An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials.

The Russian threat group APT28, also tracked as Fancy Bear, Sofacy, Forest Blizzard, Strontium, Storm-2754, and Sednit, has been linked to Russia’s General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165.

In the FrostArmada attacks, the hackers compromised mainly small office/home office (SOHO) routers and altered the domain name system (DNS) settings to point to virtual private servers (VPS) under their control, which acted as DNS resolvers.

This allowed APT28 to intercept authentication traffic to targeted domains and steal Microsoft logins and OAuth tokens.

At its peak in December 2025, FrostArmada infected 18,000 devices across 120 countries, primarily targeting government agencies, law enforcement, IT and hosting providers, and organizations operating their own servers.

Advertisement

Microsoft, whose services were targeted by this campaign, worked together with Black Lotus Labs (BLL), Lumen’s threat research and operations division, to map the malicious activity and identify victims.

With support from the FBI, the U.S. Department of Justice, and the Polish government, the offending infrastructure has been taken offline.

FrostArmada activity

The attackers targeted internet-exposed routers, primarily MikroTik and TP-Link, as well as some firewall products from Nethesis and older Fortinet models.

Once compromised, the devices communicated with the attackers’ infrastructure and received DNS configuration changes that redirected traffic to malicious VPS nodes.

Advertisement

The new DNS settings were automatically pushed to internal devices via the Dynamic Host Configuration Protocol (DHCP).

When clients queried authentication-related domains the threat actor targeted, the DNS server returned the attacker’s IP instead of the real one, redirecting victims to an adversary-in-the-middle (AitM) proxy.

The only visible sign of fraud for the victim would have been a warning for an invalid TLS certificate, which could have easily been dismissed. However, ignoring the alert gave the threat actor access to the victim’s unencrypted internet communication.

“The actor essentially ran a proxy service as the AitM that the end user was directed to via DNS,” Lumen’s Black Lotus Labs researchers explain.

“The only sign of this attack would be a pop-up warning about connecting to an untrusted source because of the ‘break and inspect’ configuration.”

Advertisement

“If warnings were present and ignored or clicked through, the actor proxied requests to the legitimate services, collecting the data at the midpoint and collecting data associated with the targeted account by passing the valid OAuth token.”

In some cases, though, the hackers spoofed DNS responses for certain domains, thus forcing affected endpoints to connect to the attack infrastructures, Microsoft says in a report today.

Lumen reports that FrostArmada operated in two distinct clusters, one called the ‘Expansion team’ dedicated to device compromise and botnet growth, and the second handling the AiTM and credential collection operations.

The researchers report that FrostArmada activity increased sharply following an August 2025 report from the National Cyber Security Centre (NCSC) in the UK describing a Forest Blizzard toolset that targeted Microsoft account credentials and tokens.

Microsoft confirmed that APT28 carried out AitM attacks against domains associated with the Microsoft 365 service, as subdomains for Microsoft Outlook on the web have also been targeted.

Advertisement

Additionally, the company observed this activity on servers belonging to three government organizations in Africa that were not hosted on Microsoft infrastructure. In those attacks, “Forest Blizzard intercepted DNS requests and conducted follow-on collection.”

Black Lotus Labs also observed the threat actor targeting entities with on-premise email servers and “a small number of government organizations” in North Africa, Central America, and Southeast Asia.

The researchers note that “there was also a connection to a national identity platform in one European country.”

In a report today, the UK agency says that the AitM activity impacted both browser sessions and desktop applications, and the DNS hijacking is believed to have been opportunistic in nature to build a large pool of potential targets and then filtering those of interest.

Advertisement

Black Lotus Labs has published a small set of indicators of compromise for the VPS servers used during the FrostArmada campaign:

Advertisement

Advertisement

Advertisement

IP address	First Seen	Last Seen
64.120.31[.]96	May 19, 2025	March 31, 2026
79.141.160[.]78	July 19, 2025	March 31, 2026
23.106.120[.]119	July 19, 2025	March 31, 2026
79.141.173[.]211	July 19, 2025	March 31, 2026
185.117.89[.]32	September 9, 2025	September 9, 2025
185.237.166[.]55	December 30, 2025	December 30, 2025

The researchers note that defenders should implement certificate pinning for corporate devices (laptops, mobile phones) controlled via an MDM solution, which would generate an error when the attacker tries to intercept and analyze traffic on their VPS infrastructure.

