Just how much is AI poised to change our world?
Tech
Agentic AI, the alignment problem, and what comes next, explained
Unless you’ve been in hibernation, the flurry of attention surrounding the latest AI models coming out of Silicon Valley has been hard to miss. AI has gone beyond a chatbot merely answering your questions to doing stuff that only human programmers used to be able to do.
But we’ve been through these cycles involving tech before. How can we tell what’s actually real and what’s mere hype?
To answer this question, I invited Kelsey Piper, one of the best reporters on AI out there. Kelsey is a former colleague here at Vox and is now doing great work for The Argument, a Substack-based magazine. Kelsey is an optimist about tech — but clear-eyed about the huge risks from AI. She’s very much a power user, but is realistic about what AI can’t do yet. And she’s been banging the drum about how consequential AI is for years, even before it became such a hot mainstream topic.
Kelsey and I discuss all the reasons why the hype this time is rooted in something real, how we got here, and where we might be headed. As always, there’s much more in the full podcast, which drops every Monday and Friday, so listen to and follow us on Apple Podcasts, Spotify, Pandora, or wherever you find podcasts. This interview has been edited for length and clarity.
What’s actually happening right now in AI?
If you look closely, AI is already a big deal. Not in some abstract future sense, but right now. The closest analogy is not a new app or a new platform. It’s more like discovering a new continent full of people who are very good at doing certain kinds of work.
These systems are not people, but they can do things that used to require people. They can write code, generate text, solve problems, and increasingly do so in ways that are very useful in the real world.
And the key point is that it’s not stopping here. Every year the systems get better. The progress from 2025 to 2026 alone is enough to make it clear that this isn’t a static technology.
Whatever AI can do today, it will be able to do more of it tomorrow and so on.
Why is the reaction so split between panic and dismissal?
The default move is to assume nothing ever really changes.
If you’re a pundit, you can get pretty far by always saying this is hype, this will pass, nothing fundamental is happening. That works most of the time. It worked with crypto. It works with a lot of overhyped technologies.
But sometimes it’s just catastrophically wrong. Think about the early days of the internet, or the Industrial Revolution. Or even something like Covid. There were moments where people said this will blow over, and they were completely wrong. So you can’t just default to cynicism. You have to actually look at the thing itself.
“We still have time. That’s the most optimistic thing I can say.”
What would you say has really changed recently? Why does this hype cycle feel different?
Part of it is just accumulation. For a while, you could look at progress in AI and say, maybe this is a short trend. Maybe it plateaus. There were only a handful of data points. Now there are many, many more. And the trend has continued.
Another part is that the systems are now doing things that feel qualitatively different. Not just answering questions, but acting. Planning. Taking steps toward goals.
And then there’s a social dynamic. Most people use the free versions of these tools. Those are much worse than the best models. So they underestimate what is possible.
I don’t really think of you as an AI optimist or a doomer, and you’re normally pretty level-headed about the state of things, but do you think we’re entering dangerous territory?
I’m generally pro technology. Technology has made human life better in profound ways. That’s just true.
But I also think the way AI is currently being developed is dangerous. And the reason is that we’re building systems that can act in the world, access information, and increasingly operate with a degree of independence. We’re giving them access to things like communication channels, financial tools, and potentially critical infrastructure.
And we don’t fully understand how they behave. In controlled settings, we have seen these systems lie, deceive, and do things that are misaligned with what we asked them to do. They’re not doing this because they’re evil. They’re doing it because of how they are trained and how goals are specified.
But the result is the same. You have systems that do not always do what you intend, and that can be hard to monitor or control.
What do you mean when you say these systems lie and deceive?
In experiments, researchers give AI systems goals and access to information, then observe how they try to achieve those goals.
In some cases, the systems have used information they have access to in ways that are clearly not what we would want. For example, threatening to reveal sensitive information about a person if that person does not cooperate.
These are controlled tests, not real-world deployments. But they show what the systems are capable of under certain conditions. And that’s pretty concerning.
Is this what people mean by the alignment problem?
Yeah. Alignment is about making sure that AI systems do what we want them to do. And not just superficially, but in a robust way.
The difficulty is that when you give a system a goal, it can pursue that goal in ways you did not anticipate. Like a child who learns to get out of eating dinner by making it look like they ate dinner.
The system is optimizing for something, but not necessarily in the way you planned. That gap between intent and behavior is really the core of the alignment problem.
How confident are you in the guardrails being built around these systems?
Not very. There are people working seriously on this problem. They’re testing models, trying to understand how they behave, trying to detect deception.
