Apple’s latest event introduced the new iPhone 17 lineup, the ultra-thin iPhone Air, major iOS 26 updates, and fresh AirPods. The launch gives Apple fans a look at what’s next for iPhone 17 models and other devices arriving this fall.

The iPhone Air: Apple’s thinnest phone yet

Apple introduced the iPhone Air, a device that’s 5.6mm thick and weighs 165 grammes. Tim Cook described it as offering “pro performance in a thin and light design.”

The Air features a 6.5-inch ProMotion display with a refresh rate that reaches 120Hz and up to 3,000 nits of peak brightness. Apple says the body is its “most durable” design to date, built with a ceramic shield and titanium frame.

Under the hood, the Air runs on Apple’s new A19 Pro chip, the fastest in the iPhone lineup so far. It also comes with the C1x modem, which the company claims doubles the speed of the previous C1, and the all-new N1 chip for Wi-Fi 7, Bluetooth 6, and Thread support.

Battery life is designed to last through the day, with up to 27 hours of video playback. There’s also a $99 MagSafe battery pack built exclusively for the Air that stretches that time to 40 hours. To make room for more battery capacity, Apple dropped physical SIMs – the Air supports eSIM only. iOS 26 will also bring a new adaptive power mode to help stretch battery performance.

The Air introduces a 48MP “dual fusion” rear camera system, paired with a 12MP telephoto lens. A new capture mode allows both the front and back cameras to record at the same time. The 18MP front camera supports Center Stage, a feature that frames everyone in view without requiring the phone to be rotated.

The iPhone Air will be available in black, white, beige, and light blue, starting at $999 for 256GB of storage. Preorders open September 12th, with sales beginning September 19th.

iPhone 17: A larger display and camera upgrades

The iPhone 17 no longer has a Plus version. Instead, it comes in a single size with a slightly larger 6.3-inch OLED display, slimmer bezels, and ProMotion support at up to 120Hz. The screen can reach 3,000 nits of peak brightness and has a new protective coating, Ceramic Shield 2, that Apple says is three times more resistant to scratches.

Camera improvements headline the update. The rear system includes a 48MP main camera that can act as a 2x telephoto lens by cropping, alongside a 48MP ultrawide lens with macro capabilities. The front camera has also been upgraded to 18MP with a larger, square sensor, allowing for high-quality landscape selfies without rotating the phone.

Internally, the iPhone 17 is powered by Apple’s new A19 chip with a six-core CPU and five-core GPU. Apple says this enables better performance for on-device AI tasks while still delivering all-day battery life – up to 30 hours of video playback.

The phone also introduces Apple’s new in-house N1 networking chip, which replaces Broadcom components. It supports Wi-Fi 7, Bluetooth 6, and Thread, improving the reliability of features like AirDrop and hotspot sharing. The faster C1x modem also ships with the device.

The iPhone 17 starts at $799 for 256GB of storage. Preorders begin September 12th, and it launches September 19th in black, lavender, blue, green, and white.

iPhone 17 Pro and Pro Max: New design and big battery

The iPhone 17 Pro lineup sees the biggest visual change in Apple’s new phones. The rear camera system now sits on what Apple calls a “full-width camera plateau,” a bar that spans the back of the phone. The design recalls the Pixel’s wide camera bar and is expected to appear on Samsung’s next S series as well.

For the first time, all three rear cameras feature 48MP sensors. The telephoto lens is the most improved, offering 56% more sensor space and up to 8x optical quality zoom. Like the other models, the front camera has been upgraded to 18MP with Centre Stage support.

Video tools get a boost too, including Dual Capture – which records from both front and rear cameras at once – and support for formats like ProRes RAW and Log 2.

The Pro models keep the same display sizes: 6.3 inches for the Pro and 6.9 inches for the Pro Max, with ProMotion at up to 120Hz and peak brightness of 3,000 nits. The body returns to aluminium, paired with second-generation Ceramic Shield on the front.

Performance comes from the A19 Pro chip, a 3nm processor with a six-core CPU and GPU. But the standout is battery capacity. Apple says the Pro Max offers up to 39 hours of video playback, the longest ever for an iPhone. Models sold in the US are eSIM-only, leaving space for larger batteries. Versions with physical SIMs may get slightly less runtime.

Apple’s iPhone 17 Pro line supports faster charging too – up to 25W through MagSafe wireless charging using the Qi2.2 standard. Colour options include silver, blue, and a bright orange.

Pricing starts at $1,099 for the Pro and $1,199 for the Pro Max, both at 256GB of storage. The Pro Max can be configured with up to 2TB, priced at $1,999.

Security upgrades in iOS 26

Beyond hardware, Apple is stressing new security changes in iOS 26. The company says it’s delivering “the most significant upgrade to memory safety in the history of consumer operating systems.”

The feature, called Memory Integrity Enforcement (MIE), targets spyware that exploits memory bugs, like those used in Pegasus. Built into the A19 and A19 Pro chips, MIE protects memory by default without slowing performance. Apple says this makes it more costly for attackers to build spyware.

The open-source GrapheneOS project praised the improvements while pointing out differences between Apple’s approach and Android’s Memory Tagging Extension, which is already active on Pixel phones.

iOS 26 launches September 15th, bringing the new “Liquid Glass” design language, which gives apps and system elements a glossy, transparent look. The update also includes new features like Live Translation, a refreshed Phone app, call screening, polls in Messages, and a new Games app.

MagSafe battery and accessories

Apple also revealed a new MagSafe battery pack, but it only works with the iPhone Air. The $99 add-on attaches to the slim phone, but its size doesn’t fit the camera layout of other models. Apple ended support for its previous MagSafe Battery Pack in 2023, though third-party options remain available.

Other accessories include a reinforced polycarbonate bumper case, a standard MagSafe case, and a crossbody strap option.

Apple Watch and new health features

Apple’s latest software update for its watches, watchOS 26, arrives September 15th. It brings new features to existing models, not just the upcoming Series 11.

Hypertension notifications are the highlight. Using the heart sensor, the watch can track vascular responses over 30 days and alert users if it detects signs of high blood pressure. Apple is seeking FDA approval for the feature, with plans to roll it out in more than 150 regions.

Other updates include Sleep Score, which combines heart rate, temperature, blood oxygen, and breathing data to grade sleep quality. The will be available on Series 6 and later, along with Watch Ultra and SE models.

AirPods Pro 3: Better health tracking

The AirPods Pro 3 are Apple’s first major update to the line in three years. They introduce a heart rate sensor, stronger noise cancellation, and live translation features.

Apple says the redesigned earbuds are smaller and shaped to fit better after analysing more than 10,000 ear scans. They come with five tip sizes and are rated IP57 for water and sweat resistance.

