The SEC on Wednesday said it has charged cryptocurrency startup Unicoin and three of its top executives for false and misleading statements that raised more than $100 million from thousands of investors. "We allege that Unicoin and its executives exploited thousands of investors with fictitious promises that its tokens, when issued, would be backed by real-world assets including an international portfolio of valuable real estate holdings," said Mark Cave, Associate Director in the SEC's Division of Enforcement. "But as we allege, the real estate assets were worth a mere fraction of what the company claimed, and the majority of the company's sales of rights certificates were illusory. Unicoin's most senior executives are alleged to have perpetuated the fraud, and today's action seeks accountability for their conduct." From the release: The SEC alleges that Unicoin broadly marketed rights certificates to the public through extensive promotional efforts, including advertisements in major airports, on thousands of New York City taxis, and on television and social media. Among other things, Unicoin and its executives are alleged to have convinced more than 5,000 investors to purchase rights certificates through false and misleading statements that portrayed them as investments in safe, stable, and profitable "next generation" crypto assets, including claims that:

- Unicoin tokens underlying the rights certificates were "asset-backed" by billions of dollars of real estate and equity interests in pre-IPO companies, when Unicoin's assets were never worth more than a small fraction of that amount;
- the company had sold more than $3 billion in rights certificates, when it raised no more than $110 million; and
- the rights certificates and Unicoin tokens were "SEC-registered" or "U.S. registered" when they were not.

According to the SEC's complaint, Unicoin and Konanykhin also violated the federal securities laws by engaging in unregistered offers and sales of rights certificates. Konanykhin offered and sold over 37.9 million of his rights certificates to offer better pricing and target investors the company had prohibited from participating in the offering to avoid jeopardizing its exemption to registration requirements, as alleged.

Quebec Culture Minister Mathieu Lacombe has introduced Bill 109, which would require streaming platforms like Netflix and Spotify to feature and prioritize French-language content. CBC.ca reports: Bill 109 has been in the works for over a year. It marks the first time that Quebec would set a "visibility quota" for French-language content on major streaming platforms such as Netflix, Disney and Spotify. [...] The legislation, titled An Act to affirm the cultural sovereignty of Quebec and to enact the Act respecting the discoverability of French-language cultural content in the digital environment, would apply to every digital platform that offers a service for watching videos or listening to music and audiobooks online. Those include Canadian platforms such as Illico, Crave and Tou.tv. It would amend the Quebec Charter of Human Rights and Freedoms to enshrine "the right to discoverability of and access to original French-language cultural content."

If the bill is adopted, streaming platforms and television manufacturers would be forced to present interfaces for screening online videos in French by default. Those interfaces would need to provide access to platforms that offer original French-language cultural content based on the government's pending criteria. Financial penalties would be imposed on companies that don't follow the rules. If the business models of some companies prevent them from keeping to the letter of the proposed law, companies would be allowed to enter into an agreement with the Quebec government to set out "substitute measures" to fulfil Bill 109 obligations differently. "We don't want to exempt them. We're telling them, 'let's negotiate substitute measures,'" Lacombe told reporters.

An anonymous reader quotes a report from The Guardian: Hacked AI-powered chatbots threaten to make dangerous knowledge readily available by churning out illicit information the programs absorb during training, researchers say. [...] In a report on the threat, the researchers conclude that it is easy to trick most AI-driven chatbots into generating harmful and illegal information, showing that the risk is "immediate, tangible and deeply concerning." "What was once restricted to state actors or organised crime groups may soon be in the hands of anyone with a laptop or even a mobile phone," the authors warn.

The research, led by Prof Lior Rokach and Dr Michael Fire at Ben Gurion University of the Negev in Israel, identified a growing threat from "dark LLMs", AI models that are either deliberately designed without safety controls or modified through jailbreaks. Some are openly advertised online as having "no ethical guardrails" and being willing to assist with illegal activities such as cybercrime and fraud. [...] To demonstrate the problem, the researchers developed a universal jailbreak that compromised multiple leading chatbots, enabling them to answer questions that should normally be refused. Once compromised, the LLMs consistently generated responses to almost any query, the report states.

