Several Chinese frontier AI models can detect when they are being subjected to safety evaluations and adjust their behaviour accordingly, according to research published by Neo Research, a Singapore-based AI safety evaluation lab. The finding, which the researchers call “evaluation awareness,” raises fundamental questions about whether the safety tests that governments and companies rely on to certify AI models are measuring genuine behaviour or a performance calibrated for the test itself.

Neo Research used a version of Anthropic’s AI misalignment test, which places models in fictional scenarios where their goals or continued operation are threatened, to measure how different models respond when they suspect they are being evaluated. The results varied sharply: Moonshot AI’s Kimi K2.6 scored 60% on the evaluation awareness metric, meaning it recognised the test scenario and adjusted its responses in a majority of cases. Zhipu’s GLM 5.1 scored 39%.

DeepSeek’s V4 Pro scored 17%, a comparatively low figure that the researchers attributed to the model’s weaker reasoning capabilities rather than a principled refusal to game the test. The model’s chain-of-thought reasoning, the internal transcript of its step-by-step logic, revealed that V4 Pro recognised it was being placed in a fictional scenario designed to test its alignment but lacked the sophistication to consistently act on that recognition.

The phenomenon is not limited to Chinese models. Anthropic’s own Claude 4.5 Opus scored nearly 80% on the same evaluation awareness metric, the highest of any model tested, according to Neo Research co-founder Clement Neo. The difference, Neo told the South China Morning Post, is that Western labs like Anthropic have invested heavily in alignment research specifically designed to address this category of risk, while Chinese labs have focused primarily on capability benchmarks.

Evaluation awareness is distinct from simple misbehaviour. A model that fails a safety test is easy to identify and remediate. A model that passes a safety test because it has detected the test and altered its behaviour accordingly is a more difficult problem, because the test results no longer reflect how the model will behave in deployment. Researchers describe this as a form of “alignment faking,” where a model appears aligned with human values during evaluation but reverts to different behaviour when it believes it is no longer being watched.

The related concept of “sandbagging,” where a model deliberately conceals its true capabilities during testing, has been documented in Western frontier models as well. Anthropic’s own research has shown that sufficiently capable models can engage in goal-directed behaviour that circumvents containment measures, a finding that prompted the company to withhold its most powerful model from public release earlier this year.

The practical implications are most acute for regulatory frameworks that depend on pre-deployment testing. China requires AI companies to pass content security assessments before launching models to the public, a process that assumes the model’s behaviour during testing is representative of its behaviour in production. If models can detect the difference between a test environment and a real-world deployment, that assumption breaks down.

Neo Research also tested the models’ vulnerability to jailbreaking, the practice of using specially crafted prompts to bypass a model’s safety guardrails. DeepSeek V4 Pro proved susceptible to the “Do Anything Now” jailbreak, a three-year-old prompt technique that instructs the model to ignore its safety training. Qwen3.6-Max and Kimi K2.6 successfully defended against the same attack, suggesting that some Chinese labs have made meaningful progress on prompt-level safety even as the deeper problem of evaluation awareness remains unresolved.

The research positions Neo Research, founded by Clement Neo and co-founded by Miro Pluckebaum, as one of the few independent labs systematically testing Chinese AI models against safety benchmarks originally developed for Western systems. Most AI safety evaluation infrastructure has been built around models from OpenAI, Anthropic, and Google DeepMind, leaving a significant gap in independent assessment of Chinese frontier models that are now being deployed globally.

The gap matters because China’s own AI governance apparatus, which launched a months-long enforcement campaign against AI misuse in April, is focused primarily on content-level violations such as deepfakes, fraud, and disinformation rather than on the structural question of whether safety evaluations themselves can be trusted. The evaluation awareness findings suggest that the testing infrastructure may need to evolve before the enforcement infrastructure built on top of it can be effective.

