Barnes & Noble CEO James Daunt recently sat down with NBC News, and he said something that has been percolating in my mind. When asked about AI-written books, Daunt said, “Yes, I have actually no problem selling any book, as long as it doesn’t masquerade or pretend to be something that it isn’t, and that it has an essential quality to it, and that the customer, the reader, wants it.”

On the surface, that sounds perfectly sensible. As long as readers can clearly see the label, they can make a choice. But if you take a moment to think about it, there are important questions that this approach leaves unanswered. 

Is “just label it” really good enough?

Barnes & Noble is one of the most powerful retailers in the publishing world. When the largest retail bookseller in the United States signals that AI-written books are welcome on its shelves, it sends a message to publishers, agents, and authors alike that this is a legitimate product category. 

Think about what a real book represents. A writer spent months, sometimes years, researching, writing, revising, creating a concoction, and then pouring it onto a page. Not only that, everything a writer puts on the page is colored with the lens they formed with their life experiences. That’s what makes books human, and why we sometimes read books covering the same topic from different writers. 

AI, on the other hand, takes everything it learned from the generation of human experience, strips the humanity, and serves the slop. Yes, the book might have the best grammar, the best plot structure, and even a good story. But will it have the human touch that makes a book special? I think not. At best, it can pretend, using the knowledge it stole from the great books written by human authors. 

The moment a major retailer shrugs and says AI books are fine as long as they’re labeled, it starts chipping away at the understanding that a book is a human endeavor. Also, who decides what constitutes an AI-written book and what the label looks like? Is it enough if the label is hidden obscurely on some page, where no one can find it unless they are looking for it? 

Even if they have a clear label, so what? Will you let a thief enter your home, as long as they wear a label saying they are one? It’s ridiculous. And make no mistake; any AI-written book, no matter how good it is, is a thief parading in costume, which has stolen the stories from human-written books, without consent. 

The human cost of letting AI books in our bookshops

Every bookshop has a limited space. If we allow AI books to enter our bookshops, it doesn’t create a space out of a vacuum. Every AI book taking a shelf space is replacing one written by a human. And without a proper system in place, which Barnes & Noble doesn’t seem to have, it would be hard for a reader to differentiate between a human and an AI-written book. 

Daunt even acknowledged that Barnes & Noble might already be selling AI-written books without knowing it. “We have 300,000 titles across all of our stores. Do we think that some of those may be AI? The chances are that they are, but we’re not really conscious of them,” he said in the NBC News interview. That is not the reassuring admission he thinks it is.

What you see is what you buy. If thousands of readers walk into the store and see AI books prominently placed, some of them are bound to pick one up. It will make money for some mega corporation or AI-bro who has started treating books as his new side business. That’s a sale that could have gone to an author who actually deserved it. 

I am not saying all human-written books are great. I have written some bad ones myself. But even if a book is bad or just not your taste, you know someone put real effort into it, so the hit on the purse doesn’t sting that much. 

Think how you will feel if your books were written by a prompt? Also, since AI can generate books at a much faster rate than we can write them, if we open the doors to these books, the market will be flooded. The e-book market is already filled with AI slop; we don’t want our bookstores to look the same. 

This is not happening in a vacuum

It would be one thing if Barnes & Noble were making this call in isolation. But this is part of a much larger and deeply troubling pattern.

Vox Media and The Atlantic both signed deals with OpenAI, allowing the company to train its models on their entire content archives. The New York Times signed its first AI content licensing agreement with Amazon. USA Today, Condé Nast, and Hearst have also signed multi-year licensing deals with Amazon. 

AI licensing deals are now becoming a big source of revenue for publishers. So publishers are getting paid, and that money is making these deals feel justified. As for the writers whose work is being used to train these models? Most of them are seeing nothing.

The pattern is clear here. First, media companies license their content to AI. Then AI uses that content to generate new content. Then retailers agree to sell that AI-generated content. This will repeat until all human writers are fired and all of us are left with a steaming pile of AI slop in our hands, wondering how we got here. 

Books are one of the last places where human creativity has not been fully colonized by AI. Opening that door, even with a label slapped on it, is a precedent the industry will struggle to walk back. Some doors should remain closed, no matter how lucrative the prize behind them seems to be.

Looking for the most recent Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle, Connections: Sports Edition and Strands puzzles.

Wow, today’s NYT Connections puzzle has a really intriguing purple category. Hint: Look for words that use the same exact letters. Read on for clues and today’s Connections answers.

The Times has a Connections Bot, like the one for Wordle. Go there after you play to receive a numeric score and to have the program analyze your answers. Players who are registered with the Times Games section can now nerd out by following their progress, including the number of puzzles completed, win rate, number of times they nabbed a perfect score and their win streak.

Read more: Hints, Tips and Strategies to Help You Win at NYT Connections Every Time

Hints for today’s Connections groups

Here are four hints for the groupings in today’s Connections puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: You won.

Green group hint: Let’s get back to the topic.

Blue group hint: Ghostbusters is a classic.

Purple group hint: Mix up the letters.

Answers for today’s Connections groups

Yellow group: Championship awards.

Green group: Matter at hand.

Blue group: ’80s comedies.

Purple group: Anagrams.

Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English Words

What are today’s Connections answers?

The yellow words in today’s Connections

The theme is championship awards. The four answers are cup, medal, pennant and ring.

The green words in today’s Connections

The theme is matter at hand. The four answers are concern, focus, point and subject.

The blue words in today’s Connections

The theme is ’80s comedies. The four answers are Airplane, Big, Clue and Twins.

The purple words in today’s Connections

The theme is anagrams. The four answers are enlist, listen, silent and tinsel.

Toughest Connections puzzles

We’ve made a note of some of the toughest Connections puzzles so far. Maybe they’ll help you see patterns in future puzzles.

#5: Included “things you can set,” such as mood, record, table and volleyball.

#4: Included “one in a dozen,” such as egg, juror, month and rose.

#3: Included “streets on screen,” such as Elm, Fear, Jump and Sesame.

#2: Included “power ___” such as nap, plant, Ranger and trip.

#1: Included “things that can run,” such as candidate, faucet, mascara and nose.

What will you miss most about Hacks? Ava (Hannah Einbinder) is furthering the queer agenda? Deborah’s (Jean Smart) sharp tongue? Or the fact that Meg Stalter won’t be as ever-present in our minds unless you’re chronically on Instagram?

Regardless, Hacks season 5 is going down in a blaze of glory. Last week, we saw Deborah on a ‘non-press tour press tour’ — and by that I mean that she appeared everywhere she could without explicitly promoting her Madison Square Gardens show.

Offbeat

Autonomous shuttle’s second passenger trip ends with rear-end collision and a tow truck

A new self-driving bus service in the Swedish city of Gothenburg got off to a rough start this week when one of its vehicles was hit by a tram on its second passenger-carrying trip.

The autonomous bus, running on route 169 between Gothenburg Central Station and Liseberg, opened to passengers on May 25. It was struck from behind shortly after setting off on its second run, resulting in damage to both vehicles and the bus enduring the ignominy of being towed away.

According to reports, the bus braked and was rear-ended by the tram. A spokesperson for Västtrafik, the bus operator, told The Register: “A small number of passengers were on board. No one was seriously injured, and that is the most important outcome. Both the bus and the tram sustained minor damage.”

The autonomous bus project began in 2024, and trials were scheduled to conclude by 2027 [PDF]. At present, a driver is still required, although the controls are not touched during normal operation.

However, someone else driving into it is a whole different challenge. On the rear of the Karsan bus was the warning “Keep your distance! The bus can brake sharply!” but that did not appear to deter the tram. As a rule of thumb, trams tend to have the right of way since they cannot swerve around a suddenly slowing vehicle.

Self-driving public transport remains a challenge. Elon Musk’s Cybercab is beginning to trundle onto the streets after a 2024 announcement, and Waymo’s taxis have been rolling around cities such as San Francisco for a few years now, although it yanked thousands of vehicles off the road over fears they might drive headlong into floods on high-speed roads. 

The UK’s first registered autonomous bus route was unveiled in 2023. However, operators reportedly decided to end the service in 2025 due to a lack of passengers. The service ran over a 14-mile journey in Scotland and also required drivers on board.

As for Gothenburg, the Västtrafik spokesperson told El Reg: “We are now conducting a thorough analysis of the incident together with relevant parties to better understand what happened as soon as possible.”

One of the goals of the project was to “gather and share knowledge about how autonomous mobility works in practice.” To which the answer, at least initially, appears to be: “Great! Until a tram enters the chat.” ®

Looking for the most recent Strands answer? Click here for our daily Strands hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle, Connections and Connections: Sports Edition puzzles.

