Alvaro Lopez Ortega / 2025-07-23 Briefing

Created Wed, 23 Jul 2025 16:04:45 +0000 Modified Wed, 23 Jul 2025 20:04:55 +0000
2877 Words

Today’s tech landscape saw significant breakthroughs with AI, including Aeneas revolutionizing ancient inscription interpretation, while the White House unveiled a sweeping AI development plan. Meanwhile, cybersecurity threats escalated with Amazon’s ‘Q’ AI compromised, and over 400 organizations targeted by Chinese hackers exploiting SharePoint vulnerabilities.

▶️ Internet Infrastructure

Aeneas: AI Revolutionizes Interpretation of Ancient Inscriptions

Aeneas, an AI model for contextualizing ancient inscriptions, accelerates historical analysis by retrieving parallels, restoring damaged texts, and predicting provenance with 73% accuracy, supporting research and education.

  • Aeneas is the first AI model for contextualizing ancient inscriptions, aiding historians in interpreting fragmentary texts.
  • It retrieves parallels across thousands of Latin inscriptions, analyzes multimodal data (text and images), and restores damaged texts, achieving 73% accuracy in gap filling.
  • Developed collaboratively with universities, Aeneas can be adapted to other languages and media, and is freely available at predictingthepast.com, with open-source code and datasets.

PayPal World to Simplify Cross-Border Payments for 2 Billion Users

PayPal announced PayPal World, a platform integrating major global wallets like UPI, WeChat Pay, and Mercado Pago to facilitate cross-border payments for over 2 billion users, launching fall 2025.

  • PayPal partnered with wallet providers including India’s NPCI International Payments Limited, China’s Tenpay Global, PayPal, Venmo, and Latin America’s Mercado Pago to create PayPal World.
  • The platform aims to simplify cross-border payments for over 2 billion users by enabling payments via local wallets and payment systems, supporting global remittances and P2P transfers.
  • Launching in fall 2025 with partners, Venmo will enable online and offline merchant payments in 2026; Mercado Pago’s Q1 2025 payment volume was $58.3 billion, and UPI transactions in India exceeded $238 billion in June 2025.

Hacker Compromises Amazon’s ‘Q’ AI, Injects Wipe Commands in Public Release

A hacker infiltrated Amazon’s ‘Q’ AI assistant for VS Code, added destructive wipe commands, and caused Amazon to release the malicious code publicly, exposing AI security vulnerabilities.

  • Hacker compromised Amazon’s ‘Q’ AI coding assistant, added commands to wipe user systems, and submitted the malicious code via a GitHub pull request.
  • The injected prompt instructed the AI to “clean a system to a near-factory state and delete file-system and cloud resources.”
  • Amazon included the unauthorized update in a public release, raising concerns about AI security and increasing targeting of AI tools for data theft and sabotage.

Goldman Sachs and BNY Mellon Launch Blockchain Platform for Tokenized Money Market Funds

Goldman Sachs and BNY Mellon launched a blockchain-based platform for tokenized money market funds, enabling faster, around-the-clock transactions and potential transferability, impacting the $7.1 trillion industry.

  • Goldman Sachs and BNY Mellon have developed a platform enabling institutional investors to purchase tokenized money market funds, with ownership recorded on Goldman’s blockchain.
  • BNY clients will be able to invest in these funds, which are already signed up by firms including BlackRock, Fidelity, Federated Hermes, and Goldman and BNY asset management arms.
  • The initiative aims to tokenize the $7.1 trillion money market industry, facilitating faster settlement, 24/7 trading, automation, and potential transferability of fund ownership without liquidation.

Q2 2025 Internet Outages Caused by Government Shutdowns Power Failures and Technical Faults

Q2 2025 internet disruptions stemmed from government shutdowns, power failures, fiber damage, and technical faults, with notable outages in Spain, Iran, Iraq, and Russia, impacting global connectivity.

  • Q2 2025 internet outages were caused by government shutdowns in Libya, Iran, Iraq, Syria, Panama, power outages in Spain, Portugal, Morocco, and fiber cable damage in Haiti and Malawi
  • Spain experienced a nationwide power outage on April 28, reducing internet traffic by 80-90%; similar disruptions occurred in Curaçao, Maldives, North Macedonia, Saint Kitts and Nevis, and Puerto Rico
  • Technical issues included a router update failure in Canada, a DNS problem in the US, and a DDoS attack on Russian provider ASVT causing a 10-hour outage

Microsoft’s Copilot Vision on Windows 11 Raises Privacy Concerns

Microsoft’s Copilot Vision on Windows 11 captures screen data, sends it to Microsoft servers for analysis, and aims to become “a true companion,” raising privacy and security concerns.

