Mixpanel co-founder Suhail Doshi has publicly accused an Indian developer of simultaneously working at multiple startups under false pretenses. Doshi posted on X that Soham Parekh works at "3-4 startups at the same time" and has been "preying on YC companies." (YC, or Y Combinator, is a popular startup accelerator and venture capital firm.)

Doshi fired Parekh within a week at his company Playground AI and warned him to stop the practice, but said Parekh continued a year later. Parekh's resume lists positions at Dynamo AI, Union AI, Synthesia, and Alan AI, along with degrees from the University of Mumbai and Georgia Institute of Technology. Doshi called the CV "probably 90% fake and most links are gone." Several other startup founders confirmed they had either hired Parekh in the past, or had been approached by him. Nicolai Ouporov of Fleet AI said Parekh "works at more than 4 startups at any given time." Justin Harvey of AIVideo said he nearly hired Parekh, who "crushed the interview." Doshi said he corroborated the account with more than six companies before posting publicly.

Italian utility A2A and French tech firm Qarnot have launched a data center in Brescia, Italy, that captures waste heat from servers and redirects it to a local district heating system. "The Brescia project is expected to meet the heating needs of more than 1,350 apartments and cut carbon dioxide emissions by 3,500 tons annually -- equivalent to the absorption capacity of over 22,000 trees," reports Reuters. From the report: "The rapid spread of data centers and the growing electrification of consumption require major investments in power grids. But data centers also offer a remarkable opportunity for cities with district heating networks," A2A CEO Renato Mazzoncini said at the inauguration. "In (the Italian region of) Lombardy alone, with projects already in the pipeline, we estimate that 150,000 apartments could be heated this way," Mazzoncini added.

It's not dark matter, writes Space.com. But astronomers have discovered "a vast tendril of hot gas linking four galaxy clusters and stretching out for 23 million light-years, 230 times the length of our galaxy.

"With 10 times the mass of the Milky Way, this filamentary structure accounts for much of the universe's 'missing matter,' the search for which has baffled scientists for decades...." [I]t is "ordinary matter" made up of atoms, composed of electrons, protons, and neutrons (collectively called baryons) which make up stars, planets, moons, and our bodies. For decades, our best models of the universe have suggested that a third of the baryonic matter that should be out there in the cosmos is missing.

This discovery of that missing matter suggests our best models of the universe were right all along. It could also reveal more about the "Cosmic Web," the vast structure along which entire galaxies grew and gathered during the earlier epochs of our 13.8 billion-year-old universe.... The newly observed filament isn't just extraordinary in terms of its mass and size; it also has a temperature of a staggering 18 million degrees Fahrenheit (10 million degrees Celsius). That's around 1,800 times hotter than the surface of the sun...

The team's research was published on Thursday (June 19) in the journal Astronomy & Astrophysics.
Models of the cosmos (including the standard model of cosmology) "have long posited the idea that the missing baryonic matter of the universe is locked up in vast filaments of gas stretching between the densest pockets of space..." the article points out. But now thanks to Suzaku, a Japan Aerospace Exploration Agency (JAXA) satellite, and the European Space Agency's XMM-Newton, "a team of astronomers has for the first time been able to determine the properties of one of these filaments, which links four galactic clusters in the local universe."

Team leader Konstantinos Migkas (of the Netherlands' Leiden Observatory) explained the significance of their finding. "For the first time, our results closely match what we see in our leading model of the cosmos — something that's not happened before."

"It seems that the simulations were right all along."

An anonymous reader quotes a report from Cybernews: Several collections of login credentials reveal one of the largest data breaches in history, totaling a humongous 16 billion exposed login credentials. The data most likely originates from various infostealers. Unnecessarily compiling sensitive information can be as damaging as actively trying to steal it. For example, the Cybernews research team discovered a plethora of supermassive datasets, housing billions upon billions of login credentials. From social media and corporate platforms to VPNs and developer portals, no stone was left unturned.

Our team has been closely monitoring the web since the beginning of the year. So far, they've discovered 30 exposed datasets containing from tens of millions to over 3.5 billion records each. In total, the researchers uncovered an unimaginable 16 billion records. None of the exposed datasets were reported previously, bar one: in late May, Wired magazine reported a security researcher discovering a "mysterious database" with 184 million records. It barely scratches the top 20 of what the team discovered. Most worryingly, researchers claim new massive datasets emerge every few weeks, signaling how prevalent infostealer malware truly is.

