Wiz, Heathrow, Vibe Coding and 23andMe

Introduction

Your editor this week is Kyle Fox. This week we bring tales of a major acquisition in the security industry; a fire near one of the largest airports in the world exposing flaws in infrastructure, weird new trends in software development and LLMs, and the usual roundup.

Google to buy Wiz for $32 billion

After a failed bid to buy Wiz last year for $23 billion, Google and Wiz have agreed on a price of $32 billion for Google's acquisition of the cybersecurity firm. Wiz is an Israeli-American cloud security firm headquartered in New York City with a primary engineering office in Tel Aviv. Wiz's software specializes in scanning cloud infrastructure for vulnerabilities so that they can be documented and remediated.

Edit: At press time for this article, Wiz disclosed a number of vulnerabilities in the Kubernetes package Ingress-NGINX, we have published an advisory for those here: K000150538: Kubernetes ingress-nginx vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, and CVE-2025-24514

Heathrow closed for a day due to an electrical substation fire

Heathrow Airport, the 5th most busy passenger airport in the world, and a hub for UK and European flights, suffered a catastrophic power failure due to an electrical substation fire. This fire also disabled Heathrow's backup power systems, leaving the airport with only minimal power needed for emergency lighting, elevators and other emergency systems. Because of the single point of failure, the UK Energy Secretary has called for a full investigation and fixes to prevent this type of incident from reoccurring.

In cybersecurity, we often get buried in the technicalities of the information systems we are looking to protect, forgetting about all of the non-data infrastructure needed to run these systems. It is important to keep all of this supporting infrastructure in mind, because having an application or service go down because of a power outage, large scale weather event or a critical datacenter burning to the ground is just as impactful as having a cyberattack disrupt connectivity or take the systems hostage. So with proper planning, construction of backup systems, testing, and maintenance, you could be like Union Park and still be online while Heathrow is plunged into darkness.

LLMs give birth to the concept of Vibe Coding, wait what?

We sort of expected that programmers would use specialized LLMs to assist in writing code, but a new type of writing code with LLMs is being called Vibe Coding. This new type of coding embraces using the LLM for all code changes and just instructing the LLM to do things with the code without really touching it yourself. But because the datasets these LLMs are trained on and the limitations of how the LLMs work, a number of issues can and will be encountered with this new type of coding.

I have always maintained that the job of a programmer is to be an engineer, and this is often reflected in titles alike the infamous "Software Engineer." Engineers apply science to create things in the world, and most importantly, engineers check their designs against flaws that may cause catastrophic failure. When I write a non-trivial piece of software I usually start with some sort of specification document, and then might create some flowcharts in Visio before a single line of code is written. For one personal project (which is annoyingly still not done) I started by spending months (which could have been like a week if I was working on it full time) creating that database schema.

So, with this new Vibe Coding, as with a lot of the LLM-assisted coding, I am expecting to see "very dumb" vulnerabilities and other related disasters. May we live in interesting times, indeed.

23andMe has filed for bankruptcy, How to delete your data

Direct-to-consumer DNA testing company 23andMe has filed for bankruptcy. As with any bankruptcy involving companies with large datasets, the dataset is now an asset that can be auctioned off to satisfy the companies debts. The California Attorney General has provided instructions on how to delete your data from the dataset so that its not sold.

Roundup:

• The YouTube recommendation this time is Chris Boden, an electrician, comedian, science educator and former federal inmate.
• An Italian court has ordered Google to poison DNS results, a pretty common thing for governments to do these days.
• Dodgequest site doxxes Tesla owners across the US. Reports from friends say the information behind the site may be old or incomplete.
• A new way to phish passkeys has been discovered. Yet another malicious QR code.
• ChatGPT has been sued over defamatory hallucinations.
• iPhone theft rings were powered by insider threats and automated scraping of FedEx delivery data.
• The population of the planet may have been grossly underestimated.
• ACARS is the most exclusive text messaging network, now you can get in on watching the drama.
• The Raspberry Pi people are now selling a new chip, but it still has a potentially fatal flaw.