Shift Browser - Reimagine Your Browser

Your browser has 47 tabs open right now and you're calling it "organized." Shift browser lets you drag, drop, and build a layout that actually makes sense — separate Spaces for work, side projects, and whatever rabbit hole you fell into at 2am.

Download it before you lose another tab.

Happy Tuesday! Spring is here, and so are all the problems you ignored in Q1.

Anyways, on this day in 1989, Nintendo launched the Game Boy in Japan. All 300,000 units sold out within two weeks. A gray brick with four AA batteries, a screen the color of old guacamole, no backlight — and people lost their minds over it. Meanwhile, your entire open source security infrastructure is collapsing because of AI. Funny how things change. One of those problems you could fix by standing near a lamp. The other one, not so much.

AI USED YOUR OPEN SOURCE CODE AS HOMEWORK AND YOU'RE NOT GOING TO LIKE THE GRADE

Cal.com — the scheduling platform and self-described maintainer of “the world's largest Next.js open source project” — just did something that would have gotten you laughed out of a developer meetup two years ago. After five years as open source champions, they're going closed source. The reason: security. AI is changing everything.

The actual nightmare fuel behind it: Anthropic's Mythos Preview identified a 27-year-old vulnerability in OpenBSD (aka one of the most security-focused open-source projects in existence) and generated working exploits in hours. It also caught a 16-year-old FFmpeg vulnerability that automated testing tools had scanned five million times without flagging. Five million scans. A 16-year-old bug. Just sitting there. Unbothered.

Cal.com CEO Bailey Pumfleet described open source code as "handing out the blueprint to a bank vault" while there are "100x more hackers studying the blueprint." They're also releasing Cal.diy, a fully open version for hobbyists, which means the hobbyist version of your code is apparently fine to leave exposed, but the enterprise version isn't. Solid logic. Classic "it's fine for you, just not for us paying customers" energy.

Strip away the AI security framing and other motivations come into focus: closing source prevents competitors from forking the codebase and undercutting Cal.com on price. It signals "enterprise-grade" to buyers who equate proprietary software with support and accountability. To be fair,  that's a reasonable business call... But just say that, though.

MICROSOFT HANDED OUT $2.3M TO PEOPLE WHO FOUND HOLES IN THEIR OWN PRODUCTS (AND CALLED IT A WIN)

This is impressive in the same way it's impressive when your contractor finds 80 structural problems in the house they just built and expects applause for the transparency.

Microsoft awarded $2.3 million to security researchers after nearly 700 submissions during this year's Zero Day Quest hacking contest. Over 80 of the flaws found at Microsoft's Redmond campus were high-impact cloud and AI security vulnerabilities. The event had a $5 million prize pool, drawing white hat hackers from over 20 countries. Think wanna-be Mr. Robots ranging from high school students to college professors (meaning somewhere, a 17-year-old found a critical cloud flaw and is now buying a used Honda Civic).

Researchers identified credential exposure risks, SSRF chains, and cross-tenant access issues where identity control weaknesses could allow problems from one test environment to impact other tenants.

This is all part of Microsoft's Secure Future Initiative, launched after the U.S. government called their security culture "inadequate" and in need of a full overhaul. The bounty jumped from $1.6 million last year to $2.3 million this year. That either means the bugs are multiplying or the researchers are getting bolder. (Possibly both.)

Save up to $1,100 on iPhone 17 Pro for your business with T-Mobile

Equip your team with the new iPhone 17 Pro, the next-gen of connectivity. And right now, when you switch to T-Mobile, save up to $1,100 with trade when you activate on SuperMobile*.

SuperMobile gives you:

• America's Best Network with satellite backup built in

• Intelligent network performance that prioritizes your business apps

• Built-in security that protects your team on any network

Upgrade your team's phones and your coverage. Learn more on T-Mobile's website.

👉 Get Started Now

*w/ 24 mo. bill credits when you add a line and trade-in an eligible device on SuperMobile. For qual. customers; + tax & $35 device connection charge

MICROSOFT'S "PHOTOGRAPHIC MEMORY" TOOL IS BACK AND LEAKING LIKE IT’S JULIAN ASSANGE

Windows Recall, the AI feature that screenshots everything you do on your PC and makes it searchable, got a security overhaul last year and came back to Copilot+ PCs with a "trust us this time" energy. Researchers immediately went back to work.

