Tom Burick has always considered himself a builder. Over the years he’s designed robots, constructed a vintage teardrop trailer, and most recently, led a group of students in building a full-scale replica of a pivotal 1940s computer.
Burick is a technology instructor at PS Academy in Gilbert, Ariz., a middle and high school for students with autism and other specialized learning needs. At the start of the 2025–26 school year, he began a project with his students to build a full-scale replica of the Electronic Numerical Integrator and Computer, or ENIAC, for the 80th anniversary of the historic computer’s construction. ENIAC was one of the world’s first programmable electronic computers. When it was built, it was about one thousand times as fast as other machines.
Before becoming a teacher, Burick owned a robotics company for a decade in the 2000s. But when a financial downturn forced him to close the business, he turned to teaching. “I had so many amazing people help me when I was young [who] really gave me their time and resources, and really changed the trajectory of my life,” Burick says. “I thought I need to pay that forward.”
As a young child in Latrobe, Pa., Burick watched the television show Lost in Space, which includes a robot character who protects the family. “He was the young boy’s best friend, and I was so captivated by that. I remember thinking to myself, I want that in my life. And that started that lifelong love affair with robotics and technology.”
He started building toy robots out of anything he could find, and in junior high school, he began adding electronics. “By early high school, I was building full-fledged autonomous, microprocessor-controlled machines,” he says. At age 15, he built a 150-pound steel firefighting robot, for which he won awards from IEEE and other organizations.
Burick kept building robots and reached out for help from local colleges and universities. He first got in touch with a student at Carnegie Mellon University, who invited him to visit campus. “My parents drove me down the next weekend, and he gave me a tour of the robotics lab. I was mesmerized. He sent me home with college textbooks and piles of metal and gears and wires,” Burick says. He would read the textbook a page at a time, reading it again and again until he felt he had an understanding of it. Then, to help fill gaps in his understanding, he got in touch with a robotics instructor at Saint Vincent College, in his hometown of Latrobe, who let him sit in on classes. Each of these adults, he says, “helped change the trajectory of my life.”
Toward the end of high school, Burick realized that college wouldn’t be the right environment for him. “I was drawn to real-world problem-solving rather than structured coursework and I chose to continue along that path,” he says. Additionally, Burick has dyscalculia, which makes traditional mathematics more challenging for him. “It pushed me to develop alternative methods of engineering.”
The ENIAC replica Burick’s students built precisely matches what the original computer would have looked like before it was disassembled in the 1950s. Robert Gamboa
When he graduated, he worked in several tech jobs before starting his own company. In 2000, he opened a computer retail store and adjacent robotics business, White Box Robotics. The idea for the company came when Burick was building a “white box” PC from standard, off-the-shelf components, and realized there was no comparable product for robotics.
So, he started developing a modular, general-purpose platform that applied white box PC standards to mobile robots. “The robot’s chassis was like a box of Legos,” he says. You could click together two torsos to double its payload, switch out the drive system, or swap its head for a different set of sensors. He filed utility and design patents for the platform, called the 914 PC-Bot, and after merging with a Canadian defense robotics company called Frontline Robotics, started production. They sold about 200 robots in 17 countries, Burick says.
Then the 2008 financial crisis hit. White Box Robotics held on for a couple of years, shuttering in late 2010. “I got to live my life’s dream for 10 years,” he says. After closing White Box, “there was some soul searching” about what to do next. He recalled the impact his own mentors had, and decided to pay it forward by teaching.
In 2013, Burick started working in a vocational training program for young adults living with autism. The program didn’t have a technical arm, so he started one and ran it until 2019, when he was hired to be a technology instructor at PS Academy Arizona.
Burick and one of his students assemble the base for one of ENIAC’s three portable function tables, which contained banks of switches that stored numerical constants. Bri Mason
Burick feels he can connect with his students, because he is also neurodivergent. Throughout his childhood, he was told what he wasn’t able to do because of his dyscalculia diagnosis. “People tell you what it takes, but they never tell you what it gives,” Burick says.
In adulthood, he realized that some of his strengths are linked to dyscalculia, too, like strong 3D spatial reasoning. “I have this CAD program that runs in my head 24 hours a day,” he says. “I think the reason I was successful in robotics, truly, was because of the dyscalculia…. To me, [it] has always been a superpower.”
Whenever his students say something disparaging about living with autism, he shares his own experience. “You need to have maybe just a bit more tenacity than others, because there are parts of it you do have to fight through, but you come through with gifts and strengths,” he tells them.
