blindthoughts
digest

FBI and Google Dismantle NetNut's 2-Million-Device Proxy Network

A coordinated law enforcement and industry action took down one of the internet's largest residential proxy networks, while ransomware operators added another Citrix vulnerability to their toolkit. The AI world spent the day processing a Claude flagship stumble and a sobering admission from Meta's CEO.

Security

The FBI, Google's Threat Intelligence Group (GTIG), Lumen, and a coalition of industry partners seized hundreds of domains tied to NetNut and worked in parallel to significantly degrade a residential proxy network that enrolled roughly two million home devices as unwitting traffic relays. NetNut is operated by Alarum Technologies, a publicly traded Israeli company — which makes this takedown unusual. This isn't a darknet market or criminal forum: it's a commercially marketed proxy service whose traffic gets used by everyone from e-commerce fraud operators running credential-stuffing campaigns to nation-state actors masking reconnaissance origin. Residential proxies are particularly valuable to attackers because their traffic originates from legitimate home IP addresses, bypassing most geo-restriction and rate-limiting controls. The FBI seizure of hundreds of associated domains, combined with GTIG's technical degradation and Lumen's BGP-level route manipulation, represents a notably aggressive approach to proxy-for-hire infrastructure. The companion Popa botnet — which fed compromised home devices into the NetNut pool — was seized alongside it.

Ransomware operators are meanwhile moving quickly on Citrix Bleed 2 (CVE-2025-5777). Anubis ransomware affiliates are exploiting this new NetScaler authentication bypass for initial access, combining it with bring-your-own-vulnerable-driver (BYOVD) techniques to disable endpoint security, and using compromised supply chain credentials to move laterally once inside. The pattern — chained initial access vulnerability plus kernel-level defense evasion — mirrors what made the original Citrix Bleed (CVE-2023-4966) so damaging when ransomware groups weaponized it within days of publication. If internet-facing Citrix NetScaler appliances are in your environment, treat CVE-2025-5777 as actively exploited. Patch or segment now.

Two other stories deserve attention. The Intercept's Signal-based tip line was breached by a third party, according to Drop Site News — a significant failure for a newsroom whose security posture is supposed to protect sensitive sources. Signal's end-to-end encryption protects message content in transit; it does not protect the infrastructure receiving and storing those tips at the endpoint. The details of what was accessed remain unclear, but for journalists and sources relying on secure tip lines, the incident is a reminder that protocol choice is only one layer of the security model.

More striking from a liability standpoint: a startup has sued Palo Alto Networks' Koi Security unit after an AI-generated threat intelligence report falsely linked the company to Chinese espionage. This is among the first cases where a defamation-adjacent claim centers specifically on a security vendor's AI hallucination. With the industry rushing to integrate LLMs into threat intel pipelines, this lawsuit puts a concrete legal question on the table: who bears liability when an AI system confidently misidentifies a company as a state-linked threat actor and that report circulates to customers?

AI

Anthropic is managing a rough cycle on its flagship model. Claude Fable 5 will exit standard subscription tiers after July 7, shifting to usage-based pricing — Anthropic says the move is temporary and the model will return to broader availability. The timing is difficult, because the relaunched Fable is simultaneously drawing sharp criticism from users who say it performs substantially below the original release. Model regression through training runs is a known and recurring problem across frontier labs — optimization pressure for safety, cost, or inference speed can degrade capability in ways that aren't always caught before release. Running a subscription reshuffle at the same moment makes the story considerably harder to manage.

Mark Zuckerberg told Meta staff at an internal meeting that AI agent development has not moved as quickly as anticipated — a notable admission from a CEO who has made agentic AI central to Meta's product roadmap. It echoes quieter acknowledgments from engineers at other labs that reliable autonomous multi-step behavior is substantially harder to ship than demos suggest. Goldman Sachs published a substantial report on AI and labor displacement — framed as a question, "An AI Job Apocalypse?" — on the same day, creating an odd juxtaposition: the technology supposed to displace workers isn't yet reliable enough to impress its own builders.

On the hardware side, Anthropic is in discussions with Samsung about developing a custom AI chip. With OpenAI moving toward Broadcom silicon and Google running TPUs in its own datacenters, Anthropic is the last major frontier lab still dependent primarily on merchant GPUs. A Samsung partnership would change that calculus — and apply additional long-term pressure on Nvidia's position in the AI inference market.

Tech

A Tesla driver in Katy, Texas now faces manslaughter charges after his vehicle struck and killed a woman inside her home last month while Full Self-Driving was engaged. This appears to be the first FSD-related fatality to result in criminal manslaughter charges against the driver. The central legal question — whether a driver operating a vehicle with active driver-assistance retains the same duty of care as one in full manual control — has no settled precedent. This case will produce one.

Virginia has banned the sale of geolocation data, cutting off data brokers who aggregate location trails from apps and resell them for advertising, law enforcement contracting, and related uses. Google, meanwhile, lost its appeal of the EU's €4.1 billion Android antitrust fine — one of the largest competition penalties in tech history, now confirmed on appeal. Sony's Austrian disc manufacturing plant is being repurposed for microlens production; the physical media era for games isn't fading gradually, it's being industrially decommissioned.

Google and Amazon's AI environmental costs are now visibly undercutting their net-zero commitments, as datacenter power demand from AI workloads outpaces efficiency improvements. And the day's sharpest hype indicator: Jersey Mike's IPO filings mention AI. A sandwich chain. The cycle has fully closed.

Between a two-million-device proxy takedown, a weaponized Citrix flaw, a criminal AI hallucination, and a Claude flagship stumble, July 2 was a day that rewarded having patched your infrastructure and read the fine print on your AI vendor agreements.

Also yesterday

Share:𝕏inr/HN🦋@
Was this useful?