Today’s NYT Strands puzzle threw me a bit — the theme seemed clear, but there were so many different words that could serve as answers. Some of the answers are difficult to unscramble, so if you need hints and answers, read on.

I go into depth about the rules for Strands in this story. 

If you’re looking for today’s Wordle, Connections and Mini Crossword answers, you can visit CNET’s NYT puzzle hints page.

Read more: NYT Connections Turns 1: These Are the 5 Toughest Puzzles So Far

Hint for today’s Strands puzzle

Today’s Strands theme is: On the nature trail.

If that doesn’t help you, here’s a clue: Touch some grass.

Clue words to unlock in-game hints

Your goal is to find hidden words that fit the puzzle’s theme. If you’re stuck, find any words you can. Every time you find three words of four letters or more, Strands will reveal one of the theme words. These are the words I used to get those hints but any words of four or more letters that you find will work:

• DUMP, DARE, SIDE, HEAT, SANG, CORN, THEY, SIDE, DUDE, SLED, CREATE, CAVE, PEAT, RAVE

Answers for today’s Strands puzzle

These are the answers that tie into the theme. The goal of the puzzle is to find them all, including the spangram, a theme word that reaches from one side of the puzzle to the other. When you have all of them (I originally thought there were always eight but learned that the number can vary), every letter on the board will be used. Here are the nonspangram answers:

• MOSS, ACORN, DAISY, PUDDLE, FEATHER, PAWPRINT

Today’s Strands spangram

Today’s Strands spangram is SCAVENGERHUNT. To find it, start with the S that is the first letter on the top row, and wind down and over.

Toughest Strands puzzles

Here are some of the Strands topics I’ve found to be the toughest.

#1: Dated slang. Maybe you didn’t even use this lingo when it was cool. Toughest word: PHAT.

#2: Thar she blows! I guess marine biologists might ace this one. Toughest word: BALEEN or RIGHT. 

#3: Off the hook. Again, it helps to know a lot about sea creatures. Sorry, Charlie. Toughest word: BIGEYE or SKIPJACK.

• Apple’s AI-powered health coach has apparently been delayed
• It’s now not expected until “later in the iOS 27 update cycle”
• The news arrives in a new report from a reputable source

Apple’s WWDC event is just around the corner, which means we can expect a host of software announcements from the tech giant on June 8. One thing fans of the best Apple Watches might have been excited for is Apple’s long-rumored AI health coach (AI) — but a new report has just put a dampener on those expectations.

According to Bloomberg journalist Mark Gurman, Apple’s AI health coach — apparently dubbed ‘Project Mulberry’ inside Apple — might not be revealed at WWDC after all. That will come as a blow to anyone looking forward to this feature, but it’s not all doom and gloom.

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited.

Drupal is typically used by large organizations managing massive data structures and multi-site installations, including government entities, educational organizations, major research universities, and high-profile enterprise and media organizations.

Google/Mandiant researcher Michael Maturi discovered this vulnerability (now tracked as CVE-2026-9082) in Drupal’s database abstraction API.

The security flaw can be exploited without authentication, allowing attackers to trigger arbitrary SQL injection on PostgreSQL-powered sites via specially crafted requests. Successful exploitation can potentially lead to information disclosure, privilege escalation, and even remote code execution.

The Drupal security team tagged the flaw as “highly critical” before releasing patches and confirming that exploitation attempts had been detected in the wild.

“Since CVE-2026-9082 was released, Imperva has observed over 15,000 attack attempts targeting almost 6,000 individual sites across 65 countries,” cybersecurity firm Imperva warned on May 21. “Attacks are primarily targeting Gaming and Financial Services sites so far, at collectively almost 50% of all attacks.”

Internet security watchdog group Shadowserver now tracks nearly 670 unpatched Drupal installations exposed online, most of them from North America (272) and Europe (273).

​On Friday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to patch their systems by midnight on Wednesday, May 27, as mandated by Binding Operational Directive (BOD) 22-01.

Although BOD 22-01 applies only to U.S. federal agencies, CISA advised all defenders, including those in the private sector, to apply CVE-2026-9082 patches as soon as possible to secure their organizations’ devices.

“This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise [..] Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice,” the cybersecurity agency warned.

“Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”

Over the last several years, CISA has flagged 5 Drupal vulnerabilities that have been exploited in the wild, two of which have also been abused in ransomware attacks.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

This guide covers the 6 surfaces you actually need to validate.

