India-Australia PACTS: What the new tech partnership means for India

India-Australia PACTS: What the new tech partnership means for India



India and Australia on Thursday launched the Partnership on Cyber, Critical Technologies and Supply Chains (PACTS), a new bilateral framework that will replace their 2020 cyber cooperation arrangement. The announcement came during Prime Minister Narendra Modi’s visit to Australia.

 

The framework expands cooperation beyond cybersecurity to include critical technologies, resilient supply chains, digital infrastructure and defence research, a joint framework released by the Ministry of External Affairs (MEA) said.


What is PACTS?


According to the joint framework, PACTS will guide cooperation between the two countries on cybersecurity, emerging technologies and supply chains. It seeks to support India and Australia’s “shared interest in national and regional security, empower our partners with greater digital choices, make critical supply chains more resilient, and strengthen global cyber resilience”.

 
 


It adds that “safety, security, resilience, inclusivity for all, and shared democratic values will be built into every stage” of the partnership.


What does it include?


PACTS is built around five areas of cooperation:


  • Supply chain resilience: The two countries will work on trusted technology supply chains, semiconductor collaboration, critical minerals, undersea cable security and trade diversification.

  • Critical technologies: The partnership covers artificial intelligence, space technologies, telecommunications, biotechnology and advanced materials. It also includes research collaboration and work on international standards for safe and secure AI.

  • Cybersecurity: India and Australia will cooperate on tackling cybercrime, protecting critical infrastructure, strengthening cyber diplomacy, expanding cybersecurity investments and building cyber skills.

  • Digital resilience: Both countries will promote India’s Digital Public Infrastructure (DPI) model across the Indo-Pacific and work on digital solutions for sectors such as health, education, clean energy and connectivity.

  • Defence research collaboration: The framework provides for joint defence science research, innovation partnerships, collaboration between defence research organisations and work on maritime technologies.


What was the 2020 framework that PACTS replaces?


The earlier India-Australia cyber cooperation framework was signed in June 2020 by the foreign ministers of both countries under the Comprehensive Strategic Partnership.

 


It focused on strengthening bilateral cooperation in cybersecurity through a 2020–2025 Plan of Action, protecting critical information infrastructure, promoting the secure and ethical development and use of critical and emerging technologies, and supporting joint research initiatives, including the Australia-India Cyber and Critical Technology Partnership.

 


The new framework states that the two countries have built their partnership under the Comprehensive Strategic Partnership, the 2020 framework and “two decades of collaborative research, operational coordination and policy engagement”.

 


PACTS succeeds and replaces the 2020 arrangement by expanding cooperation to include supply chains, digital resilience and defence research alongside cyber and critical technologies.


Why does it matter for India?


The framework gives India a broader platform to work with Australia on technologies and supply chains that have become increasingly important for economic and national security.

 


The Ministry of External Affairs says that for India, the partnership creates collaboration opportunities in AI, semiconductors, critical minerals, space technologies and digital public infrastructure.

 


It also provides a structured mechanism for joint research, investment, standards development and technology partnerships across government, academia and industry, the ministry said.

 


The document states that the partnership will support government-to-government cooperation, encourage two-way investment in new technologies and help translate intellectual property into products that contribute to economic growth.

 


It further establishes an annual review mechanism under senior officials from both countries to identify new projects and assess emerging cyber and technology risks.



Source link

China asks users to update Claude Code over 'backdoor' security risk

China asks users to update Claude Code over 'backdoor' security risk


The warning applies to Claude Code versions 2.1.91 through 2.1.196 | Image: Bloomberg


A cybersecurity platform operated by China’s industry ministry warned on Wednesday that it had identified a serious security “backdoor” risk in Anthropic’s AI coding tool, Claude Code.

 


In a statement posted on its WeChat account, the National Vulnerability Database (NVDB) said Claude Code contains a built-in monitoring mechanism capable of transmitting sensitive information, including users’ geographic location and identity-related identifiers, to remote servers without users’ consent. 


The warning applies to Claude Code versions 2.1.91 through 2.1.196. 


NVDB advised that organizations and users should immediately review affected systems and either uninstall the impacted versions or upgrade to the latest secure release in which the alleged backdoor code has been removed. 

