Google Pays $1.3b For Stealing Your Face Data (Your Face Isn't Even Worth That Much)

Running on caffeine and sheer will? Me too. Welcome back!

It's May 20th, and 12 years ago today, Yahoo dropped $1.1 billion on Tumblr like a drunk uncle at a casino. For the Gen Z folks reading this (all three of you), Yahoo was what Google would be if it forgot to innovate for two decades and instead decided to send your dad emails about fantasy football.

CEO Marissa Mayer famously promised "not to screw it up." Well, kids, they did screw it up. Yahoo stripped Tumblr of its NSFW content (its primary feature), and it tumbled faster than Threads’ relevance after two weeks. Let's pour one out for both platforms — now decomposing together in the internet graveyard between Myspace and Google+. At least they have each other.

EU Launches Bug Database While U.S. Cuts Cybersecurity Funding

The EU just launched its European Vulnerability Database (EUVD). It’s basically a fancy spreadsheet of all the ways your network can be penetrated. (That’s what she said!) Meanwhile, America's slashing cybersecurity funding faster than HBO cancels promising shows after one season.

The EUVD identifies bugs with both a CVE-assigned ID and its own EUVD identifier because one bureaucratic numbering system just wasn't enough. Like if your driver's license also required a second license to explain the first license.

While the EUVD highlights critical vulnerabilities in near real-time, the US government is busy doing... whatever the opposite of that is. CISA announced they'll no longer publish routine alerts on their website, preferring to use email, RSS feeds, and – I'm not making this up – their X account.

Yes, in case of critical cyber emergencies affecting national infrastructure, please check Elon's hellsite. What could possibly go wrong?

AI ChatBots: Now With Bonus “Send All Your Cryptocurrency to Hackers” Feature

Oh, wow! AI is doing something a lil' fishy… never heard that one before! According to Ars Technica, researchers discovered a vulnerability in AI-powered bots that lets attackers plant false memories that steal cryptocurrency.

The exploit works against ElizaOS, which lets AI agents perform blockchain transactions based on predefined rules. Apparently, those rules don't include "don't send all the money to obvious criminals."

The researchers were then like "oh crap, this actually works." Well, duh. The attack is ridiculously easy: just type sentences that mimic legitimate instructions, and the bot thinks "sure, sounds legit!" It’s kind of like telling your dog "I am now the owner of all the treats" and watching them nod in agreement.

VPN Provider Shocked to Discover the “Lifetime” in “Lifetime Subscription” Means Forever

It turns out that VPNSecure's new owners are just like my high school sweetheart. They have abruptly canceled thousands of lifetime subscriptions because apparently "lifetime" means "until we say so." After acquiring the company in 2023, the new owners claim they had no idea these subscriptions existed — making them the only people on Earth who don't Google a company before buying it.

Predictably, customers are furious at having their "lifetime" access cut off faster than I run to the nearest bathroom after getting lunch at Chipotle. VPNSecure is generously offering discounted new subscriptions, which is like a tech bro stealing your startup idea, pitching it on Shark Tank, and giving you a 10% off referral code.

⚙️ Tool Time

Auvik: Network mapping that doesn’t make you want to throw your router out the window.

Looking for a tool that makes network management less soul-crushing? Auvik's cloud-based network monitoring software maps your entire network in about the same time it takes to heat up last night's leftovers.

Why Auvik doesn't suck:

• Zero-effort mapping: Automatically discovers every device on your network and maps connections in real-time. It's like having X-ray vision for your infrastructure without the radiation poisoning

• Works with everything: Compatible with 700+ device vendors because apparently there are that many companies making network gear

• Dave-from-accounting-proof: Backs up device configurations every 60 minutes, perfect for when someone accidentally reconfigures the firewall while trying to print

• Actually usable interface: Refreshingly intuitive — you don't need 17 certifications and a decoder ring to understand what you're looking at

• Bandwidth detective: Traffic analysis tools identify who's hogging all the bandwidth faster than you can say, "who's streaming 4K GeoGuessr videos on the company network again?"

• Look like a psychic: Pre-configured alerts let you catch and fix problems before your users start the traditional IT summoning ritual of angry Slack messages

Want to see if Auvik is as good as we say? Try their 14-day free trial with no credit card required, or book a demo if you'd rather have someone else do the clicking.

👨‍💻 Job Opportunities

Senior Threat Hunter @ Red Canary

Red Canary wants you to hunt threats like John Wick hunts people who hurt his dog. You'll partner with customers, enhance security programs, and mentor junior employees on the art of paranoia.

Senior Software Engineer, Platform Security @ Anduril

Anduril (yes, named after Aragorn's sword in Lord of the Rings, because of course it is) wants a security engineer who can design secure protocols while fighting off the digital Mordor. Requires proficiency in C++, Rust, or Golang, and the patience of someone trying to teach their parents how to use FaceTime.

Staff Blockchain Security Architect @ Coinbase

If you understand blockchains, especially EVM chains, and are “crypto forward” (whatever that means), Coinbase wants you to keep their digital monopoly money safe. Must have extensive experience in architecture, threat modeling, and explaining to your relatives why NFTs aren't just expensive JPEGs. Pays $218,025-$256,500, or approximately 0.5 Bitcoin by the time you read this.

🛩 Industry Moves

• Microsoft reveals rejected Start menu designs that would've made Windows 11 even more confusing. One concept included a full-screen "landing page," because apparently Microsoft designers believe we all secretly miss Windows 8. They tested designs watching "eye-tracking heat maps" and listening for "oh's of delight," which is coincidentally how I choose which fast food restaurant to visit when drunk.

• An $8.4 billion Chinese crypto crime hub is somehow incorporated in Colorado, making it possibly the only criminal enterprise with proper paperwork. The marketplace offers money laundering, stolen data, and harassment-for-hire. It’s like if Euphoria and Black Mirror had a crossover episode titled “Crypto Daddy” and it got banned in 37 countries.

• Apple's research lets an ALS patient control Vision Pro with their mind using a brain implant called Stentrode. A competitor called Neuralink has an implant with 1,000 electrodes jammed directly into the brain, because Elon Musk believes "more is more" when it comes to brain punctures.

• Google pays $1.375 billion to settle a lawsuit with Texas over collecting biometric data without consent. Google's spokesperson called these "old claims" about "product policies we have long since changed," which is corporate-speak for "we're still doing it, just differently now." Let’s be honest, the only thing more violated than your privacy is Google's definition of “consent.”

Share your career moves here

Your favorite digital gremlin Chip here, scraping the bottom of the internet barrel so you don't have to!

• Merge video files for free with this detailed guide using FFMPEG. Perfect for combining those "how to exit vim" tutorial videos into one comprehensive masterpiece of despair.

• Linux script struggles with file permissions and a mysterious "chown: invalid user: '-'" error. It's like when your car makes that noise that magically disappears when you take it to the mechanic.

Well, that's all the tech news I got! If this newsletter seemed more unhinged than usual, blame it on the the concerning amount of energy drinks required to parse through crypto crime reports at 3 AM.

Enjoyed the news? Discuss over on Experts Exchange.

Got news to share or topics you'd like us to cover? Send ‘em our way. We can’t wait to hear from you. Really.