🚨🇩🇪 Germany just fined a citizen up to a month's income for posting "Lügenfritz" ("Lying Fritz") about Chancellor Friedrich Merz in a Facebook comment.

Politicians love to call themselves the guardians of democracy. But Germany has a special law that gives politicians MORE legal protection from insults than ordinary citizens get. The powerful, shielded from the powerless who criticize them.

Fining people for airing their opinion is how you take free speech away. It makes the government the editor of every sentence you publish.

🤡 And here's the kicker: German MPs have "Indemnität", near-total lifelong legal immunity for what they say in parliament.

https://www.welt.de/politik/deutschland/article6a1ee49d1f46a650bff5cf50/mehrere-verfahren-beleidigung-von-merz-unter-facebook-post-gericht-verhaengt-hohe-geldstrafe-fuer-luegenfritz.html

❗️ Peak slop achieved: Microsoft announced "Scout," an always-on AI agent that reads your email and chats and acts on your behalf unprompted. They call it an "Autopilot." It's the sloppification of work: AI slop now runs all day reading your inbox.

‼️🚨 A new npm supply-chain attack compromised 57 packages across over 286 malicious versions in under 2 hours. The attackers used self-replicating malware, a new version of the Miasma worm, which also used evasion techniques to stay under the radar.

The payload targets CI/CD and developer credentials, including GitHub Actions secrets, cloud credentials, Vault tokens, SSH keys, npm and GitHub tokens, and password-manager stores. This variant also injects AI coding assistant config files at .claude, .cursor, .gemini, and .vscode paths, a separate persistence and repo-poisoning angle.

Source: https://www.stepsecurity.io/blog/binding-gyp-npm-supply-chain-attack-spreads-like-worm

❗️Google employees are flooding an internal meme board with posts about how bad the company's AI is.

A source says dozens of anti-AI memes post weekly, spiking when models update or their internal coding tool Jetski breaks. One showed Jetski admitting it fabricated report metrics with over 400 upvotes.

Engineers say AI removed the code-gen bottleneck but jammed everything else: testing, build times, and human review now drowning in code nobody wrote.

CEO Pichai says 75% of new code is AI-generated, btw.

Via 404Media https://www.404media.co/google-employees-internally-share-memes-about-how-its-ai-sucks/?ref=daily-stories-newsletter

‼️ The alienation continues: more security researchers are sticking up the middle finger after feeling squeezed by Microsoft and GitHub. MSRC emailed Black Hat USA 2026 presenters asking which MSRC cases, VULN-IDs, or CVEs their talks would cover. GitHub told a researcher to delete his public PoC repos and flagged his accounts under ToS.

❗️🚨 Zcash crashes nearly 50% after an AI-powered white-hat researcher, using Claude Opus, found a critical flaw in Zcash's privacy pool (Orchard) that could mint unlimited, undetectable counterfeit ZEC.

It went unnoticed for 4 years until the emergency patch on June 1...

❗️🚨 An Israeli company has backdoored hundreds of millions of households through countless Smart TV apps, and they're quietly turning Samsung and LG TVs into exit nodes for AI web-scraping. Your TV is relaying strangers' web traffic from your home IP, your bandwidth, your address attached to whatever those scraping jobs touch.

Roku, Fire TV and Google TV banned the practice. Samsung and LG didn't. The culprit is Bright Data's proxy SDK, which rides inside Tizen and webOS apps, 200+ on webOS alone. Datacenter IPs get blocked, home IPs don't.

Include Security reverse-engineered the SDK and found its relay protocol has no message signing, authentication, or device attestation. Their words: less secure than typical malware command-and-control.

To make things worse, they found that in iOS the relay tunnel binds straight to the physical network interface, so it routes around any VPN the user is running.

Bright Data's config also ships per-country tiers. Devices in Uzbekistan and Oman are cleared to relay down to 1% battery, with data caps up to 60x the worldwide default.

Before the BaCkDoOrEd replies land: technically you agreed. In practice you were enrolled into a global proxy network you were never given the information to refuse. And these exit nodes drag down your IP's reputation, potentially leaving you with blocks from providers.

Read: https://blog.includesecurity.com/2026/06/the-smart-tv-in-your-livingroom-is-a-node-in-the-aiscraping-economy/

Same guy btw

‼️🚨 BREAKING: Sony PlayStation's age-verification partner Yoti is reporting GrapheneOS users to authorities for using GrapheneOS, due to "past security concerns."

Yoti is also used by Instagram, Facebook Dating, Epic Games, the UK Post Office, and major retailers across the UK, US and EU, but this particular case reportedly involves Sony PlayStation age verification.

‼️🚨 Yet another Meta fuck-up: its account recovery function allows unauthenticated access to full account PII, including emails and phone numbers, from just a username. We verified the claim and found social media and wine-app accounts belonging to several public figures. We'll start with footballer Kylian Mbappé, who has a hidden TikTok account.

Then on to footballer Cristiano Ronaldo's wife, Georgina Rodríguez, who has a Vivino account ;-) I thought her husband only endorsed drinking water.

And she also has a hidden TikTok account.

That said, this looks real to us.

Let's see what Meta has to say.