Governance
UN to train governments in blockchain and AI
(DigWatch – 16 September 2025) The UN Development Programme (UNDP) plans to launch a ‘Government Blockchain Academy’ next year to educate public sector officials on blockchain, AI, and other emerging technologies. The initiative aims to help governments leverage tech for economic growth and sustainable development. The academy will partner with the Exponential Science Foundation, a non-profit promoting blockchain and AI. Training will cover financial services, digital IDs, public procurement, smart contracts, and climate finance to help governments boost transparency, inclusion, and resilience. – https://dig.watch/updates/un-to-train-governments-in-blockchain-and-ai – https://cointelegraph.com/news/undp-open-goverment-blockchain-academy-2026
UNDP publishes digital participation guide to empower civic action
(DigWatch – 15 September 2025) A newly published guide by People Powered and UNDP aims to connect people in their communities through inclusive, locally relevant digital participation platforms. Designed with local governments, civic groups, and organisations in mind, it highlights digital platforms that enable inclusive, action-oriented civic engagement. According to the UNDP, ‘the guide covers the latest trends, including the integration of AI features, and addresses challenges such as digital inclusion, data privacy, accessibility, and sustainability.’ – https://dig.watch/updates/undp-publishes-digital-participation-guide-to-empower-civic-action – https://www.undp.org/publications/guide-digital-participation-platforms-2025
Why The Cloud Should Be a Public Utility
(Michelle Nie, Theodora Skeadas, Nick Garcia, Elise Phillips – Tech Policy Press – 16 September 2025) Perhaps no technology underpins more the everyday functioning of our increasingly digital world than cloud computing. We rely on the cloud every day to access government, healthcare and educational services. We access our government benefits, file taxes, schedule doctor’s appointments, bank online and access educational materials all through the cloud. We also increasingly depend on the cloud to communicate with each other. Where we once relied on the telephone system and federated self-hosted email servers, now millions of Americans communicate daily over cloud-based apps, such as web-based email services like Gmail, WhatsApp, Messenger and Zoom. And now, with the advent of artificial intelligence, nearly all Americans use either AI-specific products, such as AI chatbots, or AI-enabled services such as social media, weather forecasting apps or shopping websites. All of these products and services require processing powers, not only to train the underlying AI models, but also to deploy them to end users. – https://www.techpolicy.press/why-the-cloud-should-be-a-public-utility/
Wired for Failure: The Undersea Cable Emergency That Could Sink America’s AI Aspirations
(Kevin Frazier – Lawfare – 16 September 2025) The artificial intelligence (AI) dominance the White House called for in its recently released AI Action Plan is not going to happen unless the president, Congress, and the country get serious about protecting the undersea cable system—the 600 or so inch-wide cables over which the world’s internet traffic flows. A combination of natural and human threats imperil the resilience of this critical infrastructure just as AI advances make the cables more essential than ever. Though the plan included 90 recommendations, including several massive infrastructure projects to sustain continued AI development, it also had approximately 600 garden-hose-sized holes—an omission with large political, economic, and technological ramifications. A recently announced proposed rule by the Federal Communications Commission (FCC) to expedite review of cable licenses, if finalized, is a step in the right direction. – https://www.lawfaremedia.org/article/wired-for-failure–the-undersea-cable-emergency-that-could-sink-america-s-ai-aspirations
Geostrategies
Hong Kong to speed up tech hub plan with China
(DigWatch – 16 September 2025) One of S.A.R. of China, Hong Kong, is preparing to accelerate its cross-border technology hub plans with mainland China as the city seeks new growth drivers to offset its fragile economy. Chief Executive John Lee is set to deliver his annual policy address on Wednesday, with the Northern Metropolis project expected to take centre stage. The initiative aims to transform a sparsely populated area into a base for advanced industries and innovation, while reducing reliance on finance and real estate. – https://dig.watch/updates/hong-kong-to-speed-up-tech-hub-plan-with-china
