TechLetters ☕️ China hacks SharePoint. Russia targets elections. UK firm killed by ransomware. Wi-Fi tracks bodies. US, China race for AI rules.
Security
Chinese cyber threat groups were running cyberattacks exploiting SharePoint ToolShell vulnerability to break into servers and steal sensitive data. They target government agencies, corporations, and universities. Once inside, they steal encryption keys that let them maintain long-term access even after the initial security holes are patched. https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/
NATO condemns Russia’s GRU-backed cyber attacks, including APT28 operations targeting critical infrastructure in multiple Allied states like France, Estonia, and Romania. These persistent intrusions exploit software vulnerabilities for espionage. The EU condemns Russia’s GRU-led hybrid operations, including cyberattacks on France’s electoral systems and Romania’s election disruption. These are part of a coordinated campaign involving sabotage, disinformation , and critical infrastructure targeting. https://www.consilium.europa.eu/en/press/press-releases/2025/07/18/hybrid-threats-russia-statement-by-the-high-representative-on-behalf-of-the-eu-condemning-russia-s-persistent-hybrid-campaigns-against-the-eu-its-member-states-and-partners/ https://www.nato.int/cps/en/natohq/official_texts_237067.htm
Ransomware attack destroyed a 158-year-old British transport firm, forcing it to shut down and lay off 700 workers. A single weak password led to full system compromise and company destruction. https://www.helsinkitimes.fi/business/27485-158-year-old-uk-firm-shut-down-after-cyberattack-exploited-one-password.html
Privacy
Reidentification of people via Wi-Fi by analyzing how body affects signal amplitude. 95.5% detection accuracy. https://arxiv.org/pdf/2507.12869v1
Massive and critical data leak of Tea app exposes 72,000 user images including driver's licenses, selfies, and ratings/comments about men. This breach enables identity theft and doxxing of both rating women and rated men (the app lets users create public profiles for men where anyone can post information - truthful or not - without the target's knowledge). The exposed database lacked basic authentication making the database of private data effectively publicly accessible
Technology Policy
USA announces an AI Action Plan, aimed at securing global dominance in artificial intelligence via: innovation, infrastructure, and international diplomacy. The plan calls for deregulation, promotion of open-source models, and rapid AI adoption in defense, science, and industry. A major focus is placed on countering China in global AI governance. To achieve AI superiority, the US will also "revise the NIST AI Risk Management Framework to eliminate references to misinformation, Diversity, Equity, and Inclusion, and climate change" AND verify Chinese models against alignment with Chinese Communist Party values. The US will also support open weight models that anybody can download and use. This is interesting because US firms are quite behind here, compared to China. US is also against "Codes of Conduct". https://www.whitehouse.gov/wp-content/uploads/2025/07/Americas-AI-Action-Plan.pdf
Meta is ending all political, electoral, and social issue ads across the EU in October 2025, a response to the new EU regulations on political ad transparency. The move protects Meta from "legal uncertainty". It also means fewer civic campaigns and less visibility for smaller political voices. https://about.fb.com/news/2025/07/ending-political-electoral-and-social-issue-advertising-in-the-eu/
China's 13-Point Global AI Governance Action Plan - Short Titles
1. Jointly seize AI opportunities
2. Promote AI innovation development
3. AI empowerment across all industries
4. Accelerate digital infrastructure construction
5. Create diversified open innovation ecosystem. PROMOTE OPEN SOURCE ENVIRONMENT.
6. Actively promote high-quality data supply
7. Effectively respond to energy and environmental issues
8. Promote consensus on standards and norms
9. Public sector leads deployment applications
10. Conduct AI security governance
11. Jointly implement Global Digital Compact
12. Strengthen international AI capacity building cooperation
13. Build inclusive multi-party governance model
https://www.gov.cn/yaowen/liebiao/202507/content_7033929.htm
Other
In case you feel it's worth it to forward this content further:
Subscribed
If you’d like to share: