Cauldron Ferm has an unlikely origin story, as startups go. Its core technology can be traced back to the 1960s, or maybe the 1970s. The exact start is a bit hazy, actually. What is known is that David and Polly McLennan had a dream of feeding the world using protein grown from microbes.

The pair knew they needed to improve the process, which was pricy and time consuming. Most fermentation happens in batches. Picture a brewery or a vineyard. Ingredients go in and the microbes work for a while, but then the process stops when it’s time to take out the finished product. It works for alcohol because booze commands a premium price. Food, though? That needs to be cheaper.

Still, the McLennans stuck with it, starting a small business that would over the course of 40 years refine their approach to continuous fermentation, which turns microbes into assembly lines capable of cranking out products uninterrupted.

“We didn’t know what we had,” Michele Stansfied, co-founder and CEO of Cauldron Ferm, told TechCrunch. But eventually, Stansfield who arrived at the McLennans’ company in 2012, realized they had more than initially thought.

“We didn’t understand the challenge of continuous fermentation for synthetic biology,” Stansfield said. But when she did, she sought to transform the company from a small fee-for-service operators to a fast-moving startup. “At that point, I raised a seed round and acquired the IP, physical, and business assets.”

Cauldron has now raised $13.25 million in a Series A2 round that was led by Main Sequence Ventures with participation from Horizons Ventures, NGS Super, and SOSV, the company exclusively told TechCrunch. It had previously raised $6.5 million in 2024. Cauldron plans to use the funding to “increase the technology moat,” Stansfield said. 

The company calls it’s technology “hyper fermentation,” which helps keep microbes in their maximally productive state. It can work in existing batch fermenters with a few modifications to the facility to accommodate the process. Cauldron’s customers bring their own microbes and strains, and the startup works to tweak their growing conditions, including nutrients, to keep them humming.

Currently, Cauldron is focused on producing fats and proteins, including whey protein, “a product that can just slip into supply chains,” Stansfield said, though she adds there are more products the company has its eyes on.

“Sixty percent of all inputs to global economy can be produced from biology,” she said. “Food was where we started, but now we’re starting to really diversify.”

The Dutch Ministry of Finance confirmed on Monday that some of its systems were breached in a cyberattack detected last week.

Officials said the ministry was notified by a third party of the breach on March 19, and it’s still investigating the cyberattack. An ongoing investigation found that the incident affects some employees.

“The Ministry of Finance’s ICT security detected unauthorized access to systems for a number of primary processes within the policy department on Thursday, March 19,” an official statement revealed.

“Following the alert, an immediate investigation was launched, and access to these systems has been blocked as of today. This affects the work of a portion of the employees.”

The ministry added that the cyberattack did not impact systems used to manage tax collection, import/export regulations, and income-linked subsidies, which handle over 9.5 million tax returns annually for income tax alone.

“Services to citizens and businesses provided by the Tax and Customs Administration, Customs, and Benefits have not been affected. We will update this message when we can share more information.”

Although the ministry said the breach affected some of its employees, it didn’t disclose how many were affected or whether the attackers stole any sensitive data. Also, no cybercrime group or threat actors have taken responsibility for the attack.

BleepingComputer reached out to a Ministry of Finance spokesperson with questions about the incident, including the total number of impacted employees and how long the attackers had access to the compromised systems, but a response was not immediately available.

In September 2024, the Dutch national police (Politie) was also breached in a cyberattack believed to be orchestrated by a “state actor” that stole work-related contact details of multiple police officers.

More recently, in February, Dutch authorities arrested a 40-year-old man for an extortion attempt after he downloaded confidential documents mistakenly shared by the police and refused to delete them unless he received “something in return.”

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report

Some people love fiddling with their 3D printers, others love printing. Some fiddle so they can spend more time printing, which is probably where this latest project comes in: an automated pressure advance calibration tool by [markniu].

Most of us don’t take enough care with pressure advance (PA). But if you want absolutely perfect prints, its something you should be calibrating for every type filament in your collection. Some would argue, ideally every individual spool. While that sort of dialing in can be fun, it takes away from actually running off prints. Bambu printers automate PA by scanning the usual sort of calibration print, but that’s still a very indirect measurement. Why not, just advance the filament, and measure the pressure at the nozzle directly? That is what PA is meant to account for, after all: the pressure of the plastic in the hotend causing oozing and blobbing at corners.

[mark]’s solution comes very close to a direct measurement. It uses a strain gauge that sits directly on top of the heatbreak, with the sound logic that the strain there experienced will be directly proportional to the pressure inside, at least along the axis of flow. Instead of filling half the bed with lines, the calibration process instead is a ‘printer poop’ style extrusion that doesn’t take nearly as long, and seems to save plastic, too. Since this puts a strain gauge in your hotend, you also get the bonus of being able to use it for bed leveling if you should so desire.