"This is not just a leak -- it's a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What's especially concerning is the structure and recency of these datasets -- these aren't just old breaches being recycled. This is fresh, weaponizable intelligence at scale," researchers said. The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data. Most of the datasets were temporarily accessible through unsecured Elasticsearch or object storage instances. Key details to be aware of: - The records include billions of login credentials, often structured as URL, login, and password.
- The datasets include both old and recent breaches, many with cookies, tokens, and metadata, making them especially dangerous for organizations without multi-factor authentication or strong credential practices.
- Exposed services span major platforms like Apple, Google, Facebook, Telegram, GitHub, and even government services.
- The largest dataset alone includes 3.5 billion records, while one associated with the Russian Federation has over 455 million; many dataset names suggest links to malware or specific regions.
- Ownership of the leaked data is unclear, but its potential for phishing, identity theft, and ransomware is severe -- especially since even a - Basic cyber hygiene -- such as regularly updating strong passwords and scanning for malware -- is currently the best line of defense for users.

An anonymous reader quotes a report from Ars Technica: Tech support scammers have devised a method to inject their fake phone numbers into webpages when a target's web browser visits official sites for Apple, PayPal, Netflix, and other companies. The ruse, outlined in a post on Wednesday from security firm Malwarebytes, threatens to trick users into calling the malicious numbers even when they think they're taking measures to prevent falling for such scams. One of the more common pieces of security advice is to carefully scrutinize the address bar of a browser to ensure it's pointing to an organization's official website. The ongoing scam is able to bypass such checks.

The unknown actors behind the scam begin by buying Google ads that appear at the top of search results for Microsoft, Apple, HP, PayPal, Netflix, and other sites. While Google displays only the scheme and host name of the site the ad links to (for instance, https://www.microsoft.com/ the ad appends parameters to the path to the right of that address. When a target clicks on the ad, it opens a page on the official site. The appended parameters then inject fake phone numbers into the page the target sees.

Google requires ads to display the official domain they link to, but the company allows parameters to be added to the right of it that aren't visible. The scammers are taking advantage of this by adding strings to the right of the hostname. The parameters aren't displayed in the Google ad, so a target has no obvious reason to suspect anything is amiss. When clicked on, the ad leads to the correct hostname. The appended parameters, however, inject a fake phone number into the webpage the target sees. The technique works on most browsers and against most websites. Malwarebytes.com was among the sites affected until recently, when the site began filtering out the malicious parameters.

Researchers are cautioning users against clicking unsubscribe links embedded in email bodies, citing new data showing such actions can expose recipients to malicious websites and confirm active email addresses to attackers. DNSFilter found that one in every 644 clicks on unsubscribe links leads users to potentially malicious websites.

"You've left the safe, structured environment of your email client and entered the open web," TK Keanini, DNSFilter's chief technology officer, told WSJ. The risks range from confirming to bad actors that an email address belongs to an active user to redirecting victims to fake websites designed to steal login credentials or install malware. Clicking such links "can make you a bigger target in the future," said Michael Bargury, CTO of security company Zenity.

Google will discontinue its Android Instant Apps feature in December 2025, ending a nearly decade-long experiment that allowed users to try portions of mobile apps without installing them. The feature, rolled out in early 2017, enabled developers to create lightweight app versions under 15 megabytes that could run temporarily on users' devices when they tapped specific links.

The feature struggled with low developer uptake due to the technical complexity of creating these stripped-down app versions.

Cisco is updating its networking and security products to make AI networks speedier and more secure, part of a broader push to capitalize on the AI spending boom. From a report: A new generation of switches -- networking equipment that links computer systems -- will offer a 10-fold improvement in performance, the company said on Tuesday. That will help prevent AI applications from suffering bottlenecks when transferring data, Cisco said. Networking speed has become a bigger issue as data center operators try to manage a flood of AI information -- both in the cloud and within the companies' own facilities. Slowdowns can hinder AI models, Cisco President and Chief Product Officer Jeetu Patel said in an interview. That applies to the development phase -- known as training -- and the operation of the models, a stage called inference. A massive build-out of data centers has made Cisco more relevant, he said. "AI is going to be network-bound, both on training and inference," Patel said. Having computer processors sit idle during training because of slow networks is "just throwing away money."

