Wed. 07/28 – Don’t Sleep On That SharePoint Exploit - Tech Brew Ride Home

Summary6 min read

Techmeme Ride Home: Episode Summary – “Don’t Sleep On That SharePoint Exploit”

Release Date: July 23, 2025
Host: Brian McCullough
Duration: 15 minutes

1. Critical SharePoint Exploit Leads to Widespread Breaches

Overview:
The episode opens with a pressing alert about a significant SharePoint zero-day vulnerability that has been actively exploited by Chinese nation-state actors, causing extensive breaches across multiple sectors.

Key Points:

Nation-State Exploitation:
Microsoft has identified two Chinese threat actors, Lennon Typhoon and Violet Typhoon, actively exploiting SharePoint vulnerabilities. Brian McCullough cites Bleeping Computer, stating, "It's critical to understand that multiple actors are now actively exploiting this vulnerability," referencing Charles Carmocold, CTO of Google Cloud's Mandiant Consulting (00:04).
Scope of the Breach:
Cybersecurity firm Check Point revealed initial signs of exploitation on July 7, targeting government, telecommunications, and software sectors in North America and Western Europe. A Bloomberg source disclosed that the U.S. National Nuclear Security Administration (NNSA) was among the breached entities. Although no sensitive or classified information was compromised, the breach of such a critical agency underscores the severity (00:04).
Response and Patching:
Microsoft promptly patched the vulnerabilities during the July Patch Tuesday updates. Emergency patches were subsequently released for various SharePoint editions to mitigate further exploitation. Despite these efforts, estimates indicate that around 400 government agencies and corporations have been breached via this exploit, a stark increase from initial estimates (00:04).

Notable Quote:
"Multiple actors are now actively exploiting this vulnerability," – Charles Carmocold, CTO of Google Cloud's Mandiant Consulting (00:04)

2. Apple Launches AppleCare One: A Comprehensive Insurance Plan

Overview:
Apple introduced AppleCare One, a bundled insurance plan aimed at providing extensive coverage for multiple devices at an affordable monthly rate, highlighting the company's strategic pivot towards expanding its services division.

Key Points:

Plan Details:
Priced at $20 per month, AppleCare One covers up to three devices, including battery replacements, accidental damage, and theft or loss. Additional devices can be added for $6 extra per month. The service is available exclusively in the U.S. initially, with a wide range of devices covered, from iPhones and Macs to the Vision Pro headset (05:47).
Strategic Significance:
This move emphasizes the growing importance of Apple's services segment, which is projected to exceed $100 billion in revenue this year. AppleCare One allows users to bundle multiple devices under a single plan, simplifying insurance management and potentially increasing customer loyalty (05:47).
User Experience:
Customers can sign up via Apple devices or in-store, with the option to add coverage to existing devices up to four years old, subject to diagnostic tests. The plan automatically updates when customers upgrade their devices, ensuring continuous protection (05:47).

Notable Quote:
"The new program will cover all products already offered under the existing AppleCare plus plan," – Brian McCullough (05:47)

3. Elon Musk’s XAI Struggles in the Competitive AI Landscape

Overview:
The discussion shifts to XAI, Elon Musk's AI venture, highlighting its ambitious expansion plans amid financial strain and intense competition in the AI sector.

Key Points:

Financial Challenges:
Despite recently raising $10 billion, XAI is seeking an additional $12 billion to acquire Nvidia chips essential for scaling its AI infrastructure. Valor Equity Partners, closely tied to Musk, is in talks to secure this funding, which is critical for training and powering the AI chatbot Grok (05:55).
Infrastructure Expansion:
XAI has rapidly built and expanded its data centers, including Colossus in Memphis, Tennessee, which houses up to 200,000 Nvidia GPUs. This rapid scaling is unprecedented, with Nvidia CEO Jensen Huang commending Musk's ability to marshal resources (05:55).
Strategic Risks:
The reliance on debt and the fast depletion of cash reserves pose significant risks. XAI's projections indicate a burn rate of $13 billion in 2025, with ongoing financial obligations looming. The potential for lenders to foreclose on leased chips adds to the uncertainty (05:55).

