Yesterday's signals, distilled, A look back at May 25, 2026.
The day wasn’t about a new model.
It was about new surfaces.
Wi‑Fi routers as passive sensors. Open-source repos as a malware distribution channel at scale. Industrial robots as hackable endpoints. And a workforce narrative hardening into something executives are now willing to say out loud: AI savings means headcount.
Underneath it is a single structural shift: the “AI layer” is expanding the attack surface and the governance surface at the same time.
Most teams are still budgeting like AI is a software line item.
It’s not. It’s a facilities policy problem, a supply-chain security problem, and an org design problem, and the companies that treat it that way will move faster with fewer self-inflicted outages.
SECURITY / SURVEILLANCE SURFACE
The network became the sensor, and the sensor became the liability
Wi‑Fi human detection moves surveillance into commodity infrastructure
Researchers warned that Wi‑Fi-based human detection can infer presence and movement from radio reflections, turning everyday routers into passive sensing infrastructure, per Gizmodo.
This isn’t “more cameras.” It’s sensing you can’t see, deployed by default wherever you have dense Wi‑Fi.
So What? Occupancy analytics just got cheaper than policy. If you run offices, warehouses, retail, or multifamily properties, you now have a plausible path for “helpful” network telemetry to become covert surveillance, and the difference will be intent, documentation, and access control, not capability. The next wave of privacy and labor disputes won’t start with video footage. It will start with RF logs and inference models.
The Risk: Teams will treat this as a consumer privacy story and miss the enterprise exposure, employee monitoring, union dynamics, and discovery in litigation. Also: once the data exists, it will get reused.
Action:
- Inventory where dense Wi‑Fi exists across facilities, and who has access to network telemetry and logs.
- Write a one-page policy this week: what you collect, what you infer, retention limits, and who can approve exceptions.
- Add “RF inference” to your threat model and privacy reviews for any workplace analytics vendor.
SECURITY / SOFTWARE SUPPLY CHAIN
Open source is now a default infection vector, not a neutral dependency
“Megalodon” malware campaign hits 5,500 GitHub repositories
Researchers reported a “Megalodon” cyberattack that infected 5,500 GitHub open-source repositories with malware, per [Mashable](https://mashable.com/tech/megalodon-cyberattack-github-re
Free with a Signal + Noise account
Create a free account to read the full daily. No credit card required.
Sign up free to read the full daily →