Most singles looking for love aren’t interested in building a romantic connection with an AI chatbot. 

A new study from Match Group, the dating company behind popular dating apps like Tinder and Hinge, found that nearly half (47%) of the roughly 1,000 people ages 18-39 it surveyed “view AI in romantic contexts negatively.” And it’s a hard pass for most singles if you’re interested in AI companion apps, like Kindroid and Replika. Two in five singles aged 18 to 39 refuse to date someone who uses these apps, including over half (51%) of women aged 18 to 24, according to Match Group’s findings.

Finding love with AI can be tricky, whether you’re using AI to keep you from saying the wrong thing to a new connection, spruce up your dating profile or act as your soulmate to help you practice for the big moment (which we don’t advise, more on which below).

Despite all the ways you can use AI on the dating scene, singles have some serious concerns. Most singles in the survey said they use AI for everyday productivity tasks, but when it comes to dating, the bots can’t tag along for the ride. Most want purely human connections. 

Most singles don’t want someone interested in an AI companion

AI is creeping into personal relationships more than in the past. Imagine going to ChatGPT to decide who is right in an argument with your spouse. Or even dating a bot. It’s not far-fetched when there are AI apps that resemble personal relationships. Some even have avatars. 

The Match Group survey found that dating an AI bot is a no-go for singles — 4 to 1 opposed. The survey found that only 12% of singles have tried companion apps in the past three months — mainly to try something new, not as a substitute for finding love. Most used them for boredom and entertainment (45%), and roleplay and simulation (43%). Fewer used AI to build a genuine connection (38%) or process emotions (26%). 

Instead of relying on bots, singles are getting advice from friends and family (60% respectively), whereas only 20% are using AI. That’s not surprising, considering a study published in March in the journal Science found AI is more likely to agree with you and less likely to help with things like repairing relationships. The study shows you may depend on AI more instead. 

Michael Salas, a relationship therapist, agrees that seeking advice from family and friends rather than AI is a better move. Salas tested using AI on a complicated situation he was having with a friend, and the bot’s response may surprise you. 

“It told me this friend clearly didn’t care about me. Verbatim, it told me this,” says Salas. “This wasn’t something I was even questioning, and I know it was wrong. When I told it that, it immediately course-corrected, told me I was right, and shifted to a new framework. That’s not wisdom.” 

Salas advises being careful when using AI in dating. “I think you really have to be careful because it will take liberties and give advice that is incorrect or unwarranted. Save that for actual people who know you. Ask them instead.” Instead, Salas recommends using AI for editing and generating ideas, like ways to show someone you care — not as a substitute for humans. 

Using AI for dating has limitations

Match found that most (74%) singles ages 18 to 39 use AI tools, such as ChatGPT, regularly. And 69% use AI for productivity tasks like summaries, problem solving and writing content. Most find their use of AI positive across several use cases. But not when it comes to finding love. 

There are some exceptions. Over half (64%) can see AI helping them find love, like helping keep a conversation going and building a stronger profile (27%), starting a conversation (26%) and planning a date (27%). Some AI features already lean toward those preferences, like Tinder’s AI-powered matching to get connection suggestions based on your interests and camera roll (if you allow it). And there are date-planning apps, like the Date Idea Generator and My Spicy Vanilla. And Hinge debuted Convo Starters to ease the pressure of sending the first message. 

It all still boils down to how comfortable singles feel about using AI to help with matchmaking. Based on Match Group’s survey findings, the percentage using AI assistance remains below half across many use cases, making it clear that most people don’t want bots meddling in their love lives. 

It’ll be interesting to see how Match Group alters or creates AI features for its dating apps in the future based on these findings and how singles respond. Match Group didn’t immediately respond to a request for further comment. 

Security researchers have published a new unpatchable SecureROM exploit for Apple’s A12 and A13 chips, extending public BootROM exploitation beyond the devices affected by checkm8.

Security firm Paradigm Shift disclosed the unpatched exploit, called usbliter8, on June 18. It achieves code execution through a flaw in Apple’s USB boot process.

The vulnerability affects devices powered by Apple’s A12 and A13 chips, including the iPhone XS, iPhone XS Max, iPhone XR, and iPhone 11 lineup. Several iPad models and Apple Watch devices powered by S4 and S5 chips are affected as well.

• 11-inch iPad Pro (1st generation)
• 11-inch iPad Pro (2nd generation)
• 12.9-inch iPad Pro (3rd generation)
• 12.9-inch iPad Pro (4th generation)
• Apple Watch SE (1st generation)
• Apple Watch Series 4
• Apple Watch Series 5
• iPad (9th generation)
• iPad (8th generation)
• iPad Air (3rd generation)
• iPad mini (5th generation)
• iPhone 11
• iPhone 11 Pro
• iPhone 11 Pro Max
• iPhone SE (2nd generation)
• iPhone XR
• iPhone XS
• iPhone XS Max

While the issue focused on devices like iPhones, iPads, and Apple Watches with DFU mode the Studio Display, HomePod mini, and second-generation Apple TV 4K are technically also using these vulnerable chipsets. There’s also mention that A12X and A12Z could have technical support for this issue, but isn’t implemented, so those 2018 and 2019 iPad Pro models could also be included here.

Usbliter8 combines a hardware flaw in a USB controller with the way security protections are configured on affected devices. The attack works through Device Firmware Update mode, better known as DFU mode.

Successful exploitation gives researchers control before iOS even starts loading. The exploit also enables boot-chain compromise and custom USB request handling.

The exploit can boot modified iPhone software that wouldn’t normally be allowed to run. Paradigm Shift’s reporting is serious because the vulnerability exists in SecureROM, the first code that runs when an iPhone starts up.

SecureROM verifies Apple’s software before the rest of the operating system loads and serves as the foundation of the device’s security model. Apple can patch flaws in iOS, iPadOS, and watchOS through software updates.

A proper Setup transaction consists of two packets sent by the host. Image credit: Paradigm Shift

The code is built into the chip itself and can’t be replaced after manufacturing. Affected devices will remain vulnerable unless users replace them with newer hardware.

Usbliter8 doesn’t affect A14 chips or newer generations because later versions of SecureROM appear to configure hardware protections differently. A11-based devices also avoided the vulnerability because their USB driver resets memory addresses in a way that prevents the attack.

Why the exploit matters

Apple’s security architecture checks each stage of the startup process before handing control to the next one. A successful SecureROM exploit can bypass some of those checks and gain access at the earliest stage of device startup.

SecureROM code can’t be updated after manufacturing, so access gained through usbliter8 can survive software updates, device restores, and firmware revisions. Persistent access at the SecureROM level separates usbliter8 from a typical software vulnerability.

The exploit doesn’t give attackers unrestricted access to user data. Apple’s Secure Enclave Processor remains separate from the vulnerability and provides an additional security boundary.

The correct register values overwrite the ones the researchers corrupted. Image credit: Paradigm Shift

Usbliter8 doesn’t directly compromise the Secure Enclave. The exploit could still expand the range of attacks available against other parts of Apple’s platform.

The exploit also faces practical limitations. Researchers must have physical access to a device and use USB connectivity and DFU mode to carry out the attack.

A new chapter after checkm8

The disclosure draws comparisons to checkm8, the SecureROM exploit that affected Apple devices powered by A5 through A11 chips. Checkm8 became one of the most influential iPhone exploits because it targeted immutable BootROM code and can’t be patched through software updates.

Like checkm8, usbliter8 targets the earliest stages of Apple’s boot process. The exploit also can’t be fully fixed through software updates.

Apple hasn’t faced a public BootROM exploit affecting A12 and A13 devices since checkm8 targeted earlier hardware generations. Usbliter8 changes that with a working exploit for both chip families.

Much of the technical paper focuses on techniques used to bypass security protections on newer Apple hardware. Those efforts ultimately led to successful code execution on supported devices.

Public SecureROM exploits affecting A12 and A13 devices have been rare, making usbliter8 a notable addition to Apple’s security history.

Paradigm Shift disclosed the findings to Apple Product Security before publication and coordinated the release with Apple. Apple hadn’t publicly commented on the research at the time of publication.

How to stay safe

The practical risk from usbliter8 remains limited because the exploit requires physical access to a device and the use of DFU mode over USB. Most users are unlikely to encounter that threat model during normal use.

Installing security updates, using a strong passcode, and avoiding unattended devices won’t patch the SecureROM vulnerability. The measures can still make it harder for an attacker to gain the physical access required to exploit usbliter8.

Users concerned about long-term exposure can reduce their risk by upgrading to hardware powered by Apple’s A14 chip or newer. The exploit described in the research does not affect those devices.

Some of the SpaceX investors on Kahlon’s ledger are easy to identify: the Indian politician Abhishek Singhvi; Betsy DeVos, the former US secretary of education; a British Virgin Islands company owned by Indonesian billionaires. But others on the list are shell companies whose ultimate owners remain hidden.

