Important notice: If anyone who is a federal government worker or adjacent to the federal government, such as a contractor, has vital information to share with me, please feel free to contact me on Signal under my name, Cynthia Brumfield.

On Tuesdays and Thursdays, our premium subscribers have full access to our original content, expansive summaries, intelligently clustered related articles, our best and worst things of the day, and our customary closing thoughts.

So, please consider upgrading your subscription today to access this content along with Metacurity's complete archives.

Summary of the most critical infosec developments you should know today (complete postings available below to premium subscribers).

• Viral Chinese AI app DeepSeek stopped working yesterday due to what appeared to be a technical issue, although a banner on the app’s web chat also said that DeepSeek’s “online services have faced large-scale malicious attacks" from unspecified sources.
• Donald Trump said that Microsoft is in talks to acquire the US arm of ByteDance Ltd.’s TikTok without offering any details.
• The European Union sanctioned three hackers, GRU officers Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov, who were part of Unit 29155 of Russia's military intelligence service (GRU), for their involvement in cyberattacks targeting Estonia's government agencies in 2020.
• Three men, Callum Picari from Hornchurch, Vijayasidhurshan Vijayanathan from Aylesbury, and Aza Siddeeque from Milton Keynes, were sentenced in a London court after pleading guilty to operating a sophisticated scheme that helped fraudsters log into victims’ bank and telecoms accounts.
• Ukraine has denied allegations of involvement in a cyberattack on Slovakia's national insurance company following accusations by Slovak Prime Minister Robert Fico.
• Scammers based in West Africa, likely in Nigeria, who go under the broad umbrella of the Yahoo Boys, have increasingly been seen sending blackmail victims videos, likely using AI-generated news anchors in a bid to pressure victims into paying up.
• Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users.
• Japanese researcher RyotaK of GMO Flatt Security discovered that three distinct but related attacks, dubbed 'Clone2Leak,' can leak credentials by exploiting how Git and its credential helpers handle authentication requests.
• Researchers at Cisco Talos revealed a surge in the use of so-called “hidden text salting” techniques to evade email security measures in the latter half of 2024.
• Brazil’s data protection watchdog, the National Data Protection Authority (ANPD), has ordered the company behind the biometrics for the World ID project to stop offering crypto or financial compensation for collecting biometric data from its citizens.
• A cyberattack on the Matagorda County government, which serves about 40,000 residents in Texas, forced officials to declare a disaster over the weekend.
• Researchers at Zimperium report that a new phishing scam targeting mobile devices was observed using a “never-before-seen” obfuscation method to hide links to spoofed United States Postal Service (USPS) pages inside PDF files.
• Non-human identity security company Token Security raised $20M in Series A venture funding round.

Policymakers are silent so far on DeepSeek's security threats

A tech earthquake in the form of an important new AI model from China called DeepSeek radically altered and possibly leveled the landscape for Silicon Valley titans who have spent hundreds of billions of dollars developing pricey chips and LLM-based systems to usher in the AI revolution.

News that previously little-known DeepSeek, owned and solely funded by an obscure Chinese hedge fund called High-Flyers, spent only $5.6 million on its latest AI model, called R1, which nonetheless has been favorably compared to exorbitantly expensive OpenAI and other leading AI models, sent shockwaves through the financial markets, which continue today.

Shares of AI chip leader Nvidia fell 17% yesterday, costing the company $593 billion in market value and causing a rout across all financial exchanges.

Although Nvidia pretended that DeepSeek is a welcome competitor and Donald Trump said that the entrance of the low-cost competitor is "very much a positive development," there is no question that DeepSeek, like TikTok, will become yet another Chinese tech giant deeply embedded in applications that Americans rely on, sucking up vast amounts of data that are likely to be even more highly sensitive than the mounds of information collected by the about-to-be-banned but still-functioning Chinese-owned video service.

The absence of calls to ban DeepSeek or otherwise limit its use among Americans was notable yesterday despite the prevalence of China hawks throughout the administration. This silence also contradicts Trump's previous warnings that Chinese technology poses a national security threat. However, some right-wing or libertarian thinkers aligned with the administration's economic agenda have begun beating the drum to do something about DeepSeek.

"With many referring to this as a modern 'Sputnik moment' for the nation, the success of DeepSeek's important new AI model will hopefully wake more policymakers up to the fact that China really does represent a formidable threat to America's geopolitical competitiveness and security." Adam Thierer, Senior Research Fellow at the R Street Institute, told Metacurity.

"DeepSeek proves that we're not going to stop China from pushing ahead on AI and advanced computation. The question for our nation now becomes how effectively we can continue to push out our own technological frontier with new and better systems to keep us ahead."