Listen to the audio version of this article (generated by artificial intelligence).
PPI inflation comes into high gear… A mass cyberattack almost happens… Why AI is a game-changer… Why legacy cybersecurity stocks may not be up to the challenge… The prisoner’s dilemma in action… What should investors do now…
disaster.
That’s how legendary investor Louis Navellier described this morning’s Producer Price Index (PPI) report in his book Stock breakout Flash alert update.
The headline number jumped 1.4% for the month, beating expectations of 0.5%, and doubling March’s revised figure of 0.7%.
On an annual basis, the index rose by 6% – the largest jump since December 2022.
Let’s go to Lewis to find out what’s behind the numbers:
Here’s the problem: Wholesale commodity costs rose 2%. Wholesale service costs increased by 1.2%.
This means that inflation has become embedded in the wholesale level and is likely to continue.
So, we have Treasury yields rising this morning. We have the yield curve flattening a little bit, meaning that all hope of cutting interest rates is dashed until we get Treasury yields a little lower.
We need to keep an eye on the services inflation highlighted by Lewis – it does not respond quickly to ceasefire agreements or the reopening of shipping lanes. Once combined, it takes time to work again.
We appear to be in danger of that happening today.
Despite the hot print, Lewis remains bullish – for one simple reason
Profits.
Back to updating it for subscribers:
We should just take a step back and realize that we had 20% earnings growth with the S&P this quarter.
Profits are expected to be good during the remainder of the year. Stocks are a great hedge against inflation.
So, despite this news that has rocked the market with inflation, we are in a very good environment.
Honestly, we’ve made a lot of money very quickly, so we’ll have to back up and fill in here just a little bit.
Overall, while hotter inflation may delay interest rate cuts, Lewis doesn’t see it derailing the broader bull market.
He expanded his outlook during a Live event this afternoondetails why he believes we’ve entered one of the rarest—and perhaps most lucrative—market windows in decades. This has happened only a few times in modern history: 1995, 2001, 2008, 2020 – and now, today.
Lewis says it’s this kind of setup that historically produces massive winners in stocks — and he’s already tracking 53 names that are showing early signs. Better yet, he gave up one of them this afternoon.
If you missed it, you can watch a free replay here.
Now, let’s move on to a story that surfaced earlier this week that has largely passed under the radar — cybersecurity experts may have just prevented a nightmare scenario…
The massive breakthrough we’ve barely gotten over
Sometime over the past few months, a group of criminals sat down with an AI model and asked it to break into millions of computers simultaneously.
AI obliged.
I’ve found a hidden flaw in software used by companies around the world—a flaw that no human researcher had found, and no traditional security scanner had spotted. Then he wrote the attack code. Clean, systematic and ready to deploy.
This is not hypothetical.
Google’s Threat Intelligence Group (GTIG) confirmed this event on Monday in a truly alarming report.
The hacker’s plan was to launch a massive exploitation campaign. Translation – Hit as many targets as possible, all at once, before anyone knew what was happening.
Fortunately, Google’s threat intelligence team discovered the vulnerability first, worked with the software maker to patch the vulnerability, and shut down the operation before it was released.
But next hackers may not make the same mistakes.
What actually happened – in plain English
Without getting too deep into the complexities, the AI-powered attack allowed hackers to bypass two-factor authentication. This is the “enter the code we sent you” step that most of us rely on as a last line of defense. With this exploitation, that protection disappeared.
What made this different from every previous attack of its kind was how the “skeleton key” was made that enabled the hack. Not through a team of elite hackers working for months, but through an AI model that works for hours.
The GTIG report explained how they knew AI was involved. The attack code had clear hallmarks of the kind of overly structured, overly documented, textbook-like format that AI models produce when they write code.
From Monday’s GTIG report:
The script contains an abundance of educational documentation, including a hallucinated CVSS score, and uses a highly structured textbook Pythonic format that is highly characterized by LLM training data (e.g., detailed help menus and clean _C ANSI color class).
In other words: the AI was so meticulous, organized, and eager to explain itself that it gave itself away.
this time.
We have entered a new era
For years, this type of sophisticated attack required time and experience.
It meant months of painstaking work by some of the most skilled people in the world. Nation-states can do this. Elite criminal organizations, sometimes. Everyone was closed.
Artificial intelligence has suddenly changed that.
Here’s Ryan Dewhurst, head of threat intelligence at cybersecurity firm watchTowr, at Hacker News:
AI is already accelerating vulnerability discovery, reducing the effort needed to identify, validate, and weaponize flaws.
