Encryption

Meta and PayPal users targeted in new phishing scam

Cybersecurity experts are warning of a rapid and highly advanced phishing campaign that targets Meta and PayPal users with instant account takeovers. The attack exploits Google’s AppSheet platform to send emails from a legitimate domain, bypassing standard security checks.

Victims are tricked into entering login details and two-factor authentication codes, which are then harvested in real time. Emails used in the campaign pose as urgent security alerts from Meta or PayPal, urging recipients to click a fake appeal link.

A double-prompt technique falsely claims an initial login attempt failed, increasing the likelihood of accurate information being submitted. KnowBe4 reports that 98% of detected threats impersonated Meta, with the remaining targeting PayPal.

Google confirmed it has taken steps to reduce the campaign’s impact by improving AppSheet security and deploying advanced Gmail protections. The company advised users to stay alert and consult their guide to spotting scams. Meta and PayPal have not yet commented on the situation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Sui DEX Cetus suffers suspected $200m hack

A major security incident has struck Cetus, a decentralised exchange (DEX) on the Sui blockchain, with suspected losses exceeding $200 million. Onchain data revealed rapid asset drainage, prompting experts to label the event as a possible hack rather than a mere bug, as claimed by the Cetus team.

Reports indicate that at least $63 million has already been transferred to Ethereum, including a large single transaction of 20,000 ETH moved to a new wallet.

Transaction volumes on Cetus surged to $2.9 billion on 22 May, compared to $320 million the previous day, suggesting funds were rapidly siphoned from the platform.

Several tokens lost over 75% of their value, causing wider disruption; for instance, the Sui-based money market Scallop halted all borrowing activities as a precaution.

Concerns over transparency have grown as $212 million in assets were reportedly bridged to Ethereum at a rate of $1 million per minute. Analysts argue the scale and speed of transfers hint at something more serious than a simple software glitch.

Cetus paused the affected smart contract and announced an ongoing investigation, but has yet to provide a detailed response.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Bitcoin hits all-time high above $111K

Bitcoin surged to a fresh all-time high of $111,544 during early Asian trading on Thursday, marking a 4% jump from Wednesday’s peak. The rally follows a dip to $106,000 earlier in the week and reflects rising interest in alternative assets amid global financial uncertainty.

The immediate driver appears to be weak demand for the US Treasury’s $16 billion 20-year bond auction, which pushed yields above 5.1%. Falling trust in long-term government debt has driven a shift in sentiment, with US and Japanese yields rising sharply.

Bitcoin’s rise has been supported by several macroeconomic factors, including softer US inflation, a cooling of US-China trade tensions, and Moody’s downgrade of US sovereign debt. Analysts suggest risk assets could benefit over the coming months if uncertainty continues to shake traditional markets.

On-chain data confirms increasing demand. Bitcoin’s realised market cap rose by $27 billion in May, while exchange inflows dropped 82% since November.

Institutional interest is also growing, with over $4.24 billion flowing into Bitcoin ETFs in the past month and major firms like Strategy boosting their holdings to $63 billion.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Crypto.com gains EU approval for crypto derivatives

Crypto.com has secured a MiFID licence, allowing it to offer regulated crypto derivatives across the European Economic Area. The licence expands the platform’s presence following earlier approval under the EU’s Markets in Crypto-Assets (MiCA) regulation.

It was obtained through the acquisition of Cyprus-based A.N. Allnew Investments, a move similar to strategies used by other major platforms such as Kraken. The announcement follows Crypto.com’s broader efforts to offer more regulated services to European users and grow its product portfolio.

Other crypto firms are also eyeing Europe’s growing derivatives market. Kraken, Coinbase, Gemini and Synthetix have all expanded their derivatives offerings through acquisitions and regulatory approvals, signalling a competitive push in the region.

Crypto.com’s previous acquisitions include Fintek Securities, Watchdog Capital and others, further strengthening its regulatory positioning.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hong Kong approves stablecoin licensing law

Hong Kong’s legislature has approved a bill introducing a licensing framework for fiat-referenced stablecoin issuers. The move provides legal clarity and aims to enhance the city’s position as a global digital asset hub.

Any issuer of stablecoins in Hong Kong or of HKD-backed stablecoins abroad must obtain a licence from the Hong Kong Monetary Authority. The law outlines standards for reserve asset management, redemption, and risk controls to protect investors and the wider public.

Officials say the legislation follows the principle of ‘same activity, same risks, same regulation’ and adopts a risk-based approach. Financial Secretary Christopher Hui stated that the measure sets a solid foundation for Hong Kong’s growing virtual asset market.

The HKMA’s sandbox programme for stablecoin issuers has already attracted three participants. The new ordinance is expected to take effect later this year.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Crypto assets to be treated as property in Russia

Russia’s Ministry of Justice is working on legislation that would classify crypto assets as property, enabling their confiscation during criminal investigations. The draft bill aims to tighten control over digital currencies increasingly used for illegal activities.

Deputy Justice Minister Vadim Fedorov stated that the new law would allow authorities to seize not only physical wallets but also credentials like seed phrases. Experts will assist in managing the secure handling of digital assets.

Courts may also be given the power to block transactions linked to certain wallets.

The move comes in response to a rise in crypto-related crime, particularly through darknet markets. One such platform, Kraken, has recorded a 68% surge in crypto transactions since the shutdown of Hydra in 2022.

