A developer gets a LinkedIn message from a recruiter. The role looks legitimate. The coding assessment requires installing a package. That package exfiltrates all cloud credentials from the developer’s machine — GitHub personal access tokens, AWS API keys, Azure service principals and more — are exfiltrated, and the adversary is inside the cloud environment within minutes.
Your email security never saw it. Your dependency scanner might have flagged the package. Nobody was watching what happened next.
The attack chain is quickly becoming known as the identity and access management (IAM) pivot, and it represents a fundamental gap in how enterprises monitor identity-based attacks. CrowdStrike Intelligence research published on January 29 documents how adversary groups operationalized this attack chain at an industrial scale. Threat actors are cloaking the delivery of trojanized Python and npm packages through recruitment fraud, then pivoting from stolen developer credentials to full cloud IAM compromise.
In one late-2024 case, attackers delivered malicious Python packages to a European FinTech company through recruitment-themed lures, pivoted to cloud IAM configurations and diverted cryptocurrency to adversary-controlled wallets.
Advertisement
Entry to exit never touched the corporate email gateway, and there is no digital evidence to go on.
On a recent episode of CrowdStrike’s Adversary Universe podcast, Adam Meyers, the company’s SVP of intelligence and head of counter adversary operations, described the scale: More than $2 billion associated with cryptocurrency operations run by one adversary unit. Decentralized currency, Meyers explained, is ideal because it allows attackers to avoid sanctions and detection simultaneously. CrowdStrike’s field CTO of the Americas, Cristian Rodriguez, explained that revenue success has driven organizational specialization. What was once a single threat group has split into three distinct units targeting cryptocurrency, fintech and espionage objectives.
That case wasn’t isolated. The Cybersecurity and Infrastructure Security Agency (CISA) and security company JFrog have tracked overlapping campaigns across the npm ecosystem, with JFrog identifying 796 compromised packages in a self-replicating worm that spread through infected dependencies. The research further documents WhatsApp messaging as a primary initial compromise vector, with adversaries delivering malicious ZIP files containing trojanized applications through the platform. Corporate email security never intercepts this channel.
Most security stacks are optimized for an entry point that these attackers abandoned entirely.
Advertisement
When dependency scanning isn’t enough
Adversaries are shifting entry vectors in real-time. Trojanized packages aren’t arriving through typosquatting as in the past — they’re hand-delivered via personal messaging channels and social platforms that corporate email gateways don’t touch. CrowdStrike documented adversaries tailoring employment-themed lures to specific industries and roles, and observed deployments of specialized malware at FinTech firms as recently as June 2025.
CISA documented this at scale in September, issuing an advisory on a widespread npm supply chain compromise targeting GitHub personal access tokens and AWS, GCP and Azure API keys. Malicious code was scanned for credentials during package installation and exfiltrated to external domains.
Dependency scanning catches the package. That’s the first control, and most organizations have it. Almost none have the second, which is runtime behavioral monitoring that detects credential exfiltration during the install process itself.
“When you strip this attack down to its essentials, what stands out isn’t a breakthrough technique,” Shane Barney, CISO at Keeper Security, said in an analysis of a recent cloud attack chain. “It’s how little resistance the environment offered once the attacker obtained legitimate access.”
Advertisement
Adversaries are getting better at creating lethal, unmonitored pivots
Google Cloud’s Threat Horizons Report found that weak or absent credentials accounted for 47.1% of cloud incidents in the first half of 2025, with misconfigurations adding another 29.4%. Those numbers have held steady across consecutive reporting periods. This is a chronic condition, not an emerging threat. Attackers with valid credentials don’t need to exploit anything. They log in.
Research published earlier this month demonstrated exactly how fast this pivot executes. Sysdig documented an attack chain where compromised credentials reached cloud administrator privileges in eight minutes, traversing 19 IAM roles before enumerating Amazon Bedrock AI models and disabling model invocation logging.
Eight minutes. No malware. No exploit. Just a valid credential and the absence of IAM behavioral baselines.
Ram Varadarajan, CEO at Acalvio, put it bluntly: Breach speed has shifted from days to minutes, and defending against this class of attack demands technology that can reason and respond at the same speed as automated attackers.
