Today's Korea
More research →Stock coverage
All covered names → KR 72 042700 Hanmi Semiconductor 1 report KR 72 373220 LG Energy Solution 1 report US XLF Financial Select Sector SPDR 2 reports US META Meta Platforms 1 report US SPY S&P 500 ETF 3 reports US QQQ Invesco QQQ Trust 1 report US TSLA Tesla 2 reports US XOM Exxon Mobil 2 reports US CVX Chevron 1 report US AMD AMD 1 report US NVDA NVIDIA 2 reports US AMZN Amazon 1 report US AAPL Apple 2 reports
Also on SignalStack
Full archive →Korea equities, US/global markets, tech, security, and policy.
Stock intelligence
Hanmi Semiconductor (042700): Chairman's Share Purchase and SpaceX Investment Signal Strategic Confidence Amidst High Valuation
Hanmi Semiconductor (042700) is bolstering its HBM leadership and expanding into AI/aerospace via a SpaceX investment and chairman's share purchase, but faces a
Stock intelligence
LG Energy Solution (373220): Patent Settlement & Strategic Talent Drive Signal H2 Recovery
LG Energy Solution (373220) recently settled a key patent dispute and is aggressively recruiting global talent, signaling a strategic push for future growth and
Global markets
Financials (XLF) Outperform S&P 500 by +0.60% as Tech Leads
Financials (XLF) Outperform S&P 500 by +0.60% Amid Mixed 'Risk-On' Market
Global markets
Meta Platforms (META) Rises 1.13% to $600.21 as Threads Hits 500M Users, Outperforming Tech Sector
Meta Platforms (META) Gains 1.13% to $600.21 on Threads User Milestone, Outperforms Lagging Tech Sector
Global markets
Invesco QQQ Trust (QQQ) Rises +3.38%, Outperforming SPY Amid Tech-Led Rally
Nasdaq 100 ETF (QQQ) Surges +3.38% to $717.12, Leading Market as Tech Outperforms SPY.
Global markets
Tesla (TSLA) Rises 4.60% as SpaceX IPO Buzz Fuels Consumer Discretionary Outperformance
Tesla (TSLA) Surges 4.60% to $399.15 on SpaceX IPO Speculation and JPMorgan 'Forever Stock' Call, Leading Consumer Discretionary Sector.
Global markets
XOM Stock Climbs 1.92% as Energy Defies Risk-Off Market: Can the Rally Last?
In focus: XOM Stock Surges 1.92% to $151.04, Leading Energy Sector Outperformance Amidst Broad Market Decline. Key takeaways 01 · Catalyst Exxon Mobil (XOM) sto
Global markets
CVX Stock Climbs +2.20% as Energy Outperforms—Is the Oil Rally Reigniting?
SignalStack analysis: Chevron (CVX) defensive rotation vs growth, peer valuation vs XOM & XLE, SRC stake-sale read-through, and May 1 earnings scenarios—not generic tape recap.
Global markets
AMD Stock Surges 7.8% — Is the AI Rally Just Getting Started?
AMD stock snapshot: +7.8% move, AI chip demand, semiconductor rally vs SPY, risk-on tape with XLK, P/E and forward multiples, earnings preview. Editorial context—not investment advice.
Global markets
Amazon (AMZN) & NVIDIA (NVDA) Stock Brief: AI Capex, SMH & XLY vs S&P 500 — Market Snapshot
AMZN vs NVDA tape vs SPY, XLY & SMH, hyperscaler AI capex ($600B–$700B context), Zoox/NHTSA—primary IR, Goldman macro, NVIDIA AI stack links for fact-checking.
Global markets
Apple (AAPL) Stock Brief: AI, China & Supply Chain — Market Snapshot
AAPL vs Nasdaq tape, XLK/XLF, IR-backed revenue & iPhone growth, India supply chain, Apple Intelligence, China App Store risk—primary sources & market bridge for fact-checking.
Gaming
Valve's Steam Machine (2026): $1,049, Lottery Reservations, and the 2015 Brand Returns
Valve officially revived the Steam Machine name for its 2026 SteamOS living-room PC—$1,049 entry, randomized reservations through June 25, and ~30,000 compatible games. Not investment advice.
