Governance, Legislation, Tech & Democracy

AI governance needs urgent international coordination

(DigWatch – 22 July 2025) A GIS Reports analysis emphasises that as AI systems become pervasive, they create significant global challenges, including surveillance risks, algorithmic bias, cyber vulnerabilities, and environmental pressures. Unlike legacy regulatory regimes, AI technology blurs the lines among privacy, labour, environmental, security, and human rights domains, demanding a uniquely coordinated governance approach. The report highlights that leading AI research and infrastructure remain concentrated in advanced economies: over half of general‑purpose AI models originated in the US, exacerbating global inequalities. – https://dig.watch/updates/ai-poses-global-threats-across-society-economy-environment

Dutch publishers support ethical training of AI model

(DigWatch – 22 July 2025) Dutch news publishers have partnered with research institute TNO to develop GPT-NL, a homegrown AI language model trained on legally obtained Dutch data. The project marks the first time globally that private media outlets actively contribute content to shape a national AI system. Over 30 national and regional publishers from NDP Nieuwsmedia and news agency ANP are sharing archived articles to double the volume of high-quality training material. The initiative aims to establish ethical standards in AI by ensuring copyright is respected and contributors are compensated. – https://dig.watch/updates/dutch-publishers-support-ethical-training-of-ai-model

Emerging Trends in State Cyber Policy During the 2025 Legislative Session

(Shannon Pierson – Tech Policy Press – 22 July 2025) After six years of expanded federal leadership in cyber defense, the Trump Administration has begun scaling back the federal government’s role, including by reducing the staff of the Cybersecurity and Infrastructure Security Agency (CISA) by a third and shrinking its budget by 17 percent. President Donald Trump also issued an executive order that shifts responsibility for cybersecurity preparedness to state and local governments, asserting that cybersecurity “preparedness is most effectively owned and managed at the state, local, and even individual levels” with limited federal support. At the same time, Congress is not expected to renew a landmark federal grant program providing cybersecurity funding to state, local, tribal, and territorial (SLTT) governments, which is set to expire in September 2025. Amid these shifting headwinds, state legislatures are taking on the mantle of cybersecurity leadership. Local lawmakers across the country are continuing to pass prescriptive cybersecurity regulations for critical infrastructure sectors such as electric utilities, water systems, school districts, and healthcare – systems typically managed at the state or local level. – https://www.techpolicy.press/emerging-trends-in-state-cyber-policy-during-the-2025-legislative-session/

Lawmakers introduce bill to digitize government permitting

(Natalie Alms – NextGov – 21 July 2025) A bipartisan duo in the House wants to digitize permitting with a new bill introduced last week. The ePermit Act would require data standards and guidance; prototype tools for permitting agencies; and, ultimately, an interagency system connecting agencies and their data for the sake of enabling better coordination across the permitting landscape. Reps. Dusty Johnson, R-S.D., and Scott Peters, D-Calif., say that their proposal would speed up permitting by moving the government to modern technology. – https://www.nextgov.com/digital-government/2025/07/lawmakers-introduce-bill-digitize-government-permitting/406872/?oref=ng-category-lander-top-story

Security

Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

(The Hacker News – 22 July 2025) Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as well to obtain initial access to target organizations. “With the rapid adoption of these exploits, Microsoft assesses with high confidence that threat actors will continue to integrate them into their attacks against unpatched on-premises SharePoint systems,” the tech giant said in a report published today. – https://thehackernews.com/2025/07/microsoft-links-ongoing-sharepoint.html

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

(The Hacker News – 22 July 2025) The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first exploitation attempts targeting an unnamed major Western government, with the activity intensifying on July 18 and 19, spanning government, telecommunications, and software sectors in North America and Western Europe. – https://thehackernews.com/2025/07/hackers-exploit-sharepoint-zero-day.html

UK to ban ransomware payments by public sector organizations

(The Register – 22 July 2025) The UK government is proposing to “ban” public sector organizations and critical national infrastructure from paying criminal operators behind ransomware attacks, under new measures outlined today. This means the NHS, local councils and schools – all of which have been in the crosshairs of various miscreants in recent years – will no longer be able to negotiate with the scumbags that lock up their systems and extort them. Almost three quarters of respondents to a government consultation backed this, we’re told. The idea is to make the public sector and CNI (which includes utilities and datacenters these days) less attractive targets for financially motivated attackers. The exact timeframe for implementing the proposals was not confirmed today. – https://www.theregister.com/2025/07/22/uk_to_ban_ransomware_payments/