An anonymous reader quotes a report from The Verge: Secretary of State Marco Rubio announced Wednesday that the U.S. would restrict visas for "foreign nationals who are responsible for censorship of protected expression in the United States." He called it "unacceptable for foreign officials to issue or threaten arrest warrants on U.S. citizens or U.S. residents for social media posts on American platforms while physically present on U.S. soil" and "for foreign officials to demand that American tech platforms adopt global content moderation policies or engage in censorship activity that reaches beyond their authority and into the United States."

It's not yet clear how or against whom the policy will be enforced, but seems to implicate Europe's Digital Services Act, a law that came into effect in 2023 with the goal of making online platforms safer by imposing requirements on the largest platforms around removing illegal content and providing transparency about their content moderation. Though it's not mentioned directly in the press release about the visa restrictions, the Trump administration has slammed the law on multiple occasions, including in remarks earlier this year by Vice President JD Vance.

The State Department's homepage currently links to an article on its official Substack, where senior advisor for the Bureau of Democracy, Human Rights, and Labor Samuel Samson critiques the DSA as a tool to "silence dissident voices through Orwellian content moderation." He adds, "Independent regulators now police social media companies, including prominent American platforms like X, and threaten immense fines for non-compliance with their strict speech regulations." "We will not tolerate encroachments upon American sovereignty," Rubio says in the announcement, "especially when such encroachments undermine the exercise of our fundamental right to free speech."

Telegram has partnered with xAI to integrate the Grok chatbot into its platform for one year, with xAI paying $300 million in cash and equity. Telegram will also receive 50% of subscription revenue from Grok. TechCrunch reports: Earlier this year, xAI made the Grok chatbot available to Telegram's premium users. It seems Grok might now be made available to all users. A video posted by [Telegram CEO Pavel Durov] on X suggested that Grok can be pinned on top of chats within the app, and users can also ask questions to Grok from the search bar. Notably, Meta has also integrated Meta AI into the search bar on Instagram and WhatsApp. The video also shows that you will be able to use Grok for writing suggestions, summarizing chats, links, and documents, and creating stickers. Grok will supposedly also help answer questions for businesses and assist with moderation. UPDATE: In a response to Durov's X post outlining the partnership, Elon Musk said: "No deal has been signed."

"Musk's denial, however, raises questions about the status and structure of the agreement," reports TheStreet. "It's unclear whether the partnership has been formalized or if Durov was announcing a framework that remains under discussion. Neither Telegram nor xAI has issued a follow-up clarification."

Japan Post has launched a "digital address" system that links seven-digit combinations of numbers and letters to physical addresses. From a report: Under the system, users can input these seven-digit codes on online shopping websites, and their addresses will automatically appear on the sites.

People can obtain digital addresses by registering with Japan Post's Yu ID membership service. Their digital addresses will not change even if their physical addresses change. Their new addresses will be linked to the codes if they submit notices of address changes.

Google's new AI Mode for Search, which is rolling out to everyone in the U.S., has sparked outrage among publishers, who call it "the definition of theft" for using content without fair compensation and without offering a true opt-out option. Internal documents revealed by Bloomberg earlier this week suggest that Google considered giving publishers more control over how their content is used in AI-generated results but ultimately decided against it, prioritizing product functionality over publisher protections.

News/Media Alliance slammed Google for "further depriving publishers of original content both traffic and revenue." Their full statement reads: "Links were the last redeeming quality of search that gave publishers traffic and revenue. Now Google just takes content by force and uses it with no return, the definition of theft. The DOJ remedies must address this to prevent continued domination of the internet by one company." 9to5Google's take: It's not hard to see why Google went the route that it did here. Giving publishers the ability to opt out of AI products while still benefiting from Search would ultimately make Google's flashy new tools useless if enough sites made the switch. It was very much a move in the interest of building a better product.

