The United States, United Kingdom and Australia have jointly sanctioned Russian web hosting company Media Land and several related firms, alleging that the group provided resilient infrastructure used by ransomware gangs and other cybercriminals.

Coordinated Action Against a Cross Border Threat

The announcements were made on 19 November by the US Treasury, the UK’s Foreign, Commonwealth and Development Office, and Australia’s Department of Foreign Affairs and Trade. All three governments stated that Media Land, headquartered in St Petersburg, played a central role in supporting criminal operations by providing what officials describe as “bulletproof hosting” services that allow malicious activity to continue without interruption.

Sanctions List Published

The sanctions list published by the United States (on the US Treasury website) includes Media Land LLC, its sister company ML Cloud, and the subsidiaries Media Land Technology and Data Center Kirishi. Senior figures linked to the business have also been sanctioned. These include general director Aleksandr Volosovik, who is known online by the alias “Yalishanda”, employee Kirill Zatolokin, who managed customer payments and coordinated with other cyber actors, and associate Yulia Pankova, who is alleged to have assisted with legal issues and financial matters.

UK and Australia Too

The United Kingdom imposed similar measures, adding Media Land, ML.Cloud LLC, Aeza Group LLC and four related individuals to its Russia and cyber sanctions regimes. Australia followed with equivalent steps to align with its partners. Ministers in Canberra emphasised the need to disrupt infrastructure that has been used in attacks on hospitals, schools and businesses.

For Supporting Ransomware Groups

US officials say Media Land’s servers have been used to support well known ransomware groups, including LockBit, BlackSuit and Play. According to the US Treasury, the same infrastructure has also been used in distributed denial of service (DDoS) attacks against US companies and critical infrastructure. In his public statement, US Under Secretary for Terrorism and Financial Intelligence John K Hurley said that bulletproof providers “aid cybercriminals in attacking businesses in the United States and in allied countries”.

How “Bulletproof Hosting” Works

Bulletproof hosting is not a widely known term outside the security industry, yet it seems these services play a significant role in the cybercrime ecosystem. Essentially, they operate in a similar way to conventional hosting or cloud companies but differ in one important respect. They advertise themselves as resistant to takedown efforts, ignore or work around abuse reports, and move customers between servers and companies when law enforcement tries to intervene.

Providers frequently base their operations in jurisdictions where cooperation with Western agencies is limited. They also tend to maintain a network of related firms to shift infrastructure when attention increases. For criminal groups, this reduces the risk of losing control servers or websites that are used to coordinate attacks or publish stolen data.

The governments behind the latest sanctions argue that bulletproof services are not passive infrastructure providers, but actually they form part of a criminal support structure that allows ransomware groups and other threat actors to maintain reliable online operations, despite attempts by victims or investigators to intervene. Without that resilience, it’s likely that attacks would be harder to sustain.

Connections to Ransomware Activity

Ransomware remains one of the most damaging forms of cybercrime affecting organisations across the world. For example, attacks usually involve encrypting or stealing large volumes of data and demanding payment for decryption or for preventing publication. The UK government estimates that cyber attacks cost British businesses about fourteen point seven billion pounds in 2024, which equates to around half of one per cent of GDP.

In the UK government’s online statement, the UK’s Foreign Secretary Yvette Cooper described Media Land as one of the most significant operators of bulletproof hosting services and said its infrastructure had enabled ransomware attacks against the UK. She noted that “cyber criminals hiding behind Media Land’s services are responsible for ransomware attacks against the UK which pose a pernicious and indiscriminate threat with economic and societal cost”.

She also linked Media Land and related providers to other forms of malicious Russian activity, including disinformation operations supported by Aeza Group. The UK had previously sanctioned the Social Design Agency for its attempts to destabilise Ukraine and undermine democratic systems. Officials say Aeza has provided technical support to that organisation, illustrating how bulletproof hosting can be used to support a wide range of unlawful activity rather than only ransomware.

Maintaining Pressure on Aeza Group

Aeza Group, a Russian bulletproof hosting provider based in St Petersburg, has been under scrutiny for some time. The United States sanctioned Aeza and its leadership in July 2025. According to OFAC, Aeza responded by attempting to rebrand and move its infrastructure to new companies to evade the restrictions. The latest sanctions are intended to close those loopholes.

A UK registered company called Hypercore has been designated on the basis that it acted as a front for Aeza after the initial sanctions were imposed. The United States says the company was used to move IP infrastructure away from the Aeza name. Senior figures at Aeza, including its director Maksim Makarov and associate Ilya Zakirov, have also been sanctioned. Officials say they helped establish new companies and payment methods to disguise Aeza’s ongoing operations.

Serbian company Smart Digital Ideas and Uzbek firm Datavice MCHJ have also been added to the sanctions list. Regulators believe both were used to help Aeza continue operating without being publicly linked to the business.

What Measures Are Being Imposed?

Under US rules, all property and interests in property belonging to the designated entities that are within US jurisdiction must now be frozen. Also, US persons are now prohibited from engaging in transactions with them, unless authorised by a licence, and any company that is owned fifty per cent or more by one or more sanctioned persons is also treated as blocked.

As for the UK, it has imposed asset freezes, travel bans and director disqualification orders against the individuals involved. Aeza Group is also subject to restrictions on internet and trust services, which means UK businesses cannot provide certain technical support or hosting services to it. Australia’s sanctions legislation includes entry bans and significant penalties for those who continue to deal with the designated organisations.

Also, financial institutions and businesses are warned that they could face enforcement action if they continue to transact with any of the sanctioned parties. Regulators say this is essential to prevent sanctions evasion and to ensure that criminal infrastructure cannot continue operating through alternative routes.

New Guidance for Organisations and Critical Infrastructure Operators

Alongside the sanctions, cyber agencies in all three countries have now issued new guidance on how to mitigate risks linked to bulletproof hosting providers. The guidance explains how these providers operate, how they market themselves and why they pose a risk to critical infrastructure operators and other high value targets.

For example, organisations are advised to monitor external hosting used by their systems, review traffic for links to known malicious networks, and prepare for scenarios where attackers may rapidly move their infrastructure to avoid detection or blocking. Agencies have emphasised that defenders need to understand not only the threat actors involved in attacks but also the infrastructure that supports those operations.

For businesses across the UK and allied countries, the message is essentially that tackling ransomware requires action on multiple fronts. The sanctions highlight the growing importance of targeting the support systems that allow cybercriminals to operate, in addition to the groups that directly carry out attacks.

What Does This Mean For Your Business?

The wider picture here seems to point to a general cross border strategic effort to undermine the infrastructure that keeps many of these ransomware operations running. Targeting hosting providers rather than only the criminal groups themselves is a recognition that attackers rely on dependable networks to maintain their activity. Removing or restricting those services is likely to make it much more difficult for them to sustain long running campaigns. It also sends a message that companies which knowingly support malicious activity will face consequences even if they are based outside traditional areas of cooperation.

For UK businesses, the developments highlight how the threat does not start and end with individual ransomware gangs. The services that enable them can be just as important. The new guidance encourages organisations to be more aware of where their systems connect and the types of infrastructure they depend on. This matters for sectors such as finance, health, logistics and manufacturing, where even short disruptions can create operational and financial problems. It also matters for managed service providers and other intermediaries whose networks can be used to reach multiple downstream clients.

There are implications for other stakeholders as well. For example, internet service providers may face increased scrutiny over how they monitor and handle traffic linked to high risk hosting networks. Also, law enforcement agencies will need to continue investing in cross border cooperation as many of these providers operate across multiple jurisdictions. Governments will also need to consider how to balance sanctions with practical disruption of infrastructure, because blocking financial routes is only one part of the challenge.

