Been a busy week. Stockholm is gorgeous in summer.
The Ransomware Gang That Got Ransomed
The Gentlemen ran their operation like McKinsey with malware. Tiered service levels, customer support, even an HR department. Then someone breached them using their own playbook. Turns out even criminal management consultants aren’t immune to the fundamentals. You’d think people whose entire business model is exploiting bad OPSEC would have better OPSEC.
https://www.darkreading.com/threat-intelligence/gentlemen-raas-gang-data-leak
The AI Pricing Time Bomb
Every AI company is running a loss-leader at a scale that would make Uber blush. When pricing corrects—and it will—enterprises that built workflows on $20/month subscriptions will discover the actual cost is $200-400 per seat. The bill is coming. Your CFO will not find it funny.
https://www.thestateofbrand.com/news/ai-subscription-time-bomb
CISA Left the Keys in the Ignition
The agency tasked with securing American infrastructure left its AWS GovCloud keys on GitHub with passwords in a plaintext CSV. You cannot make this up. Somewhere a compliance officer is updating their “do as I say, not as I do” presentation.
https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/
The Supply Chain Is One Big Unlocked Filing Cabinet
GitHub’s internal repos breached by TeamPCP, who’ve now hit GitHub, PyPI, NPM, Docker, Aqua Security, and OpenAI. At some point you stop calling it a breach and start calling it a tour. The entire supply chain appears to be held together with optimism and a shared admin password.
When Your LMS Becomes Critical Infrastructure
Canvas had a support ticket vulnerability. Normally. But that underpinner 9,000 schools! Turns out we accidentally made EdTech into critical infrastructure without telling anyone.
You Can’t Review Your Way to Competence
AI coding agents are brilliant until they’re not, and you won’t know the difference because the skills required to spot what they got wrong are the same skills they’re busy atrophying. You can’t spell-check your way out of illiteracy.
https://larsfaye.com/articles/agentic-coding-is-a-trap
The One Bright Spot
Local kids are crowdfunding to save the nesting grounds of bald eagles Jackie and Shadow. Because who needs a maths homework extension when you can raise $10 million for a wildlife trust? Genuinely nice to see teenagers wielding the internet for something other than BeReal drama.
—
That’s your lot. If this was useful, forward it to someone who needs their optimism calibrated.
Javvad Malik 