Network security

Secrets sprawl flagged as top software supply chain risk in Australia

Avocado Consulting urges Australian organisations to boost software supply chain security after a high-alert warning from the Australian Cyber Security Centre (ACSC). The alert flagged threats, including social engineering, stolen tokens, and manipulated software packages.

Dennis Baltazar of Avocado Consulting said attackers combine social engineering with living-off-the-land techniques, making attacks appear routine. He warned that secrets left across systems can turn small slips into major breaches.

Baltazar advised immediate audits to find unmanaged privileged accounts and non-human identities. He urged embedding security into workflows by using short-lived credentials, policy-as-code, and default secret detection to reduce incidents and increase development speed for users in Australia.

Avocado Consulting advises organisations to eliminate secrets from code and pipelines, rotate tokens frequently, and validate every software dependency by default using version pinning, integrity checks, and provenance verification. Monitoring CI/CD activity for anomalies can also help detect attacks early.

Failing to act could expose cryptographic keys, facilitate privilege escalation, and result in reputational and operational damage. Avocado Consulting states that secure development practices must become the default, with automated scanning and push protection integrated into the software development lifecycle.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UK government AI tool recovers £500m lost to fraud

A new AI system developed by the UK Cabinet Office has helped reclaim nearly £500m in fraudulent payments, marking the government’s most significant recovery of public funds in a single year.

The Fraud Risk Assessment Accelerator analyses data across government departments to identify weaknesses and prevent scams before they occur.

It uncovered unlawful council tax claims, social housing subletting, and pandemic-related fraud, including £186m linked to Covid support schemes. Ministers stated the savings would be redirected to fund nurses, teachers, and police officers.

Officials confirmed the tool will be licensed internationally, with the US, Canada, Australia, and New Zealand among the first partners expected to adopt it.

The UK announced the initiative at an anti-fraud summit with these countries, describing it as a step toward global cooperation in securing public finances through AI.

However, civil liberties groups have raised concerns about bias and oversight. Previous government AI systems used to detect welfare fraud were found to produce disparities based on age, disability, and nationality.

Campaigners warned that the expanded use of AI in fraud detection risks embedding unfair outcomes if left unchecked.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Arrest made in Heathrow airport cyberattack case

A 40-year-old man has been arrested in West Sussex in connection with a cyberattack that caused major disruption across several European airports, including London’s Heathrow. The arrest was confirmed by the UK’s National Crime Agency (NCA), which is leading the investigation.

The incident targeted Collins Aerospace, a key provider of airline baggage and check-in software. The attack triggered system failures that forced staff at multiple airports to revert to manual check-in processes, resulting in hundreds of flight delays and frustration for passengers.

The NCA described the case as being in its early stages, with inquiries ongoing into the scale of the attack and the suspect’s potential role. Authorities have not yet confirmed whether others may be involved or what the broader motives behind the cyber-attack were.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Meta offers Llama AI to US allies amid global tech race

Meta will provide its Llama AI model to key European institutions, NATO, and several allied countries as part of efforts to strengthen national security capabilities.

The company confirmed that France, Germany, Italy, Japan, South Korea, and the EU will gain access to the open-source model. US defence and security agencies and partners in Australia, Canada, New Zealand, and the UK already use Llama.

Meta stated that the aim is to ensure democratic allies have the most advanced AI tools for decision-making, mission planning, and operational efficiency.

Although its terms bar use for direct military or espionage applications, the company emphasised that supporting allied defence strategies is in the interest of nations.

The move highlights the strategic importance of AI models in global security. Meta has positioned Llama as a counterweight to other countries’ developments, after allegations that researchers adapted earlier versions of the model for military purposes.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Stellantis hit by breach affecting millions of customers

Stellantis, the parent company of Jeep, Chrysler and Dodge, has disclosed a data breach affecting its North American customer service operations.

The company said it recently discovered unauthorised access to a third-party service platform and confirmed that customer contact details were exposed. Stellantis stressed that no financial information was compromised and that affected customers and regulators are being notified.

Cybercriminal group ShinyHunters has claimed responsibility, telling tech site BleepingComputer it had stolen over 18 million Salesforce records from the automaker, including names and contact information. Stellantis has not confirmed the number of records involved.

ShinyHunters has targeted several global firms this year, including Google, Louis Vuitton and Allianz Life, often using voice phishing to trick employees into downloading malicious software. The group claims to have stolen 1.5 billion Salesforce records from more than 700 companies worldwide.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Americans fear AI will weaken creativity and human connections

A new Pew Research Center survey shows Americans are more worried than excited about AI shaping daily life. Half of adults say AI’s rise will harm creative thinking and meaningful relationships, while only small shares see improvements.

