Tech Brew Ride Home - Wed. 07/28 – Don’t Sleep On That SharePoint Exploit
Episode Date: July 23, 2025Don’t sleep on that SharePoint exploit from earlier this week as it seems to have led to a ton of still active breaches. Apple has a new insurance plan for you. Elon wants even more money for xAI. T...he Chinese are still churning ahead with their AI models. And three different stories about AI and privacy. Links: Microsoft links Sharepoint ToolShell attacks to Chinese hackers (BleepingComputer) Apple Launches $20-a-Month AppleCare One Plan Covering Up to Three Devices (Bloomberg) Musk Allies to Raise Up to $12 Billion for xAI Chips as Startup Burns Through Cash (WSJ) Qwen3-Coder: Agentic Coding in the World (Simon Willison) Alibaba’s new open source Qwen3-235B-A22B-2507 beats Kimi-2 and offers low compute version (VentureBeat) Amazon buys Bee AI wearable that listens to everything you say (The Verge) Proton is launching a privacy-focused AI chatbot (The Verge) OpenAI CEO Sam Altman warns of an AI ‘fraud crisis’ (CNN) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the Tech meme right home for Wednesday, July 23rd, 2025. I'm Brian McCalla today. Don't sleep on
that SharePoint exploit from earlier this week as it seems to have led to a ton of still active breaches.
Apple has a new insurance plan for you. Elon wants even more money for XAI. The Chinese are still
churning ahead with their AI models and three different stories about AI and privacy. Here's what
you miss today in the world of tech. Probably need to update you on something important. Microsoft says,
it, quote, has observed two named Chinese nation-state actors,
Lennon Typhoon and Violet Typhoon, exploiting the SharePoint Zero Day vulnerabilities.
Quoting, Blieping Computer, we assess that at least one of the actors
responsible for this early exploitation is a Chinese nexus threat actor.
It's critical to understand that multiple actors are now actively exploiting this vulnerability.
Charles Carmackold, CTO of Google Cloud's Mandient Consulting, told Bleeping Computer
yesterday. Cybersecurity firm Checkpoint also revealed on Monday that it discovered the first signs of
exploitation on July 7th, adding that the attackers targeted dozens of entities across the
government, telecommunications, and software sectors in North America and Western Europe.
Microsoft Patch the two flaws as part of the July patch Tuesday updates used by threat actors
to compromise fully patched SharePoint servers. Since then, it released emergency patches
for SharePoint subscription edition, SharePoint 2019, and SharePoint 2016, to address both
RCE flaws, end quote. And, yeah, a source tells Bloomberg that the U.S. National Nuclear Security
Administration was among those breached by that hack. No sensitive information is known to be compromised,
but still, quote, the U.S. agency responsible for maintaining and designing the nation's cash of
nuclear weapons was among those breached by a hack of Microsoft SharePoint Document Management
Software, according to a person with knowledge of the matter. No sensitive or classified information
is known to have been compromised in the attack on the nuclear security administration said the person
who wasn't authorized to speak publicly and asked not to be identified. The semi-autonomous arm of
the Energy Department is responsible for producing and dismantling nuclear arms. Other parts of the
department were also compromised. The NNSA has a broad mission, which includes providing the Navy
with nuclear reactors for submarines and responding to radiological emergencies, among other duties.
The agency also plays a key role in counterterrorism and transporting nuclear weapons
around the country. Hackers were able to breach the agency as part of a 2020 attack on a widely
used software program from Solar Winds. A department spokesperson said that malware had been isolated
to business networks only. In addition to the energy department, the hackers have broken into
systems belonging to national governments in Europe and the Middle East, the U.S. Education
Department, Florida's Department of Revenue, and the Rhode Island General Assembly, end quote.
And as I was preparing to record this, word from eye security that hackers have breached
around 400 government agencies, corporations, and other groups via this SharePoint breach,
up from an estimate of only 60 yesterday. So, not great, Bob.
Apple this morning launched AppleCare 1, an insurance plan covering up to three devices
for $20 per month, including battery replacements, accidental damage, and more.
Quoting Bloomberg, the new offering is called AppleCare 1 and cost $20 a month.
The company said Wednesday, the service also includes battery replacements,
all hours customer support and coverage for accidental damage, such as drops and spills.
Any additional products added to the plan will cost an extra $6 a month.
Customers can sign up for the plan on their iPhone, iPad, or Mac, or in person at a retail store.
The service which will be limited to the U.S. for now launches widely on Thursday.
The announcement underscores the growing importance of Apple's services division,
which also includes things like the App Store, ICloud, the TV Plus platform, and music streaming.
The unit is on track to eclipse $100 billion in revenue this year, making it Apple's biggest
moneymaker besides the iPhone.
The new program will cover all products already offered under the existing AppleCare Plus
plan, including iPhones, iPads, Macs, watches, the Vision Pro headset, displays, headphones, TV set,
top boxes, and home pod speakers.
