The Security Apocalypse Nobody's Talking About (While VCs Chase AI Unicorns)
Hackers are systematically compromising routers, GPUs, and WordPress sites. Meanwhile, billions flow to data centers. Someone's building the mansion while the foundation's on fire.
We’re living through a cascade of security failures that should terrify anyone running critical infrastructure. State actors are compromising routers. Military-grade attacks are giving hackers complete control of Nvidia GPUs. Backdoors are being planted in the software that powers thousands of websites. And the response from Silicon Valley’s power players? A collective shrug while they funnel tens of billions into data center startups.
This disconnect is the story nobody’s connecting the dots on.
The Actual Threat Level
Let’s start with the obvious. Iran-linked hackers just disrupted operations at US critical infrastructure sites. Simultaneously, thousands of consumer routers got hacked by Russia’s military. These aren’t basement operations—these are state-sponsored campaigns running parallel attack vectors against the same target landscape.
Then there’s the Rowhammer exploit hitting Nvidia GPUs. Complete machine control. Not theoretical anymore. It’s in the wild, weaponized, and we’re in the middle of an AI infrastructure explosion that relies entirely on these GPUs running 24/7 in data centers with—and here’s where it gets dark—increasingly automated and remote management systems.
The WordPress backdoor situation is different but equally damning. Dozens of plugins sold to a new corporate owner, then systematically poisoned. Thousands of websites compromised. This is supply chain attacks hitting the middle class of the internet—not billion-dollar targets, but the small businesses, nonprofits, and local services that actually keep things running.
My take? We’re seeing the weaponization of the dependency graph.
Photo by cottonbro studio / Pexels
Why Nobody’s Paying Attention
Anthropic just got briefed into the Trump administration while simultaneously suing the US government. Jack Clark confirmed it publicly. The company’s juggling national security conversations and lawsuit filings in the same breath. That should read as a red flag the size of a football field.
But here’s what’s actually happening: Anthropic’s $380 billion valuation is making OpenAI investors nervous. One investor told the Financial Times that justifying OpenAI’s $1.2 trillion IPO valuation requires assuming something that hasn’t happened yet. Anthropic’s “cheaper” $380 billion number suddenly looks like the sensible bet. So capital is flowing. Not scrutinizing—flowing.
Fluidstack is supposedly in talks for a $1 billion funding round at an $18 billion valuation. This is months after hitting $7.5 billion. They just signed a $50 billion deal to build data centers for Anthropic. The velocity of this money is insane. The diligence on where these data centers sit, who has access to them, and how they’re protected? That’s apparently someone else’s problem.
The Collision Course
Here’s what nobody’s saying out loud: We’re building the computational infrastructure for AGI while our defensive posture against state actors is getting worse, not better.
In 2013, we discovered Heartbleed—a bug in OpenSSL that had been hiding in plain sight for two years, affecting millions of systems. The response was a wake-up call. The infrastructure was fragile, sure, but at least we were paying attention. We created the Core Infrastructure Initiative. We got serious about open-source security audits. We had a moment of collective recognition that the foundations matter.
This feels different.
The threats are more sophisticated, more coordinated, and more brazen. But the capital markets are yelling about valuations, not vulnerabilities. Waymo’s testing robotaxis in London while routers are being compromised at scale. OpenAI’s fighting with the government over safety while Anthropic’s simultaneously briefing them on the same tech. The narrative is fractured because everyone’s optimizing for their own funding round.
I think this means we’re headed for a significant incident that will make the security community look prescient and the VC ecosystem look reckless. Not maybe. Probably within 18 months.
Photo by UMA media / Pexels
The Uncomfortable Question
Why is Anthropic briefing the Trump administration? Clark’s explanation was about being “engaged while suing”—a contradiction that somehow makes sense in 2025. Translation: the government wants to understand the tech, companies want the contracts, and nobody wants to actually slow down development to fix the security problems first.
The Rowhammer-on-GPU situation is particularly gnawing because GPUs are the bottleneck. If you control GPU execution at the hardware level, you control the model training. You can corrupt weights, exfiltrate parameters, introduce adversarial patterns that only activate under specific conditions. The data center becomes a liability, not an asset.
And yet? Fluidstack’s raising a billion dollars on the promise of building more of them.
I’m not saying this is deliberate negligence. It’s worse than that. It’s structural blindness. The security teams are buried inside each company, fighting resource allocation battles against product teams. The VCs are staring at comparable multiples and FOMO. The government’s trying to maintain sovereignty while not crushing innovation. Everyone’s rational individually. Collectively, it’s a coordinated descent into preventable disaster.
What This Actually Means
The supply chain attacks on WordPress plugins are a preview. When you’re buying companies, migrating infrastructure, and integrating systems at scale, you create windows. Dozens of windows. The Broadcom-VMware situation is driving thousands of migrations right now—thousands of companies rip-and-replacing their hypervisor layers. That’s an opportunity for injection attacks if you’ve got state resources. And apparently, people do.
Waymo testing robotaxis in London is fine. It’s not urgent security-wise. But it’s symptomatic of the same disease: we’re shipping capabilities faster than we’re hardening defenses. The robotaxi will be a test bed for autonomous vulnerabilities we haven’t even imagined yet.
The thing that keeps me up: we’re not even seeing the attacks we don’t know about. Every disclosed breach is presumably just the ones that got caught or got loud. The Rowhammer GPU attack is public now. But how many companies have quietly patched their systems because they found similar exploitation and chose not to disclose? How many government contractors have backdoored routers they haven’t told anyone about?
I genuinely don’t know, and that’s the problem.
What I’m Watching
Fluidstack’s funding close and data center locations. If that $1B round closes and the facilities are in the US without explicit government oversight mechanisms, we’re watching the critical infrastructure for AI training become a target-rich environment. The devil’s in whether there are actual security audits in the deal terms, not just price per GPU-hour.
Anthropic’s government relationship transparency. Jack Clark said they’re briefing on “Mythos”—their safety framework. If that briefing leads to actual regulatory frameworks for data center security before the next funding round, I’ll believe the government’s serious. If we see another major AI funding announcement without corresponding infrastructure security requirements, the collision is coming.
The next WordPress-scale supply chain attack. It won’t be WordPress. It’ll be something more critical—maybe a containerization tool, maybe a cloud infrastructure component. Watch for it between now and mid-2026. When it happens, ask whether it was exploited before discovery. If the answer’s yes, we’ve entered the phase where state actors are mapping our dependencies silently.
GPU vulnerability disclosures. Every new Rowhammer variant, every hardware-level exploit affecting training infrastructure. These are going to accelerate. If we see three more GPU-specific exploits with state-actor signatures in the next six months, the data center buildout becomes a national security liability, not an opportunity.
The money’s flowing. The threats are metastasizing. Someone’s going to connect these dots publicly, probably after something breaks. I just hope it’s not too late.