Notable Quote:
"A startup will likely have to raise even more in the coming months, given the sums of cash needed to train large AI models," – Brian McCullough discussing XAI's financial strategies (05:55)

4. Alibaba Advances in AI with New QEN Models

Overview:
Alibaba's AI division, Kwen, has unveiled new models that are gaining traction for their performance and efficiency, positioning China as a formidable player in the global AI race.

Key Points:

Model Innovations:
Alibaba released the QEN 3235B and QEN3 Coder, boasting enhanced reasoning accuracy and multilingual capabilities. These models incorporate 480 billion parameters and utilize a mixture of experts architecture, significantly improving coding and agent decoding tasks (10:12).
Performance Enhancements:
According to VentureBeat, these models outperform competitors like Moonshot's Kimi 2 and Claude's Opus 4, particularly in coding alignment and long-context handling. The introduction of an FP8 version allows for more efficient operations, reducing memory and processing demands without compromising performance (12:38).
Practical Applications:
The FP8 model enables organizations to deploy AI capabilities on less expensive hardware or optimize cloud usage, resulting in faster response times and lower energy costs. This makes Alibaba's offerings highly attractive for production environments with stringent latency and cost requirements (12:38).

Notable Quote:
"Alibaba's Kwen team... are already attracting attention once more from AI power users in the west for their top performance," – Brian McCullough referencing VentureBeat (10:12)

5. Amazon Acquires Bee; Proton Launches Lumo AI Chatbot

Overview:
Two significant developments in AI-driven consumer technology are highlighted: Amazon's acquisition of Bee, a conversational AI device, and Proton's introduction of Lumo, an encrypted AI chatbot.

Key Points:

Amazon's Acquisition of Bee:
Amazon has acquired Bee, a $50 wearable device that listens to conversations and uses AI to provide daily summaries and suggestions. While Bee's functionality includes accessing various personal data to enhance AI insights, its accuracy has room for improvement, as observed by Victoria Song, who noted, "It tends to confuse real life conversations with the TV shows, TikTok videos, music and movies that it heard" (13:13). Amazon assures enhanced privacy controls post-acquisition (13:13).
Proton's Lumo Chatbot:
Proton introduces Lumo, an AI chatbot designed with privacy at its core. Utilizing Zero Access Encryption, Lumo ensures that user data remains inaccessible to Proton and third parties. Features include document summarization, code generation, and secure file analysis. The chatbot limits data retention and offers enhanced privacy features, with premium plans providing unlimited access and extended encrypted histories (13:13).

Notable Quotes:

"Proton can't share user data with advertisers or governments, or use it for training large language models," – Brian McCullough explaining Lumo's privacy features (13:13)
"Amazon spokesperson... said the company will work with Bee to give users even greater control over their devices when the deal closes," – Brian McCullough on Amazon's privacy commitments (13:13)

6. Sam Altman Warns of AI-Driven Fraud Crisis

Overview:
In a concerning revelation, Sam Altman, CEO of OpenAI, warns of an impending fraud crisis fueled by AI's ability to impersonate individuals, posing significant threats to financial security and personal safety.

Key Points:

Potential for Fraud:
Altman expressed alarm at the vulnerability of current authentication methods, particularly voiceprint authentication. He stated, "A thing that terrifies me is apparently there are still some financial institutions that will accept a voiceprint as authentication... AI has fully defeated most of the ways that people authenticate currently other than passwords" (16:24).
Real-World Implications:
The FBI has previously warned about AI-enabled voice and video cloning scams. Examples include attempts to defraud parents by mimicking their children's voices and impersonating high-profile figures like Secretary of State Marco Rubio, leading to unauthorized communications with government officials and legislators (16:24).
Urgency for Improved Security:
Altman's warnings emphasize the critical need for updating and strengthening authentication protocols to safeguard against sophisticated AI-driven fraud attempts. The potential for widespread financial and reputational damage necessitates immediate action from both institutions and technology providers (16:24).

