Hi there, this is your daily ☕️ Techpresso.
In today's Techpresso:
⚠️ Largest supply chain attack in history targets crypto users through NPM
👁️ US tech giants built China's surveillance state
💥 Whistleblower sues Meta over claims of WhatsApp security flaws
📉 Google concedes the open web is in “rapid decline”
🙏 Snap breaks into ‘startup squads’ as ad revenue stalls
🤑 Microsoft signs up to $19.4B AI deal with Nebius
🎁 + 16 other news you might like
🔮 + 6 handpicked research papers and tools
⚠️ Largest supply chain attack in history targets crypto users through NPM LINK
A software maintainer's NPM account was compromised through a phishing scheme, leading to malicious code being added to 18 packages with billions of weekly downloads.
The attack targeted blockchains like Ethereum and Bitcoin by tricking the developer with a fake email about a 2FA reset that appeared to be from the NPM organization.
While this infection is being called the largest supply chain attack in history, NPM has started deleting the malicious versions of the software to prevent widespread damage.
👁️ US tech giants built China's surveillance state LINK
US tech companies like IBM worked directly with Chinese police and defense contractors to design the country's surveillance apparatus, even pitching their technology as a tool for controlling citizens.
Evidence from thousands of leaked emails shows former IBM partner Landasoft copied its i2 police surveillance analysis software to track and detain people during the brutal crackdown in Xinjiang.
The American firms brought "predictive policing" to China, a system that allows authorities to preemptively arrest individuals by mining vast data like texts, video, DNA swabs, and power use.
💥 Whistleblower sues Meta over claims of WhatsApp security flaws LINK
Attaullah Baig, WhatsApp's former security chief, is suing Meta, alleging he found "systemic cybersecurity failures" where 1,500 engineers could review sensitive personal information without any audit trail.
The lawsuit states these security flaws violate a 2020 privacy settlement with the Federal Trade Commission and that WhatsApp lacked a comprehensive inventory or systems for monitoring data.
Baig claims Meta retaliated for his "cybersecurity disclosure," giving him negative feedback before firing him for "poor performance" after he filed complaints with the SEC and OSHA.
📉 Google concedes the open web is in “rapid decline” LINK
In a new legal filing for its adtech antitrust case, Google claimed the open web is in “rapid decline,” an argument made to prevent a court-ordered breakup.
The company says that being forced to divest its AdX marketplace would hasten the demise of wide swaths of the web that are dependent on advertising revenue.
This argument conflicts with Google’s usual position that AI Overviews does not reduce web traffic and that search clicks from its platform are remaining “relatively stable.”
🙏 Snap breaks into ‘startup squads’ as ad revenue stalls LINK
In response to mounting pressure, Snap's CEO announced a company-wide restructuring into small "startup squads" of 10 to 15 people designed to better compete against its larger rivals.
This reorganization comes as Snap’s advertising revenue growth flatlined at 4 percent and its North American daily active users declined by 2 percent, a troubling sign for the company.
While ads slow, Snapchat+ subscriptions now generate over $700 million in annual recurring revenue from more than 15 million paying subscribers, becoming one of Snap’s fastest-growing opportunities.
🤑 Microsoft signs up to $19.4B AI deal with Nebius LINK
Microsoft signed a $17.4 billion, five-year cloud deal with Nebius for long-term access to high-speed GPUs, with a potential expansion that could increase its total value to $19.4 billion.
The agreement provides a secure source of GPUs outside traditional channels, helping Microsoft avoid hardware bottlenecks and diversify its infrastructure away from a handful of manufacturing partners like Nvidia.
Nebius will grant access to dedicated GPU clusters from a new data center, gaining a steady revenue stream to fund growth and expand its global AI footprint.
Other news you might like
- Apple planning a multi-year launch for AirPods Pro 3, says leakerLINK
- Tesla market share in US drops to lowest since 2017 as Elon Musk pivots to robotaxisLINK
- Sam Altman says that bots are making social media feel ‘fake’LINK
- Anthropic’s $1.5B AI Copyright Settlement in Jeopardy as Judge Blasts Deal as ‘Nowhere Close to Complete’LINK
- Anthropic endorses California’s AI safety bill, SB 53LINK
- OpenAI leaders have discussed leaving California, according to the Wall Street JournalLINK
- Nvidia Frames US Chip Restrictions as ‘Doomer’ Paranoia to Protect China SalesLINK
- Scientists create solar cells that generate energy from indoor light at record efficiencyLINK
- 'Near Telepathic' Wearable Lets You Communicate Silently With DevicesLINK
- China’s Unitree plans $7 billion IPO valuation, Reuters reports, as humanoid robot race heats upLINK
- Rabbit R1 wants a second chance with the new RabbitOS 2 updateLINK
- Travel Platforms Embrace AI to Avoid Being Replaced by AILINK
- Lessons learned from staring at thousands of retention curvesLINK
- You can now shake your phone to summarize pages in FirefoxLINK
- All 54 lost clickwheel iPod games have now been preserved for posterityLINK
- Nova Launcher’s founder and sole developer has leftLINK
Latest research and tools
DuckDB NPM packages: specific versions of this database tool were compromised with malware, creating a security risk for developers.LINK
LavaMoat: a security tool that prevents malicious code in software dependencies from causing harm by restricting their permissions and access to sensitive functions.LINK
Hallucination Risk Calculator: a toolkit that measures an AI's risk of making up false information, helping it decide whether to answer or refuse a prompt without being retrained.LINK
Attempt: a command-line tool that automatically retries commands that might fail, with an optional delay between attempts.LINK
ZeroFS: a filesystem that presents S3 cloud storage as a local disk, enabling file-level and block-level access for applications, databases, and even other filesystems.LINK
Cyborgtest: a Playwright extension that combines automated checks with human input in the same test, pausing for a person to mark a step as passed or failed.LINK
Want to get the latest news differently? Find us on:
See you tomorrow for a new dose of ☕️ Techpresso!
.png){kind=small}
.png){kind=small}
.png){kind=small}