Advertisement

Download Now

AI + ML

RUSI warns fake IDs, shell companies, and crypto laundering could soon operate at industrial scale

The future of sanctions evasion appears to involve fewer shady middlemen and considerably more rented GPUs, according to a new RUSI report on how rogue states are using AI to fake identities, automate shell companies, and launder crypto at scale.

The report, “Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing,” says countries including North Korea and Iran are deploying AI tools to support sanctions evasion and proliferation financing (PF) schemes, ranging from fake passports and corporate paperwork to cryptocurrency laundering and fabricated online personas. 

“AI has the potential to radically increase the scale of PF activities, like sanctions evasion, to levels that overwhelm current PF and sanctions evasion detection and enforcement capabilities,” wrote Dr Aaron Arnold, a Senior Associate Fellow with the Centre for Finance and Security at RUSI, specializing in sanctions and proliferation financing.

Arnold argues that AI is not reinventing sanctions evasion so much as supercharging it. “AI is not necessarily changing PF and sanctions evasion typologies but instead increasing their efficiency and effectiveness,” he wrote.

That includes generative AI systems capable of producing fake passports, bank statements, vessel registrations, invoices, and corporate records, according to the report. RUSI writes that AI “can mass-produce high-quality fraudulent documents” with enough contextual accuracy to fool traditional compliance checks that still rely heavily on manual document verification.

The report also warns that many existing banking identity checks are rapidly becoming unreliable against modern AI tools. “Static biometric checks such as a selfie or voice print are no longer sufficient proof of identity against AI-enabled adversaries,” Arnold wrote, noting that many current systems were designed for human fraudsters rather than synthetic identities and deepfake operators.

The paper highlights North Korea’s growing use of AI-enhanced deception in its overseas IT worker operations. After years of allegedly relying on VPNs and fraudulent documents to secure remote tech jobs abroad, Pyongyang-linked operators have reportedly started using AI-generated CVs and deepfakes during job interviews to obscure their identities.

Crypto, naturally, remains a huge part of the picture. The report points to North Korea’s Lazarus Group and the $1.5 billion Bybit theft in 2025 as evidence that sanctioned states are already deeply embedded in digital asset crime. Arnold warned that AI could make the laundering side even harder to track by constantly shifting transaction patterns to stay ahead of investigators.

Arnold also points to a newer class of threat involving autonomous AI agents capable of handling discrete parts of a sanctions-evasion operation without constant human direction. In theory, he wrote, those systems could manage shell companies, move cryptocurrency through mixers and decentralized finance platforms, or generate deepfake content as needed, potentially making it harder for investigators who traditionally focus on dismantling human networks. 

RUSI’s proposed fixes boil down to fighting automation with more automation. The report calls for clearer rules allowing banks to use AI-powered counter-proliferation tools, updated KYC systems capable of spotting deepfakes and synthetic identities, and new “compute-KYC” obligations forcing cloud providers to pay closer attention to who is renting the GPU power behind large-scale AI operations.

The question now is whether regulators can modernize faster than sanctions evaders can automate. ®

In the last few years, India’s online food delivery market has grown significantly, with both Zomato and Swiggy going public and the number of cloud kitchens increasing. Meanwhile, startups working on home services, such as on-demand household staffing platforms like Urban Company, Snabbit, and Pronto, have gained popularity.

Silicon Valley-based start-up Human Archive is tapping into this trend, partnering with these companies to have workers wear special caps with cameras to collect egocentric (first-person point of view) video data of everyday tasks that could be used to train robots.

Without naming specific partners, the startup said it is working with companies in the home services, hostel, and restaurant sectors to collect egocentric data, and it says it has more than 1,000 active headsets deployed across multiple locations.

On the back of that traction, Human Archive said Tuesday it has raised $8.2 million in funding from Wing Venture Capital, NVP Capital, Y Combinator, and angels from OpenAI, Nvidia, Google, Mercor, AfterQuery, BAIR, SAIL, Brad Boa, and Meta.

The startup was founded by two Berkeley and two Stanford students — Samay Mani, Rushil Agarwal, Shloke Patel, and Raj Patel, the latter two being cousins. (Raj Patel is CEO.) All four have research backgrounds spanning robotics, hardware, and tactile data.

The company’s founding is a direct bet on where the AI industry is heading. As robotics labs and frontier AI companies race to build machines that can perform physical tasks in the real world, they face a critical bottleneck — a shortage of high-quality, real-world training data showing humans doing everyday work. Human Archive’s bet is that the workers staffing India’s booming gig economy represent an untapped and scalable source of exactly that data.

