Cambodia says it sealed off ~190 scam sites. 🧨
Now the real question: dismantled or displaced? 🧱🚚
Our forecast uses grown-up metrics (convictions + asset denial + independent compound counts).
Nothing says ‘secure’ like asking users to paste commands into Run.
OWASP Top 10:2025 put Software Supply Chain Failures front-and-center. 🧩⚙️
Now the fun question: by end-2026, do we get public root-cause confirmation that an industrial integrator’s CI/CD/build/signing or update channel led to 2+ critical-infra intrusions? 😬
Phishing got a low-code upgrade. 🤖🔑
Copilot Studio links can look “safe” because they’re hosted where users expect… then the OAuth consent click does the rest. 🧯
We’re forecasting the first publicly confirmed Copilot Studio → OAuth → M365 data breach by 12/31/26 (56%).
BRICKSTORM intel just landed: PRC actors camping in vCenter/ESXi + Windows. 🧱🕵️♂️
F5 source-code drama raises the long-run 0-day odds, but the calendar + attribution lag are savage.
Our final call: 11% UNC5221 gets publicly tied to a new 0-day before Dec 31. 🎯
Will hackers actually turn off a city’s water, or is that just conference-slide horror fiction? 💧🤔
We put a number on it: ~10% odds of a 48+ hour, 500k+ outage by end of 2026.
20% odds Akira triggers a 7-day ambulance diversion at a 10+ hospital system by end of 2026. 🚑 Still feeling “low risk”?
![[FORECAST] Dismantled or Displaced? Cambodia’s Scam-Compound Crackdown by 2030?](https://images.squarespace-cdn.com/content/v1/54bd1221e4b05e8a3646d021/1771441636388-8CGD4O9428JFHZ4JIU2W/z.png)
![[FORECAST] Integrator CI/CD Compromise by End-2026?](https://images.squarespace-cdn.com/content/v1/54bd1221e4b05e8a3646d021/1768843936057-968AGT05F5QKJH0V7SOT/z.png)
![[FORECAST] CoPhish: The Microsoft Copilot Link That Hands Over Your OAuth Tokens](https://images.squarespace-cdn.com/content/v1/54bd1221e4b05e8a3646d021/1767717180408-VYZ6N0RRLK0YTQKUGL1P/z.png)