Many want greater control over its use, even as most are willing to let it assist with routine tasks.

The survey of over 5,000 US adults found 57% consider AI’s societal risks to be high, with just a quarter rating the benefits as significant. Most respondents also doubt their ability to recognise AI-generated content, although three-quarters believe being able to tell human from machine output is essential.

Americans remain sceptical about AI in personal spheres such as religion and matchmaking, instead preferring its application in heavy data tasks like weather forecasting, fraud detection and medical research.

Younger adults are more aware of AI than older generations, yet they are also more likely to believe it will undermine creativity and human connections.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Jaguar shutdown extended as ministers meet suppliers

Jaguar Land Rover (JLR) has confirmed its factories will remain closed until at least 1 October, extending a shutdown triggered by a cyber-attack in late August.

Business Secretary Peter Kyle and Industry Minister Chris McDonald are meeting JLR and its suppliers, as fears mount that small firms in the supply chain could collapse without the support of the August cyberattack.

The disruption, estimated to cost JLR £50m per week, affects UK plants in Solihull, Halewood and Wolverhampton. About 30,000 people work directly for JLR, with a further 100,000 in its supply chain.

Unions say some supplier staff have been laid off with little or no pay, forcing them to seek Universal Credit. Unite has called for a furlough-style scheme, while MPs have pressed the government to consider emergency loans.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Misconfigurations drive major global data breaches

Misconfigurations in cloud systems and enterprise networks remain one of the most persistent and damaging causes of data breaches worldwide.

Recent incidents have highlighted the scale of the issue, including a cloud breach at the US Department of Homeland Security, where sensitive intelligence data was inadvertently exposed to thousands of unauthorised users.

Experts say such lapses are often more about people and processes than technology. Complex workflows, rapid deployment cycles and poor oversight allow errors to spread across entire systems. Misconfigured servers, storage buckets or access permissions then become easy entry points for attackers.

Analysts argue that preventing these mistakes requires better governance, training and process discipline rather. Building strong safeguards and ensuring staff have the knowledge to configure systems securely are critical to closing one of the most exploited doors in cybersecurity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Emerging AI trends that will define 2026

AI is set to reshape daily life in 2026, with innovations moving beyond software to influence the physical world, work environments, and international relations.

Autonomous agents will increasingly manage household and workplace tasks, coordinating projects, handling logistics, and interacting with smart devices instead of relying solely on humans.

Synthetic content will become ubiquitous, potentially comprising up to 90 percent of online material. While it can accelerate data analysis and insight generation, the challenge will be to ensure genuine human creativity and experience remain visible instead of being drowned out by generic AI outputs.

The workplace will see both opportunity and disruption. Routine and administrative work will increasingly be offloaded to AI, creating roles such as prompt engineers and AI ethics specialists, while some traditional positions face redundancy.

Similarly, AI will expand into healthcare, autonomous transport, and industrial automation, becoming a tangible presence in everyday life instead of remaining a background technology.

Governments and global institutions will grapple with AI’s geopolitical and economic impact. From trade restrictions to synthetic propaganda, world leaders will attempt to control AI’s spread and underlying data instead of allowing a single country or corporation to have unchecked dominance.

Energy efficiency and sustainability will also rise to the fore, as AI’s growing power demands require innovative solutions to reduce environmental impact.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack disrupts major European airports

Airports across Europe faced severe disruption after a cyberattack on check-in software used by several major airlines.

Heathrow, Brussels, Berlin and Dublin all reported delays, with some passengers left waiting hours as staff reverted to manual processes instead of automated systems.

Brussels Airport asked airlines to cancel half of Monday’s departures after Collins Aerospace, the US-based supplier of check-in technology, could not provide a secure update. Heathrow said most flights were expected to operate but warned travellers to check their flight status.

Berlin and Dublin also reported long delays, although Dublin said it planned to run a full schedule.

Collins, a subsidiary of aerospace and defence group RTX, confirmed that its Muse software had been targeted by a cyberattack and said it was working to restore services. The UK’s National Cyber Security Centre coordinates with airports and law enforcement to assess the impact.

Experts warned that aviation is particularly vulnerable because airlines and airports rely on shared platforms. They said stronger backup systems, regular updates and greater cross-border cooperation are needed instead of siloed responses, as cyberattacks rarely stop at national boundaries.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!