Notable Quote:
"I am very nervous that we have an impending, significant, impending fraud crisis," – Sam Altman, as reported by Brian McCullough (16:24)

Conclusion

Brian McCullough’s episode of Techmeme Ride Home delivers a comprehensive overview of critical developments in the tech landscape, from cybersecurity threats and innovative insurance solutions to the intense competition in the AI sector and emerging privacy-focused technologies. The discussions underscore the rapid pace of technological advancement and the accompanying challenges, particularly in security and ethical applications of AI.

Stay informed with the latest in tech by tuning into Techmeme Ride Home daily.

Loading summary

Transcript13 lines

[00:05]
Brian McCullough
Welcome to the Tech Meme Ride home for Wednesday, July 23, 2025. I'm Brian McCullough. Today, don't sleep on that SharePoint exploit from earlier this week as it seems to have led to a ton of still active breaches. Apple has a new insurance plan for you. Elon wants even more money for Xai. The Chinese are still churning ahead with their AI models and three different stories about AI and privacy. Here's what you missed today in the world of tech. Probably need to update you on something important. Microsoft says it has observed two named Chinese nation state actors, Lennon Typhoon and Violet typhoon, exploiting the SharePoint zero day vulnerabilities. Quoting Bleeping Computer, we assess that at least one of the actors responsible for this early exploitation is a Chinese nexus threat actor. It's critical to understand that multiple actors are now actively exploiting this vulnerability, charles Carmocold, CTO of Google Cloud's Mandiant Consulting, told Bleeping Computer yesterday. Cybersecurity firm Check Point also revealed on Monday that it discovered the first signs of exploitation on July 7, adding that the attackers targeted dozens of entities across the government, telecommunications and software sectors in North America and Western Europe. Microsoft patched the two flaws as part of the July patch Tuesday updates used by threat actors to compromise fully patched SharePoint servers. Since then, it released emergency patches for SharePoint subscription edition, SharePoint 2019 and SharePoint 2016 to address both RCE flaws. End quote and yeah, a source tells Bloomberg that the U.S. national Nuclear Security Administration was among those breached by that hack. No sensitive information is known to be compromised, but still, quote the US Agency responsible for maintaining and designing the nation's cache of nuclear weapons was among those breached by a hack of Microsoft SharePoint document management software, according to a person with knowledge of the matter. No sensitive or classified information is known to have been compromised in the attack on the Nuclear Security Administration, said the person, who wasn't authorized to speak publicly and asked not to be identified. The semi autonomous arm of the Energy Department is responsible for producing and dismantling nuclear arms. Other parts of the department were also compromised. The NNSA has a broad mission, which includes providing the Navy with nuclear reactors for submarines and responding to radiological emergencies, among other duties. The agency also plays a key role in counterterrorism and transporting nuclear weapons around the country. Hackers were able to breach the agency as part of a 2020 attack on a widely used software program from SolarWinds. A department spokesperson said that malware had been isolated to business networks only in addition to the Energy Department, the hackers have broken into systems belonging to national governments in Europe and the Middle east, the US Education Department, Florida's Department of Revenue, and the Rhode Island General Assembly. And as I was preparing to record this word from Isecurity that hackers have breached around 400 government agen corporations and other groups via this SharePoint breach, up from an estimate of only 60 yesterday. So not great. Bob Apple this Morning launched Apple Care One, an insurance plan covering up to three devices for $20 per month, including battery replacements, accidental damage and more, quoting Bloomberg. The new offering is called AppleCare One and costs $20 a month, the company said Wednesday. The service also includes battery replacements, all hours, customer support, and coverage for accidental damage such as drops and spills. Any additional products added to the plan will cost an extra $6 a month. Customers can sign up for the plan on their iPhone, iPad or Mac, or in person at a retail store. The service, which will be limited to the US for now, launches widely on Thursday. The announcement underscores the growing importance of Apple's services division, which also includes things like The App Store, iCloud, the TV platform and music streaming. The unit is on track to eclipse $100 billion in revenue this year, making it Apple's biggest moneymaker besides the iPhone. The new program will cover all products already offered under the existing AppleCare plus plan, including iPhones, iPads, Macs watches, the Vision Pro headset displays, headphones, TV set top boxes and HomePod speakers. The service covers any product, model or variation so users can bundle, for example, an iPhone 16 Pro with the Vis Pro and a newer model MacBook Pro without it affecting the cost. It also includes theft and loss coverage, which lets customers get a new iPhone, iPad or Apple Watch if their device is lost or stolen. The company already offers this as an add on to its standard Care plus service, with prices varying by product. Apple hardware typically comes with a one year limited warranty and 90 days of included tech support, but the company has long offered care for extended protection at a range of prices. Care plus will still exist alongside AppleCare One for users who may prefer to purchase insurance a la carte. The bundled approach may appeal to consumers who own a variety of Apple products but are reluctant to purchase individual insurance plans for more than one or two of them. Once AppleCareOne launches, customers will be offered the option when they buy devices online or at a retail store. Coverage can also be added to existing products that are up to four years old, but consumers must agree to have a diagnostic test performed on their device to ensure that key components like the power button are functional. Apple may also ask users to upload a picture of the front of the device device to check the condition of the screen. Additionally, a customer's AppleCare One coverage will automatically update if, say, they trade in an old iPhone for a new one.
[05:48]
Unknown
End quote.
[05:56]
Brian McCullough
In the AI horserace, XAI is in this weird sort of position where they're maybe looked at as the dark horse in the race, but also they have the resources of Elon Inc. Behind them. But also how much in terms of resource can Elon deliver? We know he already spent billions on that mega data center and GROK seems to be respected, but maybe not cutting edge. So how much would it cost to make it cutting edge? Well, sources say that after just recently raising $10 billion, Xai is now working with a trusted financier to secure up to $12 billion more to buy Nvidia chips, quoting the journal Valor Equity Partners, an investment firm whose founder Antonio Gracias, has close ties to Musk, is in talks with lenders to raise the capital. The money would be used to buy a massive supply of advanced Nvidia chips that would be leased to XAI for a new jumbo sized data center meant to help train and power the AI chatbot Grok. Musk needs all the financial firepower he can get to stay competitive in a wild and costly AI battle with well funded rivals like Google, Microsoft and Meta. Grok hasn't gained nearly as much traction as OpenAI's ChatGPT and took a reputational hit earlier this month when it posted racist and controversial comments to users on the social media platform X. The startup apologized for what it called horrific behavior. With xai's balance sheet already stretched, Musk is getting creative to keep the money flowing. SpaceX recently invested $2 billion in XAI, effectively moving cash from the coffers of one Musk company to fund another. For the $5 billion in debt Xai raised in June, the company pledged its most prized asset, the intellectual property behind Grok, as part of the collateral. People familiar with the situation said the startup will likely have to raise even more in the coming months, given the sums of cash needed to train large AI models. Unlike startup competitors like OpenAI and Anthropic, Musk's company isn't joining with an existing cloud computing giant that could bear some of the costs of training and running large language models. Musk's XAI is paying build and run its own AI infrastructure. Cash at XAI is going out the door almost as soon as it arrives. Under projections shared with potential creditors a few months ago, XAI was slated to burn about $13 billion in cash in 2025. People familiar with the financials said the startup isn't profitable and generates a very small amount of revenue. Xai's more recent plan to lease chips through a complex debt deal would defray billions of dollars of spending but would lead to ongoing financial obligations. It took only 122 days for to build its first giant data center in Memphis, Tennessee. Dubbed Colossus, it originally housed 100,000 Nvidia Graphics Processing Units, or GPUs, among the world's largest cluster of AI chips. Just 92 days later, XAI doubled Colossus's size to 200,000 GPUs. That is like superhuman and as far as I know there's only one person in the world who could do that, Nvidia chief executive Jensen Huang said on a podcast last year. Elon is singular in his understanding of engineering and construction and large systems and marshaling resources. End quot XAI has indicated it wants to have 1 million chips powering Grok to pay for its second, even bigger Data center, dubbed Colossus 2. Xai is turning to Valor. Valor funds have invested in SpaceX, Tesla, SolarCity, the Boring Company and Neuralink, all Musk Enterprises. Valor and other private equity investors would contribute their own cash to a funding vehicle that would borrow billions of dollars more from private credit funds to purchase chips for the expansion. Money for interest and principal capital on the asset backed debt would come from payments Xai makes to use the new chips, and in the event of a shortfall, lenders could foreclose on them. Valor is negotiating with a group of funds and hopes to clinch a deal in coming weeks, but it could still fall apart, people familiar with the matter said. A key point of contention is how big the loan should be and how quickly it will come due. Some lenders want the debt to be repaid within three years and to cap the amount of money borrowed in order to limit their risk. AI chips lose value quickly because more powerful versions are constantly being developed. Demand for data centers could diminish or Xai could stumble for other reasons.
[10:13]
Unknown
End quote.
[10:21]
Brian McCullough
Well, and then there's the Chinese entrance into the horse race. Alibaba has released its new Quen 3235B, a 22B instruct 2507 model on hugging face, improving on Quen reasoning accuracy and multilingual understanding. Alibaba also debuted the QIN3 coder model for agent decoding including a 480 billion parameter mixture of experts, variant and open source Qin code. Quoting Simon Willison on that last bit first in addition to the new model, Qin released their own take on an agentic terminal coding assistant called qencode, which they describe in their blog post as being forked from Gemini Code, which is Apache 2.0, so a fork is in keeping with the license. They focused really hard on code performance for this release, including generating synthetic Data tested using 20,000 parallel environments on Alibaba Cloud to further burnish their coding credentials. The announcement includes instructions for running their new model using both Claude code and client using custom API based URLs that point to QEN's own capability proxies. Pricing for QEN's own hosted models through Alibaba Cloud looks competitive, end quote and then back to the flagship model quoting VentureBeat this week Alibaba's Kwen team, as its AI division is known, released the latest updates to its Kwen family, and they're already attracting attention once more from AI power users in the west for their top performance, in one case edging out Even the new Kimi 2 model from rival Chinese AI startup Moonshot. Released in mid July 2025. It also outperforms Claude's Opus 4 and its non thinking version. The new Qin 3 model update also delivers better coding results, alignment with user preferences and long context handling, according to its creators. In addition to the new model, the Qin team released an FP8 version, which stands for 8 bit floating point, a format that compresses the model's numerical operations to use less memory and processing power without noticeably affecting its performance. In practice, this means organizations can run a model with Q03's capabilities on smaller, less expensive hardware or more efficiently in the cloud. The result is faster response times, lower energy costs, and the ability to scale deployments without needing massive infrastructure. This makes the FP8 model especially attractive for production environments with tight latency or cost constraints.
[12:38]
Unknown
End quote.
[12:45]
You know where your business would be without you. Imagine where it could go with more of you. Well, with wix you can create a website with more of your vision, your voice, your expertise. Wix gives you the freedom to truly own your brand and do it on your own with full customization and advanced AI tools that help turn your ideas into reality. Grow your business into your online brand, because without you, your business is just business as usual.
[13:14]
Brian McCullough
