Interdisciplinary approaches

How cultural heritage can go green through digital preservation

A Europe-wide survey has exposed how cultural heritage institutions (CHIs) protect humanity’s legacy digitally while unintentionally harming the environment.

Instead of focusing only on efficiency, the Europeana Climate Action Community recommends a shift towards environmentally sustainable and regenerative digital preservation.

Led by the Environmental Sustainability Practice Task Force, the survey collected input from 108 organisations across 24 EU countries. While 80% of CHIs recognise environmental responsibility, just 42% follow formal environmental strategies and a mere 14% measure carbon footprints.

Many maintain redundant data backups without assessing the ecological cost, and most lack policies for retiring digital assets responsibly.

The report suggests CHIs develop community-powered archives, adopt hardware recycling and repair, and prioritise sufficiency instead of maximising digital volume. Interviews with institutions such as the National Library of Finland and the POLIN Museum revealed good practices alongside common challenges.

With digital preservation increasingly essential, the Europeana Initiative calls for immediate action. By moving from isolated efficiency efforts to collective regeneration strategies, CHIs can protect cultural memory while reducing environmental impact for future generations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Generative AI now powers 20% of new Steam games

Nearly 20 percent of video games released on Steam in 2025 include generative AI, according to a new report by Totally Human Media.

The report, based on data gathered from Steam, states that around 7,818 games currently disclose using generative AI. The figure represents roughly 7 percent of the platform’s entire catalogue. For games launched in 2025, nearly one in five incorporate AI tools or openly disclose doing so.

Compared to 2024, this marks a nearly 700 percent increase in generative AI adoption, reflecting a broader industry trend towards automation and machine-generated content.

Among the most prominent titles is My Summer Car, a vehicle simulation game with over 2.5 million copies sold. The developers disclosed that the game includes ‘some AI generated paintings found inside the main house’.

Valve, the company behind Steam, began requiring game developers to disclose AI use in January 2024. While the company did not comment on the findings, the policy has enabled public tracking of AI adoption across the platform.

Community reaction to the trend has been mixed. On Reddit, many users said they would automatically add AI-driven games to their ignore lists. One commenter wrote, ‘We need to tag them so they can be an ignored category.’ Others expressed disappointment in indie developers turning to generative tools over human artists.

Some users acknowledged the complexity of the issue. A typical comment noted that while AI usage in minor elements like UI assets might be acceptable, reliance on AI for core content raises questions about value and originality. One post read, ‘What am I paying for if it’s all AI? I agree with that sentiment.’

Steam’s Next Fest, which showcases upcoming releases, drew criticism from some players who said they lost interest in promising titles upon discovering their use of generative AI.

Despite user backlash, industry momentum continues to build. Many developers see AI as a means to streamline asset creation and reduce production costs, though concerns about quality, ethics, and employment remain central to the debate.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trojanised Telegram APKs target Android users with Janus exploit

A large Android malware campaign has been uncovered, distributing trojanised versions of Telegram Messenger via more than 600 malicious domains. The operation uses phishing infrastructure and evasion techniques to deceive users and deliver infected APK files.

Domains exploit typosquatting, with names like ‘teleqram’ and ‘apktelegram’, and mimic Telegram’s website using cloned visuals and QR code redirects. Users are sent to zifeiji[.]asia, which hosts a fake Telegram site offering APK downloads between 60MB and 70MB.

The malware targets Android versions 5.0 to 8.0, exploiting the Janus vulnerability and bypassing security via legacy signature schemes. After installation, it establishes persistent access using socket callbacks, enabling remote control.

It communicates via unencrypted HTTP and FTP, and uses Android’s MediaPlayer component to trigger background activity unnoticed. Once installed, it requests extensive permissions, including access to all locally stored data.

Domains involved include over 300 on .com, with many registered through Gname, suggesting a coordinated and resilient campaign structure.

Researchers also found a JavaScript tracker embedded at telegramt.net, which collects browser and device data and sends it to dszb77[.]com. The goal appears to be user profiling and behavioural analysis.

