A kind of wikilaw?

https://www.bespacific.com/there-is-no-single-place-to-find-the-worlds-laws/

There is no single place to find the world’s laws

Zacharie Laïk – There is no single place to find the world’s laws. “Legal Data Hunter is trying to fix that and 10 weeks in, it might actually work. 2 weeks ago, 351 collection scripts built by an AI agent to index the world’s laws were open sourced. Within days, lawyers and developers from around the world started opening issues on the repo – requesting sources, flagging gaps, offering local expertise. No financial incentive. Just people wanting their own laws to be findable.

Here’s what it looks like:
→ Eros Chan  (Lawvable ) asked about China – 29,000 laws now indexed.
→ Nephelie Amolochitou Viskadouraki, LL.M., ASCO  suggested the Hellenic Capital Market Commission (HCMC) for Greek financial regulation – collector built and validated.
→ Timothy (from Solid Rock) pointed Hunter to the USPTO Open Data Portal for US patent and appeals decisions – now tracked and in pipeline.
→ Donald Henderson flagged Ontario e-Laws – 857 statutes and 2,190 regulations identified, collector built.
→ Bencium® Agentic AI  suggested Hungary’s national legislation database AND the UK’s new Lex API for legislation – both collectors running.
→ Luca Árpási  pointed agent to Hungary’s full court decision archive AND the Competition Authority’s published resolutions – both being indexed.
→ Niall C.  mapped out 5 separate UK planning appeal databases across England, Scotland, Wales, and Northern Ireland – restructured the entire UK map.
→ Stephen Abbott Pugh  suggested South Africa’s Open By-laws – now in pipeline.
→ Patricia Perelló Ibarra  contributed 3 pages of Spanish sources – being indexed live.

Some went from “issue opened” to “fully indexed” in under 48 hours.

Status update:
– 674 collection scripts (up from 351 2 weeks ago)
– 18,000,000+ documents indexed
– 100+ countries covered
– 550+ open legal data sources tracked

Legal Data Hunter runs every 30 minutes to make all open legal sources searchable. It writes collectors, tests them, fixes what breaks. While it doesn’t yet know every jurisdiction by heart – you might be able to help it figure out your own. If there is a legal source missing from your country, please open an issue. In many cases it can get indexed in days. We’re still looking for Jurisdiction Leads – people who want to own coverage for their country in what we think might become the world’s first exhaustive database of open legal data. What’s missing from your jurisdiction?”

As long as AI is not a person…

https://sloanreview.mit.edu/article/rethink-responsibility-in-the-age-of-ai/

Rethink Responsibility in the Age of AI

As AI systems take on more organizational decision-making, traditional models of accountability — focused on identifying a single culprit when something goes wrong — are breaking down. Drawing on recent research, the authors introduce narrative responsibility, a framework that maps the real story behind failures, distributes ownership across teams, and embeds ongoing reflection into everyday practice. This approach is essential for organizations navigating the complexity of AI-enabled decisions.

Early one morning in 2018, a self-driving Uber vehicle fatally struck a pedestrian in Tempe, Arizona. The world had questions: Who was responsible? Was it the safety driver behind the wheel? The engineers who designed the algorithms? Uber’s leadership? Or the regulators who had allowed autonomous-vehicle testing? The inability to name a single culprit signaled a profound shift in how responsibility must be understood and attributed in the age of intelligent technologies.

If you were US Intel, would you buy tis?

https://www.cnn.com/2026/04/08/china/china-supercomputer-hackers-hnk-intl

A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data

A hacker has allegedly stolen a massive trove of sensitive data – including highly classified defense documents and missile schematics – from a state-run Chinese supercomputer in what could potentially constitute the largest known heist of data from China.

The dataset, which allegedly contains more than 10 petabytes of sensitive information, is believed by experts to have been obtained from the National Supercomputing Center (NSCC) in Tianjin – a centralized hub that provides infrastructure services for more than 6,000 clients across China, including advanced science and defense agencies.