Go to Wix.com Three loosely related stories to finish up today with First, Amazon has acquired Bee, which sells a $50 device that resembles a Fitbit is always listening to what's going on around, describes conversations and serves up daily AI summaries quoting the Verge, Bee makes a $49.99 Fitbit like device that listens in on your conversations while using AI to transcribe everything that you and the people around you say, allowing it to generate personalized summaries of your days, reminders and suggestions from within the Bee app. You can also give the device permission to access your emails, contacts, location reminders, photos and calendar events to help inform its AI generated insights as well as create a searchable history of your activities. My colleague Victoria Song got to try out the device for herself and found that it didn't always get things quite right. It tended to confuse real life conversations with the TV shows, TikTok videos, music and movies that it heard. When asked about Amazon's plans to apply the same privacy measures offered by Bee, such as its policy against storing audio, Amazon spokesperson Alexandra Miller said the company cares deeply about customer privacy and security, adding that the company will work with Bee to give users even greater control over their devices when the deal closes. Proton, the company behind the encrypted Proton email service, has launched Lumo, an AI chatbot to summarize documents, generate code and more, and says it will protect users information via Zero Access encryption. Quoting the Verge, the new chatbot called Lumo, can summarize documents, generate code, write emails and more while storing data locally on users devices. Proton says it will protect this information using Zero Access Encryption, which grants users an encryption key that only they can use to view the content, preventing third parties, including Proton, from accessing the information. This helps ensure that Proton can't share user data with advertisers or governments, or use it for training large language models, Proton says. Though Lumo comes with the ability to search the web, Proton turns this feature off by default to give users maximum privacy. If users enable the feature, Lumo will search the web for answers using privacy friendly search engines. Additionally, Proton says Lumo can analyze uploaded files, but it doesn't save any of its information. Users can link Proton Drive files to Lumo as well, which are supported by end to end encryption when interacting with the Chatbot. You can access Lumo now by heading to Lumo Proton Me or downloading the Lumo app for iOS and Android. Users who don't have access to a Lumo account or Proton account can only ask the chatbot a limited number of questions each week and they won't be able to access their chat histories. Meanwhile, users with a free account can view an encrypted chat history, upload small files and favorite a limited number of chats. There's also a $12.99 per month LUMA plus plan for access to unlimited chats, extended encrypted chat history, unlimited favorites, and the ability to upload large files.
[16:17]
Unknown
End quote.
[16:25]
Brian McCullough
And finally, in an interview at the Federal Reserve, Sam Altman warned of an impending fraud cris of how AI could enable bad actors to impersonate other people, quoting CNN A thing that terrifies me is apparently there are still some financial institutions that will accept a voiceprint as authentication for you to move a lot of money or do something else. You say a challenge phrase and they just do it, altman said. That is a crazy thing to still be doing. AI has fully defeated most of the ways that people authenticate currently other than passwords, end quote Altman isn't alone in worrying that AI will supercharge fraud. The FBI warned about these AI voice and video cloning scams last year. Multiple parents have reported that AI voice technology was used in attempts to trick them out of money by convincing them that their children were in trouble. And earlier this month, U.S. officials warned that someone using AI to impersonate Secretary of State Marco Rubio's voice had contacted foreign ministers, a U.S. governor and a member of Congress. I am very nervous that we have an impending, significant, impending fraud crisis, altman said.
[17:33]
Unknown
End quote.
[17:41]
Brian McCullough
Nothing more for you today. Talk to you tomorrow.
[17:46]
Unknown
What's the difference between DIY and doing it yourself? It's the difference between a part time passion and a full time business. WIX gives you the power to turn your passion into a moneymaker with a website that fits your unique vision. Let your ideas flow with AI that guides you but keeps you in the driver's seat. Manage your business from one dashboard and keep it growing with built in marketing features. It's time to turn your daydream into your dream job. Go to wix.com.