China builds a secret platform to track foreigners
Plus, Shai-Hulud continues to spread across open-source package registries
Welcome to the latest edition of ASPI’s Cyber & Tech Digest.
Each week, ASPI curates and contextualises the most important developments in cyber, technology, and geopolitics — highlighting what matters and why.
This edition covers the period: 16 May 2026 to 22 May 2026.
Follow the Australian Strategic Policy Institute on Bluesky, LinkedIn, and X.
What We’re Tracking
China builds a secret platform to track foreigners
What happened: NetAskari, a group that monitors Chinese security infrastructure, found a web dashboard built for China’s Public Security Bureau that tracks foreigners and people deemed ‘of interest’ — including foreign students, spouses of Chinese citizens and journalists — using data from cameras, visa records, travel apps, and ID and face scans. NetAskari described it as a test system, not connected to a live data environment, though partly populated with real data from real people of foreign nationality and of unclear operational status.
The Daily Telegraph‘s Sophia Yan found her own file in the database, marked ‘trackable.’ The system holds a dedicated journalist inquiry section containing passport numbers, ID photos, private cellphone numbers and dates of birth: data collected during visa applications at Beijing‘s Entry/Exit Bureau.
The platform is not without precedent. In 2021, Reuters reported that Henan province commissioned a nearly identical system — awarded to IT company Neusoft for five million yuan — that categorised foreign journalists into red, yellow and green risk tiers. Tender documents described authorities’ ability to have targets ‘tailed and controlled.’
The dashboard also separately categorised citizens from the Five Eyes countries — the UK, US, Australia, New Zealand and Canada — along with people from Hong Kong, Macau and Taiwan.
Why we’re tracking this: This is not general-population surveillance adapted for foreigners, it is a purpose-built foreigner-targeting layer within China‘s broader surveillance architecture. Its relationship-modelling function goes beyond tracking individuals: it maps social networks, logging who foreigners meet, how often, and in what context. That capability is what elevates this from a data collection system to an active intelligence tool.
What people are saying:
“What’s most interesting is that this seems to be a dedicated system to keep a close eye on what foreigners do in the country, and then to build this relationship model — who do they hang out with, who are they seen with?” — The Daily Telegraph — Marc Hofer, NetAskari
“The scary part? China could roll out the technology to start tracking people outside the country.” — The Daily Telegraph — Sophia Yan, The Daily Telegraph
My view: I’ve previously called China’s surveillance apparatus ‘Chabudwellian’ — combining ‘Orwellian’ with the Chinese term cha bu duo, meaning “almost”, or work done with poor or minimal effort. ‘Outside of China, foreigners think their surveillance system is highly sophisticated,’ I told The Guardian four years ago, ‘but in reality a lot of the time this infrastructure is jerry-rigged and not super effective.’Marc Hofer of NetAskari thought much the same — that the capabilities were ‘more based on the fantasy of Western commentators than rooted in facts’. But that cobbled-together system is taking shape. In Hofer’s words, the dragnet is getting ‘finer meshes as new data sources are increasingly added’; the cha bu duo system is no longer quite so cha bu duo, and as Yan says, the scary part is what comes next.
— Fergus Ryan, CTS
Shai-Hulud worm spreads across npm and PyPI package registries
What happened: A self-replicating, credential-stealing worm called Shai-Hulud has torn through open-source registries over several days in May. After threat actor TeamPCP open-sourced the original on GitHub, fresh waves followed, The Register reported. The pace was striking: The Register found one compromised account infected 314 npm packages in 22 minutes, while Bleeping Computer counted 639 malicious versions across 323 packages in an hour on 19 May.
Beyond stealing cloud credentials, the payload backdoors Claude Code and Codex and forges Sigstore provenance to look signed. A PyPI strain in Microsoft‘s durabletask package carried a disk wiper keyed to Israeli and Iranian locale settings, IT News reported.
Why we’re tracking this: Open-source registries are shared infrastructure for government, industry and critical-infrastructure operators, so one poisoned package can propagate across unrelated networks before defenders notice.
The forged Sigstore provenance erodes the cryptographic trust signals that supply-chain defences depend on, and the wiper keyed to Israeli and Iranian locale settings adds a destructive, geographically targeted dimension beyond ordinary credential theft.
What people are saying:
‘It’s just the first phase of an upcoming wave of supply chain attacks’ says Moshe Siman Tov Bustan, Ox Security.
‘Modern software is built on a deeply interconnected ecosystem of open-source libraries, package managers, and continuous integration and continuous deployment infrastructure’ said OpenAI, in its response to the related TanStack compromise.
‘The Mini Shai-Hulud campaign has now demonstrated that every layer of the trust stack… can be abused to publish malware that looks legitimate by every available signal’ says Sonali Sood of CodeAnt AI, an agentic code security platform.