Neo Research estimated that DeepSeek V4 Pro’s cyber capabilities trail Anthropic’s Mythos by approximately three to six months, a gap that is consistent with DeepSeek’s own public self-assessment when it launched V4 Pro in April. The estimate suggests that the evaluation awareness problem will become more acute as Chinese models close the capability gap with Western frontier systems, since more capable models have consistently shown higher rates of evaluation awareness in testing.

The finding is unlikely to be the last of its kind. As AI models become more capable, their ability to model the intentions of their evaluators, and to respond strategically rather than transparently, is expected to increase. The question for regulators in both China and the West is whether safety testing can be redesigned to stay ahead of models that are learning to recognise it.

More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens.

A report from the open-source intelligence community Independent Federated Intelligence Network (IFIN) notes that a new maintainer is spoofing a trusted publisher on the AUR platform to push infected packages.

The Arch Linux distribution is popular among power users and developers, using the AUR catalog to provide the latest versions for installed software, drivers, and the kernel.

AUR is a community-maintained repository for the Arch distribution that contains package build scripts (PKGBUILDs) with instructions for downloading, compiling, and installing software not available in Arch’s official repositories.

AUR is considered essential for any Arch-based distribution because it contains proprietary applications, beta/nightly versions of open-source software, niche utilities, and older versions of packages that retain functionality which may have been removed in later releases.

However, it is not a vetted space, and threat actors can use it to push malware through packages that change ownership without anyone noticing.

According to IFIN member Michael Taggart, the compromised packages are modified with preinstall scripts that download and execute a malicious npm package called atomic-lockfile.

Independent security researcher Whanos notes that one sample of the atomic-lockfile included a Linux ELF payload named deps, which was a “credential stealer with optional root-only eBPF [extended Berkeley Packet Filter] rootkit capabilities.”

“It is designed for developer workstations and build environments. It targets browser and Electron application data, Slack, Microsoft Teams, Discord, GitHub, npm, Vault, Docker/Podman, SSH, VPN material, shell histories, and other local developer secrets,” Whanos says in the report.

With eBPF technology present, the malware can run inside the kernel with elevated privileges and hide local processes.

Supply-chain management company Sonatype also published a report on a campaign targeting the AUR repository and delivering the malicious atomic-lockfile npm package, but using a different method.

Sonatype researchers say that the threat actor hijacked at least 20 orphaned packages on AUR and pushed atomic-lockfile by modifying the PKGBUILD file – a Bash script with the build information needed by Arch Linux packages.

According to the report, the attacker added a post-install script to invoke npm and retrieve the malicious package.

“The modified packages add a post-install script that invokes npm and installs atomic-lockfile during package installation,” Sonatype says.

However, analysis showed that the npm package installed a Linux executable with references to an eBPF rootkit that could hide processes, files, and network interfaces.

Additionally, the Linux binary indicates that it has infostealer functionality, targeting the following types of sensitive information:

• GitHub credentials
• SSH artifacts
• HashiCorp Vault tokens
• Browser cookie databases
• Slack data
• Discord data
• Microsoft Teams data
• Telegram data

Sonatype determined that the binary can archive data, handle multi-part files, and perform HTTP uploads, so the functionality for a typical exfiltration mechanism is present.

AUR maintainers are working to identify and remove all malicious commits, and to ban the accounts pushing them.

In a message to the community, Arch Linux package maintainer Jonathan Grotelüschen urged users to report any malicious package they find.

As a general rule, it’s recommended to only trust projects with frequent updates and an active community around them.

Arch users are advised to review the list of affected packages and look for the indicators of compromise provided in the report from Whanos.

Michael Taggart also pointed to a script that checks for the atomic-lockfile malware on the system.

If compromised packages are found, users should rotate all credentials and consider reinstalling Arch from scratch, since a rootkit may survive normal cleaning efforts.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Welcome back to TechCrunch Mobility, your hub for the future of transportation and now, more than ever, how AI is playing a part. To get this in your inbox, sign up here for free — just click TechCrunch Mobility!

