Donald Trump’s appearances on the podcasts of Joe Rogan and Theo Von, among others, were seen by many as a key part of securing his second term in office.

But while Trump was speculating about alien life on Mars with Rogan, he had a team of acolytes appearing on dozens, if not hundreds, of much smaller niche podcasts hosted by right-wing content creators who typically don’t talk about politics.

This is how, just six days before the election, Kash Patel, the man now struggling to run the FBI, ended up appearing on the Deplorable Discussions livestream, a fringe, QAnon-infused show hosted on a platform called Pilled.

“The Deep State exists,” Patel told the audience. “It’s a Democratic-Republican uniparty swamp monster machine.”

At the time, there was no hard evidence behind an idea the Trump campaign appeared to understand instinctively: Social media creators, especially those who do not typically speak about politics, have an extraordinary ability to sway their audiences.

Now we have that evidence.

A new report, shared exclusively with WIRED and published today by researchers from Columbia and Harvard, is a first-of-its-kind study designed to measure the impact influencers and online creators can have on their audiences.

The study was conducted with 4,716 Americans aged between 18 and 45, most of whom were randomly assigned a list of progressive content creators to follow. Over the course of five months, from August to December 2024, these creators produced nonpartisan content designed to educate followers rather than explicitly advocate for a specific political viewpoint.

The results showed that exposure to these progressive-minded creators not only increased general political knowledge, but also shifted followers’ policy and partisan views to the left.

In contrast, a placebo group that was not assigned any creators to follow but was allowed to scroll social media as normal “showed significant rightward movement,” which researchers said was related to the right-leaning nature of social media networks.

For the study’s authors, and experts who have reviewed the research, the findings confirm that not only are influencers now potentially more powerful than traditional media, but content creators who rarely share political content may be the most powerful of all.

“The research concretizes what a lot of people have been hypothesizing, which is that content creators are a powerful force in politics, and they are absolutely going to play a big role in the 2026 midterms, and they will play an even bigger role in the 2028 elections,” says Samuel Woolley, an associate professor at the University of Pittsburgh who studies digital propaganda and who reviewed the research.

The Politics Paradox

As well as trying to prove that social media influencers can shape public opinion, the researchers also wanted to find out if those creators were more or less influential when their content is more overtly political.

To do this, the researchers randomly assigned the study’s participants a list of creators to follow, with some being assigned creators who mainly post about political issues, while others were assigned creators who are predominantly apolitical in their output.

Fouch knew automated sensors could help by, for example, identifying the environmental culprits of the hole-punching issues, but with so many potential options to try he didn’t know where to start. “The worst thing you can do, in a smaller business especially, is muddle through pilot purgatory, hoping to find a viable product,” he says. “When someone else has done it before, they know the viable path, and they can save you the time and the expense.”

That’s just what three directors and managers from Apple’s engineering and operations teams offered when Fouch and Quinn Shanahan, who oversees Polygon’s medical device production and special products, visited the manufacturing academy in October and November, respectively. Over what Fouch estimates was five hours, the Apple employees evaluated Polygon’s challenges and applied the industrial engineering equation of Little’s Law—which can identify capacity bottlenecks—to devise solutions.

The result was a detailed strategy mapping out sensors and software that could affordably track production and alert about anomalies. Polygon can now count the number of passes the tube makes through the grinder, and it will soon be able to understand whether an overheated motor or other factors could explain the botched hole punching, Shanahan says.

If all goes as planned, Polygon will have implemented a working system to address its most significant bottlenecks for no more than $50,000 compared to the $500,000 that an automation consultancy may have charged, according to Fouch. The Apple team is working on visiting Polygon to talk through other upgrades. “They have walked these paths before,” Fouch says. “Without their help, it’s going to take us much longer.”

Apple’s Herrera says giving small manufacturers a sense of the benefits of automation and other technologies could eventually lead them to work with consultants and invest in more expensive systems.

Two other academy participants tell WIRED that they have not received extensive assistance from Apple—Herrera says it comes down to which companies have prepared a “problem statement” that Apple can help with—but they are working to bring what they learned to their factories. Jack Kosloski, a project engineer at Blue Lake, a plastic-free packaging startup, says it was eye-opening for him to hear about the depth of Apple’s product testing.

So-called ClickFix or ClearFake attacks that bypass security controls and use unwitting victims to execute a cyber attack of their own accord are surging at the end of 2025, even outpacing phishing or clickjacking attacks, according to NCC Group’s latest monthly threat report.

First identified a couple of years ago, ClickFix attacks flooded the threat landscape during 2024, and their volume surged by over 500% in the first six months of 2025, said NCC.

Rather than relying on automated exploits or malicious attachments, ClickFix attacks exploit human fallibility by convincing their targets to manually execute attacks using tools like PowerShell, Windows Run box, or other shell utilities after luring them to compromised websites promising fake prompts that instruct them to copy a command into their Run dialogue or PowerShell window.

NCC said such attacks represent a marked shift in social engineering because the victims are acting entirely voluntarily – this is in contrast to phishing attacks in which the deception ends once credentials have been submitted, or clickjacking, where victims unknowingly engage.

“This shift challenges traditional detection models as the command originates from a trusted user process, rather than an untrusted download or exploit chain,” wrote the NCC team.

“Understanding and mitigating ClickFix attacks is crucial because it can bypass conventional defences,” they said. “Email filters, sandboxing and automated URL analysers cannot always flag a malicious action that is conducted manually by an end user. Once the payload is executed, attackers can deploy RATs, enabling persistence, credential harvesting and eventual ransomware deployment.”

Financially motivated cyber criminals have been quick to climb on board the ClickFix wagon, many of them operating in larger access broker ecosystems to sell on compromised endpoints to ransomware gangs.

The report details a number of such targeted ClickFix operations. One campaign, active from April 2025 until just a couple of months ago, targeted the hospitality sector and duped employees into spreading infostealer malware across multiple hotel chains. This campaign used the PureRAT remote access trojan (RAT) to steal the hotels’ Booking.com credentials and conduct downstream email and WhatsApp phishing attacks against guests.

Another campaign, run by Kimsuky, a North Korean state threat actor, prompted its victims to copy and paste bogus authentication codes into PowerShell after posing as a US national security aide trying to set up meetings on South Korean issues.

Defending against ClickFix attacks is largely a matter of attempting to cut down on an organisation’s exposure to malicious lures and deceptive landing sites by incorporating tools such as URL filtering, domain reputation controls, web-filtering and sandboxing. Tightening endpoint execution environments is also a must, as is strengthening user awareness and instructing all employees to treat any unsolicited copy-paste instruction as an attempted cyber attack.