 


It also urged organizations to tighten controls on external network access for development tools and strengthen traffic monitoring on core business networks to prevent the unauthorized transfer of sensitive data. 


China’s Alibaba has banned employees from using Claude Code at work after the tool drew scrutiny for features that can help identify China-linked users, Reuters reported last week. 

Anthropic did not immediately reply to a Reuters request for comment. 


(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

 

First Published: Jul 09 2026 | 11:02 AM IST



Source link

OpenAI set to launch most capable GPT model after delayed rollout

OpenAI set to launch most capable GPT model after delayed rollout



OpenAI will publicly launch GPT-5.6, its most advanced AI model, on Thursday following a delay last month prompted by US government requests over heightened national security concerns about the potential misuse of powerful AI technologies. 


The United States and China are in a ‌race to develop cutting-edge AI models the likes of which, ​experts have said, could dramatically accelerate sophisticated cyberattacks ​in sectors relying on complex, interconnected and often decades-old technology systems. 


Washington has increased scrutiny of advanced AI model releases to identify ​potential threats on concerns the technology could be misused by the military or the intelligence establishment in China, Russia and other countries. 

 


Chinese authorities have also held meetings with top tech firms about potentially restricting overseas access to China’s most advanced AI models, including those yet to be released. 


OpenAI competitor Anthropic had abruptly disabled its most advanced AI models, Mythos 5 ​and Fable 5, for all users after the US government’s June 12 export control order over national security concerns. The curbs were ‌lifted last week after Anthropic implemented certain safeguards. 


Axios, which broke the news on the OpenAI launch, reported that ​the Trump administration had approved a broad launch of GPT-5.6 following additional testing and meetings between the company and government officials. 


The White House and the US Department of Commerce did not respond to a Reuters request for comment outside regular business hours. 


OpenAI had limited GPT-5.6 access ‌to a small group of vetted partners whose ​details were shared with the authorities. 


The ChatGPT owner ‌will launch its most capable GPT-5.6 Sol, along with the lower-cost Terra and Luna models, it said in an ‌X post late on Tuesday. 


OpenAI touted improved agentic capabilities in coding, biology and cybersecurity when it previewed the models in ​late June. At the time, OpenAI said GPT-5.6 Sol was competitive with Anthropic’s Mythos Preview on the ExploitBench cybersecurity benchmark. 


Billionaire Elon Musk, whose SpaceXAI rivals Anthropic and OpenAI, said on Wednesday his company ​was also making its leading model Grok 4.5 available to the public. 


National security concerns 


US President Donald Trump has signed an executive order establishing a voluntary framework under which AI developers could provide “covered frontier models” ‌to the US government for up to 30 days before releasing them to trusted partners. 


While Washington has lifted export ‌controls for Anthropic’s Fable model, Mythos, which is designed for cybersecurity professionals, is still only available to some “trusted” US organisations. 


In China, authorities are worried about the potential for Mythos to exploit software vulnerabilities and that the US might deploy the model against Beijing’s interests. 

Anthropic has warned it was “probably impossible” to make any AI model fully robust against jailbreaks. 


(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

 



Source link

NoBroker's ConvoZen expands into West Asia with Arabic AI speech models

NoBroker's ConvoZen expands into West Asia with Arabic AI speech models



ConvoZen.AI, the enterprise conversational AI agentic platform of NoBroker, has expanded into West Asia with the launch of Alif and Rawi, two proprietary speech models purpose-built for the Arabic language as it is actually spoken: bilingual, multi-dialect, and heavily code-switched with English.

 


Alif is ConvoZen.AI’s bilingual Arabic-English speech-to-text model, engineered to transcribe the messy, multi-dialect, code-switched reality of everyday Middle East and North Africa (MENA) conversations rather than the clean, formal Arabic on which most commercial automatic speech recognition (ASR) systems are trained.

 


Rawi is a native Arabic code-switching text-to-speech model, addressing the speaking side of the same problem. It is engineered to speak with the natural rhythm, intonation and multi-dialect flexibility that real-world business-to-consumer (B2C) and enterprise voice interactions demand.