… Cyber security experts who have reviewed the data say the group is offering a limited preview of the alleged dataset, for thousands of dollars, with full access priced at hundreds of thousands of dollars. Payment was requested in cryptocurrency.

Maybe I’ll make up my own…

https://www.adamsmith.org/blog/my-final-list-of-useful-maxims

My final List of Useful Maxims

To demonstrate ‘line crossing’ you need clearly defined lines. Do we no longer recognize them?

https://www.bespacific.com/how-the-media-should-cover-this-deranged-president/

How the media should cover this deranged president

American Crisis – “The moment I saw Trump’s crazy and dangerous Truth Social post on the morning of Easter Sunday, I could imagine the freakout in newsrooms across the country. The essence of it would be something like this: “How much of this do we publish? How do we report this without breaking with every one of our standards and traditions?”…Based on my survey of regional-newspaper front pages on Monday morning, very few came anywhere near rising to the occasion. Many chose not to feature the story at all on their A1, or to give it much emphasis. The Philadelphia Inquirer and the Los Angeles Times did relatively well, leading their front pages with it. Both used Trump’s full language high up in their front-page story. There’s been a lot of talk — including here — about the media’s disastrous tendency to “sane-wash” Trump.  It comes down to this: The press, because of its own conventions and time-honored practices, normalizes him, and thus fails to get across the extreme nature of this president’s behavior. Ten years of sane-washing have had their effect. He remains in power, reelected, undeterred.  On seeing Trump’s post, I thought immediately of Mark Jacob’s October piece about how the media is missing the biggest story there is — Trump’s apparent mental illness. Jacob, a former Chicago Tribune editor, wrote: “It keeps getting worse, and the mainstream media keep making the same mistakes in their coverage of the King of Crazytown.” After Trump claimed he “predicted” 9/11, Jacob wrote on Bluesky that “the media need to be writing about his mental unfitness every day until we get rid of him and save our country.” But of course, that didn’t happen then, and it didn’t happen this time. And now, with this horrible Easter morning development, we’ve entered new territory. But let’s get real. If traditional techniques and language (“emphatic threats”) aren’t getting it done, what actually would work? I’ll make three suggestions, and would be happy to hear yours…”

Pushback.

https://www.bespacific.com/a-judge-mistakes-the-claude-chatbot-for-a-person/

A Judge Mistakes the Claude Chatbot for a Person

Wall Street Journal – no paywall: “A federal judge in Manhattan ruled in February that when a criminal defendant used an AI chatbot to prepare for his legal defense, he waived attorney-client privilege. The prosecution can now read every word he typed and the answers he received. If this reasoning stands, the consequences will reach far beyond artificial intelligence. The defendant in U.S. v. Heppner wasn’t a rogue litigant trying to replace his lawyers with a chatbot. He was represented by counsel and had already received privileged communications from his defense attorneys. His lawyers confirmed that he used Anthropic’s Claude to organize and analyze that material in preparation for meetings with counsel. He then shared the AI’s outputs with his attorneys, who used them in developing their strategy. Judge Jed Rakoff held that the Claude transcripts were protected by neither the attorney-client privilege nor the work-product doctrine. The court’s reasoning: By typing information into an AI platform, the defendant “shared” it with a third party, and because Anthropic’s privacy policy permits data collection and potential further disclosure, no “reasonable expectation of confidentiality” existed.

Wall Street Journal – no paywall: “A federal judge in Manhattan ruled in February that when a criminal defendant used an AI chatbot to prepare for his legal defense, he waived attorney-client privilege. The prosecution can now read every word he typed and the answers he received. If this reasoning stands, the consequences will reach far beyond artificial intelligence. The defendant in U.S. v. Heppner wasn’t a rogue litigant trying to replace his lawyers with a chatbot. He was represented by counsel and had already received privileged communications from his defense attorneys. His lawyers confirmed that he used Anthropic’s Claude to organize and analyze that material in preparation for meetings with counsel. He then shared the AI’s outputs with his attorneys, who used them in developing their strategy. Judge Jed Rakoff held that the Claude transcripts were protected by neither the attorney-client privilege nor the work-product doctrine. The court’s reasoning: By typing information into an AI platform, the defendant “shared” it with a third party, and because Anthropic’s privacy policy permits data collection and potential further disclosure, no “reasonable expectation of confidentiality” existed.

