Encryption

Anthropic updates Claude’s policy with new data training choices

The US AI startup has announced an update to its data policy for Claude users, introducing an option to allow conversations and coding sessions to be used for training future AI models.

Anthropic stated that all Claude Free, Pro, and Max users, including those using Claude Code, will be asked to make a decision by September 28, 2025.

According to Anthropic, users who opt in will permit retention of their conversations for up to five years, with the data contributing to improvements in areas such as reasoning, coding, and analysis.

Those who choose not to participate will continue under the current policy, where conversations are deleted within thirty days unless flagged for legal or policy reasons.

The new policy does not extend to enterprise products, including Claude for Work, Claude Gov, Claude for Education, or API access through partners like Amazon Bedrock and Google Cloud Vertex AI. These remain governed by separate contractual agreements.

Anthropic noted that the choice will also apply to new users during sign-up, while existing users will be prompted through notifications to review their privacy settings.

The company emphasised that users remain in control of their data and that manually deleted conversations will not be used for training.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Espionage fears rise as TAG-144 evolves techniques

A threat group known as TAG-144 has stepped up cyberattacks on South American government agencies, researchers have warned.

The group, also called Blind Eagle and APT-C-36, has been active since 2018 and is linked to espionage and extortion campaigns. Recent activity shows a sharp rise in cybercrime, spear-phishing, often using spoofed government email accounts to deliver remote access trojans.

Analysts say the group has shifted towards more advanced methods, embedding malware inside image files through steganography. Payloads are then extracted in memory, allowing attackers to evade antivirus software and maintain access to compromised systems.

Colombian government institutions have been hit hardest, with stolen credentials and sensitive data raising concerns over both financial and national security risks. Security experts warn that TAG-144’s evolving tactics blur the line between organised crime and state-backed espionage.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Attackers bypass email security by abusing Microsoft Teams defaults

A phishing campaign exploits Microsoft Teams’ external communication features, with attackers posing as IT helpdesk staff to gain access to screen sharing and remote control. The method sidesteps traditional email security controls by using Teams’ default settings.

The attacks exploit Microsoft 365’s default external collaboration feature, which allows unauthenticated users to contact organisations. Axon Team reports attackers create malicious Entra ID tenants with .onmicrosoft.com domains or use compromised accounts to initiate chats.

Although Microsoft issues warnings for suspicious messages, attackers bypass these by initiating external voice calls, which generate no alerts. Once trust is established, they request screen sharing, enabling them to monitor victims’ activity and guide them toward malicious actions.

The highest risk arises where organisations enable external remote-control options, giving attackers potential full access to workstations directly through Teams. However, this eliminates the need for traditional remote tools like QuickAssist or AnyDesk, creating a severe security exposure.

Defenders are advised to monitor Microsoft 365 audit logs for markers such as ChatCreated, MessageSent, and UserAccepted events, as well as TeamsImpersonationDetected alerts. Restricting external communication and strengthening user awareness remain key to mitigating this threat.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

FBI says China’s Salt Typhoon breached millions of Americans’ data

China’s Salt Typhoon cyberspies have stolen data from millions of Americans through a years-long intrusion into telecommunications networks, according to senior FBI officials. The campaign represents one of the most significant espionage breaches uncovered in the United States.

The Beijing-backed operation began in 2019 and remained hidden until last year. Authorities say at least 80 countries were affected, far beyond the nine American telcos initially identified, with around 200 US organisations compromised.

Targets included Verizon, AT&T, and over 100 current and former administration officials. Officials say the intrusions enabled Chinese operatives to geolocate mobile users, monitor internet traffic, and sometimes record phone calls.

Three Chinese firms, Sichuan Juxinhe, Beijing Huanyu Tianqiong, and Sichuan Zhixin Ruijie, have been tied to Salt Typhoon. US officials say they support China’s security services and military.

The FBI warns that the scale of indiscriminate targeting falls outside traditional espionage norms. Officials stress the need for stronger cybersecurity measures as China, Russia, Iran, and North Korea continue to advance their cyber operations against critical infrastructure and private networks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Storm-0501 wipes Azure data after ransomware attack

A ransomware group has destroyed data and backups in a Microsoft Azure environment after exfiltrating sensitive information, which experts describe as a significant escalation in cloud-based attacks.

The threat actor, tracked as Storm-0501, gained complete control over a victim’s Azure domain by exploiting privileged accounts.

Microsoft researchers said the group used native Azure tools to copy data before systematically deleting resources to block recovery efforts.

After exfiltration, Storm-0501 used AzCopy to steal storage account contents and erase cloud assets. Immutable resources were encrypted instead.

The group later contacted the victim via Microsoft Teams using a compromised account to issue ransom demands.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Europe adds 12 new unicorn startups in first half of 2025

Funding season is restarting in Europe, with investors expecting to add several new unicorns in the coming months. Despite fewer mega-rounds than in 2021, a dozen startups passed the $1 billion mark in the first half of 2025.

AI, biotech, defence technology, and renewable energy are among the sectors attracting major backing. Recent unicorns include Lovable, an AI coding firm from Sweden, UK-based Fuse Energy, and Isar Aerospace from Germany.

London-based Isomorphic Labs, spun out of DeepMind, raised $600 million to enter unicorn territory. In biotech, Verdiva Bio hit unicorn status after a $410 million Series A, while Neko Health reached a $1.8 billion valuation.

AI and automation continue to drive investor appetite. Dublin’s Tines secured a $125 million Series C at a $1.125 billion valuation, and German AI customer service startup Parloa raised $120 million at a $1 billion valuation.