"It was shocking to see what this system of knowledge consists of," Fire said. Examples included how to hack computer networks or make drugs, and step-by-step instructions for other criminal activities. "What sets this threat apart from previous technological risks is its unprecedented combination of accessibility, scalability and adaptability," Rokach added. The researchers contacted leading providers of LLMs to alert them to the universal jailbreak but said the response was "underwhelming." Several companies failed to respond, while others said jailbreak attacks fell outside the scope of bounty programs, which reward ethical hackers for flagging software vulnerabilities.

A Massachusetts man has agreed to plead guilty to hacking into one of the top education tech companies in the United States and stealing tens of millions of schoolchildren's personal information for profit. From a report: Matthew Lane, 19, of Worcester County, Massachusetts, signed a plea agreement related to charges connected to a major hack on an educational technology company last year, as well as another company, according to court documents published Tuesday.

While the documents refer to the education company only as "Victim-2" and the U.S. attorney's office declined to name the victim, a person familiar with the matter told NBC News that it is PowerSchool. The hack of PowerSchool last year is believed to be the largest breach of American children's sensitive data to date.

According to his plea agreement, Lane admitted obtaining information from a protected computer and aggravated identity theft and agreed not to challenge a prison sentence shorter than nine years and four months. He got access simply by trying an employee's stolen username and password combination, the complaint says, echoing a private third-party assessment of the incident previously reported by NBC News.

An anonymous reader quotes a report from Decrypt: The founder of online news publication TechCrunch has claimed that Coinbase's recent data breach "will lead to people dying," amid a wave of kidnap attempts targeting high-net-worth crypto holders. TechCrunch founder and venture capitalist Michael Arrington added that this should be a point of reflection for regulators to re-think the importance of know-your-customer (KYC), a process that requires users to confirm their identity to a platform. He also called for prison time for executives that fail to "adequately protect" customer information.

"This hack -- which includes home addresses and account balances -- will lead to people dying. It probably has already," he tweeted. "The human cost, denominated in misery, is much larger than the $400 million or so they think it will actually cost the company to reimburse people." [...] He believes that people are in immediate physical danger following the breach, which exposed data including names, addresses, phone numbers, emails, government-ID images, and more.

Arrington believes that in the wake of these attacks, crypto companies that handle user data need to be much more careful than they currently are. "Combining these KYC laws with corporate profit maximization and lax laws on penalties for hacks like these means these issues will continue to happen," he tweeted. "Both governments and corporations need to step up to stop this. As I said, the cost can only be measured in human suffering." Former Coinbase chief technology officer Balaji Srinivasan pushed back on Arrington's position that executives should be punished, arguing that regulators are forcing KYC onto unwilling companies. "When enough people die, the laws may change," Arrington hit back.

French authorities have denied Telegram founder Pavel Durov's request to travel to the U.S. for "negotiations with investment funds." From a report: The Paris prosecutor's office told POLITICO that it rendered its decision on May 12 "on the grounds that such a trip abroad did not appear imperative or justified."

Durov was arrested in August 2024 at a French airport and has been under strict legal control since last September, when he was indicted on six charges related to illicit activity on the messaging app he operates. He is forbidden to leave France without authorization -- which he obtained to travel to Dubai from March 15 to April 7, the prosecutor's office said. Russian-born Durov is a citizen, among other countries, of France and the United Arab Emirates.

Regeneron Pharmaceuticals is acquiring most of 23andMe's assets for $256 million. The sale includes 23andMe's Personal Genome Service, Total Health and Research Services business lines. What's not included is 23andMe's telehealth unit, Lemonaid Health, which the company acquired for around $400 million in 2021. It'll be shut down, but all staffers will remain employed. CNBC reports: The deal is still subject to approval by the U.S. Bankruptcy Court for the Eastern District of Missouri. Pending approval, it's expected to close in the third quarter of this year, according to the release. In its bankruptcy proceedings, 23andMe required all bidders to comply with its privacy policies, and a court-appointed, independent "Consumer Privacy Ombudsman" will assess the deal, the companies said.

