A Department of Energy (DOGE) employee Jordan Wick has been publicly sharing sensitive work-related code on GitHub, including a Twitter DM downloader and geospatial data analysis tools for undersea cables and critical minerals.
A widespread scam operation on GitHub involves thousands of repositories distributing malware disguised as game mods and cracked software. The malware, known as Redox stealer, collects sensitive data including passwords, crypto wallets, and gaming accounts from victims' computers, then sends it to Discord servers for exploitation.
Government access to personal data through tech giants has dramatically increased, with Meta, Google, and Apple sharing details of 3.16 million accounts over the past decade. The US government made nearly 500,000 data requests to Google and Meta in the last measured 12 months, exceeding all other 14 Eyes Alliance members combined. These companies' business models prevent them from implementing strong privacy protections, as they rely heavily on user tracking for revenue.
DOGE's widespread disruption of federal agencies has resulted in significant staffing cuts, program terminations, and institutional knowledge loss across multiple sectors. The organization's actions have impacted critical areas including cybersecurity, scientific research, social services, and international aid programs. The consequences of these cuts are expected to have long-lasting effects on government operations and public services.
IBM has completed its $6.4 billion acquisition of HashiCorp, integrating advanced cloud infrastructure automation and security capabilities into its portfolio. The merger aims to help enterprises manage hybrid cloud environments more efficiently, with HashiCorp's Terraform and Vault products now available through IBM's automation software lineup. The acquisition strengthens IBM's position in multiple growth areas including Red Hat, watsonx, and IT automation.
Memory safety vulnerabilities have been a persistent security challenge costing billions, prompting a call for industry-wide standardization and secure-by-design practices. Recent advancements in memory-safe languages like Rust and hardware technologies offer promising solutions for widespread adoption. Google advocates for establishing a common framework to assess memory safety assurances and drive industry-wide adoption of secure practices.
A class action lawsuit has been filed against Automattic over blocking WP Engine's access to WordPress.org services, affecting hundreds of thousands of customers. The lawsuit alleges deliberate sabotage and unfair competition, seeking damages and an injunction to prevent Automattic from interfering with competitors. The case highlights concerns about WordPress.org's governance and Automattic's control over critical WordPress infrastructure.
A massive power outage in Chile affected 8 million homes across 14 regions, disrupting transportation, internet, and mobile services. The government declared a state of emergency and implemented a curfew while investigating the cause of the blackout, which stemmed from a disrupted high-voltage transmission line. By Wednesday, 90% of affected areas had power restored, though 220,000 customers remained without electricity.
Federal employees were requested to submit bullet points of their weekly accomplishments, with responses potentially being analyzed by AI to determine job necessity. The directive, initiated by Elon Musk, faced significant pushback from various agencies and unions, while receiving praise from President Trump. Multiple government departments instructed their employees not to respond, citing security and confidentiality concerns.
Federal judges have blocked DOGE from accessing personal data held by multiple US government departments, including Education, OPM, and Treasury. The rulings came after lawsuits filed by various parties, including the American Federation of Teachers and 19 states led by New York, citing Privacy Act violations and potential irreparable harm.