Does that change anything regarding how Google's AI products in Search cause potential harm to the publishing industry? Nope.

Google's tools continue to serve the company and its users (mostly) well, but as they continue to bleed publishers dry, those publishers are on the verge of vanishing or, arguably worse, turning to cheap and poorly produced content just to get enough views to survive. This is a problem Google needs to address, as it's making the internet as a whole worse for everyone.

Microsoft has officially cited Apple's App Store policies as the roadblock preventing its Xbox mobile store launch promised for July 2024. In an amicus brief supporting Epic Games filed this week, Microsoft alleged that Apple's "anti-steering policies" have "stymied" its mobile store ambitions despite a court injunction allowing developers to advertise alternative payment methods.

The brief challenges Apple's attempt to overturn this crucial ruling, which enabled Fortnite's App Store return with external payment links. Microsoft argues that launching its store under threat of Apple potentially winning a temporary stay creates significant business risk. The restrictions also impact Microsoft's Xbox mobile app functionality.

KrebsOnSecurity was hit with a near-record 6.3 Tbps DDoS attack, believed to be a test of the powerful new Aisuru IoT botnet. The attack, lasting under a minute, was the largest Google has ever mitigated and is linked to a DDoS-for-hire operation run by a 21-year-old Brazilian known as "Forky." Brian Krebs writes: [Google Security Engineer Damian Menscher] said the attack on KrebsOnSecurity lasted less than a minute, hurling large UDP data packets at random ports at a rate of approximately 585 million data packets per second. "It was the type of attack normally designed to overwhelm network links," Menscher said, referring to the throughput connections between and among various Internet service providers (ISPs). "For most companies, this size of attack would kill them." [...]

The 6.3 Tbps attack last week caused no visible disruption to this site, in part because it was so brief -- lasting approximately 45 seconds. DDoS attacks of such magnitude and brevity typically are produced when botnet operators wish to test or demonstrate their firepower for the benefit of potential buyers. Indeed, Google's Menscher said it is likely that both the May 12 attack and the slightly larger 6.5 Tbps attack against Cloudflare last month were simply tests of the same botnet's capabilities. In many ways, the threat posed by the Aisuru/Airashi botnet is reminiscent of Mirai, an innovative IoT malware strain that emerged in the summer of 2016 and successfully out-competed virtually all other IoT malware strains in existence at the time.

Google has launched the NotebookLM app for Android and iOS, offering a native mobile experience with offline support, audio overviews, and integration into the system share sheet for adding sources like PDFs and YouTube videos. 9to5Google reports: This native experience starts on a homepage of your notebooks with filters at the top for Recent, Shared, Title, and Downloaded. The app features a light and dark mode based on your device's system theme with no manual toggle. Each colorful card features the notebook name, emoji, number of sources, and date, as well as a play button for Audio Overviews. There's background playback and offline support for the podcast-style experience (the fullscreen player has a nice glow), while you can "Join" the AI hosts (in beta) to ask follow-up questions.

You get a "Create new" button at the bottom of the list to add PDFs, websites, YouTube videos, and text. Notably, the NotebookLM app will appear in the Android and iOS share sheet to quickly add sources. When you open a notebook, there's a bottom bar for the list of Sources, Chat Q&A, and Studio. It's similar to the current mobile website, with the native client letting users ditch the Progressive Web App. Out of the gate, there are phone and (straightforward) tablet interfaces. You can download the app for iOS and Android using their respective links.

China launched 12 satellites on Wednesday as part of the âoeThree-Body Computing Constellation,â the worldâ(TM)s first dedicated orbital computing network led by ADA Space and Zhejiang Lab. SpaceNews reports: A Long March 2D rocket lifted off at 12:12 a.m. Eastern (0412 UTC) May 14 from Jiuquan Satellite Launch Center in northwest China. Insulation tiles fell away from the payload fairing as the rocket climbed into a clear blue sky above the spaceport. The China Aerospace Science and Technology Corporation (CASC) announced a fully successful launch, revealing the mission to have sent 12 satellites for a space computing constellation into orbit. Commercial company ADA Space released further details, stating that the 12 satellites form the "Three-Body Computing Constellation," which will directly process data in space, rather than on the ground, reducing reliance on ground-based computing infrastructure. The constellation will be capable of a combined 5 peta operations per second (POPS) with 30 terabytes of onboard storage.