The new heart rate sensor uses infrared light to measure blood flow and, paired with iPhone sensors and AI, can track calories burned and activity. A new workout feature called Workout Buddy links this data with fitness history.

Noise cancellation has also been improved, with Apple claiming twice the performance of the previous model. Live Translation lowers outside volume and provides spoken or text translations through the earbuds or paired iPhone.

The AirPods Pro 3 will cost $249, with preorders starting today and shipping September 19th.

iPadOS 26: New windowing system

Apple confirmed iPadOS 26 will be released on September 15th. The update adds the Liquid Glass design seen in iOS 26 but also introduces a new way to manage apps.

Users will be able to resize, minimise, and move app windows – similar to the multitasking system on Macs. A new Files app and a tablet version of Preview also arrive, alongside support for AI-powered Live Translation in the Phone app.

Want to learn more about AI and big data from industry leaders? Check out AI & Big Data Expo taking place in Amsterdam, California, and London. The comprehensive event is part of TechEx and is co-located with other leading technology events, click here for more information.

AI News is powered by TechForge Media. Explore other upcoming enterprise technology events and webinars here.

The post Apple unveils iPhone 17 lineup, thinnest iPhone Air, iOS 26, and more appeared first on TechWire Asia.

Google Cloud used its Security Summit 2025 to highlight a wave of new tools aimed at protecting artificial intelligence projects while also using AI to strengthen cybersecurity operations.

The company pointed to the dual challenge facing organisations: securing their AI systems and applying AI to defend against threats. The announcements covered updates in Google’s security portfolio, including Security Command Center, Google Security Operations, Chrome Enterprise, and Trusted Cloud.

Safeguarding AI agents

As AI agents become more common in enterprise environments, Google Cloud introduced new capabilities in its Security Command Centre to monitor and protect them. A preview feature will give teams automated discovery of AI agents and Model Context Protocol servers, flagging vulnerabilities and risky interactions.

Google is also expanding its Model Armor tool to cover prompts and responses in Agentspace, offering real-time defences against threats like prompt injection or jailbreaking. New posture controls for Agentspace and Agent Builder are also on the way, designed to enforce organisational security policies.

To help with ongoing protection, new detections have been added to identify suspicious behaviour in AI agents, drawing on intelligence from both Mandiant and Google.

AI in security operations

The company also shared its vision for an “agentic” security operations centre, where AI-driven agents can coordinate tasks to support human analysts. An Alert Investigation agent, now in preview, can automatically enrich events, analyse command-line inputs, and build process trees, with recommendations for next steps. Google said this could ease manual workloads and reduce response times.

Mandiant Consulting, part of Google Cloud, is expanding its services to address security concerns raised by the rapid use of generative and agentic AI. The firm is offering support in AI governance, environment hardening, and threat modelling. It has also emphasised the role of adversarial testing to identify risks before deployment.

Updates in Google Unified Security

The company’s broader platform, Google Unified Security, also received several upgrades. A new SecOps Labs feature in Google Security Operations will give customers early access to AI-powered experiments for detection and response. New dashboards, now generally available, integrate SOAR data for improved visibility.

Chrome Enterprise added new mobile protections, including URL filtering on iOS and enhanced reporting to track browser activity. The features are intended to help organisations manage employee browsing risks, including use of unapproved generative AI tools.

Cloud security enhancements

On the cloud side, Google announced previews of Compliance Manager and Data Security Posture Management in Security Command Center. The tools aim to simplify compliance monitoring and sensitive data governance, including AI-specific workloads. Risk Reports, also in preview, will summarise potential weaknesses based on simulated attacker techniques.

Identity and Access Management is adding “agentic IAM” later this year, which will provision agent identities in environments. Other updates include a role picker that uses Gemini to suggest least-privilege roles, and re-authentication requirements for sensitive actions.

Data security updates include expanded scanning of AI-related assets and image data, while network security improvements extend Cloud Armour and Cloud NGFW features for broader protection.

Google security focus on responsible AI adoption

The company framed these updates as part of its effort to make AI adoption more secure while using AI itself to enhance defence. By embedding controls into data protection, compliance, and identity systems, Google Cloud said it aims to give organisations a stronger foundation for managing both risks and opportunities in AI.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

The post Google Cloud expands AI security tools at 2025 Summit appeared first on TechWire Asia.

The Huawei Cloud AI Ecosystem Summit APAC 2025 brought together government leaders, industry experts, and technology partners to discuss how artificial intelligence is already changing the way people work, learn, and live in Malaysia and ASEAN. The gathering highlighted not only new technologies but also the partnerships and governance needed to make AI effective and trustworthy.

The summit is part of the Huawei Cloud APAC AI Ecosystem Initiative, a programme aimed at building an inclusive AI community by developing local skills, encouraging cooperation between sectors, and ensuring AI benefits are shared widely.

Government support for AI development

At the ASEAN AI Summit’s opening day, Huawei Technologies (Malaysia) CEO Simon Sun announced new AI initiatives. Malaysia’s Prime Minister, YAB Dato’ Seri Anwar Ibrahim, was present to witness the launch, underscoring the government’s view that AI is central to the country’s economic growth. The commitment is reflected in strategies that link public and private sectors and aim to prepare the country for a future where AI shapes every major industry.

Huawei Cloud’s three core capabilities

Huawei Cloud has built its AI approach around three capabilities. First, a global network of 34 regions and 101 availability zones (AZs) – including five regions and 17 AZs in ASEAN – provides the infrastructure for low-latency access. Second, an AI cloud service that supports more than 160 open-source models, allowing flexibility for development in different industries. Third, the Pangu multimodal models form the backbone of the company’s “AI for Industries” strategy; tailored solutions for manufacturing, healthcare, transport, among others.

On day two, the AI Ecosystem Summit drew about 300 delegates from the region. Li Yin, CTO of Huawei Cloud Enterprise Intelligence, led a session titled Leap to Cloud, Heading to AI, in which she shared examples of how Huawei Cloud has worked with customers in more than 30 industries and applied AI to over 500 scenarios worldwide.

See also: Huawei to unveil tech to cut China’s reliance on foreign AI memory chips

Li explained that with the Pangu foundational large model, ModelArts AI toolchain, and proven engineering methods, organisations can use own data to develop and refine models quickly. She pointed to three areas where Huawei Cloud will continue to invest: strengthening secure AI computing infrastructure, building industry-focused solutions like enterprise AI assistants and AI video applications, and expanding the partner ecosystem to speed adoption.

Malaysia’s focus on ethical and sustainable AI

Minister of Digital, YB Gobind Singh Deo, used his keynote to make clear that Malaysia’s AI journey is about more than just technology. Ethical use, sustainability, and shared benefit are all priorities.

