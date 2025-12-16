Good morning. It's Wednesday, 17th of December.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.

Follow us on Bluesky, on LinkedIn, and on X.

A deepfake image depicting one of the victims of the Bondi terrorist attack is among a slew of false information that has spread online following the tragedy. ABC News

Venezuela state oil company blames cyberattack on US after tanker seizure but experts have not found evidence linking the attack to the US government. The Record by Recorded Future

Prices for Chinese drone equipment with potential military applications bound for Russia have surged, complicating Moscow’s increasing dependence on China for such products amid Western sanctions. Nikkei Asia

We’re conducting a short survey to better understand how well the Daily Cyber Digest is serving our readers. We would really appreciate your input. Responses are completely anonymous, and it shouldn’t take more than 3 minutes. Find the survey here.

ASPI

Pax Silica can reshape supply chains for greater economic security

The Strategist

John Coyne

Pax Silica sounds like the future because, in many respects, it is. In an era where artificial intelligence is reorganising the global economy, control over the silicon supply chain—from minerals and energy through to chips, computing and data infrastructure—has become a determinant of national power. The question now is whether Pax Silica will become another well-intentioned declaration, or a mechanism that actually reshapes supply, demand and investment behaviour at scale.

We’ve updated ASPI’s Critical Technology Tracker. This expansion incorporates 2025 data, adds 10 new technologies—from generative AI to brain-computer interfaces to geoengineering—and features a new at-a-glance overview of performance across all the technologies we track. Be the first to get early-access invites and launch updates: https://techtracker.aspi.org.au/

World

We mapped the world’s hottest data centers

Rest of World

Hazel Gandhi and Rina Chandran

Data centers, meanwhile, can sprawl over vast areas, and operate most efficiently in cool climates. Despite all that, Singapore is one of the densest data center clusters in the world, with more than 1.4 gigawatts of capacity. Across the world, countries with hot climates are investing millions of dollars in building data centers to meet the growing demand for generative artificial intelligence while also storing data within their own borders.

Australia

Racist and antisemitic false information spreads online following Bondi Beach terrorism attack

ABC News

Maryanne Taouk, Michael Workman and Jonathan Hair

A deepfake image depicting one of the victims of the Bondi terrorist attack is among a slew of false information that has spread online following the tragedy. ABC News Verify has found multiple examples of social media users spreading false information about the attackers and victims — which are receiving millions of views. An article shown an AI-generated image of Mr Ostrovsky having his face painted red alongside a screenshot of the inaccurate result of an AI detector, which claimed the image was “100 per cent human”.

Australian spy agency adopts new look

The Strategist

Meg Tapia

The decision by the Australian Secret Intelligence Service to feature its director-general and operational officers on the Seize the Yay podcast marks a deliberate shift towards public transparency, an unprecedented move for Australia’s most secretive intelligence agency. Coupled with a refreshed brand identity, the move is a recalibration in how ASIS seeks relevance, legitimacy and influence in an era of contested narratives and rising scrutiny of national security institutions. The new brand signals openness and modernity, positioning ASIS as a forward-thinking organisation and strengthening its appeal to top-tier talent seeking purpose-driven careers.

Geopolitics prompts RBA to reprioritise financial system resilience… and cash

The Mandarin

Julian Bajkowski

Countering cyber operations becomes business as usual for banks and the government; cash makes a comeback as an ‘all hazards’ hedge against outages. A top official at the Reserve Bank of Australia has warned that the central bank, along with key financial infrastructure stakeholders, needs to rethink how it can keep operating when hit by external shocks like outages, including keeping sufficient cash in the system as “all-hazards’ digital hedge”.

China

Chinese drone parts prices for Russia soar since Ukraine invasion

Nikkei Asia

Itsuro Fujino

Prices for Chinese drone equipment with potential military applications bound for Russia have surged over the past few years, underscoring Moscow’s increasing dependence on China for such products amid Western sanctions. Companies in China may be taking advantage of this reliance to raise their prices, potentially affecting Moscow’s ability to continue its war in Ukraine. China requires government approval for exports of high-performance drones, as well as related part.