Advertisement

Another recommendation is to minimize the attack surface through patching, limiting exposure on the public web, and removing all end-of-life equipment.

Microsoft and the NCSC also provide a list of IoCs and protection guidance to help defenders identify and prevent DNS hijacking attacks.

Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.

This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.

Get Your Copy Now

Source link

The finalists for CEO of the Year at the 2026 GeekWire Awards are leading startups and organizations across a diverse cross-section of the innovation economy, touching upon fintech, climate tech, frontline workforce software, food-and-beverage AI, and real estate technology.

This award, sponsored by Wilson Sonsini, celebrates leaders with vision, fortitude, creativity, and that impossible to define x-factor. The CEO of the Year finalists are: Tony Huang of Possible Finance, Aina Abiodun of VertueLab, Shelia Stafford of TeamSense, Karen Huh of Zucca, and Luis Poggi of HouseWhisper AI.

Now in its 18th year, the GeekWire Awards is the premier event recognizing the top leaders, companies and breakthroughs in Pacific Northwest tech, bringing together hundreds of people to celebrate innovation and the entrepreneurial spirit. It takes place May 7 at the Showbox SoDo in Seattle.

The 2025 CEO of the Year was Read AI co-founder and CEO David Shim, who has lead the Seattle company to more than $80 million in funding for its cross-platform AI meeting assistant and productivity tools.

Continue reading for information on the 2026 CEO of the Year finalists, who were chosen by a panel of independent judges from community nominations. You can help pick the winner: Cast your ballot here or in the embedded form at the bottom. Voting runs through April 16.

Tony Huang is co-founder and CEO of Possible Finance, a fintech startup that provides small-dollar loans and paycheck advances to people who need quick cash without a traditional credit check. The company had its first full year of consolidated profitability last year along with over $100 million in annual revenue. Possible has given funds to 1.6 million unique individuals and Huang says they’ve saved “hardworking everyday Americans” over $700 million — “costs they would have incurred if Possible didn’t exist.” The company is also hiring at its new downtown headquarters with multiple roles currently open.

Huang was previously a lead project manager at Axon, the leading manufacturer of non-lethal Taser stun guns, policing software, and supplies including in-car and policy body cameras.

Aina Abiodun is president and executive director of VertueLab, a longtime nonprofit that supports climate tech entrepreneurs at every stage as a funder, accelerator and connector. Last year, VertueLab supported 120 founders through various programs, helped win nearly $30 million in grant funds, and saw a cumulative 781 jobs created by its portfolio companies. VertueLab also co-founded the first ever Seattle Climate Innovation Hub, which is home to more than 150 climate-focused companies.

Abiodun has previously launched startups providing climate tech financing and consulting in the sector, served as CEO of a Berlin wellness company, and led brand strategy and been a creative producer for multiple companies, among other roles.

Shelia Stafford is CEO of TeamSense, a software platform used by employers for absence reporting and employee communications. The tech is SMS text-based, with no app to download, zero training and available in employees’ native language. It serves hundreds of thousands of frontline workers across manufacturing, logistics, healthcare, universities, stadium operations, mining, and more. 

Stafford’s background includes three years at General Motors as a project manager and engineer as well as almost 10 years at Whirlpool Corp. She was also director of the innovation studio at Everett, Wash.-based industrial giant Fortive.

Karen Huh is co-founder and CEO of Zucca, a startup that uses generative AI to help food and beverage companies reimagine product development. Spun out of Pioneer Square Labs in March 2025, Zucca raised a $5 million seed round last July, and in February launched Smart Specs and Smart NFP (patent pending), which together keep formulas, nutrition fact panels, specs, and more connected and true. The features are already in use at food and beverage brands managing active product pipelines.

Huh was previously CEO at Joywell Foods. She also spent more than 10 years at Starbucks, was a VP at Bulletproof 360, and was an entrepreneur in residence at PSL.

Luis Poggi is co-founder and CEO of HouseWhisper, a real estate tech startup that uses AI to help alleviate the administrative overload that bogs some agents down. HouseWhisper emerged from Stealth last year with $10 million in funding to back its conversational AI that acts as the ultimate 24/7 personal assistant, helping agents stay organized with help on following up with clients, scheduling, CRM updates and more. 

