Economic

Cloudflare outage causes global internet disruption after an internal error

A major outage on 20 February disrupted global internet traffic after an internal configuration failure at Cloudflare caused the unintended withdrawal of customer BGP routes.

The incident lasted just over six hours and left numerous services unreachable, despite early fears of a cyberattack. An internal update led to the systematic deletion of more than a thousand Bring Your Own IP prefixes, which pushed many connections into BGP path hunting instead of stable routing.

Engineers traced the disruption to an error in the company’s Addressing API, introduced during an automated cleanup task under the Code Orange resilience programme.

A flawed query interpreted an empty value as an instruction to delete all returned prefixes, removing essential bindings for hundreds of customers. Some users restored connectivity through the dashboard, while others required manual reconstruction carried out across the edge network.

An outage that affected a series of core offerings, including content delivery, security layers, dedicated egress and network protection services. Restoration took several hours because the withdrawn prefixes varied in severity, demanding different recovery methods instead of a uniform reinstatement process.

The error triggered widespread timeouts on dependent websites and applications, along with 403 responses on the 1.1.1.1 DNS resolver.

Cloudflare plans to introduce stricter API validation, circuit breakers for abnormal deletion patterns, and improved configuration separation. It has also issued a public apology for a failure that undermined its assurances of network resilience.

An event that reaffirmed the risks posed by internal automation faults when they interact with critical internet infrastructure.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Phishing messages target IndiaAI and Impact Summit 2026 participants

IndiaAI has issued an urgent advisory warning of a phishing campaign targeting attendees of the India AI Impact Summit 2026. Fraudulent SMS and WhatsApp messages claim refunds are pending and request sensitive financial details.

Organisers said the messages are not official and have not been authorised. Recipients are being urged to click links and provide full card numbers, WhatsApp numbers, and other contact information to ‘process’ refunds.

IndiaAI advised participants not to click suspicious links or share personal or banking information with unverified sources. Attendees in India are encouraged to delete such messages immediately and block the sender’s number.

Anyone who may have submitted details through a suspicious link should contact their bank without delay to secure their accounts. Organisers stressed that event-related communication will only be shared through official channels.

The advisory was issued under the AI Impact Summit 2026 banner, themed ‘Welfare for All | Happiness of All’, as authorities seek to prevent financial fraud linked to the high-profile gathering.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Deutsche Bank expands digital asset plans 

The German banking giant has applied for a digital asset custody licence from BaFin, marking a significant step in its expansion into cryptocurrency services. The move positions Deutsche Bank to offer safekeeping solutions for clients seeking exposure to digital assets.

Plans form part of a broader strategy to build a dedicated digital assets division, according to David Lynne, a commercial banking executive. DWS Group’s initiatives highlight rising institutional interest in crypto partnerships in Germany.

Previous experimentation includes a tokenised investment platform developed in Singapore with Memento Blockchain, enabling access to digital asset funds through fiat on-ramps.

Activity mirrors wider domestic momentum, as Deutsche WertpapierService Bank has already launched crypto infrastructure linking traditional and digital accounts.

Regulatory clarity and growing client demand appear to be key drivers, with Deutsche Bank signalling a cautious yet deliberate approach to integrating cryptocurrencies into its mainstream banking services.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Strict ban on crypto references introduced by OpenClaw

OpenClaw has introduced a firm community rule prohibiting any reference to Bitcoin or other cryptocurrencies on its Discord server, according to its creator, Peter Steinberger.

Enforcement drew attention after a user was removed for mentioning Bitcoin block height as a timing method in a benchmark, with the developer later offering to restore access.

The policy follows a rebrand scare when scammers hijacked old accounts to promote a fake Solana token. Market value spiked then plunged after Steinberger denied involvement, warning that no official token would be issued.

Rapid growth of the open-source project, which has attracted a large developer base within weeks of launch, contrasts with wider industry momentum linking AI agents and digital assets.

Leaders such as Jeremy Allaire of Circle argue stablecoins could become default payment rails for autonomous software, while Coinbase is already rolling out infrastructure enabling agents to transact on-chain.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Generative AI presents the biggest data-risk challenge in history

Cybersecurity specialists warn that generative AI systems, such as large language models, are creating a data risk frontier far larger than that posed by previous digital innovations.

Because these models are trained on extensive datasets drawn from web pages, internal documents, email corpora and proprietary sources, they can unintentionally memorise or regenerate sensitive information, increasing the risk of exposure.

The article highlights several core concerns. Data leakage and memorisation, where AI models can repeat or infer private data if training processes are not tightly controlled.

Amplification of poor hygiene, when generative tools can magnify the reach of bad actors by automating phishing, social engineering, and malware generation at scale.

Compounding breach impact, if an AI model is trained on stolen or leaked data, it could internalise and regurgitate that information without detection, entrenching harm. Cloud and access governance gaps that allow organisations to adopt AI without robust access controls and encryption may widen their attack surface.

The author calls for revised data governance frameworks, including strict training data provenance, auditability, encryption, minimisation and purpose limitation, to mitigate what is described as ‘the biggest data risk in history.’

Recommendations also include accountability measures for models, continuous monitoring, and legislative action to align AI development with privacy and security principles.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Fake Google Forms phishing campaign targets job seekers

A phishing campaign is targeting job seekers with fake Google Forms pages designed to harvest account credentials. Attackers are using a spoofed domain, forms.google.ss-o[.]com, to mimic the legitimate Google Forms service and trick victims into signing in.

