Human rights principles

New multi-stage scams use PDF files to harvest corporate credentials

Phishing continues to succeed despite increasingly sophisticated AI-driven threats, with attackers relying on familiar tools such as PDFs and cloud services. Researchers have identified a new campaign using legitimate-looking documents to redirect victims to credential-harvesting pages impersonating Dropbox.

The attack starts with professional emails framed as procurement or tender requests. When recipients open the attached PDF, they are quietly redirected through trusted cloud infrastructure before reaching a fake Dropbox login page designed to steal corporate credentials.

Each stage appears legitimate in isolation, allowing the campaign to bypass standard filters and authentication checks. Business-style language, reputable hosting platforms, and realistic branding reduce suspicion while exploiting everyday workplace routines.

Security specialists warn that long-standing trust in PDFs and mainstream cloud services has lowered user vigilance. Employees have been conditioned to view these formats as safe, creating opportunities for attackers to weaponise familiar business tools.

Experts say phishing awareness must evolve beyond basic link warnings to reflect modern multi-stage attacks. Alongside training, layered defences such as multi-factor authentication and anomaly detection remain essential for limiting damage.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Tinder tests AI Chemistry feature to cut swipe fatigue and revive engagement

The dating platform is expanding its reliance on AI, with Tinder experimenting with a feature designed to ease swipe fatigue among users.

A tool, known as Chemistry, that builds a picture of each person through optional questions and by reviewing their Camera Roll with permission, offering a more personalised route toward potential matches instead of repetitive browsing.

Match is currently testing the feature only in Australia. Executives say the system allows people to receive a small set of tailored profiles rather than navigating large volumes of candidates.

Tinder hopes the approach will strengthen engagement during a period when registrations and monthly activity remain lower than last year, despite minor improvements driven by AI-based recommendations.

Developers are also refocusing the broader discovery experience to reflect concerns raised by Gen Z around authenticity, trust and relevance.

The platform now relies on verification tools such as Face Check, which Match says cut harmful interactions by more than half instead of leaving users exposed to impersonators.

These moves indicate a shift away from the swipe mechanic that once defined the app, offering more direct suggestions that may improve outcomes.

Marketing investment is set to rise as part of the strategy. Match plans to allocate $50 million to new campaigns that will position Tinder as appealing again, using creators on TikTok and Instagram to reframe the brand.

Strong quarterly revenue failed to offset weaker guidance, yet the company argues that AI features will help shape a more reliable and engaging service for users seeking consistent matches.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Google issues warning on malware affecting over 40% of Android devices

The US tech giant, Google, has alerted users that more than 40% of Android phones are vulnerable to new malware and spyware due to outdated software. Phones running older versions than Android 13 no longer receive security updates, leaving over a billion users worldwide at risk.

Data shows Android 16 is present on only 7.5% of devices, while versions 15, 14, and 13 still dominate the market.

Slow adoption of updates means many devices remain exposed, even when security patches are available. Google emphasised that outdated phones are particularly unsafe and cannot protect against emerging threats.

Users are advised to upgrade to Android 13 or newer, or purchase a mid-range device that receives regular updates, instead of keeping an old high-end phone without support. Unlike Apple, where most iPhones receive timely updates, older Android devices may never get the necessary security fixes.

The warning highlights the urgent need for users to act immediately to avoid potential data breaches and spyware attacks. Google’s message is clear: using unsupported Android devices is a growing global security concern.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU tests Matrix protocol as sovereign alternative for internal communication

The European Commission is testing a European open source system for its internal communications as worries grow in Brussels over deep dependence on US software.

A spokesperson said the administration is preparing a solution built on the Matrix protocol instead of relying solely on Microsoft Teams.

Matrix is already used by several European institutions, including the French government, German healthcare bodies and armed forces across the continent.

The Commission aims to deploy it as a complement and backup to Teams rather than a full replacement. Officials noted that Signal currently fills that role but lacks the flexibility needed for an organisation of the Commission’s size.

The initiative forms part of a wider push for digital sovereignty within the EU. A Matrix-based tool could eventually link the Commission with other Union bodies that currently lack a unified secure communication platform.

Officials said there is already an operational connection with the European Parliament.

The trial reflects growing sensitivity about Europe’s strategic dependence on non-European digital services.

By developing home-grown communication infrastructure instead of leaning on a single foreign supplier, the Commission hopes to build a more resilient and sovereign technological foundation.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Under 16 social media ban proposed in Spain

Spain is preparing legislation to ban social media access for users under 16, with the proposal expected to be introduced within days. Prime Minister Pedro Sánchez framed the move as a child-protection measure aimed at reducing exposure to harmful online environments.

Government plans include mandatory age-verification systems for platforms, designed to serve as practical barriers rather than symbolic safeguards. Officials argue that minors face escalating risks online, including addiction, exploitation, violent content, and manipulation.