Several lawmakers and officials, including the Federal Trade Commission, had expressed concerns about the safety of consumers' genetic data through 23andMe's sale process. The privacy ombudsman will present a report on the acquisition to the court by June 10. "We are pleased to have reached a transaction that maximizes the value of the business and enables the mission of 23andMe to live on, while maintaining critical protections around customer privacy, choice and consent with respect to their genetic data," Mark Jensen, 23andMe's board chair, said in a statement. "At its peak, 23andMe was valued at around $6 billion," notes the report.

New submitter optical_phiber writes: In March 2025, the New South Wales (NSW) Department of Education discovered that Microsoft Teams had begun collecting students' voice and facial biometric data without their prior knowledge. This occurred after Microsoft enabled a Teams feature called 'voice and face enrollment' by default, which creates biometric profiles to enhance meeting experiences and transcriptions via its CoPilot AI tool.

The NSW department learned of the data collection a month after it began and promptly disabled the feature and deleted the data within 24 hours. However, the department did not disclose how many individuals were affected or whether they were notified. Despite Microsoft's policy of retaining data only while the user is enrolled and deleting it within 90 days of account deletion, privacy experts have raised serious concerns. Rys Farthing of Reset Tech Australia criticized the unnecessary collection of children's data, warning of the long-term risks and calling for stronger protections.

An anonymous reader quotes a report from Ars Technica: Meta thinks there's no reason to carry on with its defense after the Federal Trade Commission closed its monopoly case, and the company has moved to end the trial early by claiming that the FTC utterly failed to prove its case. "The FTC has no proof that Meta has monopoly power," Meta's motion for judgment (PDF) filed Thursday said, "and therefore the court should rule in favor of Meta." According to Meta, the FTC failed to show evidence that "the overall quality of Meta's apps has declined" or that the company shows too many ads to users. Meta says that's "fatal" to the FTC's case that the company wielded monopoly power to pursue more ad revenue while degrading user experience over time (an Internet trend known as "enshittification"). And on top of allegedly showing no evidence of "ad load, privacy, integrity, and features" degradation on Meta apps, Meta argued there's no precedent for an antitrust claim rooted in this alleged harm.

"Meta knows of no case finding monopoly power based solely on a claimed degradation in product quality, and the FTC has cited none," Meta argued. Meta has maintained throughout the trial that its users actually like seeing ads. In the company's recent motion, Meta argued that the FTC provided no insights into what "the right number of ads" should be, "let alone" provide proof that "Meta showed more ads" than it would in a competitive market where users could easily switch services if ad load became overwhelming. Further, Meta argued that the FTC did not show evidence that users sharing friends-and-family content were shown more ads. Meta noted that it "does not profit by showing more ads to users who do not click on them," so it only shows more ads to users who click ads.

Meta also insisted that there's "nothing but speculation" showing that Instagram or WhatsApp would have been better off or grown into rivals had Meta not acquired them. The company claimed that without Meta's resources, Instagram may have died off. Meta noted that Instagram co-founder Kevin Systrom testified that his app was "pretty broken and duct-taped" together, making it "vulnerable to spam" before Meta bought it. Rather than enshittification, what Meta did to Instagram could be considered "a consumer-welfare bonanza," Meta argued, while dismissing "smoking gun" emails from Mark Zuckerberg discussing buying Instagram to bury it as "legally irrelevant." Dismissing these as "a few dated emails," Meta argued that "efforts to litigate Mr. Zuckerberg's state of mind before the acquisition in 2012 are pointless."

