SSPAI Morning Brief: GitHub Faces Talent Drain and Growing Technical Challenges Under Microsoft

Morning Brief

GitHub Faces Talent and Technology Drain Under Microsoft
Tiger Brokers, Futu, and Longbridge to Fully Exit Mainland China Business
Google Search AI Mode Mistakenly Treats Keywords Like “disregard” as Instructions
“Dead Yet?” Renamed to “You There?” for Elderly Home Safety
Ministry of Public Security Proposes Clearer Procedures for Obtaining Passwords During Investigations
London iPhone Theft Rings Use Threats to Unbind Apple IDs
News Worth a Quick Look

GitHub Faces Talent and Technology Drain Under Microsoft

According to The Verge, nearly eight years after Microsoft acquired GitHub, the world’s largest open-source code hosting platform is facing multiple challenges.

On the personnel side, after former CEO Thomas Dohmke departed last summer, Microsoft did not appoint a new CEO. Instead, GitHub’s reporting structure was merged into Microsoft’s CoreAI division, led by a former Meta executive. This restructuring broke GitHub’s long-prized tradition of independent operations, triggering strong internal backlash and talent loss. Several core executives have left, with many employees following Dohmke to his newly founded competing platform, Entire.

On the technical and operational front, GitHub has suffered frequent outages over the past year amid a difficult migration to Microsoft Azure cloud servers. Some prominent developers, frustrated by the instability, publicly announced they were abandoning the platform, forcing the current CTO to issue a public apology. In terms of security, GitHub’s internal infrastructure was reported to have a severe vulnerability in March, and this week an employee accidentally installed a malicious VS Code extension, leading to hackers stealing 3,800 internal repositories. Meanwhile, GitHub Copilot’s recent shift toward usage-based limits and pricing has sparked strong backlash from the user community.

External competition has also intensified. Although GitHub Copilot once held an early lead in AI programming, it has gradually been overtaken over the past year by strong competitors such as Cursor and Claude Code. Microsoft CoreAI management reportedly warned internally that GitHub faces an “existential threat,” even going so far as to revoke internal developers’ access to Claude Code in an attempt to force teams to focus on improving GitHub Copilot and regain its technical edge.

Tiger Brokers, Futu, and Longbridge to Fully Exit Mainland China Business

According to Caixin, on May 22 the China Securities Regulatory Commission (CSRC) announced that it had formally opened investigations into Tiger Brokers, Futu, and Longbridge, along with related domestic and overseas entities, for illegally operating securities businesses within mainland China, and had issued prior notices of administrative penalties. The CSRC stated that the related entities of Tiger, Futu, and Longbridge had conducted securities marketing, transaction processing, and other brokerage-related services in mainland China without approval or the required licenses for securities brokerage or margin financing operations, thereby constituting illegal securities business activities. Regulators also determined that the three firms had illegally engaged in public fund sales and futures brokerage businesses. The CSRC plans to confiscate all illegal gains from the involved entities and impose severe penalties in accordance with the law.

Under the newly issued Implementation Plan for the Comprehensive Rectification of Illegal Cross-Border Securities, Futures, and Fund Operations, jointly released by eight government departments including the CSRC, China will fully eliminate illegal cross-border operations by overseas securities and fund institutions during a two-year rectification campaign. Previously, the CSRC had already ordered Tiger Brokers and Futu to halt new customer acquisition in mainland China, banning them from soliciting mainland investors or opening new accounts, while existing customers could continue trading. However, the new measures prohibit overseas institutions from providing mainland-based existing investors with services such as buy-side trading or inbound fund transfers, allowing only one-way selling and fund withdrawals. The CSRC emphasized that investor asset safety would not be affected during the rectification process, and overseas institutions must properly communicate with affected investors and handle account arrangements to ensure asset security. After the rectification period ends, overseas institutions will be ordered to completely shut down mainland websites, trading software, and supporting services, and will be prohibited from illegally providing trading services to mainland investors.

On May 22, the Hong Kong Securities and Futures Commission also issued a circular to licensed corporations regarding customer onboarding and relationship management expectations, requiring intermediaries to strengthen controls when opening accounts for individuals using mainland Chinese ID cards or passports.

Under China’s securities regulations, mainland residents may only indirectly invest in overseas stock markets through the Qualified Domestic Institutional Investor (QDII) scheme, or directly trade eligible Hong Kong-listed stocks through the Shanghai-Hong Kong and Shenzhen-Hong Kong Stock Connect programs, both of which have eligibility thresholds. Legally speaking, it is not possible for mainland residents to directly trade U.S. stocks from within mainland China. Cross-border stock trading has long existed in a regulatory gray area outside China’s securities and foreign exchange supervision systems.

Google Search AI Mode Mistakenly Treats Keywords Like “disregard” as Instructions

According to The Verge, Google’s recently launched AI Overview search feature has developed a bug. When users search for the word “disregard,” the AI mistakenly interprets it as a conversational instruction directed at the AI itself, rather than as a normal search query. Instead of returning search results, it responds like a chatbot, with replies such as, “Understood. If you need any further help or have new questions later, feel free to ask!”

