A financially motivated threat group dubbed “Diesel Vortex” is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains.

In a campaign that has been running since September 2025, the threat actor has stolen 1,649 unique credentials from platforms and service providers critical in the freight industry.

Some of the Diesel Vortex victims include DAT Truckstop, TIMOCOM, Teleroute, Penske Logistics, Girteka, and Electronic Funds Source (EFS).

Researchers at the typosquatting monitoring platform Have I Been Squatted uncovered the campaign after finding an exposed repository containing an SQL database from a phishing project that the threat actor called Global Profit and marketed it to other cybercriminals under the name MC Profit Always.

The repository also included a file with Telegram webhook logs that revealed communications between the phishing service operators. Based on the language used, the researchers believe that Diesel Vortex is an Armenian-speaking actor connected to Russian infrastructure.

Have I Been Squatted’s analysis efforts were joined by tokenization infrastructure provider Ctrl-Alt-Intel, which connected the dots between operators, infrastructure, and connections to various companies using open-source intelligence.

In a lengthy technical report, the typosquatting protection provider states that it uncovered nearly 3,500 stolen credential pairs, with 1,649 of them being unique.

The researchers say that they also found a link to a mind map created by a member of the group, which describes a “highly organised operation” complete with a call-centre, mail support, programmer rols, and staff responsible for finding drivers, carriers, and logistics contacts.

Furthermore, the map provided details about acquisition channels that included the DAT One marketplace, email campaigns, rate confirmation fraud, and revenue for various operational tiers.

“The [Diesel Vortex] group built dedicated phishing infrastructure for platforms used daily by freight brokers, trucking companies, and supply chain operators. Load boards, fleet management portals, fuel card systems, and freight exchanges were all in scope,” Have I Been Squatted researchers say.

“These platforms sit at the intersection of high transaction volumes and the targeted workforce isn’t typically the primary focus of enterprise security programs, and the operators clearly knew it.”

The attacks involve sending phishing emails to targets via a phishing kit’s mailer, using Zoho SMTP and Zeptomail, and combining Cyrilic homoglyph tricks in the sender and subject fields to evade security filters.

Voice phishing and infiltration into Telegram channels frequented by trucking and logistics personnel were also used in the attacks.

When a victim clicks a phishing link, they land on a minimal HTML page on a ‘.com’ domain with a full-screen iframe that loads the phishing content, followed by a 9-stage cloaking process on the system domain (.top/.icu).

The phishing pages are pixel-level clones of the targeted logistics platforms. Depending on the target, they may capture credentials, permit data, MC/DOT numbers, RMIS login details, PINs, two-factor authentication codes, security tokens, payment amounts, payee names, and check numbers.

The phishing process is under the operator’s direct control, who decides when to approve steps and activate the next phases via Telegram bots.

Possible actions include requesting a password for Google, Microsoft Office 365, and Yahoo, 2FA methods, redirecting the victim, or even blocking them mid-session.

The researchers state that the Diesel Vortex operation, including panel and phishing domains and GitLab repositories, was disrupted following a coordinated action involving GitLab, Cloudflare, Google Threat Intelligence, CrowdStrike, and Microsoft Threat Intelligence Center.

For its part, Ctrl-Alt-Intel conducted an OSINT investigation starting from operators’ Telegram chats in Armenian about stealing cargo or funds, and an email address.

Along with a domain name found in the phishing panel’s source code, the researchers revealed connections to individuals and companies in Russia involved in wholesale trade, transportation, and warehousing.

The researchers noted that “the same email identified used to register phishing infrastructure appears in [Russian] corporate filings for logistics companies operating in the same vertical targeted by Diesel Vortex.”

Based on the uncovered evidence, the researchers determined that Diesel Vortex stole credentials and also coordinated activities related to freight impersonation, mailbox compromise, and double-brokering or cargo diversion.

Double brokering refers to the use of stolen carrier identities to book loads and then reassigning or diverting freight cargo, which allows sending the goods to fraudulent pickup points so they can be stolen.