China’s big layoff wave now buffeting its tech sector

Asia Times

Jeff Pao

China’s long‑running wave of corporate layoffs is spreading from manufacturing and property to the technology sector, with some key firms cutting hundreds of engineering jobs as core businesses weaken and artificial intelligence growth remains uneven. Recent job cuts at Baidu and Lenovo’s Infrastructure Solutions Group, alongside years of downsizing at Alibaba Group, show technology is no longer insulated from China’s broader slowdown and job losses.

USA

Senior official at Indo-Pacific Command is set to be Trump’s pick to lead Cyber Command, NSA

Forbes

Martin Matishak

President Donald Trump has taken steps to nominate Army Lt. Gen. Joshua Rudd, the deputy chief of U.S. Indo-Pacific Command, to head the military’s Cyber Command and the National Security Agency. The command and the NSA have been without a permanent leader for more than eight months after Trump abruptly fired the last chief, along with his NSA deputy, following a meeting with far-right activist Laura Loomer. The administration bypassed two potential candidates before turning to Rudd, including the current acting Cyber Command and NSA chief, to serve as the “dual-hat” leader of the two entities.

AI bathroom monitors? Welcome to America’s new surveillance high schools

Forbes

Thomas Brewster

Schools across the U.S. are rolling out AI-powered surveillance technology, including drones, facial recognition and even bathroom listening devices. But there’s not much data to prove they keep kids safe. Inside a white stucco building in Southern California, video cameras compare faces of passersby against a facial recognition database. Behavioral analysis AI reviews the footage for signs of violent behavior. Behind a bathroom door, a smoke detector-shaped device captures audio, listening for sounds of distress.

Texas sues 5 smart TV manufacturers over data collection practices

The Record by Recorded Future

Suzanne Smalley

Texas is suing five major television manufacturers for using technology that records what consumers watch and for allegedly deceiving customers about the practice. Attorney General Ken Paxton on Monday filed suits against Sony, Samsung, LG, Hisense and TCL Technology Group Corporation for using what is known as automated content recognition technology to capture individuals’ viewing habits in real time.

Americas

Venezuela state oil company blames cyberattack on US after tanker seizure

The Record by Recorded Future

Jonathan Greig

Venezuela’s state-run oil company Petroleos de Venezuela said a recent cyberattack has impacted its administrative system. PDVSA published a statement on Monday that confirmed the attack but claimed the company has still been able to operate. The statement blames the cyberattack on the United States — which has increased its military presence around Venezuela in an effort to remove current president Nicolás Maduro.

North Asia

S Korea to invest over $20b in AI, chips in 2026

Tech in Asia

South Korea will invest over US$20.4 billion in 2026 to boost AI, semiconductor, and advanced sectors through a new Public Growth Fund, officials said. The fund is part of a US$102 billion initiative, one of President Lee Jae Myung’s key economic pledges, aimed at accelerating AI adoption and supporting key industries like chips, secondary batteries, and biotechnology over five years.

Southeast Asia

Human‑wave attacks and drones: How Myanmar’s junta is fighting back

Reuters

Naw Betty Han and Shoon Naing

For seven days, rebel fighter Khant and his comrades held the line as Myanmar’s military pounded their positions with artillery and drone strikes. Khant is a veteran of numerous battles against Myanmar’s junta since it seized power in a 2021 coup, but he had seen nothing like the intensity of the fighting in central Myanmar in October.

South & Central Asia

Big bets and broken unicorns: Tiger Global’s rise and reckoning

Rest of World

Issie Lapowsky

In 2019, venture firms poured a record-setting $10 billion into Indian startups. By 2021, that figure had nearly quadrupled, spawning 44 new unicorns — or private companies valued at $1 billion or more — in a single year. The lavish spending spree was backed by a who’s who of top-tier firms from around the world, with Sequoia, SoftBank, and Accel among them. But even then, Tiger Global stood out from the pack.