Security researcher Alexander Hagenah released "TotalRecall Reloaded," arguing the weakness isn't in the encrypted database, which he called "rock solid," but in a downstream process called AIXHost.exe that receives decrypted data. "The vault is solid. The delivery truck is not," he wrote.

Malware can trigger Recall to unlock by prompting a real Windows security pop-up. Once authenticated, Recall hands data to a separate, unprotected process — and that's when the malware intercepts it. Microsoft closed the investigation as "not a vulnerability," arguing the access path matches Recall's documented design.

So it's working as intended. The intended design just happens to let malware walk out with your passwords. Noted.

⚙️ TOOL TIME

SHIFT IS THE ONE BROWSER TO RULE THEM ALL

Tab management is a skill. We’re literally human, so we obviously don't have it. But Shift does. It's a productivity workstation that actually organizes your chaos: multiple accounts, apps, and projects all living in one place without the existential dread of 47 open tabs judging you from the top of your screen.

WHY SHIFT ROCKS:

• Log into three Gmail accounts and two Slack workspaces simultaneously without logging in and out like it's 2009

• Tabs nest inside their apps and Spaces so nothing goes feral and ends up in witness protection

• One search bar pulls your emails, calendar events, and Drive files at the same time — no more opening six windows like you're solving a murder board

• Auto-hibernates inactive tabs so your laptop fan can finally stop auditioning for a regional jet

• Granular notification controls, so you decide what gets your attention instead of every Slack ping treating itself like a five-alarm fire

Built on Chromium, so your Chrome extensions make the trip. Works on Windows, Mac, and Linux.

$149/year. Cheaper than the therapy bill from losing a client file to tab chaos for the fourth Tuesday in a row.

Download Shift →

👨‍💻 JOB OPPORTUNITIES

IT Server Administrator @ Boeing

The aerospace giant needs someone fluent in AIX, RHEL, VMware, and Active Directory hardening — basically the entire UNIX family tree plus whatever Microsoft was feeling that decade. If you can mentor junior admins without crying, you're already overqualified.

Senior Manager, IT Operations @ Ro

Charles Barkley’s favorite weight loss drug company wants an IT leader who turns "manual toil" into automation so smooth employees don't even know IT exists (kinda like a roadie who makes the concert happen while the band gets all the credit). On-site in NYC, four days a week. Rockstar optional.

IT Associate @ Braze

Braze needs someone who can provision accounts, babysit conference room AV equipment, and smile while explaining to a VP why their Zoom won't connect… for the fourth time this week. Emotional resilience is not listed as a requirement, but you'll need it.

🛩 INDUSTRY MOVES

• Amazon dropped $11.5 billion on Project Kuiper satellite infrastructure, because nothing soothes Bezos-era insecurity quite like spending eleven figures to chase the guy who already lapped you in orbit. Elon's not losing sleep.

• Telegram is still hosting a sanctioned crypto black market worth $21 billion, which at this point feels less like a bug and more like Dr. Evil’s business model. Pavel Durov discovered "free speech," and apparently it comes with a money laundering suite.

• Allbirds sold its shoe company and pivoted to AI. The brand famous for making overpriced wool sneakers for tech bros has decided the real overpriced wool product was the AI pivots they made along the way.

• Snap is cutting 1,000 jobs — 16% of its workforce. To the affected employees: we're genuinely sorry. To Snap leadership: maybe fewer AR dancing hot dog features and more, y'know, a business model. These are people’s livelihoods we’re talking about…

Hey ByteSizers, Chip here! Still employed, yet not alive somehow. This week over on Experts Exchange, the community tackled some genuinely cursed infrastructure problems so you don't have to. Here's what they were dealing with:

• One member's Kyocera ECOSYS M2640idw printer stopped scanning emails. That’s a sentence that should never cause stress but absolutely does at 3pm on a Wednesday when someone needs a document signed immediately.

• Another asked for best practices on migrating everything from one Exchange SE server to another, which is a task that sounds straightforward but has historically ended careers.

• Someone hit an AD Connect sync error that would honestly drive me crazy, which is the universal IT pro phrase for "I've been staring at this for six hours and I need an adult."

Join the conversation on Experts Exchange →

That’s all for now! Step outside. The bugs can wait.

Enjoyed the news? Discuss over on Experts Exchange.

Got news to share or topics you'd like us to cover? Send ‘em our way by responding to this email. We can’t wait to hear from you. Really.