US and China reach framework deal on TikTok
(DigWatch – 16 September 2025) The United States and China have reached a tentative ‘framework’ deal on the future of TikTok’s American operations, US Treasury Secretary Scott Bessent confirmed during trade talks in Madrid. The agreement, which still requires the approval of Presidents Donald Trump and Xi Jinping, is aimed at resolving a looming deadline that could see the video-sharing app banned in the US unless its Chinese owner ByteDance sells its American division. US officials say the framework addresses national security concerns by paving the way for US ownership of TikTok’s operations, while China insists any final deal must not undermine its companies’ interests. The Biden administration has long argued that the app’s access to US user data poses significant risks, while ByteDance maintains its American arm operates independently and respects user privacy. – https://dig.watch/updates/us-and-china-reach-framework-deal-on-tiktok – https://www.bbc.com/news/articles/c5yj5xj78p5o
Security
API Threats Surge to 40,000 Incidents in 1H 2025
(Phil Muncaster – Infosecurity Magazine – 16 September 2025) The financial services, telecoms and travel sectors were in the crosshairs of threat actors in the first half of the year, after Thales observed 40,000 incidents in the period alone. The firm’s Imperva business analyzed data from over 4000 environments worldwide to produce its API Threat Report (H1 2025). The report claimed that APIs now attract 44% of advanced bot traffic, which is generated by sophisticated software designed to mimic human behavior. – https://www.infosecurity-magazine.com/news/api-threats-surge-40000-incidents/
What’s Next for the Cyber Safety Review Board?
(Jeff Greene – Lawfare – 16 September 2025) The Cyber Safety Review Board (CSRB) is at a fork in the road. President Biden established the CSRB four years ago, charged with the task of reviewing “significant cyber incidents” and “provid[ing] recommendations … for improving cybersecurity and incident response practices.” A federal advisory body loosely modeled after the National Transportation Safety Board (NTSB), the CSRB was created in the hopes of improving the nation’s digital security and resilience. In its first three years, the board conducted three complete reviews. The inaugural CSRB report examined the widespread Log4J/Log4Shell vulnerability and made recommendations including enhanced reporting, threat monitoring, and cultural shifts in security practices. The second report analyzed the Lapsus$ hacking group and how it used simple tactics to compromise major organizations, recommending transitioning to phish-resistant authentication and improving telecom carrier security. The third report—and arguably the most significant—examined China’s wholesale compromise of Microsoft Exchange Online in 2023, which had allowed the adversary to steal tens of thousands of emails from numerous high-level U.S. government accounts. The board found that the intrusion was preventable, identified response failures, and criticized Microsoft’s security culture. It also made recommendations for overhauling enterprise security and incident transparency. – https://www.lawfaremedia.org/article/what-s-next-for-the-cyber-safety-review-board
Insider breach at FinWise Bank exposes data of 689,000 AFF customers
(Pierluigi Paganini – Security Affairs – 16 September 2025) FinWise Bank is a Utah-based community bank, FDIC-insured, that partners with fintechs and lenders to offer consumer loans, small business financing, and deposit services. FinWise Bank notified the Maine AG that a data breach tied to the U.S.-based financial services company American First Finance (AFF) occurred on May 31, 2024, exposing the data of 689,000 people. FinWise funds consumer loans while AFF manages applications, originations, and servicing. – https://securityaffairs.com/182222/data-breach/insider-breach-at-finwise-bank-exposes-data-of-689000-aff-customers.html
Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads
(Alessandro Mascellino – Infosecurity Magazine – 16 September 2025) A new AI-native penetration testing tool called Villager has reached nearly 11,000 downloads on the Python Package Index (PyPI) just two months after release. The framework, developed by the Chinese-based group Cyberspike, combines Kali Linux utilities with DeepSeek AI models to fully automate penetration testing workflows. The tool, originally positioned as a red team solution, integrates an automation layer that lowers the barrier to conducting sophisticated attacks. Villager’s rapid adoption echoes the trajectory of Cobalt Strike, which was created for legitimate use but later became a favorite among cybercriminals. – https://www.infosecurity-magazine.com/news/chinese-ai-villager-pen-testing/
JLR Extends Production Halt After Cyber-Attack
(Beth Maundrill – Infosecurity Magazine – 16 September 2025) Jaguar Land Rover (JLR) has confirmed it will extend its production pause until at least September 24 following a cyber-attack earlier this month. Supply chain disruptions continue to ripple outward as firms that support the luxury car maker begin to suffer financially. There have been reports of supply chain workers impacted by the cyber-attack at JLR being laid off. JLR employees are not at risk of losing their jobs. – https://www.infosecurity-magazine.com/news/jlr-extends-production-halt-after/
UK: Tax Refund-Themed Phishing Slows in 2025
(Kevin Poireault – Infosecurity Magazine – 16 September 2025) Phishing reports impersonating HM Revenue & Customs (HMRC), the British national tax authority, appear to be slowing, according to a new study by Bridewell. The UK-based critical infrastructure cybersecurity provider collected data from a Freedom of Information (FOI) request about individuals who reported attempts to impersonate HMRC between January 1, 2023, and June 2, 2025. In its findings, published on September 10, the firm observed an overall downward trend relating to email and SMS-based phishing attempts impersonating HMRC. – https://www.infosecurity-magazine.com/news/uk-tax-refund-phishing-slows/
China-linked Mustang Panda deploys advanced SnakeDisk USB worm
(Pierluigi Paganini – Security Affairs – 16 September 2025) China-linked APT group Mustang Panda (aka Hive0154, Camaro Dragon, RedDelta or Bronze President) has been spotted using an updated version of the TONESHELL backdoor and a previously undocumented USB worm called SnakeDisk. Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs, and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system. – https://securityaffairs.com/182257/apt/china-linked-mustang-panda-deploys-advanced-snakedisk-usb-worm.html
Cybercrime group accessed Google Law Enforcement Request System (LERS)
(Pierluigi Paganini – Security Affairs – 16 September 2025) Google confirmed that threat actors gained access to its Law Enforcement Request System (LERS) platform by creating a fake account. The Google Law Enforcement Request System (LERS) is a secure online portal for verified government agencies to submit and track legal requests for user data. It enables law enforcement to request information from Google while ensuring compliance with proper legal processes. Recently, the cybercrime group “Scattered Lapsus$ Hunters” claimed on Telegram to have obtained access to Google’s LERS platform and the FBI’s eCheck background check system. – https://securityaffairs.com/182266/security/cybercrime-group-accessed-google-law-enforcement-request-system-lers.html
Gucci and Alexander McQueen Hit by Customer Data Breach
(James Coker – Infosecurity Magazine – 16 September 2025) Luxury fashion brands Gucci, Alexander McQueen and Balenciaga have suffered a customer data breach, in another attack linked to the ShinyHunters gang. The impacted data reportedly includes details of how much money individual customers have spent with the brands. ShinyHunters has claimed to have harvested data relating to 7.4 million unique email addresses. This according to a sample of files it ShinyHunters claimed to have exfiltrated which was shared with the BBC. – https://www.infosecurity-magazine.com/news/gucci-mcqueen-customer-breach/
Fifteen Ransomware Gangs “Retire,” Future Unclear
(Alessandro Mascellino – Infosecurity Magazine – 16 September 2025) Fifteen well-known ransomware groups, including Scattered Spider, ShinyHunters and Lapsus$, have announced that they are shutting down their operations. The collective announcement was posted on Breachforums, where the groups claimed they had achieved their goals of exposing weaknesses in digital infrastructure rather than profiting through extortion. In their statement, the gangs said they would now shift to “silence,” with some members planning to retire on the money they had accumulated, while others would continue studying and improving the systems people rely on daily. – https://www.infosecurity-magazine.com/news/fifteen-ransomware-gangs-retire/