And Burick’s classes aim to play to those strengths. “I didn’t want my technology program to feel like craft hour,” he says. Instead, through projects like the ENIAC replica, students can leverage traits many of them share, like the abilities to hyperfocus and to precisely repeat tasks.
Burick has taught his students about ENIAC for several years. While reading about it, he learned that the massive, 27-tonne computer was dismantled and partially destroyed after being decommissioned in 1955. Although a few of ENIAC’s 40 original panels are on display at museums, “there was no hope of ever seeing it together again. We wanted to give the world that experience,” Burick says.
He and his students started by learning about ENIAC, and even Burick was surprised by how complex the 80-year-old computer was. They built a one-twelfth scale model to help the students better understand what it looked like. Seeing the students light up, Burick became confident in their ability to move onto the full-scale model, and he started ordering supplies.
ENIAC was composed of 40 large metal panels arranged in a U-shape that housed its many vacuum tubes, resistors, capacitors, and switches. Twenty of the panels were accumulators with the same design, so the students started with these, then worked through smaller groupings of panels. The repeating panels brought symmetry to ENIAC, Burick says, but it was also one of the main challenges of recreating it. If one part was slightly out of place, the next one would be too and the mistake would compound.
The students installed 500 simulated vacuum tubes in each of the panels here, for a total of 18,000 vacuum tubes.Robert Gamboa
Once they constructed the panels, they added ENIAC’s three function tables, which stored numerical constants in banks of switches, then two punch-card machines. Finally, they installed 18,000 simulated vacuum tubes. In total, the project used nearly 300 square meters of thick-ream cardboard, 1,600 hot-glue-gun sticks, and 7 gallons of black paint.
The scale of the machine—and his students’ work—left Burick in awe. “By the time we were done, I felt like I was in a room full of scientists,” he says.
Previously, Burick’s students built an 8-foot-long drivable Tesla Cybertruck (“complete with a 400-watt stereo system and a subwoofer”) and he plans to keep the momentum with another recreation—maybe from the Apollo moon missions.
“I go to work every day, and I feel passionate about robotics [and] technology. I get to share that passion with the students,” Burick says. “I get to feel what it’s like to be in the position of the people that helped me. It closes that loop, and I find that really rewarding.”
From Your Site Articles
Related Articles Around the Web
Porsche will start selling an all-electric Cayenne coupe in late summer, the latest signal from the German automaker that it still sees market demand for EVs.
The Cayenne coupe EV — which has four doors, unlike a traditional coupe — will join several other all-electric variants of the SUV when it comes to market later this year, including the base Cayenne Electric, Cayenne S Electric, and Cayenne Turbo Electric. Porsche does, after all, love its variants.
And it could be its most successful. When Porsche introduced a coupe version of its gas-powered Cayenne in 2019, it took just a year for the sportier version of the crossover SUV to capture 20% of sales within the Cayenne lineup. Five years later, the coupe variant accounts for 40% of Cayenne sales, according to Porsche. In some markets, the coupe accounts for as much as 90%.
In other words, the numbers suggest that the all-electric Cayenne coupe is a worthy bet even with its six-figure price tag.
The Cayenne Coupe Electric (as it is officially branded) won’t replace its gas-powered or hybrid brethren, unlike the Porsche Macan compact SUV, which will only be sold as an EV after this year.
The company says the Cayenne coupe EV will be sold alongside the other fuel variants well beyond 2030, according to a Porsche spokesperson. That could produce some valuable data for Porsche on what flavor of Cayenne coupe consumers actually want to buy — and whether this electric variant proves to be its most popular. (The extra front trunk space alone could influence some buyers, not to mention gas prices.)
None of those questions can be answered, however, until the Cayenne Electric, Cayenne S Electric, Cayenne Turbo Electric, and Cayenne Coupe Electric go on sale globally later this year — about nine months after the EV version was first unveiled.
Techcrunch event
San Francisco, CA
|
October 13-15, 2026
When the Cayenne coupe EV does go on sale, it will be offered in three variants: the base version, an S coupe, and a turbo coupe. (If you think that’s a lot, go check out how many versions of its flagship Porsche Taycan EV exist.)
The Cayenne Coupe Electric starts at $113,800, not including the $2,350 delivery fee. Prices rise from there with the Cayenne S Coupe Electric at $131,200, and the Cayenne Turbo Coupe Electric at $168,000. Consumers can, of course, spend even more by adding on options like the lightweight sport package, which includes a carbon roof, performance tires, and motorsports-inspired interior features.