Advertisement
Identity threat detection and response (ITDR) addresses this gap by monitoring how identities behave inside cloud environments, not just whether they authenticate successfully. KuppingerCole’s 2025 Leadership Compass on ITDR found that the majority of identity breaches now originate from compromised non-human identities, yet enterprise ITDR adoption remains uneven.
Morgan Adamski, PwC’s deputy leader for cyber, data and tech risk, put the stakes in operational terms. Getting identity right, including AI agents, means controlling who can do what at machine speed. Firefighting alerts from everywhere won’t keep up with multicloud sprawl and identity-centric attacks.
Why AI gateways don’t stop this
AI gateways excel at validating authentication. They check whether the identity requesting access to a model endpoint or training pipeline holds the right token and has privileges for the timeframe defined by administrators and governance policies. They don’t check whether that identity is behaving consistently with its historical pattern or is randomly probing across infrastructure.
Consider a developer who normally queries a code-completion model twice a day, suddenly enumerating every Bedrock model in the account, disabling logging first. An AI gateway sees a valid token. ITDR sees an anomaly.
Advertisement
A blog post from CrowdStrike underscores why this matters now. The adversary groups it tracks have evolved from opportunistic credential theft into cloud-conscious intrusion operators. They are pivoting from compromised developer workstations directly into cloud IAM configurations, the same configurations that govern AI infrastructure access. The shared tooling across distinct units and specialized malware for cloud environments indicate this isn’t experimental. It’s industrialized.
Google Cloud’s office of the CISO addressed this directly in their December 2025 cybersecurity forecast, noting that boards now ask about business resilience against machine-speed attacks. Managing both human and non-human identities is essential to mitigating risks from non-deterministic systems.
No air gap separates compute IAM from AI infrastructure. When a developer’s cloud identity is hijacked, the attacker can reach model weights, training data, inference endpoints and whatever tools those models connect to through protocols like model context protocol (MCP).
That MCP connection is no longer theoretical. OpenClaw, an open-source autonomous AI agent that crossed 180,000 GitHub stars in a single week, connects to email, messaging platforms, calendars and code execution environments through MCP and direct integrations. Developers are installing it on corporate machines without a security review.
The IAM implications are direct. In an analysis published February 4, CrowdStrike CTO Elia Zaitsev warned that “a successful prompt injection against an AI agent isn’t just a data leak vector. It’s a potential foothold for automated lateral movement, where the compromised agent continues executing attacker objectives across infrastructure.”
The agent’s legitimate access to APIs, databases and business systems becomes the adversary’s access. This attack chain doesn’t end at the model endpoint. If an agentic tool sits behind it, the blast radius extends to everything the agent can reach.
Where the control gaps are
This attack chain maps to three stages, each with a distinct control gap and a specific action.
Advertisement
Entry: Trojanized packages delivered through WhatsApp, LinkedIn and other non-email channels bypass email security entirely. CrowdStrike documented employment-themed lures tailored to specific industries, with WhatsApp as a primary delivery mechanism. The gap: Dependency scanning catches the package, but not the runtime credential exfiltration. Suggested action: Deploy runtime behavioral monitoring on developer workstations that flags credential access patterns during package installation.
Pivot: Stolen credentials enable IAM role assumption invisible to perimeter-based security. In CrowdStrike’s documented European FinTech case, attackers moved from a compromised developer environment directly to cloud IAM configurations and associated resources. The gap: No behavioral baselines exist for cloud identity usage. Suggested action: Deploy ITDR that monitors identity behavior across cloud environments, flagging lateral movement patterns like the 19-role traversal documented in the Sysdig research.
Objective: AI infrastructure trusts the authenticated identity without evaluating behavioral consistency. The gap: AI gateways validate tokens but not usage patterns. Suggested action: Implement AI-specific access controls that correlate model access requests with identity behavioral profiles, and enforce logging that the accessing identity cannot disable.
Jason Soroko, senior fellow at Sectigo, identified the root cause: Look past the novelty of AI assistance, and the mundane error is what enabled it. Valid credentials are exposed in public S3 buckets. A stubborn refusal to master security fundamentals.
Advertisement
What to validate in the next 30 days
Audit your IAM monitoring stack against this three-stage chain. If you have dependency scanning but no runtime behavioral monitoring, you can catch the malicious package but miss the credential theft. If you authenticate cloud identities but don’t baseline their behavior, you won’t see the lateral movement. If your AI gateway checks tokens but not usage patterns, a hijacked credential walks straight to your models.