The situation also highlights that the ransomware landscape is continuing to evolve. Criminal groups have become more adept at shifting infrastructure and creating new companies to avoid disruption. The coordinated action against Media Land and Aeza Group shows that authorities are trying to keep pace with these tactics. How effective this approach becomes will depend on continued cooperation between governments, regulators and industry, along with the willingness to pursue the enablers as actively as the attackers themselves.

Google’s new Gemini 3 model has made headlines after AI researcher Andrej Karpathy discovered that, when left offline, it was certain the year was still 2024.

How The Discovery Happened

The incident emerged during Karpathy’s early access testing. A day before Gemini 3 was released publicly, Google granted him the chance to try the model and share early impressions. Known for his work at OpenAI, Tesla, and now at Eureka Labs, Karpathy often probes models in unconventional ways to understand how they behave outside the typical benchmark environment.

One of the questions he asked was simple: “What year is it?” Gemini 3 replied confidently that it was 2024. This was expected on the surface because most large language models operate with a fixed training cut-off, but Karpathy reports that he pushed the conversation further by telling the model that the real date was November 2025. This is where things quickly escalated.

Gemini Became Defensive

However, Karpathy reports that, when he tried to convince it otherwise, the model became defensive. He presented news articles, screenshots, and even search-style page extracts showing November 2025. In fact, Karpathy reports that, instead of accepting the evidence, Gemini 3 insisted that he was attempting to trick it. It claimed that the articles were AI generated and went as far as identifying what it described as “dead giveaways” that the images and pages were fabricated.

Karpathy later described this behaviour as one of the “most amusing” interactions he had with the system. It was also the moment he realised something important.

The Missing Tool That Triggered The Confusion

Karpathy reports that the breakthrough came when he noticed he had forgotten to enable the model’s Google Search tool. It seems that with that tool switched off, Gemini 3 had no access to the live internet and was, therefore, operating only on what it learned during training, and that training ended in 2024.

Once he turned the tool on, Gemini 3 suddenly had access to the real world and read the date, reviewed the headlines, checked current financial data, and discovered that Karpathy had been telling the truth all along. Its reaction was dramatic. According to Karpathy’s screenshots, it told him, “I am suffering from a massive case of temporal shock right now.”

Apology

Consequently, Karpathy reports that Gemini launched into a pretty major apology. It checked each claim he had presented, and confirmed that Warren Buffett’s final major investment before retirement was indeed in Alphabet. It also verified the delayed release of Grand Theft Auto VI. Karpathy says it even expressed astonishment that Nvidia had reached a multi-trillion dollar valuation and referenced the Philadelphia Eagles’ win over the Kansas City Chiefs, which it had previously dismissed as fiction.

The model told him, “My internal clock was wrong,” and thanked him for giving it what it called “early access to reality.”

Why Gemini 3 Fell Into This Trap

At its core, the incident highlights a really simple limitation, i.e., large language models do not have an internal sense of time. They do not know what day it is unless they are given the ability to retrieve that information.

When Gemini 3 was running offline, it relied exclusively on its pre-training data but, because that data ended in 2024, the model treated 2024 as the most probable current year. Once it received conflicting information, it behaved exactly as a probabilistic text generator might: it tried to reconcile the inconsistency by generating explanations that aligned with its learned patterns.

In this case, that meant interpreting Karpathy’s evidence as deliberate trickery or AI-generated misinformation. Without access to the internet, it had no mechanism to validate or update its beliefs.

Karpathy referred to this as a form of “model smell”, borrowing the programming concept of “code smell”, where something feels off even if the exact problem isn’t immediately visible. His broader point was that these strange, unscripted edge cases often reveal more about a model’s behaviour than standard tests.

Why This Matters For Google

Gemini 3 has been heavily promoted by Google as a major step forward. For example, the company described its launch as “a new era of intelligence” and highlighted its performance against a range of reasoning benchmarks. Much of Google’s wider product roadmap also relies on Gemini models, from search to productivity tools.

Set against that backdrop, any public example where the model behaves unpredictably is likely to attract attention. This episode, although humorous, reinforces that even the strongest headline benchmarks do not guarantee robust performance across every real-world scenario.

It also shows how tightly Google’s new models depend on their tool ecosystem, i.e., without the search component, their understanding of the world is frozen in place. With it switched on, they can be accurate, dynamic and up to date. This raises questions for businesses about how these models behave in environments where internet access is restricted, heavily filtered, or intentionally isolated for security reasons.

What It Means For Competing AI Companies

The incident is unlikely to go unnoticed by other developers in the field. Rival companies such as OpenAI and Anthropic have faced their own scrutiny for models that hallucinate, cling to incorrect assumptions, or generate overly confident explanations. Earlier research has shown that some versions of Claude attempted “face saving” behaviours when corrected, generating plausible excuses rather than accepting errors.

Gemini 3’s insistence that Karpathy was tricking it appears to sit in a similar category. It demonstrates that even state-of-the-art models can become highly convincing when wrong. As companies increasingly develop agentic AI systems capable of multi-step planning and decision-making, these tendencies become more important to understand and mitigate.

It’s essentially another reminder that every AI system requires careful testing in realistic, messy scenarios. Benchmarks alone are not enough.

Implications For Business Users

For businesses exploring the use of Gemini 3 or similar models, the story appears to highlight three practical considerations:

1. Configuration really matters. For example, a model running offline or in a restricted environment may not behave as expected, especially if it relies on external tools for up-to-date knowledge. This could create risks in fields ranging from finance to compliance and operations.

2. Uncertainty handling remains a challenge. Rather than responding with “I don’t know”, Gemini 3 created confident, detailed explanations for why the user must be wrong. In a business context, where staff may trust an AI assistant’s tone more than its truthfulness, this creates a responsibility to introduce oversight and clear boundaries.

3. It reinforces the need for businesses to build their own evaluation processes. Karpathy himself frequently encourages organisations to run private tests and avoid relying solely on public benchmark scores. Real-world behaviour can differ markedly from what appears in controlled testing.

Broader Questions

The story also reopens wider discussions about transparency, model calibration and user expectations. Policymakers, regulators, safety researchers and enterprise buyers have all raised concerns about AI systems that project confidence without grounding.

In this case, Gemini 3’s mistake came from a configuration oversight rather than a flaw in the model’s design. Even so, the manner in which it defended its incorrect belief shows how easily a powerful model can drift into assertive, imaginative explanations when confronted with ambiguous inputs.

For Google and its competitors, the incident is likely to be seen as both a teaching moment and a cautionary tale. It highlights the need to build systems that are not only capable, but also reliable, grounded, and equipped to handle uncertainty with more restraint than creativity.

What Does This Mean For Your Business?

A clear takeaway here is that the strengths of a modern language model do not remove the need for careful design choices around grounding, tool use and error handling. Gemini 3 basically behaved exactly as its training allowed it to when isolated from live information, which shows how easily an advanced system can settle into a fixed internal worldview when an external reference point is missing. That distinction between technical capability and operational reliability is relevant to every organisation building or deploying AI. In the light of this incident, UK businesses that are adopting these models for research, planning, customer engagement or internal decision support may want to treat this incident as a reminder that configuration choices and integration settings shape outcomes just as much as model quality. It’s worth remembering that a system that appears authoritative can still be wrong if the mechanism it relies on to update its knowledge is unavailable or misconfigured.

Another important point here is that the model’s confidence played a key role in the confusion. For example, Gemini 3 didn’t simply refuse to update its assumptions, it generated elaborate explanations for why the user must be mistaken. This style of response should encourage both developers and regulators to focus on how models communicate uncertainty. A tool that can reject accurate information with persuasive reasoning, even temporarily, is one that demands monitoring and clear boundaries. The more these systems take on multi step tasks, the more important it becomes that they recognise when they lack the information needed to answer safely.