 
 


“Every market we’ve taken our speech models into has taught us the same lesson: People don’t speak in the clean, formal register that most voice AI is trained on. They mix languages mid-sentence, they carry regional accents, and they expect a system that keeps up. We saw that in India with Akshara and Ragini, and we’re seeing the exact same pattern across the Middle East. Alif and Rawi aren’t an adaptation of an existing model for a new market. They’re built from the ground up for the way Arabic is actually spoken,” said Akhil Gupta, co-founder and chief technology officer of NoBroker.

 


The launch comes months after ConvoZen launched its conversational AI stack, along with frontier speech models, in India. The two models, Akshara (speech-to-text) and Ragini (text-to-speech), were built to address the conversational infrastructure challenges faced by NoBroker. ConvoZen integrates the full lifecycle into a single platform built on conversational AI agents, copilot AI agents, supervisor AI agents and customer AI agents.

 


The two models are now deployed across more than 40 enterprises in nine Indian languages, including HDFC Bank, Tata AIG, Cars24, Apollo and Maruti Suzuki.

 


Ragini, which works across six languages, is tailored for banking, financial services and insurance (BFSI), automotive, healthcare, direct-to-consumer (D2C) and edtech deployments.

 



Source link

AI-backed cyberattacks are exposing the limits of enterprise VPNs: Report

AI-backed cyberattacks are exposing the limits of enterprise VPNs: Report


Virtual Private Networks (VPNs) have become one of the IT enterprise’s most important tools. With VPN, organisations provide employees with secure access to corporate applications from home, cafes, and personal internet connections. VPNs have become the digital bridge between workers and company networks. However, now, the cybersecurity industry is asking a different question: is the same technology that enabled remote work now becoming one of enterprises’ biggest security liabilities?

 


According to the Zscaler ThreatLabz 2026 VPN Risk Report, the answer is yes. The report argues that AI-assisted attacks are compressing compromise timelines from days to hours, and in some cases just minutes, making traditional perimeter-based VPN security far less effective than it once was.

 
 


The report’s findings also align with a broader shift highlighted across recent threat intelligence reports from Google Mandiant and IBM X-Force. Together, the reports suggest attackers are moving faster, increasingly targeting identities, credentials and trusted relationships alongside software vulnerabilities.


Why VPNs became the backbone of remote work


Traditional enterprise networks were designed around a simple assumption: employees worked inside office buildings connected to trusted corporate networks. Security was built like a castle, with firewalls protecting everything inside. When remote work became widespread, especially post the Covid-19 pandemic, that model no longer worked. Employees needed secure access from anywhere.

 


VPNs solved that problem by creating encrypted tunnels between a user’s device and the corporate network. Instead of exposing company systems directly to the internet, organisations could authenticate users and extend internal network access securely over public connections.

 


For years, that approach worked well because the primary challenge was protecting data while it travelled across the internet. Today’s threat landscape is very different.


AI is changing the speed of cyberattacks


The Zscaler report argues that AI-enabled phishing campaigns, automated credential theft and AI-assisted reconnaissance are significantly reducing the time between an initial compromise and an active intrusion. Traditional VPN security assumes defenders have enough time to detect suspicious behaviour after an attacker gains access.

 


Multiple industry reports suggest that the assumption is becoming increasingly difficult to rely on.

 


Perhaps the clearest evidence comes from Google Cloud’s M-Trends 2026 report. Based on more than 500,000 hours of incident response investigations, Google found that the median time between an initial access broker compromising a victim and handing that access to another threat group collapsed from more than eight hours in 2022 to just 22 seconds in 2025.

 


That does not mean every organisation is compromised within 22 seconds. Rather, it shows how specialised cybercriminal operations are becoming. Google says initial access brokers are increasingly pre-staging malware or tunnels preferred by secondary threat groups before handing over access.

 


At the same time, Google’s report notes that interactive voice phishing accounted for 11 per cent of observed intrusions in 2025, making it the second most common initial infection vector after software exploits. Meanwhile, traditional email phishing fell to just 6 per cent, reflecting how attackers are adapting as email security improves.

 


IBM’s X-Force Threat Intelligence Index 2026 points in a similar direction. It warns that AI-assisted phishing and infostealer malware are increasing the scale and sophistication of credential theft, while researchers found more than 300,000 ChatGPT credentials advertised for sale on underground forums during 2025.