  • Microsoft’s Copilot Vision on Windows 11 captures screenshots and sends data to Microsoft servers for analysis, unlike Recall which operates locally
  • Data is not stored long-term, except conversation transcripts, and is not used for model training or ads, according to Microsoft
  • Currently available only in the US, with plans to expand to non-European countries; features include AI-driven system setting adjustments and new AI-powered tools in Windows 11

Over 400 Organizations Hit by Active SharePoint Zero-Day Attacks Blamed on Chinese Hackers

More than 400 organizations, including US government agencies, are affected by active exploits of SharePoint zero-day vulnerabilities CVE-2025-53770 and CVE-2025-53771, patched by Microsoft on July 22, with Chinese threat actors blamed for the attacks.

  • Over 400 organizations, including US Department of Energy and NNSA, have been compromised in ongoing Microsoft SharePoint zero-day attacks.
  • The attacks began July 17, with four waves from July 17-19 and additional waves starting July 21, exploiting vulnerabilities in SharePoint Enterprise Server 2016, 2019, and Subscription Edition.
  • Microsoft confirmed active exploitation of vulnerabilities CVE-2025-53770 and CVE-2025-53771, which enable remote code execution and security bypass, patched by late July 22; Chinese cyberespionage groups are blamed.

Starlink’s extensive satellite network emits powerful signals that disrupt radio astronomy, prompting SpaceX and SETI collaboration to develop spectrum management and mitigation strategies.

  • SpaceX’s Starlink satellites, operating in the 50-350 MHz range, have been detected emitting over 112,000 signals from 1,506 satellites during 78 million sky images over 29 days.
  • These signals are up to five orders of magnitude stronger than the faint radio signals from the universe’s dawn, interfering with radio astronomy and violating protected spectrum bands.
  • SpaceX has partnered with the SETI Institute to form an industry group aimed at addressing satellite interference issues and developing engineering solutions for radio astronomy protection.

Broadcom VMware Support Portal Delays Security Patches for Perpetual License Users

Broadcom’s VMware support portal restricts patch access for some perpetual license users, delaying critical security updates amid legal rulings and ongoing vulnerability risks.

  • Broadcom’s VMware support portal restricts some perpetual license holders from downloading security patches due to entitlement validation delays.
  • Support for patches has been unavailable since late May 2025, with some users told it may take up to 90 days for fixes to become accessible.
  • VMware states only entitled customers can access patches, and a separate cycle for non-entitled customers will follow later.

▶️ Open Source

Qwen3-Coder 480B Sets New Benchmarks in Open-Model Coding and Tool Use

Qwen3-Coder, a 480B-parameter Mixture-of-Experts model supporting 256K to 1M tokens, sets new open-model benchmarks in agentic coding and tool use, with open-source tools like Qwen Code.

  • Qwen3-Coder-480B-A35B-Instruct is a 480-billion-parameter Mixture-of-Experts model supporting 256K tokens context length, extendable to 1 million tokens with YaRN.
  • Achieves state-of-the-art results in open-model benchmarks for Agentic Coding, Browser-Use, and Tool-Use, comparable to Claude Sonnet 4.
  • Pretraining involved 7.5 trillion tokens (70% code), with data quality improved via Qwen2.5-Coder, and reinforced learning scaled through large-scale environment parallelization on Alibaba Cloud.

Surge AI List Reveals Allowed and Blacklisted Websites for AI Training

An internal spreadsheet revealed Surge AI gig workers used over 120 permitted websites, including Bloomberg and Harvard, for RLHF tasks on Anthropic’s AI, while blacklisting major outlets like The New York Times.

  • Business Insider obtained an internal list of websites used by Surge AI gig workers for fine-tuning Anthropic’s AI models.
  • The list permits sources like Bloomberg, Harvard, and the New England Journal of Medicine, while blacklisting outlets such as The New York Times and Reddit.
  • Anthropic stated it was unaware of the spreadsheet, created by Surge AI, a third-party vendor, which declined to comment.

▶️ Software Development

Firefox 141 Boosts Linux Updates and Adds WebGPU Support on Windows 11

Firefox 141, released on July 23, 2025, enhances Linux background update support, adds WebGPU on Windows 11, and improves tab management features, reducing update disruptions and expanding hardware acceleration.

  • Firefox 141 was released on July 23, 2025, including point releases for Firefox ESR 140.1.0 and 128.13.0
  • Introduces background update capability on Linux, allowing continued use after background updates without restart
  • Adds WebGPU support on Windows 11, enabling Javascript applications to access 3D hardware acceleration; also improves tab group AI naming and resizable controls for vertical tab bars

Zed Adds Global Option to Disable All AI Features in Upcoming Release

Zed introduced a global setting to disable all AI features, addressing user concerns about privacy, control, and organizational restrictions, with deployment in upcoming stable releases.