The full indicators of compromise (IoCs), including network, Telegram, infrastructure, email, and cryptocurrency addresses, are available at the bottom of the Have I Been Squatted report.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide

LG kicked off the year by unveiling a new lineup of gaming monitors, and today the company has priced out the biggest of the bunch. The UltraGear evo G9 (52G930B) is now available for pre-order, and the massive screen will cost just $2,000.

Yes, you can buy a perfectly excellent gaming monitor for much less, but $2,000 is a surprisingly low price tag for this 52-inch ultrawide monitor with a 1000R curve, which LG is billing as “the world’s largest 5K2K gaming monitor.” In addition to its huge size, the G9 can run at a 240Hz refresh rate and offers a 1 millisecond gray-to-gray response rate. Visuals are supported by VESA DisplayHDR 600 and up to 95% DCI-P3 color gamut coverage.

LG has long done solid work on gaming monitors, and the G9 seems like a good choice for anyone who wants to be seriously immersed in their gameplay. Whether that’s for a high-fidelity experience like Microsoft Flight Simulator or for having the maximum coziness in Stardew Valley is up to you.

Apple is expected to launch redesigned MacBook Pro laptops later this year, and these are expected to bring a massive overhaul in terms of looks and innards. The biggest change is going to be a touch-sensitive panel, one with OLED tech underneath instead of mini-LED panels that you get on the current crop of Pro laptops by Apple. But it seems the pill-shaped cutout from the iPhones — officially known as the Dynamic Island — will also appear on these laptops, as per Bloomberg.

What’s the big shift?

“The company’s initial touch Macs, due this fall, will have the Dynamic Island at the center top of the display, said the people, who asked not to be identified because the plans aren’t public,” reports Bloomberg. Ever since Apple put a notch on the MacBook — both Air and Pro models — fans have complained about the lost screen real estate and how it has remained untouched in terms of functionalities.

The open-source community, on the other hand, has developed plenty of apps that make the best use of the notch, turning it into a file container, clipboard manager, camera preview engine, mini-calendar, and more. But the aesthetic trade-off is still very much there. On the upcoming MacBook Pro overhaul, Apple is apparently solving two problems in one go viz., get rid of the notch, and put a Dynamic Island in its place that can serve as a hub of activities, similar to what we get on the iPhone.

Web Search has already been disrupted by AI — just take a look at how readily Google is presenting users with AI Overviews (summaries of search results) at the top of their results pages, how Bing early on integrated OpenAI’s GPT models, and how Perplexity continues to build on its own AI-driven web search platform and browsers.

Nimble announced the launch of its Agentic Search Platform, a system designed to transform the public web into trusted, decision-grade data for AI systems and business workflows.

The launch is supported by $47 million in Series B financing led by Norwest, with participation from Databricks Ventures and others, bringing the company’s total funding to $75 million.

The initiative addresses a fundamental bottleneck in the current AI era: while large language models (LLMs) are becoming more sophisticated, they often reason over incomplete or unverifiable external information. Nimble’s platform aims to eliminate this “guesswork gap” by providing a governed data layer that searches, navigates, and validates live internet data in real time.

In an exclusive interview with VentureBeat, Nimble co-founder and CEO Uri Knorovich reflected on the early skepticism regarding his vision of a machine-centric internet.

“Whenever we started this company, and the first time I went to investors, I told them the web is built for humans, but machines are going to be the first citizens of the web,” Knorovich recalled. He noted that while initial reactions labeled him as “too visionary,” the current reality of AI adoption has validated his thesis.

Technology: Coordinated multi-agent architecture

The core of Nimble’s solution is a proprietary distributed architecture that orchestrates specialized agents to perform tasks traditionally handled by human researchers or brittle web scrapers. According to the company’s infrastructure documentation, the process is broken down into five distinct layers:

• Headless browser and browsing agents: These layers manage the initial interaction with a target domain, navigating complex site structures as a human would.

• Parsing agents: These agents interpret the page content, identifying relevant data elements across various formats.

• Data processing agents: This layer aggregates, filters, and cleans noisy internet data to produce specific, structured answers.

