Governance
EU invests €2.9 billion to drive net-zero industrial transformation
(DigWatch – 4 November 2025) The European Commission has approved €2.9 billion in funding for 61 large-scale net-zero technology projects, marking one of the EU’s most significant investments in clean innovation to date. Financed through revenues from the EU Emissions Trading System, the initiative aims to accelerate Europe’s path towards climate neutrality by 2050. – https://dig.watch/updates/eu-invests-e2-9-billion-to-drive-net-zero-industrial-transformation – https://ec.europa.eu/commission/presscorner/detail/en/ip_25_2564
EU invests €107 million in RAISE for AI in science
(DigWatch – 4 November 2025) The European Commission has unveiled RAISE, a new virtual institute designed to unite Europe’s AI research and accelerate scientific breakthroughs. The launch, announced in Copenhagen, marks a flagship moment in the EU’s strategy to strengthen its leadership in science and technology through collective action. – https://dig.watch/updates/eu-invests-e107-million-in-raise-for-ai-in-science – https://ec.europa.eu/commission/presscorner/detail/en/ip_25_2578
Member States cooperate on next-generation European digital platforms
(DigWatch – 4 November 2025) The European Commission has approved the creation of the Digital Commons European Digital Infrastructure Consortium (DC-EDIC), designed to strengthen Europe’s digital sovereignty. The new body unites France, Germany, the Netherlands and Italy as founding members. – https://dig.watch/updates/member-states-cooperate-on-next-generation-european-digital-platforms – https://digital-strategy.ec.europa.eu/en/news/commission-launch-digital-commons-edic-support-sovereign-european-digital-infrastructure-and
Saudi Arabia pushes global AI ambitions with Humain
(DigWatch – 4 November 2025) Saudi Arabia is accelerating its ambitions in AI with the launch of Humain, a homegrown AI company backed by the kingdom’s $1 trillion sovereign wealth fund. The company, financed by the Public Investment Fund, aims to offer a wide range of AI services and tools, including an Arabic large language model capable of understanding diverse dialects and observing Islamic values. – https://dig.watch/updates/saudi-arabia-pushes-global-ai-ambitions-with-humain – https://japantoday.com/category/tech/saudi-chases-ai-ambitions-with-homegrown-firm-pitched-to-global-investors
Geostrategies
Lessons Learned From the TikTok Saga
(Alan Z. Rozenshtein – Lawfare – 4 November 2025) Last week, Treasury Secretary Scott Bessent announced that the United States and China had “finalized the TikTok agreement” for ByteDance to divest enough of its stake in TikTok to satisfy the Protecting Americans from Foreign Adversary Controlled Applications Act (PAFACAA)—the 2024 law Congress passed to force TikTok’s separation from Chinese control. Despite this announcement, President Trump said nothing about TikTok in his press conference after meeting with Chinese President Xi Jinping. Chinese officials, for their part, said only that “the Chinese side will work with the U.S. side to properly address issues related to TikTok.” Details remain murky, though previous reporting suggests TikTok will be sold to a consortium of American and Emirati buyers, with the content recommendation algorithm “retrained” on U.S. data and licensed from ByteDance. – https://www.lawfaremedia.org/article/lessons-learned-from-the-tiktok-saga
Defence, Military, and Warfare
Drones are Changing How Wars Harm Civilians
(Lauren Spink – Just Security – 4 November 2025) Armed actors are dramatically escalating their use of unpiloted aerial vehicles (UAVs), more commonly known as drones. Center for Civilians in Conflict (CIVIC)’s Protection of Civilians Trends Report compiles and analyzes data on drone attacks. The most recent statistics are alarming. Data shows that drone attacks in conflict settings increased by an astonishing 4,000 percent between 2020 and 2024, and more than quadrupled from an estimated 4,525 attacks in 2023 to 19,704 in 2024.* With the Ukrainian armed forces set to triple their production of drones in 2025, overall drone usage is likely to set new records this year. Drones are now used across a broader range of conflicts than ever before, not only by states but increasingly by non-state armed groups. The expansion in drone use is fundamentally reshaping the way war is fought and, critically, how civilians experience harm. Major changes in technology and cost are driving the surge in drone use. At the start of the 21st century, U.S. military drones cost around $7 million each and had a wingspan of 66 feet. Many of the drones deployed in conflicts today are being commercially mass-produced and are available for purchase on Amazon for as little as $2,000. These small, hand-held commercial drones are deadly when outfitted with explosive or incendiary devices, or when used as loitering munitions. They are also highly expendable. – https://www.justsecurity.org/123474/drones-are-changing-how-wars-harm-civilians/