The service covers any product model or variation so users can bundle, for example, an iPhone
16 Pro with the Vision Pro and a newer model MacBook Pro.
without it affecting the cost. It also includes theft and loss coverage, which lets customers get
a new iPhone, iPad, or Apple Watch if their device is lost or stolen. The company already offers this
as an add-on to its standard Care Plus service with prices varying by product. Apple hardware
typically comes with a one-year limited warranty and 90 days of included tech support, but the company
has long offered Care Plus for extended protection at a range of prices. Care Plus will still
exist alongside AppleCare 1 for users who may prefer to purchase insurance a la carte. The bundled
approach may appeal to consumers who own a variety of Apple products but are reluctant to purchase
individual insurance plans for more than one or two of them. Once AppleCare 1 launches, customers will
be offered the option when they buy devices online or at a retail store. Coverage can also be added
to existing products that are up to four years old, but consumers must agree to have a
diagnostic test performed on their device to ensure that key components like the power button are
functional. Apple may also ask users to upload a picture of the front of the device to check the
condition of the screen. Additionally, a customer's AppleCare 1 coverage will automatically update
if, say, they trade in an old iPhone for a new one, end quote. A.I. Horse Race XAI is in this weird
sort of position where there may be looked at as the dark horse in the race, but also they have
the resources of Elon Inc. behind them. But also, how much in terms of resources can Elon
deliver. We know he already spent billions on that mega data center, and Grok seems to be
respected, but maybe not cutting edge. So how much would it cost to make it cutting edge?
Well, sources say that. After just recently raising $10 billion, XAI is now working with a trusted
financier to secure up to $12 billion more to buy Nvidia chips. Quoting the journal,
VALOR Equity Partners, an investment firm whose founder Antonio Gracias, has
has close ties to Musk is in talks with lenders to raise the capital. The money would be used to
buy a massive supply of advanced Nvidia chips that would be leased to XAI for a new jumbo-sized
data center meant to help train and power the AI chatbot GROC. Musk needs all the financial
firepower he can get to stay competitive in a wild and costly AI battle with well-funded rivals
like Google, Microsoft, and Meta. GROC hasn't gained nearly as much traction as OpenAI's
chat GPT and took a reputational hit earlier this month when it posted racist and
controversial comments to users on the social media platform X. The startup apologized for what it
called, quote, horrific behavior. With XAI's balance sheet already stretched, Musk is getting creative
to keep the money flowing. SpaceX recently invested $2 billion in XAI, effectively moving cash from
the coffers of one Musk company to fund another. For the $5 billion in debt, XAI raised in June,
the company pledged its most prized asset, the intellectual property behind GROC, as part of
the collateral people familiar with the situation said.
The startup will likely have to raise even more in the coming months, given the sums of cash
needed to train large AI models. Unlike startup competitors like OpenA. and Anthropic, Musk's company
isn't joining with an existing cloud computing giant that could bear some of the costs of training
and running large language models. Musk's XAI is paying to build and run its own AI infrastructure.
Cash at XAI is going out the door almost as soon as it arrives. Under projections shared with
potential creditors a few months ago. XAI was slated to burn about $13 billion in cash in
2025. People familiar with the financial said, the startup isn't profitable and generates a very
small amount of revenue. XAI's more recent plan to lease chips through a complex debt deal
would defray billions of dollars of spending, but would lead to ongoing financial obligations.
It took only 122 days for XAI to build its first giant data center in Memphis, Tennessee, dubbed
Colossus. It originally housed 100,000 Nvidia
graphics processing units or GPUs among the world's largest cluster of AI chips. Just 92 days later,
XAI doubled Colossus's size to 200,000 GPUs. That is like superhuman, and as far as I know,
there's only one person in the world who could do that, NVIDIA chief executive Jensen Huang,
said on a podcast last year, Elon is singular in his understanding of engineering and construction
and large systems and marshalling resources, end quote. XAI has indicated it wants to have one million
chips powering GROC. To pay for its second, even bigger, data center dubbed Colossus 2,
X-AI is turning to Valor. Valor funds have invested in SpaceX, Tesla, Solar City, the Boring
company, and Neurrelink, all Musk enterprises. Valor and other private equity investors would
contribute their own cash to a funding vehicle that would borrow billions of dollars more from
private credit funds to purchase chips for the expansion. Money for interest and principal
on the asset-backed debt would come from payments XAI makes to use the new
chips, and in the event of a shortfall, lenders could foreclose on them. Valor is negotiating with a
group of funds and hopes to clinch a deal in coming weeks, but it could still fall apart,
people familiar with the matter said. A key point of contention is how big the loan should be and how
quickly it will come due. Some lenders want the debt to be repaid within three years and to cap the
amount of money borrowed in order to limit their risk. AI chips lose value quickly because more
powerful versions are constantly being developed. Demand for data centers could diminish,
or XAI could stumble for other reasons, end quote.
Well, and then there's the Chinese entrance into the horse race.
Alibaba has released its new Quen 3-235B-A-22B Instruct-2507 model on Hugging Face,
improving on Quen3's reasoning, accuracy, and multilingual understanding.
Alibaba also debuted the Quen-3 coder model for Agente-Coding,
including a 480 billion parameter mixture of experts,
and open source Quen Code, quoting Simon Willison on that last bit first.
In addition to the new model, Quen released their own take on an agentic terminal
coding assistant called QuenCode, which they described in their blog post as being forked
from Gemini Code, which is Apache 2.0, so a fork isn't keeping with the license.
They focused really hard on code performance for this release, including generating synthetic
data tested using 20,000 parallel environments on Alibaba Cloud.
To further burnish their coding credentials, the announcement includes instructions.
for running their new model using both Claude Code and Klein using custom API-based URLs
that point to Quinn's own capability proxies. Pricing for Quinn's own hosted models through
Alibaba Cloud looks competitive, end quote. And then back to the flagship model, quoting Venturebeat.
This week, Alibaba's Quinn team, as its AI division is known, released the latest updates to
at Quinn family, and they're already attracting attention once more from AI power users in the
West for their top performance. In one case, edging out even the new Kimmy II model from
rival Chinese AI startup moonshot released in mid-July 2025.
It also outperforms Clod's Opus 4 in its non-thinking version.
The new Quen 3 model update also delivers better coding results, alignment with user preferences,
and long context handling according to its creators.
In addition to the new model, the Quen team released an FP8 version, which stands for
8-bit floating point, a format that compresses the model's numerical operations to use less memory
and processing power without noticeably affecting its performance. In practice, this means organizations
can run a model with Quen3's capabilities on smaller, less expensive hardware, or more efficiently
in the cloud. The result is faster response times, lower energy costs, and the ability to scale
deployments without needing massive infrastructure. This makes the FP8 model especially attractive
for production environments with tight latency or cost constraints, end quote.
Three loosely related stories to finish up today with. First, Amazon has acquired B,
which sells a $50 device that resembles a Fitbit, is always listening to what's going on around you,
transcribes conversations, and serves up daily AI summaries.
Quoting the Verge, B makes a 4999 Fitbit-like device that listens in on your conversations
while using AI to transcribe everything that you and the people around you say,
allowing it to generate personalized summaries of your days, reminders, and suggestions from within the B app.
You can also give the device permission to access your emails, contacts, location, reminders, photos,
and calendar events to help inform its AI-generated insights as well as create a searchable history
of your activities. My colleague Victoria Song got to try out the device for herself and found that
it didn't always get things quite right. It tended to confuse real-like conversations with the
TV shows, TikTok videos, music, and movies that it heard when asked about Amazon's plans to
apply the same privacy measures offered by B, such as its policy against storing audio,
Amazon spokesperson Alexander Miller said the company cares deeply about
customer privacy and security, adding that the company will work with B to give users even greater
control over their devices when the deal closes, end quote.
Proton, the company behind the encrypted Proton email service has launched LUMO, an AI chatbot to
summarize documents, generate code, and more, and says it will protect users' information via
zero access encryption.
Quoting the verge, the new chatbot called LUMO can summarize documents, generate code,
write emails, and more while storing data locally on users' devices.
Proton says it will protect this information using zero access encryption, which grants users an
encryption key that only they can use to view the content, preventing third parties including
Proton from accessing the information.
This helps ensure that Proton can't share user data with advertisers or governments or use it
for training large language models, Proton says.
Though Lumo comes with the ability to search the web, Proton turns this feature off by default
to give users maximum privacy.
If users enable the feature, Lumo will search the web for answers using privacy.
friendly search engines. Additionally, Proton says Lumo can analyze uploaded files, but it doesn't
save any of its information. Users can link Proton drive files to Lumo as well, which are supported
by end-to-end encryption when interacting with the chatbot. You can access Lumo now by heading to
Lumo.Proton.m E or downloading the Lumo app for iOS and Android. Users who don't have access
to a Lumo account or Proton account can only ask the chatbot a limited number of questions
each week, and they won't be able to access their chat histories. Meanwhile, users with a free account
can view an encrypted chat history, upload small files, and favorite a limited number of chats.
There's also a 1299 per month Luma Plus plan for access to unlimited chats, extended encrypted
chat history, unlimited favorites, and the ability to upload large files, end quote.
And finally, in an interview at the Federal Reserve, Sam Altman warned of an impending fraud crisis
because of how AI could enable bad actors to impersonate other people.
Quoting CNN,
A thing that terrifies me is,
apparently there are still some financial institutions
that will accept a voice print as authentication for you
to move a lot of money or do something else.
You say a challenge phrase and they just do it, Altman said.
That is a crazy thing to still be doing.
AI has fully defeated most of the ways that people authenticate currently
other than passwords, end quote.
Altman isn't alone in words.
that AI will supercharge fraud. The FBI warned about these AI voice and video cloning scams last year.
Multiple parents have reported that AI voice technology was used in attempts to trick them out of money by
convincing them that their children were in trouble. And earlier this month, the U.S. officials warned
that someone using AI to impersonate Secretary of State Marco Rubio's voice had contacted foreign
ministers, a U.S. governor, and a member of Congress. I am very nervous that we have an
impending, significant impending fraud crisis, Altman said, end quote.
Nothing more for you today. Talk to you tomorrow.