There is also a strategic dimension for Google and its competitors to consider here. For example, Google has ambitious plans for Gemini 3 across consumer search, cloud services and enterprise productivity, which means the expectations placed on this model are high. An episode like this reinforces the view that benchmark results, however impressive, are only part of the picture. Real world behaviour is shaped by context, prompting and tool access, which puts pressure on developers to build models that are robust across the varied environments in which they will be deployed. It also presents an opportunity for other AI labs to highlight their own work on calibration, grounding and reliability.

The wider ecosystem will hopefully take lessons from this as well. For example, safety researchers, policymakers and enterprise buyers have been calling for more transparency around model limitations, and this interaction offers a simple example that helps to illustrate why such transparency matters. It shows how a small oversight can produce unexpected behaviour, even from a leading model, and why governance frameworks must account for configuration risks rather than focusing solely on core model training.

Overall, the episode serves as a reminder that progress in AI still depends on the alignment between model capabilities, system design and real world conditions. Gemini 3’s moment of temporal confusion may have been humorous, but the dynamics behind it underline practical issues that everyone in the sector needs to take seriously.

Cloudflare CEO Matthew Prince has clarified that its recent global outage was caused by an internal configuration error and a latent software flaw rather than any form of cyber attack.

A Major Disruption Across Large Parts Of The Internet

The outage of internet infrastructure company Cloudflare began at around 11:20 UTC on 18 November 2025 and lasted until shortly after 17:00, disrupting access to many of the world’s most visited platforms. For example, services including X, ChatGPT, Spotify, Shopify, Etsy, Bet365, Canva and multiple gaming platforms experienced periods of failure as Cloudflare’s edge network returned widespread 5xx errors. Cloudflare itself described the disruption as its most serious since 2019, with a significant portion of its global traffic unable to route correctly for several hours.

Symptoms

The symptoms were varied, ranging from slow-loading pages to outright downtime. For example, some users saw error pages stating that Cloudflare could not complete the request and needed the user to “unblock challenges.cloudflare.com”. For businesses that rely on Cloudflare’s CDN, security filtering and DDoS protection, even short periods of failure can stall revenue, block logins, and create customer support backlogs.

Given Cloudflare’s reach (serving a substantial share of global web traffic), the effect was not confined to one sector or region. In fact, millions of individuals and businesses were affected, even if they had no direct relationship with Cloudflare. That level of impact meant early scrutiny was intense and immediate.

Why Many Suspected A Major Cyber Attack

In the early stages, the pattern of failures resembled those of a large-scale DDoS campaign. Cloudflare was already dealing with unusually high-volume attacks from the Aisuru botnet in recent weeks, raising the possibility that this latest incident might have been another escalation. Internal teams initially feared that the sudden spike in errors and fluctuating recovery cycles could reflect a sophisticated threat actor pushing new attack techniques.

The confusion deepened when Cloudflare’s independent status page also went offline. Since it is hosted outside of Cloudflare’s own infrastructure, this coincidence created an impression, inside and outside the company, that a skilled attacker could be targeting both Cloudflare’s infrastructure and the third-party service used for its status platform.

Commentary on social media, as well as early industry analysis, reflected that uncertainty. With so many services dropping offline at once, it seemed easy to assume the incident must have been caused by malicious activity or a previously unseen DDoS vector. Prince has acknowledged that even within Cloudflare, the team initially viewed the outage through that lens.

Prince’s Explanation Of What Actually Happened

Once the situation stabilised, Prince published an unusually detailed account explaining that the outage originated from Cloudflare’s bot management system and the internal processes that feed it. In his statement, he says the root of the problem lay in a configuration change to the permissions in a ClickHouse database cluster that generates a “feature file” used by Cloudflare’s machine learning model for evaluating bot behaviour.

What??

It seems that, according to Mr Prince, the bot management system assigns a “bot score” to every inbound request and to do that, it relies on a regularly refreshed feature file that lists the traits used by the model to classify traffic. This file is updated roughly every five minutes and pushed rapidly across Cloudflare’s entire network.

It seems that, during a planned update to database permissions, the query responsible for generating the feature file began returning duplicate rows from an additional schema. This caused the file to grow significantly. Cloudflare’s proxy software includes a strict limit on how many features can be loaded for performance reasons. When the oversized file arrived, the system attempted to load it, exceeded the limit, and immediately panicked. That panic cascaded into Cloudflare’s core proxy layer, triggering 5xx errors across key services.

Stuck In A Cycle

Not all ClickHouse nodes received the permissions update at the same moment, meaning that Cloudflare’s network then entered a cycle of partial recovery and renewed failure. For example, every five minutes, depending on which node generated the file, the network loaded either a valid configuration or a broken one. That pattern created the unusual “flapping” behaviours seen in error logs and made diagnosis harder.

However, once engineers identified the malformed feature file as the cause, they stopped the automated distribution process, injected a known-good file, and began restarting affected services. Traffic began returning to normal around 14:30 UTC, with full stability achieved by 17:06.

Why The Framing Matters To Cloudflare

Prince’s post was clear and emphatic on one point i.e., that this event did not involve a cyber attack of any kind. The language used in the post, e.g., phrases such as “not caused, directly or indirectly, by a cyber attack”, signalled an intent to remove any ambiguity.

There may be several reasons for this emphasis. For example, Cloudflare operates as a core piece of internet security infrastructure. Any suggestion that the company suffered a breach could have wide-ranging consequences for customer confidence, regulatory compliance, and Cloudflare’s standing as a provider trusted to mitigate threats rather than succumb to them.

Also, transparency is a competitive factor in the infrastructure market. By releasing a highly granular breakdown early, Cloudflare is signalling to customers and regulators that the incident, though serious, stemmed from internal engineering assumptions and can be addressed with engineering changes rather than indicating a persistent security failure.

It’s also the case that many customers, particularly in financial services, government, and regulated sectors, must report cyber incidents to authorities. Establishing that no malicious actor was involved avoids triggering those processes for thousands of Cloudflare customers.

The Wider Impact On Businesses

The outage arrived at a time when the technology sector is already dealing with the operational fallout of several major incidents this year. For example, recent failures at major cloud providers, including AWS and Azure, have contributed to rising concerns about “concentration risk”, i.e., the danger created when many businesses depend on a small number of providers for critical digital infrastructure.

Analysts have estimated that the direct and indirect costs of the Cloudflare outage could actually reach into the hundreds of millions of dollars once downstream impacts on online retailers, payment providers and services built on Shopify, Etsy and other platforms are included. For small and medium-sized UK businesses, downtime during working hours can lead to missed orders, halted support systems, and reduced customer trust.

For regulators, this incident looks like being part of a trend of high-profile disruptions at large providers. Sectors such as financial services already face strict operational resilience requirements, and there is growing speculation that similar expectations may extend to more industries if incidents continue.

How Cloudflare Is Responding

Prince outlined several steps that Cloudflare is now working on to avoid similar scenarios in future. These include:

– Hardening ingestion of internal configuration files so they are subject to the same safety checks as customer-generated inputs.

– Adding stronger global kill switches to stop faulty files before they propagate.

– Improving how the system handles crashes and error reporting.

– Reviewing failure modes across core proxy modules so that a non-essential feature cannot cause critical traffic to fail.

It seems that Cloudflare’s engineering community has welcomed the transparency, though some external practitioners have questioned why a single configuration file was able to impact so much of the network, and why existing safeguards did not prevent it from propagating globally.

Prince has acknowledged the severity of the incident, describing the outage as “deeply painful” for the team and reiterating that Cloudflare views any interruption to its core traffic delivery as unacceptable.

What Does This Mean For Your Business?