The satellites feature advanced AI capabilities, up to 100 Gbps laser inter-satellite links and remote sensing payloads -- data from which will be processed onboard, reducing data transmission requirements. One satellite also carries a cosmic X-ray polarimeter developed by Guangxi University and the National Astronomical Observatories of the Chinese Academy of Sciences (NAOC), which will detect, identify and classify transient events such as gamma-ray bursts, while also triggering messages to enable followup observations by other missions. [...] The company says the constellation can meet the growing demand for real-time computing in space, as well as help China take the lead globally in building space computing infrastructure, seize the commanding heights of this future industry. The development could mark the beginning of space-based cloud computing as a new capability, as well as open a new arena for strategic competition with the U.S. You can watch a recording of the launch here.

The FBI has issued a warning that cybercriminals have started using AI-generated voice deepfakes in phishing attacks impersonating senior U.S. officials. These attacks, involving smishing and vishing tactics, aim to compromise personal accounts and contacts for further social engineering and financial fraud. BleepingComputer reports: "Since April 2025, malicious actors have impersonated senior U.S. officials to target individuals, many of whom are current or former senior U.S. federal or state government officials and their contacts. If you receive a message claiming to be from a senior U.S. official, do not assume it is authentic," the FBI warned. "The malicious actors have sent text messages and AI-generated voice messages -- techniques known as smishing and vishing, respectively -- that claim to come from a senior U.S. official in an effort to establish rapport before gaining access to personal accounts."

The attackers can gain access to the accounts of U.S. officials by sending malicious links disguised as links designed to move the discussion to another messaging platform. By compromising their accounts, the threat actors can gain access to other government officials' contact information. Next, they can use social engineering to impersonate the compromised U.S. officials to steal further sensitive information and trick targeted contacts into transferring funds. Today's PSA follows a March 2021 FBI Private Industry Notification (PIN) [PDF] warning that deepfakes (including AI-generated or manipulated audio, text, images, or video) would likely be widely employed in "cyber and foreign influence operations" after becoming increasingly sophisticated.

ZDNet's Steven Vaughan-Nichols marks Reddit's 20 years of being "the front page of the internet," recalling its evolution from a scrappy startup into a cultural powerhouse that shaped online discourse, meme culture, and the way millions consume news and entertainment. Slashdot is also given a subtle nod in the opening line of the article. An anonymous reader shares an excerpt: In 2005, if you were into social networks focused on links, you probably used Digg or Slashdot. However, two guys, Steve Huffman and Alexis Ohanian, recent graduates from the University of Virginia, wanted to create a hub where users could find, share, and discuss the internet's most interesting content. Little did they know where this idea would take them. After all, their concept was nothing new. Still, after Paul Graham, co-founder of Y Combinator, the startup accelerator and seed capital firm, had shot down their first idea -- a mobile food-ordering app -- they pitched what would become Reddit to Graham, and he gave it his blessing. Drawing inspiration from sites like Delicious, a now-defunct social bookmarking service, and Slashdot, Huffman and Ohanian envisioned Reddit as a platform that would combine the best aspects of both: a place for sharing timely, ephemeral news and fostering vibrant community discussions of not just technology, but any topic users cared about. Their guiding mission was to build "the front page of the internet," a simple, user-driven site where anyone could submit content, and the community, not algorithms or editors, would decide what was most important through voting and discussion. They deliberately prioritized user participation and conversation over flashy features or heavy editorial control.

What set Reddit apart from its early rivals was its framework. Instead of one large all-in-one interface, the site borrowed the idea from pre-internet online networks, such as CompuServe, of smaller sub-networks devoted to a particular topic. These user-created communities, "subreddits," quickly set it apart from other social platforms. As Laurence Sangarde-Brown, co-founder of TechTree, wrote: "This design allows users to delve into focused discussions, ask questions, and exchange ideas on a scale unmatched by other platforms." That approach was not enough, though, to kick-start Reddit. The founders had to "fake it until they made it." They seeded the site with fake accounts to make it appear more active. Their efforts paid off, as real users soon flocked to the platform. Another crucial early change was when Reddit merged with Aaron Swartz's Infogami and introduced commenting. This move was vital for laying the groundwork for the site's interactive, community-driven experience. [...]

