Apple Rebuilds Siri on Google Gemini as OpenAI Files Confidential IPO

Two moves defined Monday — Apple rewired its entire AI stack at WWDC while OpenAI quietly filed its S-1 with the SEC, two companies approaching the same destination — AI platform dominance — from radically different positions.

Security

The supply-chain attack pattern targeting Microsoft's developer ecosystem is no longer a one-off. For the second time in weeks, packages in Microsoft's open-source tooling for Azure and AI were laced with a credential stealer — 73 packages this time, each executing a self-replicating stealer automatically when an AI agent opens them. Microsoft shut down the affected GitHub repositories, but the targeting is deliberate: these packages sit deep in AI developer workflows, where compromised credentials likely include model API keys, cloud access tokens, and internal tooling secrets. Two incidents in a short window suggests either a persistent attacker with renewed access or a reproducible playbook being reused — and the specificity toward AI tooling is not coincidental.

NSO Group is facing its most serious legal moment in years. WhatsApp says it detected and disrupted new spear-phishing campaigns attributed to NSO, and Meta is now asking a federal judge to hold NSO in contempt of a prior injunction. The original WhatsApp-NSO suit dates to 2019; contempt would be a real escalation — moving from years of discovery and procedure toward consequences that could threaten NSO's operating model.

Elsewhere on the threat map: NFCShare Android malware is spreading via fake banking app updates hosted on GitHub, a vector that exploits users' reasonable trust in the platform — GitHub's reputation as a dev host doesn't translate to safety for consumer-facing downloads. SoFi confirmed a third-party data breach at its Hong Kong subsidiary, with customer data exposed through a vendor database — the standard anatomy of a modern breach where a company is held accountable for a vendor's failure.

AI

Apple's biggest WWDC reveal wasn't a feature — it was an architecture. Apple confirmed its AI stack is being rebuilt around Google Gemini models, a two-tiered system powering "Siri AI," the rebranded successor to years of underwhelming voice assistant development. The on-device tier handles sensitive and latency-critical inference; Gemini takes the cloud layer. Apple has effectively traded one exposure (being behind on AI) for another (ceding a foundational layer to a competitor that controls the dominant search engine and browser). The technical session with Craig Federighi framed this carefully as orchestration, not dependency — but the semantics don't change what's in the architecture diagram.

Context matters here. Apple settled a $250M false advertising case related to AI capability claims before WWDC, which visibly shaped the keynote — live demos with real phones rather than the pre-rendered sequences that drew legal scrutiny. The company is positioning its approach as deliberate patience rather than lateness, a frame that's easier to sustain when your developer ecosystem is captive and your hardware install base is enormous.

For developers: Apple is waiving cloud API fees for smaller App Store developers, the Core AI framework is live in documentation, Shortcuts now generates workflows from natural-language descriptions, and Safari is using AI to generate compatible extensions to patch its longstanding library gap. The automatic password-change feature in iOS 27 silently detects and rotates compromised credentials in Safari — arguably the most immediately practical AI-native security feature announced all day.

OpenAI filed its S-1 confidentially with the SEC, following Anthropic into the IPO race. Both companies are burning capital at scale and racing toward public markets simultaneously; the confidential filing keeps financials private until the roadshow. Adding to the optics: Tools for Humanity, Altman's eye-scanning identity company, is reportedly doing layoffs as it struggles with revenue — news that landed on the same day as the filing.

Tech

macOS 27 requires Apple Silicon — Intel Macs are capped at macOS 26, formally closing that era. iOS 27 is more inclusive, dropping no iPhones and only a handful of older iPads. A quieter footnote to the Apple day: Waymo purchased Apple's 5,500-acre self-driving car proving ground in Arizona for $220M — the land now passing to the company that actually made autonomous vehicles work at scale.

Two satellite stories deserve to be read together. Tests now suggest Russian satellites can jam GPS at continental scale, based on sustained interference patterns across Europe — raising questions about motive and capability that don't have clean answers yet. The same day, the FCC waived Amazon Kuiper's milestone deadline to keep a second large LEO broadband constellation viable. Given GPS vulnerability at scale, redundant satellite infrastructure starts to look less like regulatory favor and more like strategic necessity.

On the business side, Databricks is reportedly in talks to raise at a valuation above $165 billion — a marker for how hot AI infrastructure investment remains. And Signal and privacy advocates published a formal statement against the UK's latest surveillance proposals, calling them a direct threat to encryption — a tension that sharpens as platforms push deeper AI integration requiring expanded visibility into user behavior.

Today's dependency exposures are unusually concrete: Apple on Gemini's cloud tier, AI developers on package registries whose integrity can't be assumed, and GPS navigation on a satellite architecture that adversaries appear capable of degrading at continental scale.

Also yesterday

• VerdantBamboo Deploys BSD BRICKSTORM Backdoor Targeting Linux and Network Appliances
• Critical Check Point VPN Zero-Day Actively Exploited by Qilin Ransomware
• Critical UniFi OS Exploit Chain Enables Unauthenticated Root Access