Security and Surveillance
Scattered Spider, ShinyHunters and LAPSUS$ Form Unified Collective
(Alessandro Mascellino – Infosecurity Magazine – 4 November 2025) Scattered LAPSUS$ Hunters (SLH), previously observed hinting at an extortion-as-a-service offering and testing “Sh1nySp1d3r” ransomware, has now been identified not just as a loose collaboration but as a coordinated alliance blending Scattered Spider, ShinyHunters and LAPSUS$ under a shared operational banner. In a new advisory published today, Trustwave SpiderLabs reported the group is positioning itself as a federated collective. This development moves beyond earlier indications of tactical experimentation noted in October by Palo Alto Networks’ Unit 42. What is new is confirmation that this entity is deliberately merging reputational capital from three high-profile criminal brands to create a unified threat identity. – https://www.infosecurity-magazine.com/news/scattered-spider-shinyhunters/
DragonForce Cartel Emerges as Conti-Derived Ransomware Threat
(Infosecurity – 4 November 2025) A new ransomware operation built on Conti’s leaked source code has surfaced with cartel-like ambitions in the cybercrime ecosystem. The DragonForce group, which retains Conti’s core encryption behavior and network-spreading capabilities, has begun conducting coordinated attacks and recruiting affiliates using a shared platform. Recently, DragonForce has shifted from a standard ransomware-as-a-service model to a self-styled cartel structure that encourages affiliates to create branded variants. This evolution has been highlighted by recent samples showing groups like Devman deploying ransomware compiled with DragonForce’s builder. – https://www.infosecurity-magazine.com/news/dragonforce-cartel-conti-derived/
Identity Is Now the Top Source of Cloud Risk
(Phil Muncaster – 4 November 2025) Identity failings and legacy vulnerabilities are driving a surge in cloud attacks, a new report from ReliaQuest has warned. The threat intelligence specialist claimed that 44% of true-positive alerts it recorded in the third quarter of 2025 were traced back to “identity-related weakness.” These included excessive permissions, misconfigured roles and credential abuse. The reason threat actors are targeting the identity layer is simple: cloud keys and credentials often make their way onto cybercrime markets because they’re stored insecurely, putting them at risk of phishing or infostealer malware. Attackers can buy legitimate credentials on the dark web for as little as $2, according to the report. – https://www.infosecurity-magazine.com/news/identity-is-now-the-top-cloud-risk/
DeFi Protocol Balancer Loses Over $120m in Cyber Heist
(Phil Muncaster – Infosecurity Magazine – 4 November 2025) One of Ethereum’s leading decentralized finance (DeFi) protocols has suffered a major cyber-attack, resulting in cryptocurrency losses estimated to exceed $120m. Balancer is an automated market maker (AMM) and portfolio manager, allowing users to trade in crypto and earn money by providing liquidity to “Balancer pools.”. However, yesterday morning UK time, the firm experienced an attack targeting its Balancer V2 Composable Stable Pools. – https://www.infosecurity-magazine.com/news/defi-protocol-balancer-loses-120m/
Nikkei hackers gain access via employee Slack account, 17K+ chat histories leaked
(Cybernews – 4 November 2025) Financial Times owner Nikkei announced on Tuesday that hackers had infiltrated its networks via an employee’s Slack account, exposing sensitive information about business partners and the Slack chat histories of over 17,000 individuals. Nikkei Inc., Japan’s largest financial news outlet and one of the world’s leading digital media houses, posted the news on its website on Tuesday, stating that one of its employees’ personal computers had been “infected with a virus, leading to the leakage of Slack authentication credentials.”. “The incident was identified in September,” Nikkei said. – https://cybernews.com/news/nikkei-data-breach-via-employee-slack-account-leaks-17k-chat-histories/
In a first, DHS files warrant for ChatGPT prompts: AI firms now in a conundrum