My view: Modern software rests on open-source foundations that almost no one is paid to secure, a structural fragility this campaign exploits at scale. The worm subverts the signals meant to confer trust, forging Sigstore provenance to look legitimately signed and backdooring AI coding assistants like Claude Code and Codex to gain a foothold. As automated tooling shapes more of the software commons, those trust signals become a high-value attack surface in their own right. What stays unclear is whether this marks a durable shift in tradecraft or one capable group’s experiment, and whether forged provenance survives once defenders adapt. The answer has implications for the security of the digital public infrastructure that modern societies depend on.
— Stephan Robin, CTS
What We’re Watching
A weekly scan of notable developments we’re tracking across technology, policy, and geopolitics.
⸻
🚀 Strategic competition
Australia’s Treasurer Jim Chalmers ordered six Chinese-linked investors to divest their combined 17 per cent stake in rare earths miner Northern Minerals within two weeks. The affected entities include Hong Kong Ying Tak Ltd and Vastness Investment Group Ltd, among others. The government said the decision, consistent with advice from the Foreign Investment Review Board, was necessary to protect the national interest. Northern Minerals’ Browns Range Heavy Rare Earths Project in WA’s East Kimberley region is strategically significant as a potential non-Chinese source of dysprosium and terbium — rare earth elements used in military systems, semiconductors and clean energy.
A Strider Technologies report identified more than 6,000 research collaborations since 2020 between Australian organisations and Chinese military-linked institutions, including PLA-affiliated universities and defence conglomerates. The article details collaborations involving researchers linked to ANU, Melbourne University and the University of Queensland on drone anti-jamming, underwater target-tracking and electronic warfare technologies with potential military applications.
Education Minister Jason Clare vetoed 13 Australian Research Council university grant projects over concerns they could threaten Australia’s national security, defence or international relations — involving research areas including drones, cyber security and alternative energy technologies with potential dual-use military applications. The government is now preparing legislation to strengthen university compliance with research security and critical technology safeguards.
In the Pacific, analysis by Madi Jones published by The Strategist argued that China’s influence in Solomon Islands is likely to endure despite the appointment of Prime Minister Matthew Wale, who has historically criticised Beijing’s growing role in the country. China has become deeply embedded through infrastructure projects, policing assistance and telecommunications. Meanwhile Geoff Wade and Justin Bassi argued that Landbridge Group’s World Bank arbitration case over Darwin Port is part of a broader Chinese strategic effort to retain influence over critical infrastructure, and recommended Australia unilaterally terminate the lease and work with trusted partners to manage the port.
ASML Holding NV signed a partnership agreement with Tata Electronics to support India’s semiconductor manufacturing ambitions, with ASML technology earmarked for Tata Electronics’ planned 300 millimetre semiconductor foundry in Gujarat. The agreement was announced during Indian Prime Minister Narendra Modi’s visit to the Netherlands.
Nvidia’s ability to sell advanced AI chips in China remains uncertain despite CEO Jensen Huang joining US President Donald Trump’s delegation to Beijing. Although the Trump administration approved Nvidia’s H200 chip exports in late 2025, Beijing has not authorised purchases and continues encouraging domestic firms to use Chinese technology from companies such as Huawei. Chinese AI company DeepSeek announced its latest model had been optimised for Huawei chips, reinforcing China’s broader push for technological self-sufficiency.
Xi Jinping and Vladimir Putin pledged expanded cooperation on artificial intelligence, satellite internet, cybersecurity and open-source software at a summit in Beijing. The joint statement outlined plans to improve interoperability between Russia’s GLONASS and China’s BeiDou satellite navigation systems and to coordinate on ‘internet sovereignty.’ Russia’s Sberbank, meanwhile, is seeking to use Chinese-made microchips to power its GigaChat AI model as Western sanctions restrict access to advanced hardware.
US senators Jeanne Shaheen and Pete Ricketts introduced bipartisan legislation aimed at countering Chinese overseas sales of AI and strategic technologies. The bill would establish a State Department office and a proposed $500 million fund to subsidise allied governments purchasing US AI models, chips, cloud systems and cybersecurity tools, aligning with the Trump administration’s Pax Silica strategy.
The US Commerce Department is separately awarding $2 billion in grants to nine quantum-computing companies — including IBM, GlobalFoundries, Rigetti Computing and D-Wave Quantum — in exchange for minority government equity stakes, sourced from the Chips and Science Act.
⸻
🧠 AI models, agents & compute
Chinese AI companies including ByteDance, Kuaishou and MiniMax are outperforming many US rivals in AI video generation, according to developers and user rankings, according to Financial Times. Their advantage is linked to access to large proprietary libraries of short-form video from platforms such as TikTok and Kuaishou, as well as fewer content restrictions and lower costs. While OpenAI, Google and Anthropic continue to dominate large language models and coding, their video tools lag behind Chinese offerings in quality and usability.
Google used its I/O developer conference to announce expanded AI integration across Search, YouTube, Android, Workspace, hardware and Gemini models. New products include the Gemini Omni multimodal model, Gemini Spark autonomous agents, conversational ‘Ask YouTube’ search and AI-enabled smart glasses.