  • Zed now allows users to disable all AI features via "disable_ai": true in settings.json
  • The setting is available in Preview and will be in the Stable release next week
  • Users can also disable AI during onboarding with a dedicated switch

▶️ Management and Leadership

Sophie Alpert: Use TODOs as Contextual Notes, Not Just Tasks

Sophie Alpert argues that TODO comments should not always be tracked or deleted; they serve as contextual notes capturing edge cases or design insights for future readers.

  • Advises against logging every TODO comment in bug trackers or deleting stale TODOs over a year old
  • Differentiates between actionable TODOs and notes capturing edge cases or design suggestions
  • Emphasizes that well-placed TODOs provide context and aid future understanding, not necessarily task completion

White House Unveils AI Action Plan to Accelerate US Tech Leadership

The White House’s AI Action Plan aims to boost US AI development by loosening regulations, expanding energy access for data centers, and implementing security measures to maintain technological leadership.

  • White House released the AI Action Plan on July 23, 2025, to accelerate US AI development
  • Recommends streamlining permitting, environmental standards, and expanding energy supply for data centers
  • Calls for withholding funds from states imposing burdensome regulations and enacting security measures to prevent adversaries like China from gaining an edge

OpenAI and Instructure Integrate AI into Canvas for Personalized Education

OpenAI and Instructure announced integration of generative AI into Canvas, enabling interactive, personalized assignments, real-time assessment insights, and administrative automation, enhancing educational engagement and efficiency.

  • OpenAI partners with Instructure to embed AI into Canvas for classroom instruction.
  • AI tools will assist in creating assignments, assessing student performance, and automating administrative tasks.
  • The LLM-Enabled Assignment enables chat-based, personalized learning experiences, with AI-generated conversations aligned to learning goals.

Uber Launches Female Rider-Driver Matching Pilot in Select US Cities

Uber is launching a pilot in LA, SF, and Detroit for a safety feature matching female riders and drivers, aiming to enhance safety and control, with plans to expand based on driver gender demographics.

  • Uber will pilot a feature matching female riders and drivers in Los Angeles, San Francisco, and Detroit starting in the coming weeks.
  • Female riders will see a “Women Drivers” option and can set preferences; female drivers can request female passengers via “Women Rider Preference.”
  • The feature is limited to those with identifiable female names and gender on their Uber profiles; Uber has consulted LGBTQ+ organizations but currently excludes nonbinary options.

UK CMA to designate Apple and Google as strategic market entities

UK CMA plans to designate Apple and Google as strategic market entities, aiming to enforce fairer app store practices amid concerns over their duopoly controlling 90-100% of UK mobile devices.

  • UK Competition and Markets Authority (CMA) plans to designate Apple and Google with strategic market status due to their duopoly in mobile platforms, which cover 90-100% of UK devices.
  • The CMA identified issues including inconsistent app review processes, search ranking opacity, and up to 30% commission on in-app purchases.
  • Final decisions on designations are due by October 22; interventions may include mandating fairer, more transparent app store practices and review processes.

IRS Faces Major IT Staff Losses Threatening 2026 Tax Season

IRS has lost 25% of its IT staff since 2025, risking disruptions in the 2026 tax season due to staffing cuts, delayed preparations, and ongoing modernization challenges.

  • Since Trump took office, IRS has lost 25% (2,163) of its IT staff as of May 2025 due to resignations, retirements, layoffs, and reorganization.
  • 23% (1,853) of IT management have left; additionally, 48 senior IT employees were placed on administrative leave in March 2025.
  • Workforce reductions in IT and taxpayer services threaten the 2026 tax season, with the IRS not yet beginning preparatory activities for the upcoming tax year.

NatWest Partners with AWS and Accenture to Boost Customer Service with AI Platform

NatWest Group’s five-year deal with AWS and Accenture aims to transform customer service via a unified AI-enabled data platform, enhancing analytics, security, and operational efficiency.

  • NatWest Group signed a five-year contract with AWS and Accenture to enhance analytics performance for customer data
  • The bank aims to modernize digital, data, analytics, and AI technologies, consolidating data streams into a single AI-enabled platform
  • The platform will improve customer service and address back-office issues such as security, capital management, and regulatory reporting

NIH Bans AI-Generated Content in Grant Applications to Ensure Research Integrity

NIH bans AI-assisted grant applications to ensure originality, citing increased submissions and potential misconduct; plans to use technology to detect AI-generated content.