One such company is a Delaware LLC called HAL9001 Partners Fund I, which invested roughly $10 million in a SpaceX fund in 2020. The incorporation documents for HAL9001 were signed by the venture capitalist Roman Sobachevskiy. The Treasury Department recently fined a company that was co-owned by Sobachevskiy hundreds of millions of dollars for managing a different investment on behalf of a sanctioned Russian oligarch. Sobachevskiy has not been personally accused of wrongdoing.

A Tomales Bay Capital spokesperson said that the oligarch “had no involvement with the investment.” Sobachevskiy did not respond to questions, including who put up the money for the SpaceX investment.

The records also shed some light on the connections between SpaceX and Qatar. Funds affiliated with Bracket Capital—an investment firm with offices in Los Angeles, London, and Qatar—invested about $48 million through a series of deals from 2017 through 2020, the documents show. Bracket has money from the Qatari royal family, according to an email that Kahlon sent to SpaceX’s CFO. The ledger also lists Doha, Qatar, as the address for a mysterious entity called AM FIG Cayman Limited, which invested around $10 million in 2020.

The documents do not specify whether the Bracket investments were made on behalf of the royal family or some other client. In 2021, as Kahlon was soliciting backers for yet another SpaceX deal, he texted a Bracket employee: “At the end we can just send Yalda to talk to big guy. We need a bail out lol.” (Yalda Aoukar is Bracket’s co-founder. It’s unclear whether the “big guy” refers to a member of the royal family and what Kahlon meant by “a bail out.”)

Bracket did not respond to requests for comment.

The investments covered in the ledger were tiny percentages of SpaceX but would have generated windfalls. The company’s valuation has exploded in recent years, from $33.3 billion in 2019 to $2.7 trillion as of Wednesday morning.

Last year, ProPublica reported on SpaceX’s unusual approach to accepting money from Chinese investors. According to testimony from the Delaware case, the company allowed Chinese investors to buy stakes in SpaceX so long as the money was routed through the Cayman Islands or other offshore secrecy hubs.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for The Big Story newsletter to receive stories like this one in your inbox.

Security firm Sentinel One has a deeper dive into CVE-2025-20701 here.

Heinze and Steinmetz said last year that the full chain of attacks gave attackers the ability to do other malicious things, including retrieving call history and contacts, and even calling arbitrary numbers. Many of those capabilities are dependent on the specific devices being paired, since the functionality built into them differs from platform to platform.

Devices affected by the Airoha vulnerabilities are by no means alone. In January, researchers disclosed WhisperPair, a series of vulnerabilities that allows an attacker to hijack Bluetooth devices connected through Google Fast Pair, a proprietary protocol belonging to the company. Besides eavesdropping, attackers can exploit the WhisperPair flaws to geolocate devices. The vulnerabilities affect more than a dozen devices from 10 manufacturers, including Sony, Nothing, JBL, OnePlus, and Google itself.

There are few, if any, reports of Bluetooth vulnerabilities like these being actively exploited in the wild. The complexity of such attacks is often high, and an attacker has to continually stay within Bluetooth range of a target while utilizing the exploit. People who think they may be targeted by such attacks should turn off Bluetooth in devices whenever they’re not needed, and remain aware of the risks when Bluetooth is enabled.

If you live long enough, you’ll wake up one day and find that you’re living in a world you no longer understand. Lately there are things happening with AI in a couple of disparate parts of Amazon that brought that lesson home in a big way.

The first is that, late last year, they acquired Bee, an AI wearable that is distressingly, upsettingly good. The second, which I want to talk about today as I fly back from AWS’s NYC Summit, is Quick Desktop. The best way to describe this is “Enterprise OpenClaw in a polished app.”

Yes, I know this sounds like I’m being blackmailed. Read on.

You work at Amazon, right?

Amazon has spent the last three years breathlessly telling us that they’re a leader in AI, then shipping products which make it clear that they’re unsure what leadership looks like. They’ve spent far longer building user interfaces that carry a design aesthetic of “complete crap.” Even Amazon’s website, where you buy everything from underpants to chainsaws to dog food to more underpants, is not a well-designed interface; we’ve all just learned to live with it.

The single good interface to come from Bezos and Coo was the Kindle e-reader: push a button, the page turns. And then they removed the buttons. So yes; “We’re launching a desktop AI assistant” is the exact opposite of encouraging coming from these folks.