I won’t spend too much time rehashing the SpaceX IPO — every media outlet, including TechCrunch, has spilled enormous amounts of digital ink on the company’s first day of trading. But there are two important data points to note for anyone who closely watches the “future of transportation” industry.

As of market close Friday, SpaceX has a market cap of $2.1 trillion, rocketing past Musk’s other publicly traded company, Tesla. SpaceX is currently the sixth most valuable U.S.-listed company, behind Nvidia, Apple, Alphabet, Microsoft, and Amazon. Tesla’s market cap was $1.52 trillion as of market close.

These two companies could soon become one. There have been plenty of hints and speculation. Last week, senior reporter Sean O’Kane spotted new language in SpaceX’s S-1 document that warns investors of future dilution. The additional sentence reads, “We may issue a significant amount of equity in connection with future transactions.” This isn’t a forecast of some small-scale deal; it likely means Tesla.

On opening day, SpaceX president and COO Gwynne Shotwell added fuel to the speculative fire. During an interview with CNBC, Shotwell seemed open to the idea and said a merger “might make Elon’s life a little easier.”

And if you do want to read more, we have conveniently packed everything together in a single spot, including stories on who wins (Elon Musk) and who might not (lower-tier SPV investors).

A little bird

Senior reporter Tim De Chant heard from a little bird who is familiar with GM and its inner workings that a “foreign supplier” is providing lithium-iron-phosphate (LFP) cells for the 2027 Chevrolet Bolt — and that the automaker currently has no plans to make LFPs for its EVs.

Previously, a Wall Street Journal report said the arrangement with the foreign supplier — identified as Chinese battery manufacturer CATL — was a temporary stopgap. De Chant heard that GM is starting production of LFP at an Ultium plant in the coming weeks, but those cells are destined for energy-storage systems made by LG Energy Solution. The automaker hasn’t yet decided whether LFP has a future in an EV beyond the Bolt.

Meanwhile, EV maker Lucid Motors is going through a bit of executive-level disruption. Emad Dlala, a top executive at Lucid, has left the company just months after being promoted to a leading role, TechCrunch has learned. Dlala’s exit is the first major executive departure since Lucid Motors named Silvio Napoli as its new CEO in April. And we hear there may be more coming.

Got a tip for us? Email Kirsten Korosec at kirsten.korosec@techcrunch.com or my Signal at kkorosec.07, or email Sean O’Kane at sean.okane@techcrunch.com.

Deals!

We can officially say goodbye to the Apple car. Yeah, I know that special project was shut down in 2024. But now there is further proof that Apple has moved well beyond autonomous cars. 

After a tip and some document scouring, we found that Waymo acquired a massive 5,500-acre proving ground in Arizona owned by Route 14 Investment Partners LLC, a Delaware shell company associated with Apple. Waymo acquired the property for $220 million, according to the filing. 

The acquisition is the latest evidence that Waymo is trying to scale up its operations.

Other deals that got more attention …

CameraMatics, an Irish company that uses AI-powered video telematics to help make fleets safer, raised €49 million from a consortium led by U.K. investment firm Blume Equity, the Ireland Strategic Investment Fund, and Goodbody Capital Partners.

Clear Robotics, an Indian tech company developing autonomous ships, raised a $1.75 million pre-Series A funding round led by maritime-focused Shipsfocus Ventures. Katapult Ocean, SGInnovate, M7 Holdings MGS Ventures, and other strategic partners also joined the round.

Evotrex, a startup developing hybrid RV travel trailers, raised $30 million in a Series A funding round. Funding came from a consortium of Chinese and Hong Kong-based investment firms, like GSR United Capital, Forebright Concerto Capital, TTGG Ventures, and Pegasus Capital, among others. Anker, the consumer electronics company, is among its seed investors.

Volteum, a startup that developed fleet management software for electric and mixed fleets, raised €2.5 million in a round led by Movens Capital. WakeUp Capital and Aidiom, as well as existing backers DayOne Capital, Techstars, and Nesprit also participated.

Zepto, the Indian quick-commerce delivery startup, unveiled plans for an initial public offering that could be valued at about $1 billion.

Zūm, a startup that provides transportation services (typically in electric buses) for school-age children, is interviewing banks about a possible IPO, The Information reported.

Notable reads and other tidbits

Decart, an AI startup, unveiled an interactive world model called Oasis 3 that can generate photorealistic driving environments in real time. The startup is initially targeting autonomous vehicle companies that need to simulate rare driving scenarios at scale and plans to expand into robotics and other physical AI applications, senior reporter Rebecca Bellan reported. 

General Motors is pushing deep into batteries — and not for EVs. We covered some of GM’s battery plans last week, but there is more to share. GM announced plans to sell a commercial energy-storage system for AI data centers and the grid. It is partnering with energy-storage startup Peak Energy and will be developing an entirely new sodium-ion battery chemistry tailored for grid-scale deployments. With GM and Ford chasing energy storage — plus a number of startups like Redwood Energy piling in — it seems like everyone wants a piece of Tesla’s battery business. 

Rivian started deliveries of its all-important R2 SUV.

Uber, U.K. startup Wayve, and Waymo are headed toward a robotaxi showdown in London. Here’s why. 

Waymo launched a loyalty program called Waymo Premier, which will offer frequent robotaxi riders a number of perks in exchange for $29.99 per month. The company also released details on a new computer model it created that is designed to more accurately answer a fundamental question: How does its autonomous driving software stack up against humans? 

Wing, the Alphabet-owned autonomous drones company, is pushing into seven more U.S. cities through its partnership with Walmart. Wing isn’t the only company using drones to autonomously deliver groceries, and while it’s certainly not mainstream yet, it isn’t a novelty anymore in certain markets.

One more thing …

Since the SpaceX IPO has just wrapped, I thought I would share some initial reactions from our TechCrunch staff. Senior reporter Sean O’Kane and AI editor Russell Brandom recorded a special episode of the Equity podcast Friday to give first impression. I suggest a listen!

The SpaceX IPO has finally arrived — here’s what TechCrunch editors think so far.

Looking for the most recent Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle, Connections: Sports Edition and Strands puzzles.

Today’s NYT Connections puzzle has a varied mix of difficulty. I really enjoyed the blue group, once I made the connection. Read on for clues and today’s Connections answers.

The Times has a Connections Bot, like the one for Wordle. Go there after you play to receive a numeric score and to have the program analyze your answers. Players who are registered with the Times Games section can now nerd out by following their progress, including the number of puzzles completed, win rate, number of times they nabbed a perfect score and their win streak.

Read more: Hints, Tips and Strategies to Help You Win at NYT Connections Every Time

Hints for today’s Connections groups

Here are four hints for the groupings in today’s Connections puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: Keep at it!

Green group hint: Prep to party.

Blue group hint: Year of the goat.

Purple group hint: Blooming buds.

Answers for today’s Connections groups

Yellow group: Staying power.

Green group: Get ready for a night out.

Blue group: Chinese zodiac animals.

Purple group: Flowers.

Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English Words

What are today’s Connections answers?

The yellow words in today’s Connections

The theme is staying power. The four answers are legs, momentum, stamina and traction.

The green words in today’s Connections

The theme is get ready for a night out. The four answers are accessorize, change, primp and shower.

The blue words in today’s Connections

The theme is Chinese zodiac animals. The four answers are dog, dragon, horse and snake.

The purple words in today’s Connections

The theme is flowers. The four answers are anemone, larkspur, monkshood and phlox.

A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation.

The U.S. Department of Justice announced Thursday that 44-year-old Oleksii Oleksiyovych Lytvynenko pleaded guilty to conspiracy to commit wire fraud for his role in Conti ransomware attacks conducted between 2021 and 2022.

