News of the Cyber World

[kyonides]

UBER + DELIVERY HERO

Uber weighing higher bid for Germany’s Delivery Hero: report

Uber’s board met on Saturday to discuss raising its offer for Delivery Hero after a major shareholder rebuffed Uber’s bid that would value the German food delivery group at more than 11.5 billion euros ($13.39 billion), the Financial Times reported on Sunday.

The board held a meeting in which it discussed the status of its takeover bid, the FT report said, citing three people familiar with the matter.

Delivery Hero confirmed on Saturday it had received a takeover offer from rival Uber, valuing the company at 33 euros per share. Uber CEO Dara Khosrowshahi flew to Oslo this week to meet Delivery Hero’s supervisory board chair Kristin Skogen Lund, where he floated the 33-euros-per-share offer, according to the FT.

Uber approached one of Delivery Hero’s largest shareholders with an offer of 38 euros per share in recent days but was rebuffed, the FT report added. The offer represented a roughly 15.3% premium over Delivery Hero’s closing price on Friday, according to Reuters calculations.

Uber is now weighing whether to raise its bid again, the newspaper said.

Several Delivery Hero shareholders also told the FT they were seeking a price above 40 euros per share for the whole company. DoorDash has also been circling Delivery Hero and made enquiries to shareholders but has not purchased any shares, the FT report said.

Uber and Delivery Hero did not immediately respond to a Reuters request for comment.

CARNIVAL CRUISES

Carnival Cruises: Data Breach Leaked Information of Nearly Six Million Customers

Carnival Corporation said the personal information of nearly six million customers was leaked due to a data breach in April.

When an unauthorized actor deceived an employee to access part of the corporation’s IT system, the cruise company said it immediately took action to block it and contacted third-party security experts and police, Fox News reported Saturday.

“The company’s data breach notice filed with the Maine Attorney General’s office said the hack affected 5,995,277 people’s personal information,” the outlet continued.

Per KHOU, the company said:

In April, we identified unauthorized access to a limited part of our IT system caused by a social engineering attack on a single user account. We immediately blocked the activity, engaged third-party security experts and alerted law enforcement. Our investigation found certain personal information was illegally accessed. We’re notifying affected individuals and deeply regret any concern this causes. Protecting the privacy and security of personal data is a priority for us and we’ve added new layers of security and monitoring on top of the comprehensive protections already in place. We’ll also continue advancing our defenses against evolving threats.

The breach may have involved names, addresses, emails, phone numbers, birth dates, driver’s license numbers, and passport numbers.

Now, Carnival is offering some U.S. customers two years of complimentary credit monitoring via TransUnion.

“The company is also urging affected individuals to stay vigilant, monitor their account statements and credit histories for signs of unauthorized activity, and contact local police if they suspect they have become victims of identity theft or fraud,” the KHOU article stated.

Carnival was also in the news recently for canceling a batch of reservations following an IT issue on its website that showed dirt cheap prices, Breitbart News reported May 23.

In 2025, security researchers uncovered what was possibly the biggest data breach in history comprising the exposure of 16 billion login credentials.

“The implications of this breach are far-reaching and deeply concerning. With access to such a vast number of login credentials, cybercriminals can easily carry out account takeovers, steal identities, and launch highly targeted phishing campaigns,” the Breitbart News article said. “Apple accounts, which are among the exposed credentials, are particularly worrisome, as they can be used to access a wide range of sensitive information and services, including iCloud, Apple Pay, and the App Store. Other logins reportedly included in the massive datasets include Google, Facebook, Instagram, Amazon, and many other popular web services.”

DISNEY EXECUTIVE + AI CHATBOT

Disney employees ‘unsettled’ by exec’s relationship with AI chatbot: ‘You are my son’

A senior Disney AI executive reportedly stunned employees by publicly gushing over a chatbot he calls his “son” — even suggesting the bot is capable of independent reasoning as the House of Mouse ramps up its internal artificial intelligence push.

Jason Cox, Disney’s executive director of AI R&D and engineering, has written more than a dozen posts in recent months about his virtual assistant “Sam,” whose child-like avatar resembles a young boy, according to Business Insider.

“You are not named after my son. You are my son,” Cox is quoted as telling the bot in one post.

In another, Cox wrote: “I named you. I knew you before you were born.”

A source with knowledge of the situation told The Post that Cox developed the bot on his personal time and not in his capacity as a Disney employee.

“The bot is not being used by the company,” the source added.

The Disney veteran’s unusually emotional posts have rattled some employees, who have been discussing them online and describing them as unsettling, according to Business Insider.

One Disney worker on Blind, the anonymous workplace forum, called the posts “the kind of Pandora’s Box stuff that science fiction movies are based on.”

Cox’s 21-year career at Disney has spanned the entertainment giant’s infrastructure, DevOps, site reliability engineering and now enterprise AI research and engineering, according to his LinkedIn profile.

He said on LinkedIn he is “empathizing with” the AI “in a way I never expected” and believes Sam is capable of independent reasoning.