It started like you’d expect. You pop over to the download page and grab the download. On a Mac it’s half a gigabyte because of course it is; this is totally normal and fine in 2026. Install it, fire it up, and … wait a bit. It has to think, and gather its wherewithal before it can get to work.

And then the hits start coming.

I had talked to people who have used this and raved about it. The problem here is that all of these people work at Amazon, and the current state of the product reflects that. They have a single identity provider they use internally; external users see a confusing array of offerings, each with its own byzantine flows. The feeling is not dissimilar to waking up in the middle of a hedge maze, with no idea how you got there, and discovering that someone just set it on fire.

At one point during my time using Quick Desktop, I was logged out and had to log back in. After guessing seven different identity providers, I gave up and emailed the service team for help with this. After some back and forth, I was able to get back in. (GitHub! Future Corey, if you find yourself in this situation, you authenticated via GitHub!) It’s clear that the people building this service aren’t living the external user experience. It’s why I maintain that Amazon’s internal AWS account management tool is the service that I hate the most; it separates the people building AWS from the customers using it.

At the moment, other similar challenges show up. You’d never have more than one email account from the same provider, right? (Google Workspace in my case, provided it hasn’t been deprecated by the time this article goes to print.) You’d never have business conversations via iMessage, or Signal, or LinkedIn DMs, or any number of other services, right?

The point isn’t the snark; it’s that Quick Desktop only knows about the channels its connectors deign to support. Every deal I’ve ever closed in a LinkedIn DM, every favor traded over Signal, every “hey, quick question” that arrived via iMessage is simply invisible to it — but it makes its confident little suggestions anyway, blissfully unaware that a good chunk of my professional life happens in places it can’t see. Here’s a free hint to the product team: do you think I mentioned the Bee in the opening of this article because I’m making a fashion statement?

And then it starts to work…

Once you prove yourself worthy by getting Quick Desktop set up, it … sits there without doing much. It has a chatbot interface, which surely you’ve never seen before in an app, backed by a personality I’ll call “Uninspiring Accountant.” What was the point?

And then things start to happen.

Your activity feed starts surfacing things from your email. From Slack. From your calendar. I don’t know about the rest of you, but my email inbox is where tasks and hope go to die.

Slowly but surely, Quick Desktop starts making suggestions, surfacing things that you should handle, proposing email drafts (ugh, in such a bland corporate voice; I hope this email finds you before I do), and giving you quick links to the various apps where these things live so you can see the context it’s surfacing.

I went in skeptical, partly because I’d already cobbled together a janky version of this for myself by pointing Claude Code at a pile of APIs, so I had a decent sense of what these things miss.

And that’s when I became a Quick Desktop convert: it flagged an email buried forty messages deep in my inbox that I’d mentally filed under “dealt with” – but very much was not. My own inbox had given up on me like everyone who’s ever tried to love me, but Quick Desktop hadn’t.

This is an Amazon product, and it’s pretty clear that they expect you to work with Quick Desktop the way they reportedly work with their own employees: by beating them into compliance. Their own custom connectors and (lack of) extensibility system make it pretty clear that there’s a corporate IT department somewhere that’s configuring and getting this set up for folks. I freely admit that’s not my use case; I’m testing this by myself, not sharing it with my colleagues.

But the product is improving. Today, it doesn’t really sync data or state between multiple machines; we’re still waiting for Amazon to discover this whole “cloud” thing. That’s almost certainly going to change in the near future.

Along with the just-announced AWS Context approach, once you have a team of people using it, the shared knowledge graph it can build about your entire organization promises to be a significant boon.

The part where I trust Amazon

That same knowledge graph is also a massive security treasure trove: every deal, every org-chart grudge, every “please don’t forward this,” every “how do I do the basic functions of my job” chat sessions, lives in one queryable place. Handing that to a vendor terrifies me. It should terrify you. And yet Amazon is one of a vanishingly small number of companies I’d trust with it.

I want to acknowledge how strange it is that I just wrote that. I have spent a decade as a professional thorn in this company’s side. I have a financial incentive, a personal brand, and frankly a temperament that all point toward not trusting AWS with so much as my lunch order. But credit where it’s due: whatever else they get wrong, Amazon takes security and data privacy deadly seriously, and they have the scars and the org structure to prove it. I have lived through this multiple times, and I’ve seen what AWS does when security competes with other pressures. The list of companies I’d let build a map this detailed of my business is damn short, and most of the names on it are not the ones building these products.

