Welcome back to Cyber Bites, your lunchtime digest of the latest in international cyber threats, global tech affairs, and AI developments. Stay informed on key events shaping our digital world.
Welcome back to Cyber Bites, providing lunchtime short reads on the latest international cyber threat events, global tech affairs, and developments in artificial intelligence. Today, we delve into groundbreaking collaborations reshaping the energy sector, uncover critical vulnerabilities affecting modern vehicles, explore intensified cyber espionage in geopolitical hotspots, discuss ambitious satellite internet investments, and highlight emerging scams in the cryptocurrency landscape. Stay tuned to stay informed on the rapidly evolving world of cyber threats and technological advancements.
Three Mile Island's Unit 1 reactor, inactive since 2019, is slated to reopen by 2028 under a new agreement with Microsoft. Pending approval from the Nuclear Regulatory Commission, the facility will be renamed the Crane Clean Energy Center in honor of Chris Crane, former CEO of Constellation Energy's predecessor. Microsoft has entered a 20-year power purchase agreement with Constellation Energy to acquire carbon-neutral electricity generated by the reactor, aiming to power its AI-focused data centres and support its commitment to decarbonizing the power grid.
The reopening is expected to bring significant economic and environmental benefits. It will create approximately 3,400 direct and indirect jobs and add over 800 megawatts of carbon-free electricity to the grid. The initiative is projected to contribute $16 billion to Pennsylvania's gross domestic product and generate more than $3 billion in state and federal tax revenue. Constellation Energy plans to invest $1.6 billion in upgrading the facility and seeks approval to operate until 2054, emphasising that Unit 1 is separate from the Unit 2 reactor involved in the 1979 accident.
A group of independent security researchers has uncovered a critical vulnerability in a Kia web portal that could allow attackers to remotely control vehicle functions using only a licence plate number. By exploiting this flaw, hackers could reassign themselves as the owner of a vehicle, enabling them to unlock doors, start the engine, and track the car's location. The researchers demonstrated that these attacks could be executed remotely on any hardware-equipped Kia vehicle in about 30 seconds, regardless of whether it has an active Kia Connect subscription.
After the researchers reported the issue in June, Kia appears to have fixed the vulnerability, although the company has not provided detailed comments. This is the second such vulnerability reported to Kia by the same group, highlighting ongoing concerns about web security in the automotive industry. Similar vulnerabilities have been discovered in vehicles from other manufacturers, including Hyundai, Toyota, and Honda, indicating a widespread issue that necessitates urgent attention.
Cybersecurity firm ESET has released a report detailing increased cyber espionage activities by Gamaredon, a Russian advanced persistent threat (APT) group targeting Ukraine. Identified as the most active APT group in the region, Gamaredon primarily focuses on Ukrainian government entities. The Security Service of Ukraine attributes the group to the FSB's 18th Center of Information Security, based in Crimea.
Gamaredon's sophisticated toolset includes downloaders, droppers, weaponizers, stealers, backdoors, and specialized tools. They use a combination of general-purpose and dedicated downloaders to deliver malicious payloads and deploy VBScript payloads via droppers. The group also weaponizes USB drives to spread malware and utilizes backdoors for unauthorized remote access. These activities pose a significant threat to Ukrainian national security, emphasizing the need for robust cybersecurity measures to counteract these persistent attacks.
Vietnam's government has announced that Elon Musk's SpaceX plans to invest $1.5 billion in the country to launch its Starlink satellite services. The investment aims to enhance Vietnam's internet infrastructure, especially in mountainous regions and areas with unreliable connectivity. SpaceX's Senior Vice President for Global Business and Government Affairs, Tim Hughes, discussed the plans during a meeting in New York with Vietnamese officials.
The proposed investment is expected to improve education and disaster prevention efforts by providing reliable satellite internet services. It could also aid in better patrolling of the disputed South China Sea, where Vietnam often faces tensions with China. While the exact details and timelines remain unspecified, the Vietnamese government is considering the proposal, and discussions are ongoing to finalize the investment and operational plans.
Thirteen cryptocurrency investors in Hong Kong have been swindled out of HK$14.8 million (approximately US$1.9 million) in the first nine months of the year. Scammers set up fraudulent cryptocurrency exchange shops in Kowloon's western region, offering attractive exchange rates to lure victims. They initially conducted legitimate transactions to gain the investors' trust before trapping them into handing over large sums of money.
In the most significant case, a 43-year-old businessman lost HK$4 million after being locked inside a shop during a transaction. Police have arrested two suspects and are searching for others involved. Authorities have reported 12 similar cases this year, totaling losses of HK$10.8 million. The incidents highlight the need for caution when conducting cryptocurrency transactions and underscore the importance of using reputable and verified exchange platforms.
Amid shifting global tech, DeepSeek’s surge under Liang Wenfeng has sparked worldwide debate. Celebrated as a hometown hero in China, his breakthrough challenges US dominance as policy shifts, record user gains, and earnings shocks at Alphabet and Samsung redefine the AI frontier.
Alphabet's Q4 results highlight strong AI-driven investments, with $96.47B revenue and a $75B 2025 capital plan. Meanwhile, Samsung struggles with weak semiconductor demand, U.S. chip export restrictions, and rising competition. Both tech giants face high stakes in the evolving AI landscape.
US tech stocks tumbled as China-based DeepSeek launched a groundbreaking AI platform, shaking market confidence in American AI giants. With Nvidia stocks down 18%, the rivalry between US and Chinese AI innovation is intensifying, raising questions about the future of AI investment.
President Trump announces a historic $500 billion AI infrastructure initiative in partnership with OpenAI, Oracle, and SoftBank. The project, aimed at ensuring U.S. AI dominance, has already broken ground in Texas with a $100 billion investment. Stay tuned for more updates.