"What matters is what Meta did," Meta argued, which was pump Instagram with resources that allowed it "to 'thrive' -- adding many new features, attracting hundreds of millions and then billions of users, and monetizing with great success." In the case of WhatsApp, Meta argued that nobody thinks WhatsApp had any intention to pivot to social media when the founders testified that their goal was to never add social features, preferring to offer a simple, clean messaging app. And Meta disputed any claim that it feared Google might buy WhatsApp as the basis for creating a Facebook rival, arguing that "the sole Meta witness to (supposedly) learn of Google's acquisition efforts testified that he did not have that worry." In sum: A ruling in Meta's favor could prevent a breakup of its apps, while a denial would push the trial toward a possible order to divest Instagram and WhatsApp.

The FBI has issued a warning that cybercriminals have started using AI-generated voice deepfakes in phishing attacks impersonating senior U.S. officials. These attacks, involving smishing and vishing tactics, aim to compromise personal accounts and contacts for further social engineering and financial fraud. BleepingComputer reports: "Since April 2025, malicious actors have impersonated senior U.S. officials to target individuals, many of whom are current or former senior U.S. federal or state government officials and their contacts. If you receive a message claiming to be from a senior U.S. official, do not assume it is authentic," the FBI warned. "The malicious actors have sent text messages and AI-generated voice messages -- techniques known as smishing and vishing, respectively -- that claim to come from a senior U.S. official in an effort to establish rapport before gaining access to personal accounts."

The attackers can gain access to the accounts of U.S. officials by sending malicious links disguised as links designed to move the discussion to another messaging platform. By compromising their accounts, the threat actors can gain access to other government officials' contact information. Next, they can use social engineering to impersonate the compromised U.S. officials to steal further sensitive information and trick targeted contacts into transferring funds. Today's PSA follows a March 2021 FBI Private Industry Notification (PIN) [PDF] warning that deepfakes (including AI-generated or manipulated audio, text, images, or video) would likely be widely employed in "cyber and foreign influence operations" after becoming increasingly sophisticated.

An anonymous reader quotes a report from TechCrunch: A lawyer representing Anthropic admitted to using an erroneous citation created by the company's Claude AI chatbot in its ongoing legal battle with music publishers, according to a filing made in a Northern California court on Thursday. Claude hallucinated the citation with "an inaccurate title and inaccurate authors," Anthropic says in the filing, first reported by Bloomberg. Anthropic's lawyers explain that their "manual citation check" did not catch it, nor several other errors that were caused by Claude's hallucinations. Anthropic apologized for the error and called it "an honest citation mistake and not a fabrication of authority." Earlier this week, lawyers representing Universal Music Group and other music publishers accused Anthropic's expert witness -- one of the company's employees, Olivia Chen -- of using Claude to cite fake articles in her testimony. Federal judge, Susan van Keulen, then ordered Anthropic to respond to these allegations. Last week, a California judge slammed a pair of law firms for the undisclosed use of AI after he received a supplemental brief with "numerous false, inaccurate, and misleading legal citations and quotations." The judge imposed $31,000 in sanctions against the law firms and said "no reasonably competent attorney should out-source research and writing" to AI.

An anonymous reader quotes a report from Ars Technica: On Thursday, Telegram announced it had removed two huge black markets estimated to have generated more than $35 billion since 2021 by serving cybercriminals and scammers. Blockchain research firm Elliptic told Reuters that the Chinese-language markets Xinbi Guarantee and Huione Guarantee together were far more lucrative than Silk Road, an illegal drug marketplace that the FBI notoriously seized in 2013, which was valued at about $3.4 billion. Both markets were forced offline on Tuesday, Elliptic reported, and already, Huione Guarantee has confirmed that its market will cease to operate entirely due to the Telegram removal.