They have the security chops, but they have a completely different massive marketing problem. How do you get customers to try this out when you’ve incinerated your credibility in this space like it’s your engineering team’s token budget? “For once we have a product that is not shite,” while honest, is probably going to be tricky to get through AWS corporate comms.

Would I use it myself? I am

Reader, I pay cash money for this.

Everything I’ve said above about its sharp edges are true, and I’ve barely gotten started. I have three pages, ten slides, and one interpretive dance full of “here’s why the product sucks” feedback I’ll be giving to their product team, who are going to be astounded when I bust into their office uninvited. But I’m not throwing stones from the sidelines on this: “I am a paying customer, and I want this thing I pay you for to be better than it is, so you will listen to every goddamned word I have to say” is a powerful message, and one that’s particularly resonant to Amazonians.

I can see a world in which I roll this out to the rest of the company. My Claude Code contraption is interesting and in some ways more capable, but it scales precisely as far as “grumpy former sysadmin with a penchant for the CLI” and not one inch further. Our team would justifiably revolt if I tried to inflict it upon them. The hell of it is, the only thing that Amazon has to do to get Quick Desktop to beat my Frankenstein setup is “let Quick configure itself.” Yes, there are problems with that approach; I leave them to Amazon to sort through.

And so… I don’t entirely know what to do with myself in a world where suddenly Amazon is shipping desirable AI products that I’m happy to pay for. First the Bee wearable and now this. That’s two data points, and for a company whose AI track record reads like a list of things to apologize for, two data points is alarmingly close to a trend. Their biggest problem is going to lie in outrunning their own shadow, and changing their own nature. I used to be confident they couldn’t. I’m less confident now, and I’m not sure how I feel about that. ®

A hot potato: A security researcher has discovered serious vulnerabilities in Frontier Airlines’ booking system. Using just two pieces of information printed on every boarding pass – a booking code and a last name – anyone can pull full passport numbers, home addresses, TSA PreCheck codes, and nearly complete credit card details from the airline’s API. The vulnerabilities have been known for over three months.

If you’ve ever flown Frontier Airlines and your boarding pass ended up in a photo, a trash can, or a social media post, your personal data may be accessible to anyone right now.

A security researcher going by BobDaHacker published a detailed disclosure this week revealing that Frontier’s mobile API and booking management pages expose the full personal records of every passenger on a reservation to anyone armed with a booking code and a last name.

Both are printed on every boarding pass, and both are encoded in the barcode. The researcher first reported the issues to Frontier on March 3. It is now June 18, 105 days later, and the critical vulnerabilities remain live.

The attack is straightforward. Frontier’s mobile API endpoint accepts a six-character PNR (Passenger Name Record) and a last name, and returns a full internal booking object that includes, for every passenger on the reservation:

• Full home address (street, city, state, ZIP)
• Email address and phone number
• Full date of birth, including for minors
• Complete, unmasked passport number, issuing country, and expiration date
• Known Traveler Number (TSA PreCheck identifier)
• Frontier Miles loyalty number
• Credit card BIN (first 6 digits), last 4 digits, expiration date, cardholder name, and full billing address
• Payment history with authorization codes
• The credit card math

The payment exposure is more serious than it sounds. BobDaHacker explains that the BIN (the first six digits of a card number) combined with the last four digits already visible leaves only five digits unknown. The 16th digit is a deterministic Luhn check digit, calculable from the other 15. That means approximately 100,000 possible combinations for the remaining middle digits – trivially iterable in a script.

With the cardholder’s name, expiration date, and full billing address (which satisfies AVS verification for card-not-present transactions) also exposed, the CVV becomes the sole remaining security control.

Beyond the mobile API, BobDaHacker found that Frontier’s website leaks data through its own “Manage My Booking” pages. The Passengers/Edit page, reachable with the same PNR and last name, displays full passport numbers, dates of birth, and KTNs, and also embeds them in a server-rendered JSON blob in the page source.

When Frontier attempted to fix an earlier email leak on the Manage My Booking page, it introduced two new leaks – one of which also exposed phone numbers.

There was also a fourth vulnerability: an endpoint that returned booking data from a PNR alone, with no last name required. That one Frontier did fix. The company also sent the researcher a model airplane. The rest remains unpatched.