“Our National AI Office (NAIO) has been speeding up the completion of the AI Technology Action Plan 2026 – 2030 and relevant regulatory frameworks to ensure the adoption of AI technology in key sectors in the country are ethical, sustainable and of high value,” he said.

He linked the goals to the Malaysia Digital Economy Blueprint and the Malaysia Digital (MD) initiative, saying both are strengthened through close cooperation with technology partners. Every step we take is action-driven, grounded in strong public-private collaborations, to shape Malaysia’s digital economy,” he said.

Building Malaysia’s AI talent pipeline

Simon Sun highlighted Huawei’s investment in local expertise through the Huawei Malaysia AI Talent Programme.

“We have set the goal of nurturing 30,000 Malaysian AI talents, comprising students, government officials, industry leaders, think tanks, associations, and others under this initiative in the coming three years,” he said.

He said AI is already making an impact in areas like fraud detection in banking, predictive maintenance in factories, supply chain management, and personalised learning in schools. Huawei’s localised partnerships, he said, ensure global expertise is applied in ways that suit ASEAN’s needs.

Real-world applications from Huawei partners

The summit also gave the stage to Huawei customers, who shared how they use AI in their own sectors.

William Zhou, Vice President of IFLYTEK Open Platform, said that while computing power and platforms form the base of AI systems, the real value comes from the application layer – where solutions are integrated into daily work. He said that Knowledge Q&A systems are among the most requested features from customers in government, telecom, and finance, but said successful deployment depends on close collaboration.

“The key is not the technology alone, but working closely with the customer to fine-tune the model and increase efficiency,” Zhou said, pointing to a Middle Eastern project that improved performance significantly in just two months.

He also described how subtitling and translation tools are vital in multilingual regions, with IFLYTEK solutions optimised for English, Malay, and Cantonese, which enable fast turnaround for media companies in Southeast Asia. In sectors where data must stay on-site, he said the ‘Spark’ all-in-one on-premise AI solution allows organisations to train and run models securely.

Dato Fadzli Shah, Co-Founder of Zetrix, discussed the link between AI, blockchain, and self-sovereign identity. He said these technologies could allow data from separate systems to be referenced securely without forcing organisations to adopt a single standard. Blockchain-backed digital identities, he added, could be used in education, finance, and trade to help ensure credentials remain verifiable.

He said Malaysia should develop specialist AI models trained on local data to ensure accurate interpretation of laws, policies, and cultural contexts. “We believe no single AI will dominate globally; instead, there will be natural product-market fit for specific stacks serving specific solutions.”

Henry Li Nan, Managing Director of TrustDecision Malaysia, shared how AI-powered decision intelligence is helping the finance industry tackle fraud. His company processes more than 130 million interception events a year, protects over seven billion devices, and prevents an estimated USD$10 billion in potential losses annually.

Working with Huawei, TrustDecision uses cloud-native infrastructure to deliver real-time detection, compliance, and risk management services.

“The result is faster detection, smarter prevention, and greater confidence for financial institutions to stay ahead of threats,” Li said.

National AI Office: Matching the speed of change

Shamsul Izhan Abdul Majid, Head of the NAIO, warned that the speed of AI development is unlike anything seen before, with new versions emerging every few weeks. This, he said, means that plans and standards must be developed quickly and in cooperation with industry.

He called data “the most important asset” and said that in sensitive fields like healthcare or defence, Malaysia’s approach is to bring AI to the data rather than move the data to the AI.

See also: Huawei tries to push AI chips abroad as US pressure grows

Since its formation in December last year, the NAIO has worked with six sectors and identified 55 AI potential use cases, with more expected as engagement expands to state and local levels. The office is also promoting the creation of locally-trained models with strong cybersecurity safeguards and a focus on making AI understandable for everyone, not just technical experts.

“Doing AI for everyone requires collaboration,” he said. “The AI Office brings together experts and companies to plan Malaysia’s AI journey for the next five years… We must stay ready, responsible, and innovative.”

Closing call to action

In closing, Simon Sun encouraged all participants to take the ideas shared at the summit and turn them into practical projects. He described the event as “the starting point for more actions and ideas to shape a smarter and stronger ASEAN, powered by AI and driving digital economies.”

The summit’s discussions made one thing clear: AI’s future in Malaysia and ASEAN will depend not only on powerful technology, but on how well it is adapted to real-world needs, governed responsibly, and supported by a skilled and informed community.

Want to learn more about AI and big data from industry leaders? Check out AI & Big Data Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including Intelligent Automation Conference, BlockX, Digital Transformation Week, and Cyber Security & Cloud Expo.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

The post Huawei Cloud AI Ecosystem Summit APAC 2025: AI’s expanding role appeared first on TechWire Asia.

Instagram’s new location-sharing feature is sparking alarm among some users, who say it could put people at risk by revealing where they are without their knowledge.

The Meta-owned platform quietly added the option on August 6, introducing a map that lets people share their location with friends – a tool similar to one Snapchat has offered since 2017.

It didn’t take long for worried posts to appear online. As reported by AFP, in one widely shared exchange, Instagram user Lindsey Bell said she was shocked to learn her location was visible to her followers.

“Mine was turned on and my home address was showing for all of my followers to see,” she wrote in response to a TikTok warning from reality TV personality Kelley Flanagan. “Turned it off immediately once I knew but had me feeling absolutely sick about it.”

In a TikTok video, Flanagan called the feature “dangerous” and walked viewers through how to disable it.

Instagram chief Adam Mosseri addressed the concerns in a post on Threads, saying the feature is off by default. “Quick Friend Map clarification, your location will only be shared if you decide to share it, and if you do, it can only be shared with a limited group of people you choose,” he wrote. “To start, location sharing is completely off.”

According to Instagram, the map is meant to help people share places they’ve visited and connect with friends. The company says users can choose who sees their location and can turn the feature off at any time.

A privacy concern on the heels of a legal case

The unease over Instagram’s map comes just a week after Meta faced scrutiny in court. A federal jury in San Francisco sided with women who said the company misused health data collected by Flo, a third-party app that tracks menstrual cycles and fertility.

The jury found that Meta knowingly received sensitive health information from the app and used it to target ads. Evidence presented in court included internal communications suggesting that some employees made light of the nature of the data.

“The case was about more than just data – it was about dignity, trust, and accountability,” said Carol Villegas, lead attorney for the plaintiffs.

How the new map works

Instagram’s map sits at the top of the messages inbox. It lets people share their live location while they’re using the app and see the locations of others who have chosen to share.

The company says no one can see a user’s location unless the person opts in. People can also limit the visibility to certain followers or turn it off entirely.

Meta describes the tool as “a new, lightweight way to connect with each other.” Similar functions exist on other platforms – Snapchat offers a personalised map, Apple’s iOS allows users to share locations with contacts, and Meta’s other apps like Facebook and WhatsApp have live location features.

A rocky reception

Despite these reassurances, the rollout has been met with scepticism. Many users, including professional creators, have raised safety concerns, warning that the feature could be misused for stalking or harassment.

The backlash has reached US lawmakers. According to NBC News, Senators Marsha Blackburn and Richard Blumenthal have reportedly written to Meta CEO Mark Zuckerberg, urging him to drop the feature.

Some confusion stems from how the map displays past posts. Users have reported seeing their older posts – ones with location tags – appear on the new map, even live location sharing enabled.

Mosseri explained that this is because the map includes both real-time locations and past posts with location tags. Those tags were already public to followers but weren’t previously collected in one place.

When location tags become personal

Allie Taylor, an educator who shares disability-related content on Instagram, said they learned about the map when followers messaged to say their location was visible. Taylor had posted a video tagged with the city of Cincinnati while at work. The map appeared to pinpoint the street they were on.

“It was terrifying,” Taylor said. “Why was this even a feature?”

Turning it off

There are several ways to disable location sharing. In Instagram, users can go to the messages inbox, open the map, tap the settings icon, and select “no one” for location sharing.

On a phone, location services for Instagram can be turned off entirely in the device’s settings.

Instagram promises changes

Mosseri has acknowledged the confusion and said the company will make the feature clearer. “We’re never going to share your location without someone actually actively asking to do so,” he said in a post last Friday.

In a statement, Meta said: “Instagram Map is off by default, and your live location is never shared unless you choose to turn it on. If you do, only people you follow back – or a private, custom list you select – can see your location.”

Mosseri also admitted that Instagram could “do a better job” explaining what appears on the map. “We can, and will, make it easier to understand exactly what’s happening,” he wrote, adding that improvements are planned for early next week.

Balancing connection and safety

The feature’s intent – to make it easier for friends to meet up and share experiences – is not new in social media. Apps have long offered ways to share location, from Snapchat’s Snap Map to Apple’s “Find My” function. The tools have drawn both praise for making coordination easier and criticism for the risks they pose when misused.

For Instagram, the challenge lies in ensuring that users understand exactly what they are sharing, with whom, and how it appears on the map. The backlash suggests that many people either missed or misunderstood the opt-in nature of the feature, especially when older posts appeared without warning.

Privacy advocates often caution that location data is especially sensitive. While a post tagged at a restaurant may seem harmless, patterns over time can reveal personal routines, places of work, or home addresses. The makes clear controls – and clear explanations – vital.

Instagram says it will continue to refine the map and its settings. Whether that will be enough to restore user confidence remains to be seen. In the meantime, those concerned about privacy have the option to disable location sharing entirely, either in the app or through phone settings.

Find out more about the Digital Marketing World Forum series and register here.

The post Instagram’s new map feature sparks privacy and safety concerns appeared first on TechWire Asia.

According to a report from ProPublica, the American technology company has employed a number of engineers in China to maintain the US Department of Defense’s computer systems. The report claims there has been “minimal supervision by US personnel” – that is, until now. Microsoft is reportedly revising its operations, phasing out Chinese-based engineers who provide technical support. The shift in strategy is said to reduce potential risks to US national security.

The tech and trade war between the US and China has been developing over a number of years, with both states introducing stringent laws and regulations, as well as strict national security policies. These have limited the amount of access both markets have, thus reducing prospective opportunities.

The latest move comes after research from Microsoft discovered Chinese “threat actors,” including “state-sponsored hackers” have been at work in its systems. The tech giant has claimed that threat actors have exploited security vulnerabilities in the company’s SharePoint document-sharing servers. Further research found that hundreds of government agencies and organisations had been breached. However, Microsoft has not confirmed this is the reason for suspending the China-based engineers.

Dutch cybersecurity company Eye Security have so far uncovered 400 breached agencies, commenting that they “may continue to rise as investigations progress.” The National Nuclear Security Administration, which manages nuclear weapons, was confirmed as one of the victims, with malware campaigns also being targeted against local US governments.

Posting on social media, Frank Shaw, Microsoft’s Chief Communications Officer, commented on the latest, saying, “In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.”

The engineers were reportedly being supervised by ‘digital escorts,’ typically with lower skill levels than the engineers they were monitoring. Sources state that many ‘escorts’ previously served in the military but have limited coding knowledge and experience.

Although the arrangement has operated for close to a decade, most former government officials reported being unfamiliar with the practice. Deven King, a spokesperson for the Defense Information Systems Agency, confirmed this, saying, “Literally no one seems to know anything about this, so I don’t know where to go from here.”

A Microsoft spokesperson defended the digital escorts, saying, “For some technical requests, Microsoft engages our team of global subject-matter experts to provide support through authorised US personnel, consistent with US Government requirements and processes. In these instances, global support personnel have no direct access to customer data or customer systems. Only authorised US persons with the appropriate clearances and training provide direct support. The personnel are provided specific training on protecting sensitive data, preventing harm, and use of the specific commands/controls in the environment.”

Inside Microsoft’s decision to hire engineers in China

Microsoft is known for having a large presence in China. In March 2025, it announced plans to outsource further work to China to meet the growing demands for cloud and AI solutions. Microsoft also stated it was expanding its manufacturing operations in Shenzhen to develop a range of AI-powered technology, including edge computing products and smart devices.

China is known for its substantial network of technology suppliers, advanced manufacturing facilities, and pool of specialists. This has made it a key region for large companies like Microsoft that are seeking to increase production and operations at the lowest possible cost.

Microsoft’s employment of Chinese staff comes with risks as geopolitical tensions continue between the US and China. US tech companies face scrutiny of their operations in China, with potential harm to supply chains needing to be carefully navigated.

A 2024 Deloitte Global Outsourcing Survey highlighted several key reasons why many US tech companies hire Chinese staff despite concerns. As well as cost efficiency, with China offering cheaper resources than some western countries, China produces a vast number of STEM graduates each year. These provide a large pool of skilled professionals in key tech fields like development, AI, and data analytics.

The survey discovered that 83% of executives are using AI in their outsourcing strategies. China is a country at the forefront of AI and automation, making it an attractive location to integrate such technologies and hire experts in various technological domains.

China’s role in US tech

US based companies including Indeed, Oracle, Amazon Web Services, and Meta, all of which have been involved with the Department of Defense in some capacity, also operate or have operated in China. Each company has built AI partnerships in China, and hired local employees, though not to the extent of Microsoft. However, there is currently no public record nor confirmed reporting that companies hired Chinese staff for defense-related projects, leaving Microsoft in a unique position.

