Network security

Google launches standalone Password Manager app for Android

Google has released its Password Manager as a standalone app for Android, separating the service from Chrome for easier access. The new app allows users to quickly view and manage saved passwords, passkeys and login details directly from their phone.

The app itself does not introduce new features. It functions mainly as a shortcut to the existing Password Manager already built into Android and Chrome.

For users, there is little practical difference between the app and the integrated option, although some may prefer the clarity of having a dedicated tool instead of navigating through browser settings.

For Google, however, the move brings advantages. By listing Password Manager in the Play Store, the company can compete more visibly with rivals like LastPass and 1Password.

Previously, many users were unaware of the built-in feature since it was hidden within Chrome. The Play Store presence also gives Google a direct way to push updates and raise awareness of the service.

The app arrives with Google’s Material 3 design refresh, giving it a cleaner look that aligns with the rest of Android. Functionality remains unchanged for now, but the shift suggests Google may expand the app in the future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Orange suffers major data breach

Orange Belgium has confirmed a data breach affecting 850,000 customers, after a cyberattack targeted one of its internal IT systems. The attack, discovered in late July, exposed names, phone numbers, SIM card details, tariff plans and PUK codes. No financial or password data was compromised.

The telecoms provider blocked access to the affected system and notified authorities. A formal complaint has also been filed with the judiciary. All affected users are being informed via email or SMS and are urged to stay alert for phishing and identity fraud attempts.

Orange Belgium has advised users to strengthen account security with strong, unique passwords and to be cautious of suspicious links and messages. This marks the third cyber incident involving Orange in 2025, following earlier attacks, though those breaches varied in impact.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ransomware attack at DaVita exposes data of 2.7 million patients in the US

A ransomware attack against dialysis provider DaVita has exposed the personal data of 2.7 million people, according to a notice on the US health department’s website.

The company first disclosed the cyber incident in April, saying it had taken steps to restore operations but could not predict the scale of disruption.

DaVita confirmed that hackers gained unauthorised access to its laboratory database, which contained sensitive information belonging to some current and former patients. The firm said it is now contacting those affected and offering free credit monitoring to help protect against identity theft.

Despite the intrusion, DaVita maintained uninterrupted dialysis services across its network of nearly 3,000 outpatient clinics and home treatment programmes. The company described the cyberattack as a temporary disruption but stressed that patient care was never compromised.

Financial disclosures show the incident led to around $13.5 million in charges during the second quarter of 2025. Most of the costs were linked to system restoration and third-party support, with $1 million attributed to higher patient care expenses.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Russia pushes mandatory messaging app Max on all new devices

Russia will require all new mobile phones and tablets sold starting in September, including a government-backed messenger called Max. Developed by Kremlin-controlled tech firm VK, the app offers messaging, video calls, mobile payments, and access to state services.

Authorities claim Max is a safe alternative to Western apps, but critics warn it could act as a state surveillance tool. The platform is reported to collect financial data, purchase history, and location details, all accessible to security services.

Journalist Andrei Okun described Max as a ‘Digital Gulag’ designed to control daily life and communications.

The move is part of Russia’s broader push to replace Western platforms. New restrictions have already limited calls on WhatsApp and Telegram, and officials hinted that WhatsApp may face a ban.

Telegram remains widely used but is expected to face greater pressure as the Kremlin directs officials to adopt Max.

VK says Max has already attracted 18 million downloads, though parts of the app remain in testing. From 2026, Russia will also require smart TVs to come preloaded with a state-backed service offering free access to government channels.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Microsoft limits certain companies’ access to the SharePoint early warning system

Microsoft has limited certain Chinese companies’ access to its early warning system for cybersecurity vulnerabilities following suspicions about their involvement in recent SharePoint hacking attempts.

The decision restricts the sharing of proof-of-concept code, which mimics genuine malicious software. While valuable for cybersecurity professionals strengthening their systems, the code can also be misused by hackers.

The restrictions follow Microsoft’s observation of exploitation attempts targeting SharePoint servers in July. Concerns arose that a member of the Microsoft Active Protections Program may have repurposed early warnings for offensive activity.

Microsoft maintains that it regularly reviews participants and suspends those violating contracts, including prohibitions on participating in cyber attacks.

Beijing has denied involvement in the hacking, while Microsoft has refrained from disclosing which companies were affected or details of the ongoing investigation.

Analysts note that balancing collaboration with international security partners and preventing information misuse remains a key challenge for global cybersecurity programmes.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Europol warns that the $50,000 Qilin reward is fake

Europol has warned that a reported $50,000 reward for information on two members of the Qilin ransomware group is fake. The message, circulating on Telegram, claimed the suspects, known as Haise and XORacle, coordinate affiliates and manage extortion operations.

Europol clarified that it does not operate a Telegram channel and that the message does not originate from its official accounts, which are active on Instagram, LinkedIn, X, Bluesky, YouTube, and Facebook.

Qilin, also known as Agenda, has been active since 2022 and, in 2025, listed over 400 victims on its leak website, including media and pharmaceutical companies.

Recent attacks, such as the one targeting Inotiv, demonstrate the group’s ongoing threat. Analysts note that cybercriminals often circulate false claims to undermine competitors, mislead affiliates, or sow distrust within rival gangs.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI improves customer experience at Citi

Citi has expanded its digital client platform, CitiDirect Commercial Banking, with new AI capabilities to improve customer service and security.

The platform now supports over half of Citi’s global commercial banking client base and handles around 2.3 million sessions.

AI features assist in fraud detection, automate customer queries, and provide real-time onboarding updates and guidance.

KYC renewals have been simplified through automated alerts and pre-filled forms, cutting effort and processing time for clients.

Live in markets including the UK, US, India, and others, the platform has received positive feedback from over 10,000 users. Citi says the enhancements are part of a broader effort to make mid-sized corporate banking faster, more innovative, and more efficient.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Fed urges banks to embrace blockchain innovation

Federal Reserve Vice Chair for Supervision Michelle Bowman has warned that banks must embrace blockchain technology or risk fading into irrelevance. At the Wyoming Blockchain Symposium on 19 August, she urged banks and regulators to drop caution and embrace innovation.

Bowman highlighted tokenisation as one of the most immediate applications, enabling assets to be transferred digitally without intermediaries or physical movement.

She explained that tokenised systems could cut operational delays, reduce risks, and expand access across large and smaller banks. Regulatory alignment, she added, could accelerate tokenisation from pilots to mainstream adoption.

Fraud prevention was also a key point of her remarks. Bowman said financial institutions face growing threats from scams and identity theft, but argued blockchain could help reduce fraud.

She called for regulators to ensure frameworks support adoption rather than hinder it, framing the technology as a chance for collaboration between the industry and the Fed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google Cloud boosts AI security with agentic defence tools

Google Cloud has unveiled a suite of security enhancements at its Security Summit 2025, focusing on protecting AI innovations and empowering cybersecurity teams with AI-driven defence tools.

VP and GM Jon Ramsey highlighted the growing need for specialised safeguards as enterprises deploy AI agents across complex environments.

Central to the announcements is the concept of an ‘agentic security operations centre,’ where AI agents coordinate actions to achieve shared security objectives. It represents a shift from reactive security approaches to proactive, agent-supported strategies.

Google’s platform integrates automated discovery, threat detection, and response mechanisms to streamline security operations and cover gaps in existing infrastructures.

Key innovations include extended protections for AI agents through Model Armour, covering Agentspace prompts and responses to mitigate prompt injection attacks, jailbreaking, and data leakage.

The Alert Investigation agent, available in preview, automates enrichment and analysis of security events while offering actionable recommendations, reducing manual effort and accelerating response times.

Integrating Mandiant threat intelligence feeds and Gemini AI strengthens detection and incident response across agent environments.

Additional tools, such as SecOps Labs and native SOAR dashboards, provide organisations with early access to AI-powered threat detection experiments and comprehensive security visualisation capabilities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Rapper Bot dismantled after 370,000 global cyberattacks

A 22-year-old man from Oregon has been charged with operating one of the most powerful botnets ever uncovered, Rapper Bot.

Federal prosecutors in Alaska said the network was responsible for over 370,000 cyberattacks worldwide since 2021, targeting technology firms, a central social media platform and even a US government system.

The botnet relied on malware that infected everyday devices such as Wi-Fi routers and digital video recorders. Once hijacked, the compromised machines were forced to overwhelm servers with traffic in distributed denial-of-service (DDoS) attacks.

Investigators estimate that Rapper Bot infiltrated as many as 95,000 devices at its peak.

The accused administrator, Ethan Foltz, allegedly ran the network as a DDoS-for-hire service, temporarily charging customers to control its capabilities.

Authorities said its most significant attack generated more than six terabits of data per second, making it among the most destructive DDoS networks. Foltz faces up to 10 years in prison if convicted.

The arrest was carried out under Operation PowerOFF, an international effort to dismantle criminal groups offering DDoS-for-hire services.

US Attorney Michael J. Heyman said the takedown had effectively disrupted a transnational threat, ending Foltz’s role in the sprawling cybercrime operation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!