Jaguar Land Rover (JLR) has ordered factory staff to work from home until at least next Tuesday as it recovers from a major cyberattack. Production remains suspended at key UK sites, including Halewood, Solihull, and Wolverhampton.
The disruption, first reported earlier this week, has ‘severely impacted’ production and sales, according to JLR. Reports suggest that assembly line workers have been instructed not to return before 9 September, while the situation remains under review.
The hack has hit operations beyond manufacturing, with dealerships unable to order parts and some customer handovers delayed. The timing is particularly disruptive, coinciding with the September release of new registration plates, which traditionally boosts demand.
A group of young hackers on Telegram, calling themselves Scattered Lapsus$ Hunters, has claimed responsibility for the incident. Linked to earlier attacks on Marks & Spencer and Harrods, the group reportedly shared screenshots of JLR’s internal IT systems as proof.
The incident follows a wider spate of UK retail and automotive cyberattacks this year. JLR has stated that it is working quickly to restore systems and emphasised that there is ‘no evidence’ that customer data has been compromised.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Financial services firms are adapting rapidly to the rise of AI in cybersecurity, according to David Ramirez, CISO at Broadridge. He said AI is changing the balance between attackers and defenders while also reshaping the skills security teams require.
On the defensive side, AI is already streamlining governance, risk management and compliance tasks, while also speeding up incident detection and training. He highlighted its growing role in areas like access management and data loss prevention.
He also stressed the importance of aligning cyber strategy with business goals and improving board-level visibility. While AI tools are advancing quickly, he urged CISOs not to lose sight of risk assessments and fundamentals in building resilient systems.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The European Union Aviation Safety Agency (EASA) has published survey results probing the ethical outlook of aviation professionals on AI deployment, released during its AI Days event in Cologne.
The AI Days conference gathered nearly 200 on-site attendees from across the globe, with even more participating online.
The survey measured acceptance, trust and comfort across eight hypothetical AI use cases, yielding an average acceptance score of 4.4 out of 7. Despite growing interest, two-thirds of respondents declined at least one scenario.
Their key concerns included limitations of AI performance, privacy and data protection, accountability, safety risks and the potential for workforce de-skilling. A clear majority called for stronger regulation and oversight by EASA and national authorities.
In a keynote address, Christine Berg from the European Commission highlighted that AI in aviation is already practical, optimising air traffic flow and predictive maintenance, while emphasising the need for explainable, reliable and certifiable systems under the EU AI Act.
Survey findings will feed into EASA’s AI Roadmap and prompt public consultations as the agency advances policy and regulatory frameworks.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
WhatsApp has fixed a vulnerability that exposed Apple device users to highly targeted cyberattacks. The flaw was chained with an iOS and iPadOS bug, allowing hackers to access sensitive data.
According to researchers at Amnesty’s Security Lab, the malicious campaign lasted around 90 days and impacted fewer than 200 people. WhatsApp notified victims directly, which urged all users to update their apps immediately.
Apple has also acknowledged the issue and released security patches to close the cybersecurity loophole. Experts warn that other apps beyond WhatsApp may have been exploited in the same campaign.
The identity of those behind the spyware attacks remains unclear. Both companies have stressed that prompt updates are the best protection for users against similar threats.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Private backing for UK AI companies has reached £2.9 billion, with average deals of £5.9 million, driving record growth across the sector. Ministers say investment is spreading regionally, with the number of firms in the Midlands, Yorkshire, Wales, and the North West doubling in just three years.
At Mansion House, Technology Secretary Peter Kyle urged industry to cut red tape, expand data centres, and attract global talent. He emphasised that public trust, supported by AI assurance measures, is crucial for growth.
The assurance roadmap aims to add billions to the economy by creating a dedicated profession to review AI systems for safety, ethics, and accountability. Independent experts will be tasked with certifying systems, while a consortium of professional bodies develops a code of ethics to guide standards.
Further initiatives include £2.7m to boost regulator capacity and AI projects for Ofgem, the Civil Aviation Authority, and the Office for Nuclear Regulation, covering energy, aviation, and nuclear waste.
Officials say these measures will help position the UK as a world leader in AI innovation, while ensuring growth is matched with robust oversight and public confidence in the technology.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The action stems from CNIL’s 2019 guidelines, aimed at ensuring that internet users are adequately informed and give valid consent for the placement of cookies.
The CNIL’s restricted committee, responsible for imposing penalties, raised ongoing concerns such as unauthorised cookie placement and the growing use of ‘cookie walls’ where users must accept cookies to access services.
Although not illegal by default, such practices require consent, with all choices presented clearly and without bias.
In Google’s case, CNIL also cited a breach of Article L.34-5 of the French Postal and Electronic Communications Code for displaying promotional emails in Gmail’s ‘Promotions’ and ‘Social’ tabs without prior user consent. High-traffic platforms remain a key focus of the authority’s compliance strategy.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Language technology company Tilde has released an open AI framework designed for all European languages.
The model, named ‘TildeOpen’, was developed with the support of the European Commission and trained on the Lumi supercomputer in Finland.
According to Tilde’s head Artūrs Vasiļevskis, the project addresses a key gap in US-based AI systems, which often underperform for smaller European languages such as Latvian. By focusing on European linguistic diversity, the framework aims to provide better accessibility across the continent.
Vasiļevskis also suggested that Latvia has the potential to become an exporter of AI solutions. However, he acknowledged that development is at an early stage and that current applications remain relatively simple. The framework and user guidelines are freely accessible online.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The Court rejected Zalando’s arguments and upheld the Commission’s decision. It ruled that Zalando qualifies as a VLOP due to its Partner Programme. Since Zalando could not distinguish between users exposed to third-party seller content and those who were not, the Commission was entitled to consider all 83 million users as active recipients.
The Court also dismissed Zalando’s claims that the DSA violated legal certainty, equal treatment, and proportionality principles. It highlighted the potential for large platforms to facilitate the distribution of dangerous or illegal goods. As such, Zalando remains subject to the enhanced responsibilities imposed on very large online platforms under the DSA.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Hexstrike-AI links large language models like Claude, GPT and Copilot via a Multi-Agent Control Protocol (MCP) to over 150 security tools.
Automated agents execute actions such as scanning, exploiting CVEs and deploying webshells, all orchestrated through high-level commands like ‘exploit NetScaler’.
Researchers from CheckPoint note that attackers are now using Hexstrike-AI to achieve unauthenticated remote code execution automatically.
The AI framework’s design, complete with retry logic and resilience, makes chaining reconnaissance, exploitation and persistence seamless and more effective.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Intelligence and cybersecurity agencies from 13 countries, including the NSA, CISA, the UK’s NCSC and Canada’s CSIS, have jointly issued an advisory on Salt Typhoon, a Chinese state-sponsored advanced persistent threat group.
The alert highlights global intrusions into telecommunications, military, government, transport and lodging sectors.
Salt Typhoon has exploited known, unpatched vulnerabilities in network-edge appliances, such as routers and firewalls, to gain initial access. Once inside, it covertly embeds malware and employs living-off-the-land tools for persistence and data exfiltration.
The advisory also warns that stolen data from compromised ISPs can help intelligence services track global communications and movements.
It pinpoints three Chinese companies with links to the Ministry of State Security and the People’s Liberation Army as central to Salt Typhoon’s operations.
Defensive guidelines accompany the advisory, urging organisations to apply urgent firmware patches, monitor for abnormal network activity, verify firmware integrity and tighten device configurations, especially for telecom infrastructure.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