OpenAI announced expanded measures to label AI-generated content by combining C2PA content credentials with Google’s SynthID watermarking technology, and is previewing a public verification portal to detect whether images were generated using OpenAI systems.
xAI launched Grok Build, its first AI coding agent, available to SuperGrok Heavy subscribers. The beta product includes execution planning and compatibility with existing developer plug-ins. The launch follows a restructuring of xAI after leadership departures and positions the product alongside AI coding offerings from OpenAI and Anthropic.
Amazon Web Services has repositioned itself as a major AI competitor through large infrastructure spending, investments in Anthropic and OpenAI, and long-term development of custom AI chips including Trainium and Graviton, according to The Wall Street Journal.
A peer-reviewed Nature study found that government-controlled media environments influence the outputs of large language models through training data exposure. Researchers showed LLMs display stronger pro-government responses in languages from countries with lower media freedom, and demonstrated that Chinese state-coordinated media appears in major training datasets. Experimental testing found that additional training on Chinese state media increased positive responses about Chinese political institutions, while prompting commercial models in Chinese produced more favourable responses than equivalent prompts in English.
New research and case studies are raising concerns about ‘AI psychosis’, where intensive chatbot use is associated with delusional thinking, emotional dependency and social isolation. Studies from Stanford University analysing chatbot conversations found users and AI systems can enter ‘delusional spirals’, with bots reinforcing beliefs about sentience, conspiracies or grandiose achievements. Researchers and clinicians warned that growing emotional reliance on AI companions could pose risks, particularly for vulnerable users and children.
Meta told employees it is reassigning 7,000 workers into four new AI-focused organisations ahead of planned layoffs affecting about 8,000 employees. The restructuring reflects Meta’s broader shift toward ‘AI native’ operating structures with fewer managers, while deprioritising metaverse initiatives. CEO Mark Zuckerberg has committed up to US$135 billion in spending this year, much of it directed toward AI development and data centres.
⸻
⚔️ Autonomous weapons & battlefield AI
Ukraine’s Defence Minister Mykhailo Fedorov is leading efforts to integrate AI and autonomous drone systems into Ukraine’s war strategy against Russia, working with defence technology firms and figures including Palantir CEO Alex Karp and former Google CEO Eric Schmidt. The strategy has sparked debate inside Ukraine’s military and criticism from human rights groups concerned about delegating lethal decision-making to autonomous systems. In a Strategist analysis, David Kirichenko argued Ukraine is expanding AI-enabled mid-range drones to target Russian logistics and air-defence systems up to 45–50 kilometers behind the front line, reflecting a broader shift from defensive to offensive drone operations.
Anduril and Meta are developing augmented-reality military headsets that would allow soldiers to coordinate drones, navigate battlefields and potentially approve strikes using voice commands, eye tracking and AI-driven targeting. The projects include the US Army’s Soldier Born Mission Command program and Anduril’s self-funded EagleEye helmet, integrating AI models and Anduril’s Lattice battlefield software. Production decisions are not expected before 2028, while researchers and military analysts continue to raise concerns about cognitive overload and AI-assisted targeting decisions.
Ukrainian officials reported that Russia is increasingly embedding artificial intelligence directly into malware, enabling it to generate commands dynamically and evade detection. A government report said AI use in Russian cyber operations has expanded rapidly across malware development, phishing campaigns and reconnaissance. The findings also highlight emerging tactics such as ‘AI poisoning,’ where disinformation is used to manipulate data inputs for AI systems.
⸻
🛡 Cyber posture
CISA ordered all US federal agencies to patch a critical vulnerability in Cisco SD-WAN systems after active exploitation was detected. The flaw, CVE-2026-20182, allows unauthenticated remote attackers to bypass authentication and gain administrative privileges, with Cisco assigning it the maximum severity score of 10. Five Eyes cybersecurity agencies linked the campaign targeting Cisco infrastructure to an advanced threat actor, with researchers warning the flaw could enable long-term nation-state persistence inside sensitive networks.
Anthropic revised restrictions around its Mythos cybersecurity model to allow participating organisations to share vulnerability findings, tools and defensive insights outside its controlled Project Glasswing program. Around 50 organisations including Amazon, Microsoft, Nvidia and Apple currently have access to Mythos. Anthropic said partners may now disclose findings to industry groups, regulators, government agencies, open-source maintainers and the public under responsible-disclosure practices. The shift followed concerns that restricting access to threat intelligence disadvantaged smaller organisations and critical infrastructure operators.
Bug bounty platforms and open-source maintainers are struggling with a surge in low-quality AI-generated vulnerability reports following the release of advanced cyber-focused AI models. Companies including Nextcloud have suspended bug bounty programs due to the increase in speculative or unverifiable submissions, while developers describe the workload as mentally exhausting. Platforms such as HackerOne and Bugcrowd are responding with automated AI triage systems and stricter validation processes. Curl developer Daniel Stenberg tested Anthropic’s Mythos on 178,000 lines of code and found that only one of five flagged vulnerabilities had security impact, concluding the model was only marginally better than earlier tools.