For that kind of money, consumers will get a lot of horsepower and torque tucked inside a crossover body with a sloping roofline that is reminiscent of the iconic 911. All variants of the coupe EV come with an 800-volt powertrain, air suspension, and a shared roof design that features a new windshield and an adaptive rear spoiler. The Cayenne coupe EV is also equipped with the North American Charging Standard port, or NACS, that Tesla popularized, as as well as an additional AC charging port.
From here, some specs change depending on the version a consumer buys. The base coupe EV generates up to 435 horsepower and 615 pound-feet of torque, with a top speed of 143 miles per hour and a zero-to-60 time of 4.5 seconds.
For those who aren’t satisfied, there are two more powerful options that push those performance specs much higher. At the top end, the turbo version generates up to 1,139 horsepower and 1,106 pound-feet of torque — putting it up there with the Tesla Model S Plaid, Lucid Air Sapphire, and Porsche Taycan Turbo GT. The turbo version has a top speed of 162 mph and can travel from 0 to 60 mph in an eye-watering 2.4 seconds.
Porsche hasn’t released EPA estimates for the range these coupe EVs will deliver on a single charge. But early real-world testing is in line with other Cayenne electric variants, which is about 360 miles. Of course, if coupe EV buyers opt for those larger tires — which create more rolling resistance, requiring the battery to work harder — the range could drop about 10%.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
A bonus in-cart coupon brings the M5 Pro 14-inch MacBook Pro down to a record low $1,949, but supply is limited at the reduced price.
Apple Authorized Reseller B&H Photo is beating Amazon’s price this Friday on the new 14-inch MacBook Pro that was released in March 2026.
The standard model, which is on sale for $1,949 in Space Black after a $200 cash discount stacked with a $50 in-cart coupon, features Apple’s M5 chip with a 15-core CPU and 16-core GPU. The laptop is also equipped with 24GB of unified memory and 1TB of storage (up from the standard 512GB found in the M4 Pro line).
Continue Reading on AppleInsider | Discuss on our Forums
Disclaimer: Unless otherwise stated, any opinions expressed below belong solely to the author. Data sourced from the Sensing SG survey by Blackbox Research.
The impact of the war in Iran is being felt by Singaporeans, according to the latest update to the long-running domestic sentiment survey carried out by Blackbox Research on approximately 1500 residents in Apr. The disruption caused by the closure of the Strait of Hormuz, which has led to oil and gas shortages across Asia, is also reflected in higher energy and petrol prices in Singapore.
This, in turn, not only influences the day-to-day transportation costs or electricity tariffs, but the costs of most goods as well, since the country imports almost everything, and all those goods have to arrive by air, road, or, mostly, sea.
It’s hardly a surprise, then, that the cost of living has rebounded as a top national concern, rising from 34% of responses in Q4 2025 to 46% in Q1 2026.
What’s more, according to Blackbox, just 46% of Singaporeans feel better off today than a year ago, which is the lowest reading recorded yet and sharp drop from 54% in Q4 of 2025.
And optimism about the future is melting equally quickly.
43% of respondents believe that the country will be doing better a year from now (down from 53%), while the share of those who think it’s going to be worse has doubled from just 19% to 38%.
There’s a warning for the government hidden in these statistics, too, as public confidence in the management of cost pressures is sliding already.
While the Government continues to receive high marks for Defence and National Security, which rose by six percentage points to 90%, its performance on Cost of Living has slipped 6 points to 46%.
Other key measures, such as housing affordability, the wealth gap, and GST, have all declined by at least three percentage points.
While a vast majority of the population may be happy with how the country is managed, they do expect the authorities to proactively address crises such as the current one caused by a distant, foreign war. Since the measures announced by PM Wong are only scheduled to be deployed in the coming months, most people haven’t yet felt them in their wallets.
Interestingly, the pessimism about the next 12 months in Singapore doesn’t translate into self-doubt, as still more than half of the local residents (52%) expect to be better off. Even though it’s a drop from 59% in Dec, it is relatively much smaller.
Similarly, just 19% see themselves falling behind over the next year—half as many as those who predict that to be the case for the entire country.
What’s more, in spite of the headwinds caused by the war, 86.3% are satisfied with the current situation in Singapore, 81.4% rate the economic situation positively, and 76.5% are happy with their personal finances.
In other words, while more people are anxious about what the turbulent future might bring, the vast majority are still very comfortable with where they are. And feel about the same about Singapore as a whole, too.