The perimeter isn’t where this fight happens anymore. Identity is.
Reddit suggested on Thursday that its AI-powered search engine could be the next big opportunity for its business — not just in terms of product, but also as a revenue driver impacting its bottom line. During the company’s fourth-quarter earnings call on Thursday, it offered an update on its plans to merge traditional and AI search together and hinted that although search is not yet monetized, “it’s an enormous market and opportunity.”
In particular, the company believes that generative AI search will be “better for most queries.”
“There’s a type of query we’re, I think, particularly good at — I would argue, the best on the internet — which is questions that have no answers, where the answer actually is multiple perspectives from lots of people,” said Reddit CEO Steve Huffman.
Traditional search, meanwhile, is more like navigation — it’s a way to find the right link to a topic or subreddit. But LLMs can be good at this, too, if not better, he said. “So that’s the direction we’re going.”
Advertisement
The exec also noted that weekly active users for search over the past year grew 30% from 60 million users to 80 million users. Meanwhile, the weekly active users for the AI-powered Reddit Answers grew from 1 million in the first quarter of 2025 to 15 million by the fourth quarter.
“We’re seeing a lot of growth there, and I think there’s a lot of potential too,” Huffman added.
Reddit said it’s working to modernize the AI answers interface by making its responses more media-rich, and pilots of this are already underway.
The company is also thinking about how it can position itself when it’s not just a social site, but a place people come for answers. Reddit told investors on the call that it’s doing away with the distinction between logged-in and logged-out users starting in Q3 2026, as it will aim to personalize the site — using AI and machine learning — and make it relevant to whoever shows up.
Advertisement
The company announced in 2025 it was planning to combine its AI search feature, Reddit Answers, with its traditional search engine to improve the experience for end users. In the fourth quarter, Reddit said it had made “significant progress” in unifying its core search and its AI feature. It also released five new languages on Reddit Answers and is piloting dynamic agents along with search results that include “media beyond text.”
Though Reddit sees value in its AI answers, it’s not been keeping that to itself. The company’s content licensing business, which allows other companies to train their AI models on its data, is growing, too. That business revenue is reported as part of Reddit’s “other” revenues (i.e., its non-ad revenue). This “other” revenue increased by 8% year-over-year to reach $36 million in Q4 and was up 22% to reach $140 million for 2025.
People frequently claim that the Blink Video Doorbell (2nd Gen) is the best value around, and recent reviews tend to support this. It’s available in a package with the Sync Module Core for around $35.99, which is almost half the original price of $69.99. Meanwhile, Google Nest and Arlo devices cost $100, $130, or more, and include an additional sensor or two, albeit at a hefty price.
Getting it up and running is rather simple, as the doorbell runs on batteries, or a pair of 3AA lithium batteries that may last up to two years, so there is no need to bother about wiring. Simply install the device on the wall using the provided mounting kit, and they’ll serve as the corner accessory for getting the angles correct, and you can have everything up and running in a matter of minutes using the app. Users frequently mention how easy it is, especially when contrasted to wired setups that require some actual electrical labor.
Video Doorbell is our second-generation smart security doorbell with up to two years of battery life, an expanded field of view, and improved security…
Last longer with two-year battery life — Experience up to two years of continuous security coverage with three AA Energizer lithium batteries and a…
See more at your door — Greet guests and watch packages get delivered, day and night, with head-to-toe HD view and infrared night vision. Use…
The video quality is good enough for pretty much everyday use. The camera gives you a nice overhead shot in a square 1:1 aspect ratio, with a 150 degree view that captures people right up to their feet & spots packages on the ground pretty easily. The resolution is a decent 1080p HD, (although some tests suggest it’s actually got more like 1440p clarity when it counts) & infrared night vision works just fine in the dark. You can even have a two-way conversation with whoever is at the door, and the motion alerts are timely to say the least.
Advertisement
One of the most notable features is the battery life, which may last up to two years, allowing you to avoid needing to twist and spin them every few months as you would with some other products. As an added plus, it’s fairly weather resistant, withstanding a bit of rain and dust in most locations without blinking.