This is today’s reality: discovery, weaponization, and exploitation are becoming faster. We are not moving towards compressed timelines; We’ve been watching schedules compress for years.
There is no mercy from the attackers, and the defenders have no right to withdraw.
This is not limited to criminals only. The GTIG report documented a comprehensive picture of state-sponsored actors already deeply engaged in AI-assisted hacking – China, North Korea, and Russia, all of which are using AI models to accelerate their operations.
We’re talking about industrial, systematic attacks and they’re happening right now – as you read this.
John Hultquist, senior analyst at GTIG, spoke Record On what Monday’s report really represents:
There is a misconception that an AI vulnerability race is imminent. The truth is that it has already begun.
For every zero day we can attribute to AI, there are likely to be many more.
The “Prisoner’s Dilemma” strikes again
There is a concept that we discovered on our website April 6 digest This applies directly here, what we have called the “prisoner’s dilemma” with regard to AI adoption.
The idea is simple…
Every CEO knows that the race to implement AI carries some degree of risk. But if a competitor applies AI and increases efficiency/profitability and the CEO doesn’t, his company will lose.
So everyone is racing – despite the risks. But you know what this means…
Every time a company brings AI into its operations — by connecting its data, customers, and internal systems to an AI provider — it runs new digital plumbing. But all this plumbing presents a new sea of opportunities for AI-equipped attackers.
The GTIG report provided an example of this…
Earlier this year, a criminal group called TeamPCP leaked malicious code to LiteLLM — a popular software used by companies to connect their systems to AI providers like Anthropic, Google, and OpenAI. Because multiple companies installed LiteLLM, this hidden code stole the digital keys those companies used to access their AI accounts — without anyone noticing.
Think of it like a locksmith who, instead of just making a key for you, also made a secret copy for himself. Every customer who came to him to get a key was robbed without knowing he was there.
No one at those companies did anything wrong. They were just doing what every company is doing right now, which is racing to connect to AI before their competitors did.
But the faster these companies race, the more vulnerable they become to these risks.
This is the prisoner’s dilemma in action.
What are the investment implications?
When such stories unfold, many investors resort to panic selling Cybersecurity stocks.
In fact, we’ve seen two examples this year – once after Anthropic’s Claude Code Security announcement in February, and again after the Claude Mythos scare in March/April. The market fears that artificial intelligence may make cybersecurity companies irrelevant.
This is a mistake, as AI-driven attacks arise more Demand for security, no less. But that doesn’t mean every cybersecurity company benefits equally. Here we need to clarify what is really happening today.
Imagine two home alarm companies…
One of them built his system from scratch, knowing that burglars would one day use sophisticated technology to protect homes. Its sensors don’t just monitor broken windows, they look for unusual behavioral patterns, things that seem wrong even when nothing is technically broken.
The other company took an alarm system from the 1990s — which was perfectly fine at the time — and added a software update to keep up with today’s systems.
When AI thieves arrive, which company is better protected? Which company gets the new contracts?
It is clear that companies built with AI at their core are structurally better equipped for a world in which attackers use AI. Companies that have integrated AI into legacy architectures are scrambling.
So how should investors respond?
The knee-jerk reaction is to reach for a cybersecurity ETF — where you get broad exposure without any risk on a single stock.
The two most common are FirstTrust Nasdaq Cybersecurity ETF (CBR) and WisdomTree Cybersecurity Fund (WCBR).
While this is not necessarily wrong, be aware of what this means…
Both ETFs have a broad basket of cybersecurity names — so they include a lot of the legacy players we just described. You will buy the entire industry at a time when the industry itself is divided into winners and losers.
Now, this isn’t necessarily a deal breaker. Wedbush channel scans, published earlier this year, found that cybersecurity vendors have set 2026 sales targets as much as 30% above the typical global spending growth baseline of 12%.
So, for now, even entrant companies can benefit from a “rising tide” environment as US companies spend more on security.
But go in with your eyes open: Broad exposure here means, well, broad exposure, which includes companies that are less equipped for what’s coming.
For investors who want to avoid this, there are two of the largest native AI platforms CrowdStrike Holdings (Raw) and Sentinel One (S).
Do your homework – but start with these two.
We have crossed the Rubicon
Let’s be honest about what Monday’s GTIG report reveals…
The barrier to launching a sophisticated cyberattack has just fallen. It won’t come back up.
And the companies that understand this – and the investors who see it early – are the ones who will end up on the right side of what’s to come.
We will keep you updated while our experts evaluate the matter.
I wish you a good evening,
Jeff Remsburg