Featured Image Credit: Guo Xin Goh via Unsplash
Ctrl-Alt-Speech is a weekly podcast about the latest news in online speech, from Mike Masnick and Everything in Moderation‘s Ben Whitelaw.
Subscribe now on Apple Podcasts, Overcast, Spotify, Pocket Casts, YouTube, or your podcast app of choice — or go straight to the RSS feed.
In this special episode, Mike and Ben reflect on 100 episodes of the podcast, followed by an important announcement: we’re launching a Patreon and making some changes to Ctrl-Alt-Speech!
Starting on May 28th, Patreon members will get early access to extended weekly episodes with in-depth coverage of an extra major story. The free episodes will continue here on this feed, just slightly shorter and released one day later.
You can become a member now at one of two levels: Supporters get early access to the extended episodes, and for a limited time Founders get that plus the opportunity to send us news stories that you think we should cover each week. After the new episodes begin at the end of May, the Founder tier will become the Insider tier with all the same benefits at a slightly higher price, so act now if you don’t want to miss out (you’ll also get bragging rights as a founding member!)
We’re immensely grateful to the incredible audience we’ve found over these past 100 episodes, and this is our way of helping make the podcast sustainable for the next 100!
Filed Under: content moderation, trust and safety
Companies: patreon
Summary: Meta is cutting approximately 8,000 employees (10% of its workforce) beginning 20 May, cancelling 6,000 open roles, and planning additional cuts for H2 2026. The layoffs, announced via an internal memo from HR head Janelle Gale, are structural rather than performance-based, reorganising teams into AI-focused “pods” while Meta spends $115-135 billion on AI infrastructure this year. The cuts arrive alongside executive stock options worth up to $921 million each and a workplace surveillance programme capturing employee keystrokes to train AI agents.
Meta told employees on Wednesday that it will cut approximately 8,000 jobs, roughly 10% of its global workforce, beginning on 20 May. The company is also cancelling 6,000 open requisitions it had planned to fill, bringing the effective headcount reduction to 14,000 positions. Additional cuts are planned for the second half of the year, though their timing and scope have not been finalised. If the second wave matches the first, Meta will have eliminated roughly 20% of its pre-2026 workforce. The memo announcing the cuts was written by Janelle Gale, Meta’s head of human resources, who said the announcement came early because details had already leaked. “We’re doing this as part of our continued effort to run the company more efficiently and to allow us to offset the other investments we’re making,” Gale wrote. “This is not an easy tradeoff and it will mean letting go of people who have made meaningful contributions to Meta during their time here.”
The investments she is referring to cost between $115 billion and $135 billion this year alone. That is Meta’s guided capital expenditure for 2026, a 73% increase over the $72.2 billion it spent in 2025, nearly all of it directed at AI infrastructure. The company is building Prometheus, a one-gigawatt AI supercluster in Ohio coming online this year, and Hyperion, a 2,250-acre, $10 billion facility in Louisiana capable of five gigawatts. It hired Alexandr Wang, the former Scale AI chief executive, as its first chief AI officer in June 2025 through a deal that included a $14.3 billion investment in Scale AI. It is poaching elite AI talent with packages worth up to $1.5 billion for a single engineer. The people being hired are not the same people being fired. That is the point.
The May cuts are the third wave of 2026 layoffs at Meta. In January, the company eliminated more than 1,000 positions in Reality Labs, shutting down several VR game studios and cutting roughly 10% of the division. In March, it cut another 700 employees across at least five divisions, including Reality Labs, Facebook social, recruiting, sales, and global operations. The May round is company-wide and structural rather than performance-based, a distinction Gale’s memo made explicitly. Meta is reorganising teams into AI-focused “pods” and transferring engineers from across the company into the Applied AI organisation. New role categories are being created: “AI builder,” “AI pod lead,” and “AI org lead.” The company’s internal language describes the goal as driving “a step change in engineering productivity and product quality” through “fundamentally rewiring how we operate.”
The cumulative toll since 2022 now exceeds 33,000 jobs. Meta cut 11,000 in November 2022, 10,000 in March 2023, 3,600 in January 2025 (framed as performance-based, though employees with positive reviews were caught in the sweep), and approximately 9,700 across the three 2026 waves. The company ended 2025 with 78,865 employees, up 6% year over year, having rehired aggressively through 2024 and 2025 after the original “year of efficiency” reductions. It is now cutting deeper than it rehired. US workers affected by the May round will receive 16 weeks of base pay plus two additional weeks per year of service, and 18 months of health coverage.
The 💜 of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
Days before the March layoffs, Meta filed SEC disclosures revealing a new stock option programme tied to reaching a $9 trillion market capitalisation by 2031, roughly six times its current valuation. The potential payout: up to $921 million each for chief technology officer Andrew Bosworth, chief product officer Chris Cox, and chief operating officer Javier Olivan, and $787 million for chief financial officer Susan Li. Mark Zuckerberg is not included in the plan. The programme is modelled after Tesla’s Elon Musk compensation structure and is Meta’s first such award since going public in 2012.
The optics are difficult to defend. Stock-based compensation consumed approximately 96% of Meta’s $43.6 billion in free cash flow in 2025. Rank-and-file employees have seen reduced stock compensation in recent years while absorbing successive layoff rounds. The message, whether intended or not, is that the people who survive the cuts will work for less while the people who direct the cuts stand to make nearly a billion dollars each. The $9 trillion target requires Meta’s market capitalisation to grow at roughly 35% annually for five years. If the target is met, the stock appreciation that generates the executive payouts will have been funded in part by the labour cost reductions that the layoffs produce.
The layoff announcement arrived days after a separate disclosure that sharpened employee anxiety. Meta is installing software on US employees’ work computers under a programme called the “Model Capability Initiative,” which captures keystrokes, mouse movements, and screenshots to train AI agents. Bosworth told employees that “there is no option to opt out of this on your work provided laptop.” The Register reported that employees protested the programme on internal forums. Cornell researchers raised consent and compensation questions about using employee behaviour as AI training data.
The juxtaposition is stark. Meta is asking its remaining employees to generate the training data that will teach AI systems to replicate computer-use patterns, while simultaneously laying off the employees whose patterns the AI will eventually replace. Zuckerberg is building a personal AI agent to handle executive information retrieval and coordination, the same kind of work that middle-management and operational roles traditionally perform. Internal tools called MyClaw and Second Brain are already reshaping how Meta employees interact with the company’s systems. The trajectory is clear: more AI, fewer people, and the people who remain will train the AI that makes the next round of people unnecessary.
Meta’s cuts landed on the same day Microsoft announced its first voluntary retirement programme in 51 years, offering buyouts to roughly 7% of its US workforce. Oracle eliminated 20,000 to 30,000 employees in March. Atlassian cut 1,600 and replaced its CTO with two AI-focused executives. The tech sector has recorded more than 73,000 job cuts across 95 companies in the first four months of 2026, with projections that the full-year total will exceed the 124,201 eliminated in all of 2025. Every major company cites AI restructuring as the primary driver. The methods differ, Oracle’s was abrupt, Microsoft’s is voluntary, Meta’s is phased, but the direction is the same: traditional roles out, AI roles in, and the spending saved on the former redirected to the latter.
Meta’s Q4 2025 results, the most recent available, showed $59.89 billion in revenue (up 24%), $22.77 billion in net income, and earnings per share of $8.88, beating estimates by 8.4%. Full-year revenue crossed $200 billion for the first time. Q1 2026 results are due on 29 April, with revenue guidance of $53.5 billion to $56.5 billion. The company is not cutting because it is struggling. It is cutting because it has decided that the fastest path to a $9 trillion valuation runs through AI infrastructure, not through the 8,000 people it no longer needs. The question that Gale’s memo does not answer, and that no memo from any tech company this year has answered, is what those people are supposed to do next.
Updated with further information from Bitwarden.
The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
According to reports by Socket, JFrog, and OX Security, the malicious package was distributed as version 2026.4.0 and remained available between 5:57 PM and 7:30 PM ET on April 22, 2026, before being removed.
Bitwarden confirmed the incident, stating that the breach affected only its npm distribution channel for the CLI npm package and only those who downloaded the malicious version.
“The investigation found no evidence that end user vault data was accessed or at risk, or that production data or production systems were compromised. Once the issue was detected, compromised access was revoked, the malicious npm release was deprecated, and remediation steps were initiated immediately,” Bitwarden shared in a statement.
“The issue affected the npm distribution mechanism for the CLI during that limited window, not the integrity of the legitimate Bitwarden CLI codebase or stored vault data.”
Bitwarden says it revoked the compromised access and deprecated the affected CLI npm release.
According to Socket, threat actors appear to have used a compromised GitHub Action in Bitwarden’s CI/CD pipeline to inject malicious code into the CLI npm package.