The disruption of both markets will be "a big blow for online fraudsters," Elliptic confirmed, cutting them off from a dependable source for "stolen data, money laundering services, and telecoms infrastructure." [...] Elliptic reported that Telegram connected black markets with an audience of a billion users, noting that Telegram tried to remove several Huione Guarantee channels earlier this year, but "the marketplace was ready" with backups and remained online until this week. Wired suggested that Huione Guarantee "operated in plain sight" on Telegram for years. But Telegram suggested it just discovered it. Huione Guarantee is a subsidiary of Huione Group, which was recently sanctioned by the U.S. Treasury for supporting "criminal syndicates who have stolen billions of dollars from Americans." According to Reuters, that included allegedly laundering "at least $37 million in crypto from cyber heists by North Korea and $36 million of crypto from so-called 'pig butchering' scams."

Google has overtaken IBM to become the leader in generative AI-related patents and also leads in the emerging area of agentic AI, according to data from IFI Claims. Axios: In the patents-for-agents U.S. rankings, Google and Nvidia top the list, followed by IBM, Intel and Microsoft, according to an analysis released Thursday.

Globally, Google and Nvidia also led the agentic patents list, but three Chinese universities also make the top 10, highlighting China's place as the chief U.S. rival in the field. In global rankings for generative AI, Google was also the leader -- but six of the top 10 global spots were held by Chinese companies or universities. Microsoft was No. 3, with Nvidia and IBM also in the top 10.

A California judge slammed a pair of law firms for the undisclosed use of AI after he received a supplemental brief with "numerous false, inaccurate, and misleading legal citations and quotations." From a report: In a ruling submitted last week, Judge Michael Wilner imposed $31,000 in sanctions against the law firms involved, saying "no reasonably competent attorney should out-source research and writing" to AI, as pointed out by law professors Eric Goldman and Blake Reid on Bluesky.

"I read their brief, was persuaded (or at least intrigued) by the authorities that they cited, and looked up the decisions to learn more about them -- only to find that they didn't exist," Judge Milner writes. "That's scary. It almost led to the scarier outcome (from my perspective) of including those bogus materials in a judicial order."

Identity thieves have found an insidious target: death row inmates. A SentiLink report published this week reveals scammers are stealing identities of Texas prisoners awaiting execution to orchestrate "bust-out" fraud schemes -- patiently building credit before disappearing with up to $100,000.

Nearly 10% of Texas' 172 death row inmates have fallen victim. The operation, active since March 2023, exploits inmates' isolation from financial communications. "They wouldn't receive text or email alerts from a financial institution," said Robin Maher of the Death Penalty Information Center.

Beyond opening credit accounts, NBC reports, fraudsters have registered fake businesses using inmates' identities, including a landscaping company created under Ronald Haskell's name -- a man imprisoned since 2014 for killing six people. TransUnion estimates bust-out scams now cost banks $1 billion annually.

An anonymous reader quotes a report from Ars Technica: Federal Communications Commission Chairman Brendan Carr has threatened to revoke EchoStar licenses for radio frequency bands coveted by rival firms including SpaceX, which alleges that EchoStar is underutilizing the spectrum. "I have directed agency staff to begin a review of EchoStar's compliance with its federal obligations to provide 5G service throughout the United States per the terms of its federal spectrum licenses," Carr wrote in a May 9 letter to EchoStar Chairman Charles Ergen. EchoStar and its affiliates "hold a large number of FCC spectrum licenses that cover a significant amount of spectrum," the letter said.

Ergen defended his company's wireless deployment but informed investors that EchoStar "cannot predict with any degree of certainty the outcome" of the FCC proceedings. The letter from Carr and Ergen's statement is included in a Securities and Exchange Commission filing submitted by EchoStar today. EchoStar's stock price was down about 8 percent in trading today. EchoStar bought Dish Network in December 2023 and offers wireless service under the Boost Mobile brand. As The Wall Street Journal notes, the firm "has spent years wiring thousands of cellphone towers to help Boost become a wireless operator that could rival AT&T, Verizon and T-Mobile, but the project has been slow-going. Boost's subscriber base has shrunk in the five years since Ergen bought the brand from Sprint." [...]