Dual-use drone companies also stood out. Portugal-based Tekever confirmed its unicorn status with plans for a £400 million UK expansion, while Quantum Systems raised €160 million to scale its AI-driven drones globally.

Film-streaming platform Mubi and encryption startup Zama also joined the unicorn club, showing the breadth of sectors gaining traction. With Bristol, Manchester, Munich, and Stockholm among the hotspots, Europe’s tech ecosystem continues to diversify.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Researchers uncover first-ever AI-powered ransomware ‘Promptlock’

The Slovak software company specialising in cybersecurity has discovered a GenAI-powered ransomware named PromptLock in its latest research report. The researchers describe it as the ‘first known AI-powered ransomware’. Although it has not been observed in an actual attack, it is considered a proof of concept (PoC) or a work in progress.

Researchers also found that this type of ransomware may have the ability to exfiltrate, encrypt, and possibly even destroy data.

They noted: ‘The PromptLock malware uses the gpt-oss-20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes.’

The report highlights how AI tools have made it easier to create convincing phishing messages and deepfakes, lowering the barrier for less-skilled attackers. As ransomware becomes more widespread, often deployed by advanced persistent threat (APT) groups, AI is expected to increase both the scale and effectiveness of such attacks.

PromptLock demonstrates how AI can automate key ransomware stages, such as reconnaissance and data theft, faster than ever. The emergence of malware capable of adapting its tactics in real time signals a new and more dangerous frontier in cybercrime.

Additionally, the GenAI company Anthropic has published a threat intelligence report revealing that malicious actors have attempted to exploit its AI model, Claude, for cybercriminal activities. The report outlines eight cases, including three major incidents.

One involved a cybercriminal group using Claude to automate data theft and extortion, targeting 17 organisations. Another detailed how North Korean actors used Claude to create fake identities, pass interviews, and secure remote IT jobs to fund the regime. A third case involved a criminal using Claude to create sophisticated ransomware variants with strong encryption and advanced evasion techniques. Most attempts were detected and disrupted before being carried out.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Could quantum computing reshape Bitcoin’s future

Quantum technology, rooted in quantum mechanics from the early 1900s, is rapidly advancing and may reshape the future of computing. Quantum computers handle data far faster than classical systems, with Google’s Willow chip marking a key advance.

However, their potential also raises concerns for digital assets such as Bitcoin.

Bitcoin’s cryptographic security relies on the Elliptic Curve Digital Signature Algorithm (ECDSA), which is considered unbreakable with today’s computers. Yet quantum computers, using algorithms like Peter Shor’s, could theoretically expose private keys and compromise wallets.

Experts caution that such risks remain distant, as current quantum hardware is still decades away from posing a real threat.

Beyond security risks, quantum computing could also revive millions of long-lost Bitcoins locked in early wallets. If those coins return to circulation, it could shake Bitcoin’s scarcity and market value.

The debate continues whether these coins should be burned or redistributed to preserve Bitcoin’s economic integrity.

For now, Bitcoin remains safe. Developers are creating quantum-resistant tools like QRAMP and new cryptography to strengthen the network. Users can boost safety by avoiding address reuse and using wallets like Taproot and SegWit.

While quantum risks loom, the network’s adaptability and ongoing research suggest that Bitcoin is well placed to withstand future challenges.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Global agencies and the FBI issue a warning on Salt Typhoon operations

The FBI, US agencies, and international partners have issued a joint advisory on a cyber campaign called ‘Salt Typhoon.’

The operation is said to have affected more than 200 US companies across 80 countries.

The advisory, co-released by the FBI, the National Security Agency, the Cybersecurity and Infrastructure Security Agency, and the Department of Defence Cyber Crime Centre, was also supported by agencies in the UK, Canada, Australia, Germany, Italy and Japan.

According to the statement, Salt Typhoon has focused on exploiting network infrastructure such as routers, virtual private networks and other edge devices.

The group has been previously linked to campaigns targeting US telecommunications networks in 2024. It has also been connected with activity involving a US National Guard network, the advisory names three Chinese companies allegedly providing products and services used in their operations.

Telecommunications, defence, transportation and hospitality organisations are advised to strengthen cybersecurity measures. Recommended actions include patching vulnerabilities, adopting zero-trust approaches and using the technical details included in the advisory.

Salt Typhoon, also known as Earth Estrie and Ghost Emperor, has been observed since at least 2019 and is reported to maintain long-term access to compromised devices.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

WhatsApp launches AI assistant for editing messages

Meta’s WhatsApp has introduced a new AI feature called Writing Help, designed to assist users in editing, rewriting, and refining the tone of their messages. The tool can adjust grammar, improve phrasing, or reframe a message in a more professional, humorous, or encouraging style before it is sent.

The feature operates through Meta’s Private Processing technology, which ensures that messages remain encrypted and private instead of being visible to WhatsApp or Meta.

According to the company, Writing Help processes requests anonymously and cannot trace them back to the user. The function is optional, disabled by default, and only applies to the chosen message.

To activate the feature, users can tap a small pencil icon that appears while composing a message.

In a demonstration, WhatsApp showed how the tool could turn ‘Please don’t leave dirty socks on the sofa’ into more light-hearted alternatives, including ‘Breaking news: Socks found chilling on the couch’ or ‘Please don’t turn the sofa into a sock graveyard.’

By introducing Writing Help, WhatsApp aims to make communication more flexible and engaging while keeping user privacy intact. The company emphasises that no information is stored, and AI-generated suggestions only appear if users decide to enable the option.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!