So, where does Reddit go from here? We'll see. Reddit's legacy is one of transformation: from a scrappy startup to a global hub for conversation, collaboration, and sometimes controversy. As it celebrates 20 years, Reddit remains a testament to how important online communities can be in a world increasingly filled with AI slop. Still, Huffman believes Reddit's true value is coming. In a recent Reddit post, he wrote: "Reddit works because it's human. It's one of the few places online where real people share real opinions. That authenticity is what gives Reddit its value. If we lose trust in that, we lose what makes RedditReddit. Our focus is, and always will be, on keeping Reddit a trusted place for human conversation." Huffman concluded: "The last 20 years have proven how powerful online communities can be — and as we look ahead, I'm even more excited for what the next 20 will bring."

Inspired by researchers who'd bribed people to use Microsoft's Bing for two weeks (and found some wanted to keep using it), a Washington Post tech columnist also tried it — and reported it "felt like quitting coffee."

"The first few days, I was jittery. I kept double searching on Google and DuckDuckGo, the non-Google web search engine I was using, to check if Google gave me better results. Sometimes it did. Mostly it didn't."

"More than two weeks into a test of whether I love Google search or if it's just a habit, I've stopped double checking. I don't have Google FOMO..." I didn't do a fancy analysis into whether my search results were better with Google or DuckDuckGo, whose technology is partly powered by Bing. The researchers found our assessment of search quality is based on vibes. And the vibes with DuckDuckGo are perfectly fine. Many dozens of readers told me about their own satisfaction with non-Google searches...

For better or worse, DuckDuckGo is becoming a bit more Google-like. Like Google, it has ads that are sometimes misleading or irrelevant. DuckDuckGo and Bing also are mimicking Google's makeover from a place that mostly pointed you to the best links online to one that never wants you to leave Google... [DuckDuckGo] shows you answers to things like sports results and AI-assisted replies, though less often than Google does. (You can turn off AI "instant answers" in DuckDuckGo.) Answers at the top of search results pages can be handy — assuming they're not wrong or scams — but they have potential trade-offs. If you stop your search without clicking to read a website about sports news or gluten intolerance, those sites could die. And the web gets worse. DuckDuckGo says that people expect instant answers from search results, and it's trying to balance those demands with keeping the web healthy. Google says AI answers help people feel more satisfied with their search results and web surfing.

DuckDuckGo has one clear advantage over Google: It collects far less of your data. DuckDuckGo doesn't save what I search...

My biggest wariness from this search experiment is like the challenge of slowing climate change: Your choices matter, but maybe not that much. Our technology has been steered by a handful of giant technology companies, and it's difficult for individuals to alter that. The judge in the company's search monopoly case said Google broke the law by making it harder for you to use anything other than Google. Its search is so dominant that companies stopped trying hard to out-innovate and win you over. (AI could upend Google search. We'll see....) Despite those challenges, using Google a bit less and smaller alternatives more can make a difference. You don't have to 100 percent quit Google.
"Your experiment confirms what we've said all along," Google responded to the Washington Post. "It's easy to find and use the search engine of your choice."

Although the Post's reporter also adds that "I'm definitely not ditching other company internet services like Google Maps, Google Photos and Gmail." They write later that " You'll have to pry YouTube out of my cold, dead hands" and "When I moved years of emails from Gmail to Proton Mail, that switch didn't stick."

The Drug Enforcement Administration has quietly ended its body camera program barely four years after it began, ProPublica reports, citing an internal email. From the report: On April 2, DEA headquarters emailed employees announcing that the program had been terminated effective the day before. The DEA has not publicly announced the policy change, but by early April, links to pages about body camera policies on the DEA's website were broken.

The email said the agency made the change to be "consistent" with a Trump executive order rescinding the 2022 requirement that all federal law enforcement agents use body cameras. But at least two other federal law enforcement agencies within the Justice Department -- the U.S. Marshals Service and the Bureau of Alcohol, Tobacco, Firearms and Explosives -- are still requiring body cameras, according to their spokespeople.