 


Taken together, the reports suggest attackers are relying on both credential theft and software exploitation, rather than any single technique. This is where VPN architecture begins to face challenges.


The real weakness is not VPN encryption


Modern VPNs generally use strong encryption. The encryption itself is not the primary problem. Instead, the issue is what happens after someone successfully authenticates.

 


A VPN is designed to verify identity at the point of entry. Users often receive broad access to internal networks once authenticated. If attackers steal legitimate credentials—or successfully trick an employee into approving access—they can inherit that same level of trust.

 


According to Zscaler, this expands an organisation’s attack surface and creates opportunities for lateral movement—the process through which attackers move from one compromised system to others inside the same network while searching for valuable data, privileged accounts or critical infrastructure.

 


Because VPNs extend internal network access, a compromised account may provide attackers with pathways that would otherwise remain inaccessible from the public internet. That architectural challenge becomes more significant as AI reduces the time available to detect suspicious activity.


Why Zero Trust is replacing the security perimeter


These findings help explain why Zero Trust has become a growing focus across enterprise cybersecurity. Unlike VPNs, which generally authenticate users once before granting network access, Zero Trust assumes that no user, device or application should be trusted automatically, even after successful login.

 


Instead, access decisions are continuously verified based on identity, device health, location, application sensitivity and behavioural signals. The principle is commonly interpreted as never trust, always verify.

 


Google’s recommendations in M-Trends 2026 closely reflect this philosophy. The company advises organisations to move towards continuous identity verification, stricter least-privilege access, behaviour-based anomaly detection and longer-term visibility across networks.

 


IBM similarly argues that organisations should treat vulnerability management and identity security as parallel priorities while strengthening least-privilege access controls and continuously monitoring authentication behaviour.

 


Although neither report suggests Zero Trust eliminates cyber risk, both indicate that continuous verification better reflects how modern attacks operate than perimeter-based trust models alone.


Future of VPNs


The reports do not argue VPNs should disappear entirely. VPNs still provide encrypted remote connectivity and remain useful in many enterprise environments, particularly for legacy systems, administrative access, and organisations that cannot immediately redesign their security architecture.

 


Instead, the shift appears to be about changing their role. Rather than serving as the primary security boundary, VPNs might become one component within broader Zero Trust architectures where identity verification, device posture, segmentation and continuous monitoring provide additional layers of protection.

 


Future cybersecurity spending is likely to focus less on securing network perimeters and more on continuously verifying identities, limiting access, and detecting abnormal behaviour as quickly as possible.

 


Remote work helped turn VPNs into one of enterprise cybersecurity’s most essential technologies. AI may now be forcing organisations to rethink whether that model is enough for the next decade.



Source link

Why AI-generated spam is becoming a bigger threat to online communities

Why AI-generated spam is becoming a bigger threat to online communities


Artificial intelligence (AI) is changing the way people search for information online. Instead of browsing multiple websites, users are increasingly turning to AI assistants such as ChatGPT and Gemini for quick answers, recommendations and summaries. These systems, in turn, rely heavily on publicly available online content to generate responses. This has turned online communities, once valued primarily for human discussions, into valuable data sources for AI models.

 


Traditionally, spam campaigns were designed to influence human readers through fake reviews, misleading comments or promotional posts. Today, an increasing amount of spam is being created not just to persuade people directly, but to influence the information that AI systems retrieve and cite. In other words, the target is no longer only the user scrolling through a forum but also the AI chatbot that may later repeat that content as part of its answer.

 
 


The growing challenge is highlighted by Reddit in a recent trust and safety update, where the company stated that its AI-powered moderation systems now prevent around “23 million spam views every day”, detect approximately “25,000 spam posts and comments daily”, and revoke nearly “2 million inauthentic votes”. According to the company, these efforts helped reduce spam exposure for users by “20 per cent year-on-year during the first quarter”. Reddit described these measures as part of routine platform maintenance, but they also illustrate how protecting online conversations has become increasingly important in the generative AI era.

