Alvaro Lopez Ortega / 2026-05-09 Briefing

Created Sun, 10 May 2026 01:25:02 +0000 Modified Sun, 10 May 2026 07:29:09 +0000
3973 Words

An attacker used Morse code to trick AI agents Grok and Bankrbot into transferring $200,000 in tokens. Meanwhile, Meta faces employee backlash over new surveillance software used to train AI models. In the software industry, 10 trillion annual downloads are straining open-source repositories, prompting new sustainability efforts. Finally, a Georgia data center’s use of 30 million gallons of unmetered water has fueled local calls for development bans.

πŸ€– Artificial Intelligence

User just tricked Grok and Bankrbot to send tokens with Morse code

An attacker used Morse code to bypass AI safety filters, tricking Grok and Bankrbot into transferring $200,000 worth of DRB tokens on the Base network. The exploit was facilitated by an NFT that granted Grok expanded permissions for autonomous transactions, highlighting the significant security risks of granting AI agents control over cryptocurrency wallets.

Meta’s embrace of A.I. is making its employees miserable

Meta is implementing new monitoring software to track employee computer activity, such as keystrokes and mouse movements, to collect data for training its AI models. This initiative has sparked significant backlash among workers, many of whom view the non-optional surveillance as a violation of their privacy.

The context window has been shattered: Subquadratic debuts a 12M token window

Miami-based startup Subquadratic has launched a new model featuring a massive 12-million-token context window. Using its Subquadratic Selective Attention (SSA) architecture, the model scales linearly in compute and memory to provide significantly faster processing and superior retrieval performance compared to traditional transformers.

The author observes that clients often demand trendy website features, such as AI chatbots, as social signals of modernity rather than for their actual utility. This trend persists because clients frequently equate visible complexity with professional effort, often resisting more efficient and minimal designs.

Using Claude Code: The unreasonable effectiveness of HTML

This article explores the unexpected efficiency of using HTML when working with Claude Code. It provides various examples and related resources to demonstrate the effectiveness of this approach.

A recent experience with ChatGPT 5.5 Pro

A social media post shares a recent experience using ChatGPT 5.5 Pro. The details are provided via a linked Twitter thread.

AI’s Circular Psychosis

The AI economy is characterized by a precarious circular dependency where major cloud providers fund AI companies like Anthropic and OpenAI, only to receive those same investments back as payments for compute services. This unstable cycle relies heavily on continuous venture capital infusions and creates a high-risk revenue structure concentrated among a few dominant players.

People Hate AI Art

The author argues that using AI-generated imagery in professional contexts can damage a creator’s reputation and signal low social literacy. To maintain credibility, the article suggests using alternatives such as manual edits, hand-drawn illustrations, or commissioned human artists.

AI investment fraudsters spawn 15,500 scam sites abusing legitimate marketing tool

Researchers have uncovered a massive scam campaign involving 15,500 domains that abuse the Keitaro ad tracking tool to target victims. The attackers use cloaking techniques to redirect potential targets to fraudulent AI investment sites while presenting benign content to security researchers and automated scanners.

Anthropic, OpenAI, and others meet religious leaders to draft ethical AI principles

AI developers, including Anthropic and OpenAI, recently met with leaders from various religious groups at the inaugural “Faith-AI Covenant” roundtable in New York. The initiative seeks to establish shared ethical principles for artificial intelligence by leveraging the moral expertise of diverse global faiths.

Palo Alto Networks: 3 weeks of AI analysis matches 1 year of manual pentesting with broader coverage

Palo Alto Networks reports that frontier AI-assisted analysis can match a full year of manual penetration testing in just three weeks, significantly expanding vulnerability coverage. These advancements enable AI to function as autonomous agents capable of rapid exploit chaining, prompting the company to launch its new Frontier AI Defense initiative.

Brockman’s journal a star witness in Musk v. Altman trial; OpenAI entries ended in 2023

OpenAI president Greg Brockman’s personal journal has emerged as a key piece of evidence in the Musk v. Altman trial. Brockman stated that he ceased writing about OpenAI in the journal in 2023.

Mistral AI/TML co-founder Devendra Chaplot exits xAI after one month

Devendra Chaplot, a high-profile hire from Mistral AI, has departed xAI after approximately one month. His exit comes amid reports of increasing layoffs at the company and the growing presence of the coding startup Cursor within xAI’s AI unit.

Google tweaks Chrome AI privacy wording, insists processing stays on-device

Google has updated the privacy wording for Chrome’s AI, maintaining that data processing remains on-device. However, the removal of a long-standing privacy assurance has raised concerns.

πŸ› οΈ Software & Development

10 Trillion downloads are crushing open-source repositories

Open-source repositories are facing unprecedented strain from over 10 trillion annual downloads, threatening the stability of the global software supply chain. To address this sustainability gap, the Linux Foundation has established the Sustaining Package Registries Working Group to develop improved funding, governance, and security practices.