New GLOBAL GROUP ransomware targets all major operating systems

(DigWatch – 22 July 2025) A sophisticated new ransomware threat, dubbed GLOBAL GROUP, has emerged on cybercrime forums, meticulously designed to target systems across Windows, Linux, and macOS with cross-platform precision. In June 2025, a threat actor operating under the alias ‘Dollar Dollar Dollar’ launched the GLOBAL GROUP Ransomware-as-a-Service (RaaS) platform on the Ramp4u forum. The campaign offers affiliates scalable tools, automated negotiations, and generous profit-sharing, creating an appealing setup for monetising cybercrime at scale. GLOBAL GROUP leverages the Golang language to build monolithic binaries, enabling seamless execution across varied operating environments in a single campaign. The strategy expands attackers’ reach, allowing them to exploit hybrid infrastructures while improving operational efficiency and scalability. – https://dig.watch/updates/new-global-group-ransomware-targets-all-major-operating-systems

Singapore probes cyberattacks on critical infrastructure linked to UNC3886

(DigWatch – 22 July 2025) Singapore is addressing cyberattacks on its critical information infrastructure attributed to the state-sponsored cyberespionage group UNC3886. On 18 July, Coordinating Minister for National Security K. Shanmugam identified the group as an advanced persistent threat (APT) actor capable of long-term network infiltration to gather intelligence or disrupt essential services. He noted that UNC3886 is currently targeting high-value strategic assets in Singapore but did not name any state sponsor. – https://dig.watch/updates/singapore-probes-cyberattacks-on-critical-infrastructure-linked-to-unc3886

US schools struggle to counter growing ransomware risks

(DigWatch – 22 July 2025) K-12 schools across the United States are facing a surge in cyberattacks, driven by rising digitisation, vast troves of personal data, and underdeveloped cybersecurity defences. Between July 2023 and December 2024, 82% of US schools experienced at least one cyber incident, according to a March report from the Center for Internet Security. Attackers are drawn to schools’ access to sensitive records and often find outdated systems and under-resourced IT teams unable to prevent or respond effectively. In a major case earlier this year, a 19-year-old admitted to hacking PowerSchool, a widely used student information system, and extorting $2.85 million. – https://dig.watch/updates/us-schools-struggle-to-counter-growing-ransomware-risks

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

(The Hacker News – 21 July 2025) Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX. Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool it tracks as DCHSpy one week after the onset of the Israel-Iran conflict last month. Exactly how many people may have installed these apps is not clear. “DCHSpy collects WhatsApp data, accounts, contacts, SMS, files, location, and call logs, and can record audio and take photos,” security researchers Alemdar Islamoglu and Justin Albrecht said. – https://thehackernews.com/2025/07/iran-linked-dchspy-android-malware.html

X tells the French police ‘non’ to its request for algorithmic data

(The Register – 21 July 2025) The site formerly known as Twitter has said it will not hand over any information to French police over an investigation into its recommendation algorithms. Earlier this month, French police announced they were investigating X after a member of the nation’s parliament and a top official claimed that the social media network was manipulating its algorithm for nefarious purposes and abusing the data of its users. The prosecutors have demanded information on how the X algorithm is structured, and also want data on users and their behavior. X named the politician as Eric Bothorel, a member of the National Assembly for President Macron’s Renaissance party. “French authorities have launched a politically-motivated criminal investigation into X over the alleged manipulation of its algorithm and alleged ‘fraudulent data extraction.’ X categorically denies these allegations,” X’s Global Government Affairs said in a post on its own site. – https://www.theregister.com/2025/07/21/x_french_police/

StrongestLayer Emerges from Stealth with $5.2M Seed Funding to Combat AI-Powered Email Threats

(AI Insider – 21 July 2025) StrongestLayer has launched from stealth with $5.2M in seed funding to combat AI-driven phishing attacks using an LLM-native email security platform that detects threats through reasoning and intent analysis. Its proprietary TRACE engine mimics the cognitive abilities of thousands of analysts to detect AI-generated threats, convict fake sites, and deliver real-time training to employees based on attack patterns. Founded by veterans from Google, McAfee, and FireEye, the platform has already flagged 3.9 million fake websites and is positioned as a next-gen alternative to outdated, pattern-based email security tools. – https://theaiinsider.tech/2025/07/21/strongestlayer-emerges-from-stealth-with-5-2m-seed-funding-to-combat-ai-powered-email-threats/