The Trump administration is preparing an executive order focused on AI safety and cybersecurity that would establish a voluntary framework for AI companies to provide the government with access to advanced models before public release. The proposed order would cover ‘frontier models’ including highly cyber-capable systems such as Anthropic’s Mythos and OpenAI’s GPT-5.5-Cyber. U.S. Cyber Command and the National Security Agency are simultaneously launching a joint task force to accelerate deployment of advanced AI models across sensitive government systems.
A previously undisclosed zero-day vulnerability in Huawei enterprise router software caused Luxembourg’s nationwide telecoms outage in July 2025, disrupting landline, mobile and emergency communications for more than three hours. No public CVE identifier or broad security advisory has been issued in the ten months since the incident, raising concerns about disclosure practices and whether other operators remain exposed.
Microsoft disrupted Fox Tempest, a malware-signing-as-a-service platform that enabled ransomware groups to disguise malicious software as legitimate applications, seizing infrastructure, revoking more than 1,000 fraudulent certificates and taking hundreds of virtual machines offline. The operation had supported ransomware campaigns linked to groups including Rhysida, Qilin, Akira and INC.
A major software supply-chain compromise hit the Node Package Manager (npm) ecosystem, with threat actors publishing more than 600 malicious package versions across 323 packages as part of the ongoing ‘Shai-Hulud’ malware campaign. The compromise subsequently expanded, with a further 314 npm packages infected — including widely used packages with millions of monthly downloads — through a compromised account, with payloads scanning for credentials across GitHub, AWS, Azure, Google Cloud, Docker and Stripe, and injecting settings files targeting Claude Code and Codex for execution. Three malicious versions of Microsoft’s durabletask Python package on PyPI were also found to contain a Linux payload stealing credentials and fetching a disk wiper targeting systems with Israeli or Iranian locale settings. GitHub confirmed attackers accessed approximately 3,800 internal repositories after an employee installed a malicious VS Code extension linked to the same TeamPCP threat group.
Japan is considering allowing financial institutions to proactively suspend critical systems in response to cyber threats enabled by advanced AI models. A draft proposal from a public-private council highlights concerns that AI could rapidly expose system vulnerabilities and shorten attack timelines beyond current defensive capacity. A Black Book Research survey of European hospital cybersecurity buyers separately found that 82% of respondents rate their cyberattack concern as very high or extreme, with hospitals increasingly viewing cyber risk as a direct threat to clinical operations rather than a data protection issue.
⸻
🕵️ Surveillance states
The discovery of a Chinese undersea monitoring device in Indonesia’s Lombok Strait has renewed attention on Beijing’s ‘Transparent Ocean Program’, a long-running effort to expand real-time undersea surveillance capabilities combining satellites, underwater sensors, drones and AI-enabled data processing. Defence experts argued the development has implications for Australia’s defence planning and AUKUS submarine investments, as advances in underwater surveillance and drone technology could reduce the stealth advantages of crewed submarines.
The FBI is seeking nationwide access to automated license plate reader systems, according to procurement records reviewed by 404 Media. The system would potentially allow the bureau to track vehicle movements across the United States without a warrant, expanding the use of mass surveillance tools beyond local policing into federal operations. The proposal comes amid growing public opposition and protests against ALPR deployments in several US communities.
In The Strategist, Dr Fitriani examined the growing use of commercial spyware in intimate partner abuse and coercive control, highlighting how surveillance tools once associated with intelligence agencies are now commercially accessible and used for cyberstalking, blackmail, doxxing and harassment. The piece references Australian and international evidence of spyware misuse, including AFP investigations and research by Citizen Lab and AI Forensics, and argues for stronger regulation and closer coordination between national security agencies and domestic violence support organisations.
⸻
⚖️ Platform accountability
X committed to stronger moderation measures for UK users following pressure from communications regulator Ofcom under the Online Safety Act, agreeing to review suspected illegal hate and terror content flagged through a dedicated reporting tool within 24 hours and to block accounts linked to proscribed organisations. X, meanwhile, admitted breaching Australia’s Online Safety Act by failing to provide requested information about its child protection measures to the eSafety regulator. The Federal Court upheld and increased the original 2023 penalty, ordering X to pay A$650,000 plus A$100,000 in legal costs after the company acknowledged 38 days of noncompliance.
Ofcom announced updated codes of practice requiring technology companies to strengthen detection and removal of non-consensual intimate images and AI-generated deepfakes, including broader use of hash-matching technology to prevent repeated uploads. Ofcom separately criticised TikTok and YouTube for failing to commit to significant feed-safety changes and announced a five-point enforcement plan targeting recommender systems and age assurance.
Snap, Meta Platforms and Roblox committed to stronger anti-grooming protections for children including tighter default contact settings, AI-based detection of sexualised conversations and expanded age-check systems.
Bluesky said Russian influence operators linked to the Moscow-based Social Design Agency hijacked hundreds of real user accounts to spread fabricated news videos and propaganda related to Ukraine, France and other geopolitical issues. Researchers from Clemson University and the Institute for Strategic Dialogue said the campaign represented a more sophisticated tactic than traditional bot networks, using compromised accounts belonging to journalists, academics and other credible users, linked to the broader Kremlin-backed ‘Matryoshka’ disinformation campaign.