The judge’s error was straightforward: He treated an AI model like a person. Throughout his opinion, he refers to the software engaging in “communications” with the user. But AI isn’t a person; it is a computing process. It can’t be deposed, call the police or betray a confidence. The third-party disclosure rule exists because sharing information with a human being creates a risk that the human will further disseminate it. That risk doesn’t exist when the “third party” is a statistical model running on a server. Judge Rakoff considered, and dismissed, the obvious point that typing into an AI tool is no different from typing into a cloud-based software, such as Google Docs. His answer, that cloud computing “is not intrinsically privileged in any case,” is a non sequitur. The question isn’t whether Google Docs creates privilege. It’s whether Google Docs destroys it. No lawyer in America thinks drafting a confidential memo in Google Docs waives the privilege over its contents. Judge Rakoff’s opinion doesn’t explain why the same act in another application does. No court has ever gone this far. The American Bar Association concluded in 2017 that lawyers may use cloud computing without waiving privilege, provided they take reasonable security precautions. State bar authorities in New York, California and elsewhere have reached the same conclusion. The entire legal profession has operated on this understanding for more than a decade. Judge Rakoff’s opinion doesn’t cite, distinguish or acknowledge any of these authorities….”

Food for thought?

https://pogowasright.org/article-against-privacy-essentialism/

Article: Against Privacy Essentialism

Privacy scholar Daniel Solove writes:

I’m pleased to share the final version of my article, “Against Privacy Essentialism” 104 N.C. L. Rev. 613 (2026).

In this article, I examine a foundational question: What is privacy? It is a question that has challenged scholars, courts, and policymakers for years, and for good reason. How privacy is defined shapes legal outcomes and influences how laws and regulations are drafted, interpreted, and enforced. This article explores why these questions matter and why our understanding of privacy remains so consequential.

Download for free on SSRN.

Modern war…

https://www.theregister.com/2026/04/07/iran_hackers_disrupting_us_water_energy/

Iran cyber actors disrupting US water, energy facilities, FBI warns

Iranian-affiliated actors have escalated intrusions targeting critical US water and energy facilities, in some cases disrupting operations, the FBI and American cyber defense agencies said on Tuesday.

… Iran's cyber intrusions targeting critical infrastructure have been ongoing since March, according to the feds, and they aim to disrupt operational technology (OT) devices, specifically programmable logic controllers (PLCs) manufactured by Rockwell Automation/Allen-Bradley.

PLCs are used to control and monitor industrial equipment in water treatment plants, food production sites, oil refineries, power grids, and other critical facilities, and they've been a longtime favorite target of Iranian cyber crews.

(Related)

https://www.theregister.com/2026/04/08/microsoft_armored_datacenters/

Microsoft hints at bit bunkers for war zones

Microsoft is reevaluating how it designs and builds datacenters in conflict-prone regions after Iran began targeting Middle Eastern bit barns in retaliation for US military operations.

… Smith also called for "strong international rules to promote the protection of civilian infrastructure," which he argued should include datacenters.

Yes, I’m concerned.

https://www.bespacific.com/when-war-crimes-rhetoric-becomes-battlefield-reality/

When War Crimes Rhetoric Becomes Battlefield Reality

Just Security: “Tuesday will be Power Plant Day, and Bridge Day, all wrapped up in one, in Iran. There will be nothing like it!!!” posted President Donald Trump on Easter Sunday. In case one thought that was an impulsive utterance, it’s notable that the president in apparently prepared remarks a few days earlier said, “If there is no deal, we are going to hit each and every one of their electric generating plants very hard and probably simultaneously.” Such rhetorical statements – if followed through – would amount to the most serious war crimes – and thus the president’s statements place service members in a profoundly challenging situation. As former uniformed military lawyers who advised targeting operations, we know the presidents’ words run counter to decades of legal training of military personnel and risk placing our warfighters on a path of no return….