The fraudulent pages advertise a Customer Support Executive role and prompt applicants to enter personal details before clicking a ‘Sign in’ button. Victims are then redirected to id-v4[.]com/generation.php, a domain previously linked to credential harvesting campaigns.

Researchers identified the operation as part of a broader wave of job-themed phishing attacks. The attackers used a script called generation_form.php to create personalised tracking links and implemented redirects to evade security analysis by sending suspicious visitors to local Google search pages.

Security experts warn that the campaign relies on domain impersonation techniques, including the use of ‘ss-o’ to resemble ‘single sign-on’. The fake site reproduces Google branding elements and standard disclaimers to increase credibility.

Users are advised to avoid clicking unsolicited job links, verify opportunities through official channels, and enable multi-factor authentication. Password managers and real-time anti-malware tools can also reduce exposure to credential theft.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EVMbench from OpenAI, Paradigm and OtterSec measures AI smart contract risks

OpenAI, with Paradigm and OtterSec, introduced EVMbench to test how AI agents detect, patch, and exploit smart contract flaws. The benchmark draws on 120 real vulnerabilities from 40 blockchain projects to better reflect live conditions.

Researchers report that leading agents can now discover and exploit end-to-end vulnerabilities in live blockchain instances. Over six months, exploit success rates rose sharply, prompting both praise for improved auditing capabilities and concern over the rapid scaling of offensive skills.

EVMbench evaluates agents across three modes: detect, patch, and exploit. Each stage reflects increasing technical complexity and mirrors the responsibilities faced in production blockchain environments, where contracts are often immutable, and errors can lead to irreversible losses.

Recent incidents underline the stakes. A vulnerability in AI-generated Solidity code reportedly mispriced an asset, triggering liquidations and losses. Such cases highlight the risks of deploying AI-written financial logic without rigorous human review and governance safeguards.

While EVMbench advances measurement of AI capabilities, it remains limited to curated vulnerabilities and sandboxed conditions. As blockchain adoption expands and criminal misuse evolves, researchers stress the need for responsible AI development alongside stronger innovative contract security practices.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Lithuania selects Swiss firm Procivis for national eIDAS 2.0 wallet sandbox

Swiss firm Procivis has secured a contract to deliver Lithuania’s end-to-end Digital Identity Wallet sandbox, supporting the country’s preparations under eIDAS 2.0. The project will establish a national testbed for digital ID use cases and interoperability across the European Union.

Selected by Lithuania’s digitalisation agency, Procivis will build a platform for public authorities and relying parties to test secure digital wallet use cases. The sandbox will validate readiness ahead of the EU’s 2027 digital identity wallet deadline.

The updated eIDAS 2.0 technical framework sets out how wallets will store and share trusted digital credentials and electronic identification. Governments and private organisations will be able to integrate services into the wallets, streamlining authentication, onboarding, and cross-border access.

Across Lithuania and the EU, testbeds and large-scale pilots have been central to turning regulatory requirements into interoperable infrastructure. Lithuania’s sandbox will also support activities under the EU’s LSP Aptitude consortium, which is testing cross-sector digital identity solutions.

Procivis said the collaboration aims to accelerate practical validation while ensuring compliance with European standards on security, interoperability, and data protection. The company stated that supporting a timely, budget-aligned implementation of eIDAS 2.0 remains central to its mission.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Reddit tests AI shopping search

Reddit has begun testing an AI-powered shopping search tool with a limited group of users in the US. Search queries for product ideas now generate interactive carousels featuring prices, images and direct links to retailers.

Items appearing in the results are drawn from recommendations shared in posts and comments across the platform. Listings are connected to Reddit’s advertising and shopping partners, bringing community discussions closer to online purchasing.

Expansion into AI-led commerce builds on the company’s earlier launch of Dynamic Product Ads, designed to deliver personalised suggestions. Closer integration of search and shopping signals a broader effort to strengthen digital revenue streams.

Chief executive Steve Huffman recently described AI search as a significant business opportunity beyond product development alone. Weekly search users increased from 60 million to 80 million over the past year, while engagement with the AI-powered Reddit Answers tool rose sharply throughout 2025.

Developments place Reddit alongside other technology platforms investing in AI-driven retail features. Growing user engagement suggests the company sees search as central to its future commercial strategy.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

India’s UIDAI rolls out AI-enabled biometric deduplication and document verification platform

UIDAI has deployed an advanced platform that uses AI-enabled models to improve biometric deduplication, the process of ensuring that each resident has a unique identity record, by checking fingerprints, facial images and iris scans against the entire Aadhaar database.

The authority describes this system, developed with the International Institute of Information Technology, Hyderabad, as an ‘Invisible Shield’ that can perform billions of computations efficiently at a population scale, running on high-performance inference infrastructure such as NVIDIA DGX systems to enhance accuracy and speed nationwide.

In addition to biometric matching, the platform incorporates AI-based document metadata extraction and verification to curb enrolment fraud, using secure APIs (e.g. DigiLocker) for source-of-truth checks against submitted documents.

The system is already being rolled out in several states. It is expected to expand across India in the coming months, boosting service quality, reducing turnaround times for Aadhaar enrolment and update transactions, and reinforcing trust in the digital identity infrastructure.

The initiative is part of a broader push to leverage AI for fraud detection and identity assurance at a national scale. It comes amid ongoing efforts by UIDAI to modernise authentication processes as biometric and AI-based systems evolve.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!