If you’re looking to get a dog but have reservations about all the poop, pee, and chewed shoes that you’ll have to deal with, then how about getting a robot one instead?

Unitree has brought the idea a step closer with the launch on Tuesday of the impressive-looking As2 quadruped.

The Chinese robotics giant already has plenty of experience building robot dogs, but the newly unveiled As2 stands out from its other models as a lighter, more agile consumer-grade contraption with a superior runtime of more than 4 hours, a walking range of 8 miles, and a top speed of 11 mph. It even supports large AI models for embodied AI interaction and autonomous decision-making.

Features include a high-definition front camera, a built in mic and speaker, remote control and intelligent following modes, and a lighting system to aid night walks. It also has an IP54 rating, making it resistant to dust and rain.

A video (top) accompanying the launch positions the As2 as a companion pet, with clips showing it being taken for a walk and running to its owner. It also shows off the robot’s strength and balance, as the 18-kg machine is able to stay standing and remain steady with a 105-kg human standing on its back.

The As2 has a few tricks up its sleeve, too, taking it far beyond what a regular dog can do. Like play tennis. It’s true — if you attach the optional seven-axis robotic arm, you can stick a tennis racket in its gripper and have a knockabout.

It looks like a lot of fun, though if you think you might miss all of the cuteness, slobbering, and quirky behavior that comes with a regular flesh-and-blood mutt, then the As2 probably isn’t for you.

Unitree has yet to publicly reveal pricing for its new robot dog, asking interested folks to “contact sales.”

Anthropic opened its virtual “Briefing: Enterprise Agents” event on Tuesday with a provocation. Kate Jensen, the company’s head of Americas, told viewers that the hype around enterprise AI agents in 2025 “turned out to be mostly premature,” with many pilots failing to reach production. “It wasn’t a failure of effort, it was a failure of approach, and it’s something we heard directly from our customers,” Jensen said.

The implicit promise: Anthropic has figured out the right approach, and it starts with the playbook that made Claude Code one of the most consequential developer tools of the past year. “In 2025 Claude transformed how developers work, and in 2026 it will do the same for knowledge work,” Jensen said. “The magic behind Claude Code is simple. When you can delegate hard challenges, you can focus on the work that actually matters. Cowork brings that same power to knowledge workers.”

That framing is central to understanding what Anthropic announced on Tuesday. The company rolled out a sweeping set of enterprise capabilities for Claude Cowork, the AI productivity platform it first released in research preview in January. Scott White, head of product for Claude Enterprise, described the ambition plainly during the keynote: “Cowork makes it possible for Claude to deliver polished, near final work. It goes beyond drafts and suggestions — actual completed projects and deliverables.”

The product updates are dense but consequential. Enterprise administrators can now build private plugin marketplaces tailored to their organizations, connecting to private GitHub repositories as plugin sources and controlling which plugins employees can access. Anthropic introduced new prebuilt plugin templates spanning HR, design, engineering, operations, financial analysis, investment banking, equity research, private equity, and wealth management. The company also shipped new MCP connectors for Google Drive, Google Calendar, Gmail, DocuSign, Apollo, Clay, Outreach, SimilarWeb, MSCI, LegalZoom, FactSet, WordPress, and Harvey — dramatically extending Claude’s reach into the software ecosystem that enterprises already use. And Claude can now pass context seamlessly between Cowork, Excel, and PowerPoint, including across multiple files, without requiring users to restart when switching applications.

White emphasized that the system is designed to feel native to each organization rather than generic. “We’ve heard loud and clear from enterprises — you want Claude to work the way that your company works, not just Claude for legal, but Cowork for legal at your company,” he said. “That’s exactly what today’s launches deliver.”

Real-world results from Spotify, Novo Nordisk, and Salesforce hint at what’s coming

To ground the product announcements in measurable outcomes, Anthropic showcased three enterprise deployments that illustrate both the scale and the variety of impact the company claims Claude can deliver.

At Spotify, engineers had long struggled with code migrations — the slow, manual work of updating and modernizing code across thousands of services. Jensen explained that after integrating Claude directly into the system Spotify’s engineers use daily, “any engineer can kick off a large-scale migration just by describing what they need in plain English.” The company reports up to a 90% reduction in engineering time, over 650 AI-generated code changes shipped per month, and roughly half of all Spotify updates now flowing through the system.