• First, such threats undermine U.S. legitimacy and global standing, as they demonstrate a rejection of binding international agreements and core commitments to the laws of war. Indeed, the U.S. military doubled down on its commitment to the law of war following Vietnam War-era atrocities, requiring our Armed Forces to follow the law regardless how any conflict is characterized. An operation that followed through on Trump’s rhetoric would be one of infamy in the history of modern warfare.

• Second, they pose a significant risk of moral and psychic injury for servicemembers. National soul-searching regarding how Americans fight followed the long U.S. wars in Afghanistan and Iraq, in which both civilian casualties and detainee abuse undermined strategic objectives and weighed heavily on soldiers’ consciences long after the fighting stopped. This reflection led to initiatives such as the Pentagon’s civilian harm mitigation program and new laws regarding detention and interrogation practices, strengthening U.S. commitment to fighting honorably and effectively through adherence to the law.

• Finally, the public record of intent to commit war crimes puts soldiers at risk of later liability. In any future war crimes or U.C.M.J. investigation—for which there may be no statute of limitations—their actions will be judged based on the reasonably available information at the time of the strikes. See, e.g., Executive Summary of the Investigation of the Alleged Civilian Casualty Incident in the al Jadidah District, Mosul, May 8, 2017. Long after the Secretary of Defense receives his anticipated pardon from the president, it is not unlikely that both his and Trump’s expressly stated intent to commit acts that amount to clear war crimes and to dispense with “stupid rules of engagement” may be considered evidence of notice and scienter on the part of servicemembers’ during any future congressional or criminal investigations.

The U.S. military trains to fight with precision and lethality according to the law of war – precision meaning attacking only lawful military objectives while doing our utmost to protect innocent civilians caught up in the fight. The legal hurdle to convert a civilian object such as a power plant into a lawful military objective is a high one because the United States and its allies vigorously rejected “total war” after the massive suffering endured by millions during World War II. What President Trump threatens is exactly that, from a civilian targeting perspective – total war against Iran, a complete rejection of the legal limits the United States has incorporated into the law governing U.S. military operations for both pragmatic and moral reasons…”

Perhaps AI is not your friendly lawyer…

https://www.bespacific.com/discovering-a-conversation-with-a-machine-friend-ai-assisted-legal-research-as-an-unmitigated-litigation-vulnerability/

Discovering a Conversation with a Machine Friend: AI-Assisted Legal Research as an Unmitigated Litigation Vulnerability

Abdilla, Justin, Discovering a Conversation with a Machine Friend: AI-Assisted Legal Research as an Unmitigated Litigation Vulnerability (February 12, 2026). Available at SSRN: https://ssrn.com/abstract=6227600 or http://dx.doi.org/10.2139/ssrn.6227600

On February 10, 2026, a federal judge ruled that every document a criminal defendant generated using a commercial AI tool was discoverable. The ruling in United States v. Heppner applied existing privilege doctrine to AI-generated legal research and found it protected by neither the attorney-client privilege nor the work product doctrine. The result is architecturally inevitable: because commercial AI platforms route queries through third-party servers, every interaction fails the confidentiality requirement that both doctrines demand. This paper argues that the legal profession’s response — update your policies, train your staff, be careful what you type — is inadequate. It catalogs six attack vectors an adversary can exploit to obtain AI interaction data, demonstrates that analogous research activities already receive legal protection, and proposes a three-part remedial framework: draft amendment language for Federal Rule of Civil Procedure 26(b)(1) establishing qualified protection for AI-assisted research, a technological remediation strategy through local AI deployment, and a practitioner’s objection toolkit with ready-to-file motion language. More than eight hundred million people use generative AI. The discovery apparatus has identified their conversations as a largely unprotected evidentiary resource. This paper offers a framework to close the gap.