According to JFrog, the package was modified so that the preinstall script and the CLI entry point use a custom loader named bw_setup.js, which checks for the Bun runtime and, if it does not exist, downloads it.
The loader then uses the Bun runtime to launch an obfuscated JavaScript file named bw1.js, which acts as credential-stealing malware.
Once executed, the malware collects a wide range of secrets from infected systems, including npm tokens, GitHub authentication tokens, SSH keys, and cloud credentials for AWS, Azure, and Google Cloud.
The malware encrypts the collected data using AES-256-GCM and exfiltrates it by creating public GitHub repositories under the victim’s account, where the encrypted data is stored.
OX Security says that these created repositories contain the string “Shai-Hulud: The Third Coming,” a reference to previous npm supply chain attacks that used a similar method and text string when exfiltrating stolen data.
The malware also features self-propagation capabilities, with OX Security reporting that it can use stolen npm credentials to identify packages the victim can modify and inject them with malicious code.
Socket also observed that the payload targets CI/CD environments and attempts to harvest secrets that can be reused to expand the attack.
The attack comes after Checkmarx disclosed a separate supply chain incident yesterday that impacts its KICS Docker images, GitHub Actions, and developer extensions.
While it is not known exactly how attackers gained access, Bitwarden told BleepingComputer the incident was linked to the Checkmarx supply chain attack, with a compromised Checkmarx-related development tool enabling abuse of the npm delivery path for the CLI during a limited time window.
Socket told BleepingComputer that there are overlapping indicators between the Checkmarx breach and this attack.
“The connection is at the malware and infrastructure level. In the Bitwarden case, the malicious payload uses the same audit.checkmarx[.]cx/v1/telemetry endpoint that appeared in the Checkmarx incident. It also uses the same __decodeScrambled obfuscation routine with the seed 0x3039, and shows the same general pattern of credential theft, GitHub-based exfiltration, and supply chain propagation behavior,” Socket told BleepingComputer.
“That overlap goes beyond a superficial resemblance. The Bitwarden payload contains the same kind of embedded gzip+base64 components we saw in the earlier malware, including tooling for credential collection and downstream abuse.”
Both campaigns have been linked to a threat actor known as TeamPCP, who previously targeted developer packages in the massive Trivy and LiteLLM supply chain attacks.
Developers who installed the affected version should treat their systems and credentials as compromised and rotate all exposed credentials, especially those used for CI/CD pipelines, cloud storage, and developer environments.
Update 4/23/26: Updated the story with information from Bitwarden confirming the incident was linked to the Checkmarx supply chain attack.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication.
The security issue is tracked as CVE-2026-3844 and has been leveraged in more than 170 exploitation attempts by the Wordfence security solution for the WordPress ecosystem.
The Breeze Cache WordPress caching plugin from Cloudways has more than 400,000 active installations and is designed to improve performance and loading speed by reducing page load frequency through caching, file optimization, and database cleanup.
The vulnerability received a critical severity score of 9.8 out of 10 and was discovered and reported by security researcher Hung Nguyen (bashu).
Researchers at WordPress security company Defiant, the developer of Wordfence, say that the problem stems from missing file-type validation in the ‘fetch_gravatar_from_remote’ function.
This allows an unauthenticated attacker to upload arbitrary files to the server, which can lead to remote code execution (RCE) and complete website takeover.
However, successful exploitation is possible only if the “Host Files Locally – Gravatars” add-on is turned on, which is not the default state, the researchers say.
CVE-2026-3844 affects all Breeze Cache versions up to and including 2.4.4. Cloudways fixed the flaw in version 2.4.5, released earlier this week.
According to statistics from WordPress.org, the plugin has had roughly 138,000 downloads since the release of the latest version. It is unclear how many websites are vulnerable, though, because there is no data on the number that have the Host Files Locally – Gravatars enabled.
Given the active exploitation status, website owners/admins who rely on Breeze Cache to boost performance are recommended to upgrade to the latest version of the plugin as soon as possible or temporarily disable it.
If upgrading is currently not possible, admins should at least disable the “Host Files Locally – Gravatars.”
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Spending too much time on social media and doomscrolling is bad for your brain. We all know it instinctively, and research has proven it time and again. But the fear of missing out keeps us glued to our feeds anyway.
Noscroll, a new AI-powered service, aims to solve that by reading the internet for you and texting you only what matters. The pitch is simple: no feeds, no brainrot, just signal.
To get started, you text Noscroll’s AI agent at (415) 718-4828. It sends you a link to connect your X account, which gives it access to your likes, bookmarks, and the accounts you follow.
