First Trillionaire, 400 Poisoned Linux Packages, and a Government-Ordered AI Shutdown

The SpaceX IPO closed Friday as the defining financial event of the year, while a major Linux supply-chain attack and a government-ordered AI model suspension kept security and AI desks equally busy.

Security

Two stories stand out for their patience and reach. Sygnia's disclosure of the Velvet Ant group's near-decade implant inside Linux authentication is the more alarming: the China-nexus threat actor backdoored PAM and related Linux login software, hiding inside the one component most defenders trust absolutely. Credential theft at that layer means no password rotation or MFA policy compensates — PAM binary integrity needs to become a first-class audit item.

More immediately actionable for anyone running Arch: over 400 Arch User Repository packages have been poisoned with a rootkit and infostealer. AUR's community-maintained PKGBUILD model with minimal automated review has always been a supply-chain risk on paper; this is it in practice. If you use yay, paru, or any AUR helper, audit installed packages against the current list of compromised entries and treat the system as potentially dirty until provenance is confirmed.

Google separately filed suit against a Chinese operation called "Outsider Enterprise," accusing it of using AI to send 2.5 million scam texts to Americans over a two-week window. The complaint specifically names an AI agent used to generate and scale phishing content — the clearest documented case yet of a criminal operation weaponizing a major AI platform. It's also a useful test of whether civil enforcement can reach threat actors outside criminal jurisdiction.

phpBB patched a ten-year-old authentication bypass that let any attacker log in as any user, including admins. A decade in the codebase with no CVE until now. If you host phpBB, update before the weekend.

AI

The most consequential AI story of the day arrived with almost no detail: Anthropic suspended customer access to its latest models following a US government directive. The directive's scope, legal basis, and which specific versions are affected have not been disclosed publicly. The abruptness suggests either a national-security concern around a specific capability or a compliance order tied to an ongoing investigation. Combined with the already-covered LangGraph RCE chain, it's a sharp reminder that the regulatory and security perimeter around deployed AI infrastructure is hardening faster than most operators anticipated.

Meta's AI dysfunction runs in a different direction. Internally, the company is rationing employee AI token usage as inference costs climb into the billions; externally, its 6,500-person consolidated AI division is being described by engineers inside it as a soul-crushing environment on the verge of revolt. Spending the most while extracting the least from the people doing the work tends to resolve badly.

Mistral is reportedly raising €3 billion at a €20 billion valuation, nearly double its Series C. If the round closes, Mistral cements itself as the primary non-US frontier model contender — and raises the question of how long it stays independent at that scale.

Ukraine disclosed a limited field test of fully autonomous AI drones that engaged and killed Russian soldiers without a human in the loop at the point of engagement. Framed as a one-time experiment, but AI targeting modules are reportedly installing at scale across Ukrainian unmanned systems. The "limited test" framing will not hold long as a meaningful distinction.

Tech

SpaceX's debut closed Friday up 19% from its $135 IPO price, creating the world's first trillionaire in Musk. At intraday peak, shares were up 30% and the company briefly ranked among the six most valuable in the US. The IPO narrative is explicitly built around AI potential rather than launch cadence — a framing that makes the valuation either prescient or precarious depending on Starship execution. Gwynne Shotwell dropped another public hint at an eventual Tesla merger, and Robinhood reported record-breaking traffic on debut day with brief intermittent disruptions.

Section 702 of FISA technically expired Friday night, but existing collection certifications run through March 2027, meaning bulk foreign-targeted surveillance continues uninterrupted. The expiry is procedural noise rather than a meaningful constraint.

$130 billion in data center projects have been blocked by community protests so far in 2026. AI infrastructure buildout is colliding with local land-use, energy, and water politics at a scale that is becoming a genuine site-selection crisis — and the communities winning these fights are building organizing templates others will copy.

The world's largest AI-valued company just went public, the most widely deployed AI API went dark by government order, and Meta is rationing tokens to its own engineers — all on the same Friday.

Also yesterday

• ShinyHunters Exploits Oracle PeopleSoft Zero-Day CVE-2026-35273 — 100+ Organizations Breached
• CISA Issues 72-Hour Patch Mandate for Actively Exploited Ivanti Sentry Flaw
• Critical RCE Chain Patched in LangGraph — Update Self-Hosted AI Agents Now