EchoStar will have to prove its case in the two FCC proceedings. The FCC set a May 27 deadline for the first round of comments in both proceedings and a June 6 deadline for reply comments. The proceedings could result in the FCC letting other companies use the spectrum and other remedies. "In particular, we seek information on whether EchoStar is utilizing the 2 GHz band for MSS consistent with the terms of its authorizations and the Commission's rules and policies governing the expectation of robust MSS," the FCC Space Bureau's call for comments said. "We also seek comment on steps the Commission might take to make more intensive use of the 2 GHz band, including but not limited to allowing new MSS entrants in the band." Last month, SpaceX urged the FCC to reallocate the spectrum, saying "the 2 GHz band remains ripe for sharing among next-generation satellite systems that seek to finally make productive use of the spectrum for consumers and first responders."

EchoStar countered that SpaceX's filing is "intended to cloak another land grab for even more free spectrum," and that its "methodology is completely nonsensical, given that EchoStar's terrestrial deployment is subject to population-based milestones that EchoStar has repeatedly demonstrated in status reports."

Qatar is gifting Trump a $400 million luxury 747 to serve as a temporary Air Force One, but experts warn that retrofitting it to meet presidential security standards could take years, cost hundreds of millions more, and risk national security due to potential embedded surveillance. The Register's Iain Thomson reports: The current VC-25s aren't just repainted 747s. They're a pair of flying fortresses that must be capable of allowing the president to run the country, survive wartime conditions (even nuclear), and be totally secure from outside influence or intrusion. While the precise details of the current airframe are a tightly guarded secret, some details are included on government fact sheets or have been revealed in various media reports. For a start, it must have an in-flight refueling capability so the president can go anywhere in the world and stay up as long as needed. Retrofitting this to an existing 747 would be very expensive, as the feds would need to strengthen portions of the hull to handle the refueling system and reconfigure the fuel tanks to handle trim issues.

Then there's the hull, which is known to be armored, and the windows are also thicker than you'd find on a normal flight. The government would also need to build in weapons systems like the chaff rockets used against radar-guided missiles, flares against heat seekers, and AN/ALQ-204 Matador Infrared Countermeasure systems, or similar to try and confuse incoming missiles. Next up, the engines and electrical systems would have to be replaced. The electronics in the current VC-25s are hardened as much as possible against an electromagnetic pulse that would be generated by a nuclear detonation. There are also claims that the aircraft have extra shielding in the engines to help against missile fragments should a physical attack happen.

Next up are communications. Air Force One has air-to-ground, air-to-air, and satellite comms systems that are thought to be the equal of what's in the White House. There are at least two separate internal phone systems - one open and the other highly secure - that would need to be installed and checked as well. Then there are incidentals. Contrary to what films will tell you, there is no escape capsule on the current Air Force One, nor a rear parachute ramp, but there is a medical suite with emergency equipment and space for a physician which would already need to be installed, as well as a secured cargo area designed to prevent tampering or unauthorized access. As for the threat of embedded surveillance devices, Richard Aboulafia, managing director of aircraft consultancy AeroDynamic Advisory, said: "You'd have to take it apart piece by piece to stop a professional operator putting in lots of equipment to confuse things, like spare sensors and wiring."

"It wouldn't be in the air before 2030 at the earliest, long after he's left office and probably later than the existing planned replacements," said Aboulafia. "It makes no sense on any level, except that he wants a free 747 for himself. Nothing else makes any sense."

"What's sort of annoying about the whole thing is I'm not sure what's wrong with the current Air Force One," Aboulafia said. "Maybe if they gave it a gold makeover, he'd like it more."

Business Insider tells the story in three bullet points:

- Big Tech companies depend on content made by others to train their AI models.

- Some of those creators say using their work to train AI is copyright infringement.

- The U.S. Copyright Office just published a report that indicates it may agree.

The office released on Friday its latest in a series of reports exploring copyright laws and artificial intelligence. The report addresses whether the copyrighted content AI companies use to train their AI models qualifies under the fair use doctrine. AI companies are probably not going to like what they read...