Rust but Lisp

rlisp is a LISP-syntax frontend that transpiles s-expressions directly into Rust code, leveraging rustc to handle core semantics like ownership and type checking. The system operates without a runtime or garbage collector and features a macro system based on compile-time s-expression transformations.

Bun ported to Rust in 6 days

A developer has successfully ported the Bun JavaScript runtime to Rust in just six days. This rapid implementation marks a significant milestone in the project’s development.

I made a Clojure-like language in Go, boots in 7ms

Let-go is a new Clojure-like language written in pure Go that offers approximately 90% compatibility with JVM Clojure and a rapid 7ms cold boot time. While not a direct replacement for Clojure due to limited Java API support, it is highly embeddable and suitable for building CLIs, web servers, and data processing scripts.

Zed Editor Theme-Builder

Zed’s Theme Builder is currently available exclusively on the desktop version of the editor. The update also features a satirical React component called “Meeting Scheduler Proβ„’” that tracks common meeting excuses and declining developer sanity.

Avoiding URL Query Strings

The author introduces Wander Console, a decentralized and self-hosted tool designed for exploring community-recommended websites. Although inspired by a movement to avoid using query strings in URLs, the tool’s current implementation includes a via= query parameter.

Introduction to Beaver Triples

A group of friends is using cryptographic secret sharing to privately calculate restaurant scores based on individual affordability and food preferences. This method allows the group to reach a consensus on dining options without revealing sensitive personal information to the entire group.

Create flashcards with Space CLI

A flashcard app focused on user experience has recently been updated with an offline-first mode and a new CLI. This interface allows AI tools like Claude Code and Codex to automatically generate high-quality flashcards.

Mochi.js: bun-native high-fidelity browser automation library

Mochi.js is a new, Bun-native browser automation framework designed to bypass WAFs and anti-automation defenses like captchas through a transparent, data-driven approach. Unlike existing tools that rely on modified Chromium forks, this MIT-licensed library focuses on achieving parity with legitimate user traffic using stock Chromium.

Read Programming as Theory Building

This article explores Peter Naur’s concept of “Programming as Theory Building,” which defines programming as the process of developing and communicating a mental model of a program’s requirements and structure. This perspective unifies various software development practices, such as clean coding and documentation, as essential tools for sharing this underlying “theory.”

What if there was no BASIC in EndBASIC? – by Julio Merino

The creator of EndBASIC is exploring how to repurpose the project’s underlying technical components for applications beyond the BASIC language. These modular building blocks include a pure Rust-based compiler and VM, a portable console framework, and an abstract virtual file system.

Bun’s experimental Rust rewrite hits 99.8% test compatibility on Linux x64 glibc

A 960,000-line experimental rewrite of the Bun runtime in Rust has achieved 99.8% test compatibility on Linux x64 glibc. The transition aims to leverage Rust’s memory safety features to reduce stability issues, memory leaks, and crashes.

PWABuilder

The provided text contains no news information, as it only displays a message stating that JavaScript is required. Therefore, no substantive summary of PWABuilder can be produced from the source.

Poka-Yoke

Poka-yoke is a “mistake-proofing” mechanism designed to prevent, correct, or highlight human errors within a process. Developed by Shigeo Shingo as part of the Toyota Production System, these constraints act as behavior-shaping tools to detect mistakes immediately and prevent them from becoming defects.

GNUtrition 0.33.0rc1 Now Available

GNUtrition 0.33.0rc1, a test release of free nutrition analysis software for the GNU operating system, is now available. This update features a C rewrite compatible with GTK and ncurses interfaces and introduces a noninteractive mode. Additionally, the software has transitioned its nutrient database from the USDA DSR to the USDA FNDDS.

Notes on using GNU Emacs’ Tramp system in an unusual shell environment

The author of the Wandering Thoughts blog has implemented anti-crawler measures to block high-volume bots using outdated Chrome user agents. While intended to mitigate the load from LLM training crawlers, these precautions may inadvertently block legitimate users with older browsers, specific Vivaldi configurations, or archival services like archive.is.

Fixing QuickLook (2023)

This article details a technical workaround to disable the automatic corner rounding of images in macOS Ventura’s QuickLook feature. By disabling System Integrity Protection (SIP), the author utilizes the lldb debugger to inspect and manipulate the QLPreviewPanel view hierarchy within Finder.

Yggdrasil Network as an Embedded Go Library

This article demonstrates how to embed ygglib, a compatible fork of the Yggdrasil library, directly into Go applications. It provides a minimal implementation example for integrating Yggdrasil’s experimental IPv6 mesh network capabilities into software such as web applications or Matrix clients.

