Network security

Nova ransomware claims breach of KPMG Netherlands

KPMG Netherlands has allegedly become the latest target of the Nova ransomware group, following claims that sensitive data was accessed and exfiltrated.

The incident was reported by ransomware monitoring services on 23 January 2026, with attackers claiming the breach occurred on the same day.

Nova has reportedly issued a ten-day deadline for contact and ransom negotiations, a tactic commonly used by ransomware groups to pressure large organisations.

The group has established a reputation for targeting professional services firms and financial sector entities that manage high-value and confidential client information.

Threat intelligence sources indicate that Nova operates a distributed command and control infrastructure across the Tor network, alongside multiple leak platforms used to publish stolen data. Analysis suggests a standardised backend deployment, pointing to a mature and organised ransomware operation.

KPMG has not publicly confirmed the alleged breach at the time of writing. Clients and stakeholders are advised to follow official communications for clarity on potential exposure, response measures and remediation steps as investigations continue.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ten cybersecurity predictions for 2026 from experts: How AI will reshape cyber risks

Evidence from threat intelligence reporting and incident analysis in 2025 suggests that AI will move from experimental use to routine deployment in malicious cyber operations in 2026. Rather than introducing entirely new threats, AI is expected to accelerate existing attack techniques, reduce operational costs for attackers, and increase the scale and persistence of campaigns.

Security researchers and industry analysts point to ten areas where AI is most likely to reshape the cyber threat landscape over the coming year:

  1. AI-enabled malware is expected to adapt during execution. Threat intelligence reporting indicates that malware using AI models is already capable of modifying behaviour in real time. In 2026, such capabilities are expected to become more common, allowing malicious code to adjust tactics in response to defensive measures.
  2. AI agents are likely to automate key stages of cyberattacks. Researchers expect wider use of agentic AI systems that can independently conduct reconnaissance, exploit vulnerabilities, and maintain persistence, reducing the need for continuous human control.
  3. Prompt injection will be treated as a practical attack technique against AI deployments. As organisations embed AI assistants and agents into workflows, attackers are expected to target the AI layer itself (e.g. through prompt injection, unsafe tool use, and weak guardrails) to trigger unintended actions or expose data.
  4. Threat actors will use AI to target humans at scale. The text emphasises AI-enhanced social engineering: conversational bots, real-time manipulation, and automated account takeover, shifting attacks from isolated human-led attempts to continuous, scalable interaction.
  5. AI will expose APIs as a too-easily-exploited attack surface. The experts argue that AI agents capable of discovering and interacting with software interfaces will lower the barrier to abusing APIs, including undocumented or unintended ones. As agents gain broader permissions and access to cloud services, APIs are expected to become a more frequent point of exploitation and concealment.
  6. Extortion will evolve beyond ransomware encryption. Extortion campaigns are expected to rely less on encryption alone and more on a combination of tactics, including data theft, threats to leak or alter information, and disruption of cloud services, backups, and supply chains.
  7. Cyber incidents will increasingly spread from IT into industrial operations. Ransomware and related intrusions are expected to move beyond enterprise IT systems and disrupt operational technology and industrial control environments, amplifying downtime, supply-chain disruption, and operational impact.
  8. The insider threat will increasingly include imposter employees. Analysts anticipate insider risks will extend beyond malicious or negligent staff to include external actors who gain physical or remote access by posing as legitimate employees, including through hardware implants or direct device access that bypasses end point security.
  9. Nation-state cyber activity will continue to target Western governments and industries. Experts point to continued cyber operations by state-linked actors, including financially motivated campaigns and influence operations, with increased use of social engineering, deception techniques, and AI-enabled tools to scale and refine targeting.
  10. Identity management is expected to remain a primary failure point. The rapid growth of human and machine identities, including AI agents, across SaaS, cloud platforms and third-party environments is likely to reinforce credential misuse as a leading cause of major breaches.

Taken together, these trends suggest that in 2026, cyber risk will increasingly reflect systemic exposure created by the combination of AI adoption, identity sprawl, and interconnected digital infrastructure, rather than isolated technical failures.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU classifies WhatsApp as Very Large Online Platform

WhatsApp has been formally designated a Very Large Online Platform under the EU Digital Services Act, triggering the bloc’s most stringent digital oversight regime.

The classification follows confirmation that the messaging service has exceeded 51 million monthly users in the EU, triggering enhanced regulatory scrutiny.

As a VLOP, WhatsApp must take active steps to limit the spread of disinformation and reduce risks linked to the manipulation of public debate. The platform is also expected to strengthen safeguards for users’ mental health, with particular attention placed on the protection of minors and younger audiences.

The European Commission will oversee compliance directly and may impose financial penalties of up to 6 percent of WhatsApp’s global annual turnover if violations are identified. The company has until mid-May to align its systems, policies and risk assessments with the DSA’s requirements.

WhatsApp joins a growing list of major platforms already subject to similar obligations, including Facebook, Instagram, YouTube and X. The move reflects the Commission’s broader effort to apply the Digital Services Act across social media, messaging services and content platforms linked to systemic online risks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

France proposes EU tools to map foreign tech dependence

France has unveiled a new push to reduce Europe’s dependence on US and Chinese technology suppliers, placing digital sovereignty back at the centre of the EU policy debates.

Speaking in Paris, France’s minister for AI and digital affairs, Anne Le Hénanff, presented initiatives to expose and address the structural reliance on non-EU technologies across public administrations and private companies.

Central to the strategy is the creation of a Digital Sovereignty Observatory, which will map foreign technology dependencies and assess organisational exposure to geopolitical and supply-chain risks.

The body, led by former Europe minister Clément Beaune, is intended to provide the evidence base needed for coordinated action rather than symbolic declarations of autonomy.

