitalisation and sustainable industries.
The agreements are designed to expand trade, secure critical raw materials, and drive the green and digital transitions.
Under the CEPA, tariffs on 98.5% of trade lines will be removed, cutting costs by €600 million annually and giving EU companies greater access to Indonesia’s fast-growing technology sectors, including electric vehicles, electronics and pharmaceuticals.
European firms will also gain full ownership rights in key service areas such as computers and telecommunications, helping deepen integration of digital supply chains.
A deal that embeds commitments to the Paris Agreement while promoting renewable energy and low-carbon technologies. It also includes cooperation on digital standards, intellectual property protections and trade facilitation for sectors vital to Europe’s clean tech and digital industries.
With Indonesia as a leading producer of critical raw materials, the agreement secures sustainable and predictable access to inputs essential for semiconductors, batteries and other strategic technologies.
Launched in 2016, the negotiations concluded after the political agreement reached in July 2025 between Presidents Ursula von der Leyen and Prabowo Subianto. The texts will undergo legal review before the EU and Indonesia ratification, opening a new chapter in tech-enabled trade and innovation.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
