China accuses US of exploiting Microsoft flaw | Putin increases control of Russia's internet | Australia's medical data transfer to AI company cleared
And, AI researchers negotiating salaries like NBA stars
Good morning. It's Monday, 4th of August.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on X, on LinkedIn, and on Bluesky.
China accused the US of exploiting a flaw in Microsoft’s email servers to steal military data and launch cyberattacks on its defense sector. The Cyber Security Association of China said in a statement that US actors had been linked to two major cyberattacks on Chinese military companies without naming them. Bloomberg
Since the first decade of Mr. Putin’s rule, Moscow had been articulating a vision for what it called a “sovereign” internet that would sever Russia as much as possible from the rest of the online world and strip power from foreign tech firms, which didn’t always give in to the Kremlin’s demands. The New York Times
Australia’s privacy commissioner has said the transfer of millions of patient X-rays and other scans by the country’s biggest radiology company without consent was a ‘case study of good privacy practice’. Crikey
ASPI
Espionage costs Australia more than $12.5 billion a year: ASIO shows us the receipts
The Strategist
Chris Taylor and James Corera
Espionage is not simply about stealing secrets. Whether through human agents, cyber intrusions, insider access, or open-source exploitation, espionage provides the intelligence needed for malign states to calibrate coercive strategies targeting our sovereignty, economic competitiveness and social cohesion. Modern espionage enables not just intelligence collection, but manipulation, disruption and strategic shaping. It doesn’t stop at the exfiltration of information. Increasingly, it’s about embedding influence and pre-positioning for strategic effect. Access is used not only to survey and monitor but to shape systems from within.
‘Spying at unprecedented levels’: ASIO boss sounds alarm on espionage threat. The Sydney Morning Herald
Australia
I-MED cleared of privacy concerns after giving 30 million+ medical scans to AI company without patient consent
Crikey
Cam Wilson
Australia’s biggest radiology provider giving at least 30 million medical scans of Australian patients to an AI company, without their knowledge or consent, did not appear to breach Australia’s privacy rules, the regulator has found. The Office of the Australian Information Commissioner announced that privacy commissioner Carly Kind would close the investigation after being satisfied that I-MED’s data had been “de-identified sufficiently”. She found this despite a “small number of instances” where the company had accidentally provided non-anonymised information.
Peter Thiel's Palantir taps Australian lobbyist amid Greens backlash
Capital Brief
Daniel Van Boom
Palantir has appointed CMAX Advisory for lobbying duties a month after the Greens called for an immediate freeze on the defence tech company's government contracts. CMAX Advisory was founded by Christian Taubenschlag, a former chief of staff to Labor defence minister Joel Fitzgibbon, and represents other defence companies like Austal and Raytheon.
Australia should balance innovation and sovereignty in supply chain security
The Strategist
Harry Geisler
Australia must strike a better balance between independent control over its defence-industrial supply chains and staying open to global innovation, particularly in dual-use technologies. As strategic competition intensifies, rigid restrictions can stifle the very innovation needed to maintain a competitive edge. Instead, Australia should combine adaptive procurement, trusted supplier frameworks and coordinated allied investment to secure critical capabilities while remaining agile, interoperable and open.
Australia and the AI revolution – turning algorithms into opportunities
The Guardian
Jim Chalmers
In 2020, Australia was ranked sixth in the world in terms of AI companies and research institutions when accounting for GDP. There is much work already under way: Australia investment in quantum computing company PsiQuantum and AI adopt centres, development of the country's first voluntary AI safety standard, putting AI on the critical technologies list, a national capability plan, and work on R&D. It is not beyond us to chart a responsible middle course on AI, which maximises the benefits and manages the risks.
China
China says US exploited old Microsoft flaw to wage cyberattacks
Bloomberg
Mark Anderson
China accused the US of exploiting a flaw in Microsoft Corp.’s email servers to steal military data and launch cyberattacks on its defense sector. The Cyber Security Association of China said in a statement that US actors had been linked to two major cyberattacks on Chinese military companies without naming them. They exploited flaws in Microsoft Exchange to control the servers of a key company in the defense sector for nearly a year, it added. The association is a little-known entity backed by the powerful Cyberspace Administration of China.