You have storage and extras without breaking the bank. The included Sync Module Core allows you to save clips locally on a drive you add separately, eliminating the need for cloud fees for basic recording, but if you want a little more, the Blink subscription is only $3/month for one device or $12 for unlimited – which includes cloud storage, person detection, and all that other good stuff. Which is significantly less expensive than Ring’s $5+ plans or Nest’s higher-tiered options.
The Apple Intelligence-powered Health+ service is reportedly being scaled back now that Eddy Cue is in charge, and will focus on getting features to users sooner with smaller releases.
Apple Health to get multiple smaller feature updates soon
Apple has never announced Health+ or plans for the initiative, but leaks surrounding the project suggested some kind of AI chat interface was going to be offered. Users would be able to discuss their health data and be directed to professional videos explaining certain topics. According to a report from Bloomberg, Services chief Eddy Cue is now in charge of Apple Health after Jeff Williams retired, and he’s restructured the plans around its future. Instead of trying to release one big feature set under the umbrella of “Apple Health+” and a new subscription, Apple is allegedly planning on breaking up the planned features into smaller, incremental releases. Continue Reading on AppleInsider | Discuss on our Forums
Steep discounts on Apple’s MacBook Air have driven prices down to as low as $389.99 heading into the weekend.
Grab a MacBook Air from just $389.
Walmart seller VIPOutlet has blowout inventory of Apple’s M1 MacBook Air 13-inch for $389 while supplies last. This seller has a 4-star rating with 23,495 total reviews at press time. While the system has 8GB of memory and 256GB of storage, the budget-friendly price makes it a viable system for casual use like web browsing and streaming content. Buy M1 MacBook Air for $389 Continue Reading on AppleInsider | Discuss on our Forums
Soft skills are as important to long-term success as hard skills, and online courses can be a great way to learn.
Since the start of the new year, SiliconRepublic.com has covered soft skills in a variety of ways, for example in pieces covering meta skillsand the must-have soft skills for 2026. So, what better way to continue that trend than to explore some of the free and relatively inexpensive courses that can enable a professional to sharpen up those soft skills?
Alison
Online learning platform Alison has a free Soft Skills for Professionals course aimed at professionals looking to either find a role or excel in one via a range of interpersonal skills. The course description states that participation will teach students 10 soft skills that professionals will need in their working lives, for example in communication, adaptability, flexibility and negotiating, among others.
There are four modules and the average time it takes to complete the course is typically between one and three hours. To complete the course and receive a certificate, students will need to achieve more than 80pc in their assessments.
Advertisement
Coursera
While payment down the line may be required, learning platform Coursera offers several free trials for its soft skills courses. Professionals can avail of courses such as Developing Interpersonal Skills, Foundations for Interviewing with Confidence, People and Soft Skills: Essential for Professional Success, and People and Soft Skills Assessment.
Depending on the course, the time needed to complete learning could range from one week to several months, with the free trial giving you time to figure out if a course matches your ambitions. Courses are aimed at everyone from beginners all the way through to those looking to learn specialist knowledge.
Great Learning
For professionals in the IT space, Great Learning’s Soft Skills for IT module is an ideal learning opportunity. Modules include: an introduction to soft skills; soft skills and their importance; soft skills to possess; effective communication; and team work, alongside others.
The free course starts at beginner level, takes around 1.5 hours, tests users with a range of quizzes and awards the student with a certificate upon completion of the course. Great Learning states that the course will help professionals to be noticed by recruiters, earn a job and showcase their skills online.
Advertisement
Skills Connect
Skills Connect, which is an initiative developed by Skillnet Ireland, offers a number of free programmes designed to enable jobseekers to get back into the workplace. The strategy offers free training to help jobseekers develop the technical and soft skills that employers are looking for today. Additionally, some of the programmes offer practical work placements or projects. To apply, participants will have to meet certain criteria, which can be found on the group website.
OpenLearn
OpenLearn, a free educational platform operated by The Open University, has a diverse range of free soft skills courses open to students and professionals. Courses are relatively flexible, but the website suggests committing roughly three hours a week to study for a period of around eight weeks. However, you can commit as much or as little time as you have available, as materials exist online. Course titles include Succeed in the Workplace and Effective Communication in the Workplace.