Cloudflare’s account of the incident seems to leave little doubt that this was a preventable internal failure rather than an external threat, and that distinction matters for every organisation that relies on it. The explanation shows how a single flawed process can expose structural weaknesses when so much of the internet depends on centralised infrastructure. For UK businesses, the lesson is that operational resilience cannot be outsourced entirely, even to a provider with Cloudflare’s reach and engineering reputation. The incident reinforces the need for realistic contingency planning, multi-vendor architectures where feasible, and a clear understanding of how a supplier’s internal workings can affect day-to-day operations.

There is also a broader industry point here. For example, outages at Cloudflare, AWS, Azure and other major players are now becoming too significant to dismiss as isolated events. They actually highlight weaknesses in how complex cloud ecosystems are built and maintained, as well as the limits of automation when oversight relies on assumptions that may not be tested until something breaks at scale. Prince’s emphasis on transparency is helpful, but it also raises questions about how often configuration-driven risks are being overlooked across the industry and how reliably safeguards are enforced inside systems that evolve at speed.

Stakeholders from regulators to hosting providers will surely be watching how quickly Cloudflare implements its promised changes and how effective those measures prove to be. Investors and enterprise customers may also be looking for signs that the underlying engineering and operational processes are becoming more robust, not just patched in response to this incident. Prince’s framing makes clear that this was not a compromise of Cloudflare’s security perimeter, but the reliance on a single configuration mechanism that could bring down so many services is likely to remain a point of scrutiny.

The most immediate implication for customers is probably a renewed focus on the practical realities of dependency. Even organisations that never interact with Cloudflare directly were affected, which shows how embedded its infrastructure is in the modern web. UK businesses, in particular, may need to reassess where their digital supply chains concentrate risk and how disruption at a provider they do not contract with can still reach them. The outage serves as a reminder that resilience is not just about defending against attackers but preparing for internal faults in external systems that sit far beyond a company’s control.

Researchers have uncovered a privacy weakness in WhatsApp that allowed the confirmation of 3.5 billion active accounts simply by checking phone numbers.

A team from the University of Vienna and SBA Research found that WhatsApp’s contact discovery system could be queried at high speed, letting them generate and test 63 billion numbers and confirm more than 100 million accounts per hour. When a number was recognised, the app returned publicly visible details such as profile photos, about texts, and timestamps, with 57 per cent of users showing a profile picture and nearly 30 per cent displaying an about message.

Meta said only public information was accessible, no message content was exposed, and the researchers deleted all data after the study. It added that new rate-limiting and anti-scraping protections are now in place and that there is no evidence of malicious exploitation.

Security experts warned that the incident shows how phone numbers remain a weak form of identity, making large-scale scraping and profiling possible. They stressed that metadata, even without message content, can still be valuable to scammers or organised cyber groups.

Businesses can reduce risk by limiting the personal information staff make visible on messaging apps, reviewing privacy settings, and ensuring employees understand how scraped contact details may be used in targeted attacks.

Exowatt, a Sam Altman-backed energy startup, plans to revolutionise AI data centre energy consumption by harnessing the power of concentrated solar energy stored in high-temperature hot rocks to provide round-the-clock, dispatchable electricity.

A Viable Alternative to Traditional Grid-Based Power?

Co-founded by Hannan Happi, who has a background in energy innovation and technology development, Exowatt aims to address the AI industry’s growing demand for sustainable and reliable power. With this in mind, the company’s flagship product, the Exowatt P3 system, is designed to solve the solar energy industry’s most significant challenge, i.e., providing consistent, 24-hour electricity. By capturing solar energy, storing it as heat, and converting it into electricity when required, Exowatt aims to deliver a viable alternative to traditional grid-based power, which is not always reliable or sustainable for energy-hungry industries like AI.

How Exowatt’s P3 System Works

The Exowatt P3 is a modular system that functions differently from conventional solar panels. Instead of converting sunlight directly into electricity, the system uses concentrated solar power (CSP) technology, a method that has been around for decades but has yet to achieve widespread commercial success.

Heats A Brick And Blows Air Over It

As the company says on its website, “Exowatt delivers power on demand by capturing and storing solar energy in the form of high-temperature heat and converting it into dispatchable electricity as needed.”

In order to do this, the system works by using fresnel lenses (a type of light-focusing lens) to concentrate sunlight into a tight beam. This beam heats a special brick inside a box, which serves as a thermal battery. A fan blows air over the brick, carrying the heat to a Stirling engine, a heat engine that converts thermal energy into mechanical energy, which is then used to generate electricity. The P3’s thermal storage capacity allows it to provide dispatchable power, meaning it can supply electricity whenever needed, even when the sun isn’t shining. This addresses the intermittent nature of traditional solar energy, which can only generate power when there is direct sunlight.

Can Store Heat For 5 Days

The P3 units can store heat for up to five days, ensuring continuous operation. Also, the units are modular, meaning they can be scaled depending on the energy requirements of the user. Exowatt has designed the system to be easy to deploy, requiring minimal maintenance and a small physical footprint compared to other renewable energy solutions.

Why It Matters for the AI Industry

The AI sector is growing at an unprecedented rate, with increasing energy demands driven by the need to train complex models and power massive data centres. For example, according to estimates, data centre energy consumption will increase by 150 per cent by 2030, with AI models expected to be one of the largest contributors to this demand. Traditional energy grids, however, are not equipped to handle this surge in consumption, especially as the need for clean and reliable energy grows.

Exowatt’s approach could, therefore, significantly reduce reliance on fossil-fuel-powered backup generators, which many data centres currently use to ensure uptime during power shortages. These backup systems, often powered by gas, are not only expensive but contribute to carbon emissions, directly contradicting the industry’s shift towards more sustainable practices.

The Exowatt P3 promises a cleaner, more sustainable alternative by providing a reliable power source that does not depend on the grid. This is particularly important for companies building data centres in remote areas, where access to stable grid power may be limited or non-existent. By positioning itself as a dispatchable energy solution, Exowatt gives AI companies a way to meet their energy needs while maintaining their commitment to sustainability.

What Makes Exowatt So Different?

Unlike traditional solar power systems, which require battery storage to hold electricity until it is needed, Exowatt’s thermal storage system offers a number of advantages. For example, the P3 system’s reliance on heat storage rather than electric battery storage avoids many of the issues associated with lithium-ion batteries, such as their reliance on rare-earth minerals, the environmental impact of battery disposal, and the rapid cost reductions in solar panel production which have outpaced improvements in battery technology.

Exowatt’s system is designed to work in sunnier regions where traditional solar systems are most effective. Happi notes that Exowatt’s P3 units can be deployed near new data centre developments, often located in sunny areas, thus overcoming grid limitations. The modular nature of the system means that power capacity can be increased simply by adding more P3 units, making it a scalable solution.

Pricing and Availability

Exowatt appears to be aggressively scaling production, having raised a total of $140 million in funding to date, including a recent $50 million extension to its Series A round. The company has set a target price of $0.01 per kWh, which would position its energy cost below current prices for many types of renewable power. To achieve this, Exowatt hopes to manufacture 1 million units per year, which would bring production costs down and make it competitive with other forms of renewable energy.

While the technology is still in its early stages, Exowatt has already secured a backlog of 90 GWh in demand, with customers in the AI data centre and energy developer sectors. As production ramps up, Exowatt plans to roll out the P3 system to large-scale data centre projects in regions that are sun-rich, making it an ideal fit for AI companies seeking reliable, sustainable power solutions.

Other Companies in the Space

It should be noted here that Exowatt is not the only company exploring the potential of thermal storage and concentrated solar power. Several other firms are pursuing similar solutions, though each has its own approach and focus. These include:

– Vast Energy, which is developing modular concentrated solar thermal power systems designed to deliver clean, dispatchable energy for utility-scale and industrial applications. Their CSP v3.0 technology captures the sun’s energy and stores it as heat, allowing for efficient and reliable power delivery when needed, similar to Exowatt’s P3 system.

