3/ What an absolutely wild story. And yet another Epstein docs mystery.
2/ Hacker stumbles across Epstein child abuse on FBI server.
Is disgusted.
Threatens to call FBI.
FBI gets on video call to prove they are in fact the FBI.
NEW: foreign hacker compromised Epstein files held by #FBI
"included combing through certain files pertaining to the Epstein investigation”
Source describes it as cybercriminal.
Previously all we knew was: there was some sort of breach. 1/
By @raphae.li
www.reuters.com/world/us/for...
You used Pokemon Go. You were not the customer.
You were the product.
By @willdouglasheaven.bsky.social
www.technologyreview.com/2026/03/10/1...
14/ Want to go deeper on risks from commercial surveillance proliferation?
Watch my full testimony to the House Intelligence committee alongside remarkable advocate & spyware target Carine Kanimba & Shane Huntley of Google's Threat Intelligence.
www.youtube.com/watch?v=3Q52...
13/ Irony: China is often cited as reason offensive industry should be 10x'd
I understand the geopolitical arguments.
Yet in #Coruna case, privately-developed crown-jewel exploits just went to...China.
What exactly stops that from happening in future? And in even more catastrophic ways?
12/ Foreign demand has never been higher for people with US taxpayer-subsidized hacking knowledge...
If you grow the industry, it's foolish to believe companies & staff won't start looking for more customers overseas...
By @chrisbing.bsky.social & Joel Schectman
www.reuters.com/investigates...
11/ Some stand to get rich if US to radically expands commercial hacking industry.
But risks to rest of us are now there for all to see, even from 'top tier' players like Trenchant.
For example, a growing offensive industry will be a priority target for foreign hackers & recruitment.
10/ I believe we shouldn't have to fear that hacking capabilities bought with our tax dollars ...
Wind up used by hackers to steal our live savings.
9/ Today, some lobby for taxpayer funding a massive expansion of commercial hacking & exploit capabilities.
Notorious spyware companies are leaning into the hype.
I note that almost nobody is warning of the risks.
Reckless.
8/ Terrifyingly, #Coruna isn't even the first time commercially-developed hacking capabilities go to hostile actors.
Like how exploits first used by #NSOGroup's Pegasus & #Intellexa's Predator mysteriously found their way to Russian gov hackers...
blog.google/threat-analy...
7/ I believe more breaches of commercially-developed exploits are inevitable because the incentives are deeply wrong.
The commercial offensive industry's incentives are structurally misaligned with being transparent about their failures.
The price will be paid in hacked civilians & govs alike.
6/ In 2022 I warned Congress that commercially-developed exploits would leak.
I testified to House Intelligence that the tech would go to adversaries and criminal organizations.
That has now happened with #Coruna.
And as the commercial offensive industry grows, it will happen again.
6/ In 2022 I warned Congress that commercially-developed exploits would leak.
I testified to House Intelligence that the tech would go to adversaries and criminal organizations.
That has now happened with #Coruna.
And as the commercial offensive industry grows, it will happen again.
5/ Remember Peter Williams? Executive at Trenchant who sold exploits out the back door?
Many circumstances of the #Coruna case match up.
Implication: a devastating breach caused by an insider & a company that, for an extended period, failed to spot the unfolding disaster.
bsky.app/profile/vasp...
4/ Tonight, @lorenzofb.bsky.social brings the #Coruna exploit story home: they were probably paid for by tax dollars.
And developed by Trenchant, part of defense giant L3 Harris.
So, how did these ultra-sophisticated exploits walk out the door?
3/ Thing is, the powerful #Coruna exploits didn't originate with Chinese cybercriminals.
Some months before they were used by #Russian government hackers.
Before that? Google Threat Intel described it, it was being used by a customer of a surveillance company...
cloud.google.com/blog/topics/...
2/ Last week, the team #google blew open a massive hacking operation: #Coruna.
A Chinese hacking operation somehow had a huge catalogue of very, very good iPhone exploits stealing banking information & crypto from people all over the web.
Hard to overstate how bizarre this was.
BREAKING: powerful iPhone hacking tools used by Chinese criminals originated from US defense giant L3 Harris.
Their zero-click exploits went to Russian spies too.
Unbelievable harm to our collective security.
Scoop: @lorenzofb.bsky.social, here's why it matters 1/
techcrunch.com/2026/03/09/a...
5/ The failure conditions are fascinating:
"Oops a mirror partially collapsed and created a near concave geometry, concentrating the sun like a powerful magnifying glass. We burned an off-axis town and crisped the exposed skin of everyone at school recess before we could re-orient"
5/ If you don't want a company literally stealing night, now is the time to write to the #FCC.
Here's how to make a comment: darksky.org/news/two-sat...
4/ Economically, the increased energy costs of buildings & tech having to keep everything cool at night after workers go home..or get baked would be huge.
And for that matter, just how many mirrors might you need to add powerful solar irradiance to a solar farm? That's a LOT of mirrors...
3/ Night mirrors would disrupt the circadian rhythms of every organism in the zone. Bees forgetting to pollinate, critters mating at the wrong season, nocturnal animals suddenly have new predators, etc etc.
Even crops would suddenly have all sorts of strange issues. Flowering at the wrong time etc.
2/ Messed up sleep sleep leads to all sorts of health problems, from depression to cancer. The science is super clear & well-established..
The human body needs day/night rhythms.
OK so what about just pointing these space reflectors at farm areas?
The #FCC is reviewing a proposal for space mirrors to blast sunlight at the earth at night.
Sounds awful.
Anyone who that been to the far north or tried to sleep under lights knows how disorienting 24h of light is.
Everybody gets insomnia.
It's also an ecological disaster machinery 1/
5/ Or maybe you've been clever and, despite some initial founder discomfort that the VCs pushed through, you quietly built a for-government tokenflow pipe during the Series C...
And when the uncomfortable questions come, you justify it by talking about fraud prevention, safety etc.
4/ That tokenflow data smells like commercial insight, business & market intelligence for days...
So, you build in surveillance and monetization becomes your big defensible margin.
And then one day the warrants arrive...
3/ If you're routing data to inference providers, you get: who is querying what, when & how. Unprecedented window into thought process, tool calls, proprietary workflows.
Already a scarce, valuable resource mostly available to the big inference providers (key part of their moat!).
2/ Thusly a new generation of founders rediscovers fire: the data they route is more valuable than fees they get for routing it.
Spoiler: Your ISP discovered this. And now sells your data. Financial services companies discovered this. And now sell your data.
AI middleware companies are next.
We're about to see a new surveillance trap: "Plaid for AI"
This will look like slick middleware that seamlessly hooks CRMs to Claude, gmail to GPT-5 etc, etc.
UX will be great & founders well-meaning.
Then the VCs ask: what else can we do with this sick tokenflow data? 1/