According to OpenLearn, professionals and students will come away able to properly and effectively communicate in the workplace, with the ability to manage different personality traits, social attitudes and scenarios that require emotional intelligence. Its website says: “Everyone can benefit from some focused training and development to help them realise their full potential. OpenLearn has a number of courses you can study to enhance your soft skills right now”.
So, if you have the time and want to expand your professional capabilities and workplace relationships, why not consider taking up a course in soft skills? You might soon find that it gives you an unexpected edge.
Advertisement
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
People without coding backgrounds are discovering that they can build their own custom apps using vibe coding — solutions like Lovable that turn plain-language descriptions into working code.
While these prompt-to-code tools can help create nice prototypes, launching them into full-scale production (as this reporter recently discovered) can be tricky without figuring out how to connect the application with external tech services, such as those that can send text messages via SMS, email, and process Stripe payments.
Ilan Zerbib, who spent five years as Shopify’s director of engineering for payments, is building a solution that could eliminate these back-end infrastructure headaches for nontechnical creators.
Last summer, Zerbib launched Sapiom, a startup developing the financial layer that allows AI agents to securely purchase and access software, APIs, data, and compute — essentially creating a payment system that lets AI automatically buy the services it needs.
Advertisement
Every time an AI agent connects to an external tool like Twilio for SMS, it requires authentication and a micro-payment. Sapiom’s goal is to make this whole process seamless, letting the AI agent decide what to buy and when without human intervention.
“In the future, apps are going to consume services which require payments.Right now, there’s no easy way for agents to actually access all of that,” said Amit Kumar, a partner at Accel.
Kumar has met with dozens of startups in the AI payments space, but he believes Zerbib’s focus on the financial layer for enterprises, rather than consumers, is what’s truly needed to make AI agents work. That’s why Accel is leading Sapiom’s $15 million seed round, with participation from Okta Ventures, Gradient Ventures, Array Ventures, Menlo Ventures, Anthropic, and Coinbase Ventures.
Techcrunch event
Advertisement
Boston, MA | June 23, 2026
“If you really think about it, every API call is a payment. Every time you send a text message, it’s a payment. Every time you spin up a server for AWS, it’s a payment,” Kumar told TechCrunch.
Advertisement
While it’s still early days for Sapiom, the startup hopes that its infrastructure solution will be adopted by vibe-coding companies and other companies creating AI agents that will eventually be tasked with doing many things on their own.
For example, anyone who has vibe-coded an app with SMS capabilities won’t have to manually sign up for Twilio, add a credit card, and copy an API key into their code. Instead, Sapiom handles all of that in the background, and the person building the micro-app will be charged for Twilio’s services as a pass-through fee by Lovable, Bolt, or another vibe-coding platform.
While Sapiom is currently focused on B2B solutions, its technology could eventually empower personal AI agents to handle consumer transactions. The expectation is that individuals will one day trust agents to make independent financial decisions, such as ordering an Uber or shopping on Amazon. While that future is exciting, Zerbib believes that AI won’t magically make people buy more things, which is why he’s focusing on creating financial layers for businesses instead.
Editor’s note: GeekWire publishes guest opinions to foster informed discussion and highlight a diversity of perspectives on issues shaping the tech and startup community. If you’re interested in submitting a guest column, email us at tips@geekwire.com. Submissions are reviewed by our editorial team for relevance and editorial standards.
Ben Golden.
I’m an attorney and advisor to many Pacific Northwest startups, investors, and social entrepreneurs, having spent the past two decades in the Washington innovation ecosystem — including as a higher education policy advocate and former co-chair of the WTIA Policy Committee. I love helping transform great ideas into job-creating companies in my community.
Which is why I’m unmoved by the panic surrounding the proposed “millionaires tax.” Every time Olympia proposes that our wealthiest contribute more, we’re told that this is the final straw for our brightest risk-takers, an existential threat to our state’s economy. But the real threat to the startup community is losing focus on building up our strengths as this catastrophizing becomes a self-fulfilling prophecy.
America is at a crossroads. In this defining moment, when our duties as citizens are gravely needed, a growing chorus of local startup luminaries are speaking up. Which issue galvanizes them? Civil liberties, or climate, or gilded age cronyism, or divestment from public interest research, or immigration, or the dignity of work amidst AI disruption, or freedom of speech…?