Poggi rose to VP of product and engineering during his more than 10 years at Zillow. He previously spent close to three years at online travel giant Expedia.

Astound Business Solutions is the presenting sponsor of the 2026 GeekWire Awards. Thanks also to gold sponsors Amazon Sustainability, Baird, BECU, JLL, First Tech and Wilson Sonsini, and silver sponsors Prime Team Partners.

The event will feature a VIP reception, sit-down dinner and fun entertainment mixed in. Tickets go fast. A limited number of half-table and full-table sponsorships are available. Contact events@geekwire.com to reserve a spot for your team today.

(function(t,e,s,n){var o,a,c;t.SMCX=t.SMCX||[],e.getElementById(n)||(o=e.getElementsByTagName(s),a=o[o.length-1],c=e.createElement(s),c.type=”text/javascript”,c.async=!0,c.id=n,c.src=”https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd5M58tggxeII7bOlSeQcq8A_2FgMSV6oauwlPEL4WBj_2Fnb.js”,a.parentNode.insertBefore(c,a))})(window,document,”script”,”smcx-sdk”); Create your own user feedback survey

Source link

Volkswagen Group may have to rethink its strategy in North America, which could mean raising the price of its vehicles in the United States, due to the country’s high tariffs on vehicles imported from Mexico. 

Volkswagen is running out of options, and it may have to look reorganizing its production structure in Mexico to cut costs, while also launching new models across its brands that could better compete in the current market. CEO Oliver Blume also stated that VW is attempting to negotiate a solution that would let them keep their production in Mexico without punitive tariffs.

Advertisement

With VW’s production no longer saving money, so it may have to look outside of its own processes to shift the burden. It’s possible that consumers may take part of the hit for Volkswagen, with prices of its models increasing in the United States to offset some of the tariffs.

The automaker has also been expanding into the American market, in a roundabout way, by reviving the American brand Scout Motors, which has an electric SUV and pickup planned. Unfortunately, the profits from these vehicles won’t come in time to relieve Volkswagen from the current tariffs. Volkswagen is set to become a much more expensive car brand in the U.S. due to these tariffs.

Advertisement

Why is Volkswagen so heavily impacted by tariffs?

Kevin Carter/Getty Images

Mexico is currently where Volkswagen produces 70% of its cars, shipping them across the border for U.S. customers. The 27.5% tariffs on vehicles imported from Mexico into the United States cost Volkswagen $3.3 billion in 2025 alone. VW’s profits have also declined, with sales dropping by 12%, putting the automaker in a pretty tough spot. “It is is no longer economically viable to export many vehicles from Mexico to the U.S.,” Blume stated. 

However, moving out of Mexico isn’t an option. Blume already stated that Volkswagen won’t “invest billions” in moving production to the United States, adding it would take years. Currently, VW has the Volkswagen de Mexico complex in Puebla that manufactured a total of 335,716 vehicles in 2025, including the Jetta, Tiguan, and Taos, as well as an engine plant in Silao that can make more than 2,500 engines a day, and Audi’s assembly plant in San Jose Chiapa, which largely produces the Audi Q5. With VW being so localized in Mexico, it seems that customers could end up cushioning some of the blow for its vehicles imported into the U.S.

Advertisement

Source link

Source link

Cloud services like Google Drive and iCloud are fantastic – they let me access my most important files from any device, anywhere – but the free storage is never enough. 

Google offers 15GB while Apple offers an even more paltry 5GB of storage – but even the biggest ‘free’ tier isn’t enough for the vast majority of users with thousands of photos and videos, countless files and more to keep safe. 

So what do you do? You start paying, of course. It starts off cheap with the lowest tier paid option – £1.59/$1.99 for 100GB, in the case of Google’s cloud storage – and that’s enough to tide you over. For a while, anyway. 

As sure as day follows night, over time, you’ll begin to fill all that storage space back up – even if you delete files you no longer need. Slowly, all those holiday snaps, videos of nights out, and even work documents, all add up.

Advertisement

And with both Google and Apple, it also includes storage linked to associated services like Gmail or iCloud, so any large files you receive in your inbox further add to your quota.

Advertisement

Again, you have no choice but to upgrade to the next tier of storage, which for Google, is 200GB for £2.49/$2.99 per month. That’s not bad, but go above that limit and you’ll face a massive jump not only in storage but also in monthly cost, at a whopping £7.99/$9.99 per month for 2TB. 