France is also advancing a Digital Resilience Index, expected to publish its first findings in early 2026. The index will measure reliance on foreign digital services and products, identifying vulnerabilities linked to cloud infrastructure, AI, cybersecurity and emerging technologies.

Industry data suggests Europe’s dependence on external tech providers costs the continent hundreds of billions of euros annually.

Paris is using the initiative to renew calls for a European preference in public-sector digital procurement and for a standard EU definition of European digital services.

Such proposals remain contentious among member states, yet France argues they are essential for restoring strategic control over critical digital infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

TikTok outages spark fears over data control and censorship in the US

Widespread TikTok disruptions affected users across the US as snowstorms triggered power outages and technical failures, with reports of malfunctioning algorithms and missing content features.

Problems persisted for some users beyond the initial incident, adding to uncertainty surrounding the platform’s stability.

The outage coincided with the creation of a new US-based TikTok joint venture following government concerns over potential Chinese access to user data. TikTok stated that a power failure at a domestic data centre caused the disruption, rather than ownership restructuring or policy changes.

Suspicion grew among users due to overlapping political events, including large-scale protests in Minneapolis and reports of difficulties searching for related content. Fears of censorship spread online, although TikTok attributed all disruptions to infrastructure failure.

The incident also resurfaced concerns over TikTok’s privacy policy, which outlines the collection of sensitive personal data. While some disclosures predated the ownership deal, the timing reinforced broader anxieties over social media surveillance during periods of political tension.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google fixes Gmail bug that sent spam into primary inboxes

Gmail experienced widespread email filtering issues on Saturday, sending spam into primary inboxes and mislabelling legitimate messages as suspicious, according to Google’s Workspace status dashboard.

Problems began around 5 a.m. Pacific time, with users reporting disrupted inbox categories, unexpected spam warnings and delays in email delivery. Many said promotional and social emails appeared in primary folders, while trusted senders were flagged as potential threats.

Google acknowledged the malfunction throughout the day, noting ongoing efforts to restore normal service as complaints spread across social media platforms.

By Saturday evening, the company confirmed the issue had been fully resolved for all users, although some misclassified messages and spam warnings may remain visible for emails received before the fix.

Google said it is conducting an internal investigation and will publish a detailed incident analysis to explain what caused the disruption.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI powers firefighting tools

Firefighting is entering a new era with HEN Technologies. Founder Sunny Sethi has developed nozzles that extinguish fires up to three times faster while conserving two-thirds of water.

HEN’s products include nozzles, valves, monitors, and sprinklers equipped with sensors and smart circuits. A cloud platform tracks water flow, pressure, GPS, and weather conditions, allowing fire departments to respond efficiently and manage resources effectively.

Predictive analytics built on this data provide real-time insights for incident commanders. Firefighters can anticipate wind shifts, monitor water usage, and optimise operations, attracting interest from the Department of Homeland Security and military agencies worldwide.

Commercial adoption has been rapid, with revenue rising from $200,000 in 2023 to a projected $20 million this year. Serving 1,500 clients globally and filing 20 patents, HEN is also collecting real-world fire data that could support AI models simulating extreme environments.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

WorldLeaks claims massive Nike data leak

Nike has launched an internal investigation following claims by the WorldLeaks cybercrime group that company data was stolen from its systems.

The sportswear giant said it is assessing a potential cybersecurity incident after the group listed Nike on its Tor leak site and published a large volume of files allegedly taken during the intrusion.

WorldLeaks claims to have released approximately 1.4 terabytes of data, comprising more than 188,000 files. The group is known for data theft and extortion tactics, pressuring organisations to pay by threatening public disclosure instead of encrypting systems with ransomware.

The cybercrime operation emerged in 2025 after rebranding from Hunters International, a ransomware gang active since 2023. Increased law enforcement pressure reportedly led the group to abandon encryption-based attacks and focus exclusively on stealing sensitive corporate data.

An incident that adds to growing concerns across the retail and apparel sector, following a recent breach affecting Under Armour that exposed tens of millions of customer records.

Nike has stated that consumer privacy and data protection remain priorities while the investigation continues.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China gains ground in global AI race

US companies are increasingly adopting Chinese AI models as part of their core technology stacks, raising questions about global leadership in AI. In the US, Pinterest has confirmed it is using Chinese-developed models to improve recommendations and shopping features.

In the US, executives point to open-source Chinese models such as DeepSeek and tools from Alibaba as faster, cheaper and easier to customise. US firms say these models can outperform proprietary alternatives at a fraction of the cost.

Adoption extends beyond Pinterest in the US, with Airbnb also relying on Chinese AI to power customer service tools. Data from Hugging Face shows Chinese models frequently rank among the most downloaded worldwide, including across US developers.

Researchers at Stanford University have found Chinese AI capabilities now match or exceed global peers. In the US, firms such as OpenAI and Meta remain focused on proprietary systems, leaving China to dominate open-source AI development.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UN warns of rising AI-driven threats to child safety

UN agencies have issued a stark warning over the accelerating risks AI poses to children online, citing rising cases of grooming, deepfakes, cyberbullying and sexual extortion.

A joint statement published on 19 January urges urgent global action, highlighting how AI tools increasingly enable predators to target vulnerable children with unprecedented precision.

Recent data underscores the scale of the threat, with technology-facilitated child abuse cases in the US surging from 4,700 in 2023 to more than 67,000 in 2024.

During the COVID-19 pandemic, online exploitation intensified, particularly affecting girls and young women, with digital abuse frequently translating into real-world harm, according to officials from the International Telecommunication Union.

Governments are tightening policies, led by Australia’s social media ban for under-16s, as the UK, France and Canada consider similar measures. UN agencies urged tech firms to prioritise child safety and called for stronger AI literacy across society.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot