saint

The EU froze ~€210bn of Russian central bank assets. Now it plans to use them as collateral to raise ~€90bn for Ukraine without formally confiscating anything.

It’s legally cautious and politically toxic.

Russia calls it theft and is retaliating. Belgium fears lawsuits and eurozone fallout. The US is stepping back. Ukraine is nearly out of cash.

There are no clean options left. Either Europe acts outside its comfort zone or admits it can immobilise money but not wield power.

You gotta do what you gotta do.

Redis recently released a security advisory regarding CVE-2025-49844. This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute remote code on older versions of Redis and Valkey with Lua scripting enabled. Developers are urged to upgrade to patched releases as soon as possible.

The vulnerability exploits a 13-year-old UAF memory corruption bug in Redis, allowing a post-auth attacker to send a crafted Lua script to escape the default Lua sandbox and execute arbitrary native code. This grants full host access, enabling data theft, wiping, encryption, resource hijacking, and lateral movement within cloud environments.

13 years. That's how long it took to find a critical safety vulnerability in one of the most popular C open source codebases, Redis.

The Europol SIMCARTEL operation shows that fighting crime is essential, but it also raises a warning: in the EU, SIM cards and communications are already under strict surveillance and control. While dismantling criminal networks is a good cause, we must not let it justify the erosion of fundamental privacy and personal freedoms for everyone. We should invest in smarter, less intrusive ways to combat crime rather than resort to blanket surveillance so that both security and the right to live untracked can be preserved.

Relatable:

Stance on rain: very pro-rain

Rain meant cancelled plans growing up

Nothing better than cancelled plans - relief even for wanted activities

Very enjoyable

Interesting times

FossFLOW is a powerful, open-source Progressive Web App (PWA) for creating beautiful isometric diagrams. Built with React and the Isoflow (Now forked and published to NPM as fossflow) library, it runs entirely in your browser with offline support.

Good (but scary) overview of state of AI in the og article, some points:

• The transformation of work by AI is already underway, not a distant future event. The NBER model quantifies this as a potential 366% productivity boost coupled with a 23% employment reduction, with half the job displacement happening within five years. This underscores the urgency of being intentional about how AI reshapes work environments.

• The future of AI in the workplace favors augmentation over replacement. Most workers prefer AI to automate repetitive tasks and to act as partners or coaches rather than substitutes. Enterprise AI strategies should therefore focus on complementing human skills, freeing teams to concentrate on creative and interpersonal value-driving activities.

• AI adoption and impact are highly role-specific. While some jobs like logistics management face high automation risks, others like hands-on mechanics remain largely unaffected. Similarly, AI is democratizing expertise by leveling the playing field for freelancers, which challenges traditional premium skill valuations. Effective AI strategies require granular, nuanced understanding of these variations to maximize benefits and mitigate harms.

• The UK government ordered Apple to create a “back door” into its most secure cloud storage, citing national security and crime prevention.
• The US, especially Vice President JD Vance and President Trump, strongly opposes this, seeing it as a threat to free speech and privacy, and a risk to tech partnerships.
• Apple withdrew its secure service from the UK and is legally challenging the order, with WhatsApp joining the fight.
• The UK’s stance is jeopardizing tech and data agreements with the US and complicating future AI regulation.
• UK officials admit the Home Office mishandled the issue and will likely have to retreat to avoid damaging relations with Washington.

State-sponsored hacking is accelerating. Your industry is next.

• Cyber specialists from Ukraine's military intelligence agency (HUR) have carried out a large-scale cyberattack against the network infrastructure of Russian energy giant Gazprom, causing significant disruptions, a HUR source told the Kyiv Independent on July 18
• The attack reportedly affected approximately 390 subsidiary companies and branches, including Gazprom Teplo Energo, Gazprom Obl Energo, and Gazprom Energozbyt
• The cyberattack allegedly destroyed large volumes of data and installed custom software designed to further damage the company's information systems

Supply chains are the new (old) battleground.

• Chinese-linked hackers are targeting the Taiwanese semiconductor industry and investment analysts as part of a string of cyberespionage campaigns.
• These groups often target "peripheral suppliers or related industries”
• In June where a China-linked hacking group identified by TeamT5 as "Amoeba" launched a phishing campaign against an unnamed chemical company that plays a critical role in the semiconductor supply chain

Unreleased Beyoncé music and luxury Apple gear were stolen during the 'Cowboy Carter' tour. Classic blunder: thieves grab MacBooks loaded with Find My trackers, making escapes a digital nightmare.

It’s poetic: artists now rely on surveillance capitalism to protect art.