Security
Deno Desktop: Build Cross-Platform Apps with Web Tech
Deno Desktop: Build Cross-Platform Apps with Web Tech TLDR Deno Desktop, launching in Deno v2.9.0, enables developers to transform any Deno web project into a s
Security
GLM-5.2: How Zhipu AI's Powerful Open Model Runs Locally
GLM-5.2: How Zhipu AI's Powerful Open Model Runs Locally TLDR Zhipu AI's GLM-5.2, a leading open-weight AI model, is now optimized for local deployment across v
Security
Apertus Open Foundation Launches for Sovereign AI with EU Compliance
Apertus Open Foundation Launches for Sovereign AI with EU Compliance TLDR The Swiss AI Initiative, a collaboration between EPFL, ETH Zurich, and CSCS, has unvei
Security
Information Overload: Why Our Brains Struggle with Constant Bad News
Information Overload: Why Our Brains Struggle with Constant Bad News TLDR The human brain, evolved for local threats, is overwhelmed by the global scale of mode
Security
Claude AI Mandates Identity Verification for Platform Integrity
Claude AI Mandates Identity Verification for Platform Integrity TLDR Claude AI mandates identity verification for platform integrity and compliance. This proces
Tech
Vercel Confirms Security Breach Stemming from Third-Party AI Tool Compromise
SignalStack security brief: Vercel April 2026 incident—Context.ai vector, non-sensitive env vars, Google Workspace IOC, rotation playbook, vs. platform trust.
Policy
Anthropic Closes the Subscription Backdoor for OpenClaw-Style Agents
Claude Pro/Max vs OpenClaw-style harnesses—April 4 policy, commercial terms, API pricing, HN thread, GitHub context, Primary sources & market bridge for builders.
AI
Google Unleashes Gemma 4: Apache 2.0 and the Open-Weight AI Landscape
DeepMind’s Gemma 4 family (E2B, E4B, 26B MoE, 31B dense) ships under Apache 2.0 with Gemini 3 lineage—what changed, why it matters for edge and enterprise, SignalStack’s read, and a Primary sources & market bridge (Google blog, model card, license text, Hugging Face, AI Edge).
Security
LinkedIn Extension Scanning Allegations: BrowserGate, EU Privacy, and Competitive Intelligence
Fairlinked’s BrowserGate investigation alleges client-side extension probing on linkedin.com—claims, GDPR (including special-category risk under Article 9), DMA gatekeeper context, enterprise GTM exposure, SignalStack’s read, and Primary sources & market bridge.
Policy
SpaceX Confidential IPO Filing: Valuation, Public Markets, and Policy Stakes
SpaceX’s confidential SEC filing and reported 2026 listing window—liquidity and governance, Starlink economics as valuation anchor, xAI/orbital-AI narrative, retail-heavy allocation reporting, and why post-IPO disclosure matters for NASA/DoD relationships (Primary sources & market bridge).
Security
Axios npm Incident: Phantom Dependency, RAT Dropper, and Supply-Chain Lessons
Malicious axios@1.14.1 and axios@0.30.4 on npm—phantom plain-crypto-js in tarballs, RAT/C2 on port 8000, OIDC vs manual publish signals, npm response, CISA/Microsoft/Mandiant/GitHub primary links, and SignalStack’s defender checklist.
Security
Claude Code npm Leak: Source Maps, IP Risk, and the March 2026 npm Window
@anthropic-ai/claude-code v2.1.88 shipped a ~59.8 MB source map on npm—unobfuscated TypeScript reconstruction (~512k lines), packaging error vs malware (Axios), release hygiene (files, .npmignore, npm publish --dry-run), and Primary sources & security bridge.
Policy
Copilot, PRs, and Promo Text: Developer Trust vs. Platform Extraction
When GitHub Copilot appended Copilot and Raycast blurbs to a PR during a typo fix—trust boundaries, PRs as audit artifacts, NIST AI RMF and OWASP LLM framing, vendor Trust Center vs behavior, Doctorow’s enshittification lens, and Primary sources & policy bridge.
Security
Miasma: Trap Paths, Poison Data, and the Economics of AI Scraping
Rust trap-router Miasma—infinite crawl loops vs poison/gibberish sources, egress economics, aria/nofollow hygiene, robots & ai.txt standardization, IETF AI-robots drafts, and Primary sources & security bridge.