(Cybernews – 4 November 2025) In a historic first, the Department of Homeland Security has obtained a federal search warrant compelling OpenAI to reveal user prompts. But the bigger story is what it signals for the future of data privacy in the age of AI and global data governance, an expert tells Cybernews – and just you wait until agentic AI takes off. Yes, prompts – on ChatGPT, Gemini, Claude, wherever – are now evidence. What users type into their apps can now be subpoenaed and disclosed, setting a precedent that makes prompt data legally actionable. That’s because there’s a precedent now. In the first known case of a generative AI company being legally compelled to unmask a user and disclose prompt-level data, DHS child exploitation investigators filed a warrant ordering OpenAI to share the prompts entered by the suspect. – https://cybernews.com/ai-news/chatgpt-prompt-history-discovery-data-investigations/
Rhysida gang now malvertising to people on Teams, Zoom, and PutTy
(Cybernews – 4 November 2025) Rhysida is now taking advantage of users on Microsoft platforms to deliver malware, while abusing Microsoft code-signing certificates to make their files appear legitimate. The tech giant has revoked more than 200 certificates tied to the group, but researchers warn that the gang continues to find a way to slip past the cracks in security controls. In its newest operation, Rhysida, previously known as Vice Society, is targeting users on platforms such as Microsoft Teams, Zoom, and PutTy. The gang aims to gain access to company data via employees using these platforms. – https://cybernews.com/security/rhysida-malvertising-teams-zoom-putty/
AI browsers can bypass media paywalls, study finds
(Cybernews – 4 November 2025) Artificial intelligence (AI) browsers, such as OpenAI’s Atlas and Perplexity’s Comet, can bypass media paywalls, further escalating tensions between big tech and publishers. With the introduction of Atlas in late October, OpenAI joined the growing list of companies offering AI-powered or agentic browsers, which differ from typical browsers due to their ability to perform tasks such as responding to emails and shopping autonomously. Bypassing media paywalls may be another distinctive feature, according to a recent analysis by the Columbia Journalism Review (CJR). – https://cybernews.com/ai-news/ai-browser-media-paywall/
Hackers caught hiding malware instructions and data in OpenAI accounts
(Cybernews – 4 November 2025) Hackers are exploiting OpenAI accounts to relay encrypted commands to compromised devices and store stolen data. A sophisticated new backdoor has been discovered that abuses public AI infrastructure. A targeted espionage attack, unveiled by the Microsoft Detection and Response Team (DART), relied on OpenAI infrastructure to remain undetected for months. Attackers deployed a new backdoor that utilized OpenAI’s Assistants API for stealthy command and control (C2) purposes. – https://cybernews.com/security/hackers-abuse-openai-accounts-for-malware-communications/
CISA and NSA Outline Best Practices to Secure Exchange Servers
(Alessandro Mascellino – Infosecurity Magazine – 3 October 2025) A new cybersecurity blueprint aimed at strengthening Microsoft Exchange Server environments has been released by the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and international partners. The Microsoft Exchange Server Security Best Practices guidance outlines techniques to reduce exposure to cyber-attacks and secure sensitive communications across hybrid and on-premises deployments. The release builds on CISA’s Emergency Directive 25-02 and outlines measures such as restricting administrator access, using multi-factor authentication (MFA), tightening transport security settings and adopting zero-trust principles. It arrives amid continued concerns over threat actors targeting Exchange servers. – https://www.infosecurity-magazine.com/news/cisa-nsa-secure-exchange-servers/
Frontiers
Google’s Project Suncatcher aims to build orbital AI data centers powered by sunlight
Project Suncatcher envisions networks of AI satellites powered by sunlight, pushing machine learning beyond Earth. – https://interestingengineering.com/culture/google-project-suncatcher-space-ai
Insect-inspired computer model teaches AI to process sight and sound like humans
(Interesting Engineering – 4 November 2025) A neuroscience-inspired model bridges biology and AI, showing how evolution’s design can teach machines to sense the world more like humans. – https://interestingengineering.com/innovation/insect-inspired-ai-human-audiovisual-perception
AI performance improves by mimicking human brain networks
(DigWatch – 4 November 2025) Scientists at the University of Surrey have developed a new method to make artificial intelligence smarter by copying the way the human brain works. Their approach, called Topographical Sparse Mapping, connects AI ‘neurons’ only to nearby or related ones, mimicking how the brain organises information efficiently. – https://dig.watch/updates/ai-performance-improves-by-mimicking-human-brain-networks– https://www.bbc.com/news/articles/c986ddy0myno