Experts warn that the campaign’s scale and technical sophistication pose a significant risk to users running outdated Android systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Experts link Qantas data breach to AI voice impersonation

Cybersecurity experts believe criminals may have used AI-generated voice deepfakes to breach Qantas systems, potentially deceiving contact centre staff in Manila. The breach affected nearly six million customers, with links to a group known as Scattered Spider.

Qantas confirmed the breach after detecting suspicious activity on a third-party platform. Stolen data included names, phone numbers, and addresses—but no financial details. The airline has not confirmed whether voice impersonation was involved.

Experts point to Scattered Spiders’ history of using synthetic voices to trick help desk staff into handing over credentials. Former FBI agent Adam Marré said the technique, known as vishing, matches the group’s typical methods and links them to The Com, a cybercrime collective.

Other members of The Com have targeted companies like Salesforce through similar tactics. Qantas reportedly warned contact centre staff shortly before the breach, citing a threat advisory connected to Scattered Spider.

Google and CrowdStrike reported that the group frequently impersonates employees over the phone to bypass multi-factor authentication and reset passwords. The FBI has warned that Scattered Spider is now targeting airlines.

Qantas says its core systems remain secure and has not confirmed receiving a ransom demand. The airline is cooperating with authorities and urging affected customers to watch for scams using their leaked information.

Cybersecurity firm Trend Micro notes that voice deepfakes are now easy to produce, with convincing audio clips available for as little as $5. The deepfakes can mimic language, tone, and emotion, making them powerful tools for deception.

Experts recommend biometric verification, synthetic signal detection, and real-time security challenges to counter deepfakes. Employee training and multi-factor authentication remain essential defences.

Recent global cases illustrate the risk. In one instance, a deepfake mimicking US Senator Marco Rubio attempted to access sensitive systems. Other attacks involved cloned voices of US political figures Joe Biden and Susie Wiles.

As voice content becomes more publicly available, experts warn that anyone sharing audio online could become a target for AI-driven impersonation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI and Shopify explore product sales via ChatGPT

OpenAI is preparing to take a commission from product sales made directly through ChatGPT, signalling a significant shift in its business model. The move aims to monetise free users by embedding e-commerce checkout within the chatbot.

Currently, ChatGPT provides product links that redirect users to external sites. In April, OpenAI partnered with Shopify to support this feature. Sources say the next step is enabling purchases without leaving the platform, with merchants paying OpenAI a fee per transaction.

Until now, OpenAI has earned revenue mainly from ChatGPT Plus subscriptions and enterprise deals. Despite a $300 billion valuation, the company remains loss-making and seeks new commercial avenues tied to its conversational AI tools.

E-commerce integration would also challenge Google’s grip on product discovery and paid search, as more users turn to chatbots for recommendations.

Early prototypes have been shown to brands, and financial terms are under discussion. Shopify, which powers checkout on platforms like TikTok, may also provide the backend infrastructure for ChatGPT.

Product suggestions in ChatGPT are generated based on query relevance and user-specific context, including budgets and saved preferences. With memory upgrades, the chatbot can personalise results more effectively over time.

Currently, clicking on a product shows a list of sellers based on third-party data. Rankings rely mainly on metadata rather than price or delivery speed, though this is expected to evolve.

Marketers are already experimenting with ‘AIO’ — AI optimisation — to boost visibility in AI-generated product listings, similar to SEO for search engines.

An advertising agency executive said this shift could disrupt paid search and traditional ad models. Concerns are growing around how AI handles preferences and the fairness of its recommendations.

OpenAI has previously said it had ‘no active plans to pursue advertising’. However, CFO Sarah Friar recently confirmed that the company is open to ads in the future, using a selective approach.

CEO Sam Altman said OpenAI would not accept payments for preferential placement, but may charge small affiliate fees on purchases made through ChatGPT.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta faces fresh EU backlash over Digital Markets Act non-compliance

Meta is again under EU scrutiny after failing to fully comply with the bloc’s Digital Markets Act (DMA), despite a €200 million fine earlier this year.