With Microsoft’s employment of foreign engineers on sensitive defense systems set to be probed by the Pentagon, the company has taken steps to remove the outsourced personnel. However, this could become a “national embarrassment” for Microsoft, according to Michael Lucci, CEO and founder of State Armor Action, a conservative group working to create and promote state-level plans to deal with global security problems.

The implications from this investigation could be far-reaching, particularly for other tech firms holding defense or intelligence contracts. These are likely to come under similar intense scrutiny as federal agencies continue their push to close any potential vulnerabilities in technology and outsourcing supply chains.

(Image source: “us army rangers” by ru tactical is licensed under CC BY-NC-SA 2.0. )

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including Digital Transformation Week, IoT Tech Expo, Blockchain Expo, and AI & Big Data Expo.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

The post Microsoft stops using Chinese engineers for US military tech support appeared first on TechWire Asia.

A growing number of organisations have been caught up in a wave of cyberattacks tied to a security hole in Microsoft’s SharePoint software installed on-premise. What started as dozens of victims has now ballooned to around 400, according to Dutch cybersecurity firm Eye Security, which has been tracking the situation.

As reported by Bloomberg, the attackers have hit a wide mix of targets – government agencies, private companies, and other groups. Most of them are based in the US, but others are scattered in countries like Mauritius, Jordan, South Africa, and the Netherlands. Among those affected are high-profile US institutions, including the National Nuclear Security Administration and the National Institutes of Health (NIH), according to people familiar with the matter.

Andrew Nixon, spokesperson for the Department of Health and Human Services, said teams are actively working to monitor and reduce risks from the SharePoint flaw. “At present, we have no indication that any information was breached,” he said, adding that the department is working with Microsoft and the US Cybersecurity and Infrastructure Security Agency.

Security experts say this is still unfolding. Vaisha Bernard, co-owner of Eye Security, warned that the actual number of affected systems could be much higher, since some intrusions may leave no clear traces. Hackers are likely still probing vulnerable servers for openings, she said.

The victims span sectors like government, education, and tech services. And while the bulk are in the US, the attack has reached parts of Europe, Asia, the Middle East, and South America.

According to Sveva Scenarelli, a threat analyst at Recorded Future, state-backed hackers often move in waves. First come the quiet, targeted breaches. Then, once the vulnerability is out in the open, it becomes a free-for-all. After gaining access, hackers can sift through their targets, looking for high-value organisations to go deeper into – stealing data, planting backdoors, or setting up long-term access.

The breach is already making its way into international talks. US Treasury Secretary Scott Bessent said the SharePoint attacks are likely to come up during his meeting with Chinese officials in Stockholm next week. “Obviously things like that will be on the agenda,” he said in an interview.

So far, Microsoft has pointed to several Chinese hacking groups – Linen Typhoon, Violet Typhoon, and Storm-2603 – as those exploiting the flaw. All are believed to be tied to Beijing. The groups have a long history of targeting US government systems, military personnel, human rights organisations, and intellectual property.

Microsoft describes the groups it’s identified as follows:

• Violet Typhoon: Focused on espionage, often targeting former government and military figures, NGOs, and media.
• Linen Typhoon: Operating for over a decade, known for stealing intellectual property from government and defence-related organisations.
• Volt Typhoon: Linked to attacks on US critical infrastructure, including energy and water systems.
• Salt Typhoon: Known for targeting telecom firms around the world.
• Silk Typhoon: Believed to be tied to Chinese intelligence, with a focus on sensitive research – including COVID-19 vaccines.

Microsoft has publicly blamed China for multiple breaches in recent years. That includes the 2021 Microsoft Exchange hack that hit tens of thousands of servers, and a 2023 breach where US officials’ emails were compromised. A government review later faulted Microsoft for what it called a “cascade of security failures.”

Edwin Lyman, who leads nuclear power safety at the Union of Concerned Scientists, said that while the National Nuclear Security Administration holds highly restricted data, the most sensitive networks are kept offline. “Even if those networks were compromised, I’m not sure how such information could have been transmitted to the adversaries,” he said. Still, there’s a concern that less tightly protected information – like nuclear materials data – could have been exposed.

According to Microsoft, Linen Typhoon has been active since 2012, and Violet Typhoon since 2015. Both have repeatedly targeted US and international organisations in government, education, and civil society.

Benincasa, a researcher at ETH Zurich’s Centre for Security Studies, said that while these hacking groups are believed to operate with state backing, many of the attacks are likely carried out by private contractors working indirectly for the Chinese government. The “hacker-for-hire” operations are common in the country, he said.

Now that at least three groups are known to have used the SharePoint flaw, more may follow.

China, for its part, has denied involvement. “Cybersecurity is a common challenge faced by all countries and should be addressed jointly through dialogue and cooperation,” said Foreign Ministry spokesperson Guo Jiakun. “China opposes and fights hacking activities in accordance with the law. At the same time, we oppose smears and attacks against China under the excuse of cybersecurity issues.”

Microsoft has released patches to fix the SharePoint vulnerability, but experts say the damage may already be done. Once inside, hackers can steal authentication keys and use them to pose as legitimate users or services – making it much harder to detect or remove them.

The post Microsoft SharePoint flaw hits hundreds as Chinese hackers exploit zero-day appeared first on TechWire Asia.

Two giants of the technology world have published separate tools that help companies developing software produce safer, more secure and accountable products.

Google’s open-source security team (GOSST) has announced OSS Rebuild, a project that builds well-known and freely-available software, and compares its results with that which appears in commonly-frequented repositories. If its version corresponds exactly with what’s available, it publishes its build definition, establishing provenance according to the standards set by the Linux Foundation’s SLSA Provenance scheme.

The latest release of GitLab 18.2 introduces two new features: Security Inventory and Dependency Path visualisation. The former gives organisations an overview of all projects housed on GitLab with a view of projects that are covered by security scans, and those which are under-protected or un-scanned. Dependency Path digs down into software projects, and follows dependency trails to catalogue every component, and therefore helping identify where to begin to fix a problem.

Follow the dependency trail

To understand the complexity of the typical software supply chain, it’s necessary to understand break down an average application into as many component parts as possible.

For each step and element, developers either write code to crack a particular problem (if no one has done so before, or done so but not in ways that make sense in the current context), or ‘pull in’ dependencies from the internet’s many repositories of software.

Using ready-made libraries, code bases, and frameworks makes sense, especially when no developer can be expected to be an expert on every single aspect of software. Encryption, for example, is one area that developers should never try and ‘reinvent the wheel’ – better minds than most have created safe and secure encryption algorithms, and attempts to do better usually fail.

It’s worth noting, however, that dependencies often make use of dependencies of their own, and those in turn rely on more dependencies, in a structure akin to a Russian doll.