Disappointingly, much of the startup community’s advocacy efforts have instead been singularly focused on preventing a few very wealthy folks from changing their primary residence to Las Vegas or Jackson Hole or Palm Beach.
Advertisement
My oh my, what an uninspired civic imagination in this moment of peril. We can do better.
So chill with the libertarian fever dream. Read the moment. And read the proposal’s fine print, including important small business tax cuts. And remember what’s made Seattle such a dynamic startup community in the first place.
The tax proposal is (probably) not going to take your money
This is a proposed tax on net income over $1 million in a single year. The first $1 million of income would be exempt. This point merits emphasis, as it’s often misunderstood: no one will pay a penny of tax on the first $0 to $999,999 of annual net income. There are additional carve outs and deductions to encourage charitable giving and avoid double taxation. The minimum threshold will be indexed upward with inflation. And the proposed tax would not begin collecting revenue until 2029, allowing plenty of time to work through rulemaking, legal challenges, and fine tuning.
If enacted as proposed, less than 0.5% of households would ever be impacted. Imagine 1,000 random Washingtonians in a room: you could count on one hand the number of people with enough luck, talent, and timing to ever pay this tax.
Advertisement
What about founders and investors? Many will already benefit tremendously from federal tax advantages like QSBS, which can eliminate up to $10 million in federal capital gains taxes on a successful exit. (An unrelated proposal would apply the state’s capital gains tax on profits that are otherwise exempted from federal taxation; with only a handful of sponsors across both chambers, that proposal appears to have far less traction.)
Further, the same tax avoidance strategies they already deploy, such as staggered sales, deferred compensation, trust and estate planning, and real estate tax shelter investments, will continue to reduce taxes for founders and investors. The idea that a modest state tax on seven-figure net income is going to make entrepreneurship suddenly “not pencil out” is fuzzy math.
Fixing Washington’s regressive tax structure is good for business
Washington consistently ranks among the most regressive tax systems in the country. Relative to other states, lower- and middle-income families pay a disproportionate share of their income in state and local taxes due to our heavy reliance on sales, excise, and business taxes. Addressing this problem is essential to building a resilient state, which matters more than ever in this moment of increasingly reckless and unstable federal governance.
In announcing his initial support for this proposal, Gov. Bob Ferguson tied the tax explicitly to strengthening the Working Families Tax Credit, removing sales taxes on essential personal hygiene products, investing in K-12 education, and greatly reducing B&O taxes for early-stage businesses. In other words, this is a pro-entrepreneurship policy that argues that we’re all better off when we’re all better off.
Advertisement
Of particular importance for startups, the proposal to provide B&O tax relief for small businesses would be a boon for early-stage companies in their earliest cash constrained years, i.e., when they need it most. The current draft legislation would provide a credit for B&O taxes on annual gross receipts less than $250,000, which would benefit thousands of local startups and small businesses every year. Meanwhile, Ferguson has called to go further by zeroing out B&O taxes up to $1 million on revenue.
In responding to the initial proposal, the governor said his ultimate support for the proposal is contingent on a much more aggressive small business tax break — “we need to have the largest tax break for small business owners in state history,” he said this week.
Rather than fear-monger, startup advocates should redirect their efforts toward supporting that effort for targeted savings for early-stage companies.
The Legislative Building in Olympia, Wash. (GeekWire Photo / Lisa Stiffler)
On the pro-millionaire advocates’ counterpoints
There are valid concerns about the proposal’s impact on the business climate and economic growth.
Some argue it “punishes success” by not maximizing exit proceeds. Yet this ignores how the proposal invests in conditions that allow startups to thrive in the first place as well as the urgency of addressing a broken tax system.
A frequent rebuttal to any tax proposal is that the state should cut spending instead. Absolutely, there must be accountability and responsible stewardship of our public resources. But this is not mutually exclusive; as in business, governments can manage their expenses and restructure revenue at the same time.
Critics warn that the income tax minimum threshold will expand in future years. Rep. Jeremie Dufault, R-Selah, calls it “kicking a budget snowball down a hillside. It’s small now, but it will grow as it rolls.” Maybe, but that’s not the proposal under consideration right now. In fact, the current proposal would raise the minimum threshold annually with inflation.
There are also legitimate legal hurdles to implementing the proposed policy. Fortunately, we have multiple branches of government. Jurisprudential ambiguity should not deter legislators from passing policies they deem in the best interest of the electorate.