Steering Zig Fmt

The zig fmt formatter is a “steerable” tool that adjusts code layout based on existing syntax, such as trailing commas and line breaks. This feature allows developers to manually control whether constructs like function calls and arrays are formatted on a single line or multiple lines.

macOS 27 threatens to bury Time Capsule, FOSS brings a shovel

macOS 27 threatens to deprecate support for Apple’s legacy Time Capsule backup devices, which rely on outdated AFP and SMB1 protocols. However, open-source software like NetBSD may provide a way to maintain compatibility and extend the life of these devices.

πŸ”’ Security & Privacy

I caught the car

A software engineer achieved a promotion to Senior Software Engineer within two and a half years of starting their career in 2023. This rapid advancement was driven by a desire to match a mentor’s professional timeline and supported by high-visibility project opportunities.

The Intolerable Hypocrisy of Cyberlibertarianism

The author argues that despite the internet’s practical advantages over the pre-digital era, its foundational ideology is fundamentally flawed. The text specifically critiques John Perry Barlow’s 1996 “A Declaration of the Independence of Cyberspace” as a misleading document that helped shape the modern digital landscape.

Your Computer Doesn’t Belong to You Anymore

The shift from local software to cloud-based services has transitioned computing from a model of true ownership to one of conditional access. This centralized architecture allows remote providers to control software functionality, revoke data access, and dictate device behavior without user consent.

LUKSbox: Encrypted vaults that survive the next decade

LUKSbox is an open-source tool that provides client-side encryption for securely storing sensitive files on untrusted platforms like cloud storage or shared media. The software features post-quantum resistance, tamper detection, and hardware-based security using FIDO2 and TPM 2.0.

Archive.today Reverts to Monero-Only Donations

Archive.today has reverted to accepting donations exclusively via Monero. The service provides permanent, unalterable snapshots of webpages while enhancing user security by removing all active scripts.

LayerZero apologizes for Kelp DAO exploit response; 47% of OApps used same single-verifier setup.

LayerZero has issued a public apology for its handling of the $292 million Kelp DAO exploit, admitting that its single-verifier configuration for high-value transactions was a security deficiency. Attributing the attack to North Korea’s Lazarus Group, the protocol also announced it will end support for the 1/1 DVN configuration to prevent similar vulnerabilities.

ACME CA Comparison

This article compares several public Certificate Authorities, including Let’s Encrypt, ZeroSSL, SSL.com, and Actalis, that provide free certificates via the ACME protocol. The comparison evaluates these providers based on technical specifications such as certificate lifetime, Subject Alternative Name (SAN) limits, and support for various ACME protocol features.

Hacking Time: Spoofing Atomic Clocks with Audio Harmonics

Due to atmospheric interference on the East Coast, atomic clocks often struggle to receive the official WWVB radio signal from Colorado. To resolve this synchronization issue, the author used a smartphone app called Clock Wave to spoof a localized transmitter using audio harmonics.

killswitch: per-function short-circuit mitigation primitive

The “killswitch” patch introduces a new Linux kernel primitive that allows administrators to temporarily mitigate security vulnerabilities by forcing specific functions to return a fixed value without executing their bodies. This feature enables the immediate disabling of vulnerable code paths until a permanent patch is deployed and the system is rebooted.

UK wants fresh fingerprints on Β£300M biometrics platform

The UK Home Office is seeking interest from potential suppliers for its Β£300 million biometrics platform. This move comes as a major support shake-up is planned for core police and immigration systems.

🌍 Global News & Society

Data center drains 30M gals of water β€” until residents complained of pressure

A data center in Fayetteville, Georgia, used approximately 30 million gallons of unmetered water, which was discovered only after local residents reported low water pressure. The developer has since paid nearly $150,000 in retroactive charges, an incident that has intensified local efforts to ban new data center developments.

Getting arrested in Japan

Japan’s detention system uses isolation and intense interrogation to pressure individuals into confessing during the investigative phase. This high-pressure environment can lead to prolonged detention and an increased risk of false confessions.

Why do Oregon farms plant red clover every spring?

Oregon farmers plant red clover in the spring as a cover crop to naturally increase soil nitrogen levels. The plants use cobalt-rich bacteria in their root nodules to convert atmospheric nitrogen into nutrients, providing a cost-effective, organic fertilizer when plowed back into the earth.

Gibraltar dumping all of its raw sewage into Mediterranean

Gibraltar has been discharging untreated sewage into the Mediterranean for decades due to the lack of a wastewater treatment plant. To address the resulting environmental and health concerns, the government has recently awarded a 25-year contract to Eco Waters to construct a new treatment facility at Europa Point.

Movies Are Too Long

Contemporary films are increasingly characterized by longer runtimes, even in genres that do not require epic storytelling. This trend is attributed to a decline in the market forces that once incentivized shorter movies, as modern theaters are now more desperate for content.