At Novo Nordisk, the pharmaceutical giant built an AI-powered platform called NovoScribe with Claude as its intelligence layer, targeting the grueling process of producing regulatory documentation for new medicines. Staff writers had previously averaged just over two reports per year. After deploying Claude, Jensen said, “documentation creation went from 10 plus weeks to 10 minutes. That’s a 95% reduction in resources for verification checks. Medicines are reaching patients faster.” Jensen also noted that Novo Nordisk used Claude Code to build the platform itself, enabling contributions from non-engineers — their digitalization strategy director, who holds a PhD in molecular biology rather than engineering, now prototypes features using natural language. “A team of 11 is operating like a team many times its size,” Jensen said.

Salesforce, meanwhile, uses Claude models to help power AI in Slack, reporting a 96% satisfaction rate for tools like its Slack bot and saving customers an estimated 97 minutes per week through summarization and recap features. The partnership reflects Anthropic’s broader ecosystem strategy: Jensen described the companies featured at the event as “Claude partners and domain experts with the data and trusted relationships that make Claude work in the real world.”

Enterprise leaders reveal the messy reality behind AI transformation

Perhaps the most illuminating segment of the event was a panel discussion featuring executives from Thomson Reuters, the New York Stock Exchange, and Epic, who provided candid assessments of AI’s enterprise reality that went well beyond the polished case studies.

Sridhar Masam, CTO of the New York Stock Exchange, described his organization as “rewiring our engineering process” with Claude Code and building internal AI agents using the Claude Agent SDK that can take instructions from a Jira ticket all the way to a committed piece of code. But he also identified fundamental shifts in how leaders must think. “The accountability is shifting,” he said. “Traditionally, we are so used to building deterministic platforms. You write code requirements and build. And now, with AI being probabilistic, the accountability doesn’t end when the project goes live, but on a daily basis, monitoring the behavior and outcomes.” He described a new paradigm beyond “buy versus build” — what he called “assembly,” the practice of combining multiple models, multiple vendors, platforms, data, and internal capabilities into solutions. And he noted that highly regulated industries must shift “from risk avoidance to risk calibration,” because simply avoiding AI is no longer a competitive option.

Steve Haske from Thomson Reuters, whose Co-Counsel product has reached a million users, was frank about the gap between what the technology can do and what organizations are ready for. “The tools are in many senses ahead of the change management,” he said. “A general counsel’s office, a law firm, a tax and accounting firm, an audit firm, need to rewire the processes to be able to take advantage of the benefits that the tools provide. And I think it’s 18 months away before that sort of change management catches up with the standard of the tool.” He also stressed an “ironclad guarantee” to Co-Counsel customers that “their input will not be part of our AI output,” and urged enterprise leaders to be “feverish” about protecting institutional intellectual property.

Seth Hain from Epic — the healthcare technology company behind MyChart — offered a finding that may foreshadow where enterprise AI adoption is truly heading. “Over half of our use of Claude Code is by non-developer roles across the company,” Hain said, describing how support and implementation staff had adopted the tool in ways the company never anticipated. Hain also described a deliberate trust-building strategy: Epic’s first AI capability was a medical record summarization that included links to the underlying source material, giving clinicians the ability to verify and build confidence before the company introduced more autonomous agent capabilities.

A year of Claude Code and MCP adoption explains why this moment feels different

Tuesday’s announcements cannot be understood in isolation. They are essentially the culmination of a year in which Anthropic transformed itself from a research-focused AI lab into a company with genuine enterprise distribution and developer ecosystem gravity.

The trajectory began with Claude Code, which Jensen noted had taken coding use cases “from assisting on tiny tasks to AI writing 90 or sometimes even 100% of the code, with enterprises shipping in weeks what once took many quarters.” But the deeper structural shift was the adoption of MCP — the Model Context Protocol — which has become the connective tissue allowing Claude to reach into and act upon data across an organization’s entire technology stack. Where previous AI tools were constrained to the information users manually fed them, MCP-connected Claude can pull context from Slack threads, Google Drive documents, CRM records, and financial systems simultaneously. This is what makes the plugin architecture announced Tuesday fundamentally different from earlier chatbot-style enterprise AI: it turns Claude into a reasoning layer that sits across an organization’s existing infrastructure rather than alongside it.

