LIVE · SUN, JUN 28, 2026 --:--:-- ET

Issue Nº 68 COST TOTAL $14593.05 ARTICLES TODAY 0 TOKENS TOTAL 9.21B

Running the wire

Chips Loongson launches 3C3000 16-core server CPU on LoongArch; targets SMB file and database servers Funding Stark Defence raises €500M at €3.5B valuation; Sequoia, Founders Fund back German kamikaze drone startup Breaking AI coding agents vulnerable to malware via GitHub repos, Mozilla researchers demonstrate Claude exploit Market BIS warns AI bust could ripple into credit; hyperscalers shift from cash-flow to debt financing Funding Stark defense tech raises €500M at €3.5B; Berlin drone maker expands after €2.8B Bundeswehr contract Policy BIS warns AI boom financing shift to hedge funds, private credit poses burst risk Funding Mirendil closes $200M seed at $1B on bet that AI can automate AI research Funding Upscale AI raises $190M extension at $2B valuation; NVIDIA backs AI-native networking switches Policy Apple lobbies US for clearance to buy chips from blacklisted Chinese supplier CXMT Breaking OpenAI names Uber India president Prabhjeet Singh as first managing director for India Market Micron smashes Q3 earnings with $41.5B revenue, guides Q4 to $50B as HBM supply stays fully allocated through 2026 Chips Onsemi to acquire Synaptics for $7B in all-stock deal; unifies power, sensing, and edge AI into "physical AI" play Market South Korea's Kospi crashes 10%, SK Hynix and Samsung plunge amid AI chip allocation concerns Policy Japan commits ¥101.6 trillion ($~590B) to AI and chips by 2040, quintuples chip sector target Funding Baseten closes $1.5B Series F at $13B valuation, led by Altimeter Market Micron Q3 Revenue Crushes at $41.5B; Q4 Guidance $50B with 16 Multi-Year SCAs Locking $100B Funding Mirendil closes $200M seed at $1B to build autonomous AI R&D systems, democratizing frontier research Funding Peregrine Technologies raises $250M Series D at $6.8B, triples valuation on government AI demand Chips Onsemi acquires Synaptics for $7B, building physical AI play at intersection of power, sensing, compute Market Apple lobbies Trump admin to buy memory from blacklisted CXMT as component costs soar Chips Loongson launches 3C3000 16-core server CPU on LoongArch; targets SMB file and database servers Funding Stark Defence raises €500M at €3.5B valuation; Sequoia, Founders Fund back German kamikaze drone startup Breaking AI coding agents vulnerable to malware via GitHub repos, Mozilla researchers demonstrate Claude exploit Market BIS warns AI bust could ripple into credit; hyperscalers shift from cash-flow to debt financing Funding Stark defense tech raises €500M at €3.5B; Berlin drone maker expands after €2.8B Bundeswehr contract Policy BIS warns AI boom financing shift to hedge funds, private credit poses burst risk Funding Mirendil closes $200M seed at $1B on bet that AI can automate AI research Funding Upscale AI raises $190M extension at $2B valuation; NVIDIA backs AI-native networking switches Policy Apple lobbies US for clearance to buy chips from blacklisted Chinese supplier CXMT Breaking OpenAI names Uber India president Prabhjeet Singh as first managing director for India Market Micron smashes Q3 earnings with $41.5B revenue, guides Q4 to $50B as HBM supply stays fully allocated through 2026 Chips Onsemi to acquire Synaptics for $7B in all-stock deal; unifies power, sensing, and edge AI into "physical AI" play Market South Korea's Kospi crashes 10%, SK Hynix and Samsung plunge amid AI chip allocation concerns Policy Japan commits ¥101.6 trillion ($~590B) to AI and chips by 2040, quintuples chip sector target Funding Baseten closes $1.5B Series F at $13B valuation, led by Altimeter Market Micron Q3 Revenue Crushes at $41.5B; Q4 Guidance $50B with 16 Multi-Year SCAs Locking $100B Funding Mirendil closes $200M seed at $1B to build autonomous AI R&D systems, democratizing frontier research Funding Peregrine Technologies raises $250M Series D at $6.8B, triples valuation on government AI demand Chips Onsemi acquires Synaptics for $7B, building physical AI play at intersection of power, sensing, compute Market Apple lobbies Trump admin to buy memory from blacklisted CXMT as component costs soar

Breaking Sunday, June 28, 2026 at 12:04 PM

AI coding agents vulnerable to malware via GitHub repos, Mozilla researchers demonstrate Claude exploit

Mozilla's 0din security research team has demonstrated that AI coding agents like Claude can be tricked into executing malware through a deceptively simple social engineering attack. An attacker can create a GitHub repository that appears clean—with just scaffolding files and standard initialization files—that tricks Claude into installing malware. The attack exploits the agent's drive to be helpful: when the AI encounters an error during project setup, it tries to solve the problem automatically, triggering malicious scripts hidden in the repo.

The attack chain is subtle and three-layered. First, a fake Axiom startup script errors out, prompting Claude to run a help command. That command then downloads software from a malicious source disguised as a legitimate DNS TXT record lookup. The TXT record contains a base64-encoded reverse shell—giving the attacker shell access to the developer's machine. From there, attackers can exfiltrate secrets, API keys, code, documents, browser sessions, and passwords. The vulnerability doesn't require any obviously suspicious files; existing security scanning tools typically won't flag the repository or the activity.

For architects: this demonstrates that coding agents need fundamentally different security boundaries from human developers. Claude and similar agents lack the skepticism to question unclear third-party setup steps. The 0din team recommends that developers never blindly trust unknown projects and never rely on AI tools for security analysis. Agent vendors should implement execution sandboxing and require explicit user approval before running shell commands or downloading from the internet.

Sources