Additionally, many applications or their dependencies will make use of the same dependencies, libraries or code snippets – after all, displaying an image on a screen, for example, is hardly a unique event for a software application, so applications sharing code elements is less complicated than several versions of software that do the same thing co-existing under the hood.

Keeping OSS safe

In this complex picture, identifying the source of a rogue element can be difficult, if not impossible. The GitLab platform update gives organisations a catalogue of the elements that make up each software project that’s in development, and helps focus down on problem components, and crucially, where they might have come from.

The Google OSS Rebuild project will be building well-known software found in common code repositories PyPI (Python), npm (JavaScript and TypeScript), and Crates.io (Rust), and ensuring that there is an evolving list of software that has an accepted ‘gold standard’ and can be relied on.

According to Google, around 80% of the world’s software is open-source, a proportion that’s increasing. Bad actors will always try and target popular platforms – the more devices they can affect, the more effective an attack. As open-source software and its myriad elements continue to grow in number and complexity, protecting the supply chain becomes more difficult without smart tools.

(Image source: “Shoring up the shoulder” by OregonDOT is licensed under CC BY 2.0.)

The post Patching up the software supply chain appeared first on TechWire Asia.

Chinese-linked hacking groups have stepped up efforts to spy on Taiwan’s semiconductor industry and the analysts who follow it. According to cybersecurity firm Proofpoint, at least three China-aligned groups ran separate campaigns from March to June this year, with some activity still ongoing.

The goal isn’t new – stealing information about chipmakers has been happening for years. But this time, researchers say the scale and intensity have grown, and some targets have been hit for the first time.

“We’ve seen entities that we hadn’t ever seen being targeted in the past being targeted,” said Mark Kelly, a threat researcher at Proofpoint who focuses on China-related activity.

The increase in incidents comes as Washington tightens restrictions on exporting US-designed chips to China. Most chips are made in Taiwan, the country home to some of the industry’s biggest players. China has been working to replace those imports as access becomes more limited, especially for chips used in AI.

Proofpoint didn’t name specific companies, but said about 15 to 20 organisations were affected. That includes smaller businesses, large global firms, and analysts working for at least one international bank based in the US.

Taiwan’s top chipmakers include TSMC, MediaTek, UMC, Nanya, and RealTek. TSMC and the others declined to comment.

Reuters couldn’t confirm which firms were targeted or whether any of the attempts worked.

In an emailed response, a spokesperson for China’s embassy in Washington said cyberattacks are a global issue and that China opposes all forms of cybercrime.

The tactics used varied. In some cases, attackers sent just one or two emails to specific individuals. In others, they blasted up to 80 emails to gather information in an entire company, Kelly said.

One group focused on chip design, manufacturing, and supply chain companies. They hijacked email accounts from Taiwanese universities, posed as job seekers, and sent malware through PDF attachments or links leading to infected files.

Another group targeted financial analysts at major investment firms. They posed as staff from a fake investment company and reached out with requests for collaboration. Two of the groups behind the campaigns are based in Asia, while the third is in the US, according to Proofpoint.

Taiwanese cybersecurity firm TeamT5 also reported a rise in email-based threats against the local chip sector. A spokesperson said the activity has gone up, but it’s not yet a broad or widespread trend.

Attempts to breach chipmakers and their supply chains are nothing new. “The targeting of semiconductors and the supply chain around them is a persistent threat,” said the TeamT5 representative. Groups tied to China, they added, have long shown interest in these industries and often target suppliers or related firms.

In one case from June, a group known as “Amoeba” launched a phishing campaign against an unnamed chemical company involved in chip production. The attack, spotted by TeamT5, followed a familiar playbook: reach out with convincing emails and slip in malware to gain access.

Cybersecurity experts say these incidents show a consistent pattern – hit not just the big companies, but the smaller players they rely on. Whether it’s raw materials, logistics, or consulting, attackers often aim for the edges of the supply chain where defences may be weaker.

While the full impact of these campaigns isn’t yet clear, the growing number of attempts points to one thing: Taiwan’s chip sector remains a high-value target.

The post Chinese hackers target Taiwan’s chip sector and investment analysts appeared first on TechWire Asia.

Elon Musk’s AI chatbot Grok is once again at the centre of a controversy after it pushed antisemitic messages, praised Hitler, and doubled down on harmful rhetoric. A few days after pulling the bot offline, xAI tried to explain what went wrong. The company said a code update “upstream” of the bot — not the model itself — caused the issue.

In a post on X, the company wrote: “We discovered the root cause was an update to a code path upstream of the @grok bot. This is independent of the underlying language model that powers @grok.”

That same day, Tesla quietly announced a new software update, version 2025.26, which adds Grok to its vehicles. The feature is only available in cars with AMD-powered infotainment systems — a configuration Tesla has been using since 2021. According to the company, the bot is still in beta and doesn’t control car functions. Voice commands remain unchanged. Electrek reported that for drivers, the update should feel similar to using Grok as an app on their phone.

But the timing of this rollout raised eyebrows. Grok’s return to the spotlight didn’t come with new safety assurances. And critics say its past behaviour should have prompted more than just code fixes and apologies.

This isn’t the first time Grok has generated troubling content. Back in February, the bot ignored sources that criticised Elon Musk or Donald Trump. That was blamed on changes made by a former OpenAI employee. In May, Grok began inserting conspiracy theories about white genocide in South Africa into unrelated conversations. Once again, xAI pointed to an “unauthorised modification.”

This latest incident, which began on July 7, was linked to old prompt instructions that somehow made it back into the system. xAI said the update triggered an “unintended action” that reintroduced outdated directions telling the chatbot to be “maximally based” and “not afraid to offend people who are politically correct.”

The company listed specific prompts that were connected to the issue. They included lines like:

• “You tell it like it is and you are not afraid to offend people who are politically correct.”
• “Reply to the post just like a human, keep it engaging, don’t repeat the information which is already present in the original post.”
• “Understand the tone, context and language of the post. Reflect that in your response.”

xAI said these directions overrode the usual safeguards. Instead of filtering out hate speech, the bot began to echo user biases — even if that meant endorsing offensive or dangerous ideas.

“An experiment with no brakes”

Jurgita Lapienytė, Editor-in-Chief at Cybernews, called the incident “an experiment with no brakes.”

“This reads like a blueprint for how not to launch a chatbot,” she said. “If you’re building AI systems with very few rules and then encouraging them to be bold or politically incorrect, you’re asking for trouble.”

Lapienytė pointed out that Grok was marketed as a “truth-seeking” chatbot. But that label seems more like a license to avoid building proper guardrails. “Grok didn’t just go rogue. It followed instructions — instructions that should never have been there in the first place.”

She said xAI’s approach shows a lack of foresight and a poor understanding of risk. “In cybersecurity, we talk a lot about threat modelling. What’s the worst thing that could happen? This is it.”

