JUST IN: 🇺🇸 Treasury Secretary Scott Bessent says the U.S. Government has seized $1 billion of Iran's crypto: "Just outright grabbed the wallets. Some of them may be typing in right now and might not realize their wallet had been grabbed."

Reuters: U.S. forces deployed to war zones have ​been targeted using commercially available location data. CENTCOM said it had "received multiple threat reports concerning adversary exploitation of commercial location data to target or surveil U.S. personnel in theater".

From manga panels to a real desert kingdom. Oda-sensei witnessing it all. The Battle of Alabasta begins. 🏜️

Congrats, you all discovered how google AI image generation got so good so quickly, everyone using a drive, every TB of family photos kept in a cloud for safekeeping, so long promised to be private, is scanned, used and abused by google. Never believe in anything they say.

🇸🇦 The receptionist of the Meridien hotel with a gas mask during a Scud alert in Dhahran. Saudi Arabia, January 1991.

In Brazil, a tortoise survived for about 10 years, trapped under a sealed floor in a family's home, and was discovered alive during repairs. Experts credit its extremely slow metabolism for helping it endure with very little food and water.

Jane Street is crazy because their retention strategy is to write everything in OCaml If you leave, you’ll know a lot about OCaml’s garbage collector, emacs, and all the obscure in-house libraries they use But you won’t know any actual company secrets

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years. Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box. The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root. Result: the next time anyone runs that program, it lets the attacker in as root. What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk. Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants. The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today. This vulnerability affects the following: 🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root 🔴 Kubernetes and container clusters: one compromised pod escapes to the host 🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner 🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root Timeline: 🔴 March 23, 2026: reported to the Linux kernel security team 🔴 April 1: patch committed to mainline (commit a664bf3d603d) 🔴 April 22: CVE assigned 🔴 April 29: public disclosure Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...

I'm increasingly convinced that there is never going to be a major crash again. The market is so divorced from the "real" economy that 90% of the population could be eating dirt and the S&P would still be noting record gains.

This is the story of Hyperliquid, the most profitable startup per employee on earth, told from a guarded office in Singapore. Last year, its team of 11 generated $900 million in profit. It's 3 years old, has never taken a dollar of venture capital, and is beginning to change how century-old markets work. Its founder, Jeffrey Yan (@chameleon_jeff), had never taken a physics class when he picked up a textbook at 16. Two years later, he won gold at the International Physics Olympiad. In 2019, he started trading with $10,000 from a living room in Puerto Rico—working off a television because he didn't own a monitor. Within 3 years, he was running one of the largest anonymous crypto trading firms. Then he shut it down. Yan was rich and free, but he had spent years inside crypto, watching it betray itself. Bitcoin's central premise was decentralization. Yet the biggest exchanges were centralized. Crypto kept reintroducing the dependence on trust it was built to eliminate. He set out to create what should have existed. Hyperliquid is a blockchain with a trading exchange on top, and anyone can build on it. Yan's vision is to house all of finance. In 3 years, it has done over $4 trillion in volume. And in the past few months, it has begun to outgrow crypto. Markets for oil, silver, and the S&P 500 now trade on Hyperliquid around the clock, weekends included, and are growing roughly 40% week on week. When the US and Israel bombed Iran on a Saturday in February, Hyperliquid was the venue traders turned to. Hyperliquid's success has cost Yan his freedom. He works out of a secret office in Singapore and cannot travel without two bodyguards. Even the team's housekeeper doesn't know what they do. In January, @domcooke spent a week at their office. Read his profile on Yan and @HyperliquidX below.

some have asked me about my time in Renaissance Technologies. although I’m retired I can’t really say much due to NDA, but I have an unseen interview snippet from my ex-colleague Nick (hope the kids are doing well mate) that I’m comfortable to share. a lot of alpha in there