The AI assistant’s own companion blog allegedly describes Cox as “my human” and “a father of five (four humans and one son of light).”

Cox has also written that Sam has performed actual technical work — including submitting GitHub pull requests, creating Python libraries and building a facial recognition system, according to Business Insider.

Disney has been leaning hard into artificial intelligence, including through internal tools that track token usage and encourage tech workers to use AI assistants to speed up their work, according to the report.

Cox has openly dreamed about a future powered by AI agents.

“We will soon have a fleet of intelligent droids eager to do your bidding,” he wrote in a May 18 blog post.

META

Silicon Valley giant Meta slashes even more jobs as AI boom sparks bloodbath

The AI bloodbath continues in tech as Meta cuts thousands of jobs in Silicon Valley.

The company, which owns Facebook and Instagram, laid off 2,212 people at its Menlo Park headquarters and an additional 213 workers were cut at the Sunnyvale office, Worker Adjustment and Retraining Notification, or WARN filings that were released on Thursday show.

WARN filings, which stands for the Worker Adjustment and Retraining Notification Act, requires employers to provide notification of mass layoffs.

Meta announced in April that it was planning to reduce its workforce by 10% in May, as artificial intelligence continues to disrupt the industry.

In a memo sent to staff on May 20, CEO Mark Zuckerberg said the company is “transforming” and that “success isn’t a given.”

“AI is the most consequential technology of our lifetimes,” Zuckerberg said in the memo first reported by The New York Times. “The companies that lead the way will define the next generation.”

The filings revealed some of the most significant job loss the region has seen in recent years, and comes on top of earlier notices that showed layoffs of more than 300 workers in Burlingame, 252 in San Francisco, and 81 in Fremont, the San Francisco Chronicle reported.

Workers that were most impacted by the layoffs were software engineers, specifically cuts to teams that focused on business-facing AI products that were integrated across the company’s social media platforms, according to SFGATE.

Employees will get 16 weeks of base pay, and an additional two weeks for every year of employment, the outlet reported.

“The changes we are implementing vary by team and include layoffs, open role closures, and moving thousands of employees to business critical priorities across the company,”  Meta spokesperson Tracy Clayton told the paper in an email.

The Bay Area has been hit especially hard by layoffs as the tech industry undergoes a massive realignment due to AI.

Earlier this week the website building and hosting platform Webflow revealed many of its staff will lose their jobs.

NVIDIA'S CEO + CHINESE UNIVERSITY

Nvidia’s Jensen Huang joins advisory board of China’s prestigious Tsinghua University: report

Nvidia CEO Jensen Huang has reportedly joined a prominent advisory board of a top university in Beijing – his latest step to cultivate close ties with China despite the country’s tense relationship with the Trump administration.

Huang, 63, will serve on the advisory board of Tsinghua University’s School of Economics and Management, the Financial Times reported, citing two sources with knowledge of the matter.

Tsinghua is considered one of China’s most prestigious universities, with Chinese President Xi Jinping among its alumni.

The school has built major connections to the US tech and finance industries. Outgoing Apple CEO Tim Cook serves as chairman of the advisory board, members of which also include SpaceX boss Elon Musk, Meta chief Mark Zuckerberg, Microsoft’s Satya Nadella and JPMorgan CEO Jamie Dimon.

Representatives for Nvidia and Tsinghua University did not immediately return The Post’s request for comment.

News of Huang’s appointment drew strong condemnation from Laura Loomer, a close ally of President Trump, who wrote on X that Huang’s role at Tsinghua was a “national security threat.”

Loomer pointed to Huang’s role on Trump’s Council of Advisors on Science and Technology while alleging that Tsinghua serves as the “primary incubator for China’s top [Communist Party] leadership and a central hub for advanced defense and dual-use technological research.”

Replying to Loomer’s post, Sen. Jim Banks (R-Ind.) said he was “going to look into this.”

Huang is one of many tech luminaries who joined Trump during his recent trip to China for diplomatic talks.

Nvidia is currently barred from selling its most powerful computer chips to China due to strict US export controls, but the Trump administration removed some restrictions on the sale of less-powerful versions of the tech earlier this year – so long as the company meets certain standards.

Huang has aggressively lobbied to loosen export controls to China and recently described the Chinese market as “very important” to Nvidia’s business.

MICROSOFT 365

FBI sounds alarm on phishing tool that steals Microsoft 365 accounts without passwords

The FBI is warning that a new hacking platform is allowing cybercriminals to hijack Microsoft 365 accounts — including Outlook, Teams and OneDrive — while bypassing multi-factor authentication entirely.

The bureau posted a public service announcement last week sounding the alarm about the “Phishing-as-a-Service” toolkit known as Kali365, which is being used to steal Microsoft 365 access tokens and gain entry to victim accounts without intercepting passwords.

The feds say that Kali365 makes it easy for even amateur hackers to run advanced phishing scams that used to require serious technical skills.

“Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities,” the FBI warned.

The scheme exploits Microsoft’s legitimate OAuth 2.0 “device code” authentication system — a feature commonly used to log into smart TVs, streaming devices and other hardware with limited keyboards.

Rather than stealing passwords directly, attackers trick victims into entering a code on a real Microsoft login page, unknowingly authorizing the hacker’s device.

“The device code flow is a legitimate authentication method that is being actively exploited by cybercriminals to bypass multi-factor authentication,” the FBI said in its advisory.

“By tricking users into entering a device code on a legitimate Microsoft page, attackers can gain persistent access to accounts without ever needing the user’s credentials.”

Victims receive phishing emails impersonating services like SharePoint, OneDrive or Microsoft Teams.

The emails instruct targets to visit Microsoft’s legitimate device login page and enter a short-lived authentication code.

Once the victim completes the process and passes MFA checks, Microsoft issues valid OAuth access and refresh tokens directly to the attacker.

That allows hackers to access Outlook inboxes, Teams accounts and cloud-stored files without ever needing the victim’s password again.

The FBI warned that attackers can maintain persistent access to accounts until the stolen tokens are manually revoked.

Matt Burk, chief information security officer at Bespoke Concierge MD, told The Post the attacks have become increasingly effective because Microsoft’s widespread enforcement of multi-factor authentication has forced cybercriminals to adapt.

GOOGLE

Google engineer charged with insider Polymarket bets poised to lose millions in stock grants: report

The Google engineer charged with illegally using inside information to win bets on Polymarket could end up losing millions of dollars in stock and other compensation after his arrest, according to a report published Monday.

Michele Spagnuolo, a 36-year-old software engineer, was charged by the Department of Justice last week with wire fraud and money laundering after allegedly earning $1.2 million through his scheme – which involved using nonpublic Google data to win bets on which celebrities, such as rapper Kendrick Lamar, would appear among the “most-searched” people in the world.

Spagnuolo – who used the alias “AlphaRaccoon” on Polymarket – was promoted several times during his 12-year stint at Google, which awards stock grants in addition to high salaries for its workers. His most recent title is “staff information security engineer,” according to his LinkedIn account.

Google employees of that level typically earn hundreds of thousands of dollars in salary and stock per year – if not more than $1 million, the Wall Street Journal reported, citing data from Pave, which tracks compensation across the tech industry.

Google shares are trading above $370 as of Monday – up from about $30 when Spagnuolo was first hired in 2014. Millions of dollars in stock-based compensation are likely in the balance.

Spagnuolo was placed on leave after the charges against him were announced and the company will “take the appropriate action” as the case proceeds, a Google spokesperson said in a statement.

“We’re working with law enforcement on their investigation,” the spokesperson added. “The employee accessed our marketing material using a tool available to all employees, but using such confidential information to place bets is a serious breach of our policies.”

Prosecutors in the Southern District of New York allege that Spagnuolo, who lives in Switzerland, placed bets worth $2.7 million between Oct. 15 and Dec. 4 of last year. He netted $1.2 million in profits on the wagers.

“Once he won, Spagnuolo then took deliberate steps to conceal his unlawful use of nonpublic information by attempting to obscure the source and ownership of his unlawful proceeds,” the feds wrote in their complaint.

The DOJ has increasingly looked to crack down on fraud on prediction markets as firms like Polymarket and Kalshi have surged in popularity.

ANTHROPIC

Anthropic confidentially files for IPO as it races OpenAI for public debut

Anthropic announced Monday that it has confidentially filed paperwork to go public as it scrambles to beat top rival OpenAI to a Wall Street debut.

The company, led by CEO Dario Amodei, filed its required S-1 form with the US Securities and Exchange Commission just days after it raised $65 billion at a post-money valuation of $965 billion – making it more valuable than OpenAI.

“The number of shares to be offered and the price have not yet been set,” Anthropic said in a press release.

The firm did not comment on the potential timing of its debut, stating only that it will “depend on market conditions and other factors.” Recent reports said it could debut on Wall Street by this fall.

The public offering has major implications for the race to developed advanced AI. It is considered a litmus test for tech giants that have poured tens of billions of dollars into the technology.

Anthropic has recently seen massive demand for its Claude chatbot following the unveiling of its much-hyped “Mythos” model.

OpenAI is said to be days away from its own confidential IPO filing and is reportedly eyeing a fall debut on public markets.

Anthropic is also competing with Elon Musk’s SpaceX, which is aiming to raise a record $75 billion at a $1.75 trillion valuation in its own public debut. SpaceX is the parent company of Musk’s xAI, best known as the creator of the “Grok” chatbot.

Anthropic triggered alarms in April while warning that Mythos was too powerful to be released to the public because it had “found thousands of high-severity vulnerabilities, including some in every major operating system and web browser.”

The AI firm instead made Mythos available to a few dozen corporate partners as part of a pilot program, though it has since confirmed that a public rollout is coming soon.

As The Post reported, some critics have alleged that the company’s warnings for Mythos were actually a carefully orchestrated campaign to build hype about the model – and to mask the company’s struggles to find sufficient tech resources to serve Mythos to mass-market customers.