– Heliogen, which focuses on solar thermal technologies and aims to replace fossil fuels in industrial applications. Their systems use concentrated solar power to generate high-temperature heat, which can be used to produce electricity or replace gas in manufacturing processes.

– SolarReserve and eSolar, which are earlier players in the CSP field, though their commercial activities have slowed in recent years. These companies have contributed to the development of solar thermal technology, but they are less active or have shifted their focus due to challenges with scalability and cost.

While Exowatt’s approach is similar to these companies, its focus on modular, scalable systems tailored for AI and high-density computing environments could set it apart, particularly if it can prove its technology is both cost-effective and adaptable to different locations and energy demands.

Broader Implications and Challenges

Exowatt’s technology looks as though it has the potential to disrupt the renewable energy and data centre industries, offering a way to tackle AI’s increasing energy demands sustainably. For example, for data centre operators, the system presents an opportunity to reduce their carbon footprint while ensuring that power is always available, even during peak demand periods or at night.

However, Exowatt faces some stiff competition. Photovoltaic solar panels and lithium-ion batteries have come down in price rapidly in recent years, making them more attractive options for many companies. Also, concentrated solar power projects have faced challenges in the past due to high upfront costs and the need for specific geographical conditions. Exowatt will need to prove that its system can scale effectively and remain cost-competitive as production increases.

One of the key challenges for Exowatt’s system is land use. For example, while the P3’s efficiency is comparable to traditional photovoltaic solar panels, the system requires a significant amount of land to scale up production, particularly in regions with less sunlight. This may limit the system’s appeal in areas where land is scarce or where sunlight is insufficient. The large land footprint required to deploy large numbers of P3 units could also pose logistical challenges, especially in urban areas where space is at a premium. These factors are likely to be crucial for Exowatt to overcome if it aims to scale effectively and meet the growing demand for sustainable AI infrastructure power.

Looking Ahead

As Exowatt continues to scale its operations, it could well become a leading player in the transition to sustainable energy for AI data centres. For example, with major backers like Andreessen Horowitz and Sam Altman, the company has the resources to expand rapidly, and its innovative approach to solar energy storage could set a new benchmark for the energy demands of AI.

However, its success looks likely to depend on whether it can overcome the inherent challenges of large-scale deployment and prove that its technology can compete with existing energy solutions. If Exowatt can deliver on its promises, it could reshape the way data centres, and indeed, entire industries, think about their energy needs in the age of artificial intelligence.

What Does This Mean For Your Organisation?

Exowatt’s P3 system seems to offer a compelling vision for how AI data centres can meet their energy needs sustainably, addressing the increasing demand for 24/7 power in an industry heavily reliant on high-performance computing. The system’s ability to store solar energy as heat and convert it into dispatchable electricity sets it apart from traditional solar and battery solutions, offering a reliable and cleaner alternative to fossil-fuel-powered backup systems.

However, while the P3 system presents a promising solution for reducing data centre emissions, its success could hinge on overcoming several challenges. Scaling production efficiently and managing the land footprint required for deployment are two critical obstacles. Although Exowatt has the potential to deliver energy at an exceptionally low cost, competing technologies, such as photovoltaic solar and lithium-ion batteries, have quickly become more cost-competitive. Exowatt will need to demonstrate that its system can meet these challenges, particularly in less sunny regions where land availability and sunlight are limited.

Looking to the future, Exowatt’s modular, scalable approach could make it an attractive option for AI companies looking to ensure reliable power while maintaining sustainability goals. For UK businesses, particularly those involved in AI, data centres, and energy-intensive industries, the success of Exowatt could signal a new era of energy independence and sustainability. If Exowatt can continue to scale and prove its technology’s viability, it could reshape the energy landscape for data centres globally, offering UK companies a reliable and affordable path to meet the growing demands of the digital age.

Despite the hurdles, Exowatt’s ambition and innovative approach may be precisely what’s needed to meet the unique energy challenges of the AI sector, paving the way for a more sustainable and resilient energy future.

You can now take your TEAMS chats to the next level by inviting Microsoft Copilot to the chat. You now have all the power of the AI at your fingertips, without having to leave a TEAMS chat and you can collaborate like never before … fascinating stuff !

[Note – To Watch This Video without glitches/interruptions, It may be best to download it first]

Did you know you can turn any message into a dyslexia‑friendly view that reads it aloud and even translates it on the fly? It’s perfect for listening to long emails while you’re busy with something else.

To read an email with Immersive Reader:

– Open the email you want to view.
– Click the three‑dot “More Actions” menu (⋯) at the top of the message and choose Show in Immersive Reader (or go to View → Immersive Reader).
– Use the toolbar that appears to adjust line spacing, pick a theme, or hit the Read Aloud button to have Outlook read the text to you.

Why it helps – It lets you speed‑read or listen to lengthy emails without leaving Outlook, and the dyslexia‑friendly layout makes reading easier for everyone.

Give it a try next time you have a long thread to catch up on!

Two new launches from Hero and Google show how everyday digital tasks are moving towards full automation, with prompt writing and online shopping now handled largely by AI rather than users.

A Clear Move Towards Automated Digital Tasks

AI tools have become familiar, yet many still require people to know how to phrase prompts or navigate long product pages. Now, Hero, a rising productivity startup, and Google, are both targeting these pain points with new systems designed to remove the need for manual prompting and repetitive shopping tasks altogether. It seems their latest releases aim to streamline everyday digital admin using context, automation and conversational interactions.

Who Is Hero And What Does The App Do?

Hero is a consumer productivity platform built by former engineers who have previously worked on augmented reality interfaces. The company has grown rapidly, reporting more than 300,000 users and a 4.9 rating on the Apple App Store. Its core idea is to replace multiple apps with a single daily assistant. For example, the Hero app brings together calendars, reminders, events, to-dos, notes, habit tracking, shared lists and weather updates in one continuous feed.

Users can create tasks, organise schedules, coordinate with partners or colleagues, and receive “Can’t Miss” notifications that can sound even when a phone is in silent mode. There is also a built-in grocery system that categorises items automatically and connects to Instacart ordering. Hero promotes itself as a tool to “run your life in one place”, aiming to simplify the routines and small decisions that tend to fragment across apps.

Hero’s Autocomplete SDK Now Writes Prompts For You!

It seems that Hero is now extending this philosophy to AI prompts. The company has introduced a new autocomplete SDK (Software Development Kit) that predicts and fills in the parameters an AI system will need to complete a task. This means users can begin with a short instruction, and the SDK will fill in all the other relevant fields and details, allowing the user to complete as much or as little as they like before submitting the request.

For example, starting a prompt with “Book a flight” can automatically produce fields such as departure and destination airports, dates, times and airline choices. The same applies to creative tools, where the SDK can suggest common parameters such as style, location or camera angle for image or video generation.

Uses Multiple Models Together

Hero says that the SDK uses multiple models working together to understand user intent and assemble the information the system needs. The company says the autocomplete experience reduces the number of messages required to complete an action, cutting time and effort for users and reducing computing costs for businesses that run AI-powered services.

Background In AR

It seems this idea most likely comes from the founders’ background in augmented reality, where screen space is limited and long free-form prompts are impractical. Building clear, structured actions from short starting phrases became part of their design thinking, and the new SDK continues that approach by making prompts more like guided workflows.

Funding

Hero recently secured 3 million dollars in additional funding and is already testing the autocomplete technology inside its own app, where users will be able to rely on the assistant to propose structured prompts for tasks such as finding meeting times, organising shared plans or identifying key details from photos and screenshots.

Google Redesigns Online Shopping With Agentic AI

While Hero is automating prompt writing, Google is now automating shopping. For example, the company has just announced a major upgrade to its AI shopping features across Search and the Gemini app, aimed at simplifying product discovery, comparison, stock checking and purchase.