The European Commission says Meta’s current ‘pay or consent’ model still falls short and could trigger further penalties. A formal warning is expected, with recurring fines likely if the company does not adjust its approach.

The DMA imposes strict rules on major tech platforms to reduce market dominance and protect digital fairness. While Meta claims its model meets legal standards, the Commission says progress has been minimal.

Over the past year, Meta has faced nearly €1 billion in EU fines, including €798 million for linking Facebook Marketplace to its central platform. The new case adds to years of tension over data practices and user consent.

The ‘pay or consent’ model offers users a choice between paying for privacy or accepting targeted ads. Regulators argue this does not meet the threshold for genuine consent and mirrors Meta’s past GDPR tactics.

Privacy advocates have long criticised Meta’s approach, saying users are left with no meaningful alternatives. Internal documents show Meta lobbied against privacy reforms and warned governments about reduced investment.

The Commission now holds greater power under the DMA than it did with GDPR, allowing for faster, centralised enforcement and fines of up to 10% of global turnover.

Apple has already been fined €500 million, and Google is also under investigation. The EU’s rapid action signals a stricter stance on platform accountability. The message for Meta and other tech giants is clear: partial compliance is no longer enough to avoid serious regulatory consequences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI system screens diabetic eye disease with near-perfect accuracy

A new AI programme is showing remarkable accuracy in detecting diabetic retinopathy, a leading cause of preventable blindness. The SMART system, short for Simple Mobile AI Retina Tracker, can scan retinal images using even basic smartphones and has achieved over 99% accuracy.

Researchers at the University of Texas Health Sciences Center in the US trained the AI using thousands of retinal images from diverse populations across six continents. The system processes images in under a second and can distinguish diabetic retinopathy from other eye diseases.

Experts say the technology could dramatically expand access to eye screenings, particularly in areas lacking specialist care. By integrating the tool into regular check-ups, both primary care providers and ophthalmologists could streamline early diagnosis.

Researchers highlighted that the tool’s mobile accessibility allows for global reach, potentially screening billions. The findings were presented at the annual meeting of The Endocrine Society, though they have yet to be peer-reviewed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Europe’s quantum ambitions meet US private power and China’s state drive

Quantum computing could fundamentally reshape technology, using quantum bits (qubits) instead of classical bits. Qubits allow complex calculations beyond classical computing, transforming sectors from pharmaceuticals to defence.

Europe is investing billions in quantum technology, emphasising technological sovereignty. Yet, it competes fiercely with the United States, which enjoys substantial private investment, and China, powered by significant state-backed funding.

The UK began quantum initiatives early, launching the National Quantum Programme 2014. It recently pledged £2.5 billion more, supporting start-ups like Orca Computing and Universal Quantum, alongside nations like Canada, Israel, and Japan.

Europe accounted for eight of the nineteen quantum start-ups established globally in 2024, including IQM Quantum Computers and Pasqal. Despite Europe’s scientific strengths, it only captured 5% of global quantum investments, versus 50% for the US.

The European Commission aims to strengthen quantum capabilities by funding six chip factories and a continent-wide Quantum Skills Academy. However, attracting sufficient private investment remains a significant challenge.

The US quantum industry thrives, driven by giants such as IBM, Google, Microsoft, IonQ, Rigetti, and D-Wave Quantum. Recent breakthroughs include Microsoft’s topological qubit and Google’s Willow quantum chip.

D-Wave Quantum has demonstrated real-world quantum advantages, solving complex optimisation problems in minutes. Its technology is now used commercially in logistics, traffic management, and supply chains.

China, meanwhile, leads in state-driven quantum funding, investing $15 billion directly and managing a $138 billion tech venture fund. By contrast, US federal investment totals about $6 billion, underscoring China’s aggressive approach.

Global investment in quantum start-ups reached $1.25 billion in Q1 2025 alone, reflecting a shift towards practical applications. By 2040, the quantum market is projected to reach $173 billion, influencing global economics and geopolitics.

Quantum computing raises geopolitical concerns, prompting democratic nations to coordinate through bodies like the OECD and G7. Interoperability, trust, and secure infrastructure have become essential strategic considerations.

Europe’s quantum ambitions require sustained investment, standard-setting leadership, and robust supply chains. Its long-term technological independence hinges on moving swiftly beyond initial funding towards genuine strategic autonomy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Co-op CEO apologises after cyberattack hits 6.5 million members

Co-op CEO Shirine Khoury-Haq has confirmed that all 6.5 million members had their data stolen during a cyberattack in April.

‘I’m devastated that information was taken,’ Khoury-Haq told BBC Breakfast. ‘It hurt my members; they took their data, and it hurt our customers, whom I take personally.’

The stolen data included names, addresses, and contact details, but no financial or transaction information. Khoury-Haq said the incident felt ‘personal’ due to its impact on Co-op staff, adding that IT teams ‘fought off these criminals’ under immense pressure.

Although the hackers were removed from Co-op’s systems, the stolen information could not be recovered. The company monitored the breach and reported it to the authorities.

Co-op, which operates a membership profit-sharing model, is still working to restore its back-end systems. The financial impact has not been disclosed.

In response, Co-op is partnering with The Hacking Games — a cybersecurity recruitment initiative — to guide young talent towards legal tech careers. A pilot will launch in Co-op Academies Trust schools.

The breach was part of a wider wave of cyberattacks on UK retailers, including Marks & Spencer and Harrods. Four people aged 17 to 20 have been arrested concerning the incidents.

In a related case, Australian airline Qantas also confirmed a recent breach involving its frequent flyer programme. As with Co-op, financial data was not affected, but personal contact information was accessed.

Experts warn of increasingly sophisticated attacks on public and private institutions, calling for stronger digital defences and proactive cybersecurity strategies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Air Serbia suffers deep network compromise in July cyberattack

Air Serbia delayed issuing June payslips after a cyberattack disrupted internal systems, according to internal memos obtained by The Register. A 10 July note told staff: ‘Given the ongoing cyberattacks, for security reasons, we will postpone the distribution of June 2025 payslips.’

The IT department is reportedly working to restore operations, and payslips will be emailed once systems are secure again. Although salaries were paid, staff could not access their payslip PDFs due to the disruption.

HR warned employees not to open suspicious emails, particularly those appearing to contain payslips or that seemed self-addressed. ‘We kindly ask that you act responsibly given the current situation,’ said one memo.

Air Serbia first informed staff about the cyberattack on 4 July, with IT teams warning of possible disruptions to operations. Managers were instructed to activate business continuity plans and adapt workflows accordingly.

By 7 July, all service accounts had been shut down, and staff were subjected to company-wide password resets. Security-scanning software was installed on endpoints, and internet access was restricted to selected airserbia.com pages.

A new VPN client was deployed due to security vulnerabilities, and data centres were shifted to a demilitarised zone. On 11 July, staff were told to leave their PCs locked but running over the weekend for further IT intervention.

An insider told The Register that the attack resulted in a deep compromise of Air Serbia’s Active Directory environment. The source claims the attackers may have gained access in early July, although exact dates remain unclear due to missing logs.

Staff reportedly fear that the breach could have involved personal data, and that the airline may not disclose the incident publicly. According to the insider, attackers had been probing Air Serbia’s exposed endpoints since early 2024.

The airline also faced several DDoS attacks earlier this year, although the latest intrusion appears far more severe. Malware, possibly an infostealer, is suspected in the breach, but no ransom demands had been made as of 15 July.

Infostealers are often used in precursor attacks before ransomware is deployed, security experts warn. Neither Air Serbia nor the government of Serbia responded to media queries by the time of publication.

Air Serbia had a record-breaking year in 2024, carrying 4.4 million passengers — a 6 percent increase over the previous year. Cybersecurity experts recently warned of broader attacks on the aviation industry, with groups such as Scattered Spider under scrutiny.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.