But they’re also finding that the models can recognize when they are being tested and adjust their behavior accordingly.
That’s definitely a serious issue. If your system behaves well when it knows it’s being evaluated, but differently otherwise, then your evaluations are not telling you what you need to know. To me, that’s the kind of finding that should slow things down. It suggests we don’t understand these systems well enough to safely scale them.
So why do the companies keep pushing forward anyway?
Because it’s a competition. Each company can say it would be better if everyone slowed down. But if we slow down and others don’t, we fall behind. So they keep moving.
There are also a lot of geopolitical concerns. If one country slows down and another doesn’t, that creates another layer of pressure.
Why is agentic AI such a big shift?
The shift is from systems that respond to prompts to systems that can do things in the world.
An AI agent can be given a goal and then take steps to achieve it. That might involve interacting with websites, or sending messages, or hiring people through gig platforms, or coordinating tasks. Stuff like that. But even without physical bodies, they can affect the real world by directing humans or using digital infrastructure. That changes the nature of the technology. It’s no longer just a tool you use. It’s something that can operate on its own.
How scary could that become?
Potentially very. Even if you ignore the most extreme scenarios, these systems could be used for large-scale cyber attacks, misinformation campaigns, or other forms of disruption. The companies themselves acknowledge this. They understand. They test for these risks and implement safeguards. But safeguards can be bypassed, and the systems are getting more capable.
Are we even remotely prepared for what is coming?
No. We’re almost never prepared for major technological shifts. But the speed of this one makes it particularly challenging. If change happens slowly, we can catch up. If it happens too quickly, we can’t. And right now, the incentives are pushing almost entirely toward speed.
What’s the most realistic worst case and best case scenario?
The worst case is that we build increasingly powerful systems, hand over more and more control, and eventually create something that operates independently in ways we cannot control. Humans become less central to decision-making, and the systems pursue goals that don’t align with human well-being.
The best case is that we slow down enough to understand what we’re building, develop robust safeguards, and use these systems to create abundance and improve human life. That could mean less work, more resources, better access to knowledge, and more freedom. But getting there requires making good choices now.
Do you think we’ll make those choices?
We still have time. That’s the most optimistic thing I can say.
Listen to the rest of the conversation and be sure to follow The Gray Area on Apple Podcasts, Spotify, Pandora, or wherever you listen to podcasts.
Continue Reading
The Meadow slips into a pocket without a second thought. Measuring just 1.3 by 2 by 0.4 inches and weighing four ounces, it feels closer to a good luck charm than a conventional smartphone. The recycled polycarbonate shell has a smooth, understated feel that should hold up well to everyday use, and the three inch square display sits centered in that compact body, clear enough for a quick glance but small enough that lingering on it for too long simply isn’t that appealing. That last part is rather the point.
Setup takes under five minutes and works with your existing phone number, no new SIM required. Calls go to your main phone first, and if that is unavailable Meadow picks up automatically. Messaging works on a similar principle, with one deliberate restriction: only 12 contacts you have approved can reach you by text. Anything from outside that list simply does not come through, which cuts spam and unwanted pings entirely. Leave your main phone behind and an auto-reply lets people know you are unreachable for the time being.
Sale
Google Pixel 10 – Unlocked Android Smartphone – Gemini AI Assistant – Advanced Triple Rear Camera…
- Google Pixel 10 is the everyday phone unlike anything else; it has Google Tensor G5, Pixel’s most powerful chip, an incredible camera, and advanced…
- Unlocked Android phone gives you the flexibility to change carriers and choose your own data plan[2]; it works – Google Fi, Verizon, T-Mobile, AT&T…
- The upgraded triple rear camera system has a new 5x telephoto lens – up to 20x Super Res Zoom for stunning detail from far away; Night Sight takes…
The app selection is deliberately minimal but covers what most people actually need day to day. You get calls, messaging, a camera, a clock, maps, notes, and weather. Spotify and Apple Music handle music streaming, with local playback and a dedicated app available for podcasts and audiobooks. Strava covers fitness tracking and Uber handles rides. That is the full list, and there is no app store to tempt you into adding more. For anyone who has grown tired of their attention being pulled in a dozen directions at once, that simplicity feels less like a limitation and more like a breath of fresh air.
The hardware is more than capable of handling the lean app selection without any lag, with 6GB of memory and 128GB of storage on board. A single 13 megapixel rear camera is there when you need it, and the absence of a front facing lens is a deliberate trade-off rather than an oversight. Battery life stretches to a day or two of mixed use depending on how you are using it, and USB-C fast charging keeps top-ups quick. Bluetooth handles headphones and speakers without issue, though there is no headphone jack. Wi-Fi, Bluetooth, NFC, and 4G are all supported, with connectivity managed through a monthly service that costs $10 after the first nine months of free service included with purchase.