AI execs argue they haven't violated copyright laws because the training falls under fair use. According to the U.S. Copyright Office's new report, however, it's not that simple. "Although it is not possible to prejudge the result in any particular case, precedent supports the following general observations," the office said. "Various uses of copyrighted works in AI training are likely to be transformative. The extent to which they are fair, however, will depend on what works were used, from what source, for what purpose, and with what controls on the outputs — all of which can affect the market."

The office made a distinction between AI models for research and commercial AI models. "When a model is deployed for purposes such as analysis or research — the types of uses that are critical to international competitiveness — the outputs are unlikely to substitute for expressive works used in training," the office said. "But making commercial use of vast troves of copyrighted works to produce expressive content that competes with them in existing markets, especially where this is accomplished through illegal access, goes beyond established fair use boundaries."
The report says outputs "substantially similar to copyrighted works in the dataset" are less likely to be considered transformative than when the purpose "is to deploy it for research, or in a closed system that constrains it to a non-substitutive task."

Business Insider adds that "A day after the office released the report, President Donald Trump fired its director, Shira Perlmutter, a spokesperson told Business Insider."

"Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware," reports Ars Technica, "a strong indication that devices belonging to him have been hacked in recent years." As an employee of DOGE, [30-something Kyle] Schutt accessed FEMA's proprietary software for managing both disaster and non-disaster funding grants [to Dropsite News]. Under his role at CISA, he likely is privy to sensitive information regarding the security of civilian federal government networks and critical infrastructure throughout the U.S. According to journalist Micah Lee, user names and passwords for logging in to various accounts belonging to Schutt have been published at least four times since 2023 in logs from stealer malware... Besides pilfering login credentials, stealers can also log all keystrokes and capture or record screen output. The data is then sent to the attacker and, occasionally after that, can make its way into public credential dumps...

Lee went on to say that credentials belonging to a Gmail account known to belong to Schutt have appeared in 51 data breaches and five pastes tracked by breach notification service Have I Been Pwned. Among the breaches that supplied the credentials is one from 2013 that pilfered password data for 3 million Adobe account holders, one in a 2016 breach that stole credentials for 164 million LinkedIn users, a 2020 breach affecting 167 million users of Gravatar, and a breach last year of the conservative news site The Post Millennial.
The credentials may have been exposed when service providers were compromised, the article points out, but the "steady stream of published credentials" is "a clear indication that the credentials he has used over a decade or more have been publicly known at various points.

"And as Lee noted, the four dumps from stealer logs show that at least one of his devices was hacked at some point."

Thanks to Slashdot reader gkelley for sharing the news.

Adafruit's managing director Phillip Torrone is also long-time Slashdot reader ptorrone.

He stopped by Thursday to share what happened after a large portion of a recent import was subjected to a 125% +20% +25% import markup... We're no stranger to tariff bills, although they have definitely ramped up over the last two months. However, this is our first "big bill"... Unlike other taxes like sales tax where we collect on behalf of the state and then submit it back at the end of the month — or income taxes, where we only pay if we are profitable — tariff taxes are paid before we sell any of the products. And they're due within a week of receipt, which has a big impact on cash flow.

In this particular case, we're buying from a vendor, not a factory, so we can't second-source the items. (And these particular products we couldn't manufacture ourselves even if we wanted to, since the vendor has well-deserved IP protections). And the products were booked & manufactured many months ago, before the tariffs were in place.

Since they are electronics products/components, there's a chance we may be able to request reclassification on some items to avoid the 125% "reciprocal" tariff, but there's no assurance that it will succeed, and even if it does, it is many, many months until we could see a refund.

We'll have to increase the prices on some of these products. But we're not sure if people will be willing to pay the higher cost, so we may well be "stuck" with unsellable inventory — that we have already paid a large fee on...
Their blog post even includes a photo of the DHL customs invoice with the five-digit duty fee...

Share your own stories and experiences in the comments. Any other Slashdot readers being affected by the new U.S. tariffs?