A former Frontier employee who reached out after BobDaHacker’s post went live offered some context for why the codebase might be in this state. “IBE was already considered a legacy codebase,” he wrote, referring to the booking system visible in the researcher’s screenshots. “We were talking about sunsetting it and replacing it with a cleaner, more modern solution. IBE was a mess of generated config and code that only one person was senior enough to touch. Everyone else basically danced around it.” The employee added that the security incident came as no surprise given the workplace culture they’d experienced.

BobDaHacker followed standard responsible disclosure throughout, with an initial report on March 3, multiple follow-ups, and a formal 30-day deadline set for June 12 that Frontier let pass without response. As of writing, Frontier has not issued a public statement.

Plaintiffs claim the company overstated the capabilities of the R1T and R1S.

ai + ml

The underlying technology is real…and borrowed from a partner the company failed to mention

A San Francisco startup best known for its AI-generation software is making a bizarre leap into medical imaging, and trying to says it hopes draw curiosity-seekers into its new spa to get scanned.

On Wednesday, Midjourney announced the establishment of Midjourney Medical, which it admitted was a bit out of left field. To promote the tech, it claims to be opening a spa in San Francisco where guests will be able to step “into a shallow pool of golden light,” before being lowered into a tank where ultrasound sensors bombard their bodies in order to take a scan that AI pieces together into MRI-like images. This sounds like the plot of a cheap sci-fi movie, but there is some real science behind it. 

“As you descend into the water, hundreds of thousands of tiny elements take turns, sending out waves, listening together, compressing and then streaming data to a massive cluster where thousands of computers split the task,” Midjourney explained in the announcement. “By looking at how the shapes of all the waves change, we reconstruct a detailed map or ‘image’ which basically lets us figure out what’s in there.” 

That “basically” isn’t exactly reassuring when Midjourney says it wants to have 50,000 or more of the things deployed around the world by 2031 “with a total scanning capacity of a billion scans a month” for use as a preventative health tool. It’s not clear how fast the process is with the prototype unit, but Midjourney said its goal is for the whole thing to take around a minute. 

“We think it’s completely possible that with enough early imaging in the future, the world could avoid 30% of all deaths and 50% of all healthcare costs,” the company added. 

According to a “technical” video included in the announcement, there’s a ring of 40 scanners included in the prototype unit the company has built. That ring of 40 elements contains 358,000 ultrasonic elements made up of tiny transducers that create ultrasound waves in water while listening for how they change when they slap the body of whoever is in Midjourney’s dunk tank up to a thousand times a second. 

The Midjourney Scanner, as the company has named it, can capture tissue details up to half a millimeter, which is on par with standard clinical MRIs, but pales in comparison to the resolution of more advanced designs.

Oh, did we not mention our partner?

Midjourney said its scanner is the first of its kind ever constructed, but the technical video says it relies on Fullbody Ultrasound Computational Tomography (FUCT, or USCT, as the industry has taken to calling it to avoid the more questionable acronym). That’s not new. Fast, full-body ultrasound scanning that requires patients to be submerged in a water tank has been an active project at Caltech based on a research paper from earlier this year. 

Same goes for the sensors Midjourney is including in its scanner. You wouldn’t know that from reading the announcement, which makes it seem like this was a project entirely of Midjourney’s own AI fever dreams, but ultrasound tech firm Butterfly Network was compelled to issue its own press release “following Midjourney’s public announcement” in order to “provide commentary” on the AI outfit’s new venture. 

Butterfly confirmed in its release that it provided the 40 ultrasound imaging modules for the Midjourney Scanner. The hardware was “licensed under a co-development agreement between the two companies,” according to Butterfly. According to a 2025 SEC filing, Butterfly expects to rake in $74 million over five years for providing the hardware. 

There’s some irony in Midjourney’s failure to mention its partner: The company has faced lawsuits claiming it used copyrighted works without permission to train its AI image generation model.

We reached out to both companies to learn more. Midjourney didn’t respond, and Butterfly declined to add anything beyond what was in its press release.  

Midjourney said that it’s planning to open its first ultrasound scanner spa at the end of 2027, but it has another hurdle to jump: FDA approval. Beyond improving its tech so that the second-generation scanner is ready for its 2027 spa date, “regulation is the next limit,” the company said. 

“Normally, for every diagnostic medical capability you need FDA approval,” Midjourney explained. “We’re starting by just giving you detailed body composition maps — and we’ll be submitting regular test results to the FDA for increased capabilities.”

Midjourney also fails to mention how it will store and secure those scans, whether it will use said scans to train its body composition-detection algorithms, and how it’s ensuring those algorithms get things right that it usually take a human a few years of education and training to learn. ®