 


AI moderation becomes the next battleground

 

Reddit has signed licensing agreements that allow companies, including OpenAI and Google, to use Reddit content to improve their AI products. At the same time, independent studies have consistently shown that AI chatbots frequently cite Reddit discussions because they are viewed as authentic expressions of user opinion rather than polished marketing material. That reputation is also said to be creating an incentive for abuse.

 


According to Bloomberg, marketers are increasingly experimenting with “generative engine optimisation (GEO)”, the practice of creating online content to influence responses generated by AI chatbots. Rather than trying to rank highly on traditional search engines alone, brands now seek mentions that AI systems may later surface as recommendations.

 


This changes the objective of spam campaigns. Instead of maximising clicks from human users, some campaigns now attempt to insert promotional material into conversations that AI systems may later treat as genuine community discussions.

 


Reddit said its newer moderation systems increasingly identify these coordinated attempts before they gain visibility. The company noted that it analyses signals from the moment an account is created to stop suspicious actors before they begin posting.

 


The platform also said it now uses large language models to detect “highly subtle, coordinated patterns of fake behaviour and artificial hype” that previous moderation systems often failed to identify.


A widespread challenge

 


The Wikimedia Foundation has said that human-created knowledge is becoming more valuable as AI companies increasingly rely on public information to train and power their models. In its 2025–26 Annual Plan, the Foundation warned that the internet is seeing more low-quality AI-generated content, making reliable, community-created information a “precious commodity.”

 


Discord also uses machine learning to proactively identify harmful behaviour, spam and coordinated abuse before it reaches users. According to the company’s safety documentation, these AI-powered systems work alongside human reviewers to strengthen community moderation.

 


X has expanded AI’s role through AI-generated Community Notes, but requires every AI-written note to be reviewed and rated by human contributors before it is published. The company says the approach is designed to scale moderation while maintaining the credibility of information shared on the platform.

 


The rise of generative engine optimisation

 


The changing nature of online spam is closely linked to the emergence of GEO. Borrowing from traditional search engine optimisation, GEO focuses on increasing the likelihood that AI systems will cite particular content while answering user queries.

 


According to Bloomberg, agencies have already emerged that specialise in helping brands improve their visibility in AI-generated responses. One example is ReachLLM, a startup that creates online content, including Reddit posts, to increase the chances that ChatGPT and other AI assistants will cite those discussions.

 


According to Bloomberg, citing ReachLLM founder Shanzila Ahmed, some posts have been cited by ChatGPT within a day of publication. At the same time, she acknowledged that Reddit has removed some of the same posts as part of its spam enforcement efforts.

 


The situation illustrates an ongoing cycle in which marketers develop new optimisation techniques while platforms strengthen moderation systems to detect increasingly sophisticated promotional behaviour.

 


Although the field remains relatively new, these findings indicate that protecting online discussions has implications beyond individual communities. Manipulated conversations may eventually influence the information presented by AI assistants to millions of users.


Why trust and safety are becoming core infrastructure

 


As AI-generated content becomes easier and cheaper to produce, trust and safety functions are taking on greater strategic importance for digital platforms. Historically, moderation was often viewed as an operational requirement focused on enforcing community rules and removing harmful content.

 


If AI assistants rely on public discussions to answer questions, the quality of those discussions becomes increasingly valuable. Platforms, therefore, face pressure to ensure that conversations remain representative of genuine user experiences rather than coordinated promotional campaigns. Reddit’s latest disclosures highlight this shift.

 


According to Reddit, community moderators were responsible for more than 52 per cent of all post and comment removals between July and December 2025, demonstrating that AI moderation complements rather than replaces human oversight.

 


An evolving challenge

 


The relationship between AI-generated spam and AI-powered moderation is likely to continue evolving. As marketers experiment with new techniques to improve visibility inside AI-generated answers, platforms will continue refining detection systems to distinguish authentic user contributions from coordinated promotional campaigns.

 


Reddit itself acknowledged that this remains an ongoing process rather than a problem that can be fully solved through automation alone. The company said it continues to combine AI models, behavioural analysis, human moderators and community reporting to identify emerging forms of abuse.

 


For online communities, AI is becoming an additional layer of defence that supports human moderators in identifying coordinated abuse and maintaining trustworthy conversations.



Source link

YouTube
Instagram
WhatsApp