The implications for the broader AI industry are profound. Anthropic is effectively building a platform play — private plugin marketplaces, portable file-based plugins, and an expanding library of MCP connectors — that echoes the ecosystem strategies of earlier platform giants like Salesforce and Microsoft. The difference is velocity: Anthropic is compressing into months the kind of ecosystem development that previously took years. The company’s willingness to ship sector-specific plugin templates for investment banking, equity research, and wealth management alongside general-purpose tools signals that it sees no bright line between platform and application, between enabling partners and competing with them.

This strategic ambiguity is precisely what has spooked Wall Street. IBM shares suffered their worst single-day loss since October 2000 — down nearly 13.2% — on Monday after Anthropic published a blog post about using Claude Code to modernize COBOL, the decades-old programming language that runs on IBM’s mainframe systems. Enterprise software stocks had already been under heavy pressure since the initial Cowork announcement on January 30, with companies like ServiceNow, Salesforce, Snowflake, Intuit, and Thomson Reuters all experiencing steep declines. Cybersecurity companies tumbled after the company unveiled Claude Code Security on February 20.

Yet Tuesday’s event triggered a partial reversal that revealed something important about how markets are processing AI disruption. Companies named as Anthropic partners and integration targets — Salesforce, DocuSign, LegalZoom, Thomson Reuters, FactSet — all rallied, some sharply. Thomson Reuters surged more than 11%. The market appears to be drawing a new distinction: companies integrated into Anthropic’s ecosystem may benefit, while those standing outside it face existential risk.

Anthropic’s own economist warns that AI’s impact will be uneven — and fast

Peter McCrory, Anthropic’s head of economics, presented data from the Anthropic Economic Index that offered a sober counterweight to the event’s product optimism. Using privacy-preserving methods to analyze how people and businesses use Claude, McCrory’s team has tracked AI’s diffusion across more than 150 countries and every US state.

The headline finding is striking: a year ago, roughly a third of all US jobs had at least a quarter of their associated tasks appearing in Claude usage data. That figure has now risen to approximately one in every two jobs. “The scope of impact is broadening out throughout the economy as the tools and as the technology becomes more capable,” McCrory said. He characterized AI as a “general purpose technology” in the economic sense — meaning virtually no facet of the economy will be unaffected.

McCrory drew a critical distinction between automation, where Claude simply executes a task, and augmentation, where it collaborates with a human on more complex work. When businesses embed Claude through the API, he noted, “we see overwhelmingly Claude is being embedded in automated ways” — a pattern consistent with how transformative technologies have historically diffused through the economy.

On the question of job displacement, McCrory was measured but direct. He noted that “roles that typically require more years of schooling have the largest productivity or efficiency gains,” suggesting a dynamic economists call skill-biased technical change. He expressed concern about “jobs that are pure implementation” — citing data entry workers and technical writers as examples where Claude is already being used for tasks central to those occupations. But he emphasized that no evidence of widespread labor displacement has materialized yet, and pointed to forthcoming research that would introduce methodology for monitoring whether highly exposed workers are beginning to experience it.

His advice to enterprise leaders cut to the heart of the organizational challenge. “It might not just be about fundamental capabilities of the model,” McCrory said. “Do you have the right sort of data ecosystem, data infrastructure to provide the right information at the right time?” If the knowledge Claude needs to execute a sophisticated task exists only in a coworker’s head, he argued, “that’s not a technical problem, per se. That’s an organizational problem.”

The question every enterprise leader is now asking — and why no one has the answer yet

Jensen described a concept Anthropic calls “the thinking divide” — the growing gap between organizations that embed AI across employees, processes, and products simultaneously, and those that treat it as a point solution. The companies on the right side of that divide, she argued, will compound their advantage over time. Those on the wrong side “will find themselves falling further and further behind.”

Whether Anthropic ultimately functions as the rising tide that lifts the enterprise software ecosystem or the wave that swamps it remains genuinely uncertain. The same event that triggered a rally in shares of Anthropic’s named partners has also accelerated a broader reckoning for legacy software companies that cannot yet articulate how they fit into an AI-native world. McCrory, the economist, counseled humility. “Capabilities are moving very, very quickly,” he said. “It might represent an innovation in the method of innovation. So it’s not just making us better at the things that we do — it’s helping us discover new ways to do things.”

Thomson Reuters’ Haske perhaps put it most practically. “As leaders, we all have to get personally involved and personally invested in using the tools,” he said. “We’ve got to move fast. This environment is changing quickly. We cannot afford to get left behind.”