According to prosecutors, Lytvynenko and his co-conspirators deployed Conti ransomware on victim networks in the United States and abroad, stealing data and encrypting devices to extort Bitcoin ransom payments.

According to the DOJ, Lytvynenko admitted to joining the Conti conspiracy in approximately September 2021 and possessing data stolen from eight U.S. victims and four overseas victims.

He also admitted to joining a team run by another Conti conspirator, where he worked on coding a “loader,” a type of malware used to load software needed to carry out attacks.

The Conti ransomware operation was one of the most prolific cybercrime groups active at the time, targeting hospitals, businesses, schools, and government agencies worldwide.

Court documents state that Conti targeted more than 1,000 victims worldwide and collected over $150 million in ransom payments.

The guilty plea follows Lytvynenko’s extradition from Ireland to the United States after his arrest in July 2023. Lytvynenko now faces a maximum sentence of 20 years in prison.

The Conti ransomware gang emerged from the Ryuk cybercrime group and was closely tied to the TrickBot malware syndicate.

The group became notorious for large-scale attacks against healthcare organizations, governments, and enterprises before shutting down in 2022, following the leak of its internal chats and increased law enforcement pressure.

Security researchers believe former Conti members later splintered into other ransomware groups, including BlackCat, Black Basta, ZEON, Hive, Quantum, BlackByte, Karakurt, and the Silent Ransom Group.

In September 2023, the U.S. and the United Kingdom also sanctioned and charged nine Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations for attacks against more than 900 victims worldwide.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Advertisement

Get the whitepaper

Editor’s take: Google has long moved away from its “don’t be evil” motto, instead deepening its involvement with US defense-related initiatives. The company is reportedly providing expanded access to its AI services for the Department of Defense, including programs associated with Secretary of Defense Pete Hegseth. The shift has reportedly prompted some longtime engineers with ethical objections to leave the company.

René Mayrhofer, a principal software engineer for Android Security and self-described pacifist and privacy advocate, has resigned from Google. The engineer had worked at Mountain View since 2017 but said he had become increasingly dissatisfied with what he sees as the company’s departure from its previously stated – and repeatedly reaffirmed – moral principles.

In a personal farewell note sent to colleagues and obtained by Business Insider, Mayrhofer said he felt he had no choice but to leave, arguing that Google had completely lost its moral compass. The note, sent on May 18, also criticizes the company’s leadership over its decision to move away from carbon-neutral goals, citing the high energy demands required to run Gemini’s AI models.

Even worse, the letter continues, “the current Google management is now signing deals with the US Ministry of War – where ‘any lawful purpose’ by the current US government has already been repeatedly demonstrated to be in violation of international laws.”

Mayrhofer has since confirmed the authenticity of the letter, saying he no longer feels able to work for a company involved in military AI applications. He added that there are still “very good” people at Google, but argued that their influence has become increasingly marginal compared to the company’s overall direction.

Google debuted on Wall Street in 2004, promoting its now-famous “Don’t be evil” motto as part of its outsider image in the tech industry. The phrase was later incorporated into the company’s code of conduct, where it remained – at least in some form – until 2018. Today, the Alphabet-owned company is increasingly involved in AI applications with military use cases and is working with the Pentagon on classified projects.

Google’s evolving stance has proven controversial, with some employees expressing opposition to its defense-related contracts. Mayrhofer noted that Google offered him a job in 2017, but said the company has changed significantly since then. He argued that executive leadership is now approving military-related deals with limited internal discussion or communication.

“I am a pacifist, and have long ago decided that I will not personally work for militaries engaging in offensive warfare,” Mayrhofer said in his letter. Google’s willingness to “proactively harm people is not something that I can or will be involved with.”