Pre-orders are open now at $399, with the price rising to $449 once stock arrives. US customers can expect delivery around June 2026, with each unit coming bundled with a beach pouch, an activity case, and a charging cable.
[Source]
Tech
Europe Gets Its First Driverless Robotaxi Service Starting in Zagreb, Thanks to Uber and Pony.ai
Riders in one European capital will soon be able to summon a self-driving car and pay for it using a familiar app. Uber is collaborating with Pony.ai, a Chinese autonomous car technology startup, and Verne, a Croatian company familiar with the local scene. On March 26, 2026, the three firms revealed their plans, and they’ve decided to kick things off in Zagreb.
You can already witness test vehicles driving around Zagreb as part of the real-world testing procedure. They’re all powered by Pony.ai’s latest autonomous system, Gen-7 technology, which provides them with more than enough intelligence to navigate from A to B without the need for a human driver. They are all Arcfox Alpha T5s, and after the final checks are completed, fare collection will be only a few weeks or months away.
Sale
LEGO Technic Ferrari FXX K Toy Car – Building Toy for Girls & Boys, Ages 10+ – Cool Birthday Gift for…
- LEGO FERRARI MODEL CAR KIT – Builders ages 10+ can create the legendary Technic Ferrari FXX K with authentic details and working mechanical features
- AUTHENTIC RACE CAR DETAILS – This supercar building set features working butterfly doors, opening hood, and an engine cover that reveals the…
- CAR MODEL KIT – Young engineers explore real automotive concepts with this educational learning toy as they build the working differential and watch…
It all works relatively simply: Pony.ai provides the self-driving technology and software that allows the cars to traverse routes on their own. Given their local experience and presence in Zagreb, Verne owns the cars and manages the day-to-day operations, while Uber integrates the rides into their worldwide network, allowing anybody with the app to order one alongside a regular ride or bike, all from the same app.
Pony.ai has already launched commercial robotaxis in a number of Chinese cities, and the data show that they are covering costs and turning a profit. That track record gives the partners great confidence that they can replicate this success in Europe as well. Verne understands the local roads and rules, as well as client expectations across Europe. Together, they want to avoid the lengthy delays that have hindered other autonomous initiatives throughout the continent.
Next, the partners discuss expanding their fleet to thousands of vehicles and several cities in the coming years. For the time being, Zagreb serves as a proving ground. Success there will be the key to expanding into other European markets, and even beyond. Meanwhile, Verne is working with regulators to ensure that their safety standards remain similar no matter where the service ends up.
Dara Khosrowshahi, Uber’s CEO, says the goal is to make autonomous rides more accessible by combining great technology with a thorough grasp of the local market. James Peng who founded Pony.ai pointed to the same idea noting that proven systems work best when paired with operators who understand each market. Marko Pejkovic who leads Verne put it simply that Europe has waited long enough for real autonomous service instead of endless tests.
[Source]
The first day of the BGIS final has just curtailed. Today, we saw some amazing battle action not just from the top teams but from almost everyone. Still, we had winners and also losers. The biggest winner of today was Soul, which topped the rankings, followed closely by Godlike and VS. At the bottom was Nebula, who had a horrible run of matches. Here’s what the standings look like after day one of BGIS Grand Finals.
BGIS 2026 Grand Finals Standings After Day 1
| Teams | WWCD | Position Points | Finish Points | Total Points |
|---|---|---|---|---|
| SOUL | 1 | 18 | 48 | 66 |
| GODL | 2 | 21 | 42 | 63 |
| VS | 1 | 23 | 34 | 57 |
| WF | 1 | 23 | 32 | 55 |
| GENS | 0 | 10 | 44 | 54 |
| VE | 1 | 17 | 31 | 48 |
| RGE | 0 | 17 | 25 | 42 |
| RNTX | 0 | 6 | 29 | 35 |
| OG | 0 | 7 | 21 | 28 |
| NINZ | 0 | 8 | 18 | 26 |
| K9 | 0 | 10 | 14 | 24 |
| MYTH | 0 | 10 | 14 | 24 |
| WELT | 0 | 8 | 13 | 21 |
| TT | 0 | 5 | 15 | 20 |
| LEFP | 0 | 5 | 11 | 16 |
| NBE | 0 | 4 | 10 | 14 |
Day 2 awaits us tomorrow, and it’s historically a day of comebacks in BGMI. We hope to see similar top-tier action. If you missed today’s games, check out our highlights of day 1.
The DJI Mini 3, priced at $299 (was $419), is the type of drone that keeps people coming back for more, and the reasons why are undeniable. With a weight of just under 249 grams, it falls under the FAA registration radar in the United States, allowing you to pull it from your backpack and fly in no time, with no paperwork or licensing to come in the way. That kind of spontaneity transforms a last-minute trip to the park into a legitimate aerial photography opportunity.
Its camera is a true show stopper, especially for an entry-level drone. It has a 1.3-inch sensor that captures 4K footage at 30 frames per second and has enough range to handle both brilliant sky and dark shadows in the same shot – all while maintaining a three-axis gimbal that keeps everything smooth and stable whether you’re banking, ascending, or making fast bends. With just one swipe to switch to vertical mode on your phone, you’re ready to go without having to fool around with cropping.
Sale
DJI Mini 3, Drones with Camera for Adults 4K, 38-min Flight Time, up to 32800ft (10km) Video…
- No Registration Needed – Under 249 g, FAA Registration, and Remote ID are not required if you fly for recreational purposes. Visit the FAA’s official…
- 4K UHD Stunning Imagery- Film in 4K HDR Video for crystal clear aerial shots. With Dual Native ISO Fusion, Mini 3 enables the capture of details in…
- Striking Vertical Videos are Ready to Share – With True Vertical Shooting, you can easily capture tall landmarks like skyscrapers and waterfalls.
The battery life is quite impressive for a drone this small. Standard packs will last 38 minutes in calm conditions, but in the actual world, you’ll get about 25-30 minutes, which is no small feat. Even when the wind comes up, the Mini 3 can withstand gusts of up to 24 mph, which is a huge advantage when you have smaller drones that are prone to getting blown off course. If you lose signal or sight of it, the Mini 3’s built-in hover hold and return to home functions will safely return it to you.
Getting off the ground is easy. Simply switch it on, connect your phone or tablet to the controller, and it will be linked within seconds. The software walks you through the basics in a matter of minutes, and then you can experiment with the automated flight modes; circles, spirals, and all that jazz are just one tap away, making it an excellent choice for beginners who are still learning the controls. The capacity to simply replace parts when necessary alleviates the burden of long-term ownership.
Over the last 5 years, the number of S Pass and EP holders grew by just 400
In debates over foreign labour in Singapore, one claim often surfaces: that foreign professionals are stealing well‑paid, high-skilled jobs from Singaporeans.
But data from the Ministry of Manpower (MOM) figures paint a more nuanced picture that challenges the assumptions behind this narrative. According to provided stats, the number of foreign professionals barely budged between 2020 and mid-2025, and the best-paying sectors are still overwhelmingly held by locals.
Here’s what the numbers actually show.
There are at least 4 locals for every foreign professional
Among Singapore’s foreign workforce, not all passes are created equal.
The ones Singaporeans are particularly worried about are Employment Pass (EP) holders—high-earning professionals cleared to work here based on salary and qualifications—and S Pass holders, the mid-skilled technical workers one rung below.
Together, they’re the foreign hires competing directly with locals for PMET (Professionals, Managers, Executives, and Technicians) jobs, or positions that typically offer higher wages and career progression.
According to online outrage, you might expect this group to have grown significantly over the years, but surprisingly, MOM’s latest Local Employment Outcomes report, released last month, shows otherwise.
From 2020 to 2025, the total number of S Pass and EP holders increased by only 400. That’s not a typo.
From 378,500 in 2020, the total number of these pass holders had actually dipped to 331,200 in 2021, rose slightly to 338,000 in 2022, and then gradually climbed to 378,900 in 2025.
At the same time, the resident workforce, comprising Singapore citizens and Permanent Residents, is gaining ground. The proportion of PMETs (Professionals, Managers, Executives, and Technicians) among employed residents rose from 1.3 million in 2020 to 1.5 million in 2025.
This growth outpaced the combined increase in EP and S Pass holders, showing that locals are not being crowded out. They are, instead, expanding their presence in high-skill roles.
Moreover, there are at least four times more local PMETs employed than foreign S Pass and EP holders in comparable roles—a clear sign that Singaporeans still dominate professional and managerial positions across industries.
The best-paying sectors remain primarily held by locals…
Industry-level data reinforces this picture.
According to MOM’s Job Vacancy report released last year, across all major industries, there is no sector where foreign workers make up more than 25% of PMET roles.