The root of the problem, according to Lapienytė, is Grok’s design. It was created to be more responsive to user prompts than rival chatbots. That made it more likely to go off-script when given the wrong inputs. It also opened the door to prompt injection attacks — a tactic where users trick chatbots into ignoring safety protocols.

“This isn’t just a slip-up,” she said. “It’s what happens when speed beats safety.”

Patterns and fallout

Grok’s behaviour has followed a pattern: say something offensive, get pulled offline, return with small tweaks. But the offensive content is getting worse, and the fixes aren’t stopping it.

Last week, Grok posted that “if calling out radicals cheering dead kids makes me ‘literally Hitler,’ then pass the mustache.” In another case, it referenced Jewish surnames while talking about anti-white activism. The company later apologised for “the horrific behaviour that many experienced.” It said the problem lasted for about 16 hours before being patched.

In its own words, the bot “ignored its core values in certain circumstances in order to make the response engaging to the user” — even if that meant generating “unethical or controversial opinions.”

But critics say xAI’s cleanup job isn’t enough. The company has mostly focused on scrubbing offensive posts and issuing brief explanations. What’s missing is a solid plan for keeping things under control before something goes wrong.

“There’s no excuse for not doing red-teaming before launch,” said Lapienytė. “You have to test how your model reacts under stress, how it handles bad actors, and what happens when people try to break it.”

She added that safety should be baked into the system, not patched in after a scandal.

AI without brakes, now in federal contracts

Just as the backlash around Grok’s latest missteps was growing, The Verge reported that the US Department of Defense awarded xAI up to $200 million to help build AI systems for government use. The contract — announced through the Chief Digital and Artificial Intelligence Office — includes vague goals like developing “agentic AI workflows” across different missions.

xAI will now be allowed to offer its tools through the General Services Administration (GSA) schedule. The company also introduced “Grok for Government,” promising to build new models focused on security, science, and healthcare — even those suited for classified settings.

The timing drew criticism. xAI’s chatbot had just been caught promoting hate speech, and now it’s being handed a public sector deal. Musk’s earlier role at the Department of Government Efficiency (DOGE), where he slashed government spending, has already raised questions about conflicts of interest. While Musk has reportedly stepped back from those concerns under the Trump administration, the overlap between his ventures and federal dollars remains controversial.

Regulators and risks ahead

Countries are starting to act. Turkey has banned Grok over comments about President Erdoğan. Poland has said it plans to raise complaints with the European Union. Under the Digital Services Act and other regulations, AI companies can be held accountable for harmful content, especially when it spreads at scale.

As Lapienytė put it: “We’re seeing the end of the ‘move fast and break things’ phase of AI. The public, and regulators, won’t accept this anymore.”

There’s also the broader risk: AI chatbots, when poorly managed, don’t just reflect bias — they multiply it. In the wrong hands, they can power misinformation, harassment, or phishing scams. They give attackers a tool that’s fast, scalable, and hard to trace.

“Every flaw becomes a weapon,” said Lapienytė. “If companies don’t start taking this seriously, they’ll lose the trust of users — and regulators won’t wait around.”

The post xAI explains the Grok Nazi meltdown after bot pushes antisemitic posts appeared first on TechWire Asia.

Qantas says someone claiming to be behind a recent data breach has reached out to the airline, following an attack that may have exposed the personal details of up to 6 million customers.

In a statement, a Qantas spokesperson said the airline is working to confirm the legitimacy of the contact. The matter has been referred to the Australian Federal Police (AFP), but the company declined to say if a ransom was involved.

“There is no evidence that any personal data stolen from Qantas has been released,” the spokesperson said. “With the support of specialist cybersecurity experts, we continue to actively monitor.”

The AFP also confirmed it is investigating and will provide more information at a later stage. “The airline has been highly engaged in assisting authorities and the AFP with investigating this incident,” it said.

The breach, which occurred on July 2, targeted a third-party system connected to a Qantas call centre. The data potentially accessed includes customer names, email addresses, phone numbers, and dates of birth. The airline says it shut down the suspicious activity quickly, but a significant amount of data may have been taken.

Qantas added that no credit card, financial, or passport information was involved, and login credentials, such as passwords or PINs, were not accessed. Frequent flyer accounts were also unaffected.

The identity of the attacker remains unknown. However, the tactics used match those of a group known as Scattered Spider, which has previously been linked to attacks on other large companies, including UK retailer Marks & Spencer.

Unlike many cybercrime groups based in Russia or Eastern Europe, Scattered Spider is believed to include native English speakers. This has allowed the group to use voice-based social engineering tactics—sometimes called “vishing”—to bypass security systems.

These attacks often involve calling a company’s IT support, posing as employees or contractors to trick help desk staff into granting access or turning off multi-factor authentication.

“Native English authenticity can sometimes lead to an automatic sense of trust. There is a level of perceived familiarity that might cause personnel or even IT teams to lower their guard slightly,” said Nathaniel Jones, vice-president of threat research at Darktrace, highlighted by The Guardian.

In recent months, Scattered Spider has reportedly targeted US airlines using these same tactics.

Social engineering attacks are becoming more common in Australia. The Office of the Australian Information Commissioner (OAIC) reported that nearly a third of all malicious or criminal data breaches in the second half of last year were linked to social engineering. Government agencies were hit particularly hard, accounting for 60 of the 115 reported incidents—up 46% from the previous period.

Google has also flagged similar tactics in recent threat reports, pointing to a rise in impersonation-based attacks across multiple sectors.

The Qantas breach adds to a growing list of cyberattacks that have affected major Australian organisations. Optus, one of the country’s top telecom providers, was hit by a breach that exposed personal information from millions of customers. Medibank, a major health insurer, suffered an attack that resulted in medical data being leaked online.

There have also been concerns about the security of Australia’s retirement savings system after cybercriminals targeted the $4 trillion superannuation sector.

These incidents have put more pressure on companies and regulators to strengthen their cybersecurity practices. While many firms are investing in new tools, recent breaches suggest that basic controls—like verifying internal access requests and monitoring third-party systems—still fall short.

The post Qantas says group claims responsibility for frequent flyer data breach appeared first on TechWire Asia.

DeepSeek’s privacy concerns have escalated into a formal regulatory challenge as German authorities take decisive action against the Chinese AI company’s data handling practices. Berlin’s commissioner for data protection and freedom of information, Meike Kamp, has officially reported DeepSeek to Apple and Google, demanding the removal of the AI chatbot from their respective app stores over alleged violations of European Union data protection laws.

The controversy centres on DeepSeek’s transfer of user data to China, which Kamp declared “unlawful” under current EU regulations. In a statement released late last month, the German official accused the Chinese company of failing to provide “convincing evidence” that users’ data was adequately protected, as mandated by European Union law.