Defence, Intelligence, and Warfare

Scaling Laws: Lt. Gen Jack Shanahan: Defense’s AI Integration

(Lawfare  – 22 July 2025) Lt. Gen. (ret) Jack Shanahan joins Kevin Frazier to explore the nuanced landscape of AI in national security. Challenging the prevalent “AI arms race” narrative. The discussion delves into the complexities of AI integration in defense, the cultural shifts required within the Department of Defense, and the critical role of public trust and shared national vision. Tune in to understand how AI is reshaping military strategies and the broader implications for society. – https://www.lawfaremedia.org/article/scaling-laws–lt.-gen-jack-shanahan–defense’s-ai-integration

Frontiers

3D printers to help UK nuclear fusion labs craft parts that withstand extreme forces

(Interesting Engineering – 22 July 2025) The United Kingdom Atomic Energy Authority (UKAEA) has commissioned two advanced 3D printing machines that use complementary methods to produce components for future fusion reactors. The machines will reportedly manufacture components built to withstand the extreme conditions inside fusion power plants, including high heat, intense neutron loads, and strong magnetic fields. Unveiled at the newly opened Central Support Facility (CSF), the electron beam machine which will be used to incorporate tungsten into parts, and the selective laser manufacturing system mark a major step in fusion manufacturing. – https://interestingengineering.com/innovation/3d-printers-uk-nuclear-fusion-labs

xAI workers balked over training request to help “give Grok a face,” docs show

(Ars Technica – 22 July 2025) Dozens of xAI employees expressed concerns—and many objected—when asked to record videos of their facial expressions to help “give Grok a face,” Business Insider reported. BI reviewed internal documents and Slack messages, finding that the so-called project “Skippy” was designed to help Grok learn what a face is and “interpret human emotions.”. It’s unclear from these documents if workers’ facial data helped train controversial avatars that xAI released last week, including Ani—an anime companion that flirts and strips—and Rudi—a red panda with a “Bad” mode that encourages violence. But a recording of an xAI introductory meeting on “Skippy” showed a lead engineer confirming the company “might eventually use” the employees’ facial data to build out “avatars of people,” BI reported. – https://arstechnica.com/tech-policy/2025/07/xai-workers-balked-over-training-request-to-help-give-grok-a-face-docs-show/

Majority of U.S. Teens Are Using AI Companions, New Study Reveals

(AI Insider – 22 July 2025) A new study released by Common Sense Media, conducted with NORC at the University of Chicago, reveals that 72% of U.S. teens aged 13 to 17 have tried AI companions — chatbots designed for personal interaction rather than productivity. Of those, over half are now regular users, with 13% engaging daily. – https://theaiinsider.tech/2025/07/22/majority-of-u-s-teens-are-using-ai-companions-new-study-reveals/

LeadStory Raises $2.75M Seed Round, Unveils Superior AI Video Search

(DigWatch – 22 July 2025) LeadStory has raised $2.75M in Seed funding, led by Checker Media, to launch its AI video search tool and grow its global audience, now over 10 million strong. The platform replaces text-based AI responses with fact-checked, licensed video clips from top news sources like CBS, CNBC, and Reuters to combat misinformation and hallucinations. Already available on platforms like Samsung TV Plus and VIZIO, LeadStory is expanding into automotive news delivery, starting with Mercedes-Benz’s in-car video experience. – https://theaiinsider.tech/2025/07/21/leadstory-raises-2-75m-seed-round-unveils-superior-ai-video-search/

BrightAI Closes $51M in Funding from Khosla Ventures and Inspired Capital to Bring Physical AI to the World’s Essential Services

(AI Insider – 22 July 2025) BrightAI has raised $51M in Series A funding to scale its AI platform for physical infrastructure, bringing total funding to $78M and backing from major investors like Khosla Ventures and Inspired Capital. The company’s Stateful platform uses sensors, drones, and wearables to provide real-time, AI-driven monitoring and predictive maintenance across over 50,000 locations in sectors like power, water, and manufacturing. With over $100M in revenue and plans to expand its team and headquarters, BrightAI aims to modernize infrastructure management and eliminate reactive maintenance with continuous, intelligent observability. – https://theaiinsider.tech/2025/07/21/aiibrightai-closes-51m-in-funding-from-khosla-ventures-and-inspired-capital-to-bring-physical-ai-to-the-worlds-essential-services/