From there, you tell the bot in plain language the topics you want to follow and the ones you don’t care about. It then pulls information from across the web, including news sites, blogs, Reddit, Hacker News, Substack, research papers, and more. You can even point it to specific sources you want it to monitor.
The bot then texts you news digests at whatever frequency works for you. If you are a casual reader, you might want a weekly roundup, while a news aficionado might prefer multiple updates a day.
Each digest includes links and a short summary, but you can always tap through to read the full article. You can also reply to the bot to discuss what you’re reading and tweak your digest.
Noscroll was built by Nadav Hollander, former CTO at NFT marketplace OpenSea. He told TechCrunch that his relationship with X inspired the idea. “It’s phenomenally entertaining and really informative in ways you just don’t get from normal media,” he said, but added that the platform is “so toxic culturally.”
He wanted the news without the misery. So he built the tool himself, alongside a friend from the open source world. Noscroll costs $9.99 per month, but you can try it free for seven days. You can find it at Noscroll.com.
United States soldier Gannon Ken Van Dyke has been arrested and charged for placing bets on prediction marketplace Polymarket using classified information he had access to related to the capture of former Venezuelan president Nicolás Maduro. The US Army Special Forces master sergeant, who was directly involved with the planning and execution of the operation, allegedly made $409,881 in profits.
According to the Department of Justice, Van Dyke created a Polymarket account around December 26, 2025 and made 13 bets related to Maduro from December 27 to January 2. He took the “Yes” position on several Polymarket wagers, including “US Forces in Venezuela… by January 31, 2026,” “Maduro out by… January 31, 2026, “Will the US invade Venezuela by January 31” and “Trump invokes War Powers against Venezuela by… January 31.” The US military captured Maduro and his wife on January 3.
Van Dyke allegedly bet a total of $33,034 and made over ten times that amount from his winnings. He withdrew his money from Polymarket on the day Maduro was captured and then sent it to a foreign crypto vault before depositing it to a new online brokerage account.
Shortly after Maduro’s capture, reports came out about how an anonymous gambler made almost half a million dollars before it was announced, raising concerns that someone had profited off insider military knowledge. The Justice Department says Van Dyke tried to cover his tracks. After reports about the potential insider bets were published, he allegedly asked Polymarket to delete his account, falsely claiming that he lost access to the email he used. He also changed the email address linked to his crypto account to another one not associated with his name.
Van Dyke has been charged with three counts of violation against the Commodity Exchange Act, with each one carrying a max sentence of 10 years in prison. He has also been charged with one count of wire fraud with a max penalty of 20 years in prison, as well as one count of unlawful monetary transaction with a max sentence of 10 years.
Prediction marketplaces have been struggling with insider trading problems, and this is far from the first incident. Recently, Kalshi took action against three political candidates, accusing them of insider trading related to their campaigns. Matt Klein of Minnesota and Ezekiel Enriquez of Texas face a fine of less than $1,000 and suspensions of up to five years. Meanwhile Mark Moran of Virginia faces disciplinary action, a five year suspension and a fine of more than $6,000.
In the year 2,000 (cue the Conan O’Brien music), America had so successfully defeated measles as a disease that we were awarded elimination status for the disease. Then Trump was elected to a second term, for reasons I still can’t fully explain, after which RFK Jr. somehow was confirmed as the Secretary of HHS. Almost simultaneously, a massive measles outbreak began in Texas, spreading to most of the other states in the union, with particularly bad outbreaks in Arizona, Utah, and North Carolina. The reason for the outbreak is clear in the CDC statistics: falling vaccination rates for the MMR vaccine allowed the disease to gain a foothold and spread. Meanwhile, Kennedy offered up confused and confusing messaging to the public as to what do about it, oscillating between muted calls for vaccinations, musing that everyone should just get measles for natural immunity, and declaring out loud that measles victims were at fault for not being healthy enough.
Because of his inept leadership on the matter, measles in 2026 is going to be even worse than 2025. We’re on pace to blow past last year’s numbers and, again, it’s because not enough people are getting vaccinated.
Kennedy is, of course, the living avatar of the anti-vaxxer movement. He didn’t create it, but he has worked very hard to propel it into popularity and, now, into government policy. He has everything to do with the current outbreak. But he recently faced Congress and said with a straight face that it has nothing to do with him. Instead, it was those dirty immigrants that are to blame.
