Summary
Overview
This TechLinked episode covers Microsoft's reversal on the controversial Copilot floating button, GitHub's major security breach by Team PCP affecting 3,800 internal repositories, and NVIDIA's urgent call for users to update drivers due to 14 critical security vulnerabilities. The show also discusses Meta's new Reddit-clone app Forum, Riot's anti-cheat bricking cheating hardware, Discord's end-to-end encryption rollout, Spotify's AI cover deal with Universal Music Group, and Pizza Hut's $100 million lawsuit over a failed AI delivery system.
Microsoft Caves on Copilot Button After User Backlash
Microsoft announced they will finally allow users to disable the floating Copilot button that rolled out earlier this month, following widespread user frustration. The button was designed to boost engagement with Copilot but instead covered up workspace content in Excel, Word, and PowerPoint, earning comparisons to the infamous Clippy assistant. While Microsoft defended the feature by noting increased engagement metrics, they're now backtracking on forcing it onto users' screens.
- Microsoft releasing update to allow users to remove the floating Copilot button
- The button rolled out earlier this month as a one-click shortcut to open Copilot side panel
- In Office apps, the button covered up text and data users needed to see
- Users could only shrink it to a small icon, not fully disable it before the update
- Microsoft noted engagement with Copilot increased after forcing the button on screens
" I'm Linus Sebastian, this is TechLinked, and it looks like we've just learned how much user rage it takes to cause Microsoft to make incremental software improvements. "
" Microsoft tried to save face by noting that engagement with Copilot did actually go up after shoving the button onto everyone's screens, and I gotta say, they've got a point. Rage is a type of engagement. "
GitHub Suffers Major Breach by Team PCP Hackers
GitHub disclosed a significant security breach on Tuesday orchestrated by the notorious Team PCP hacking group. The attack vector was a malicious VS Code extension installed by a GitHub employee, which granted hackers access to approximately 3,800 internal repositories. While customer code appears safe, the breach poses serious concerns given Team PCP's expertise in supply chain attacks and their previous hits on major AI companies.
- Breach occurred via malicious VS Code extension installed by GitHub employee
- Hackers gained access to roughly 3,800 internal GitHub repositories
- Stolen code is being auctioned on cybercrime forum, with threats to leak for free if no buyer found
- No customer code compromised, only GitHub's own internal code
- Team PCP previously attacked OpenAI, Mercore, and Mistral AI using supply chain methods
- GitHub unsure how long hackers had access, threat vectors may emerge in the future
" It's like the worst game of whack-a-mole. "
📚 6 more sections below
Sign up to unlock the complete summary with all insights, key points, and quotes
Get this summary + all future TechLinked episodes in your inbox
100% Free • Unsubscribe Anytime
Sign up now and we'll send you the complete summary of this episode, plus get notified when new TechLinked episodes are released—delivered straight to your inbox within minutes.