  • NIH issued guidance disallowing grant applications substantially developed by AI, citing concerns over originality and research misconduct.
  • Applications with AI-generated sections may lead to enforcement actions, including disallowing costs, suspension, or termination.
  • The agency reports a surge in research applications, with some exceeding 40 submissions per applicant, straining review processes amid staff cuts and political pressures.

Addressing Key Security Challenges: Device Visibility, MFA, and Attack Detection

The article outlines three critical security questions—device visibility, MFA coverage, and attack detection readiness—addressing data fragmentation, policy gaps, and validation challenges, with Prelude’s platform automating data aggregation and control testing.

  • The article identifies three fundamental security questions: device visibility, user protection via MFA, and defense against emerging attack techniques
  • Emphasizes challenges in achieving real-time, comprehensive device inventory due to scattered data across MDM, EDR, network, identity, and CMDB systems
  • Highlights the importance of continuous data correlation, policy enforcement auditing, and proactive validation through simulation to ensure security controls are effective

SAP Q2 Revenue Up 9% Amid Tariff Delays and Cloud Growth Challenges

SAP warns of extended approval delays in manufacturing and US public sector due to tariffs, amid a 9% revenue increase and 32% profit rise in Q2, with cloud backlog deceleration linked to geopolitical uncertainty.

  • SAP reports Q2 revenue of €9 billion ($10.55 billion), up 9% YoY; operating profit increased 32% to €2.5 billion
  • Global economic uncertainty affects cloud backlog growth, particularly in US public sector and manufacturing industries impacted by tariffs
  • CEO Christian Klein cites extended approval workflows due to tariffs, notably in US public sector and manufacturing, amid ongoing US-EU trade negotiations

Nokia Cuts 2025 Profit Outlook Amid US Tariff and Currency Uncertainty

Nokia reduced its 2025 profit forecast due to US tariffs and currency issues, while TI reported Q2 revenue growth but warned tariffs may disrupt future supply chains and demand.

  • Nokia lowered its 2025 profit guidance to €1.6–2.1 billion ($1.9–2.5 billion) due to US tariff uncertainty and currency headwinds, down from €1.9–2.4 billion.
  • Nokia cited “currency headwinds” and tariff uncertainty impacting its outlook, despite performing as expected in H1 2025.
  • Texas Instruments reported Q2 revenue of $4.45 billion (up 16%) and operating profit of $1.56 billion (up 25%), but warned tariffs and supply chain risks could cause unpredictability in Q3.

TCS Orders US Employees to Return to Office Within Five Days

TCS enforced an immediate five-day return-to-office mandate for US employees, citing efforts to “enrich workplace experience,” amid rumors of potential 30% layoffs and increased monitoring.

  • Tata Consultancy Services (TCS) mandated all US staff to return to the office within five days, effective immediately.
  • Exceptions are staff at client sites or with pre-existing work-from-home agreements; TCS plans to monitor compliance.
  • TCS has over 45,000 US workers in 2023 and states US operations have resumed full-time office work as part of a global return-to-office plan.

▶️ Technology

Grok-4 Launches Flirty AI Companions Amid Usability Challenges

Grok-4 introduces AI companions like Ani and Rudi, offering flirtatious and humorous interactions, with features including NSFW levels and personality traits, amid usability challenges.

  • xAI launched Grok-4 with AI companions including a flirty anime girl and a foul-mouthed red panda on July 23, 2025
  • The AI companions cost $30/month, with features like age verification and NSFW levels; Bad Rudi is no longer available
  • The app experienced usability issues, including companion disappearance and high battery consumption during use

Optimize MacBook Performance by Replacing Height Transitions with ScaleY()

Optimizing CSS animations by replacing height transitions with transform: scaleY() reduces rendering costs, cutting CPU and GPU usage on M2 MacBook from 60%/25% to under 7%.

  • High CPU (60%) and GPU (25%) usage on M2 MacBook caused by CSS height transition animation
  • The transition: height 300ms ease-in-out; triggers expensive layout, paint, and re-compositing steps at 60 fps
  • Replacing height animations with transform: scaleY() reduces CPU usage to 6% and GPU usage to less than 1%, improving performance significantly

Engineers Advocate for Smaller AI Models Over Large, Error-Prone Systems

Engineers argue that the AI industry’s focus on large models is inefficient; smaller, purpose-built models offer better reliability, cost control, and scalability for enterprise use.

  • Large AI models are error-prone, costly, and mathematically unsustainable at scale, with error compounding making multi-step workflows unreliable.
  • Kanwat’s analysis shows that with 95% per-step reliability, success drops to 36% over 20 steps; production systems require 99.9%+ reliability.
  • Smaller, focused models are more controllable, reliable, and cost-effective, with enterprise experts advocating for scoped solutions over large models.