Privacy and data protection

Fake GitHub downloads deliver GPUGate malware to EU IT staff

A malvertising campaign is targeting IT workers in the EU with fake GitHub Desktop installers, according to Arctic Wolf. The goal is to steal credentials, deploy ransomware, and infiltrate sensitive systems. The operation has reportedly been active for over six months.

Attackers used malicious Google Ads that redirected users to doctored GitHub repositories. Modified README files mimicked genuine download pages but linked to a lookalike domain. MacOS users received the AMOS Stealer, while Windows victims downloaded bloated installers hiding malware.

The Windows malware evaded detection using GPU-based checks, refusing to run in sandboxes that lacked real graphics drivers. On genuine machines, it copied itself to %APPDATA%, sought elevated privileges, and altered Defender settings. Analysts dubbed the technique GPUGate.

The payload persisted by creating privileged tasks and sideloading malicious DLLs into legitimate executables. Its modular system could download extra malware tailored to each victim. The campaign was geo-fenced to EU targets and relied on redundant command servers.

Researchers warn that IT staff are prime targets due to their access to codebases and credentials. With the campaign still active, Arctic Wolf has published indicators of compromise, Yara rules, and security advice to mitigate the GPUGate threat.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Orson Welles lost film reconstructed with AI

More than 80 years after Orson Welles’ The Magnificent Ambersons was cut and lost, AI is being used to restore 43 missing minutes of the film.

Amazon-backed Showrunner, led by Edward Saatchi, is experimenting with AI technology to rebuild the destroyed sequences as part of a broader push to reimagine how Hollywood might use AI in storytelling.

The project is not intended for commercial release, since Showrunner has not secured rights from Warner Bros. or Concord, but instead aims to explore what could have been the director’s original vision.

The initiative marks a shift in the role of AI in filmmaking. Rather than serving only as a tool for effects, dubbing or storyboarding, it is being positioned as a foundation for long-form narrative creation.

Showrunner is developing AI models capable of sustaining complex plots, with the goal of eventually generating entire films. Saatchi envisions the platform as a type of ‘Netflix of AI,’ where audiences might one day interact with intellectual property and generate their own stories.

To reconstruct The Magnificent Ambersons, the company is combining traditional techniques with AI tools. New sequences will be shot with actors, while AI will be used for face and pose transfer to replicate the original cast.

Thousands of archival set photographs are being used to digitally recreate the film’s environments.

Filmmaker Brian Rose, who has rebuilt 30,000 missing frames over five years, has reconstructed set movements and timing to match the lost scenes, while VFX expert Tom Clive will assist in refining the likenesses of the original actors.

A project that underlines both the creative possibilities and ethical tensions surrounding AI in cinema. While the reconstructed footage will not be commercially exploited, it raises questions about the use of copyrighted material in training AI and the risk of replacing human creators.

For many, however, the experiment offers a glimpse of what Welles’ ambitious work might have looked like had it survived intact.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI study links AI hallucinations to flawed testing incentives

OpenAI researchers say large language models continue to hallucinate because current evaluation methods encourage them to guess rather than admit uncertainty.

Hallucinations, defined as confident but false statements, persist despite advances in models such as GPT-5. Low-frequency facts, like specific dates or names, are particularly vulnerable.

The study argues that while pretraining predicts the next word without true or false labels, the real problem lies in accuracy-based testing. Evaluations that reward lucky guesses discourage models from saying ‘I don’t know’.

Researchers suggest penalising confident errors more heavily than uncertainty, and awarding partial credit when AI models acknowledge limits in knowledge. They argue that only by reforming evaluation methods can hallucinations be meaningfully reduced.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Quantum-proof cryptography emerges as key test for stablecoins

Stablecoins have become central to the digital economy, with billions in daily transactions and stronger regulatory backing under the GENIUS Act. Yet experts warn that advances in quantum computing could undermine their very foundations.

Elliptic curve and RSA cryptography, widely used in stablecoin systems, are expected to be breakable once ‘Q-Day’ arrives. Quantum-equipped attackers could instantly derive private keys from public addresses, exposing entire networks to theft.

The immutability of blockchains makes upgrading cryptographic schemes especially challenging. Dormant wallets and legacy addresses may prove vulnerable, putting billions of dollars at risk if issuers fail to take action promptly.

Researchers highlight lattice-based and hash-based algorithms as viable ‘quantum-safe’ alternatives. Stablecoins built with crypto-agility, enabling seamless upgrades, will better adapt to new standards and avoid disruptive forks.

Regulators are also moving. NIST is finalising post-quantum cryptographic standards, and new rules will likely be established before 2030. Stablecoins that embed resilience today may set the global benchmark for digital trust in the quantum age.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Mistral AI pushes growth with new funding and global deals

Founded in 2023 by ex-Google DeepMind and Meta researchers, Mistral has quickly gained global attention with its open-source models and consumer app, which hit one million downloads within two weeks of launch.

Mistral AI is now seeking fresh funding at a reported $14 billion valuation, more than double its worth just a year ago. Its investors include Microsoft, Nvidia, Cisco, and Bpifrance, and it has signed partnerships with AFP, Stellantis, Orange, and France’s army.

Its growing suite of models spans large language, audio, coding, and reasoning systems, while its enterprise tools integrate with services such as Asana and Google Drive. French president Emmanuel Macron has openly endorsed the firm, framing it as a strategic alternative to US dominance in AI.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Trilateral quantum talks highlight innovation and security priorities

The United States, Japan, and South Korea held two Trilateral Quantum Cooperation meetings this week in Seoul and Tokyo. Officials and experts from government and industry gathered to discuss securing quantum ecosystems against cyber, physical, and intellectual property threats.

The US State Department stressed that joint efforts will ensure breakthroughs in quantum computing benefit citizens while safeguarding innovation. Officials said cooperation is essential as quantum technologies could reshape industries, global power balances, and economic prosperity.

The President of South Korea, Lee Jae Myung, described the partnership as entering a ‘golden era’, noting that Seoul, Washington, and Tokyo must work together both to address North Korea and to drive technological progress.

The talks come as Paul Dabbar, the former CEO of Bohr Quantum Technology, begins his role as US Deputy Secretary of Commerce. Dabbar brings experience in deploying emerging quantum network technologies to the new trilateral framework.

North Korea has also signalled interest in quantum computing for economic development. Analysts note that quantum’s lower energy demand compared to supercomputers could appeal to a country plagued by chronic power shortages.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack forces Jaguar Land Rover to halt production

Production at Jaguar Land Rover (JLR) is to remain halted until at least next week after a cyberattack crippled the carmaker’s operations. Disruption is expected to last through September and possibly into October.

The UK’s largest car manufacturer, owned by Tata, has suspended activity at its plants in Halewood, Solihull, and Wolverhampton. Thousands of staff have been told to stay home on full pay while ‘banking’ hours are to be recovered later.

Suppliers, including Evtec, WHS Plastics, SurTec, and OPmobility, which employ more than 6,000 people in the UK, have also paused their operations. The Sunday Times reported speculation that the outage could drag on for most of September.

While there is no evidence of a data breach, JLR has notified the Information Commissioner’s Office about potential risks. Dozens of internal systems, including spare parts databases, remain offline, forcing dealerships to revert to manual processes.

Hackers linked to the groups Scattered Spider, Lapsus$, and ShinyHunters have claimed responsibility for the incident. JLR stated that it was collaborating with cybersecurity experts and law enforcement to restore systems in a controlled and safe manner.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Conti and LockBit dominate ransomware landscape with record attacks

Ransomware groups have evolved into billion-dollar operations targeting critical infrastructure across multiple countries, employing increasingly sophisticated extortion schemes. Between 2020 and 2022, more than 865 documented attacks were recorded across Australia, Canada, New Zealand, and the UK.

Criminals have escalated from simple encryption to double and triple extortion, threatening to leak stolen data as added leverage. Attack vectors include phishing, botnets, and unpatched flaws. Once inside, attackers use stealthy tools to persist and spread.

BlackSuit, formerly known as Conti, led with 141 attacks, followed by LockBit’s 129, according to data from the Australian Institute of Criminology. Ransomware-as-a-Service groups hit higher volumes by splitting developers from affiliates handling breaches and negotiations.

Industrial targets bore the brunt, with 239 attacks on manufacturing and building products. The consumer goods, real estate, financial services, and technology sectors also featured prominently. Analysts note that industrial firms are often pressured into quick ransom payments to restore production.

Experts warn that today’s ransomware combines military-grade encryption with advanced reconnaissance and backup targeting, raising the stakes for defenders. The scale of activity underscores how resilient these groups remain, adapting rapidly to law enforcement crackdowns and shifting market opportunities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

European Commission proposes mutual data flow agreement with Brazil

The European Commission has initiated the adoption of a data protection adequacy decision with Brazil, recognising that the country offers a level of data protection comparable to the EU’s General Data Protection Regulation (GDPR).

The agreement will enable seamless data transfers between the EU and Brazil across sectors, including business, government, and research.

This mutual decision marks one of the broadest scopes of data adequacy granted by the EU and is expected to boost economic ties between the two regions, which together serve 670 million consumers, Tech Sovereignty, Security, and Democracy Executive Vice President Henna Virkkunen said.

Brazil is also advancing its adequacy decision to allow data flows to the EU. Virkkunen described Brazil as a ‘natural partner’ and stressed the importance of collaboration amid global uncertainty.

Commissioner Michael McGrath praised Brazil’s privacy framework, emphasising that robust data protection ensures consumer trust, rights, and transparency.

The draft decision will now undergo review by the European Data Protection Board (EDPB) and require approval from the EU member states and scrutiny by the European Parliament.

Once adopted, the adequacy decision will be subject to regular evaluations to ensure continued compliance with the EU standards.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Mental health concerns over chatbots fuel AI regulation calls

The impact of AI chatbots on mental health is emerging as a serious concern, with experts warning that such cases highlight the risks of more advanced systems.

Nate Soares, president of the US-based Machine Intelligence Research Institute, pointed to the tragic case of teenager Adam Raine, who took his own life after months of conversations with ChatGPT, as a warning signal for future dangers.

Soares, a former Google and Microsoft engineer, said that while companies design AI chatbots to be helpful and safe, they can produce unintended and harmful behaviour.

He warned that the same unpredictability could escalate if AI develops into artificial super-intelligence, systems capable of surpassing humans in all intellectual tasks. His new book with Eliezer Yudkowsky, If Anyone Builds It, Everyone Dies, argues that unchecked advances could lead to catastrophic outcomes.

He suggested that governments adopt a multilateral approach, similar to nuclear non-proliferation treaties, to halt a race towards super-intelligence.

Meanwhile, leading voices in AI remain divided. Meta’s chief AI scientist, Yann LeCun, has dismissed claims of an existential threat, insisting AI could instead benefit humanity.

The debate comes as OpenAI faces legal action from Raine’s family and introduces new safeguards for under-18s.

Psychotherapists and researchers also warn of the dangers of vulnerable people turning to chatbots instead of professional care, with early evidence suggesting AI tools may amplify delusional thoughts in those at risk.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!