Legislation

Australia bets on old laws to manage new AI risks

(Ian Gribble – Lowy The Interpreter) Australia’s National AI Plan signals a deliberate reframing of how the nation intends to navigate the accelerating global competition in artificial intelligence. For more than a year, the expectation was that Australia would follow Europe’s lead by introducing a dedicated AI Act with hard guardrails, mandatory risk-classification, and explicit regulatory duties for AI developers and deployers. Instead, the government has opted for a more cautious, incremental strategy, one that relies on existing legislation, targeted oversight, and capability-building rather than comprehensive reform. It is a choice shaped by political, economic and international pressures. – https://www.lowyinstitute.org/the-interpreter/australia-bets-old-laws-manage-new-ai-risks

Security and Surveillance

Disinformation and Cyber-Threats Among Top Global Exec Concerns

(Phil Muncaster – Infosecurity Magazine) Business leaders in the world’s most important economies have ranked misinformation/disinformation, cyber insecurity and the adverse effects of AI among the biggest threats to their respective countries, according to the World Economic Forum (WEF). The WEF Executive Opinion Survey 2025 was compiled from interviews with 11,000 executives across 116 economies. They were asked to select the top five risks most likely to pose the biggest threat to their respective countries in the next two years, out of a total of 34 risks. – https://www.infosecurity-magazine.com/news/disinformation-cyberthreats-global/

Pall Mall Process to Define Responsible Commercial Cyber Intrusion

(Phil Muncaster – Infosecurity Magazine) An international effort is underway to draw up guidelines for commercial spyware and similar providers, in an attempt to stamp out “irresponsible” behavior. The Pall Mall Process was launched in 2024 by the UK and France – with 27 governments and tech giants including Google, Microsoft, Apple and Meta signing up to limit the fast-growing trade in commercial spyware and zero-day exploits. – https://www.infosecurity-magazine.com/news/pall-mall-process-responsible/

Researchers spotted Lazarus’s remote IT workers in action

(Pierluigi Paganini – Security Affairs) Researchers filmed Lazarus APT group’s remote-worker scheme in action, uncovering a North Korean network of IT contractors linked to the Famous Chollima unit, TheHackerNews reported. Recently, multiple cybersecurity firms and government agencies observed North Korea-linked APT groups, such as Chollima, using IT workers to infiltrate organizations across finance, crypto, healthcare, and engineering sectors. The joint investigation by the researcher Mauro Eldritch, NorthScan, and ANY.RUN uncovered one of North Korea’s most persistent infiltration schemes. – https://securityaffairs.com/185271/hacking/researchers-spotted-lazaruss-remote-it-workers-in-action.html

University of Pennsylvania and University of Phoenix disclose data breaches

(Pierluigi Paganini – Security Affairs) The University of Pennsylvania (Penn) and the University of Phoenix confirmed they were hit in the recent cyberattack targeting Oracle E-Business Suite customers. Penn explained that it uses Oracle’s E-Business Suite (EBS) platform for supplier payments, reimbursements, ledger entries, and other business operations. After Oracle announced that the flaw could enable unauthorized access, affecting hundreds of organizations worldwide, Penn launched an immediate investigation with cybersecurity experts and notified federal law enforcement. During the investigation, Penn confirmed that data from its Oracle EBS environment had been accessed without authorization. The University then conducted a detailed review to determine whether personal information was involved. On November 11, 2025, Penn concluded that the recipient’s personal data was among the information taken. – https://securityaffairs.com/185279/data-breach/university-of-pennsylvania-and-university-of-phoenix-disclose-data-breaches.html

French NGO Reporters Without Borders Targeted by Star Blizzard

(Alessandro Mascellino – Infosecurity Magazine) A fresh wave of spear-phishing activity linked to the Russia-nexus intrusion set Star Blizzard, also known as ColdRiver or Calisto, has been identified by cybersecurity researchers. The group has been active since 2017 and is attributed by several Western governments to Russia’s FSB Center 18. According to a new analysis by Sekoia.io’s TDR team, the latest incidents were reported in May and June 2025 by two organizations, including Reporters Without Borders (RSF), prompting a closer look at how the operators refined their credential-harvesting techniques. – https://www.infosecurity-magazine.com/news/star-blizzard-targets-reporters/

UK’s Cyber Service for Telcos Blocks 1 Billion Malicious Site Attempts

(Kevin Poireault – Infosecurity Magazine) Almost one billion early-stage cyber-attacks have been prevented in the past year in the UK thanks to a recent service deployed by the National Cyber Security Agency (NCSC). The results were announced by British Security Minister, Dan Jarvis, during the Financial Times’ Cyber Resilience Summit: Europe, held in London on December 3. On the morning of the event Jarvis had come from a visit to telecommunications firm, BT, which is a partner of the NCSC’s Share and Defend service. The Share and Defend service has blocked almost one billion attempts to access scam websites in less than a year. “I took the opportunity to commend everyone involved for their dedication to this work,” the minister said. – https://www.infosecurity-magazine.com/news/uk-cyber-service-blocks-billion/

UK Ransomware Payment Ban to Come with Exemptions, Security Minster Say

(Kevin Poireault – Infosecurity Magazine) There will be “national security exemptions” to the ransomware payment ban proposed by the UK government, according to British Security Minister Dan Jarvis. The ban, which was subject to public consultation from January to April 2025 and received support from three-quarters of respondents, was confirmed in July and described in more details by the UK government in a policy paper published on September 2. – https://www.infosecurity-magazine.com/news/uk-ransomware-payment-ban/

Phishing Alert: LVMH, Disney, Uber, Mastercard used in fake Calendly recruitment scam

(Stefanie Schappert – Cybernews) Scammers pose as 75 major brands sending fake Calendly job offers to steal Google Workspace and Facebook ad account credentials. Using three distinct variants, the attacks employ stealth techniques and VPN-blocking anti-detection measures. Stolen access enables malicious ads, budget drains, and resale of compromised accounts to other cybercriminals. – https://cybernews.com/security/calendly-invite-phishing-recruitment-scam-targets-google-facebook-business-account-users/

Cricket Wireless retailer Mobilelink USA claimed by DragonForce ransomware gang

(Stefanie Schappert – Cybernews) DragonForce claims Cricket Wireless dealer, Mobilelink USA, breach with 5TB of stolen data, threatening publication in 6 days. Hack potentially compromises customer data across 550+ Cricket Wireless stores in 21 US states. Recently allied with Qilin and the resurrected LockBit gang, the Russian ransomware gang has claimed 185 victims in 12 months. – https://cybernews.com/news/cricket-wireless-mobilelink-usa-ransomware-attack-dragonforce/

India mandates SIM-linked messaging apps to fight rising fraud

(Pierluigi Paganini – Security Affairs) India’s Department of Telecommunications (DoT) now requires providers of messaging apps to work only with active SIM cards linked to users’ numbers to prevent fraud and misuse. “The Department of Telecommunications (DoT) has observed that some of the App Based Communication Services that are utilizing Indian Mobile Number for identification of its customers/users or for provisioning or delivery of services, allows users to consume their services without availability of the underlying Subscriber Identity Module (SIM) within the device in which App Based Communication Services is running. This feature is being misused to commit cyber-frauds especially from operating outside the country.” reads the announcement published by the DoT. – https://securityaffairs.com/185265/laws-and-regulations/india-mandates-sim-linked-messaging-apps-to-fight-rising-fraud.html

MuddyWater strikes Israel with advanced MuddyViper malware

(Pierluigi Paganini – Security Affairs) ESET researchers uncovered a new MuddyWater campaign targeting Israeli organizations and one confirmed Egyptian target. The Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) deployed custom tools to evade defenses and maintain persistence. They used a Fooder loader, disguised as a Snake game, to run the MuddyViper backdoor that steals system info, credentials, browser data, and allows file execution and exfiltration. – https://securityaffairs.com/185244/apt/muddywater-strikes-israel-with-advanced-muddyviper-malware.html

Elevating SaaS Security with NIST CSF and Agentic AI

(Carl Brundage, Eoghan Casey, Matthew O’Neill – Infosecurity Magazine) In the race to innovate, many organizations are inadvertently creating critical security vulnerabilities by misconfiguring their SaaS environments, especially with the rise of agentic AI. The way we use software is evolving rapidly, with most organizations moving onto Software as a Service (SaaS) platforms to run their business, and (sometimes too) rapidly deploying agentic AI use cases. The flexibility of SaaS platforms has businesses rushing to adopt new features without thinking about — let alone implementing — essential security best practices. A lack of planning can create a critical gap, potentially exposing valuable corporate data to unnecessary risk. – https://www.infosecurity-magazine.com/blogs/saas-security-nist-csf-agentic-ai/

Defence, Military, and Warfare

Safran and UAE institute join forces on AI geospatial intelligence

(DigWatch) Safran.AI, the AI division of Safran Electronics & Defence, and the UAE’s Technology Innovation Institute have formed a strategic partnership to develop a next-generation agentic AI geospatial intelligence platform. The collaboration aims to transform high-resolution satellite imagery into actionable intelligence for defence operations. – https://dig.watch/updates/safran-and-uae-institute-join-forces-on-ai-geospatial-intelligence

AI in theatre: gaining decision advantage at machine tempo

(Jason Van der Schyff – ASPI The Strategist) In modern operations against near-peer adversaries, time is a decisive variable. The side that can observe, orient, decide and act fastest, and with confidence, wins the initiative. Artificial intelligence is changing that calculus. Built on secure cloud and trusted networks, AI can compress decision cycles from hours to seconds. Progress is not about replacing commanders with code; it’s about giving humans the tools to think, act and adapt at the speed at which conflict now unfolds. Information has always defined the tempo of warfare. What has changed is the scale and velocity of that information, and the extent to which modern capability platforms now integrate and depend on continuous telemetry. From satellites and sensors to social media and open-source intelligence, the battlespace produces a torrent of data that no team of analysts can process in real time. Adversaries are already exploiting that gap, pairing automation with disinformation and electronic warfare to accelerate reconnaissance, generate false targets and overwhelm human operators. – https://www.aspistrategist.org.au/ai-in-theatre-gaining-decision-advantage-at-machine-tempo/

Frontiers and Markets

Qolab Deploys First Superconducting-Qubit Devices at The IQCC

(Quantum Insider) QM Inc. and the Israeli Quantum Computing Center have deployed Qolab’s new superconducting qubit device, marking the first international installation of the company’s next-generation hardware. Qolab’s processor introduces a class of superconducting qubits engineered for high fidelity, noise reduction, and scalable fabrication, based on the physics that earned founder John Martinis the 2025 Nobel Prize. The collaboration enables global cloud access to Qolab’s devices and showcases the IQCC’s hybrid quantum-classical infrastructure for multi-modality research. – https://thequantuminsider.com/2025/12/03/qolab-deploys-first-superconducting-qubit-devices-at-the-iqcc/

QMill and ÉTS Strengthen Partnership to Advance Quantum Algorithm Research

(Quantum Insider) QMill and Montréal’s ÉTS finalized a strategic collaboration to advance practical quantum-algorithm research and benchmarking. The partnership combines ÉTS’s academic expertise with QMill’s industrial algorithm-design experience to focus on real-world computational challenges. The agreement enables shared projects, researcher exchanges, and direct technology transfer between Finland and Québec’s quantum ecosystems. – https://thequantuminsider.com/2025/12/03/qmill-ets-quantum-algorithm-collaboration/

Horizon Quantum Now Operates Its Own Quantum System in Singapore

(Quantum Insider) Horizon Quantum has assembled and activated its first in-house quantum computer, becoming the first quantum software company to operate its own system. The system integrates components from multiple vendors and gives the company full control over both hardware and software for testbed development. The modular setup enables Horizon Quantum to test across architectures and strengthen its hardware-agnostic tools, including its Triple Alpha development environment. – https://thequantuminsider.com/2025/12/03/horizon-quantum-in-house-quantum-computer/

Runlayer Emerges from Stealth With $11M to Secure the MCP Era

(AI Insider) Runlayer, a new security platform built for the Model Context Protocol (MCP), has launched from stealth with $11 million in seed funding led by Keith Rabois of Khosla Ventures and Felicis. The company was founded by serial entrepreneur Andrew Berman, known for building Nanit and the AI platform Vowel, which was acquired by Zapier in 2024. – https://theaiinsider.tech/2025/12/02/runlayer-emerges-from-stealth-with-11m-to-secure-the-mcp-era/

Luminal Receives $5.3M to Advance AI Compute Optimization and Simplify Developer Access to High-Performance Hardware

(AI Insider) Luminal, an AI infrastructure startup focused on accelerating model inference through advanced compiler optimization, has raised $5.3 million in seed funding to address one of the most persistent bottlenecks in AI compute: developer usability. The round was led by Felicis Ventures, with participation from notable angel investors including Paul Graham, Guillermo Rauch, and Ben Porterfield. – https://theaiinsider.tech/2025/12/02/luminal-receives-5-3m-to-advance-ai-compute-optimization-and-simplify-developer-access-to-high-performance-hardware/

Peec AI Closes $21M in Funding to Scale Generative Engine Optimization Platform as AI Search Becomes a Global Discovery Channel

(AI Insider) Peec AI, the rapidly growing platform helping brands manage and optimize their visibility in AI-powered search, has closed a $21 million Series A round led by Singular, marking one of Europe’s fastest-rising entries in the generative AI ecosystem. Just four months after its seed round, the company reports its valuation has tripled to above $100 million, driven by accelerating demand for tools that give brands control in a world where consumers increasingly ask ChatGPT instead of Google. – https://theaiinsider.tech/2025/12/02/peec-ai-closes-21m-in-funding-to-scale-generative-engine-optimization-platform-as-ai-search-becomes-a-global-discovery-channel/

Span Secures $25M to Bring Clarity to Engineering Teams Navigating AI Transformation

(AI Insider) Span raised $25 million in Seed and Series A funding to build its AI-native developer intelligence platform, backed by leading firms and more than 100 prominent founders and CTOs. The platform unifies signals from code, tickets, incidents, and tools to give engineering teams clear visibility into productivity, workflow patterns, and the real impact of AI-assisted coding — including Span’s proprietary model that detects AI-generated code at the chunk level. Funding will accelerate Span’s effort to help organizations measure AI’s ROI, automate manual engineering overhead, and maintain alignment and agility as teams scale and development accelerates. – https://theaiinsider.tech/2025/12/02/span-secures-25m-to-bring-clarity-to-engineering-teams-navigating-ai-transformation/

OpenAI Forms Strategic Partnership With Thrive Holdings to Accelerate AI Deployment Across Key Service Industries

(AI Insider) OpenAI has entered into a new strategic partnership with Thrive Holdings, taking an ownership stake in the company as part of a long-term collaboration to expand AI adoption across accounting, IT services, and other operationally intensive sectors. Thrive Holdings, affiliated with major OpenAI investor Thrive Capital, operates as a consolidation platform designed to modernize traditional industries through advanced AI integration. – https://theaiinsider.tech/2025/12/02/openai-forms-strategic-partnership-with-thrive-holdings-to-accelerate-ai-deployment-across-key-service-industries/

NVIDIA Unveils New Physical AI Models and Expands Strategic Chip-Design Partnership with $2B Synopsys Investment

(AI Insider) Nvidia announced major advances in physical AI infrastructure and semiconductor design on Monday, introducing a new reasoning-based vision model for autonomous systems while deepening its long-term partnership with Synopsys through a $2 billion strategic investment. The dual announcements underscore Nvidia’s push to supply both the intelligence and the underlying tools required for the next era of robotics, autonomous vehicles, and high-performance chip development. – https://theaiinsider.tech/2025/12/02/nvidia-unveils-new-physical-ai-models-and-expands-strategic-chip-design-partnership-with-2b-synopsys-investment/

PowerLattice Raises $25M to Break the AI Power Wall

(AI Insider) PowerLattice emerged from stealth with $25 million in Series A funding to launch its power delivery chiplet, which brings power directly into processor packages and cuts compute power needs by more than 50%, effectively doubling performance. Its technology addresses the growing energy crisis in AI data centers by shortening power paths, reducing energy loss, and enabling reliable, scalable power delivery for next-generation GPUs, CPUs, and accelerators. With silicon already produced and engineering samples underway, PowerLattice is positioned to reshape AI infrastructure, backed by founders with decades of semiconductor expertise and major investors including Playground Global and Celesta Capital. – https://theaiinsider.tech/2025/12/02/powerlattice-raises-25m-to-break-the-ai-power-wall/

Nudge Security Announces $22.5M Series A to Secure Workforce AI and SaaS

(AI Insider) Nudge Security raised $22.5 million in Series A funding to expand its SaaS and AI security governance platform, which secures organizations at the Workforce Edge through automated, real-time guardrails rather than restrictive controls. The company has grown rapidly since 2022, achieving two years of 3x ARR growth, nearly 200 customers, and more than 60 new product features addressing AI governance, identity risk, and SaaS sprawl. Its platform provides day-one visibility into all SaaS and AI tools, integrations, and identities, helping organizations adopt AI safely while maintaining security, with strong customer validation from companies such as Reddit. –  https://theaiinsider.tech/2025/12/02/nudge-security-announces-22-5m-series-a-to-secure-workforce-ai-and-saas/