Like our growing storage needs, it adds up over time. That’s just under £96/$120 per year if you pay for the 2TB option monthly, just to store your files.

Advertisement

And so on, and so on. It’s a never-ending loop of filling up storage and paying for more. It’s either that or say goodbye to years of precious memories. 

Pay up, or lose access

The worst part about Google and Apple’s monopoly on the cloud storage market is that they don’t just handle storage – they’re central to the digital experience for many of us. Google, for example, handles not just Drive but Gmail, Docs, Sheets and more, while Apple similarly handles iCloud email, iMessage and the like.

That may not sound like a big problem – one subscription covers multiple apps, after all – but it is once you start running out of storage. 

Advertisement

Advertisement

No matter whether you’re in camp Apple or Google, if you run out of storage or miss a monthly payment, you don’t just lose the ability to upload new files to your cloud storage – it also locks you out of other services. 

That means no access to Gmail or iMessage if you don’t pay up, and those are pretty central to the online experience for many. 

That’s too much power for my liking – but what was I supposed to do? I have over 30,000 photos and 5,000 videos tied to my Google Drive account, as well as thousands of emails linked to my Gmail over the years. The answer was simple in the end; get a NAS drive.   

UGreen’s latest NAS is the perfect remedy

NAS drives were all the rage in computing before the days of cloud storage, offering oodles of local storage accessible via your home network. But despite a lull in interest over the past few years, the hardware is more capable than ever. 

Advertisement

That’s certainly the case with the UGreen NASync DH4300 Plus, which was released at the tail-end of 2025. 

Advertisement

The bigger brother to the DH2300, the DH4300 Plus is a four-bay SATA NAS drive that supports up to 120TB of storage – 30TB per drive – for frankly massive amounts of storage. It’s powered by an 8-core processor and sports 8GB of RAM to keep things running smoothly, and its 2.5GbE LAN port boasts transfer speeds of up to 312.5MB/s depending on your home setup. Safe to say, it’s a bit of a beast. 

But despite its intimidating spec sheet, it was an absolute breeze to set up; all I had to do was insert the HDDs, plug it into my router via the provided high-speed Ethernet cable and power it on. From there, everything else was handled via the UGreen NAS companion app, and setup took no more than a couple of minutes – a far cry from the early days of NAS drive networking setup. 

That’s when I could start, what I affectionately called Operation Get Away From Google Drive As Soon As Possible, or OGAFGDASAP. Catchy, I know.

Advertisement

Getting out from Google’s clutches

This part was surprisingly easy; thanks to EU rules (gotta love the Europeans), cloud storage providers like Google and Apple have to make it easy to either download all your data or transfer it to another (ideally cheaper) service. 

Advertisement

For me, that meant going to Google Takeout, selecting the data I wanted to download – my Google Photos library and my Drive contents – and requesting a download link. Once I had the link, I downloaded the (frankly massive) nearly 300GB of data on my PC, and extracted the ZIP files to my NAS drive via my home network. 

But why stop at Google? I also pay for iCloud storage for when I’m testing the best iPhones, and that isn’t all that often, so I repeated the process, this time with iCloud. 

Now, that did introduce a few issues – the biggest being duplicate photos where the images were backed up on both Apple and Google cloud servers – but UGreen likely anticipated this issue. There’s baked-in AI accessible via the companion app on both PC and mobile that lets you easily identify and delete duplicate photos. It cleared nearly 10,000 duplicate images for me in the space of a few minutes. 

Advertisement

Now, all I have to do is open the UGreen companion app on my phone, and all my photos and videos are there waiting for me, complete with features like custom folders and facial recognition we’ve come to expect from the big platforms. 

And despite being linked to my home network, I can access my files from anywhere with an internet connection via UGreen’s cloud service network. It doesn’t actually store your files in the cloud; rather, it just provides cloud-based access to the drive, which means you don’t need to faff around with port forwarding as you do with more basic drives. 

Advertisement

Not just for network storage either

Now the beauty of the UGreen NASync DH4300 Plus is that it’s not just for network storage. With a fairly powerful spec under the hood, the NAS drive can also run full apps that can massively expand what it can do.

It meant that, rather than splashing out £112 for a Home Assistant Green to get more advanced control over my smart home tech, I could install and run it directly from my NAS drive – with great results, might I add.