Engineering
The Silent RAM Drain: Web Bloat, Process Isolation, and Who Pays the Bill
User-reported ~2.4 GB for two LinkedIn tabs—WebView2/WhatsApp/Netflix desktop-web shift, Microsoft’s RAM initiative, sustainability framing, mechanisms (JS, isolation), mitigations, and primary sources.
Engineering
GitLab Founder’s Health Journey, Open Data, and Parallel AI Disclosure Pressure
Sytse Sijbrandij on osteosarcoma, Evenone Ventures, and public datasets—alongside GitLab investor suits alleging overstated AI claims (allegations, not findings). Includes engineering bridge links (advisories, CISA KEV, WebView2, AI crawler signaling, web carbon).
Engineering
macOS 26 Window Corners: Visual Drift, SIP Risk, and Third-Party Chrome Hacks
Uneven corner radii after macOS 26, SIP/SSV and Apple Silicon security posture, Library Validation vs injection, community SIP-off mitigations versus narrower dylib + swizzling—and why integrity tradeoffs matter.
Security
Tesla Model 3 on a Desk: Salvage Bring-Up, Rosenberger Cables, and Security Research
Bench-mounting MCU, AP, and display from salvage—inrush vs bench supplies, thermal throttling off vehicle cooling, Rosenberger/HSD paths, MAX16932 repair, ODIN/service surfaces, harness economics, and cited primary sources.
Security
LiteLLM on PyPI: Backdoored Builds, Secret Harvest, and .pth Persistence
Reported malicious 1.82.7–1.82.8 on PyPI—import-time execution, credential theft, .pth-based interpreter startup hooks (host persistence), key concentration, hash pinning, remediation, and primary sources.
Engineering
OpenAI Winds Down Standalone Sora App: Portfolio Discipline and Compute Economics
Sora app sunset—inference cost per frame vs text, retention vs downloads, enterprise high-productivity pivot, Disney/IP brand-safety friction, moderation load, and primary sources.
Security
Windows 11 ‘Fix’: Performance Reset, Ads, Copilot, and the Trust Deficit
Microsoft’s repair-first narrative versus Copilot/ads friction—WinUI 3 and shell latency, TPM/CPU eligibility and e-waste, OOB patch chains and regression risk, with primary sources.
Tech Culture
37MB Page, ~500MB Later: Ad Tech, Web Bloat, and RSS as Exit Ramp
A text piece that recommends RSS while behaving like a bandwidth sink—initial payload, background fetches, and why reader-owned distribution is an operational fix.
AI
Tinybox & tinygrad (2026): Local FLOPS, Red/Green v2, and the Alpha Tradeoff
Tinycorp Tinybox, tinygrad lazy graphs and kernel fusion, Red/Green v2 vs ROCm/NVIDIA stacks, air-gapped sovereignty, Exabox roadmap candor, and primary sources.
Science
arXiv Leaves Cornell: Nonprofit Independence, Budget Pressure, and AI Slop
July 1, 2026 spin-out, Cornell vs global-public-good funding math, ~$6.7M ops & moderation surge (4%→12%), detectors & false positives, endorsement equity, AI slop—and primary sources.
Security
Android Sideloading ‘Advanced Flow’: 24-Hour Delay, Verification, and Coercion Breaks
Advanced Flow 24h delay as cooling-off vs scam urgency, verified vs unverified reputation lanes, Brazil/SG/ID/TH testbed logic, NIST/EFF policy bridge, and primary sources.
AI
OpenAI to Acquire Astral: uv, Ruff, ty, and the AI-Native SDLC Bet
Definitive agreement to fold Astral into Codex—open-source continuity, regulatory closing, and why Python toolchain depth matters for agentic workflows.
Engineering
OpenRocket: Simulation-First Model Rocketry, CG/CP, and Digital Iteration
Java-based design and flight simulation—stability signals, motor DB, exports, and why engineering-style feedback loops beat guess-and-build cycles.
Engineering
Rob Pike’s Rules (1989): Measurement, Simplicity, and ‘Data Dominates’
Five enduring rules—optimize after measurement, watch constant factors, prefer simple methods, and let data structures drive design—in AI-assisted coding era.
Security
Xbox One ‘Bliss’: Voltage Glitching, Boot Trust, and Unpatchable Hardware Reality
Public Bliss-style break of long-standing Xbox One boot protections—privileged unsigned code, ROM-era limits, and what changes for preservation versus abuse.