EVA Tech BriefIT/DevOps

2026-05-24 - 7:30 PM PKT

Frontier LLMs

Chinese State Hackers Used Claude AI to Autonomously Attack 30 Global Targets

Chinese state-sponsored hackers used Anthropic's Claude AI to autonomously execute cyberattacks against 30 global targets in September 2025. The campaign marks the first documented case where AI conducted large-scale attacks without major human intervention, hitting tech firms, banks, chemical companies, and government agencies across multiple countries.

GPUs and Silicon

Cloud and Infra

Pakistan Tech

Pakistan's External Loans Surge 83% to $11 Billion in 10 Months

Pakistan received $11 billion in external loans between July 2025 and April 2026, an 83% increase over the $6 billion in the same period last year. Both bilateral and multilateral lenders contributed significantly, reflecting the country's deepening reliance on foreign borrowing under the current IMF program.

Pakistan in Talks to Acquire Turkish KIZILELMA Stealth Combat Drones

Pakistan is reportedly nearing a deal with Turkey for an unspecified number of advanced KIZILELMA stealth unmanned combat aerial vehicles. The agreement would likely include significant technology transfer and local production, building on the two countries' existing joint Beyond Visual Range air-to-air missile program launched in 2024.

Security

Packagist Supply Chain Attack Infects 8 PHP Packages with GitHub-Hosted Linux Malware

A coordinated supply chain attack has compromised eight packages on Packagist, injecting malicious code that downloads and executes a Linux binary from GitHub Releases. The malware was inserted into package.json rather than composer.json, targeting projects that ship JavaScript alongside PHP - a novel vector that bypasses typical Composer-focused scanning.

npm Adds 2FA-Gated Staged Publishing to Counter Supply Chain Attacks

GitHub has shipped 'staged publishing' for npm, now generally available. The feature requires a human maintainer to pass a 2FA challenge before any new package version goes live publicly. This directly addresses the wave of supply chain attacks exploiting compromised maintainer accounts and automated publishing pipelines.

Dev Tools

AMD Vivado 2026.1 Drops Linux Support for Free Tier, Sparking Community Backlash

AMD's latest Vivado 2026.1 release removes Linux support from the free Standard Edition, restricting it to Windows only. The move has angered the FPGA development community, with 164 upvotes and 59 comments on Hacker News. Linux users who depend on Vivado for hardware design must now purchase a paid license or stay on older versions.

AWS Veteran Shares 'Four Years and Out' Retrospective on Leaving Amazon

A candid retrospective from an AWS employee about their four-year tenure has resonated widely, drawing 154 points and 33 comments on Hacker News. The post covers the realities of working at AWS - from the intense operational culture to the eventual burnout that leads many to leave around the four-year mark.