It’s not the only app either; there’s actually an app store accessible via the app that gives you access to a range of apps including a Google Docs, Sheets and Slides alternative called Online Office that you can access via browser from any PC, further reducing my reliance on Google’s cloud-based services. 

Advertisement

There’s also Docker support, so depending on your level of tech knowledge, you can run other custom apps directly from the NAS.

Advertisement

Yes, it’s an expensive upfront cost, but it’ll save you a lot in the long run, and with the UGreen DH4300 Plus specifically, there’s much more to it than simply acting as a way to back up your photos and videos. Goodbye, Google Drive. I definitely won’t miss you.

Source link

Tukwila, Wash.-based Starfish Space says it has raised about $110 million in a funding round that will help the company execute its first satellite servicing missions and scale up operations for more business.

The Series B round was led by Point72 Ventures. Activate Capital and Shield Capital were co-leaders of the round. Additional major participants included Industrious Ventures and NightDragon. The round also drew support from several existing Starfish investors (NFX, Munich Re Ventures, Toyota Ventures and PSL Ventures) as well as new investors (Nomi Capital, Gaingels and Overlap Holdings). 

The new capital adds to previous funding rounds announced in 2021, 2023 and 2024, and pushes Starfish’s total investment past the $150 million mark.

Starfish Space was founded in 2019 by engineers Austin Link and Trevor Bennett, two veterans of Jeff Bezos’ Blue Origin space venture. The company has developed a space vehicle called Otter, which is designed to rendezvous and dock with other objects in orbit — either to maneuver them into a different orbit or guide them to safe disposal.

The company demonstrated its technologies during a software test in 2025, code-named Remora, and during two orbital test missions involving scaled-down Otter Pup prototypes.

Starfish already has several Otter missions under contract, including:

• A $37.5 million contract from the U.S. Space Force for a satellite docking demonstration, plus a $54.5 million contract for a follow-up mission.
• A $52.5 million Space Development Agency contract for disposal of military satellites.
• A $15 million NASA contract to inspect defunct satellites.
• A commercial contract with SES to provide satellite life extension services.

“Closing this round reflects the real momentum we are seeing across both our technology and our customer base,” Link said in a news release. “We have Otter missions under contract, successful demos, and our first operational mission launching this year. We’re ready to help organizations get the most out of their on-orbit infrastructure.”

Starfish said it will use proceeds from the investment round to execute contracted Otter missions, scale the Otter business line to meet customer demand and grow the company’s team, which currently has more than 90 employees.

“From our perspective, Starfish has made steady progress toward practical on‑orbit servicing,” said Chris Morales, partner at Point72 Ventures. “We believe their early traction with defense and commercial customers and successful autonomous missions show these capabilities are becoming increasingly relevant to space operations and national security.”

Source link

The Dome is big. It’s not portable, practical, or inexpensive. It accepts the romance of wood, or the brute power of propane or natural gas. Its height makes it versatile enough for steaks, fish, or other skillet meals. This pizza oven is designed to be a fixture in your life and backyard, bolstered by an ever-expanding accessory set. And it also more than earns its place there, once you buy a snap-on Neapolitan arch accessory ($60) to bolster its insulation.

The Gozney makes truly excellent high-temperature pizza. Most backyard ovens, even our other favorites on this list, tend to struggle to reach and maintain the 900-degree temps needed for proper Neapolitan crust. The Dome Gen 2 gets there in 20 minutes, it heats admirably evenly, and it’s responsible for the best pizzas that my colleague Kat Merck says she’s made in her entire life. This is worth noting, given that she was editor and recipe tester for pizzaiolo Ken Forkish’s iconic pizza book The Elements of Pizza. (For what it’s worth, Forkish also uses a Dome Gen 2 at home, while enjoying his retirement. He likes using dough at 67 percent hydration, while cooking at 900 degrees in the Dome.)

A couple caveats, however: Gozney often markets the Dome as being able to cook two pizzas at the same time. This is a silly thing to do at the temperatures you’re cooking at. Cook one pizza. If you use the Neapolitan Arch, it’ll make the oven’s aperture narrow enough that you’ll need to limit yourself to a 12-inch peel anyway. The price of a Gozney Dome also rises considerably once you start delving into the accessories. With the stand, cover, Neapolitan arch, wood fire control kit, turning peel, and 15 pounds of Gozney-brand kiln-dried hardwood, the final price for the Dome Gen 2 can rack up as high as $3,270.