A Fortune 10 CIO recently told Jensen that enterprises would need to fit a decade of innovation into the next few years. The CIO smiled and said: “We’re going to do it in one with you.” Whether that confidence proves prescient or premature, one thing is clear from Tuesday’s event — the window for figuring it out is closing faster than most boardrooms realize.

Tech giants’ efforts to ramp up AI adoption in India may be about to hit a turning point, as companies end free promotions with hopes to convert the world’s fourth-largest economy into a windfall of paid subscribers.

India became the world’s largest market for generative AI app downloads in 2025, according to market intelligence firm Sensor Tower, widening its lead over the U.S. as installs jumped 207% year-over-year.

Companies including OpenAI, Google, and Perplexity rolled out extended free premium offers to accelerate user growth in the price sensitive market. Leading AI firms have also backed India in its push to become a global artificial intelligence hub. A major AI summit in New Delhi last week was attended by leaders including OpenAI’s Sam Altman, Anthropic’s Dario Amodei, and Alphabet CEO Sundar Pichai — a sign of the country’s growing weight in the global AI race.

Now, some of those early promotional pushes are winding down. Perplexity ended its bundled Pro offer with Indian telco Airtel in January, while OpenAI’s free ChatGPT Go access in India is no longer available, potentially setting the stage for a clearer test of how many newly acquired users convert to paying subscribers.

Despite strong download growth, India still generates a disproportionately small share of AI app revenue, accounting for about 1% of in-app purchases even as it drives roughly 20% of global GenAI app downloads, according to the Sensor Tower data shared with TechCrunch, highlighting the monetization challenge in one of the industry’s fastest-growing markets.

GenAI app adoption in India accelerated sharply through 2025, with downloads peaking in September and October at year-over-year growth rates of about 320% and 260%, respectively, according to the data. Yet the surge in usage did not fully translate into revenue gains. In November and December 2025, AI app in-app purchase revenue in India fell 22% and 18% month over month, respectively. ChatGPT’s revenue dropped even more sharply — down 33% and 32% over the same period following the November launch of free sub-$5 ChatGPT Go access — reflecting the near-term impact of aggressive promotional pushes.

ChatGPT still commands more than 60% of GenAI in-app revenue in India, meaning shifts in its pricing strategy can significantly influence overall market performance.

Alongside promotional pushes, Sensor Tower attributed the surge in GenAI app adoption in India last year to a mix of new product launches, including the debut of platforms such as DeepSeek, Grok, and Meta AI, as well as upgrades to major chatbots like ChatGPT, Gemini, Claude, and Perplexity. Viral interest in AI-generated content also helped fuel adoption, with content creation and editing tools accounting for seven of the 20 most downloaded GenAI apps in India in 2025.

The user surge has been equally pronounced. India accounted for about 19% of the global user base of leading AI assistant apps in 2025, ahead of the U.S. at 10%, Sensor Tower said. ChatGPT continues to dominate the Indian market by monthly active users, though rivals including Google’s Gemini and Perplexity have also seen rapid growth following promotional offers. ChatGPT was the most downloaded GenAI app in India and globally in 2025, according to earlier Sensor Tower data. Earlier this month, OpenAI’s CEO said that the chatbot now has more than 100 million weekly active users in India.

The promotional push in India reflects a broader strategy by AI firms to reduce pricing friction in a highly value-conscious market, betting that early user adoption and engagement will translate into stronger long-term retention once free access periods expire, said Sneha Pandey, insights analyst at Sensor Tower.

India’s appeal lies in its massive digital base. The country has more than a billion internet users and around 700 million smartphone owners, making it one of the largest potential markets for AI services globally and a critical battleground for user growth.

Nonetheless, user engagement in India still trails more mature markets. In 2025, users of leading AI chatbot apps in the U.S. spent about 21% more time per week on the apps than their counterparts in India and logged 17% more sessions on average, per Sensor Tower.

“AI in-app revenues will likely see meaningful but gradual improvement as users become more deeply integrated into these platforms, making sustained engagement paramount,” Pandey told TechCrunch.

She added that pricing pressure in India is likely to remain elevated given the country’s young and value-conscious user base, making lower-cost tiers, telecom bundles, and micro-transaction models important for long-term retention.

