Danijel Grah

Two economists just published a mathematical proof that AI will destroy the economy. Not might. Not could. Will — if nothing changes. The paper is called "The AI Layoff Trap." Published March 2, 2026. Wharton School, University of Pennsylvania. Boston University. Peer reviewed. Mathematically modeled. The conclusion is one sentence. "At the limit, firms automate their way to boundless productivity and zero demand." An economy that produces everything. And sells it to nobody. Here is how you get there. A company fires 500 workers and replaces them with AI. A competitor fires 700 to keep up. Another fires 1,000. Every company is behaving rationally. Every company is following the incentives correctly. And every company is building a trap for itself. Because the workers who were fired were also customers. When they lose their jobs faster than the economy can absorb them, they stop spending. Consumer demand falls. Companies respond by cutting costs — which means automating more workers — which means less spending — which means more falling demand — which means more automation. The loop has no natural exit. The researchers tested every proposed solution. Universal basic income. Capital income taxes. Worker equity participation. Upskilling programs. Corporate coordination agreements. Every single one failed in the model. The only intervention that worked: a Pigouvian automation tax — a per-task levy charged every time a company replaces a human with AI, forcing them to price in the demand they are destroying before they pull the trigger. No government has implemented this. No major economy is seriously discussing it. Meanwhile the numbers are already tracking the curve. 100,000 tech workers laid off in 2025. 92,000 more in the first months of 2026. Jack Dorsey fired half of Block's workforce and said publicly: "Within the next year, the majority of companies will reach the same conclusion." Nobody is doing anything wrong. Companies are following their incentives perfectly. That is exactly the problem. Rational behavior. At scale. Simultaneously. With no mechanism to stop it. Two economists built the math. The math leads to one place. Source: Falk & Tsoukalas · Wharton School + Boston University · https://t.co/4m8E9jQNYm

Attackers don’t need stolen certificates. They only need 8 bytes. By flipping 4 bytes in the PE checksum and 4 in the certificate padding, they generate 2⁶⁴ unique driver hashes while keeping Microsoft’s digital signature valid. Why it matters: - Those 8 bytes sit outside the region Windows verifies. - Every variant looks “signed and trusted.” - Hash-based blocking becomes useless overnight. That’s how TrueSightKiller evolved into 2,500+ signed variants. All trusted by Windows, all capable of killing EDRs in seconds. Check out: https://t.co/8ldbtHVJBa

🚨Data Breach Alert ‼️ IntelBroker, in collaboration with EnergyWeaponUser and zjj, claims to be selling data from a recent Cisco breach. The compromised data reportedly includes GitHub and GitLab projects, SonarQube projects, source code, hardcoded credentials, certificates, customer SRCs, confidential Cisco documents, Jira tickets, API tokens, AWS private buckets, Cisco technology SRCs, Docker builds, Azure storage buckets, private and public keys, SSL certificates, and Cisco premium products. Several high-profile companies, including Verizon, AT&T, Bank of America, Barclays, British Telecom, Microsoft, Vodafone, and Chevron, are allegedly impacted. Samples have been provided.

With all the linux RCE drama, it's a good time to bring up a neat scoring system that you (may) not have heard of. EPSS is the cool younger brother of CVSS. Patching just 3.5% of all known vulnerabilities covers 67.8% of what is exploited in the wild. Assuming you don't have infinite resources, it theoretically lets you focus on the CVEs that are more actionable.