A look at the day ahead in U.S. and global markets from Mike Dolan After an intense month focused on election risk around the world, markets quickly switched back to the more prosaic matter of the cost of money - and whether disinflation is resuming to the extent it allows borrowing costs to finally fall. Thursday's U.S. consumer price update for June is the key moment of the week for many investors - with the headline rate expected to have fallen two tenths of a percentage point to 3.1% but with 'core' rates still stuck at 3.4%. With Federal Reserve chair Jerome Powell starting his two-pronged semi-annual congressional testimony later on Tuesday, the consensus CPI forecast probably reflects what the central bank thinks of the situation right now - encouraging but not there yet. But as the U.S. unemployment rate is now back above 4.0% for the first time since late 2021, markets may look for a more nuanced approach from the Fed chair that sees it increasingly wary of a sudden weakening of the labor market as real time quarterly GDP estimates ebb again to about 1.5%. There were some other reasons for Fed optimism in the lead up to the testimony. The path U.S. inflation is expected to follow over coming years generally softened in June, amid retreating projections of price increases for a wide array of consumer goods and services, a New York Fed survey showed on Monday. Inflation a year from now was seen at 3% as of June - down from the expected rise of 3.2% in May - and five-year expectations fell to 2.8% from 3%. Crude oil prices are better behaved this week, too, falling more than 3% from the 10-week highs hit late last week and halving the annual oil price gain to 10%. The losses on Tuesday came after a hurricane that hit a key U.S. oil-producing hub in Texas caused less damage than many in markets had expected - easing concerns over supply disruption. Before Powell starts speaking later, there will also be an update on U.S. small business confidence for last month.

The Ukrainian presidential office said on July 8 local time that Russia's large-scale attacks on many parts of Ukraine have killed 36 people and injured 140 others. According to the Ukrainian State Emergency Service, a total of 619 rescue workers and 132 equipment participated in the rescue work across Ukraine that day. Ukrainian President Zelensky said on social media on the 8th that Russia launched more than 40 missiles of various types at Ukraine that day. Residential buildings and infrastructure in many cities in Ukraine were damaged in varying degrees of attacks, and a children's hospital was destroyed. Rescue departments are currently conducting emergency rescue on the scene. The Russian Ministry of Defense issued a statement on the 8th local time saying that Ukrainian officials' claim that Russia used missiles to attack Ukrainian civilian facilities was untrue. The damage suffered by Kiev was caused by the fall of missiles launched by the city's air defense system.

The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15). Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use. Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates. However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities. Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.

The World Intellectual Property Organization (WIPO) recently said that China filed 38,000 artificial intelligtion-related generative AI patents from 2014-23, while the United States filed 6,276 of the 50,000 patents filed by all countries. Of the 50,000 applications, 25 percent were filed last year.The top five inventor regions are: China (38,210 inventions), the United States (6,276 inventions), the Republic of Korea (4,155 inventions), Japan (3,409 inventions) and India (1,350 inventions).