But despite Kennedy being the most vocal source of vaccine misinformation, the secretary tried to blame the outbreaks entirely on immigrants who come to the U.S. from countries where measles is not eliminated — framing the issue as a global epidemic rather than a national public health crisis.
“It has nothing to do with me,” he told lawmakers. “If you’re worried about polio and tuberculosis, you should look at the immigration policies in this country. ’Cause the place where it’s occurring are the place[s] where the immigrants are going, because they’re not vaccinated.”
So, a couple of things to say here, both equally important. The scapegoating of immigrants over disease outbreaks is an American tradition going back centuries. It’s stupid, it’s wrong, and it’s plainly racist. I have no doubt that diseases can be spread through foreign visitors, as they can be by domestic travelers as well. But the desire to blame immigrants for whatever the outbreak du jour happens to be is so reliable and predictable that it’s silly. And if you don’t believe that this happens as a result of bigotry, well, you’re just plain wrong.
The other item on which to take note is the complete failure of leadership exhibited by Kennedy. In his remarks, Kennedy went into full CYA mode. He said he’s not anti-vaxx, but he absolutely is. He said the measles outbreak isn’t his responsibility, but he’s the fucking Secretary of Health and Human Services, and it absolutely is. He said dropping vaccination rates are due solely to how the American government responded to COVID-19, but that isn’t remotely the full story, given that vaccination rates experienced declines long before 2020, after which they fell sharply.
And the question that remains for Kennedy is a simple one: what are you doing about all of this? What do you even plan to do about all of this? The job doesn’t end by saying it’s immigrants at fault and then we move on. The disease still has to be combated and, right now, nobody is fighting the fight at the federal level. Instead, we’re talking about curtailing vaccine schedule guidance even further, or eliminating childhood vaccines altogether. Even if Kennedy sincerely wants to help in all of this, his messaging is so muddled and misguided that it isn’t getting through to the public.
Rep. Debbie Dingell (D-Mich.) expressed concern to Kennedy, a longtime anti-vaxxer, over the rising number of infectious disease cases such as measles and polio.
“Every patient, every child with measles should be treated with compassion. But I had seven cases just in the last couple of weeks in my county. The contagious spots have been grocery stores and colleges, you can’t stop it,” Dingell said of measles, the highly contagious disease that U.S. officials announced they eliminated in 2000.
“I’ve met with the family of one of them, and I said, ‘Why didn’t you get immunized?’” she continued. “And they said, ‘We’re listening to our government. Our government tells us not to.’”
Even if you wanted to argue that those people are wrong, they’re not making up lies when they say this. The message they’re getting from HHS is to not vaccinate. This is why public health policy needs to be very clear and in a language the average person can understand. These are life and death situations we’re talking about.
Kennedy’s comments read like an abdication of his responsibility. I can’t think of another way to describe his hand-washing of our current measles fiasco. And that’s one of many reasons he has to go.
Filed Under: anti-vaxxers, blame game, health & human services, measles, rfk jr.
NWFL Suspends Two Players Over Post-Match Clash in Ado-Ekiti
Weekend Open Thread: Theodora Dress
Palestine barred from entering Canada for FIFA Congress
NBA Analyst Charles Barkley Chimes in on Ice Spice McDonald’s Fiasco
Auto Enthusiast Scores Running Tesla Model 3 for Two Grand and Turns It Into Bare-Bones Go-Kart
Powerball Result April 18, 2026: No Jackpot Winner in Powerball Draw: $75 Million Rolls Over
Zack Polanski demands ‘council homes not luxury flats for foreign investors’
Russia Pushes Bill to Criminalize Unregistered Crypto Services
Gary Stevenson delivers timely reminder to register to vote as deadline TODAY
Rolls-Royce Voted UK’s Most Iconic Trade Mark as IPO Register Hits 150
Disabled people challenge government SEND proposals over segregation concerns
Making troops accountable for war crimes threatens US alliance, ex-SAS colonel warns
Russia Introduces Bill To Criminalize Unregistered Crypto Services
Starmer handler McSweeney to be dragged from shadows by Foreign Affairs Committee
Zack Polanski responds to home secretary’s taser threat
Wings Over Scotland | How To Get Away With Crimes
Kelp DAO rsETH Bridge Hack Drains $292M as DeFi Losses Top $600M in Two Weeks
‘Iran is still a nuclear threat’
New York sues Coinbase, Gemini over prediction market offerings
Kevin Kisner apologizes for Masters criticism: ‘I crossed the line’
You must be logged in to post a comment Login