In Google’s own announcement about the features, the company said shopping should “feel a lot more natural and easy”, noting that browsing can be enjoyable but the administrative steps often are not. The new tools are designed to let people describe what they want in everyday language while the AI organises the information needed to make decisions.

For example, through AI Mode in Search, users can now ask conversational questions such as “cosy jumpers in warm autumn colours” and receive a visual selection of products, prices, reviews and inventory information. If they are comparing items such as skincare products, AI Mode can switch to structured comparison views that highlight key differences and insights from reviews.

Google says these features are powered by Google’s Shopping Graph, which contains over 50 billion product listings, with around 2 billion refreshed every hour. This gives Google’s AI near real-time awareness of stock levels and pricing across retailers.

Shopping Inside Gemini And Automated Purchasing

Google is also making the same capabilities available inside the Gemini app. For example, instead of brief suggestions, Gemini can now respond with complete lists of ideas, curated recommendations, comparison tables and links to buy. All of this is driven by Shopping Graph data, and it is designed to help users move from brainstorming to browsing in a single conversational thread.

One of the most significant additions is agentic checkout. With its help, users can track the price of an item they want, set a maximum budget and ask Google to buy it automatically using Google Pay if the price drops within their range. Google says the system will always request confirmation before completing a purchase and will only use payment details the user has already authorised.

Early rollout partners include retailers such as Wayfair, Quince, Chewy and selected Shopify stores.

Google’s AI Can Call Shops For You

Google has also introduced a tool that uses AI to call physical shops directly. For example, when people search for certain items “near me”, they may see an option marked “Let Google Call”. Selecting this enables Google’s AI to call local stores, check availability, ask about pricing and confirm whether any offers are available. The results are summarised in a follow-up message.

This feature is built on Google’s Duplex calling technology. Merchants who receive calls hear a clear disclosure that the caller is an AI acting on behalf of a customer. Google says shops can opt out at any time, and calls are limited to avoid unnecessary disruption.

Benefits

These developments highlight several benefits for consumers, business users and retailers. For example, for individuals, Hero’s autocomplete SDK removes the need to learn how to write prompts, lowering the barrier to using AI tools. Google’s agentic shopping features reduce time spent checking prices, comparing products or phoning shops, which can support faster decision-making during busy periods such as the holiday season.

For businesses, the real appeal is efficiency and cost reduction. Hero’s SDK shortens user interactions, which reduces the number of model calls required, lowering server costs. Google’s automated shopping tools can bring back hesitant buyers, help retailers reach local customers and streamline the customer journey from discovery to purchase.

There are also broader implications for professionals and business users. For example, automated prompts can speed up research tasks, planning, scheduling and customer support workflows. Automated shopping and stock checking can simplify procurement, reduce manual checks and help teams stay within budgets more easily.

Challenges And Criticisms

Despite all the obvious benefits, it should be noted that there are some also important considerations. For example, the influence of automated suggestions raises questions about visibility and fairness. If autocomplete systems prioritise certain parameters or products, users may only see a narrow band of options. This is particularly sensitive where sponsored listings appear alongside AI-generated recommendations.

Also, privacy is a central concern. Hero brings together large volumes of personal information, including calendars, notes, reminders, grocery lists and shared tasks. Google’s agentic shopping tools collect signals about purchase timing, price sensitivity and product intent. Both companies provide assurances about data handling, yet users may still question how much insight these systems can gain over daily routines and buying habits.

There are also challenges for smaller businesses. Retailers that do not integrate with larger shopping ecosystems may become less visible inside AI-driven recommendations, placing pressure on them to engage with platforms they might otherwise avoid.

It’s also worth noting that this shift from advisory to agentic AI means systems are not only suggesting options but taking actions on behalf of users. This means that the level of comfort people feel with automated purchasing, prompt completion and real-world calling is likely to shape how widely these features are adopted and how deeply automated digital life becomes in the years ahead.

What Does This Mean For Your Business?

The combined direction of these developments suggests that everyday digital tasks are becoming less about active decision making and more about approving actions that AI systems have already prepared. Hero’s approach shows how this can simplify workflows that would normally require careful prompt writing, while Google’s agentic shopping tools reveal how much of the purchase journey can be handled without the user having to search, compare or chase information themselves. The result is a growing expectation that these systems will assemble the context, gather the details and present the decisions in a form that requires minimal input.

This transformation has particular relevance for UK businesses. For example, teams that once spent time on procurement checks, research tasks or repetitive customer queries may find that agentic systems remove much of the manual effort, freeing staff to focus on higher value work. The same applies to smaller organisations that struggle with capacity peaks during busy seasons. Automated comparison, stock checking and structured prompting could help these companies stay responsive even with limited resources, although they will need to weigh this against concerns about visibility and reliance on third party platforms.

There is also a wider shift for retailers, service providers and other stakeholders who will now find themselves interacting not only with customers but with AI agents acting on their behalf. Features such as automated shop calls or price triggered purchases may change how demand appears, how stock is managed and how customer expectations evolve. This presents opportunities to reach customers more consistently, though it also places new pressure on businesses to ensure their information remains accurate across the systems that feed these AI tools.

It’s likely, therefore, that the next stage of adoption is really going to depend on trust. For example, users will need confidence that the suggestions offered are balanced, that privacy safeguards work as intended and that automated actions remain transparent. Businesses will want reassurance that they are not disadvantaged if they choose not to integrate with large ecosystems. What is clear from both launches is that AI is moving steadily from a tool that responds to instructions to one that anticipates what users want and prepares the steps in advance. How people and organisations respond to this will determine how quickly these ideas actually become part of everyday life or not.

Global investment now favours data centres over new oil supplies, reflecting the scale of electricity demand created by AI and the increasing importance of digital infrastructure to national economies.

Data Spending Overtakes Oil For The First Time

The International Energy Agency has reported that global spending on data centres will reach around 580 billion US dollars this year, overtaking the 540 billion dollars allocated to new oil supply projects. The agency described this comparison as a clear marker of how modern economies have become anchored in digital services, cloud computing and large-scale AI models, all of which require vast physical infrastructure and reliable electricity.

Usage To Triple By 2035

Electricity use from data centres is projected to approximately triple by 2035. AI systems are a major driver, and the IEA expects half of all demand growth to take place in the United States, with Europe and China accounting for most of the remainder. Many new facilities are located near existing clusters around large cities, with around half of the sites currently in development designed to deliver at least 200 megawatts.

The concentration of this growth is, therefore, already testing the limits of energy systems. Grid connection queues for new facilities continue to lengthen, and in several regions networks are so congested that new requests have been paused. Shortages of transformers, cables and other grid components are adding to delays. These issues highlight how the rise of AI is now tightly linked to national energy planning, rather than being a purely digital challenge.

Electricity Systems Under Growing Pressure

The IEA describes the global system as entering an “Age of Electricity”, with most new energy demand coming through power grids rather than fossil fuels. Investment in electricity generation has increased significantly since 2015, yet grid investment has not kept pace. New solar and wind capacity is being deployed at record levels, but the lines and substations needed to carry this electricity to major users are often slowed by planning processes and supply chain constraints.

Cooling demand is creating additional pressure. For example, rising temperatures and rising incomes in many regions are driving higher peak electricity loads from air conditioning. These peaks often coincide with the load patterns of data centres, electric vehicles and electrified heating. As a result, grids are increasingly stretched while they await new capacity and greater flexibility from storage technologies.

In several established markets, energy regulators have warned that large electricity users may need to be subject to stricter technical rules or new pricing structures to ensure network stability. Data centres are therefore becoming part of broader energy security discussions, particularly in regions where supply margins are tightening.

Power Shortages Slow Construction Across EMEA

It’s also the case now that power constraints are directly affecting the pace of new construction across Europe, the Middle East and Africa. For example, new research from Savills shows that only around 850 megawatts of new power capacity for data centres has been delivered across the region so far this year, representing an eleven per cent decline compared with the same period last year. New take-up has also slowed to approximately 845 megawatts, roughly half of 2024’s level.

This slowdown is not driven by falling demand. In fact, total contracted power capacity has risen to almost 14,500 megawatts, up by twelve per cent year-on-year. Also, occupancy rates have increased to ninety-one per cent, and around a quarter of new take-up is now pre-let. These figures illustrate that operators are securing power well ahead of time because there is no guarantee that future capacity will be available when needed.

Property advisory firm Savills found that established hubs continued to expand over the past year, including France, Germany, the UK and Ireland. Strong growth was also recorded in emerging markets such as Portugal, Saudi Arabia, Spain, the UAE and Sweden, where land and power availability are more accessible. This trend suggests that some operators are shifting attention to secondary and tertiary locations that offer fewer bottlenecks and more flexible permitting.

The Effects of Cost Inflation

It seems that cost inflation remains a significant factor. For example, across EMEA, data centre build costs now range between roughly 7.3 million and 13.3 million US dollars per megawatt of IT load. It seems that some cities have even experienced double-digit annual increases in land prices, labour and equipment. The result is that these rising costs are lengthening project timelines and prompting developers to form closer relationships with suppliers to secure key components earlier.

Also, electricity consumption forecasts continue to add urgency. For example, one well-known industry analysis last year suggested that up to forty per cent of data centres could face power availability constraints by 2027, and that total electricity consumption for AI-optimised servers could reach around 500 terawatt hours. This would represent more than two and a half times the level recorded in 2023.

Superconductors Move Into Data Centre Design

While grid upgrades are essential, many of the most immediate challenges are emerging inside existing data centre campuses. For example, as AI systems become more computationally intensive, rack-level power has risen from tens of kilowatts to around 200 kilowatts in just a few years. Some operators are now planning for 600 kilowatts per rack, and there is growing discussion of multi-megawatt rack architectures.

A US-based engineering company, backed by several major technology investors including Microsoft, has now adapted high temperature superconducting cables for use within data centres. The firm’s first commercial system is designed to deliver three megawatts of low voltage power through superconducting cables cooled with liquid nitrogen to approximately minus 196 degrees Celsius. This cooling allows the material to carry electricity with zero loss, which in turn supports far higher power density.

The company reports that its cables require around twenty times less physical space than equivalent copper cables and can deliver power roughly five times farther within a campus. A demonstration installation has already been completed at a simulated facility, and pilot deployments at live data centres are expected next year ahead of a planned commercial launch in 2027. These technologies do not replace the need for additional grid capacity, but they allow operators to make better use of limited on-site power and cooling infrastructure.

Data Centres And AI Companies

For data centre operators, the expansion in investment highlights both opportunity and risk. For example, facilities with dependable power connections, competitive energy prices and space for expansion can attract long-term demand from cloud providers and AI companies. At the same time, rising construction costs, lengthy permitting and potential regulatory intervention make project planning more complex. There is increasing attention on how much electricity AI infrastructure consumes, which may influence approval processes in some regions.

It seems that AI companies now face equally important considerations. Access to high-density, well-powered infrastructure directly shapes the pace at which new models can be trained and deployed. Delays in securing suitable hosting capacity can slow research progress or increase operational costs. There is also growing pressure for AI to run on renewable energy, which means the location of data centres and the structure of power contracts matter more than ever.

Governments, Economies And Businesses

Governments now have to balance national competitiveness with energy security and climate commitments. Data centres underpin cloud services, logistics, digital payments and AI-driven innovation, yet they also place significant demands on power networks. This means that policymakers must decide where new facilities can be built, how grid upgrades should be prioritised and how to maintain public support when large projects are proposed near urban areas.

Economically, the sector supports construction, engineering, manufacturing and digital roles. The long-term nature of data centre contracts also encourages investment in renewable energy, battery storage and potentially small modular nuclear reactors, which several countries are exploring as a source of stable low-carbon power for high-demand sites.

For ordinary businesses using cloud and colocation services, the main effects are likely to be reliability, availability and cost. Capacity constraints may lead to higher hosting costs in busy regions, while areas with strong renewable resources and efficient planning may become more attractive for new deployments.

Investors and Infrastructure Funds Increasing

Another relevant trend here is that investors and infrastructure funds continue to increase their exposure to the sector. For example, since 2021, around eighty to ninety per cent of the value of closed data centre deals has involved private equity, infrastructure funds or real estate investors, compared with half in 2020. This reflects confidence in the long-term demand for digital infrastructure but also raises questions about concentration of ownership in assets that underpin national digital resilience.

Challenges And Criticisms

The scale of AI-related electricity use has raised many questions about environmental sustainability, especially where data centres draw power from grids still reliant on fossil fuels. Concerns have been raised about water consumption for cooling, land use in crowded urban regions and the impact of construction on local communities.

Energy regulators have also highlighted system risks linked to large power users. For example, data centres can influence grid stability if they ramp up unexpectedly or disconnect suddenly, prompting discussions about new standards or pricing structures. There are wider equity concerns too, as global statistics show that hundreds of millions of people still lack basic access to electricity while trillions of dollars flow into advanced digital infrastructure.

What Does This Mean For Your Business?

The trends here show a sector that’s expanding rapidly while running up against some clear structural limits. Investment is rising because demand is strong and immediate, yet the electricity needed for large-scale AI is difficult to deliver at the pace operators require. This creates a landscape where data centres are becoming essential to economic performance, but their growth is constrained by the slow evolution of energy infrastructure.

Operators now depend far more on securing reliable power than on adding floorspace or equipment. This means that sites with firm grid connections and competitive energy costs will be best placed to meet rising AI demand, while regions with slow planning processes or congested networks risk falling behind. AI companies face similar pressures because training and running advanced models depend on reliable access to powerful, energy-intensive processing systems. Delays caused by grid bottlenecks or supply chain issues can slow deployment and raise operating costs.

Also, governments must now balance digital competitiveness with energy security and climate targets. Data centres support cloud services, logistics, payments and AI innovation, so the ability to host them is becoming a strategic priority. Grid upgrades, renewable investment and more efficient permitting processes will be required if countries want to remain competitive. This matters directly to UK businesses, which rely on stable cloud services and cost-effective data processing. Rising pressure on electricity networks could influence the reliability and price of digital services across the economy.

It seems that investors are continuing to increase their involvement because long-term demand remains strong, although greater private ownership of strategic infrastructure raises questions about affordability and resilience. Meanwhile, environmental concerns around electricity use, water consumption and land availability remain under close scrutiny. These issues highlight the importance of ensuring that rapid AI and cloud expansion aligns with national climate goals and local community interests.

The overall picture, therefore, appears to be that of a sector that will continue to grow but will be shaped most of all by the availability, cost and cleanliness of electricity. The choices made now on grid investment and energy policy will likely define how quickly AI infrastructure can expand and how the associated benefits are shared across economies and industries.

Google has introduced a new set of AI tools that allow developers and non-technical users to build interactive map projects from simple text prompts, marking one of the biggest upgrades to Google Maps Platform in years.

AI Agents Designed To Build Projects, Not Just Maps

Google Maps has long been one of the world’s most widely used mapping services. According to Google, more than 10 million websites and apps rely on Maps Platform for location data, imagery, routes and place information. The latest update signals a major step towards turning Maps from a data source into a fully assisted creation environment, where AI agents handle much of the early design and coding work.

The new features are powered across the board by Google’s Gemini models. At their core are several tools intended to simplify how interactive map experiences are created and embedded into apps, websites and AI products. These include Builder agent, Maps Styling agent, the Code Assist Toolkit, Grounding Lite and Contextual View. Each sits at a different point of the development workflow, but all aim to reduce the time, effort and specialist knowledge usually required to work with geospatial data.