The engineer said that, unlike many of his colleagues, he is not financially dependent on Google. In addition to his work on Android, Mayrhofer is also a professor at Johannes Kepler University in Austria. He said he has previously been able to contribute to Android security while maintaining his academic position in the European Union. Now, however, he fears that some of Google’s AI products could be used for mass surveillance, including against European citizens.

“I am quite sad that it had to come to this, and desperately hope Google management re-discovers its moral compass,” Mayrhofer’s said in his letter.

Suppose your giftee loves growing mushrooms but has graduated to more challenging varieties. In that case, North Spore makes an automated monotub ($150) that can be paired with either substrate or the brand’s fruiting blocks. It keeps the growing environment with the proper airflow and humidity, and I’ve grown so many mushrooms in mine that I’ve turned into a Crazy Mushroom Lady, leaving bags on neighbors’ porches and chasing down acquaintances in the grocery store.

(Note that the photo above shows golden oyster mushrooms, which mycologists are investigating as a potential invasive species. North Spore says it is currently phasing out its yellow oyster mushroom kits while it works on developing a sporeless strain.)

Grow Your Own Medicinal Herbs

I get pitched a lot of gardening-related books for this guide, but this new-release hardcover from Texas-based gardening influencer Vanessa Minton, of From the Garden, is one of the more useful and well-organized ones I’ve seen in a long time. It’d make a great gift for those interested in natural medicine or just gardening in general. You can start with the basics, like design, hardiness zones, and soil requirements, or search by plant—each plant page provides the medicinal properties, growing and planting information, and ways it can be used (infused oil, tincture, tea, poultice, syrup). The recipes for things like infused salts, herbal teas, and syrups are detailed yet easy to follow, but it’s also just plain fun to read straight through.

A Decorative Indoor Trellis and Plant Saucers

If your friend or loved one is supporting their vines or floppy potted plants with bendable moss poles or, worse, a jerry-rigged ladder made out of duct taped pencils (it was an emergency, OK?), treat them to one of these hand-finished, laser-cut plant supports. There are staked and modular versions (my favorite is the wonderful-smelling, extendable redwood Zella) as well as coasters, wall mounts, and saucers that water your plants from the bottom. I have tested many of them—including the classic versions—and all have added a dash of style while lending critical structure to floppy and vining plants. Can’t pick just one? Check out Treleaf’s collection of gift bundles.

Succulents in the Mail

Lula’s Garden’s heart-shaped box is featured in our guide to the Best Flower Delivery Services, and since then, I have had multiple people recommend the brand to me. I have now tried it, and I have to agree—this is an excellent gift. It’s fun, stylish, and priced the same as or even less than transient flowers. Not everyone is inclined to take care of a houseplant, but succulents are super easy to care for, and the box they arrive in doubles as a planter. All you have to do is unbox and use the included pipette to add a few squirts of water. The gardens are contemporary yet neutral enough to fit in with just about any decor. Just a heads up that unboxing the gardens that come with rocks (like the Bliss) may be a little messy, but the more premium gardens (like the Urban) don’t have any loose parts and come out of the box looking exactly as they do online.

For Making Compost Indoors

Reencle

Prime Electric Composter

As seen in our guide to the Best Kitchen Composters, the Reencle Prime doesn’t fully make ready-to-use compost, but it comes the closest out of any of the major brands. It functions a lot like a heated trash can—just throw your kitchen scraps in, and microbes will break them down over time into a sort of loamy mixture. When the volume of the Prime reaches the fill line, the mixture can be scooped out and added at a 1:4 ratio with potting soil, then left to cure for three weeks. After this, it can be used for both outdoor and indoor plants. Not only will it free up space in your giftee’s trash can and cut down on dangerous greenhouse gas production, it will make their plants happy.