Confident Security Emerges from Stealth with $4.2M to Bring End-to-End Privacy to AI

(AI Insider – 22 July 2025) San Francisco-based startup Confident Security has launched publicly with $4.2 million in seed funding to address one of the biggest barriers to AI adoption: data privacy. Backed by Decibel, South Park Commons, Ex Ante, and Swyx, the company offers CONFSEC, an encryption layer designed to wrap around foundational AI models, ensuring prompts and metadata remain invisible — even to the model provider. – https://theaiinsider.tech/2025/07/22/confident-security-emerges-from-stealth-with-4-2m-to-bring-end-to-end-privacy-to-ai/

China’s EngineAI Raises $139 Million in Fresh Funding for Humanoid Robots

(AI Insider – 21 July 2025) Shenzhen-based robotics firm EngineAI has secured approximately 1 billion yuan ($139 million) across two new funding rounds to accelerate its development of humanoid robots, DealStreetAsia reports. The pre-Series A++ round was led by Rocket Capital and XPeng, while the Series A1 round saw participation from JD.com, CATL Capital, Yintai Holdings, Tsinghua Holdings Capital, and existing investors like SenseCapital, Highlight Capital, and Baidu Ventures. Founded in 2022, EngineAI is advancing general-purpose humanoid robots powered by its proprietary SEED multimodal large model and plans to apply the new capital to R&D, AI-hardware integration, and international market expansion. – https://theaiinsider.tech/2025/07/21/chinas-engineai-raises-139-million-in-fresh-funding-for-humanoid-robots/

Researchers Introduce New Way for AI to “See”

(AI Insider – 21 July 2025) Researchers at Penn Engineering and the Allen Institute for AI (Ai2) have introduced CoSyn, a synthetic image generation tool designed to train open-source AI models to interpret complex visual data like charts, diagrams, and labels. Using CoSyn, researchers created CoSyn-400K, a dataset of over 400,000 images and 2.7 million instruction sets that enabled open-source models to outperform proprietary systems like GPT-4V and Gemini 1.5 Flash on key benchmarks. By generating synthetic data via open-source models and releasing all tools publicly, the team aims to help open-source AI catch up to closed systems, supporting broader adoption of AI that can reason about and interact with real-world visual information. – https://theaiinsider.tech/2025/07/21/researchers-introduce-new-way-for-ai-to-see/

Proscia Scales AI Pathology Platform to Diagnose 32,000 Patients Daily as Demand Surges

(AI Insider – 21 July 2025) Proscia expects its AI pathology platform, Concentriq, to support diagnoses for 32,000 patients daily—a 400% year-over-year increase—as adoption accelerates across major laboratories. The company has introduced five pre-configured AI application suites for cancer detection, biomarker analysis, and quality control to streamline integration and standardize diagnostics. Proscia has expanded support services and integrated Concentriq with over 100 laboratory systems while enabling new lab revenue through pharmaceutical partnerships and real-world data licensing. – https://theaiinsider.tech/2025/07/21/proscia-scales-ai-pathology-platform-to-diagnose-32000-patients-daily-as-demand-surges/

Quandri Secures $12M to Scale AI Automation for Insurance Agencies Across North America

(AI Insider – 21 July 2025) Quandri has raised $12M in new funding led by Framework Venture Partners, bringing its total to over $20M, to scale operations across Canada and the U.S. and invest further in AI and engineering. The company’s AI platform automates key insurance brokerage tasks like policy reviews and requoting, boosting retention, revenue, and customer experience for over 100 clients. With 15x revenue growth since 2023 and a fivefold team expansion, Quandri plans to hire 40 more staff and open a Boston office to support its growing U.S. presence. – https://theaiinsider.tech/2025/07/21/quandri-raises-12m-to-scale-ai-automation-for-insurance-agencies-across-north-america/

Critical minerals challenge AI’s sustainable expansion

(DigWatch – 22 July 2025) Recent debates on AI’s environmental impact have overwhelmingly focused on energy use, particularly in powering massive data centres and training large language models. However, a Forbes analysis by Saleem H. Ali warns that the material inputs for AI, such as phosphorus, copper, lithium, rare earths, and uranium, are being neglected, despite presenting similarly severe constraints to scaling and sustainability. – https://dig.watch/updates/critical-minerals-challenge-ais-sustainable-expansion