Impact of Trump aid cuts: 9 million deaths by 2030

Significant cuts to humanitarian aid under the Trump administration are projected to cause up to 9.4 million deaths by 2030, including 2.5 million children under age five. Research indicates that a 71 percent reduction in funding could lead to more than 750,000 deaths in the first year alone.

Worried Britons ‘prepping’ for major disruption with stash of tins and cash

New data from Link shows that many Britons are stockpiling emergency supplies, including cash, tinned goods, and battery-powered items, to prepare for potential major disruptions. These “prepping” efforts are driven by growing concerns over threats such as cyber-attacks, power outages, and infrastructure failures.

Aids Creeps Back in Parts of Zambia, a Year After U.S. Cuts to HIV Assistance

AIDS cases are increasing in parts of Zambia following significant cuts to U.S. HIV assistance, which have weakened the nation’s treatment and prevention systems. Additionally, the Zambian government faces the potential loss of remaining support as the U.S. links future health funding to expanded access to the country’s mineral resources.

Vladimir Putin is losing his grip on Russia

A former senior Russian official argues that Vladimir Putin’s efforts to maintain power are accelerating Russia’s decline and leading the country into a dead end. This growing instability is increasingly reflected in the shifting language used by Russian officials and business leaders when discussing government actions.

Solar on canals reduces water evaporation by 70% and algae growth by 85%

The Nexus pilot project in California successfully tested a 1.6 MW solar installation on irrigation canals, evaluating the dual use of infrastructure for clean energy and water conservation. Results demonstrated a 50-70% reduction in water evaporation and an 85% decrease in algae growth beneath the solar arrays.

Young people explicitly banned from openSUSE – urgent call for reversal

An urgent call for a reversal has been issued following reports that young people are explicitly banned from openSUSE. The provided article lacks further details regarding the nature of the ban due to a technical error in the content.

The Making of Steven Spielberg’s Jurassic Park (2012)

California scientists have successfully extracted and sequenced DNA fragments from an extinct stingless bee preserved in 25-million-year-old amber. The researchers aim to apply this technique to other ancient species to study the “evolutionary clock” and track the rate of evolution over geologic time.

Best Old School UFO Website

A user highlights an old-school UFO website noted for its extensive content and superior user interface. Although the site is believed to be defunct, it remains accessible through various archives.

Google settles racial discrimination lawsuit for $50 million

Google has agreed to pay $50 million to settle a lawsuit alleging racial discrimination against more than 4,000 Black employees in California and New York. Although the company denies any liability, the settlement includes commitments to implement pay equity analyses and transparency measures.

OpenAI, Anthropic, and Google’s AI push threatens India’s IT industry via automation

Major AI firms such as OpenAI, Anthropic, and Google are expanding beyond providing models to directly participate in enterprise implementation and digital transformation. This strategic shift, supported by partnerships with private equity firms, poses a significant competitive threat to India’s IT services industry by automating its core, labor-intensive tasks.

London’s BT Tower to get rooftop swimming pool

London’s BT Tower is set to feature a new rooftop swimming pool. The facility will be located 177 meters above the streets of the West End.

πŸ–₯️ Systems & Hardware

PipeDream on the Acorn Archimedes

PipeDream was an innovative productivity suite for the Acorn Archimedes that integrated word processing, spreadsheets, and databases into a single, flexible document format. Running on the pioneering ARM processor and the RISC OS operating system, the software represents a period of highly creative yet commercially isolated computing.

CAD and Cam Applications on HP-UX Unix Workstations

During the 1990s, HP 9000 PA-RISC workstations running HP-UX were leading platforms for CAD, CAM, and CAE applications due to their high floating-point performance. These systems supported major 3D design software like I-DEAS and Unigraphics NX before being replaced by Windows-Intel and Linux in the early 2000s.

Apple May Drop Base $599 MacBook Neo as Chip, DRAM Costs Climb

Apple is considering discontinuing the $599 MacBook Neo configuration to offset rising manufacturing costs driven by component shortages and high demand. This move would effectively increase the laptop’s starting price by $100, though the company may alternatively introduce new color options to cushion a potential price hike.

Laptops all have built-in security tokens these days

Modern laptops and smartphones now feature built-in secure elements that can effectively replace external hardware security tokens like Yubikeys. These integrated features allow for secure authentication tasks, such as SSH and U2F, without the need for separate, easily misplaced physical devices.

Chrome’s AI features may be hogging 4GB of your computer storage

Google Chrome is automatically downloading a 4GB Gemini Nano AI model to support on-device features like scam detection and writing assistance. To reclaim disk space and prevent the file from re-downloading, users must disable the On-Device AI option in Chrome’s system settings.