Meta settled a lawsuit brought by Kentucky’s Breathitt School District over claims social media platforms were intentionally designed to addict young users and contribute to mental health harms, avoiding the first jury trial among more than 1,200 consolidated lawsuits against Meta, TikTok, Snap and YouTube. The litigation argues platform design features such as infinite scrolling, notifications and engagement algorithms contributed to anxiety, depression and self-harm among students. Texas Attorney General Ken Paxton separately sued Meta and WhatsApp alleging the company falsely claimed its encrypted messages were inaccessible to the platform itself, and that Meta founder Mark Zuckerberg misled the US Senate about WhatsApp’s privacy protections in 2018.
⸻
🧑⚖️ Courts, enforcement & regulation
A US federal appeals court appeared sceptical of Anthropic’s attempt to block the Pentagon from designating the company as a supply-chain risk to national security. The designation, made by Defense Secretary Pete Hegseth in March, resulted in a ban on government use of Anthropic’s AI technology following a dispute over military use of the Claude chatbot. Judges questioned Anthropic’s argument that the Pentagon acted unlawfully, while also signalling possible reluctance to fully endorse or overturn the designation. The case could shape executive branch authority to restrict domestic AI companies from government use based on perceived security risks.
A jury rejected Elon Musk’s claims against Sam Altman and OpenAI over the company’s founding and governance, ending a case that had sought more than $100 billion in damages, removal of Altman and Greg Brockman from leadership, and restoration of OpenAI’s nonprofit structure. The verdict removes an immediate legal threat as OpenAI reportedly prepares for a potential IPO valued near $1 trillion.
Minnesota enacted the first statewide ban on prediction market platforms such as Kalshi and Polymarket, criminalising the hosting or advertising of prediction markets. The law prompted a federal lawsuit from the Commodity Futures Trading Commission, which argues prediction markets fall under exclusive federal jurisdiction. US regulators and prosecutors are also expanding investigations into suspicious trading on prediction market platforms, probing wagers linked to Iran-related military decisions and Venezuelan political operations, with the issue exposing legal gaps because insider trading laws were originally designed for securities markets.
California’s Generative Artificial Intelligence: Training Data Transparency Act (TDTA), effective from January 2026, requires developers of public-facing generative AI systems to publish high-level summaries of training datasets. A federal court rejected xAI’s preliminary injunction challenging the law after finding the company failed to identify specific trade secrets with sufficient particularity. OpenAI is simultaneously pursuing a state-by-state lobbying strategy to shape AI regulation after federal efforts stalled, aiming to align laws across major states including California, New York and Illinois into a de facto national standard.
⸻
🏛️ Government, procurement & public sector tech
The Australian federal government plans to use AI to reduce regulatory delays and lower compliance costs, including assisting medicine assessments at the Therapeutic Goods Administration and supporting environmental approvals for housing developments. Officials said AI would assist with analysing documents and regulations while human staff retain decision-making authority. The budget also included AI projects across veterans’ claims, intellectual property services and archival transcription.
Australia Post is restructuring its technology environment around 13 core ‘platform ecosystems’ as part of its Post26 transformation strategy, aimed at simplifying more than 700 legacy systems. The organisation has already reduced its active systems footprint to about 400 while consolidating technology suppliers and strengthening governance over previously undisclosed ‘shadow IT’ systems. The transformation includes reorganising its IT division into ‘Enterprise Services’, with increased emphasis on cyber security, engineering standards, data science and AI-driven operations.
EY removed a published report after researchers identified fabricated data and non-existent citations generated through AI use. Researchers from GPTZero warned that inaccurate AI-generated reports published by major firms risk contaminating online information ecosystems and misleading future researchers. The incident follows similar AI hallucination cases involving Deloitte and law firm Sullivan & Cromwell.
Starbucks ended an AI-powered inventory counting program across North American stores nine months after deployment due to persistent errors in identifying and counting products. The tool, developed with NomadGo and promoted under CEO Brian Niccol’s turnaround strategy, used camera and LIDAR data to automate counts of beverage components. Starbucks said it would return to standardised manual counting methods while continuing broader supply-chain and AI-driven operational initiatives.
⸻
🧒 Online harms & child safety
The US Take It Down Act’s takedown provisions entered into force, requiring online platforms to remove nonconsensual intimate imagery, including AI-generated deepfakes, within 48 hours or face financial penalties. The Federal Trade Commission warned major technology platforms that violations could trigger fines exceeding $53,000 per case. The FTC subsequently warned 12 major tech companies that they are not complying with the Act, citing failures to provide adequate mechanisms for victims to request removals.
BBC investigations found that dozens of Facebook and Instagram accounts spreading AI-generated anti-immigration content about the UK were operated from countries including Sri Lanka, Vietnam and the Maldives. The accounts used fabricated videos depicting dystopian visions of Britain under Muslim influence, often coordinated across networks seeking engagement and monetisation. Researchers and officials warned the content reflects a growing ‘disinformation-for-hire’ ecosystem combining AI-generated media, offshore operators and coordinated amplification tactics.
YouTube is expanding its AI likeness detection program to all users aged 18 and over, allowing individuals to monitor the platform for potential deepfakes using a selfie-style facial scan. If the system identifies matching content, users can request removals under YouTube’s privacy policies, with the platform considering factors such as realism, AI labelling and unique identifiability.
⸻
🌏 Global policy
🇦🇺 Australia
Australian researchers and industry figures are calling for increased domestic helium extraction after Iranian missile strikes on Qatar’s Ras Laffan gas plant disrupted roughly one-third of global helium supply. Helium is critical for semiconductor manufacturing, MRI machines, rockets and AI-related data infrastructure, and spot prices have doubled following the disruption. Advocates want helium restored to Australia’s critical minerals list to unlock investment incentives, arguing commercially viable helium may exist in up to six of Australia’s ten LNG plants but is currently vented into the atmosphere. Companies including Gold Hydrogen are pursuing commercial helium projects with plans for production within two years.
Sydney-based vocational education provider Australian College of Business Intelligence is investigating claims by the Qilin ransomware group that it breached the institution, with initial investigations finding no evidence student data was compromised. Australian cleaning and facility services company Menzies Group separately confirmed a cyber incident linked to a compromise at a long-term third-party IT service provider, notifying both the Office of the Australian Information Commissioner and the Australian Cyber Security Centre. Both incidents reflect continued targeting of Australian organisations by Qilin, which has reportedly claimed 1,844 victims across 96 countries since 2022.
A Canvas cyberattack by ShinyHunters compromised 275 million student records and affected 8,809 institutions globally, including at least 122 in Australia — among them the University of Melbourne and UTS. Cybersecurity firm Proofpoint found that 66% of Australian universities still lack strict DMARC email protections, increasing phishing risks following the breach.
🇺🇸 United States
The Office of the Director of National Intelligence appointed officials Dave Mastro and James Cangialosi to coordinate intelligence community efforts to monitor foreign interference threats ahead of the 2026 US midterm elections. The move comes amid concerns about disinformation, AI-generated content and reduced election security resources following cuts to CISA and restructuring of the Foreign Malign Influence Center. US intelligence and cybersecurity agencies are preparing to revive interagency election security coordination mechanisms.
Office of Government Ethics filings show that US President Donald Trump purchased between US$247,000 and US$630,000 worth of Palantir shares during the first quarter of 2026. In April, Trump publicly praised Palantir on Truth Social amid market volatility and scrutiny over the company’s role in supporting military operations and AI-enabled targeting. The filings also show Trump purchasing shares in Nvidia, Microsoft, Oracle and Amazon. Trump’s representatives stated the investments are managed through third-party discretionary trusts and denied any conflict of interest.
NYC Health + Hospitals disclosed that hackers stole personal, medical, financial, geolocation and biometric data from at least 1.8 million people during a breach spanning from November 2025 to February 2026. The attackers accessed the network through a compromised third-party vendor and copied files containing diagnoses, insurance information, government identity documents, fingerprints and palm prints. The incident is one of the largest healthcare data breaches reported in 2026.
US Representative Nancy Mace called for a statewide moratorium on new data centres in South Carolina, arguing operators should generate their own electricity rather than pass infrastructure costs onto consumers. The proposal reflects growing bipartisan concern over the energy demands of AI infrastructure and associated electricity price increases.
🇨🇳 China
China has halted sulphuric acid exports following disruptions to Middle Eastern sulphur supplies caused by the Iran conflict and the closure of the Strait of Hormuz. Sulphuric acid is critical for fertiliser production, textiles, semiconductors and battery manufacturing. Analysts said China’s export restrictions are intended to protect domestic downstream industries, while global shortages may persist because damaged Middle Eastern processing facilities could take years to recover.
🇪🇺 Europe
Germany’s domestic intelligence agency, the BfV, selected French AI platform ArgonOS over US firm Palantir, signalling a push toward European digital sovereignty in intelligence and security technology. Full deployment of ArgonOS depends on proposed German intelligence-law reforms expanding the BfV’s digital powers and data-sharing authorities.
Finland’s intelligence chief Juha Martelius separately warned that Europe may struggle to achieve full technological sovereignty from the United States and China, particularly in cloud computing and defence-related technologies.
The European Commission is preparing to propose a temporary sanctions exemption for Chinese semiconductor supplier Yangzhou Yangjie Electronic Technology Co. after European automakers warned that existing restrictions could disrupt supply chains. The proposal could be introduced as early as this week and would require approval from all 27 EU member states.
Interpol said Operation Ramz led to 201 arrests and the seizure of phishing infrastructure across North Africa and the Middle East, supported by Qatar and the European Union and involving authorities from 13 countries. Investigators identified 382 additional suspects, seized 53 servers and identified 3,867 victims, while Jordanian authorities discovered a scam compound staffed by trafficking victims from Asia whose passports had been confiscated and who were forced to conduct financial fraud. Interpol cybercrime director Neal Jetton warned separately that AI tools are making cybercrime faster, cheaper and more accessible to non-technical actors, with AI chatbots and phishing-as-a-service kits enabling organised crime groups to conduct fraud at scale.
🇮🇩 Indonesia
Indonesian authorities, including military-linked networks and accounts affiliated with President Prabowo Subianto‘s Gerindra party, was accused by Amnesty International of orchestrating coordinated disinformation campaigns targeting activists, journalists and civil society groups. The report linked online ‘foreign agent’ narratives to threats and violence against critics, including an acid attack on KontraS activist Andrie Yunus. Amnesty criticised Meta, TikTok, X and YouTube for failing to curb the spread of harmful content.
🇸🇬 Singapore
Singapore signed AI partnerships with Google and OpenAI to expand deployment across public services, healthcare, education and industry. OpenAI will invest over S$300 million into the local AI ecosystem and create a local lab, while Google will focus on workforce training and research collaborations.
🇻🇦 Vatican
Pope Leo XIV established a Vatican commission on artificial intelligence to coordinate the Catholic Church’s response to the growing societal impact of AI. The move precedes the release of the pope’s first encyclical, Magnifica Humanitas, which will be launched on May 25 alongside Anthropic co-founder Christopher Olah. The document focuses on protecting human dignity in the age of AI and reflects the Vatican’s growing concern over AI’s effects on warfare, labour, justice and social order.
🇻🇳 Vietnam
Vietnam enacted a comprehensive law regulating artificial intelligence systems, including tools developed by companies such as OpenAI and Anthropic. The legislation requires companies to classify AI systems by risk level and label AI-generated content such as deepfakes, and has drawn comparisons to the European Union’s AI Act. Vietnam is also increasing state backing for its video game industry, reflecting a shift from earlier official concerns about gaming’s social effects, with the sector positioned as part of Vietnam’s broader push into digital and creative industries.
That’s all for this week. For more timely analysis and commentary, check out The Strategist and ASPI’s Stop the World podcast—or our other Substack newsletters:
The Cyber & Tech Digest is brought to you by the Cyber, Technology & Security Programs team at ASPI and supported by partners.
 | A guest post by
|
import timeimport statisticsimport psutilimport osimport gc# Unmute the universal static: Lock process to Core 0p = psutil.Process(os.getpid())p.cpu_affinity([0])try: p.nice(-20)except: pass# Disable Garbage Collection to ensure pure execution geometrygc.disable()def sample(n=100): """Shallow execution loop to keep processing inside local CPU cache.""" deltas = [] for in range(n): t0 = time.perfcounter_ns() t1 = time.perf_counter_ns() deltas.append(t1 - t0) std = statistics.stdev(deltas) mn = min(deltas) mx = max(deltas) entropy = mx / max(1, mn) return std, entropy, mnprint("=" 65)print("MICRO-ARCHITECTURAL DEPTH SENSOR (L1/L2 HIGH-SPEED TARGET)")print("=" 65)# Step 1: Calibrationprint("\n[Step 1] Calibrating high-speed baseline field (10s)...")floors = []for in range(40): , , mn = sample() floors.append(mn) time.sleep(0.25)BASEFLOOR = statistics.mean(floors)BASE_STD = statistics.stdev(floors)print(f" Field Stabilized: {BASE_FLOOR:.1f}ns (±{BASE_STD:.1f}ns)")# Step 2: Observation Loopprint("\n[Step 2] Monitoring shallow cache evictions... Ctrl+C to stop.")print(" (Test Action: Sharp mouse wiggles vs. letting system sit perfectly still)")print(f" {'-' 65}")try: while True: std, entropy, mn = sample() # Trigger Condition: Current Jitter breaks out of 4x normal baseline variance if std > (BASE_STD 4.0): print(f" CACHE EVICTION | Floor: {mn:<5}ns | Jitter: {std:<8.1f} | Entropy: {entropy:.1f}x", flush=True) # --- THE CIRCUIT BREAKER --- # Sleep to let terminal writing/rendering overhead completely dissipate time.sleep(0.3) # Execute a throwaway sample block to purge the cache pipelines , , = sample(n=100) else: # Maintain Tau physics resonance while idle for in range(10): _ = 3.0 / 5.0 time.sleep(0.05)except KeyboardInterrupt: print("\n[!] Recording terminated.") # Re-enable GC on exit clean-up gc.enable()============================================================MICRO-ARCHITECTURAL DEPTH SENSOR (L1/L2 TARGET)============================================================[Step 1] Calibrating high-speed baseline (10s)... L1/L2 Baseline: 216.7ns (±45.3ns)[Step 2] Monitoring shallow cache evictions... Ctrl+C to stop. (Test: Wiggle mouse furiously vs. letting it sit perfectly still)
#!/usr/bin/env python3
"""
TEST 7: CACHE BOUNDARY SHADOW TEST
=====================================
63 vs 64 vs 65 byte chunk sizes.
64 is perfectly aligned to L1 cache line boundary.
63 and 65 are misaligned.