Large tech companies are downsizing, particularly amongst software engineering teams. Our fizzling “prosperity bomb” is bad news for a local economy supported by so many coders, and those AI-disrupted jobs are not being replaced elsewhere. In this moment of disruption, creating policies that make it easier to be an entrepreneur and live comfortably in a community are more important than ever, regardless of whether a household brings in millions of dollars a year.
Many point to capital flight as the primary concern, though correlation and causation can be muddled on this point. A handful of large tech companies and wealthy individuals have moved operations out of Washington state, and there will likely be a few more (vocal) high net-worth households who will register their primary residence elsewhere to reduce their tax bill — and they may even shift the focus of their investments from local startups to their new neighbors. But the primary cause of capital flight risk is panic; most people do not move to escape tax increases. This tax on outsized annual incomes will not trigger economic ruin, but the outsized investor-class alarm could cause real harm.
Rather than catastrophize, the startup community ought to celebrate the opportunities that would be unlocked by relieving early-stage businesses of B&O taxes, modestly rebalancing our regressive tax structure, and making targeted investments to keep Washington affordable and thriving.
The bill is currently open for debate, and critical details remain to be finalized. The startup community should be in these negotiations, rather than adopting an out-of-touch absolutist approach that reduces their influence and credibility.
Advertisement
Entrepreneurs will build here because we bet on ourselves
Entrepreneurs want to build something from nothing, test ideas, prove their doubters wrong, and ultimately solve problems. And sure, they want to make loads of money. Their ambition to build, ideate, prove, and solve will not be quashed by a tax that only kicks in after annual net income over $1 million.
Most creative, ambitious, and educated people are not primarily motivated by marginal tax rate optimization. They want to live in places with access to world-class universities, vibrant cultural and artistic ecosystems, reproductive health care, diverse neighbors, multimodal transportation, LGBTQ+ rights, respect for the natural environment, libraries that don’t ban books, and a basic sense that society has their back.
The best places in the country to launch a startup include the Bay Area, Boston, New York, and the greater Seattle area. With apologies to the fine folks in Sioux Falls, Houston, and Anchorage (the least taxed large U.S. cities), it turns out startups thrive in communities that invest in themselves and their people. We’ve done that in the Pacific Northwest and are set up for success. Millionaires tax or no tax, the next generation of great companies and scrappy entrepreneurs are primed to emerge from AI House, CoMotion, Foundations, 9Zero, and across our great state.
At the end of day, most of the loudest critics of this proposal — people I respect and work with daily — will almost certainly continue to live and work here in Washington state. So let’s cool it on the millionaires tax hysteria, recognize the criticality of the moment, and bet on ourselves.
Advertisement
Disclaimer: Written in my personal capacity. I’m no startup Lorax — I do not speak for my clients.
Robotics specialist Unitree has been making waves with its humanoid robots, and a new video shows its impressive G1 bipedal bot dealing with incredibly cold conditions.
In a video showing the G1 trudging through deep snow, Unitree describes the feat as “the world‘s first autonomous walking challenge for humanoid robots in a -53.32°F (-47.4°C) extreme weather environment.”
The stunt took place in China’s Altay region, about 1,500 miles (2,400 km) northwest of Beijing, where Unitree’s snowbot trudged through deep snow to mark out the Olympic rings in celebration of Friday’s Winter Olympics opening in Italy.
It’s not clear how long the robot walked for, or how many times its battery needed to be swapped out, but during the course of its sub-zero slog it managed to create an image 100 meters wide and 186 meters long.
Advertisement
Still, the fact that it managed to function at all in such frigid conditions is clearly impressive. Icy temperatures can freeze batteries, stiffen joints, or shut down electronics, but the G1, apparently assisted by its puffer jacket that possibly came with some internal heating, managed to stay alive in the challenging setting. The successful demonstration offers a glimpse at how the G1, or robots like it, could one day be deployed for tasks like search and rescue in polar environments, or even operate in faraway places like Mars where average temperatures reach around -76°F (-60°C).
China-based Unitree has emerged as one of the leading players in the increasingly competitive humanoid robotics sector. The G1 robot, which stands at 4 feet 4 inches (132 cm), also has a remarkable ability to regain control if it takes a tumble, and can apparently perform a number of household chores, too.
