Nation‑state targeting & physical/antitrust risks: IRGC escalates threats to MSFT/Stargate UAE DC, China IP theft, Russia Forest Blizzard Office tokens, FedRAMP, CMA/DMCCA/UK bundling full probe, ME DCs, Japan/Swiss/EU
Key Questions
What is the IRGC's threat to the Stargate AI data center?
The IRGC released a video in April escalating threats of 'complete and utter annihilation' against the $30B Stargate Abu Dhabi 1GW AI data center, involving partners like Microsoft, OpenAI, Nvidia, G42, Softbank, and Oracle. This highlights physical risks to Middle East data centers amid geopolitical tensions.
What is Russia's Forest Blizzard operation targeting?
Russia's Forest Blizzard (GRU/APT28) is hijacking DNS on routers to steal Microsoft Office and OAuth tokens from over 200 organizations and 5,000 devices, peaking in December 2025. This allows access to Microsoft services without direct user compromise.
How are China actors stealing AI models according to the Frontier Model Forum?
China is engaging in AI distillation theft, copying models like DeepSeek R1 and Moonshot. Anthropic, Google, and OpenAI are teaming up to combat this model copying.
What is the UK CMA investigating regarding Microsoft?
The UK Competition and Markets Authority (CMA) launched a probe into Microsoft's bundling of Windows Server and Microsoft 365 with its cloud services. This follows similar antitrust concerns in Japan, EU DMA, and Slack's claim against Teams integration.
What antitrust actions are occurring in Switzerland and Japan?
Switzerland's COMCO initiated a preliminary investigation into Microsoft licensing practices. Japan conducted raids related to antitrust issues involving Slack, while the EU addresses DMA compliance.
What is Anthropic's Project Glasswing?
Anthropic's Project Glasswing is an initiative discussed as necessary for security, featured in Hacker News discussions. It relates to broader efforts against threats like model theft.
What does the ProPublica report cover about FedRAMP?
ProPublica highlighted issues with FedRAMP, the U.S. government's cloud security authorization program, amid nation-state targeting risks to Microsoft infrastructure.
What is LinkedIn accused of in the recent report?
A report alleges LinkedIn scans over 6,000 Chrome extensions for fingerprinting user data. This is part of broader privacy and security concerns in Microsoft's ecosystem.
IRGC video (Apr escalation) threatens 'annihilation' of $30B Stargate Abu Dhabi 1GW AI DC (MSFT/OpenAI/Nvidia/G42/Softbank/Oracle); Frontier Model Forum intel on China AI distillation theft (DeepSeek R1/Moonshot); Russia Forest Blizzard (GRU/APT28) DNS hijacking routers for Office/OAuth tokens (200 orgs/5k devices, Dec'25 peak); UK CMA probe on Windows Server/M365 bundling; ProPublica FedRAMP; Swiss COMCO; Japan raid/Slack/EU/DMA; LinkedIn scanning; IRS phishing/M365 outage; Anthropic Glasswing.