Slow but sure?

https://fpf.org/blog/the-rest-of-the-west-oregon-and-washington-build-on-california-chatbot-law/

The Rest of the West: Oregon and Washington Build on California Chatbot Law

The West Coast now has a full set of chatbot laws on the books. Following California’s SB 243 (signed in 2025 and effective January 1, 2026) both Oregon (SB 1546 ) and Washington (HB 2225 ) enacted companion chatbot laws that will take effect on January 1, 2027. Together, these laws establish a new framework for regulating chatbot interactions with minors.

Tools & Techniques.

https://techcrunch.com/2026/04/07/adobe-launches-acrobat-spaces-a-free-ai-powered-study-tool-for-students/

Adobe launches Acrobat Spaces, a free AI-powered study tool for students

Adobe Acrobat has largely catered to professionals with its recent AI features. Now, the company is turning its attention to students by making the Acrobat more useful with the launch of a new AI tool called Acrobat Spaces. The tool will allow students to create presentations, flash cards, and quizzes from study materials such as PDFs, links, and notes.

With the launch, the creative suite company is trying to compete with other AI tools like Google’s NotebookLM, Goodnotes, and Turbo AI, all of which allow students to upload documents to generate different kinds of study materials. To gain traction, Adobe is making Adobe Acrobat Spaces free, and it’s hosting it on a separate URL. Plus, users can get started with Acrobat Spaces without logging in.

Oh look, another one! (#23 is Trump related?)

https://www.adamsmith.org/blog/a-further-group-of-useful-maxims

A further Group of Useful Maxims

Patient and friendly…

https://thehackernews.com/2026/04/285-million-drift-hack-traced-to-six.html

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and meticulously planned social engineering operation undertaken by the Democratic People's Republic of Korea (DPRK) that began in the fall of 2025.

The Solana-based decentralized exchange described it as "an attack six months in the making," attributing it with medium confidence to a North Korean state-sponsored hacking group dubbed UNC4736, which is also tracked under the cyptonyms AppleJeus, Citrine Sleet, Golden Chollima, and Gleaming Pisces.

Tools & Techniques. (For you spare time.)

https://timesofindia.indiatimes.com/education/news/harvard-opens-more-free-online-courses-in-ai-data-science-programming-check-full-list-and-direct-links/articleshow/130035669.cms

Harvard opens more free online courses in AI, data science, programming: Check full list and direct links

… The offerings span key areas such as artificial intelligence, data science, computer science, and web development, and are open to learners globally. These courses are available under a free audit track, allowing users to access study material and lectures, while a paid option is typically required for certification.

I see trouble ahead…

https://scholarship.law.uc.edu/ihrlr/vol7/iss1/2/

The Expanding Digital Border: AI, Surveillance, and the Fight for Justice

As artificial intelligence transforms the mechanisms of immigration control, the modern border has become a digital filter—one governed less by geography and more by code. This Article examines the legal, technical, and ethical implications of AI-driven systems now central to global border enforcement, including biometric surveillance, algorithmic risk scoring, and predictive profiling. It explores how states use these technologies not only to manage irregular migration, but to compete for global talent—constructing migration regimes that reward capital and compliance while eroding transparency, due process, and equality.

Through an international and comparative lens, the piece highlights the expansion of algorithmic decision-making across jurisdictions, revealing how AI systems increasingly operate beyond judicial scrutiny and with little accountability. The legal foundations for border exceptionalism—sovereignty, discretion, and national security—are now being repurposed to justify opaque automation, often with disproportionate impact on vulnerable populations.

The Article argues that traditional constitutional and human rights frameworks must evolve to meet the challenges of AI governance at the border. It outlines practical steps for attorneys and policymakers, including redefining "search" in the digital age, requiring algorithmic warrants, mandating human oversight, and building enforceable audit standards. It calls for cross-border legal-technical collaboration and international safeguards that ensure data mobility does not eclipse human dignity.

