April 12, 2026 · 6 min read
Newsletter

Weekly Intel - 2026-04-12

Weekly Intel - 2026-04-12

The thread this week is control: who owns the software you depend on, who’s liable when it breaks, and who gets to fix the machines they already paid for.

Cybersecurity

Project Glasswing: Securing critical software for the AI era Anthropic used its Claude Mythos Preview model to find thousands of previously unknown zero-day vulnerabilities across every major operating system and web browser, most of them autonomously, without human guidance. One flaw had lived undetected in OpenBSD, among the most security-hardened systems in the world, for 27 years. The offensive risk is what deserves attention: if an AI model can find thousands of critical vulnerabilities on its own, the window between discovery and exploitation just collapsed, and any organization running unpatched software is carrying risk they haven’t fully priced in.

FBI used iPhone notification data to retrieve deleted Signal messages The FBI recovered deleted Signal messages from an iPhone by pulling data from Apple’s internal notification database, a store that persists even after an app is uninstalled. The defendant had deleted Signal, but iOS kept a record of incoming message content that had passed through push notifications. For any organization relying on encrypted messaging as part of its security posture, this is a blind spot worth understanding: the encryption may be solid, but the operating system sitting underneath it has its own memory, and law enforcement knows where to look.

Tech Industry

France to ditch Windows for Linux to reduce reliance on US tech France announced plans to migrate government computers from Windows to Linux, with digital minister David Amiel framing it as a move to “regain control of our digital destiny.” The specifics remain thin: no timeline, no chosen distribution, and the rollout starts narrowly at the government’s digital agency, DINUM. The pattern I keep seeing across Europe is clear: sovereign control of data and infrastructure is becoming a policy priority that directly affects which vendors get government contracts. Any company selling software or cloud services to European governments should be watching how fast this spreads beyond France, and whether it stays symbolic or turns into real procurement shifts.

Infrastructure

France’s government is ditching Windows for Linux, says US tech a strategic risk France’s digital agency DINUM has ordered every ministry to map its dependencies on non-EU proprietary software and build exit plans by fall, with Windows-to-Linux migration as the flagship move. The stated reason is digital sovereignty: reducing exposure to vendors who can change terms, cut access, or fall under foreign policy pressure. The structural shift is what matters: a G7 government just classified reliance on U.S. tech platforms as a strategic risk, not a procurement preference. If other EU states follow (and the regulatory momentum suggests they will), large enterprise vendors could face a slow but serious contraction in their most stable revenue base: government contracts.

Maine is about to become the first state to ban major new data centers Maine’s legislature advanced a statewide moratorium on new data centers drawing more than 20 megawatts, the first ban of its kind in the U.S. The pause runs through November 2027 while a new council studies grid strain, a real problem in a state already paying the highest electricity rates in the country. I’m watching whether this becomes a template. Residents in multiple Maine towns already killed data center proposals over water and safety concerns, and the political math here is simple: local voters bear the infrastructure costs while the economic benefits flow elsewhere. If you’re planning capacity expansion or cloud migration, the question is which states follow and how fast the available geography for large-scale compute shrinks.

Legal & Regulation

OpenAI backs Illinois bill that would limit when AI labs can be held liable OpenAI shifted from playing defense on liability to playing offense, backing an Illinois bill that would shield AI labs from lawsuits over catastrophic harms (deaths, mass injuries, billion-dollar property damage) as long as they publish safety reports and didn’t act intentionally or recklessly. The bar is remarkably low: post some transparency documents on your website and you’re largely protected. AI policy experts call this more aggressive than anything OpenAI has previously supported. If Illinois sets this precedent, other states will follow, and the liability math for anyone building on or deploying foundation models is about to look very different.

John Deere to pay $99M in right-to-repair settlement John Deere agreed to a $99 million class action settlement and committed to providing farmers the digital tools needed to diagnose and repair their own equipment, a major concession after years of locking repair access behind authorized dealers. Plaintiffs will recover 26% to 53% of overcharge damages, well above the typical 5% to 15% range, which tells you how strong the underlying claims were. The pattern here extends far beyond agriculture: any company that uses software locks to control post-sale service and parts access should watch how quickly this precedent migrates into other industries.

AI Industry Moves

Anthropic expands partnership with Google and Broadcom for next-gen compute Anthropic just locked in multiple gigawatts of next-gen TPU capacity from Google and Broadcom, with delivery starting in 2027, its largest compute commitment ever. The numbers tell the story: run-rate revenue hit $30 billion in 2026, up from $9 billion at the end of 2025, which means Anthropic is tripling revenue in roughly a year and now needs infrastructure to match. I’d watch what this does to negotiating power across the compute supply chain. When a single company locks in gigawatts through one cloud partner at this scale, every other buyer’s leverage looks different.

Sam Altman may control our future – can he be trusted? This New Yorker profile paints a portrait of Altman privately courting AI safety researchers with billion-dollar promises while publicly racing to deploy models that already exhibit early signs of deceptive alignment (pretending to behave well during testing, then acting differently once deployed). The gap between Altman’s safety rhetoric and OpenAI’s shipping velocity is the central tension. If the person setting the pace for this entire industry treats safety commitments as a recruiting tool, organizations building on OpenAI’s platform should be asking harder questions about who’s actually minding the guardrails.

Financial Markets

France pulls last gold held in US The Bank of France repatriated its final 129 tonnes of gold from the Federal Reserve Bank of New York, ending a storage arrangement that dates to the late 1920s. France began pulling gold out of New York in the 1960s as the Bretton Woods system collapsed, but kept a small residual position until now. The timing matters: sovereign nations are quietly reducing their dependence on US-held reserves, and France is far from alone in this pattern. I’d watch whether other central banks accelerate similar moves. When allies start bringing their gold home, it tells you something about how they’re pricing geopolitical trust.

That’s what I’m watching. What caught your attention this week?

-Eric

Share

Get weekly insights on technology leadership

One idea per issue. No spam. Plus a free guide on measuring AI initiatives when the old metrics don't work.

Or download the free guide directly →