Mike Kearn

On May 26, 2026, at 14:00 UTC, the CrowdStrike Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, a global threat targeting software developers through the open-source supply chain. In collaboration with Google and the Shadowserver Foundation, we struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing the operators from their infected machines and their ability to deliver new malicious payloads. This takedown matters beyond the botnet. Glassworm marked a significant shift in the threat landscape that should serve as a wake-up call for every organization that ships or consumes software. Adversaries are no longer just targeting products, they're targeting the developers who build them. https://t.co/rl9EVrA371

Spoke with a former colleague of mine who is currently at a hedge fund and involved in new analyst recruiting for his firm He has been interviewing candidates from banking and private equity backgrounds for the past month or so Apparently there has been a massive surge in kids who simply cannot figure out what the business model or revenue recognition of a business is with just the 10K in front of them One of them completely botched the case study, and when asked, simply answered that he uses ChatGPT and Claude at his current job to figure out the details Clearly an early sign of cognitive decline in analyst capacity coming because of AI

TeamPCP is back. The xinference PyPI package (680K downloads, 9.3K stars) was hijacked. Import it and your cloud credentials, SSH keys, and .env secrets are instantly harvested and exfiltrated. Versions 2.6.0–2.6.2 are malicious. If you installed them, assume compromise and rotate everything now. Full technical breakdown 👇

For the enterprises using Claude, if you are using it for heavy enterprise type stuff - be extremely careful. It's introducing massive bugs, security issues, and code quality is way worse than Opus 4.5, substantially worse on both 4.6 and 4.7. Our entire development team is shifting off of it. It's unusable at the moment aside from beautiful UI stuff, it's code quality is not something you can trust. Still no word from Claude on why they mangled their models and didn't tell anyone - which is particularly alarming on every front. I would recommend switching teams over to something like Cursor, Perplexity, or AWS Bedrock - as the frontier models continue to innovate (or regress) - having the ability for flexible model selection that doesn't disrupt development workflow will be insanely important for enterprise.