While many challenges lie ahead for robotics firms when it comes to readying humanoid robots for specific roles that can be performed consistently, reliably, and truly independently, this year is shaping up to be an exciting one in the sector.
If there’s one thing that Dyson knows, it’s how to make hugely powerful motors for cordless vacuum cleaners. The Dyson Gen5detect is the most powerful cordless vacuum cleaner that it has made yet. Putting this cleaner through our tests, we measured it at a massive 369AW on maximum power – the highest, by far, that we’ve ever seen from a cordless cleaner.
Otherwise, it runs at 30AW on its gentle power mode (good for dusting) and 75AW on medium. Well, kind of. As with previous Dyson vacuums, the Gen5detect has a piezo sensor for detecting dust, adjusting its power automatically based on how much dirt it has encountered. In automatic mode, the vacuum ups and downs its power on the fly, so that you get the best clean without having to worry about which power mode you’re in.
Cleverly, the LCD on the back shows the amount of dust being picked up, as well as the battery life remaining in minutes and seconds.
For hard floors, there’s an additional tool, the Fluffy Optic head, which uses a green laser to highlight dust. It works brilliantly, making it easy to see where you have and haven’t cleaned.
Advertisement
On maximum power, we found that this cleaner could collect grains of rice from more than 3cm away. If you’ve got the hand tools attached, this means you can quickly collect dust or suck it out of hard-to-reach areas.
Moving on to our regular tests, we found that this cleaner picked up 98.25% of dust on carpet, which is the best result that we’ve ever seen from a cordless cleaner. Edge performance was the same: 95.3% of dust collected. Hard floor collection was at 100%.
Moving to the anti-tangle tests with human hair, the Dyson Gen5detect refused to get any hair caught up in its brushes.
The only slight issue we encountered was when using the vacuum cleaner on a rubber-backed mat. Here, the Dyson Gen5detect produces too much power and suctions itself to the ground, stopping the brush bar from moving. We had to manually dial down the power. Still, it demonstrates just how powerful this cordless cleaner is.
Advertisement
Measuring battery life in auto mode, we found that the cleaner lasted 26m 13s. Given that you can clean thoroughly with a single pass, that’s more than enough time to tackle an entire home in one go.
Arguably, most people will find that the cheaper Dyson V15 Detect will suit their needs, but if you have the cash and want the absolute best, there’s no other cordless vacuum cleaner that comes close to this one for power.
[GizmoThrill] shows off a design for an absolutely gorgeous, high-fidelity replica of the main character’s helmet from the video game Satisfactory. But the best part is the technique used to create the visor: just design around a cheap set of full-face “sunglasses” to completely avoid having to mold your own custom faceplate.
One of the most challenging parts of any custom helmet build is how to make a high-quality visor or faceplate. Most folks heat up a sheet of plastic and form it carefully around a mold, but [GizmoThrill] approached the problem from the other direction. After spotting a full-face sun visor online, they decided to design the helmet around the readily-accessible visor instead of the other way around.
The first thing to do with the visor is cover it with painter’s tape and 3D scan it. Once that’s done, the 3D model of the visor allows the rest of the helmet to be designed around it. In the case of the Satisfactory helmet, the design of the visor is a perfect match for the game’s helmet, but one could easily be designing their own custom headgear with this technique.
The hexagon grid pattern? It’s actually a clear vinyl sticker and doesn’t obstruct vision at all. Another clever touch.
With the helmet 3D printed, [GizmoThrill] heads to the bandsaw to cut away any excess from the visor, and secure it in place. That’s all there is to it! Sure, you don’t have full control over the visor’s actual shape, but it sure beats the tons and tons of sanding involved otherwise.
There’s a video tour of the whole process that shows off a number of other design features we really like. For example, metal mesh in the cheek areas and in front of the mouth means a fan can circulate air easily, so the one doesn’t fog up the inside of the visor with one’s very first breath. The mesh itself is concealed with some greebles mounted on top. You can see all those details up close in the video, embedded just below.
Advertisement
The helmet design is thanks to [Punished Props] and we’ve seen their work before. This trick for turning affordable and somewhat gimmicky sunglasses into something truly time-saving is definitely worth keeping in mind.
