Researchers at NYU’s Tandon School of Engineering have demonstrated how large language models can be utilised to execute ransomware campaigns autonomously. Their prototype, dubbed Ransomware 3.0, simulated every stage of an attack, from intrusion to the generation of a ransom note.
The system briefly raised an alarm after cybersecurity firm ESET discovered its files on VirusTotal, mistakenly identifying them as live malware. The proof-of-concept was designed only for controlled laboratory use and posed no risk outside testing environments.
Instead of pre-written code, the prototype embedded text instructions that triggered AI models to generate tailored attack scripts. Each execution created unique code, evading traditional detection methods and running across Windows, Linux, and Raspberry Pi systems.
The researchers found that the system identified up to 96% of sensitive files and could generate personalised extortion notes, raising psychological pressure on victims. With costs as low as $0.70 per attack using commercial AI services, such methods could lower barriers for criminals.
The team stressed that the work was conducted ethically and aims to help defenders prepare countermeasures. They recommend monitoring file access patterns, limiting outbound AI connections, and developing defences against AI-generated attack behaviours.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A Ukrainian cybercrime suspect has been added to the EU’s Most Wanted list for his role in the 2019 LockerGoga ransomware attack against a major Norwegian aluminium company and other global incidents.
The fugitive is considered a high-value target and is wanted by multiple countries. The US Department of Justice has offered up to USD 10 million for information leading to the arrest.
Europol stated that the identification of the suspect followed a lengthy, multinational investigation supported by Eurojust, with damages from the network estimated to be in the billions. Several members of the group have already been detained in Ukraine.
Investigators have mapped the network’s operations, tracing its hierarchy from malware developers and intrusion experts to money launderers who processed illicit proceeds. The wanted man is accused of directly deploying LockerGoga ransomware.
Europol has urged the public to visit the EU Most Wanted website and share information that could assist in locating the fugitive. The suspect’s profile is now live on the platform.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The ban, which blocked access to 26 social media sites including WhatsApp, Facebook, Instagram, LinkedIn, and YouTube, was introduced in an effort to curb misinformation, online fraud, and hate speech, according to government officials.
However, critics accused the administration of using the restrictions to stifle dissent and silence public outrage.
Thousands of demonstrators took to the streets in Kathmandu and other major cities in Nepal, voicing frustration over rising unemployment, inflation, and what they described as a lack of accountability among political leaders.
The protests quickly gained momentum, with digital freedom becoming a central theme alongside anti-corruption demands.
The United Nations Office for the High Commissioner of Human Rights addressed the situation, stating: “We have received several deeply worrying allegations of unnecessary or disproportionate use of force by security forces during protests organized by youth groups demonstrating against corruption and the recent Government ban on social media platforms.”
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The African Next Voices project has created the continent’s largest dataset of spoken African languages, covering 18 tongues across Kenya, Nigeria, and South Africa. Supported by a $2.2m Gates Foundation grant, the dataset includes 9,000 hours of speech in farming, health, and education settings.
Languages such as Hausa, Yoruba, isiZulu, and Kikuyu are now available for developers to build translation, transcription, and conversational AI tools. Farmers like South Africa’s Kelebogile Mosime already use local-language apps to solve agricultural challenges.
Start-ups, including Lelapa AI, are building products in African languages for banks and telecoms. Researchers warn that without such initiatives, millions risk exclusion from vital services and cultural knowledge could be lost.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Uber and Chinese startup Momenta will begin robotaxi testing in Munich in 2026, marking their first public deployment in continental Europe. The trials will start with human safety operators, with plans to expand across additional European cities.
Founded in 2016, Momenta is one of China’s leading autonomous vehicle companies, having tested self-driving cars since 2018. The company is already collaborating with automakers such as Mercedes-Benz and BMW to integrate advanced driver assistance systems.
Uber is broadening its global AV network, which already spans 20 partners across mobility, delivery, and freight. In the US, Waymo robotaxis operate via Uber’s app, while international partnerships include WeRide in the Gulf and Wayve in London.
Competition in Europe is intensifying. Baidu from China and Lyft plan to roll out robotaxis in Germany and the UK next year, while Uber has chosen Munich, Germany, as its engineering base and a strong automotive ecosystem.
German regulators must still certify Momenta’s technology and approve geo-fenced operating areas. If successful, Munich will become Momenta’s first European launchpad, building on its Shanghai robotaxi service and global ADAS deployment.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Sam Altman, X enthusiast and Reddit shareholder, has expressed doubts over whether social media content can still be distinguished from bot activity. His remarks followed an influx of praise for OpenAI Codex on Reddit, where users questioned whether such posts were genuine.
Altman noted that humans are increasingly adopting quirks of AI-generated language, blurring the line between authentic and synthetic speech. He also pointed to factors such as social media optimisation for engagement and astroturfing campaigns, which amplify suspicions of fakery.