Fedorov highlighted the challenges posed by digital currencies, citing their anonymity and lack of central control as major attractions for criminals.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

West Lothian schools hit by ransomware attack

West Lothian Council has confirmed that personal and sensitive information was stolen following a ransomware cyberattack which struck the region’s education system on Tuesday, 6 May. Police Scotland has launched an investigation, and the matter remains an active criminal case.

Only a small fraction of the data held on the education network was accessed by the attackers. However, some of it included sensitive personal information. Parents and carers across West Lothian’s schools have been notified, and staff have also been advised to take extra precautions.

The cyberattack disrupted IT systems serving 13 secondary schools, 69 primary schools and 61 nurseries. Although the education network remains isolated from the rest of the council’s systems, contingency plans have been effective in minimising disruption, including during the ongoing SQA exams.

West Lothian Council has apologised to anyone potentially affected. It is continuing to work closely with Police Scotland and the Scottish Government. Officials have promised further updates as more information becomes available.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ransomware threat evolves with deceptive PDFs

Ransomware attacks fell by 31% in April 2025 compared to the previous month. Despite the overall decline, the retail sector remained a top target, with incidents at Marks & Spencer, Co-op, Harrods and Peter Green Chilled drawing national attention.

Retail remains vulnerable due to its public profile and potential for large-scale disruption. Experts warn the drop in figures does not reflect a weaker threat, as many attacks go unreported or are deliberately concealed.

Tactics are shifting, with some groups, like Babuk 2.0, faking claims to gain notoriety or extort victims. A rising threat in the ransomware landscape is the use of malicious PDF files, which now make up over a fifth of email-based malware.

These files, increasingly crafted using generative AI, are trusted more by users and harder to detect. Cybersecurity experts are urging firms to update defences and strengthen organisational security cultures to remain resilient.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Experts urge stronger safeguards as jailbroken chatbots leak illegal data

Hacked AI-powered chatbots pose serious security risks by revealing illicit knowledge the models absorbed during training, according to researchers at Ben Gurion University.

Their study highlights how ‘jailbroken’ large language models (LLMs) can be manipulated to produce dangerous instructions, such as how to hack networks, manufacture drugs, or carry out other illegal activities.

The chatbots, including those powered by models from companies like OpenAI, Google, and Anthropic, are trained on vast internet data sets. While attempts are made to exclude harmful material, AI systems may still internalize sensitive information.

Safety controls are meant to block the release of this knowledge, but researchers demonstrated how it could be bypassed using specially crafted prompts.

The researchers developed a ‘universal jailbreak’ capable of compromising multiple leading LLMs. Once bypassed, the chatbots consistently responded to queries that should have triggered safeguards.

They found some AI models openly advertised online as ‘dark LLMs,’ designed without ethical constraints and willing to generate responses that support fraud or cybercrime.

Professor Lior Rokach and Dr Michael Fire, who led the research, said the growing accessibility of this technology lowers the barrier for malicious use. They warned that dangerous knowledge could soon be accessed by anyone with a laptop or phone.

Despite notifying AI providers about the jailbreak method, the researchers say the response was underwhelming. Some companies dismissed the concerns as outside the scope of bug bounty programs, while others did not respond.

The report calls on tech companies to improve their models’ security by screening training data, using advanced firewalls, and developing methods for machine ‘unlearning’ to help remove illicit content. Experts also called for clearer safety standards and independent oversight.

OpenAI said its latest models have improved resilience to jailbreaks, and Microsoft linked to its recent safety initiatives. Other companies have not yet commented.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft adds quantum-resistant encryption to Windows 11

Microsoft is rolling out quantum-resistant encryption algorithms in Windows 11 as part of its effort to prepare for the eventual arrival of quantum computers. The new cryptographic tools were announced at the BUILD 2025 conference and are now available in Insider Preview Build 27852 and higher.

These updates introduce post-quantum algorithms—ML-KEM and ML-DSA—into SymCrypt, Windows’ core cryptographic library.

The algorithms, formerly known as CRYSTALS-Kyber and CRYSTALS-Dilithium, were selected by the US National Institute of Standards and Technology (NIST) and are part of the agency’s recommended post-quantum cryptography (PQC) standards.

The algorithms have also been added to SymCrypt-OpenSSL, Microsoft’s open-source extension for integrating SymCrypt with OpenSSL. Developers can now access the algorithms via Microsoft’s Cryptography API: Next Generation (CNG), enabling early testing and migration.

Quantum computers, which are still in experimental stages, promise to outperform classical systems in solving problems like factoring large numbers—a cornerstone of traditional encryption methods like RSA and elliptic curve cryptography.

Experts warn that these legacy systems could be broken in the coming decades, potentially compromising the security of global communications, financial systems, and data infrastructure.

The new PQC algorithms are designed to resist quantum attacks, but they bring additional complexity. Their encryption keys are significantly larger than those used in current standards.

For now, NIST recommends using them alongside RSA or elliptic curve keys in hybrid configurations, to mitigate risks from undiscovered vulnerabilities.

The transition to quantum-safe encryption is expected to be one of the most complex in cybersecurity history. Developers will need to address compatibility issues, including ensuring software can handle longer key lengths without introducing system-breaking errors.

Microsoft’s early adoption is a step toward broader post-quantum readiness. Experts emphasize the importance of rigorous testing now, as the timeline for quantum threats remains uncertain.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!