While Human Archive is working with multiple partners, the startup said it was rejected by many Indian home services companies, including Pronto and Urban Company, for a collaboration.

The company’s rejection by major players became public fodder last weekend, when Indian outlet Entrackr reported that Pronto is actively seeking partnerships to collect worker data for robotics training, and that Snabbit had held early discussions with Human Archive before the project fell apart.

Urban Company CEO Abhiraj Singh Bhal responded on X, stating the company would not engage in such arrangements — prompting Patel to fire back that Urban Company would soon be forced to reconsider or risk losing relevance to customer churn. Co-founder Rushil Agarwal was blunter still, posting that Pronto founder Anjali Sardana had laughed at him and called him “stupid” when he raised the idea of a data partnership. Pronto acknowledged the conversations but said it chose not to move forward.

Across the country, other startups are collecting egocentric data from different work environments, including factory floors. To differentiate itself, Human Archive is using and developing additional devices, such as tactile gloves, a full-body motion capture suit, and wrist cameras to capture data including motion, and tactile force, synchronously aligned with RGB-D (color imagery paired in real time with depth information), to sell to AI labs. The startup believes that video data alone is not sufficient, but that pairing it with other sensor data makes it much more valuable.

Initially, Human Archive used makeshift setups or off-the-shelf rigs to capture the data. Now, it is working on custom hardware that works together and captures different kinds of data. It already has more than 50 different devices deployed to collect different data points.

“To capture data, we started with iPhones, then we built our own custom rigs and caps. Now we have more than seven different hardware products that we use interchangeably across different modalities. After data collection from different devices, we worked on synchronizing data from all these different sources,” Patel said in a call.

The company said it is developing ways to fine-tune AI models with its own data and test them on robots to evaluate task effectiveness. By doing this, the startup can demonstrate the quality of its data to potential customers and post-train internal models.

Zach DeWitt, a partner at Wing VC, said the startup has a unique advantage in collecting data from multiple sensors.

“No one else in the world has been able to synchronize and collect headset RGB-D, force feedback, full-body motion capture, and synchronized chest and wrist camera data at scale. They’ve been doing internal model training on this data, and every major lab and university is interested in running experiments on it due to the novelty of the sensors and the scale of the new dataset they are releasing soon,” he told TechCrunch.

Collecting data in India and expansion plans

Despite rejection from notable players in the home services industry, Human Archive teamed up with smaller startups to offer discounted services to customers. When a worker arrives at a home, consumers are offered a choice through the app: pay a discounted price in exchange for consenting to data collection, or pay the full price for an unrecorded visit.

Patel mentioned that customers have been happy to opt for the former, as disputes about service quality are common, and video recordings can help resolve them.

The company pays workers a base rate of $1 per hour for participating in egocentric data collection. A report from the Economic Times suggests that other companies pay ₹250–₹400 per hour (roughly $2.63–$4.20). Patel said competitors pay more than Human Archive, but its on-the-ground presence in India allows it to keep compensation lower.

“Human Archive’s network provides immediate, flexible earning opportunities globally, lowering the barrier to participating in the AI economy. We see this as a critical bridge that funds immediate livelihoods while building the infrastructure for a safer, more productive future,” DeWitt said.

Beyond wage payment, there are privacy concerns around data collection via video recording. It is not clear what information Human Archive gives workers about how their footage is used. The company said that its commercial contracts are compliant with India’s Digital Personal Data Protection (DPDP) Act, as it displays a privacy policy notice, along with consent information detailing the purpose of data collection and how it is processed. The company said all data is anonymized, and faces are blurred from recordings. Last week, Moneycontrol reported that India’s Ministry of Electronics and Information Technology is looking into the consent mechanisms and data collection practices of startups collecting egocentric data through home service workers.

While Human Archive largely collects data in India, it has started expanding into Southeast Asia and the U.S. The company is also building a platform for anyone to participate in data collection and earn money. It also wants to offer customers in the U.S. services like cleaning or cooking in exchange for data collection by participating workers — though these programs are just in an early pilot stage.

Multiple well-funded startups are racing to build physical AI. Doing so requires massive amounts of training data showing humans at work — and Human Archive is one of the players competing to serve that demand. Whether its approach can scale will hinge on the partnerships it strikes and the uniqueness and volume of the data it can collect to satisfy the appetite of physical AI labs.