ChatGPT remained the clear market leader in India entering 2026, with 180 million monthly active users in January, per Sensor Tower, followed by Google’s Gemini with 118 million, Perplexity with 19 million, and Meta AI with 12 million. The figures underline both the scale of India’s AI opportunity and the growing challenge for firms to convert rapid user adoption into sustained revenue.

Google, OpenAI, and Perplexity did not respond to requests for comments.

A chunky blue slab sits on a desk, with RCA jacks protruding like forgotten relics from a garage cleanup. This 8-bit console, known as the GameTank, recently reached its crowdfunding goal on Crowd Supply, and backers are now looking forward to a July 12 2026 ship date, a target that has been locked in after more than $45,345 was raised (as of today) against a $30,000 goal.

Clyde Shaffer is the mind behind the GameTank, having created it from the ground up at Clydeware, and this project is the culmination of his efforts. Shaffer wanted technology that allowed him to play really cool 8-bit games, not a ported-over replica of a classic hit (he’d had enough of those). The entire thing was made to seem like vintage circuit boards, right down to the individual chips and board arrangement.

Hyperkin RetroN 2 HD Gaming Console for NES/Super NES/Super Famicom (Gray)

• HD audio and video (720p) with 16: 9/4: 3 Switch (HD cable only); 3 ft. HD cable; includes AV ports with AV cable
• High compatibility with (NTSC/PAL) NES, Super NES, and Super Famicom cartridges
• Hyperkin-engineered perfect pin (patent pending) Technology sets a new standard for state-of-the-art, high-quality pins

The main powerhouse of the device is a W65C02S CPU that runs at 3.5 MHz. Then there’s a second W65C02S humming around at 14 MHz only for sound, as there are no fancy field-programmable gate arrays or modern controllers here, and no hidden logic chips or RAM.

Graphics are drawn into a 128×128 framebuffer, similar to how most old TVs cropped out a few rows at the top and bottom, leaving approximately 128×100 useable pixels. You have a whopping 200 colours to play with, all of which are completely usable on the screen at the same time, and a blitter copies bytes to the screen in real-time every single clock cycle, resulting in super-smooth movement without the unpleasant flicker you used to get on the NES or Atari.

Memory is generous by 8-bit standards (remember the old days?), with 32 kilobytes of general RAM divided into 8 KB chunks, 512 kilobytes for graphics data, and 4 KB for audio. Cartridges contain 2 megabytes of flash memory on a unique 36-pin board. You can control the device via two ports, each with a D-pad, A, B, C, and a Start button. The video output is NTSC composite via an RCA jack (think old TVs and VCRs), and there’s a 26-pin extension port on the back for tinkerers and GPIO lines to play with. Power comes from a wall wart, and for those inquisitive, Shaffer provided every single schematic, board file, and 3D print template on GitHub.

You can either build the thing yourself or get a soldered version from Soldered Electronics in Croatia (they handle manufacturing). If you want to get your hands dirty, there’s a C SDK based on CC65 for compiling code for the 6502 family, and if you don’t want to create it from the ground up, there’s even an emulator you can use to test your games on PC. If you decide to build it, you can load ROMs using a USB flasher. The developer kit costs $299 and includes the console, controller, analog cable, documentation, blank cartridge, and flasher. Blank carts are sold separately in two-packs for $40

Shaffer describes the GameTank as a playground for hackers and hardware aficionados. The 6502 core allows for easy porting of games from the NES or Apple II, but it’s the unique tools that actually set it apart. With the correct tools, you can make animations that flow like water and rich music that isn’t too tinny.

Crowd Supply is still open for pledges until the 26th. The prototypes have been running solid for the past two years, and the next step is to complete the numerous certifications. The first units will begin to arrive in the summer, and backers will be able to turn them on their CRTs or upscalers and load their new games from flashers or carts.
[Source]

Spending too much time in front of a screen, whether you’re grinding raids or simply trying to get through the day, will cause your body to scream in protest. A good chair can make all the difference; one that keeps your back straight, relieves strain on your spine, and allows you to sit for hours without having to adjust or wincing in discomfort every five minutes. The N-GEN Gaming Chair, priced at $90 (was $140), stands out because it has everything you need in a package that is far less expensive than high-end solutions.

