Compute Control Is This Decade's Only Variable
The Stack Is the Target
The Miasma worm reached 73 Microsoft GitHub repositories last week. The entry point was a Microsoft 365 credential acquired through phishing, which yielded OAuth tokens (the authentication keys developer tools use to connect cloud services without re-entering passwords) used by continuous integration pipelines. From that token, the worm propagated through repository webhooks and automated deployment workflows. No data was encrypted. No ransom demand followed. The attacker planted persistence mechanisms and moved laterally. The goal was durable access, not extraction, and the distinction matters to every organization trying to scope the damage.
npm polyfill injections follow the same architecture. A polyfill library (a small compatibility shim that lets older browsers run modern JavaScript) with hundreds of thousands of weekly downloads had its package registry entry repointed to a new maintainer who inserted credential-harvesting code into the published artifact. Every downstream project that bundled the library shipped the payload without modifying a single line of its own code. Teams that inherit the infected dependency have no forensic trail pointing at their own repositories.
Free apps quietly turning smart TVs into residential proxies (devices that route traffic through home network addresses, making activity appear as ordinary consumer traffic to destination servers) complete the picture. The attacker does not breach the TV manufacturer. The TV runs unsigned third-party apps with network permissions no user reads.
The architecture is consistent across all three. Microsoft 365 is valuable because it reaches GitHub. GitHub is valuable because it reaches npm. npm is valuable because it reaches production deployments at scale. A compliance officer at a mid-size financial institution whose developers pull from infected package registries is facing a supply chain audit that will take quarters to scope, let alone remediate.
Capital Ignores the Press Release
OpenAI published updated usage policies this past month prohibiting assistance with bioweapon design. Anthropic's safety commitments run to similar language. Florida filed suit against OpenAI this week after ChatGPT returned links connected to a murder case, which is the kind of edge-case litigation that absorbs counsel time and generates coverage. These are real events.
Google is paying SpaceX $920 million per month for Starlink compute capacity, acquiring GPU-dense infrastructure that sits outside the permitting reach of any land-use board. The number is notable because it is public, and because Google is paying to operate at a layer where New York's data-center moratorium (signed into law this week, blocking new construction in most of the state for twelve months) does not reach. The satellite layer is not regulated by the same bodies that regulate the ground.
TSMC's Taiwan fabs are at stated capacity through 2027. The Arizona expansion has been delayed twice by skilled-labor shortfalls. Every major AI model vendor that lacks preferential wafer allocation at TSMC is running procurement conversations with Samsung and GlobalFoundries that are not resolving on favorable terms.
The bioweapon pledges are compliance documents written for a regulatory audience. The $920 million monthly wire is the actual position, placed by an organization that published safety commitments in the same quarter. A procurement lead at any AI vendor without Tier 1 TSMC access is recalculating their training timeline this week, because the wafer availability numbers in TSMC's Q2 guidance have shifted the arithmetic on when their next-generation model can actually run.
Compute Scarcity as Sovereign Lever
New York's data-center moratorium affects roughly 28 percent of US East Coast colocation capacity. The stated rationale is power-grid load and carbon commitments. The operational effect is that compute density in New York increases more slowly than demand, redirecting new capacity investment to Texas, Virginia, and Georgia. Intel is pursuing TSMC alternatives through its IFS program (Intel Foundry Services, the company's contract chip-manufacturing division), but IFS yields on advanced nodes have not matched TSMC's in public disclosures.
What compute scarcity at this scale buys is timeline leverage. A nation-state with preferential access to leading-edge fab capacity sets the clock on every AI development program that depends on that capacity. TSMC operates under US export-control frameworks extended after the 2022 CHIPS Act tied federal subsidies to restrictions on advanced-node sales to certain geographies. Taiwan's fab geography functions as a structural instrument for the governments that have shaped those frameworks, and as an unresolved constraint for those that have not.
China's response is the SMIC investment cycle (SMIC, or Semiconductor Manufacturing International Corporation, is China's largest chip foundry) and an ongoing indigenous tooling program that has not reached 5nm at volume. The gap to TSMC is measured in years. The infrastructure colonization visible in the Miasma worm and the npm poisoning runs is the operational expression of that gap: attackers who cannot close the silicon gap operate inside the software environments the adversary has already built and cannot easily vacate.
A CTO at a sovereign AI program without TSMC wafer allocation is deciding right now which foundry relationship to prioritize and what training architecture to build around the capacity that is actually available, rather than the capacity that appeared in last year's projections.
HK Passes Switzerland, Talent Leaves
Hong Kong's wealth management assets under management surpassed Switzerland last week, according to HKMA (Hong Kong Monetary Authority, the city's de facto central bank) figures cited by local press. Mainland high-net-worth outflows continue to clear through Hong Kong structures, which offer common-law courts, dollar clearing, and access to offshore yuan instruments within the same regulatory perimeter. HKEx new-listing volume since the US delisting wave began in 2022 has recovered to near-2019 levels in aggregate deal count.
The market-access numbers are moving in a different direction. Security concerns have effectively locked Hong Kong retail investors out of SpaceX's secondary market. The SFC (Securities and Futures Commission, Hong Kong's market regulator) has not authorized SpaceX as a recognized investment product, and OFAC secondary-sanctions exposure (OFAC is the US Treasury arm that enforces sanctions; secondary sanctions can apply penalties to non-US institutions that facilitate prohibited transactions) is a live compliance constraint for Hong Kong intermediaries structuring US private-tech positions. Investors who want SpaceX equity are navigating structures their compliance departments are not currently willing to clear.
The government's position on imported talent has hardened. Multiple senior officials said publicly this quarter that the talent scheme has filled its near-term targets and that incoming students are adequately supplied through Mainland and BN(O) pathways. University administrators watching postgraduate enrollment from Southeast Asian and OECD feeder markets are not characterizing the pipeline the same way.
Capital that fled mainland regulatory pressure is clearing through Hong Kong. The talent and market-access conditions that historically attracted the managers of that capital are narrowing. A fund manager running a Cayman structure through a Hong Kong licensed entity is deciding, ahead of the next quarter-end, whether the capital inflows clearing here justify staying on a platform where SpaceX access is blocked and the senior-talent market is thinning.
The factor underneath all four stories is the same: sovereign control of leading-edge compute sets the clock on AI development programs, and every actor downstream is adjusting to that clock. The dev-stack breaches are the adversarial response to a compute gap that will not close in less than five years. The safety pledges operate in a different register than the $920 million monthly wire. New York's moratorium and TSMC's ceiling are the same constraint arriving from two regulatory directions. A fund manager running a Cayman structure through a Hong Kong licensed entity is deciding, before the next LP call, whether the capital flows clearing here justify staying on a platform where US private-tech access is blocked and the talent pipeline the platform depends on is quietly narrowing.