Best Big Pizza Oven for Families: Ooni Koda Max

Advertisement

Ooni’s large oven is for everyone who is sick of feeding their families with multiple teeny-tiny 12-inch pies and just wants to make a massive 20-inch cheese pizza for all the kids at once. You can either attach a propane tank or hook it to your natural gas line. If this is a possibility for you, then I recommend the latter. Ooni has a new gas management technology that keeps the temperature consistent across the huge surface. But big, powerful ovens use a lot of fuel: Its 35,000 BTUs put this Koda Max nearly on par with a 3-burner Traeger griddle. That heat will also come pouring out the open front of the oven, which means the Max is not ideal for small patios.

Source link

Photo credit: RW Genting
The First World Hotel, located in the Genting Highlands, some 50 kilometers north of Kuala Lumpur, stands out against the backdrop of the greenery. Its two main buildings and annex include a remarkable 7,351 rooms, which kept the Guinness World Record for world’s largest hotel under lock and key since 2015. People come via cable car or by making their way up the mountain roads, and then find themselves in a realm of continual motion, as you can’t help but keep going forward to the next surprise.

Construction began in the early 2000s, and the first major section opened in 2006, with over 6,000 rooms. Then, for a brief period in 2008, a Las Vegas property knocked it off the top rank, but the Malaysian crew returned in 2015 and added 1,233 additional rooms to restore the record permanently. Today, the hotel sprawls across three connected buildings, with dramatic horizontal streaks of color that stand out against the verdant hills. The design is deceptively basic but effective, transforming the entire structure into a landmark visible from miles away.

Sale

LEGO Icons Boutique Hotel Model Kits – Bedroom or Office Decor for Men & Women, Ages 18+ – Building…

• LEGO Boutique Hotel set for adults is a tribute to turn-of-the-century European architecture, celebrating 15 years of LEGO Modular Buildings
• Authentic architectural details with 5 sections including guest rooms, penthouse, terrace and staircase, plus an art gallery and coffee cart
• This LEGO hotel set includes 7 minifigures: porter, receptionist, coffee vendor and gallery owner alongside a selection of guests and staff

Room sizes vary to accommodate every type of visitor, with standard and deluxe options measuring 180 square feet. While compact, they are spotless and have everything you need for a short stay. Triple rooms include three beds, making family visits or group excursions possible without wasting space. The superior deluxes and World Club rooms offer a decent 320 or 430 square feet, ideal for couples or business travelers who desire a separate living area and a little extra comfort. Every one of them looks out onto vistas of the forest or the resort below, and the mountain air keeps the temperature a little cooler than in the city.

Advertisement

The truth is that tourists rarely stay in their rooms for extended periods of time. A skybridge and walkways go directly into First World Plaza, which is essentially a mini-city for shopping and entertainment. Inside, the Skytropolis Funland has indoor rides, bumper cars, and arcade games that will keep the kids entertained for hours. Snow World then provides a wonderful contrast with its artificial snow and ice slides, which are ideal for escaping the hot heat outside. The plaza also has a bowling alley, a video game park, and a variety of dining options, from casual food courts to quick ice cream kiosks.

Next door to all of this, the resort continues to expand. Families who still have energy to burn can visit Genting SkyWorlds, a large outdoor theme park with roller coasters, cinema and adventure zones. A quick cable car trip brings everything together, allowing you to enjoy the huge thrill attractions in the morning, shop in the afternoon, and return to your room without ever leaving the site. The only legal casino in the country is also right on your doorstep, and it always draws large groups that fill the hotel nightly.
[Source]

Source link

As a veteran engineer and product leader inside Microsoft Azure, Rohit Tatachar saw that many companies were building AI systems they couldn’t fully monitor or control in production.

In his new role at a Seattle startup, he’s doing something about it. 

Tatachar is now co-founder and CTO of Glacis, which builds tamper-proof records of AI behavior — what CEO Joe Braidwood has called a “flight recorder for enterprise AI.” His arrival comes as Glacis launches new open-source tools for monitoring and controlling AI agents.

Glacis, first covered by GeekWire in November 2025, was started by Braidwood and Dr. Jennifer Shannon, a psychiatrist and adjunct professor at the University of Washington. 

The company grew out of a difficult lesson: Braidwood’s previous startup, Yara, an AI-powered mental health tool, had to be shut down after he realized the models drifted from their intended behavior during extended conversations with vulnerable users.

After he wrote about the shutdown on LinkedIn, regulators, clinicians, engineers and insurance executives reached out with the same observation: when AI systems make decisions, nobody can independently verify whether the safety controls actually worked. 

That was the spark for Glacis. 

How it works: The startup’s core product, called Arbiter, sits in the path of every AI inference call and creates a signed record of the input, the safety checks that ran and the final output. 

The record can’t be altered after the fact. At scale, a system that Glacis calls the Witness Network notarizes those records into an auditable trail.

Customers can choose to run the system in “shadow mode,” observing without intervening, or in enforcement mode, where it actively constrains the AI’s behavior.

Shannon, Glacis’ chief medical officer, said the stakes are especially high in healthcare. As a practicing child psychiatrist, she has seen AI-powered ambient scribes hallucinate content in her clinical notes, including fabricating medication prescriptions she never made.

“I would like to be able to go back and see every step of how that AI model made that decision,” she said. “If there’s no infrastructure for that, who is liable? Nobody’s going to sue AI. It’s me.”

The underlying challenge: Tatachar worked at Microsoft across two stints spanning nearly 19 years, most recently as a principal product manager on the Microsoft Foundry team, its platform for building and deploying enterprise AI applications and agents.

He said he saw companies building tools and running proofs of concept but struggling to move AI into production because they couldn’t explain or verify what their systems were doing.

There are three dimensions to the problem, he said: the baseline state of a customer’s infrastructure, model behavior, and what’s known as “intent drift,” where a system behaves differently than what a customer intended, even if the underlying model is functioning normally.

Glacis monitors deployments across all three. “It’s only when you converge these three that a customer has a real view of what actually happened,” Tatachar said.

New releases: Glacis is releasing auto-redteam, an open-source tool that automatically attacks AI systems across a range of vulnerability categories, then generates fixes and verifies their effectiveness. 

The company is also publishing OVERT 1.0, a standard for what it calls “observable verification evidence for runtime trust,” intended to give organizations a framework for building provable AI safety into their operations.

The launches come at a volatile moment for AI agent security. OpenClaw, an open-source AI agent framework, has attracted hundreds of thousands of developers since its debut in late 2025, but its rapid adoption has outpaced its security architecture.

Major cybersecurity firms including CrowdStrike and Cisco have published analyses warning of security vulnerabilities in the framework. Braidwood said this shows the need for infrastructure that can enforce safety controls at runtime, not just test them before deployment.

Target market: The company is focusing on customers in healthcare, fintech and insurance. 

It signed two pilot deals out of the JP Morgan healthcare conference earlier this year, with three more in the pipeline. Braidwood said the company sees healthcare as its entry point, but considers the problem ultimately universal to any deployment of AI.

A new development this week: Glacis is also opening a waitlist for a $49-per-month starter plan covering red teaming, enforcement and cryptographic attestation for up to 10,000 AI events per month. A $499 pro tier covers up to 100,000 events. 

Braidwood said the move is a deliberate shift toward making the technology accessible beyond the regulated enterprises and design partners the company has worked with so far.

Broader landscape: AI observability and security is a booming market, with well-funded startups and big companies offering runtime monitoring and guardrails for enterprise AI.

Braidwood said Glacis differentiates itself through its focus on cryptographic provability — not just detecting problems but producing tamper-proof evidence that safety controls ran, which he said could help companies negotiate insurance coverage and satisfy regulators.

Funding: Glacis has raised $575,000 from a group of investors that includes Geoff Ralston’s Safe Artificial Intelligence Fund, Mighty Capital, Sourdough Ventures and the AI2 Incubator. 

It is also part of Cloudflare’s Launchpad program and Plug and Play’s third Seattle accelerator cohort. Braidwood said the company hopes to close a seed round later this year.

Team: Glacis has five employees, including the three co-founders and two engineers. 

Tatachar said the company’s sixth “employee” will be an AI agent tasked with handling SOC 2 compliance work through Vanta. The team writes its core cryptographic code in Rust and uses Claude, Codex, and ChatGPT across its workflow.

“We’ve got a 100-person company,” Braidwood joked. “Five of them are real, and the rest are in the cloud or on the desk.”

Source link

Source link