Network security

Europol warns that the $50,000 Qilin reward is fake

Europol has warned that a reported $50,000 reward for information on two members of the Qilin ransomware group is fake. The message, circulating on Telegram, claimed the suspects, known as Haise and XORacle, coordinate affiliates and manage extortion operations.

Europol clarified that it does not operate a Telegram channel and that the message does not originate from its official accounts, which are active on Instagram, LinkedIn, X, Bluesky, YouTube, and Facebook.

Qilin, also known as Agenda, has been active since 2022 and, in 2025, listed over 400 victims on its leak website, including media and pharmaceutical companies.

Recent attacks, such as the one targeting Inotiv, demonstrate the group’s ongoing threat. Analysts note that cybercriminals often circulate false claims to undermine competitors, mislead affiliates, or sow distrust within rival gangs.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI improves customer experience at Citi

Citi has expanded its digital client platform, CitiDirect Commercial Banking, with new AI capabilities to improve customer service and security.

The platform now supports over half of Citi’s global commercial banking client base and handles around 2.3 million sessions.

AI features assist in fraud detection, automate customer queries, and provide real-time onboarding updates and guidance.

KYC renewals have been simplified through automated alerts and pre-filled forms, cutting effort and processing time for clients.

Live in markets including the UK, US, India, and others, the platform has received positive feedback from over 10,000 users. Citi says the enhancements are part of a broader effort to make mid-sized corporate banking faster, more innovative, and more efficient.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Fed urges banks to embrace blockchain innovation

Federal Reserve Vice Chair for Supervision Michelle Bowman has warned that banks must embrace blockchain technology or risk fading into irrelevance. At the Wyoming Blockchain Symposium on 19 August, she urged banks and regulators to drop caution and embrace innovation.

Bowman highlighted tokenisation as one of the most immediate applications, enabling assets to be transferred digitally without intermediaries or physical movement.

She explained that tokenised systems could cut operational delays, reduce risks, and expand access across large and smaller banks. Regulatory alignment, she added, could accelerate tokenisation from pilots to mainstream adoption.

Fraud prevention was also a key point of her remarks. Bowman said financial institutions face growing threats from scams and identity theft, but argued blockchain could help reduce fraud.

She called for regulators to ensure frameworks support adoption rather than hinder it, framing the technology as a chance for collaboration between the industry and the Fed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google Cloud boosts AI security with agentic defence tools

Google Cloud has unveiled a suite of security enhancements at its Security Summit 2025, focusing on protecting AI innovations and empowering cybersecurity teams with AI-driven defence tools.

VP and GM Jon Ramsey highlighted the growing need for specialised safeguards as enterprises deploy AI agents across complex environments.

Central to the announcements is the concept of an ‘agentic security operations centre,’ where AI agents coordinate actions to achieve shared security objectives. It represents a shift from reactive security approaches to proactive, agent-supported strategies.

Google’s platform integrates automated discovery, threat detection, and response mechanisms to streamline security operations and cover gaps in existing infrastructures.

Key innovations include extended protections for AI agents through Model Armour, covering Agentspace prompts and responses to mitigate prompt injection attacks, jailbreaking, and data leakage.

The Alert Investigation agent, available in preview, automates enrichment and analysis of security events while offering actionable recommendations, reducing manual effort and accelerating response times.

Integrating Mandiant threat intelligence feeds and Gemini AI strengthens detection and incident response across agent environments.

Additional tools, such as SecOps Labs and native SOAR dashboards, provide organisations with early access to AI-powered threat detection experiments and comprehensive security visualisation capabilities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Rapper Bot dismantled after 370,000 global cyberattacks

A 22-year-old man from Oregon has been charged with operating one of the most powerful botnets ever uncovered, Rapper Bot.

Federal prosecutors in Alaska said the network was responsible for over 370,000 cyberattacks worldwide since 2021, targeting technology firms, a central social media platform and even a US government system.

The botnet relied on malware that infected everyday devices such as Wi-Fi routers and digital video recorders. Once hijacked, the compromised machines were forced to overwhelm servers with traffic in distributed denial-of-service (DDoS) attacks.

Investigators estimate that Rapper Bot infiltrated as many as 95,000 devices at its peak.