Inside the summit where China pitched its AI agenda to the world
WIRED
Zeyi Yang and Will Knight
Three days after the Trump administration published its much-anticipated AI action plan, the Chinese government put out its own AI policy blueprint. Was the timing a coincidence? Doubt it. China’s “Global AI Governance Action Plan” was released on July 26, the first day of the World Artificial Intelligence Conference, the largest annual AI event in China. Geoffrey Hinton and Eric Schmidt were among the many Western tech industry figures who attended the festivities in Shanghai. The vibe at WAIC was the polar opposite of Trump’s America-first, regulation-light vision for AI. In his opening speech, Chinese Premier Li Qiang made a sobering case for the importance of global cooperation on AI.
Patents by Silk Typhoon-linked company shed light on Beijing’s offensive hacking capabilities
The Record by Recorded Future
Jonathan Greig
Researchers have discovered more than 10 patents for powerful offensive cybersecurity technologies filed by a prominent Chinese company allegedly involved in Beijing’s Silk Typhoon campaign. SentinelOne's threat researchers pored through recent Justice Department indictments of prominent Chinese hackers and mapped out the country’s evolving web of private companies that are hired to launch cyber attacks on behalf of the government. The report focuses on intellectual property rights filings by Shanghai Firetech, a company the DOJ said works on behalf of the Shanghai State Security Bureau. The company was allegedly involved in many of the Silk Typhoon attacks and was previously identified as part of the Hafnium attacks seen in 2021.
China state media says Nvidia must provide 'security proofs' to regain trust
Reuters
Beijing Newsroom and Ros Russell
Nvidia must produce "convincing security proofs" to eliminate Chinese users' worries over security risks in its chips and regain market trust, a commentary published by China's state-run media People's Daily. Foreign companies must comply with Chinese laws and take security to be a basic prerequisite, said the commentary - titled "Nvidia, how can I trust you?" - which was published on the paper's social media account. In a statement sent to Reuters, an Nvidia spokesperson reiterated that "Cybersecurity is critically important to us".
USA
How Trump let $1 trillion worth of imports escape his tariff hammer
Bloomberg
Shawn Donnan, Ann Choi, Andre Tartar, and Ted Mann
How the coveted exclusions are granted, or the process by which a company can secure one, are among the most vexing questions in Washington today. Trump’s first administration established official means by which importers could request an exclusion. This time around, there are no such formalities. Instead, the rules of engagement are ad hoc, bordering on a free-for-all. The biggest beneficiaries have been large tech companies, such as Chinese PC-maker Lenovo Inc. and South Korea’s Samsung Electronics Co., with that sector avoiding more than $7 billion in tariffs. Others come from a wide range of industries, including oil and gas, bitcoin mining operations and medical device makers.
Palantir gets $10 billion contract from U.S. Army
The Washington Post
Elizabeth Dwoskin
The new contract, the largest ever awarded to the software and data analysis company, cements Palantir’s role as a major processor of data for the military. It comes on the heels of an additional $795 million the military allocated earlier this year to put into its artificial intelligence targeting software, Maven Smart System. The new enterprise agreement, according to an army statement, marks a significant shift in the army’s software purchasing practices and “establishes a comprehensive framework for the Army’s future software and data needs.” The army said the new agreement would consolidate existing software contracts and lead to “significant cost efficiencies across mission-critical programs.”
Senate confirms Sean Cairncross to be national cyber director under Trump
NextGov
David DiMolfetta
The Senate confirmed Sean Cairncross to serve as national cyber director in a 59-35 vote, making him the first Senate-approved cybersecurity official of President Donald Trump’s second term. Cairncross is a former Republican National Committee official and was CEO of the Millennium Challenge Corporation agency during Trump’s first term. As national cyber director, he will be tasked with overseeing an office first stood up under the Biden administration, which serves as the key White House cyber policy interlocutor across federal agencies and Capitol Hill. Cairncross does not have direct cybersecurity policy experience, but said his past roles involved engagements with different parts of the U.S. cyber community.
Trump’s Maga Inc. builds $200mn war chest in first half of 2025
Financial Times
Alex Rogers, Ian Hodgson, and Nikou Asgari
Maga Inc., Donald Trump’s Super Pac, has amassed almost $200mn thanks to a big injection of cash from the crypto industry, giving the president an enormous war chest ahead of the 2026 congressional elections. By contrast, Future Forward, the Democratic Super Pac that raised hundreds of millions of dollars for the 2024 presidential election, held just $2,826 in cash. Tech titans were among the big donors to Trump’s Super Pac. Billionaire Jeff Yass, a longtime investor in TikTok, gave $16mn, including $15mn on March 6, the day the US president said that he would “probably” further extend the deadline for the social media platform to separate ownership from China.
North Asia
North Korean hackers target open-source repositories in new espionage campaign
The Record by Recorded Future
Daryna Antoniuk
North Korean state-backed hackers have planted malicious code in open-source software repositories as part of an ongoing campaign that has already put tens of thousands of developers at risk of surveillance and data theft, according to new research. Between January and July, cybersecurity firm Sonatype said it blocked 234 malicious packages uploaded to the widely used npm and PyPI code repositories and linked to the campaign. The packages, which impersonated legitimate developer tools, were designed to steal credentials, profile victims’ devices and plant backdoors. The researchers estimate the campaign may have impacted more than 36,000 developers.
Japan posts biggest drop in IT labor productivity among G7
Nikkei Asia
Kosuke Toshi
Japan's IT industry experienced the steepest decline in labor productivity among the Group of Seven leading industrialized economies between 2019 and 2023, as the sector's growing workforce did not yield proportional profit growth. The sector's inflation-adjusted labor productivity, measured as the added value produced per employee, fell 13% over the four years to 2023 in yen terms, according to the Japan Productivity Center. Added value is defined as revenue minus the cost of goods and services used in production. In contrast, productivity in the U.S. grew 27% and in the U.K. it rose 9%, in local currency terms.
Southeast Asia
Thai, Cambodian netizens take border conflict online
Nikkei Asia
Danielle Keeton-Olsen
The shelling between Cambodia and Thailand has, for the most part, ended after a ceasefire was agreed in Malaysia on Monday. What might prove harder to silence are the cross-border online attacks that have stirred deep hatred between the two countries' netizens. They extended their activity far beyond Cambodia's most popular platforms of Facebook, TikTok and Telegram, he said. Some users created X accounts to engage or taunt Thai users. Others started posting on Truth Social, the conservative social media site of U.S. President Donald Trump, while young Cambodians hosted a virtual protest on the game platform Roblox.
South & Central Asia
India dismisses Fake News claiming govt reviewing list of US goods exempted from tariffs
Mint
Anubhav Mukherjee
The Ministry of External Affairs fact-checking handle on Sunday dismissed a fake news which claimed that the Indian government is currently reviewing a list of US-made products exempted from the tariffs after US President Donald Trump announced 25 per cent tariffs plus a penalty on domestic exports to America from August 1. An X handle named ‘China in English’ claimed “The Indian government begins reviewing the list of U.S. products exempted from tariffs… and declares: No privilege without mutual respect”. However, MEA FactCheck, the official social media handle of the fact-checking arm of the Ministry of External Affairs on the social media platform X, said that it is fake.
Ukraine – Russia
Putin widens effort to control Russia’s internet
The New York Times
Paul Sonne
Russia is escalating its efforts to curtail online freedom, taking new steps toward a draconian state-controlled internet. The authorities are cracking down on workarounds that Russians have been using for access to foreign apps and banned content, including through new laws signed by President Vladimir V. Putin this past week. Moscow has also been impeding the function of services from U.S. tech companies, like YouTube, that Russians have used for years. At the same time, the Kremlin is building out a domestic ecosystem of easily monitored and censored Russian alternatives to Western tech products. That includes a new state-approved messaging service, MAX, which will come preinstalled by law on all new smartphones sold in Russia starting next month.
Russia’s mobile internet shutdowns hit record high amid Ukrainian drone attacks. The Record by Recorded Future
Ukrainian attack sparks blaze at Russian oil depot as countries trade strikes
The Guardian
An overnight Ukrainian drone attack on an oil depot near the Russian Black Sea resort of Sochi ignited a raging fire, as the two countries traded strikes at the end of one of the deadliest weeks in Ukraine in recent months. Drone wreckage hit an “oil tank, which caused a fire”, Kondratyev said on the Telegram messaging app. Sochi, which hosted the 2014 Olympic Winter Games, is about 250 miles from the Ukrainian border. Video clips on social media showed huge black pillars of smoke pouring out from the facility. Russia’s civil aviation authority temporarily halted flights at Sochi airport, as the Ukrainian president, Volodymyr Zelenskyy, announced fresh plans for a prisoner exchange.
Europe
Biometrics to replace stamps at EU border from 12 October
BBC
Jessica Rawnsley
Stamps in people's passports will be replaced by biometric checks for people travelling in and out of the EU from 12 October, officials have confirmed. The Entry/Exit System will replace the current paper checks and will mean passengers from the UK will need to have their fingerprints and faces scanned to cross an EU border. The scheme will be rolled out across member nations over six months, meaning it will not be fully implemented until 10 April 2026. It was due to come into effect last November but has been beset by technological delays.
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage
The Record by Recorded Future
Alexander Martin
Luxembourg’s government announced it was formally investigating a nationwide telecommunications outage caused last week by a cyberattack reportedly targeting Huawei equipment inside its national telecoms infrastructure. The outage on July 23 left the country’s 4G and 5G mobile networks unavailable for more than three hours. Officials are concerned that large parts of the population were unable to call the emergency services as the fallback 2G system became overloaded. Internet access and electronic banking services were also inaccessible. According to government statements issued to the country’s parliament, the attack was intentionally disruptive rather than an attempt to compromise the telecoms network that accidentally led to a system failure.
UK
Social media ads promoting small boat crossings to UK to be banned
The Guardian
Eleni Courea
Ministers are to outlaw social media adverts promoting journeys on small boats across the Channel to asylum seekers. The government will create a UK-wide criminal offence that could lead to perpetrators being sentenced for up to five years in prison and a hefty fine. Though facilitating illegal immigration is already a crime, the change will make it a specific offence to create material for online publication that promotes or offers services that would lead to a breach of UK immigration law. This includes advertising small boat crossings, selling fake passports, visas and other travel documents, and promoting opportunities for illegal work in the UK.
Some Gaza and Ukraine posts blocked under new age checks
BBC
Ned Davies, Shayan Sardarizadeh and Matt Murphy
Social media companies are blocking wide-ranging content - including posts about the wars in Ukraine and Gaza - in an attempt to comply with the UK's new Online Safety Act, BBC Verify has found. The new legislation imposes fines on social media companies and other websites which fail to protect under-18s from pornography, posts promoting self-harm, and other harmful content. In serious cases, services could be blocked in the UK. But BBC Verify found a range of public interest content, including parliamentary debates on grooming gangs, has been restricted on X and Reddit for those who have not completed age verification checks.
Middle East
Dubai unveils first AI-generated 'Emirati family
The National
Dubai has introduced its first AI-powered virtual Emirati family, set to serve as the face of the government's digital strategy. The interactive cast of characters will operate as brand ambassadors for Digital Dubai, the organisation tasked with promoting the integration of online services and advanced technology in everyday life. The first member of the futuristic family was revealed last week. The remarkably lifelike young girl – dressed in traditional attire – is shown in a short video smiling at the camera as she plays in a park. The UAE is the only country from the Middle East with cities in the top 10 of the 2025 Global AI Cities Index.
Big Tech
TikTok launches ‘TikTok Pro’ in Europe with built-in charity program
TechCrunch
Aisha Malik
TikTok is launching a new version of its app called “TikTok Pro” in Germany, Portugal, and Spain. The app features TikTok’s new “Sunshine Programme,” which allows users to support charitable organizations. Users can earn “virtual sunshine” by inviting others to join and by interacting with charity-related content, such as liking or reposting videos, following charity accounts, or searching for charitable causes. They can then use this virtual sunshine on a charity, after which TikTok will make a donation to the organization.
Google loses appeal in antitrust battle with Fortnite maker
Associated Press
Michael Liedtke
A federal appeals court has upheld a jury verdict condemning Google’s Android app store as an illegal monopoly, clearing the way for a federal judge to enforce a potentially disruptive shakeup that’s designed to give consumers more choices. The unsuccessful appeal represents a major victory for video game maker Epic Games, which launched a legal crusade targeting Google’s Play Store for Android apps and Apple’s iPhone app store nearly five years ago in an attempt to bypass exclusive payment processing systems that charged 15% to 30% commissions on in-app transactions.
Gen Z grew up on YouTube. They say a ban is a blow to culture and community
ABC News
Annika Burgess
Without YouTube, Leo Puglisi's life may have looked very different. The 17-year-old launched an online news channel on the video-sharing site in 2011. And by the ripe age of 14, he was interviewing the Australian prime minister. Puglisi has raised concerns that young people will be "cut off" from those opportunities with YouTube being roped into Australia's social media bans for under-16s. He argues that the government lacks understanding of the diverse and widespread use of the platform.
Artificial Intelligence
AI researchers are negotiating $250 million pay packages. Just like NBA stars.
The New York Times
Mike Isaac, Eli Tan and Cade Metz
Silicon Valley’s A.I. talent wars have become so frenzied — and so outlandish — that they increasingly resemble the stratospheric market for N.B.A. stars. Young A.I. researchers are being recruited as if they were Steph Curry or LeBron James, with nine-figure compensation packages structured to be paid out over several years. To navigate the froth, many of the 20-somethings have turned to unofficial agents and entourages to strategize. And they are playing hardball with the companies to get top dollar, much as basketball players shop for the best deals from teams. The difference is that unlike N.B.A. teams, deep-pocketed A.I. companies like Meta, OpenAI and Google have no salary caps.
AI chatbots are becoming popular alternatives to therapy. But they may worsen mental health crises, experts warn
The Guardian
Josh Taylor
In 2023, a Belgian man reportedly ended his life after developing eco-anxiety and confiding in an AI chatbot over six weeks about the future of the planet. Without those conversations, his widow reportedly told the Belgian outlet La Libre, “he would still be here”. The wide availability of chatbots in the past few years has apparently led some to believe there is a ghost in the machine – one that is conscious, capable of loving and being loved. A recent phenomenon, termed “ChatGPT-induced psychosis”, has been used to describe people being led down conspiracy theory rabbit holes or into worsened mental health episodes by feedback they receive from chatbots.
Will AI put fiction writers out of work?
Financial Times
John Self
It was a statement that had the British book world clutching its pearls. “AI ‘likely’ to produce bestseller by 2030,” read a headline in The Bookseller in June. The story in the parish newsletter of Britain’s book industry reported a speech at a publishing conference by Philip Stone of Nielsen, a company that compiles book sales data in the UK. The reaction in the normally sedate bookish corners of social media was swift and harsh. Stone’s prediction was, variously, “propaganda”, or “nonsense on stilts”, or “the NFT grift all over again”. The reaction may have been a solid-gold case of shooting the messenger, but it reflected the importance people place on books — novels, stories, non-fiction narratives — as human artefacts.
Misc
How podcast-obsessed tech investors made a new media industry. Bloomberg
Enough of the billionaires and their big tech. ‘Frugal tech’ will build us all a better world. The Guardian
Gamers are furious about the censorship of NSFW games—and they’re fighting back. WIRED
Events & Podcasts
The Sydney Dialogue 2025
The Australian Strategic Policy Institute is pleased to announce the Sydney Dialogue, the world’s premier policy summit for critical, emerging and cyber technologies, will return on 4-5 December. Now in its fourth year, the dialogue attracts the world’s top thinkers, innovators and policymakers, and focusses on the most pressing issues at the intersection of technology and security. TSD has become the place where new partnerships are built among governments, industry and civil society, and where existing partnerships are deepened.
China military scholar Elsa Kania on the PLA’s dramatic modernisation
Stop the World
Much of Elsa’s recent work has focussed on the role of technology in the PLA’s capabilities, doctrine and command structure. She talks about the role of artificial intelligence, the concepts of informatisation and intelligentisation, and the Chinese view of the ethics of automating lethal force. She also talks about China’s military rehearsals around Taiwan, its concept of “peace disease”, and China’s overall strategy with its growing military assertiveness.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security Programs team at ASPI and supported by partners.