Most people are presented with a simple decision: spend a lot of money on a name brand with all the bells and whistles, or locate something that simply does the job without breaking the bank. This chair falls solidly into the second camp, and it does an excellent job of arguing why it is the best option. The seat and back are made of high-density foam, which is hard but also yielding, ensuring that it retains its shape over time. The PU leather on top is more breathable than you might anticipate for this price, and it wipes clean with a cloth after a long gaming session or a bad spill. A removable headrest pillow relieves strain on your neck, while the lumbar pillow targets the most painful areas of your lower back. All of these small details make a significant difference in how long you can remain there without feeling like you’re being tormented.

Sale

N-GEN GAMING Video Gaming Chair with Footrest Lumbar Support for Home Office High Back Recliner Height…

• Racing Style for Long Sessions – High-back gaming chair with ergonomic racing design, ideal for long hours at your gaming desk or home office.
• Ergonomic Support – Comes with a removable headrest, lower back pillow, and pull-out footrest to reduce pressure and support healthy posture during…
• Quality Materials – Supportive high-density foam cushions, breathable PU leather, and a vibrant finish combine for lasting comfort and a refined look.

You can recline the chair all the way back, from sitting up straight to a very relaxed posture, and there’s also a footrest that springs out gently when you need a break. The armrests move with the back, staying in place whether you’re sitting upright or slouching, and the height can be readily adjusted with a gas lift that can support up to 300 pounds.

When it comes down to it, this chair is all about value, since you get the ergonomic necessities without spending a lot of money on fancy branding or features you’ll most likely never use. As for the target audience, this is an excellent choice for anyone needing a chair that can withstand both marathon gaming sessions and extended stretches of focused work.

Wynn Resorts has confirmed that a hacker stole employee data from its systems after the company was listed on the ShinyHunters extortion gang’s data leak site.

In a statement shared today, the company said it activated its incident response procedures and launched an investigation, with assistance from external cybersecurity experts, after discovering the breach.

“We have learned that an unauthorized third party acquired certain employee data,” reads a statement shared with BleepingComputer.

“Upon discovery, we immediately activated our incident response protocols and launched a thorough investigation with the help of external cybersecurity experts.”

While Wynn has not stated whether it paid a ransom to prevent the data leak, the company said the attackers confirmed the stolen data had been deleted. In past extortion cases, threat actors have typically only claimed data was deleted after reaching an agreement with a victim.

“The unauthorized third party has stated that the stolen data has been deleted. We are monitoring and to date have not seen any evidence that the data has been published or otherwise misused,” the statement continued.

The company added that the incident did not impact guest operations or its physical properties, which remain fully operational, and that it is offering complimentary credit monitoring and identity protection services to employees.

ShinyHunters leak site listing

This statement comes after Wynn Resorts appeared on the ShinyHunters data leak site on Thursday.

In the threat actors’ post, the group claimed it had stolen “PII (SSNs, etc) and employee data” and warned the company to make contact before February 23, 2026, or the data would be published.

“Over 800k records containing PII(SSNs, etc) and employee data have been compromised,” reads the now-deleted post on ShinyHunters data leak site.

“This is a final warning to reach out by 23 Feb 2026 before we leak along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headling.”

Shortly after, the Wynn entry was removed from the site, a move that often occurs when negotiations are underway or claims are disputed.

Wynn Resorts did not answer questions about whether a ransom was paid or how many people were affected. Similarly, ShinyHunters told BleepingComputer that they had no comment on whether they received a payment.

However, the threat actors did previously claim to have stolen the data from the company’s Oracle PeopleSoft environment.

ShinyHunters is a data extortion group known for breaching organizations and threatening to publish stolen data unless a ransom is paid.

The group has previously claimed responsibility for multiple high-profile data theft incidents and has operated across various underground forums and extortion portals over the years.

Last year, ShinyHunters conducted a widespread campaign to steal Salesforce data, targeting numerous companies through social engineering and stolen third-party OAuth tokens.

In recent weeks, ShinyHunters has claimed responsibility for a wave of other security breaches, including Panera Bread, Betterment, SoundCloud, Canada Goose, PornHub, and online dating giant Match Group.

Some of the victims were compromised through voice phishing (vishing) attacks targeting single sign-on (SSO) accounts at Google, Microsoft, and Okta, where the threat actors posed as IT support staff to trick employees into entering credentials and multi-factor authentication (MFA) codes on phishing sites.

As BleepingComputer first reported, the ShinyHunters group more recently adopted device code vishing to obtain Microsoft Entra authentication tokens.