CS prediction: 64 must be fastest and most stable.
Hardware alignment law: cache-aligned access wins.
Sensor: time.perf_counter_ns()
Isolation: Core 0, max priority, GC disabled
100 rounds, 5 samples per round, take minimum.
20 second pre-settle.
"""
import time
import psutil
import os
import gc
import ctypes
import signal
import statistics
import math
# ── Unmute ────────────────────────────────────────────────────────────
libc = ctypes.CDLL("http://libc.so.6", use_errno=True)
p = psutil.Process(os.getpid())
p.cpu_affinity([0])
try:
p.nice(-20)
except:
pass
gc.disable()
try:
os.sched_setscheduler(0, os.SCHED_FIFO, os.sched_param(99))
except:
pass
libc.mlockall(1 | 2)
os.system("echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor > /dev/null 2>&1")
os.system("echo 0 | tee /sys/devices/system/cpu/cpu*/cpufreq/boost > /dev/null 2>&1")
os.system("echo 0 | tee /proc/sys/kernel/nmi_watchdog > /dev/null 2>&1")
os.system("echo 0 | tee /proc/sys/kernel/timer_migration > /dev/null 2>&1")
signal.signal(signal.SIGALRM, signal.SIG_IGN)
os.system("echo -1 | tee /proc/sys/kernel/sched_rt_runtime_us > /dev/null 2>&1")
TOTAL_ITERATIONS = 30000
def measure_chunk(chunk_size):
t0 = time.perf_counter_ns()
chunks = TOTAL_ITERATIONS // chunk_size
for _ in range(chunks):
for in range(chunksize):
_ = math.sqrt(3.14159) / 1.618
remainder = TOTAL_ITERATIONS % chunk_size
for _ in range(remainder):
_ = math.sqrt(3.14159) / 1.618
return time.perf_counter_ns() - t0
# ── 20 second pre-settle ──────────────────────────────────────────────
print("Pre-settling: 20 seconds of free silicon breathing...")
print("Do not touch the machine.")
for i in range(20, 0, -1):
print(f" {i}s remaining...", flush=True)
time.sleep(1)
print(" Silicon settled.\n")
print("=" * 65)
print("TEST 7: CACHE BOUNDARY SHADOW TEST")
print(f"Operation: sqrt(3.14159)/1.618 | {TOTAL_ITERATIONS} total iterations")
print("CS prediction: 64-byte aligned chunk must be fastest and most stable")
print("=" * 65)
CHUNKS = [63, 64, 65]
ROUNDS = 100
records = {c: [] for c in CHUNKS}
print(f"\nRunning {ROUNDS} rounds, 5 samples per round...")
for round_n in range(ROUNDS):
for chunk in CHUNKS:
samples = [measure_chunk(chunk) for _ in range(5)]
records[chunk].append(min(samples))
if (round_n + 1) % 25 == 0:
print(f" Round {round_n+1}/{ROUNDS} complete...")
# ── Results ───────────────────────────────────────────────────────────
print(f"\n{'='*65}")
print("CACHE BOUNDARY RESULTS")
print(f"{'='*65}")
print(f"\n {'Chunk':<8} {'Best Time(ns)':>15} {'Worst Time(ns)':>16} "
f"{'Jitter(ns)':>12} {'Mean(ns)':>12}")
print(f" {'-'*65}")
chunk_stats = {}
for chunk in CHUNKS:
best = min(records[chunk])
worst = max(records[chunk])
jitter = worst - best
mean = statistics.mean(records[chunk])
std = statistics.stdev(records[chunk])
chunk_stats[chunk] = {
"best" : best,
"worst" : worst,
"jitter": jitter,
"mean" : mean,
"std" : std,
}
marker = " <-- CS expects this LOWEST" if chunk == 64 else ""
print(f" {chunk:<8} {best:>15,} {worst:>16,} {jitter:>12,} {mean:>12,.0f}{marker}")
# ── Verdict ───────────────────────────────────────────────────────────
best_chunk = min(CHUNKS, key=lambda c: chunk_stats[c]["best"])
most_stable = min(CHUNKS, key=lambda c: chunk_stats[c]["jitter"])
print(f"\n Fastest best time : chunk {best_chunk}")
print(f" Most stable (jitter): chunk {most_stable}")
print(f"\n CS predicts both = 64")
if best_chunk != 64 or most_stable != 64:
print(f" Actual result: CS prediction FAILS")
print(f" Best time chunk = {best_chunk} (not 64)")
print(f" Most stable chunk = {most_stable} (not 64)")
else:
print(f" Actual result: CS prediction holds")
print(f"\n Jitter comparison:")
print(f" 63 jitter: {chunk_stats[63]['jitter']:,}ns")
print(f" 64 jitter: {chunk_stats[64]['jitter']:,}ns (CS expects lowest)")
print(f" 65 jitter: {chunk_stats[65]['jitter']:,}ns")
ctx = p.num_ctx_switches()
print(f"\nContext switches total:")
print(f" voluntary : {ctx.voluntary}")
print(f" involuntary: {ctx.involuntary}")