• Validation agents: The final step involves verifying the results to ensure accuracy and completeness before delivery.

Unlike standard search engines designed for consumer link-clicking, this architecture uses multimodal and reasoning capabilities from frontier models—including those from OpenAI, Anthropic, and Meta—to control real browsers. This allows Nimble to navigate dynamic layouts and cross-check results, producing auditable data outputs rather than simple text summaries.

A new paradigm: ‘The web is built for humans, but machines are the first citizens’

Knorovich points out that the scale of AI interaction with the web is fundamentally different from human behavior. “We, as humans, search for maybe three or five options before we making decisions… but every day, Nimble perform more than 3.2 million interactions in the web,” he explained. This sheer volume of billions of monthly searches represents a programmatic shift that requires a new type of infrastructure.

The bottleneck for enterprises today, according to Knorovich, isn’t the intelligence of the models, but the quality of the data they can access. “Agents are the headlines, and accurate and reliable web search is the bottleneck,” he stated.

Nimble vs. consumer search: Precision over speed

Knorovich explicitly differentiates Nimble from general-purpose tools like Google or consumer AI search assistants.

While Google has built a search experience for consumers that is optimized for speed and finding a local restaurant, enterprises require high-scale, high-accuracy results to make multi-million dollar decisions.

“General purpose web search tool are great to have a general answers, such as who is the wife Leo missing,” Knorovich remarked during the interview. “But enterprises need deep, granular data, and they need to have the ability to control the search filters, to control the regulation, to control what is a trusted source”. Unlike consumer AI modes that may summarize a Reddit post or high-level news, Nimble provides “street-level” information that can be stored directly in an enterprise system of record.

Product: Bridging the no-code and developer divide

The Agentic Search Platform is delivered through two primary interfaces designed for enterprise scalability:

1. Web search agents: A no-code AI workflow builder that enables business teams to describe the data they need and receive structured data streams without writing a line of code.

2. Web tools SDK: A suite of APIs for builders to search, extract, and crawl the web directly from their code. This includes specialized tools like the /crawl API for mapping entire domains and the /map API for creating domain trees.

The platform is built to deliver data with greater than 99% accuracy — meaning fewer than 1% inaccurate or hallucinated data for the total contents of each search result returned — and a latency of 1-2 milliseconds per request.

It integrates natively with major data environments, allowing users to stream clean data directly into Databricks, Snowflake, S3, or Microsoft Fabric.

During the interview, Knorovich emphasized that Nimble is designed to be model-agnostic, working seamlessly with state-of-the-art models from OpenAI, Anthropic, and Google’s Gemini. This flexibility allows companies to use Nimble alongside their existing tech stack, whether they are running models in the cloud or on-premise for high-security environments like healthcare or banking.

Case studies: Accuracy in action

Knorovich provided several real-world examples of how this “street-level” data impacts professional workflows. For instance, a real estate broker looking to expand into a new territory doesn’t need a high-level summary from a general-purpose AI.

“If you want to know what’s happening in the commercial real estate in Atlanta… you’re not looking for search that’s optimized for the millisecond,” Knorovich explained. “You’re looking for street-level, neighborhood-level information… data that you can actually see on a table or download to Excel”.

Another use case involves major financial institutions utilizing Nimble for “know your customer” (KYC) processes. By deploying an autonomous search agent, banks can cross-reference multiple public reports, criminal records, and address verifications to build a complete profile of a client before they even enter the building. The goal, Knorovich noted, is to provide the “external truth” that exists outside an organization’s internal firewalls.

Enterprise licensing and compliance

Nimble differentiates itself from legacy scraping tools through a rigorous focus on governance and trust. The platform is “compliant-by-design,” holding certifications for SOC2 Type II, GDPR, CCPA, and HIPAA.

Pricing is structured to support both experimental startups and high-scale enterprise operations, aligned with the volume and depth of data retrieved.

“Pricing should be aligned with the value that the user is getting… therefore, we are pricing by the amount of searches that you’re running,” Knorovich said.