Ultimately, the Article contends that AI at the border is not merely a technical innovation but a constitutional inflection point—testing whether the rule of law can withstand the pressures of automated governance. The battle for liberty will not be fought in streets or courtrooms alone, but in the architecture of the digital border itself. And in that fight, freedom’s survival will depend on whether humanity still believes it is worth the uncertainty that safety cannot bear.

AI has no incentive to create? But it’s programmed in! (Same for humans?)

https://journals.sagepub.com/doi/abs/10.1177/0730031X261430482

Can Artificial Intelligence-Generated Inventions Be Protected by Patent Law?

The rapid advancement of artificial intelligence (AI) has enabled machines to autonomously generate technical solutions, thereby challenging the foundational assumptions of patent law. In this context, can AI-generated inventions be protected by patent law? There is a great controversy in the global academic community about this issue. One side advocates for protection, while the other opposes. There are two main reasons for the above controversy. First, scholars have different opinions on the subject of who completed the AI-generated inventions: Is it a person or a machine that completed such invention? Second, there is controversy over whether AI-generated inventions need to be incentivized. In the face of these controversies, it should be noted that humans play a core role in the creation of AI-generated inventions, and there is a need for incentives for AI-generated inventions. Therefore, it should be affirmed that AI-generated inventions can be protected by patent law. However, this does not mean that all AI-generated inventions can be protected by patent law: only when sufficient human intervention requirements are met can the invention be protected.

Worth a thought?

https://lawandworld.ge/index.php/law/article/view/954

Artificial Intelligence in Judicial Decision-Making: Can a Robot Replace a Judge?

This article examines the concept of the “robot judge” and evaluates the legal, ethical, and human rights implications of using artificial intelligence in judicial decision-making. The study explores whether AI can partially or fully perform judicial functions and assesses the extent to which algorithmic tools may be integrated into courts without undermining the fundamental principles of justice. The article is based on doctrinal legal analysis, comparative review, and a human-rights-oriented approach. It distinguishes between administrative automation, decision-support systems, and fully automated adjudication, arguing that these forms of technological involvement raise different levels of legal concern. The paper demonstrates that AI may offer important benefits for judicial systems, including greater efficiency, faster case processing, improved consistency, and enhanced access to justice, especially in repetitive or low-value disputes. At the same time, the article identifies serious risks associated with algorithmic bias, lack of transparency, limited explainability, accountability gaps, and threats to the right to a fair trial. Attention is given to the relationship between AI and judicial discretion, emphasizing that legal reasoning is not a purely mechanical exercise but a process involving interpretation, contextual evaluation, proportionality, and moral judgment. The article concludes that AI should not replace human judges in the exercise of final judicial authority. A legally acceptable model is the use of AI as a supportive instrument under meaningful human supervision, clear regulatory safeguards, transparency requirements, and effective mechanisms of review. Such an approach best reconciles technological innovation with the rule of law and the protection of human dignity.

Everybody talks about the weather…

https://www.bespacific.com/nyc-bar-association-follow-up-report-documents-escalating-constitutional-violations/

New York City Bar Association Follow-Up Report Documents Escalating Constitutional Violations

“The New York City Bar Association (City Bar) has released an update to its December 2025 report on presidential abuse of power, documenting a sharp escalation of constitutional violations by President Donald J. Trump and his Administration since that report was issued, and calling on Congress to act immediately, including by considering impeachment, to hold the President and his appointees accountable. “The question is no longer if, but when: Congress must act immediately to curb these abuses — including the illegal acts of aggression and unauthorized war against Iran launched on February 28, 2026 — and hold those responsible to account,” the report states. The update, titled “The Crisis Deepens: Congress Must Act Now to Address Escalating Abuses of Executive Power,” documents a wide range of intensifying constitutional abuses, including the militarized occupation of Minneapolis by federal immigration agents, unlawful acts of military force against foreign nations, and attacks on voting rights…”

Does the pentagon use zoom as frequently as it uses Powerpoint?

https://www.schneier.com/blog/archives/2026/04/company-that-secretly-records-and-publishes-zoom-meetings.html

Company that Secretly Records and Publishes Zoom Meetings

WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link ) the recordings. It doesn’t use the Zoom record feature, so Zoom can’t do anything about it.