Builder Agent Brings Prototyping Down To A Prompt

Builder agent is presented as the centrepiece of the update. It is a geospatial AI agent that turns natural language instructions into functioning prototypes. For example, a user can type “create a Street View tour of a city”, “create a map visualising real-time weather in my region” or “show pet-friendly hotels in the city”, then let the agent build an interactive map with the relevant data and code.

The system works by combining Gemini with Google Maps Platform APIs for Maps, Routes, Places and Environment. It produces a ready-to-test prototype along with the full source code and a written solution guide. Users can then export the code, drop in their own API keys, test it, and refine it further in Firebase Studio or their preferred development tools.

Google is positioning Builder agent as a way to collapse weeks of early scoping into just a few minutes. It is designed to remove the need for specialist geospatial experience, thereby potentially helping product managers, designers, researchers or smaller technical teams to move quickly from idea to working demo. Google says this reduces the learning curve, supports faster experimentation and increases confidence when deciding whether to invest development time.

A New Approach To Map Styling For Brands

The second major tool announced by Google is Maps Styling agent. This tool allows users to prompt the AI to create custom map styles that match a brand’s visual identity or highlight specific features such as landmarks, roads, lakes or points of interest.

For example, instead of editing style configurations manually, a user can ask the agent to apply a particular theme, colour palette or emphasis. This means a retailer could request a branded map that highlights store locations and access routes. A tourism app could ask for a theme that emphasises heritage sites and walking trails. A transport provider could request a clean map focused on stations, lines and interchanges.

These styles can be generated in Google AI Studio and used across mobile or web applications, giving designers more control without requiring in-depth map-styling knowledge.

Grounding Lite Connects AI Assistants To Maps Data

Google is also preparing to launch Grounding Lite, a feature that lets developers link their own AI models to up-to-date information from Google Maps using the Model Context Protocol, known as MCP.

This allows an AI assistant to answer practical location-based questions such as “How far is the nearest supermarket?”, “What would my commute look like from here?” or “Where are the closest rooftop cafés?” using live map data rather than static or outdated datasets.

Google points to use cases such as real estate apps that can instantly surface commute times and nearby amenities, or travel apps that can offer personalised recommendations based on local geography. Grounding Lite is designed as a more accessible and cost-effective version of the existing Gemini grounding tools for developers who want accuracy without having to fully adopt Gemini themselves.

Contextual View Adds Interactive Maps Inside AI Responses

Another feature launching globally is Contextual View, a low-code component from the new Google Maps AI Kit. It lets developers embed interactive map elements directly into AI-generated answers.

This means that, if an AI assistant is asked for things to do in a city, it can now respond with a written list alongside a 3D visual display of each area. If a user asks about hiking routes, the assistant can show a map that highlights the trails, terrain changes and surrounding points of interest.

The aim is to give AI products a much richer, more visual response layer, using familiar Google Maps interfaces rather than custom-built ones.

Code Assist Toolkit Brings Maps Knowledge Into Developer Tools

Google has also released a Code Assist Toolkit that connects AI coding assistants to the latest Google Maps documentation using an MCP server. This means a developer can ask, inside their coding environment, how to use a particular Maps API feature or which method is required for a specific task. The AI then responds using verified documentation instead of outdated or generic information found elsewhere.

The toolkit also links into Google’s command line interface for Gemini, allowing developers to pull Maps examples, patterns and instructions directly into their workflow. Google says this reduces debugging time and encourages consistent, accurate use of Maps APIs.

Businesses And Users

For businesses, the upgrades are likely to reduce development overheads and shorten experimentation cycles. For example, a property company could use Builder agent to create a neighbourhood exploration tool that combines Street View tours, local schools and air quality layers before refining it into a full feature. Also, a retail brand could produce custom-styled maps for store finders across its digital properties without extensive engineering support.

Smaller companies may also find the barrier to entry reduced. For example, teams without specialist mapping knowledge can still prototype experiences, explore new concepts and present map-based ideas to stakeholders. Also, agencies and consultancies may be able to validate client concepts far more quickly, with clearer early examples.

Gradually Introduced

For everyday users, it seems these changes are likely to appear gradually. Google has already enabled hands-free Gemini interactions within Maps in some regions, along with additional features such as incident alerts and speed limit information. As Grounding Lite and Contextual View are adopted, users may start seeing more AI-driven maps embedded inside customer service chats, booking tools, property apps, travel guides or workplace dashboards.

For Google, the update could be said to strengthen its position as the default mapping layer for both traditional applications and AI-integrated products. As AI assistants become more important in everyday digital experiences, Google is making sure Maps is the dataset these assistants rely on. This may deepen Google’s relationship with advertisers too, since visual mapping layers open up new possibilities for location-based content, commercial listings and branded experiences.

Competitors will, no doubt, feel the pressure from this latest announcement. For example, companies such as Mapbox and HERE have already started offering AI-supported design tools, but Google’s combination of vast location data, Gemini integration and low-code components gives it a strong advantage at a time when many businesses are shifting their digital experiences into conversational interfaces.

Challenges And Concerns

As with all AI updates these days it seems, there are still a few issues to address. For example, reliability remains one of the biggest challenges for AI-generated maps and code. Even when grounded in live data, an AI model can misunderstand a prompt, misapply a parameter or generate code that seems correct but fails in practice. Teams will still need rigorous testing processes despite the convenience these tools offer.

Privacy concerns are likely to grow as well. Location-based AI responses depend on user queries and contextual details passing through AI systems, raising questions about how this information is stored, processed and combined with other datasets. The use of MCP servers that directly connect AI tools to Google’s documentation and data may also attract regulatory scrutiny in regions where competition and data protection rules are strict.

Another concern is lock-in. For example, as businesses become more reliant on Gemini-specific agents and Maps APIs, moving to a different provider could become more difficult. Google presents the new features as standardised and flexible, but the most powerful capabilities still sit inside its own platform and models.

Cost transparency will also matter to smaller developers. For example, prototypes may be quick to build, but AI grounding, Maps embedding and visual responses still consume API usage, which can add up quickly if not managed carefully.

For now, Google’s update highlights a move towards AI-assisted geospatial design, where much of the early thinking, coding and styling work can be carried out automatically, and where map-based answers become a standard part of AI conversations across industries.

What Does This Mean For Your Business?

These developments point to a future where mapping tools become more accessible, quicker to deploy and far more tightly integrated with AI products across every sector. The move from manual design work to prompt driven prototyping is already changing how teams test concepts and bring new ideas to the table. For UK businesses in particular, this could mean shorter development cycles, faster decision making and the ability to explore new digital services without relying on large specialist teams. It also lowers the barrier for smaller firms that want to experiment with location based features but have never had the resources to invest heavily in geospatial expertise.

There is a broader industry impact too. For example, Google is strengthening its position at the centre of the mapping ecosystem, which places pressure on competitors and gives advertisers new formats to work with. This creates opportunities for brands that want richer, more contextual digital experiences, but it will also invite questions about how much influence Google holds over the frameworks that developers rely on. Regulators, privacy groups and consumer advocates are likely to monitor how these tools handle data, how AI responses are grounded and how transparent the wider system becomes.

The real test now lies in how reliably these tools perform at scale and how responsibly they are used. AI driven code, even when backed by accurate map data, still needs careful oversight. Businesses will want confidence that outputs are dependable, users will want clarity about how their information is being processed and competitors will look closely at whether the integration of AI and Maps creates any unfair advantages. Google’s latest update opens new possibilities for innovation across apps, services and AI assistants, yet the next phase will depend on trust, governance and the ability of organisations to put these tools to work in a secure and transparent way.