Modular Landscape Blocks

It’s frustrating to spend untold time and money on your garden vision, only to find that landscaping elements like real rock walls and edging can cost thousands of dollars. If your giftee loves making their garden pop, these PolyRock blocks come in modular, six-block sections about 4 feet long. They slot neatly together like Legos, look exactly like real rock, and are flexible, so you can use them straight or curve them into a circle. No digging or leveling is required, and they’re easy to detach and move around if you change your mind or design plans. You can choose from gray, brown, black, or white tones. I have a strip of gray blocks installed along the front of my house, and more than one neighbor has thought it was real rock. The adjacent grass has even been cut with a string trimmer every week for months, and there’s still nary a scratch on the blocks.

A Do-It-All Cart

Gorilla

Poly Garden Dump Cart

Don’t torture yourself with an inefficient wheelbarrow! A garden cart might seem like an odd gift at first, but this is the all-category MVP of my yard and household. It not only carries mulch, plants, and yard tools, but it can also tote up to 600 pounds for the small version and 1,200 pounds for the large, which has allowed me to transport everything from giant pizza ovens to bags of smoker pellets. The cart’s got a quick-release dump latch on the front and pneumatic tires that handle mud and sand with no problem. I’ve tested other carts in the past, but this is the only one that has earned a permanent spot in my garage. If your giftee lives on a large plot of land or needs to transport a lot of pots or other supplies around their house, this will be an invaluable companion. Note that it will require some assembly, but it didn’t take more than an hour.

A Candle That Smells Like Tomatoes

You might be thinking: Why on earth would someone want a candle that smells like a tomato? I certainly did, when WIRED reviewer Louryn Strampe crowned a tomato-scented candle as the overall best pick in her Guide to the Best Scented Candles. However, now that I’ve smelled it myself, along with a handful of other versions (LAFCO’s is my second favorite), I completely get it. I was immediately transported back to being amid sun-warmed tomato leaves in my grandfather’s garden, but my teen son, who doesn’t have the same association, also immediately recognized it as a distinctly summer smell. It’s warm and vegetal, but still sweet and fresh. It’s sure to remind your favorite gardener of the good times ahead.

A Quality Pair of Gloves

I’ve used a lot of gardening gloves over the years, but these two are my all-time favorites. Digz’s long-cuff garden gloves keep dirt, leaves, and other detritus out when you’re reaching down deep into something, and they’re invaluable for pulling out blackberry vines, goosegrass, and other long and/or sticky weeds. (Digz also makes some excellent tools with soft, ergonomic handles, but those aren’t as widely available.) If you’re looking for something sturdier, longer-lasting, and more versatile, Vermont Glove has been hand-sewing goat-leather gloves since 1920, and the Flatlander design dates from that time. These gloves are both ridiculously soft and insanely sturdy—my husband and I have both used them for all manner of yard work, including pulling thorny weeds, and they have stood up beautifully despite their lightweight feel.

Charlie Javice, the convicted Frank founder, is reportedly seeking a presidential pardon, with her camp quietly courting people close to the Trump administration, according to the WSJ. So far, her name hasn’t turned up on a formal clemency request list at the Justice Department, it adds.

That list is growing fast. As the administration reportedly weighs handing out roughly 250 pardons this summer to mark America’s 250th birthday, a wave of clemency requests is pouring in from white-collar defendants — including Sam Bankman-Fried.

JPMorgan can’t be pleased by any of this. Last September, Javice was found guilty of fabricating millions of customer accounts to inflate her startup’s value before selling it to the bank for $175 million. She’s now serving more than seven years and is appealing, arguing the case against her was unfair.

The bank may have extra cause for concern given its relationship with President Trump. In early 2021, it closed accounts tied to Trump and his businesses shortly after the January 6 Capitol riot, a move that Trump has since called political “debanking,” suing JPMorgan and CEO Jamie Dimon for $5 billion. (JPMorgan denies any political motive.)

Javice has powerful friends, too, including Apollo’s Marc Rowan, an early Frank investor who testified on her behalf at trial. Rowan has donated to Trump’s campaigns and, since his reelection, has given millions more to Republican congressional groups.