Any new tool can cause injuries until you learn the proper way to use it.

https://www.npr.org/2026/04/03/nx-s1-5761454/penalties-stack-up-ai-spreads-through-legal-system

Penalties stack up as AI spreads through the legal system

… Last year saw a rapid increase in court sanctions against attorneys for filing briefs containing errors generated by artificial intelligence tools. The most prominent case was that of the lawyers for MyPillow CEO Mike Lindell, who were fined $3,000 each for filing briefs containing fictitious, AI-generated citations.

But as a cautionary tale, it doesn't seem to have had much effect.

"Recently we had 10 cases from 10 different courts on a single day," says Damien Charlotin, a researcher at the business school HEC Paris who keeps a worldwide tally of instances of courts sanctioning people for using erroneous information generated by AI.

… Penalties are also on the rise, he says. A federal court may have set a new record last month with an order for a lawyer in Oregon to pay $109,700 in sanctions and costs for filing AI-generated errors.

Hacking for fun and profit.

https://www.schneier.com/blog/archives/2026/04/possible-us-government-iphone-hacking-tool-leaked.html

Possible US Government iPhone Hacking Tool Leaked

Wired writes (alternate source ):

Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code. In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers.

[…]

Coruna’s code also appears to have been originally written by English-speaking coders, notes iVerify’s cofounder Rocky Cole. “It’s highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government,” Cole tells WIRED. “This is the first example we’ve seen of very likely US government tools ­based on what the code is telling us­ spinning out of control and being used by both our adversaries and cybercriminal groups.”

TechCrunch reports that Coruna is definitely of US origin:

Two former employees of government contractor L3Harris told TechCrunch that Coruna was, at least in part, developed by the company’s hacking and surveillance tech division, Trenchant. The two former employees both had knowledge of the company’s iPhone hacking tools. Both spoke on condition of anonymity because they weren’t authorized to talk about their work for the company.

It’s always super interesting to see what malware looks like when it’s created through a professional software development process. And the TechCrunch article has some speculation as to how the US lost control of it. It seems that an employee of L3Harris’s surviellance tech division, Trenchant, sold it to the Russian government.

Just because this one is “major.”

https://www.politico.com/news/2026/04/01/fbi-hack-surveillance-system-major-incident-00854237

FBI declares suspected Chinese hack of US surveillance system a ‘major cyber incident’

The FBI last week deemed a recent China-linked cyber intrusion into a sensitive agency surveillance system a “major incident,” meaning it poses significant risks to U.S. national security, according to one congressional aide and two U.S. officials with knowledge of the matter.

The bureau first told Congress on March 4 that it was investigating suspicious activity on an internal agency system that contained “law enforcement sensitive information.” The FBI did not publicly identify who was behind the activity at the time, but POLITICO previously reported that China is suspected.

When self-driving cars are much more common they could become a serious weapon. (Can you say, ‘kamikaze cars?’)

https://thenextweb.com/news/baidu-apollo-go-robotaxi-wuhan-mass-malfunction

More than 100 Baidu robotaxis froze mid-traffic in Wuhan. The age of the mass fleet failure has arrived.

On Tuesday evening in Wuhan, more than 100 of Baidu’s Apollo Go robotaxis stopped moving. They did not pull over. They did not activate an emergency protocol. They simply froze, scattered across the city’s roads and elevated highways, some in the middle lane of ring roads with traffic streaming past on both sides. Passengers trapped inside called the police. Videos circulating on Weibo showed Apollo Go vehicles stranded at intersections, hazard lights blinking, going nowhere. One clip appeared to show the outage causing a highway collision, though Wuhan police said no injuries were reported and all passengers exited their vehicles safely.

They keep coming.

https://www.adamsmith.org/blog/another-group-of-useful-maxims

Another Group of Useful Maxims