The accused administrator, Ethan Foltz, allegedly ran the network as a DDoS-for-hire service, temporarily charging customers to control its capabilities.

Authorities said its most significant attack generated more than six terabits of data per second, making it among the most destructive DDoS networks. Foltz faces up to 10 years in prison if convicted.

The arrest was carried out under Operation PowerOFF, an international effort to dismantle criminal groups offering DDoS-for-hire services.

US Attorney Michael J. Heyman said the takedown had effectively disrupted a transnational threat, ending Foltz’s role in the sprawling cybercrime operation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Grok chatbot leaks spark major AI privacy concerns

Private conversations with xAI’s chatbot Grok have been exposed online, raising serious concerns over user privacy and AI safety. Forbes found that Grok’s ‘share’ button created public URLs, later indexed by Google and other search engines.

The leaked content is troubling, ranging from questions on hacking crypto wallets to instructions on drug production and even violent plots. Although xAI bans harmful use, some users still received dangerous responses, which are now publicly accessible online.

The exposure occurred because search engines automatically indexed the shareable links, a flaw echoing previous issues with other AI platforms, including OpenAI’s ChatGPT. Designed for convenience, the feature exposed sensitive chats, damaging trust in xAI’s privacy promises.

The incident pressures AI developers to integrate stronger privacy safeguards, such as blocking the indexing of shared content and enforcing privacy-by-design principles. Users may hesitate to use chatbots without fixes, fearing their data could reappear online.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Google urges users to update Chrome after V8 flaw patched

Google has patched a high-severity flaw in its Chrome browser with the release of version 139, addressing vulnerability CVE-2025-9132 in the V8 JavaScript engine.

The out-of-bounds write issue was discovered by Big Sleep AI, a tool built by Google DeepMind and Project Zero to automate vulnerability detection in real-world software.

Chrome 139 updates (Windows/macOS: 139.0.7258.138/.139, Linux: 139.0.7258.138) are now rolling out to users. Google has not confirmed whether the flaw is being actively exploited.

Users are strongly advised to install the latest update to ensure protection, as V8 powers both JavaScript and WebAssembly within Chrome.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU and Bangladesh strengthen cooperation on cybersecurity and digital economy

The EU has engaged in talks with the Bangladesh Telecommunication Regulatory Commission to strengthen cooperation on data protection, cybersecurity, and the country’s digital economy.

The meeting was led by EU Ambassador Michael Miller and BTRC Chairman Major General (retd) Md Emdad ul Bari.

The EU emphasised safeguarding fundamental rights while encouraging innovation and investment. With opportunities in broadband expansion, 5G deployment, and last-mile connectivity, the EU reaffirmed its commitment to supporting Bangladesh’s vision for a secure and inclusive digital future.

Both parties agreed to deepen collaboration, with the EU offering technical expertise under its Global Gateway strategy to help Bangladesh build a safer and more connected digital landscape.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hackers steal data from over a million Allianz customers

A data breach at Allianz Life exposed the personal information of around 1.1 million customers, including names, addresses, and dates of birth.

Hackers accessed a customer database hosted on Salesforce, stealing emails, phone numbers, and in some cases, Social Security numbers.

The company confirmed the breach in late July but has not specified the full scale of the incident while its investigation continues.

Cybercrime group ShinyHunters is believed to be behind the attack and is reportedly preparing a data leak site to extort victims.

Several global companies using Salesforce infrastructure, including Qantas and Workday, have reported similar incidents linked to the same hacking collective.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google sees growing demand for cloud data sovereignty

Google’s Cloud Experience lead Hayete Gallot says developer interest in sovereign cloud solutions is rising sharply amid AI concerns. More clients are asking to control how and where their data is stored, processed, and encrypted within public cloud environments.

Microsoft said it could not guarantee full cloud data sovereignty in July, increasing pressure on rivals to offer stronger protections.

Gallot noted that sovereignty is more than location. Cybersecurity measures such as encryption, ownership, and administrative access are now top priorities for businesses.

On AI, Gallot dismissed fears that assistants will replace developers, saying skills like prompt writing still require critical thinking.

She believes modern developers must adapt, comparing today’s AI tools to learning older languages like Pascal or Fortran.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!