Encryption

ShinyHunters breach Google’s Salesforce database

Google has confirmed a data breach during its investigation into the ShinyHunters group, revealing the tech giant was also affected. The attackers accessed a Salesforce database used for storing small business customer information.

The breach exposed business names and contact details during a short window before access was revoked. Google stated no highly sensitive or personal data was compromised.

ShinyHunters used phishing and vishing tactics to trick users into authorising malicious Salesforce apps disguised as legitimate tools. The technique mirrors previous high-profile breaches involving firms like Santander and Ticketmaster.

Google warned the group may escalate operations by launching a data leak site. Organisations are urged to tighten their cybersecurity measures and access controls, train staff and apply multi-factor authentication across all accounts.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Visa boosts cyber defence support for clients

Visa has launched a new Cybersecurity Advisory Practice to support businesses in identifying and countering growing cyber risks. The initiative aims to provide practical insights tailored to clients of all sizes.

The practice will be powered by Visa Consulting & Analytics, which brings together a global team of consultants, product specialists and data scientists. Services include training, threat analysis and cybersecurity maturity assessments.

Jeremiah Dewey, a veteran with over 20 years of experience in the field, has been named global head of cyber products. He will lead product development and build strategic partnerships.

Visa says the goal is to offer scalable solutions to both small businesses and large enterprises, enabling them to stay resilient in an evolving digital threat market.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NVIDIA pushes back against chip backdoor demands

NVIDIA has publicly rejected calls to embed kill switches or backdoors in its AI chips amid growing political pressure. The statement follows proposals from US lawmakers and accusations by Chinese authorities.

Chief Security Officer David Reber Jr. said any such backdoor would endanger global digital infrastructure and open doors for hackers. He reaffirmed NVIDIA’s commitment to fixing vulnerabilities, not creating them.

The controversy arises as the chipmaker navigates strict US export controls while maintaining its foothold in China with the H20 chip. A Chinese agency recently claimed these chips already contain hidden controls.

Reber distinguished transparent, user-controlled tools like remote wipe from covert backdoors, arguing they serve customers without risking the system integrity of the chips.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US court system suffers sweeping cyber intrusion

A sweeping cyberattack has compromised the federal court filing system across multiple US states, exposing sensitive case data and informant identities. The breach affects core systems used by legal professionals and the public.

Sources say the Administrative Office of the US Courts first realised the scale of the hack in early July, with authorities still assessing the damage. Nation-state-linked actors or organised crime are suspected.

Critical systems like CM/ECF and PACER were impacted, raising fears over sealed indictments, search warrants and cooperation records now exposed. A dozen dockets were reportedly tampered with in at least one district.

Calls to modernise the ageing court infrastructure have intensified, with officials warning of rising cyber threats and the urgent need for system replacements.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU proposal to scan private messages gains support

The European Union’s ‘Chat Control’ proposal is gaining traction, with 19 member states now supporting a plan to scan all private messages on encrypted apps. From October, apps like WhatsApp, Signal, and Telegram must scan all messages, photos, and videos on users’ devices before encryption.

France, Denmark, Belgium, Hungary, Sweden, Italy, and Spain back the measure, while Germany has yet to decide. The proposal could pass by mid-October under the EU’s qualified majority voting system if Germany joins.

The initiative aims to prevent child sexual abuse material (CSAM) but has sparked concerns over mass surveillance and the erosion of digital privacy.

In addition to scanning, the proposal would introduce mandatory age verification, which could remove anonymity on messaging platforms. Critics argue the plan amounts to real-time surveillance of private conversations and threatens fundamental freedoms.

Telegram founder Pavel Durov recently warned of societal collapse in France due to censorship and regulatory pressure. He disclosed attempts by French officials to censor political content on his platform, which he refused to comply with.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Venice Film Festival hit by data breach

The Venice Film Festival has confirmed that a cyberattack compromised the personal data of accredited attendees, including journalists and industry members. The breach affected names, contact details, and tax information.

The cybersecurity attackers accessed the festival’s servers on 7 July and copied and stored documents. Festival organisers responded by isolating systems and informing authorities.

Those affected received a formal notification and are encouraged to contact the event’s data protection officer for support or updates.

Despite the breach, the 82nd edition of the festival will proceed as scheduled from 27 August to 9 September in Italy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Security flaw in Dell models affects millions

Millions of Dell laptops faced a serious security risk due to a flaw in a Broadcom chip used for storing sensitive data. Cisco Talos researchers uncovered the vulnerability, which could have allowed attackers to steal passwords and monitor activity.

Dell confirmed over 100 laptop models were impacted, especially those with its ‘ControlVault’ security software used in sensitive industries. A fix has been issued through security patches since March.

No evidence suggests the flaw was exploited, but experts warn users to install updates promptly to avoid exposure. The issue highlights the risks of storing biometrics and credentials directly on devices.

Users are advised to keep security patches current and use reliable antivirus software to help reduce threats from similar vulnerabilities in future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Android spyware posing as antivirus

LunaSpy is a new Android spyware campaign disguised as an antivirus or banking protection app. It spreads via messenger links and fake channels, tricking users into installing what appears to be a helpful security tool.

Once installed, the app mimics a real scanner, shows fake threat detections and operates unnoticed. In reality, it monitors everything on the device and sends sensitive data to attackers.

Active since at least February 2025, LunaSpy spreads through hijacked contact accounts and emerging Telegram channels. It poses as legitimate software to build trust before beginning surveillance.

Android users must avoid apps from unofficial links, scrutinise messenger invites, and only install from trusted stores. Reliable antivirus software and cautious permission granting provide essential defence.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Malaysia tackles online scams with AI and new cyber guidelines

Cybercrime involving financial scams continues to rise in Malaysia, with 35,368 cases reported in 2024, a 2.53 per cent increase from the previous year, resulting in losses of RM1.58 billion.

The situation remains severe in 2025, with over 12,000 online scam cases recorded in the first quarter alone, involving fake e-commerce offers, bogus loans, and non-existent investment platforms. Losses during this period reached RM573.7 million.

Instead of waiting for the situation to worsen, the Digital Ministry is rolling out proactive safeguards. These include new AI-related guidelines under development by the Department of Personal Data Protection, scheduled for release by March 2026.

The documents will cover data protection impact assessments, automated decision-making, and privacy-by-design principles.

The ministry has also introduced an official framework for responsible AI use in the public sector, called GPAISA, to ensure ethical compliance and support across government agencies.

Additionally, training initiatives such as AI Untuk Rakyat and MD Workforce aim to equip civil servants and enforcement teams with skills to handle AI and cyber threats.

In partnership with CyberSecurity Malaysia and Universiti Kebangsaan Malaysia, the ministry is also creating an AI-powered application to verify digital images and videos.

Instead of relying solely on manual analysis, the tool will help investigators detect online fraud, identity forgery, and synthetic media more effectively.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

New malware steals 200,000 passwords and credit card details through fake software

Hackers are now using fake versions of familiar software and documents to spread a new info-stealing malware known as PXA Stealer.

First discovered by Cisco Talos, the malware campaign is believed to be operated by Vietnamese-speaking cybercriminals and has already compromised more than 4,000 unique IP addresses across 62 countries.

Instead of targeting businesses alone, the attackers are now focusing on ordinary users in countries including the US, South Korea, and the Netherlands.

PXA Stealer is written in Python and designed to collect passwords, credit card data, cookies, autofill information, and even crypto wallet details from infected systems.

It spreads by sideloading malware into files like Microsoft Word executables or ZIP archives that also contain legitimate-looking programs such as Haihaisoft PDF Reader.

The malware uses malicious DLL files to gain persistence through the Windows Registry and downloads additional harmful files via Dropbox. After infection, it uses Telegram to exfiltrate stolen data, which is then sold on the dark web.

Once activated, the malware even attempts to open a fake PDF in Microsoft Edge, though the file fails to launch and shows an error message — by that point, it has already done the damage.

To avoid infection, users should avoid clicking unknown email links and should not open attachments from unfamiliar senders. Instead of saving passwords and card details in browsers, a trusted password manager is a safer choice.

Although antivirus software remains helpful, hackers in the campaign have used sophisticated methods to bypass detection, making careful online behaviour more important than ever.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!