Ukraine – Russia

Ukraine claims naval first with underwater drone strike on Russian submarine

The Australian

Alistair MacDonald

Ukraine said it had used underwater drones to strike and critically damage a Russian submarine, claiming a first in maritime warfare and mounting a display of Ukraine’s ability to find innovative ways to wound its giant neighbour after nearly four years of war. The Security Service of Ukraine, the SBU, said that it had “effectively disabled” a Russian submarine in the Russian Black Sea port of Novorossiysk. Footage released by the SBU showed an explosion near a docked submarine in a crowded naval port.

Europe

EU presses US for tariff relief on steel, machinery and medtech

POLITICO

Camille Gijs and Antonia Zimmermann

The European Commission is prioritizing getting products containing steel and aluminum, certain types of machinery, and medical devices exempted from U.S. tariffs in its talks with the Donald Trump administration, Trade Commissioner Maroš Šefčovič told POLITICO. The trade chief singled out Washington’s expanding list of “derivative” products containing steel and aluminum — which are subject to a 50 percent tariff — as a priority area where the two sides needed to move forward.

Russia lists German broadcaster Deutsche Welle as ‘undesirable’

Al Jazeera

Russia has labelled Germany’s international broadcaster Deutsche Welle an “undesirable organisation”, essentially banning its operation in the country. The designation appeared in a Ministry of Justice register on Tuesday after Vasily Piskarev, head of the Russian parliament’s Commission for the Investigation of Foreign Interference in Russia’s Internal Affairs, said DW was “at the forefront of hostile anti-Russian propaganda”.

UK

The real winners from Britain and South Korea’s new trade deal

POLITICO

Caroline Hug

The U.K. and South Korea have signed an upgraded free trade agreement, the fourth trade deal Britain has struck in the shadow of Donald Trump’s trade war. Trade Minister Chris Bryant signed the deal with his Korean counterpart Yeo Han-koo at Samsung KX in London on Monday. The deal will boost services exports by £400 million a year in the long run, according to U.K. government estimates, while locking in tariff-free access to 98 percent of tariff lines between the two nations.

Big Tech

Google confirms significant blow to account password security

Forbes

Davey Winder

An email from Google landed in my inbox late on December 15, and it was a security shocker. As reports of massive password compromise continue to dominate the tech media headlines, Google has decided to shut down a service that was designed to help users protect their accounts from hackers using just such a route to attack. Here’s what you need to know about the Google Dark Web Report closure.

Amazon warns that Russia’s Sandworm has shifted its tactics

CyberScoop

Matt Kapko

Researchers said attackers linked to Russia’s military intelligence agency have moved from vulnerability exploits to focus on poorly configured network edge devices to keep its access to target networks. Attackers associated with Russia’s Main Intelligence Directorate GRU have targeted Western-based critical infrastructure with a special focus on the energy sector as part of an ongoing campaign dating back to 2021, Amazon Threat Intelligence said in a report.

Artificial Intelligence

AI models are perfecting their hacking skills

Axios

Sam Sabin

The once-distant prospect of AI models executing cyberattacks fully on their own now looks unavoidable, according to a range of recent academic studies and industry warnings. Why it matters: This is the worst AI tools will likely ever perform, and they’re already unnerving researchers and developers. Leaders from Anthropic and Google will testify Wednesday before two House Homeland Security Committee subcommittees about how AI and other emerging technologies are reshaping the cyber threat landscape.

Misc

The hidden risk in virtualization: why hypervisors are a ransomware magnet

Bleeping Computer

Huntress Labs

Hypervisors are the backbone of modern virtualized environments, but when compromised, they can become a force multiplier for attackers. A single breach at this layer can put dozens or even hundreds of virtual machines at risk simultaneously. Unlike traditional endpoints, hypervisors often operate with limited visibility and protections, meaning conventional security tools may be blind to an attack until it is too late.

New SantaStealer malware steals data from browsers, crypto wallets

Bleeping Computer

Bill Toulas

A new malware-as-a-service information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection. The operation is a rebranding of a project called BluelineStealer, and the developer is ramping up the operation ahead of a planned launch before the end of the year. SantaStealer appears to be the project of a Russian-speaking developer and is promoted for a Basic, $175/month subscription, and a Premium for $300/month.

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security Programs team at ASPI and supported by partners.

Share