Additional provisions could hold technology executives legally accountable for unlawful or hateful content that remains online. The proposal reflects a broader regulatory shift toward platform responsibility and stricter enforcement standards.

Momentum for youth restrictions is building across Europe. France and Denmark are pursuing similar controls, while the EU Digital Services Act guidelines allow member states to define a national ‘digital majority age’.

The European Commission is also testing an age verification app, with wider deployment expected next year.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Malaysia enforces a total ban on e-waste imports after corruption probe

Authorities have imposed a full and immediate ban on the import of electronic waste in Malaysia to end the long-standing practice of foreign dumping.

The Anti-Corruption Commission reclassified all e-waste as an absolute prohibition, removing the earlier discretion that allowed limited exemptions. Officials argue that the country should protect its environment rather than accept hazardous materials from other nations.

Authorities have spent years intercepting containers loaded with discarded electronics suspected to contain toxic metals that contaminate soil and water when mishandled.

Environmental groups have repeatedly urged stronger controls, noting that waste from computers, mobile phones and household appliances poses severe risks to human health. The government now insists that firm enforcement must accompany the new restrictions to prevent continued smuggling.

The decision comes amid a widening corruption inquiry into oversight of e-waste. The director-general of the environment department and his deputy have been detained on suspicion of abuse of power. At the same time, investigators have frozen bank accounts and seized cash linked to the case.

The Home Ministry has pledged increased surveillance and warned that Malaysia will safeguard its national security by stopping illegal e-waste at its borders.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Harvard researchers highlight contextual risks in medical AI systems

Medical AI promises faster analysis, more accurate pattern detection, and continuous availability, yet most systems still struggle to perform reliably in real clinical environments beyond laboratory testing.

Researchers led by Marinka Zitnik at Harvard Medical School identify contextual errors as a key reason why medical AI often fails when deployed in hospitals and clinics.

Models frequently generate technically sound responses that overlook crucial factors, such as medical speciality, geographic conditions, and patients’ socioeconomic circumstances, thereby limiting their real-world usefulness.

The study argues that training datasets, model architecture, and performance benchmarks must integrate contextual information to prevent misleading or impractical recommendations.

Improving transparency, trust, and human-AI collaboration could allow context-aware systems to support clinicians more effectively while reducing harm and inequality in care delivery.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Facial recognition AI supports passenger security in India

Indian Railways has deployed an AI powered Rail Robocop at Visakhapatnam Railway Station in India to strengthen passenger security. The system is designed to patrol platforms and monitor crowds in Visakhapatnam.

The robot, named ASC Arjun, uses facial recognition to compare live images with a database of known criminals in India. Officials said the system recently identified a suspect during routine surveillance in Visakhapatnam.

Once a match was detected, the AI system sent an instant alert to the Railway Protection Force CCTV control room in Visakhapatnam. Officers were able to respond quickly using the automated notification.

Authorities in India say the Rail Robocop will support human staff rather than replace them. Similar AI deployments are expected at other major railway stations in India following trials in Visakhapatnam.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

US agencies linked to expanded biometric data sharing with Australia

Reports suggest Australia may expand biometric and identity data sharing with US authorities through border security and visa negotiations, granting enforcement agencies broader access to sensitive personal information.

Information reportedly covered includes passport numbers, dates of birth, facial images, fingerprints, and criminal or immigration records. Such access could allow US authorities to query Australian-held databases directly, bypassing traditional legal cooperation procedures.

No official treaty text or confirmation has been released by either government, and responses have remained general, avoiding details about the Enhanced Border Security Partnership negotiations. The absence of transparency has raised concerns among privacy advocates and legal commentators.

Australia and the United States already cooperate through established frameworks such as the Visa Waiver Program, Migration 5 agreements, and the CLOUD Act. Existing mechanisms involve structured, case-by-case data sharing with legal oversight rather than unrestricted database access.

Analysts note that confirmed arrangements differ significantly from claims of open biometric access, though expanding security vetting requirements continue to increase cross-border data flows. Debate is growing over privacy, sovereignty, and the long-term implications of deeper information sharing.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Greece nears plan to restrict social media for under-15s

Preparing to restrict social media access for children under 15s, Greece plans to use the Kids Wallet app as its enforcement tool amid rising European concern over youth safety.

A senior official indicated that an announcement is close, reflecting growing political concern about digital safety and youth protection.

The Ministry of Digital Governance intends to rely on the Kids Wallet application, introduced last year, as a mechanism for enforcing the measure instead of developing a new control framework.

Government planning is advanced, yet the precise timing of the announcement by Prime Minister Kyriakos Mitsotakis has not been finalised.

In addition to the legislative initiative in Greece, the European debate on children’s online safety is intensifying.

Spain recently revealed plans to prohibit social media access for those under sixteen and to create legislation that would hold platform executives personally accountable for hate speech.

Such moves illustrate how governments are seeking to shape the digital environment for younger users rather than leaving regulation solely in private hands.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!