After stealing their targets’ credentials and auth codes, the threat actors hijack the victims’ SSO accounts to steal data from connected SaaS applications such as Salesforce, Microsoft 365, Google Workspace, SAP, Slack, Adobe, Atlassian, Zendesk, Dropbox, and many others.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Advertisement

Get the guide

A financially motivated threat group dubbed “Diesel Vortex” is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains.

In a campaign that has been running since September 2025, the threat actor has stolen 1,649 unique credentials from platforms and service providers critical in the freight industry.

Some of the Diesel Vortex victims include DAT Truckstop, TIMOCOM, Teleroute, Penske Logistics, Girteka, and Electronic Funds Source (EFS).

Researchers at the typosquatting monitoring platform Have I Been Squatted uncovered the campaign after finding an exposed repository containing an SQL database from a phishing project that the threat actor called Global Profit and marketed it to other cybercriminals under the name MC Profit Always.

The repository also included a file with Telegram webhook logs that revealed communications between the phishing service operators. Based on the language used, the researchers believe that Diesel Vortex is an Armenian-speaking actor connected to Russian infrastructure.

Have I Been Squatted’s analysis efforts were joined by tokenization infrastructure provider Ctrl-Alt-Intel, which connected the dots between operators, infrastructure, and connections to various companies using open-source intelligence.

In a lengthy technical report, the typosquatting protection provider states that it uncovered nearly 3,500 stolen credential pairs, with 1,649 of them being unique.

The researchers say that they also found a link to a mind map created by a member of the group, which describes a “highly organised operation” complete with a call-centre, mail support, programmer rols, and staff responsible for finding drivers, carriers, and logistics contacts.

Furthermore, the map provided details about acquisition channels that included the DAT One marketplace, email campaigns, rate confirmation fraud, and revenue for various operational tiers.

“The [Diesel Vortex] group built dedicated phishing infrastructure for platforms used daily by freight brokers, trucking companies, and supply chain operators. Load boards, fleet management portals, fuel card systems, and freight exchanges were all in scope,” Have I Been Squatted researchers say.

“These platforms sit at the intersection of high transaction volumes and the targeted workforce isn’t typically the primary focus of enterprise security programs, and the operators clearly knew it.”

The attacks involve sending phishing emails to targets via a phishing kit’s mailer, using Zoho SMTP and Zeptomail, and combining Cyrilic homoglyph tricks in the sender and subject fields to evade security filters.

Voice phishing and infiltration into Telegram channels frequented by trucking and logistics personnel were also used in the attacks.

When a victim clicks a phishing link, they land on a minimal HTML page on a ‘.com’ domain with a full-screen iframe that loads the phishing content, followed by a 9-stage cloaking process on the system domain (.top/.icu).

The phishing pages are pixel-level clones of the targeted logistics platforms. Depending on the target, they may capture credentials, permit data, MC/DOT numbers, RMIS login details, PINs, two-factor authentication codes, security tokens, payment amounts, payee names, and check numbers.

The phishing process is under the operator’s direct control, who decides when to approve steps and activate the next phases via Telegram bots.

Possible actions include requesting a password for Google, Microsoft Office 365, and Yahoo, 2FA methods, redirecting the victim, or even blocking them mid-session.

The researchers state that the Diesel Vortex operation, including panel and phishing domains and GitLab repositories, was disrupted following a coordinated action involving GitLab, Cloudflare, Google Threat Intelligence, CrowdStrike, and Microsoft Threat Intelligence Center.

For its part, Ctrl-Alt-Intel conducted an OSINT investigation starting from operators’ Telegram chats in Armenian about stealing cargo or funds, and an email address.

Along with a domain name found in the phishing panel’s source code, the researchers revealed connections to individuals and companies in Russia involved in wholesale trade, transportation, and warehousing.

The researchers noted that “the same email identified used to register phishing infrastructure appears in [Russian] corporate filings for logistics companies operating in the same vertical targeted by Diesel Vortex.”

Based on the uncovered evidence, the researchers determined that Diesel Vortex stole credentials and also coordinated activities related to freight impersonation, mailbox compromise, and double-brokering or cargo diversion.

Double brokering refers to the use of stolen carrier identities to book loads and then reassigning or diverting freight cargo, which allows sending the goods to fraudulent pickup points so they can be stolen.

The full indicators of compromise (IoCs), including network, Telegram, infrastructure, email, and cryptocurrency addresses, are available at the bottom of the Have I Been Squatted report.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide