PamStealer macOS infostealer, FortiBleed ransomware monetization, FBI NetNut proxy seizure, and AI compute ROI crisis dominate today's digest.
AI & Technology
Simon Willison applied DSPy's prompt optimization loop to the Datasette Agent SQL system prompt, running asynchronous evaluation against a benchmark to measure prompt quality improvements empirically rather than by intuition. The practical implication for anyone building LLM agents with structured outputs: DSPy's metric-driven prompt compilation can replace manual prompt iteration cycles with a reproducible optimization pipeline, which is directly applicable to cybersecurity triage agents where SQL or structured query generation accuracy is measurable. The async execution model Willison describes also suggests DSPy evaluations are cheap enough to run as part of a CI pipeline.
Cybersecurity
PamStealer distributes as a compiled AppleScript (.scpt) impersonating the Maccy clipboard manager, then abuses PAM (Pluggable Authentication Modules) to harvest macOS login credentials without triggering standard security prompts. The PAM abuse vector is operationally significant for macOS defenders: it sidesteps the typical osascript password dialog that most endpoint detections key on, making behavioral signatures based on AppleScript prompts insufficient. Purplelink's macOS distribution surface makes this directly relevant to supply-chain and notarization trust assumptions.
The FBI seized hundreds of domains tied to NetNut, operated by publicly-traded Israeli firm Alarum Technologies (NASDAQ: ALAR), marking a rare law enforcement action against a commercially listed residential proxy provider rather than a purely criminal operation. The ALAR ticker angle is non-obvious: this creates legal and reputational exposure for a company with public shareholders, potentially setting precedent for treating legitimate proxy-as-a-service businesses as criminal infrastructure when abuse thresholds are crossed. The Popa botnet seizure in the same action suggests coordinated supply-side disruption of the residential proxy ecosystem used heavily by fraud and credential-stuffing operations.
Google's Threat Intelligence Group (GTIG), working alongside the FBI, Lumen, and others, reduced NetNut's usable device pool from a network spanning 2 million home devices. The multi-party private-public takedown model here is worth noting: GTIG's network-level degradation complements FBI domain seizures, suggesting a maturing playbook for dismantling proxy infrastructure that doesn't rely solely on legal process. Connects to: FBI Seizes NetNut Proxy Platform, Popa Botnet.
Threat actors who established persistent access across thousands of Fortinet firewalls via the FortiBleed vulnerability are now monetizing that access through affiliations with Inc and Lynx ransomware groups, while also stacking a Nextcloud zero-day on top of existing footholds. The access-broker-to-ransomware pipeline materializing here is faster than typical: the transition from initial access to ransomware deployment is compressing, and the Nextcloud zero-day layering suggests actors are expanding lateral movement options before encryption. Defenders with Fortinet perimeter devices who haven't confirmed clean remediation of FortiBleed should treat this as active threat intelligence, not historical.
Finance & Business
Richard Windsor of Radio Free Mobile argues the market has conflated capex commitments from hyperscalers with actual end-user demand for AI compute, as the Philadelphia Semiconductor Index fell up to 6% on July 2 after an 88% advance in Q2. The distinction Windsor draws is operationally specific: hyperscaler GPU orders reflect competitive hedging and supply-chain positioning, not validated inference workload demand, meaning the demand signal the market priced in may be structurally overstated. This connects directly to the token ROI crisis narrative: if enterprise token spend isn't generating revenue lift, inference demand growth has a ceiling the capex buildout hasn't priced.
Next-generation AI data centers are forcing power equipment manufacturers to redesign product portfolios for a market projected to exceed $200 billion annually, with clear divergence emerging between firms positioned for high-density liquid cooling and those still optimized for traditional air-cooled deployments. The non-obvious angle is the supply chain bottleneck: power equipment lead times, not GPU availability, are now the binding constraint on AI factory deployment timelines, creating durable pricing power for a small set of transformer and switchgear manufacturers. This is a more specific infrastructure economics signal than generic AI capex commentary.
Entrepreneurship
Companies quintupled token spend in H1 2026 with almost no attributable revenue lift, per Harry Stebbings and Jason Lemkin's end-of-June recording. The structural problem this surfaces for AI-native SaaS builders: token cost is now a COGS line that scales with usage but doesn't yet correlate with customer willingness to pay, creating margin compression at exactly the growth inflection point. The Anthropic-wants-Chinese-open-source-banned thread is worth tracking separately as a potential regulatory moat play.
Vercel collapsed a 10-person SDR function to 1 headcount at $5,000 annual total cost using AI agents, six weeks after their COO joined from Google and Stripe. The specific cost figure is the signal: $5K/year for outbound at Vercel's scale implies the unit economics of AI-replaced GTM roles are already an order of magnitude better than human equivalents, not marginally better. For a one-person software studio, this validates aggressive agent-first GTM as viable without the traditional SDR ramp cost.
Worth Reading
Ars adds context that PamStealer's tradecraft reflects a broader trend of increased investment in Mac infostealers, with threat actors now matching the operational sophistication previously reserved for Windows-targeting campaigns. The stealth angle worth tracking: compiled AppleScript bypasses many static analysis pipelines that scan for shell scripts or Mach-O binaries, not .scpt bundles. Connects to: PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords.