V Costa Gazcon 🇦🇷

“U.S. intelligence has warned that foreign adversaries, including Russia and China, have instructed their intelligence agencies to target disgruntled federal employees in the United States. Sensing low morale rates among federal employees amid policy turmoil and firings, a foreign intelligence source told CNN that adversaries believe potential American assets “are at their most vulnerable right now.” https://t.co/64sIXNi76K

🦔Microsoft's internal strategy document for its new AI assistant Scout says the explicit goal of phase one is to "make people addicted." The doc, obtained by 404 Media, outlines a three-phase plan from "addictive app to agentic platform." The tool sits on your desktop, manages your calendar, triages your inbox, files expenses, and acts on your behalf. It requires access to your accounts and files. Security and compliance are things to "figure out" later. Nadella already uses it. My Take After everything this week, I think this document accidentally explains the entire AI business model. Not just Microsoft's, everyone's. The product can't sustain itself on current pricing. We know that because Copilot just proved it on Monday. The unit economics don't work at flat rate. So the play is to get people locked in before the real bill arrives. Make the tool essential to how you work, let your company cut the people who used to do those tasks, and by the time consumption pricing kicks in, walking away costs more than paying up. IBM's CEO just told us the industry needs $6 to $8 trillion in capex to chase revenue he says doesn't exist. Google diluted shareholders to fund a buildout it can't cover from cash flow. Oracle fired 30,000 people during a record quarter to redirect salaries into data centers. And Microsoft's answer to all of that is an internal doc where step one is addiction. They're not selling the product on value. They're selling dependency. Get people hooked before anyone calculates what it costs to run, and make sure they can't leave once they find out. A product that needs addiction to survive is a product that can't survive on its own. Hedgie🤗 https://t.co/eux8IbCxxm

Yeah, so pretty much this guy is releasing an exploit in solidarity with Nightmare Eclipse guy. He said he notified GitHub about the exploit 60 minutes before releasing this paper. I don't do web stuff, and I'm not a VSCode nerd, so I'm confused by the underlying technologies. If you're a stinky GitHub and VSCode nerd maybe you'll understand. tl;dr click github dev, github dev opens editor, in github dev editor have javascript, javascript does shortcuts automatically. github treats javascript shortcuts as real human input, or something. use javascript shortcut stuff to automatically install vscode extension. the vscode extension steals your data tl;dr tl;dr user clicks 1 link, 1 click steals all data from your github https://t.co/uh17usZeEH

The first cyberattack in history using prompt injection. Attackers used Meta’s chatbot as a tool to take over Instagram accounts belonging to well-known people, brands, and institutions. By manipulating Meta’s AI support system, they convinced it to perform a critical administrative operation: changing or adding an email address associated with the victim’s account. Basic mistake: using LLM as a security boundary. The attacker contacted Meta’s bot, provided the username of the account they wanted to take over, and asked it to link that account to a new email address controlled by the attacker. In practice, this meant that the person controlling the new email address could receive or provide the confirmation code, and then use the modified recovery channel to reset the password and take over the account. AI support became a path for bypassing account security. If a chatbot can change an email address or initiate account recovery without independent verification of the owner, the attacker does not need to know the password or break through traditional security controls. It is sufficient to convince the automated support operator to perform an operation that the attacker should not normally be allowed to request. https://t.co/Uy5DdWudJh

Another supply-chain compromise worm. Multiple packages in the official Red Hat redhat-cloud-services npm scope were compromised in a supply-chain attack distributing a credential-stealing worm. Affected packages added a preinstall hook that ran a script. The malware harvested npm, GitHub, AWS, Azure, GCP, Vault, Kubernetes, SSH, CI/CD, and local secrets, then attempted to propagate by abusing stolen credentials to publish additional malicious packages and modify repositories. Any environment that installed affected versions should be treated as compromised. https://t.co/gGXcaHySOV https://t.co/4D4qa7M1uc

🇦🇷 Argentina has officially entered the list of the top 10 worst countries in the world for workers, according to the new ITUC Global Rights Index. 📉 The Drop: Plunged from Category 3 to Category 5 (the lowest tier) in just two years. ⚠️ The Reason: Rapid erosion of union protections and new strict anti-protest measures. 🌎 The Context: Argentina now shares the bottom tier with nations like Belarus, Myanmar, and Ecuador.