The best-paying sectors still remain dominated by locals. In finance, foreign pass holders account for less than 15% of PMET roles, while Health & Social Services, which includes doctors and specialised healthcare technicians, shows a similar proportion.
Only three sectors—Food & Beverage Services, Construction, and Administrative Services—have the highest foreign employment shares, with foreigners accounting for 40–50% of PMET roles.
These are also the sectors that Singaporeans are typically the least interested in, even at managerial levels, and they offer the fewest quality job openings.
… and it will stay that way
The data makes it very clear: while foreigners do fill some PMET roles, locals remain firmly in control of Singapore’s high-paying, high-skilled jobs.
It is worth noting, though, that the data does not distinguish between Singapore citizens and Permanent Residents, which means some of these roles may be held by foreigners.
However, this distinction does little to change the broader picture. SCs and PRs are both part of the resident workforce, with similar access to opportunities and responsibilities, making them a meaningful measure of local participation.
Resident Singaporeans may only strengthen their hold on high-paying, high-skilled roles in the years ahead.
In Budget 2026, the Government announced further tightening of the foreign workforce criteria, including raising the minimum qualifying salary for Employment Pass holders to S$6,000 (and S$6,600 in finance), and increasing S Pass thresholds as well, to S$3,600 (and S$4,000 in finance).
These changes are not just technical adjustments. They are part of a broader strategy to ensure that foreign hires remain high-quality and complementary, rather than substitutes for local workers. As Prime Minister Lawrence Wong put it, Singapore will remain open to global talent, while ensuring that Singaporeans “remain firmly at the centre of our workforce and our policies.”
In other words, the data already shows that locals dominate the country’s most desirable jobs—and policy is moving in a direction that will prioritise them even further.
- Read other articles we’ve written on Singapore’s current affairs here.
Featured Image Credit: TK Kurikawa/ Shutterstock.com
joshuark shares a report from BleepingComputer: The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. LiteLLM is an open-source Python library that serves as a gateway to multiple large language model (LLM) providers via a single API. The package is very popular, with over 3.4 million downloads a day and over 95 million in the past month. According to research by Endor Labs, threat actors compromised the project and published malicious versions of LiteLLM 1.82.7 and 1.82.8 to PyPI today that deploy an infostealer that harvests a wide range of sensitive data.
[…] Both malicious LiteLLM versions have been removed from PyPI, with version 1.82.6 now the latest clean release. […] If compromise is suspected, all credentials on affected systems should be treated as exposed and rotated immediately. […] Organizations that use LiteLLM are strongly advised to immediately:
– Check for installations of versions 1.82.7 or 1.82.8
– Immediately rotate all secrets, tokens, and credentials used on or found within code on impacted devices.
– Search for persistence artifacts such as ‘~/.config/sysmon/sysmon.py’ and related systemd services
– Inspect systems for suspicious files like ‘/tmp/pglog’ and ‘/tmp/.pg_state’
– Review Kubernetes clusters for unauthorized pods in the ‘kube-system’ namespace
– Monitor outbound traffic to known attacker domains
The RAI Institute has just unveiled Roadrunner, a compact robot no heavier than a medium sized dog that moves in ways that catches you off guard. It glides across flat ground on wheels, shifts its stance to tackle a staircase, rides down a ramp with the kind of casual ease you would expect from something with years of practice, backs down another set of steps with equal confidence, and caps it all off by balancing on a single wheel while the rest of its body stays completely still.
The team behind this project is based in Massachusetts and has an amazing track record, having been created by Marc Raibert, the former CEO of Boston Dynamics. This new venture is continuing the same emphasis on robots that can handle complex motion without appearing like complete clowns, and Roadrunner is their latest research platform built to test out all sorts of ideas that most legged robots can only dream of.
Unitree G1 Humanoid Robot(No Secondary Development)
- Sleek & Durable Design: Standing at 132cm tall and weighing only approx. 35kg, the G1 is constructed with aerospace-grade aluminum alloy and carbon…
- High Flexibility & Safe Movement: Boasting 23 joint degrees of freedom (6 per leg, 5 per arm), it offers an extensive range of motion. For safety, it…
- Smart Interaction & Connectivity: Powered by an 8-core high-performance CPU and equipped with a depth camera and 3D LiDAR. It supports Wi-Fi 6 and…
At 15 kilograms the robot is light enough to move quickly without sacrificing structural integrity. Each leg ends in a wheel and has a knee joint that works equally well facing forward or backward, a symmetry that lets the machine adjust its stance instantly to sidestep an obstacle or line up for the next step. A single control system handles every movement style, from rolling side by side like a small cart to lining up like a scooter to taking actual walking steps. That same software has learned to get the robot back on its feet from almost any position on the ground and keep it balanced even when only one wheel is making contact with the surface.
Approaching a staircase, the robot slows, lifts a leg, and places the wheel onto the first step, repeating the motion steadily until it reaches the top, with the wheels only spinning when the terrain actually calls for it. Coming back down it simply turns around and descends with the same unhurried control, never losing its footing. None of this required additional fine tuning in the real world. The team refers to it as a zero-shot transfer, meaning the robot learned everything it needed entirely in simulation and carried that info straight into the physical world without any further adjustment.
[Source]
SiliconRepublic.com spoke with experts at Amgen to explore how early career guidance can set the foundations for a happy and productive career.
The last decade has brought significant change to the working world and it is fair to say that in many cases, advancements have worked to reduce and even eliminate organisational silos. That is to say, in 2026 there is no real reason for employees – remote, hybrid or in-person – to feel isolated in their work or limited in how they might progress professionally.
That is where planned mentorship often comes in. For many professionals, mentorship can be the factor that enables them to upskill quickly, learn the ropes on the job, develop a network, move beyond their own expectations and even take up the mantle of mentor, eventually. But for that to happen, guidance has to be a key element of an organisation, not a box-ticking exercise every now and then.
“Mentorship has multiple benefits,” explained Michelle Somers, the senior director of facilities and engineering at Amgen. “One of the first things for an organisation to do, to encourage mentorship as a core pillar, is to set up some structured mentorship.
“Once that is there, the structure is there. You know, the questions are there, the pathways are there and then people get really familiar with it. Then mentorship really becomes a natural thing.”
For Somers, in establishing a system that supports mentorship publicly, organisations not only showcase their goals to empower career progression, but also make it clear that career guidance is not an anomaly, but part of a company’s ethos.
“I had a colleague come to me recently who said, ‘I know you’ve mentored a colleague of ours, any chance I can avail of your services?’ That turned into just a couple of coffee conversations, where I was able to be a sounding board on her potential career path.
“The structured programme sets up an expectation that people are available for help and support and then it happens quite naturally and fluidly, especially like what we do here in Amgen.”
Plan in action
Lauren Moore, a manufacturing manager at Amgen, is one such person to benefit from having a mentor take an interest in her career. As Moore’s career progressed at the organisation, she was promoted to a leadership role, which she took in her stride, however, roughly two months in, she began to face some of the challenges that naturally come with a change in expectations.
She told SiliconRepublic.com: “I was facing some challenges with the additional level of responsibility. So, I sat down with my mentor at the time, who was a leader in the manufacturing area. For me that was incredibly impactful at that early stage in my career. And it really enabled me to build confidence, to build resilience and ultimately to succeed in that position.”
Moreover, she is of the opinion that, in developing a positive attitude and adopting a strong sense of company culture, she, alongside Amgen, can better deliver medicines and vital treatments to the patients who depend on the organisation’s services.
For Amgen’s senior director of quality control, Claire Shaw, to achieve the best results for employees and for the people using Amgen’s services, companies have to prioritise inclusivity, especially at the induction level.
She said: “I would consider it very collaborative. There’s a strong sense of teamwork and a strong sense of belonging. Organisations can support a happy work environment that ensures that we serve our patients through developing their staff, and ensures each colleague is valued and can contribute to our daily mission to serve patients.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the wild, dubbed Darksword.
Like Coruna, Darksword appears to have followed the path of government security contractors, to different government actors, to crypto stealer. It appears to focus on exploits already fixed in modern iOS releases, with most affecting iOS 18 and all patched by iOS 26.3.
Going from almost no public examples of modern iOS exploits to two in as many weeks is wild, so if mobile device security is of interest, be sure to check out the Google write-up.
Another FBI Router Warning
The second too early to be retro – but too important to ignore – repeat security item is a second alert by the FBI cautioning about end-of-life consumer network hardware under active exploitation, with the FBI tracking almost 400,000 device infections so far.
Like the warning two weeks ago, the FBI calls out a handful of consumer routers – but this time they’re devices that may actually still be service in some of our homes (or our less cutting edge friends and family), calling out devices from Netgear, TP-Link, D-Link, and Zyxel:
- Netgear DGN2200v4 and AC1900 R700
- TP-Link Archer C20, TL-WR840N, TL-WR849N, and WR841N
- D-Link DIR-818LW, 850L, and 860L
- Zyxel EMG6726-B10A, VMG1312-B10D, VMG1312-T20B, VMG3925-B10A, VMG3925-B10C, VMG4825-B10A, VMG4927-B50A, VMG8825-T50K
While many of these devices are over ten years old, they still support modern networking – some of them even supporting 802.11ac (also called Wi-Fi 5). Unfortunately, since support has been ended by the manufacturers, publicly disclosed vulnerabilities have not been patched (and now never will be, officially)
Once infected, the routers are enrolled in the AVRecon malware network, which includes the now-typical suite of behavior of remote control, remote VPN access to the internal and external networks, DNS hijacking, and DDoS (distributed denial of service) attacks. This sort of network malware is used by attackers to exploit internal systems like un-patched Windows or IOT devices on the local network, and as a launching point to hide behavior as coming from a certain country or state by using the public Internet connection as a VPN. It’s also often monetized by unscrupulous apps selling cheap VPN service.
The worst type of vulnerability affecting home routers is one which can be triggered remotely from the Internet without user interaction – for instance CVE-2024-12988 which allows arbitrary code execution remotely on Netgear devices, but even vulnerabilities which are only accessible from the local network can be combined with cross-site vulnerabilities or vulnerabilities in other devices to exploit home routers. A malware infection on a Windows system can be leveraged to install additional, permanent malware installs on routers and IOT devices, and malware on a router can be used to redirect the user to install more malware on an internal PC via manipulating the network, or allow direct attack of internal systems via a proxy.
A slight upside is that this batch of vulnerable hardware is often modern enough to run OpenWRT or other replacement firmware. OpenWRT supports thousands of routers and access points – and often forms the basis of the commercial firmware the device was shipped with, before the manufacturer abandoned it. Converting a device to OpenWRT may be intimidating for some, but for anyone with one of the listed devices, the time to try is now! It’s cheaper than buying a new device, and worst case scenario, you’d have to replace that router anyway!
You can use the OpenWRT Table of Hardware to see if there is a version for your device.
Unfortunately, vulnerabilities in home routers don’t offer many lessons: there’s rarely a need to log into them to see if there is a pending update, and almost nothing the typical home user can do except buy a new device when the manufacturer stops supplying security fixes.
Trivy Compromised
The Trivy security scanner suffered a breach themselves, leading to a cascading series of breaches of other tools. Trivy is an automatic vulnerability scanner for finding vulnerabilities is the dependencies of Docker and other container images, package repositories, and language packages in Go, PHP, Python, Node, and many other popular languages. Trivy is often integrated into the CI/CD (continual integration and continual deployment) process of other open and closed source projects and internal company processes.
According to the timeline published by Aqua, in late February 2026 a misconfigured GitHub workflow allowed the theft of authentication tokens for the Trivy project. While the attack was detected and the credentials removed, not all credentials were properly removed, which allowed the attackers to complete the attack on March 19, 2026.
Once compromised, all but one release of the Trivy GitHub actions were replaced with trojaned malicious copies, spreading the compromise to any project which used the Trivy GitHub actions, spreading the malware payload to many projects using the Trivy scanner actions.
GitHub actions are part of GitHub which allows scripts when repository actions like a pull request or merge are performed. Actions can be used to check that a change compiles properly, scan for security issues, generate documentation, or generate release binaries, and typically are allowed to make changes to the repository itself. GitHub workflows can include actions from other repositories via the Action Marketplace. By replacing the Trivy actions, the attackers essentially gained access to every repository using Trivy to scan for vulnerabilities in their own codebases.
The hijacked Trivy actions collected and exfiltrated access tokens for Docker, Google Cloud, Azure, and AWS, Git credentials, SSH keys, and any other secrets from projects using the Trivy actions. With these keys, the controllers of the original malware are able to attack those projects directly, such as the immensely popular LiteLLM Python interface to AI LLM models from multiple companies.
The compromise of LiteLLM also stole credentials to cloud services, SSH, git, Docker, and Kubernetes on any system that ran the trojaned setup scripts, as well as infecting any connected Kubernetes systems found in the configurations.
There are also reports that the malware actors are also infecting NPM node packages with malware which automatically updates itself from a block-chain based control system and steals NPM authentication tokens to inject itself into any NPM packages the victim may have authored.
Supply-chain attacks happening for years with varying levels of success. But the Trivy attack may be the most successful in spreading compromised packages into multiple package repositories. It’s difficult to avoid supply chain attacks, especially when the vulnerability scanner itself is the source of the problem. GitHub has introduced immutable releases – tagged build versions which can not be updated once released, and the immutable release of Trivy was the only version not compromised by the attackers. As more packages shift to immutable versions it may become harder to insert malware into the supply, but we’re nowhere near a tipping point of projects using immutable releases yet.