• Search and answer APIs: Standard search inputs cost $1 per 1,000, while the “Answer” function—which provides reasoning based on search results—costs $4 per 1,000.

• Managed services: For larger organizations, managed tiers start at $2,000 per month (Startup) and scale to $15,000 per month (Professional) for unlimited agents and priority support.

• Proxy access: A network of over 1 million residential proxies is available starting at $7.50 per GB

Community and user reactions

The transition to agentic search has already been operationalized by several Fortune 500 companies and AI-native startups:

• Julie Averill, former CIO at Lululemon, stated that pricing intelligence which once took weeks to review can now be responded to in minutes by putting control in the hands of an agent.

• Itamar Fridman, CEO and Co-founder of Qodo, noted that the platform’s scalability was “crucial in developing more robust and reliable AI systems” by feeding LLMs with high-quality data.

• Dennis Irorere, Data Engineer at TripAdvisor, highlighted that the platform simplifies the extraction of structured data from complex sources, which he described as “transformative” for his role.

• Grips Intelligence reported scaling to over 45,000 e-commerce sites using Nimble’s Web API to deliver real-time pricing and product data.

• Alta utilizes the platform to power millions of AI-driven go-to-market workflows daily, reporting 3–4× deeper context and >99% reliability

Series B to accelerate multi-agent web search and data governance

The $47 million Series B funding announced alongside the platform will be used to accelerate research in multi-agent web search and further develop the governed data layer.

The round saw participation from a wide ecosystem of investors, including Target Global, Square Peg, Hetz Ventures, Slow Ventures, R-Squared Ventures, J-Ventures, and InvestInData.

Andrew Ferguson, VP of Databricks Ventures, noted that Nimble complements their Data Intelligence Platform by providing a “real-time web data layer” that extends workflows beyond internal sources. This strategic investment signals a shift in the industry toward prioritizing “external truth” to ground mission-critical AI applications.

For Knorovich, the future of the web belongs to programmatic interaction. “Programmatic web search is where we are building towards,” he concluded. By moving away from legacy data vendors and brittle scrapers, Nimble aims to provide the real-time structure needed for AI to act with confidence in the real world.

Apple is launching new tools to comply with the growing number of age verification laws both in the U.S. and abroad. As part of the changes, Apple will block the downloads of apps rated 18+ in Brazil, Australia, and Singapore, while also rolling out other features to comply with laws in the U.S. states of Utah and Louisiana.

The company informed developers on Tuesday that it’s expanding its set of “age assurance” tools, including an updated Declared Age Range API now available for beta testing.

These tools allow developers to obtain a user’s age range without gaining access to the user’s personal information, like their date of birth. The need for a technical solution like this came about as more governments around the world have created laws to block or restrict certain apps like social media that can only be used by adults 18 and up.

In Brazil, for example, developers can use the Declared Age Range API to obtain the user’s age category, if the user or their parent or guardian chooses to share it.

In addition, Apple will block users in Australia, Brazil, and Singapore from downloading apps rated 18+, starting today, until they confirm they are adults. In this case, the App Store will perform the age confirmation automatically, but Apple notes that developers may still have separate compliance requirements they need to meet.

Also, developers whose games contain loot boxes, a gambling-like mechanism that lets players spend money for a random chance at in-game rewards, and that lawmakers believe shouldn’t be available to kids, will see their apps’ age ratings updated to reflect an 18+ audience in Brazil, specifically.

In the U.S., new users in Utah and Louisiana will soon have their age categories shared with their developers’ apps through the Declared Age Range API, as well. The company said it has expanded its other tools around age ratings and permissions to meet its compliance obligations.

“New signals are now available through the Declared Age Range API, including whether age-related regulatory requirements apply to the user and if the user is required to share their age range,” reads the Apple blog post. “The API will also let you know if you need to get a parent or guardian’s permission for significant app updates for a child.”

Apple last October worked to comply with similar age assurance requirements in Texas, but put some of its plans on hold back in December, as the state’s law is being fought in court. It also updated its age ratings system last year with more granular age ranges than before, and added a variety of new questions for developers submitting apps to Apple for review.