The comments follow OpenAI’s backlash over the rollout of GPT-5, which saw Reddit communities shift from celebratory to critical. Altman acknowledged flaws in a Reddit AMA, but the fallout left lasting scepticism and lower enthusiasm among AI users.
Underlying this debate is the wider reality that bots dominate much of the online environment. Imperva estimates that more than half of 2024’s internet traffic was non-human, while X’s own Grok chatbot admitted to hundreds of millions of bots on the platform.
Some observers suggest Altman’s comments may foreshadow an OpenAI-backed social media venture. Whether such a project could avoid the same bot-related challenges remains uncertain, with research suggesting that even bot-only networks eventually create echo chambers of their own.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A malvertising campaign is targeting IT workers in the EU with fake GitHub Desktop installers, according to Arctic Wolf. The goal is to steal credentials, deploy ransomware, and infiltrate sensitive systems. The operation has reportedly been active for over six months.
Attackers used malicious Google Ads that redirected users to doctored GitHub repositories. Modified README files mimicked genuine download pages but linked to a lookalike domain. MacOS users received the AMOS Stealer, while Windows victims downloaded bloated installers hiding malware.
The Windows malware evaded detection using GPU-based checks, refusing to run in sandboxes that lacked real graphics drivers. On genuine machines, it copied itself to %APPDATA%, sought elevated privileges, and altered Defender settings. Analysts dubbed the technique GPUGate.
The payload persisted by creating privileged tasks and sideloading malicious DLLs into legitimate executables. Its modular system could download extra malware tailored to each victim. The campaign was geo-fenced to EU targets and relied on redundant command servers.
Researchers warn that IT staff are prime targets due to their access to codebases and credentials. With the campaign still active, Arctic Wolf has published indicators of compromise, Yara rules, and security advice to mitigate the GPUGate threat.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Researchers combine human tissue models with explainable AI to analyse patient data and identify treatments that work best for specific patients. First applied to inflammatory bowel disease, the approach could improve clinical trial success rates and accelerate drug discovery.
REPROCELL, IBM, and the STFC Hartree Centre have developed Pharmacology-AI, a platform uniting tissue models with machine learning. Delivered through the Hartree National Centre for Digital Innovation, it reduces costs, enhances trial design, and enables more targeted therapies.
Unlike tools that seek to replace human expertise, the platform acts as a decision-support system. It helps scientists detect patterns in complex datasets while keeping outputs interpretable for clinical trial use. Developers emphasised usability, ensuring non-technical staff can work with the system.
Human fresh tissue models play a central role, preserving biological complexity and simulating drug effects before trials. However, this generates reliable data that can be paired with AI to identify optimal patient profiles and reduce the risk of costly trial failures.
The project’s success suggests broad applications beyond IBD. With explainable AI and high-quality patient data, Pharmacology-AI could improve outcomes across multiple disease areas, making drug development faster, more efficient, and more precise.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Stablecoins have become central to the digital economy, with billions in daily transactions and stronger regulatory backing under the GENIUS Act. Yet experts warn that advances in quantum computing could undermine their very foundations.
Elliptic curve and RSA cryptography, widely used in stablecoin systems, are expected to be breakable once ‘Q-Day’ arrives. Quantum-equipped attackers could instantly derive private keys from public addresses, exposing entire networks to theft.
The immutability of blockchains makes upgrading cryptographic schemes especially challenging. Dormant wallets and legacy addresses may prove vulnerable, putting billions of dollars at risk if issuers fail to take action promptly.
Researchers highlight lattice-based and hash-based algorithms as viable ‘quantum-safe’ alternatives. Stablecoins built with crypto-agility, enabling seamless upgrades, will better adapt to new standards and avoid disruptive forks.
Regulators are also moving. NIST is finalising post-quantum cryptographic standards, and new rules will likely be established before 2030. Stablecoins that embed resilience today may set the global benchmark for digital trust in the quantum age.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Production at Jaguar Land Rover (JLR) is to remain halted until at least next week after a cyberattack crippled the carmaker’s operations. Disruption is expected to last through September and possibly into October.
The UK’s largest car manufacturer, owned by Tata, has suspended activity at its plants in Halewood, Solihull, and Wolverhampton. Thousands of staff have been told to stay home on full pay while ‘banking’ hours are to be recovered later.
Suppliers, including Evtec, WHS Plastics, SurTec, and OPmobility, which employ more than 6,000 people in the UK, have also paused their operations. The Sunday Times reported speculation that the outage could drag on for most of September.
While there is no evidence of a data breach, JLR has notified the Information Commissioner’s Office about potential risks. Dozens of internal systems, including spare parts databases, remain offline, forcing dealerships to revert to manual processes.
Hackers linked to the groups Scattered Spider, Lapsus$, and ShinyHunters have claimed responsibility for the incident. JLR stated that it was collaborating with cybersecurity experts and law enforcement to restore systems in a controlled and safe manner.