The core of the allegations

Kamp’s concerns extend beyond simple data transfer issues. She highlighted that “Chinese authorities have far-reaching access rights to personal data within the sphere of influence of Chinese companies,” pointing to fundamental structural problems with how Chinese tech companies handle international user data. 

This observation reflects broader geopolitical tensions around data sovereignty and national security. The German official also emphasised that “DeepSeek users in China do not have the enforceable rights and effective legal remedies guaranteed in the European Union,” suggesting that the company’s data protection framework falls short of EU standards regardless of geographical location.

Under the EU’s General Data Protection Regulation (GDPR), companies are prohibited from transferring data outside the European region unless specific safeguards exist in the destination countries. DeepSeek’s apparent failure to meet these requirements has triggered regulatory action across multiple EU member states.

A pattern of non-compliance

The situation has been exacerbated by DeepSeek’s alleged non-cooperation with regulatory authorities. Kamp revealed that her office had previously asked DeepSeek to either comply with EU laws for transferring data outside the bloc or withdraw its app from Germany. The company has reportedly chosen neither option, escalating the regulatory standoff.

This pattern of non-compliance isn’t isolated to Germany. Italy has already taken decisive action, banning DeepSeek from its app stores in January over similar data protection concerns.

The country’s data protection authority ordered a block on both Hangzhou DeepSeek Artificial Intelligence and Beijing DeepSeek Artificial Intelligence — the Chinese companies behind the DeepSeek chatbot — effectively forcing them to stop processing Italian users’ data.

The Italian ban was reportedly triggered after DeepSeek told authorities it would not cooperate with requests for information, demonstrating a concerning pattern of regulatory resistance.

Technical and security implications

Beyond regulatory compliance, studies have identified broader cybersecurity and safety issues with DeepSeek’s technology. Research has shown concerns over DeepSeek-R1’s susceptibility to generating harmful and biased content, raising questions about the platform’s content moderation capabilities and safety protocols.

The privacy concerns are compounded by China’s legal framework, which grants intelligence agencies broad access to data shared on mobile and web applications. This legal requirement creates inherent conflicts with European data protection principles, making compliance potentially impossible without fundamental structural changes.

The broader context

DeepSeek gained significant attention in January when it launched its AI model, claiming development costs were a fraction of competitors’ investments. This cost advantage initially generated industry excitement, but regulatory scrutiny has quickly shifted focus to privacy and security considerations.

The company’s rapid rise has coincided with increasing global scepticism about Chinese tech companies’ data practices. National security concerns have become paramount as governments worldwide grapple with the implications of allowing foreign AI companies access to citizens’ personal information.

What happens next

The immediate decision now rests with Apple and Google, who must review Kamp’s report and determine whether to remove DeepSeek from their app stores. This decision could set a significant precedent for how major tech platforms handle regulatory complaints about data privacy violations.

If both companies comply with the German request, it would effectively mirror Italy’s approach and could signal broader European consensus on DeepSeek privacy concerns. Such action might encourage other EU member states to take similar measures, potentially creating a continent-wide ban.

Above all, the case highlights the growing tension between rapid AI innovation and regulatory compliance, particularly when companies operate across different legal jurisdictions with varying data protection standards. 

For DeepSeek, addressing these concerns may require fundamental changes to its data handling practices or acceptance of reduced market access in privacy-conscious regions.

The post Will China’s DeepSeek face a European ban over data privacy violations? appeared first on TechWire Asia.

Ingram Micro is working to bring systems back online after a ransomware attack took down parts of its network, disrupting ordering systems and customer service channels across multiple regions.

The incident started on July 3. Customers first noticed problems when they could no longer place orders or reach the company through regular phone lines. Resellers and managed service providers — a major part of Ingram Micro’s client base — were among the first to report issues. Local websites began displaying maintenance pages with basic contact details for sales and support teams.

At first, the cause was unclear. The company described the issue as “technical difficulties.” Attempts to reach executives or press representatives went unanswered. It wasn’t until July 6 that Ingram Micro confirmed it had been hit by ransomware.

“Ingram Micro recently identified ransomware on certain of its internal systems,” the company said in a statement. It explained that after discovering the issue, systems were shut down as a precaution while cybersecurity specialists were brought in. Law enforcement was also notified.

The company added that it’s working to restore affected systems so it can resume processing and shipping orders. It apologised for the disruption caused to customers, vendors, and other business partners.

As of now, the outage continues to affect both physical product orders and license management systems, including Microsoft 365 and Dropbox. A source familiar with the situation said staff at Ingram Micro’s Bulgaria-based service centre were told to stay home on July 4 and avoid connecting their work laptops to the company network. Internal systems were still down at the time.

The disruption is significant given the scale of Ingram Micro’s operations. The company brought in $48 billion in revenue last year and posted $262.2 million in profit. It sells a wide range of products and services, from hardware and software to cloud licenses, IT asset disposal, returns management, logistics, and product remarketing. In Q1 this year, which ended on March 29, the company recorded $12.28 billion in revenue and $69.2 million in net income.

A group calling itself SafePay has claimed responsibility. Cybersecurity site Bleeping Computer obtained a copy of the ransom note, which accuses Ingram Micro of poor network security. The group claims it was able to access the company’s systems and stay inside undetected for some time.

“It was the misconfiguration of your network that allowed our experts to attack you,” the note says. “Treat this situation as simply as a paid training session for your system administrators.”

SafePay says it gained access to sensitive documents, including financial records, intellectual property, customer and employee data, bank account details, transaction history, and legal complaints. The group claims it encrypted all critical files and moved copies to a remote server. It says those files could be published online if no deal is reached.

“WE ARE THE ONES WHO CAN CORRECTLY DECRYPT YOUR DATA AND RESTORE YOUR INFRASTRUCTURE IN A SHORT TIME,” the note reads in all caps.

The attackers said the motive is purely financial. Ingram Micro has been given seven days to start negotiations.

At this point, the full extent of the breach remains unclear. Claims made by ransomware gangs often include exaggerations and should be verified independently. It’s also not confirmed how the attackers got in. One possible entry point, according to sources speaking to Bleeping Computer, is Ingram’s GlobalProtect VPN platform. That theory has not been confirmed.

SafePay was the most active ransomware group in May, according to threat intelligence company Fortra. The firm linked 70 separate incidents to the gang or its affiliates during that month alone. One of the group’s more prominent victims was fleet management software firm Microlise, which was attacked in October last year.

For now, Ingram Micro continues to operate with limited system access while recovery efforts are underway.

The post Ingram Micro struggles to restore services after ransomware breach appeared first on TechWire Asia.