Similarly, searches for words like “ignore” or “skip” produce responses such as “Got it! I’m ready to help” or “This looks like a test or typo,” completely diverging from the user’s search intent.

Google has temporarily removed the AI Overview module for the term “disregard,” restoring standard web and news search results as the default display. A Google spokesperson stated that the company is aware the AI Overview feature is currently misinterpreting certain “action-related queries,” and that engineers are working on a fix, with an update expected soon.

“Dead Yet?” Renamed to “You There?” for Elderly Home Safety

According to The Paper, on May 24 the official WeChat account “Shangcheng Release” operated by Hangzhou’s Shangcheng District Publicity Department revealed that, after gathering public feedback, the “Dead Yet?” app has officially been upgraded and renamed as the “You There?” safety platform, and has already been deployed in Naxing Subdistrict of Shangcheng District.

According to the report, more than 40% of Naxing Subdistrict’s population is elderly, making home safety and emergency support for seniors living alone or in empty nests a major challenge for local public services. The “You There?” platform adopts an elderly-friendly design with large fonts, simple interfaces, minimal operations, and high fault tolerance. Seniors only need to input basic information once, and can then use their smartphones for seamless daily check-ins to confirm their safety. If no check-in is detected for two consecutive days, the system automatically alerts family members or emergency contacts. It also includes a one-tap SOS emergency feature. For elderly residents without smartphones, the subdistrict and platform operator introduced a physical “safety button,” which can be worn or placed nearby. In emergencies, pressing it instantly alerts guardians and community support staff.

Back in January, the paid app “Dead Yet?” went viral online. Designed as a lightweight safety tool for people living alone, it only required users to enter contact names and email addresses. If the user failed to check in for two days, the system would send an email notification to designated contacts. On January 13, the developer announced that, after careful consideration, the app would adopt the globalized brand name “Demumu” in its upcoming release. The next day, however, the developer admitted the renaming attempt had not gone smoothly and decided to let internet users vote on a new name instead.

Ministry of Public Security Proposes Clearer Procedures for Obtaining Passwords During Investigations

On May 22, China’s Ministry of Public Security issued a public consultation notice for the Rules for Electronic Data Collection by Public Security Organs (Draft for Comments), with feedback open until June 21, 2026.

The draft explicitly states that when account passwords for smart devices or related systems are necessary for electronic evidence collection, investigators should generally first request the password from the data holder. If the individual refuses, police may, with approval from county-level or higher public security authorities and after informing the data holder or having witnesses present, take corresponding measures to obtain the password.

When retrieving personal communications such as emails, authorities should first ask the data holder to log in and assist voluntarily. If the individual refuses, investigators must obtain approval from municipal-level or higher public security authorities before requesting the data from internet service providers, while informing the user or ensuring witness oversight. The draft emphasizes respect for and protection of citizens’ communication privacy and personal information.

The proposed rules also expand the scope of electronic evidence collection procedures, standardize related concepts, and regulate documentation used during electronic data investigations.

London iPhone Theft Rings Use Threats to Unbind Apple IDs

According to The New York Times, smartphone theft in London is increasingly being combined with extortion tactics. More and more victims whose iPhones are stolen in London are discovering that criminal groups smuggle the devices to China and use psychological manipulation and violent threats to coerce victims or their families into removing Apple IDs, allowing the devices to be resold intact at high prices on the second-hand black market.

The extortion typically relies on emergency contact information left visible in “Lost Mode.” Criminals escalate their tactics in stages: first pretending to be Apple support sending fake security alerts, then posing as innocent buyers who unknowingly purchased the stolen device. If victims refuse to cooperate, the criminals escalate to sending videos featuring firearms and even threaten sexual violence or murder against family members. Although police confirm that most overseas threats are bluffs, the psychological pressure has still forced many victims to comply.

For thieves, stolen iPhones remain locked and cannot be reset without the original Apple ID being removed, reducing them to low-value spare parts. In recent years, between 70,000 and 80,000 phones have been stolen annually in London, reaching a record 81,000 in 2024. Many are trafficked through international criminal networks to electronics trading hubs such as Shenzhen, making Apple ID removal a crucial step for maximizing profits.

British police stated that because many extortion messages originate overseas, their ability to intervene is limited by jurisdictional constraints. London officials and law enforcement are urging Apple to introduce stronger irreversible device-disabling measures to disrupt the resale chain. Apple responded by advising victims to remotely erase stolen devices but keep them listed in the “Find My” device list, reducing incentives for theft.

News Worth a Quick Look

According to Mark Gurman:
- To comply with EU regulations, iOS 27 will allow third-party casting protocols as alternatives to AirPlay;
- iOS 27 will significantly improve the AirPods settings interface.

According to Bloomberg, Sony-owned Bungie plans major layoffs and will halt development of Destiny 2. The game will receive its final content update on June 9 before remaining online without further major development, and there are currently no plans for Destiny 3. None of Bungie employees’ proposed new projects reportedly received approval. Sony acquired Bungie for $3.6 billion in 2022, and the studio has already laid off hundreds of employees in the years since.