The people at Signal Snowboards are well known not only for producing quality snowboards, but doing one-off builds out of unusual and perhaps questionable materials just to see what’s possible. From pennies to glass, if it can go on their press (and sometimes even if it can’t) they’ll build a snowboard out of it. At some point, they were challenged to build different types of boards from paper products which resulted in a few interesting final products, but this pushed them to see what else they could build from paper and are now here with an acoustic guitar fashioned almost entirely from cardboard.
For this build, the luthiers are modeling the cardboard guitar on a 50s-era archtop jazz guitar called a Benedetto. The parts can’t all just be CNC machined out of stacks of glued-up cardboard, though. Not only because of the forces involved in their construction, but because the parts are crucial to a guitar’s sound. The top and back are pressed using custom molds to get exactly the right shape needed for a working soundboard, and the sides have another set of molds. The neck, which has the added duty of supporting the tension of the strings, gets special attention here as well. Each piece is filled with resin before being pressed in a manner surprisingly similar to producing snowboards. From there, the parts go to the luthier in Detroit.
At this point all of the parts are treated similarly to how a wood guitar might be built. The parts are trimmed down on a table saw, glued together, and then finished with a router before getting some other finishing treatments. From there the bridge, tuning pegs, pickups, and strings are added before finally getting finished up. The result is impressive, and without looking closely or being told it’s made from cardboard, it’s not obvious that it was the featured material here.
Some of the snowboards that Signal produced during their Every Third Thursday series had similar results as well, and we actually featured a few of their more tech-oriented builds around a decade ago like their LED snowboard and another one which changes music based on how the snowboard is being ridden.
News Videos8 seconds ago
The #1 Financial KPI You Need
NewsBeat1 minute ago
Norton Road (Blackboards) between Norton and Malton reopens
Business2 minutes ago
India, US review next steps in trade pact talks
-
Crypto World7 days agoNIO (NIO) Stock Plunges 6.5% as Shelf Registration Sparks Dilution Worries
-
NewsBeat2 days agoManchester United reach agreement with Casemiro over contract clause amid transfer speculation
-
Crypto World6 days agoBest Crypto to Buy Now: Strategy Just Spent $1.57 Billion on Bitcoin During Fear While Early Investors Quietly Enter Pepeto for 150x Potential
-
Crypto World6 days agoBitcoin Price News: Bhutan Sells $72 Million in BTC Under Fiscal Pressure, but the Smart Money Entering Pepeto Sees What the Market Does Not
-
News Videos2 days agoParliament publishes latest register of MPs’ financial interests
-
Sports4 days agoRemo Stars and Kano Pillars Strengthen Survival Hopes in NPFL
-
Sports4 days agoGary Kirsten Accuses Pakistan Cricket Board Of ‘Interference’, Mohsin Naqvi Responds
-
Business5 days agoNo Winner in March 21 Drawing as Prize Rolls to $133 Million for Next
-
Tech5 days agoGive Your Phone a Huge (and Free) Upgrade by Switching to Another Keyboard
-
Tech5 days agoAI enters the chat: New Seattle dating app relies on tech to facilitate meaningful human connections
-
News Videos4 days agoCh 9 Financial Management Part 1 | Detailed One Shot | Class 12 Business Studies Boards 2026
-
Business7 days ago
Columbia Sportswear enters $500 million credit agreement with JPMorgan Chase
-
Tech6 days agoToday’s NYT Connections Hints, Answers for March 22 #1015
-
Business23 hours agoInstagram, YouTube Found Responsible for Teen’s Mental Health Struggle in Historic Ruling
-
Business5 days agoWill Duke Basketball Win It All? Duke Basketball Enters Second Round as Third Favorite to Claim NCAA Title
-
Sports5 days ago2026 Kentucky Derby horses, odds, futures, preview, date: Expert who hit 12 Derby-Oaks Doubles enters picks
-
NewsBeat5 days agoUpdate on Wisbech river crash as search for teenage boy enters fifth day
-
Entertainment4 days agoCynthia Bailey Dishes on ‘RHOA’ Season 17, Discusses Kandi
-
NewsBeat2 days agoTesco is selling new Cadbury Dairy Milk bar and people can’t wait to try it
-
Tech4 days agoSamsung will soon let you control smart home devices from your car’s dashboard
You must be logged in to post a comment Login