[mark] is claiming sub-90 second calibration — as you can see in the demo video embedded below — versus over seven minutes for the indirect calibration print. The value is plugged directly into Klipper, assuming you configured everything correctly, which should be easy enough looking at the instructions on the GitHub.

from the because-i-got-section-230 dept

The internet has been rightfully enjoying videos from the defamation trial against Afroman, a musician known for his humorous songs including “Because I got high.” The lawsuit involves songs he wrote about a 2022 raid police conducted on his house, which was based on flimsy evidence. The songs justifiably mock the officers involved. Mike Masnick wrote a recap of the case here, which is worth reading for many reasons, but the songs and Afroman’s testimony are true highlights. 

After the raid, Afroman released his songs on YouTube and they went viral initially on TikTok, both massive platforms for users to share their speech and that of other users. The officers who raided his home, seeking to silence someone making fun of them, sued Afroman for defamation, emotional distress, and other causes in 2023. 

Spoiler: Afroman won. The songs are not defamatory. But we didn’t know that for sure until a jury told us so this week. For three years, from the moment the lawsuit was filed until the jury issued its verdict, the songs were allegedly defamatory. And their continued “publication” ran the risk of liability.

So why could we still see the songs on YouTube, TikTok, Bluesky, and whatever other online platforms where we first encountered them? One big reason is Section 230 of the Communications Decency Act. 

Section 230 says that interactive computer service providers, like online platforms, cannot be treated as the publisher or speaker of information content provided by other information content providers. That means that YouTube could not be liable for the content of Afroman’s songs, even if they were defamatory. That’s the balance Section 230 strikes. Under 230, there is still accountability for the speaker, but online platforms are not liable for their users’ illegal speech.

By and large this balance has been incredibly beneficial to free expression online, supporting speech about everything from the profoundly consequential (#MeToo and Black Lives Matter) to the somewhat silly (a song about a cop who got distracted from a raid by a delicious looking “Lemon Pound Cake”). But now, members of Congress like Senator Lindsey Graham and Senator Dick Durbin want to repeal or replace Section 230 without much of a plan for what comes next. 

On March 18, Daphne Keller, a professor of law at Stanford and expert in intermediary liability laws around the world, testified before the Senate Commerce Committee. She tried to explain to the Senators that Section 230 may not be perfect, but it’s still better than any of the options she has seen. To understand why Daphne’s right, let’s think about what Afroman’s case might have looked like without Section 230. The moment Afroman was allowed to distribute his songs about the raid on YouTube, the company could have been liable for any potentially illegal speech they contained. That means YouTube probably also would have been a co-defendant in the cops’ suit. At the scale many online platforms operate at, these kinds of accusations of defamation and lawsuits related to user posts would happen hundreds of thousands, if not millions, of times a day.

That’s a lot of litigation.

Staring down the barrel of that many potential lawsuits every day, no reasonable platform would have allowed Afroman’s speech to stay up. The moment an accusation of illegality surfaced, a platform acting reasonably would likely take the speech down. And to be clear, we have evidence that this is how they would react: That’s the incentive structure currently in place under the Digital Millenium Copyright Act (DMCA). The DMCA creates a notice and takedown system for alleged copyright violations and evidence suggests that improper takedown requests are common and, even with the safeguards for speech built into that law, result in over-censorship. Replicating a version of the DMCA for all content on the internet writ large would likely produce the same overcensorship result. At a minimum, the platforms certainly wouldn’t allow their algorithms to recommend posts linking to the defamatory songs, effectively “shadowbanning” them, which is probably one of the main ways many people came across the songs to begin with.

The upshot is: Section 230 created the conditions that allowed us to hear Afroman’s songs, and allowed platforms to recommend them, even while their status was in legal limbo. 

There are millions of similar situations, large and small, every day where Section 230 ensures that online platforms do not have to try to make context-specific legal judgment calls. Section 230 may not be perfect. No law is. But it’s the best and most effective protection for free expression online we have, allowing online services to simply let their users speak. Congress should be very cautious about changing it, let alone eliminating it altogether.

Kate Ruane is the Director of the Free Expression Program and the Center for Democracy & Technology, where she advocates for the protection of free speech and human rights in the digital age.

Filed Under: afroman, defamation, intermiediaries, section 230

Soft plastics are notorious for jamming sorting machines, slipping through processing lines, and wreaking havoc on the environment. They’re also not accepted in most municipal curbside recycling programs.

Facilities for recycling these types of plastic exist, but getting waste to these locations clean and free of what some call “wishful recycling” items (compostable cups, plastic utensils) is such a challenge that the majority of soft plastics, even the bags recycled at the front of grocery stores, end up in the trash. The SPC is what Arbouzov calls a “pre-recycling device,” designed to simplify this stream and deliver plastic that’s contained, traceable, and more likely to make it through the system.

I tried to envision how the blocks would turn into patio furniture, as advertised, but didn’t learn exactly how until months later, when Arbouzov sent me a video of the blocks at their final destination—a facility in Frankfort, Indiana, that specializes in processing polyethylene and polypropylene films. The blocks get shredded into crumbles resembling, at least on video, handfuls of wet newspaper, which are then compressed into composite decking, chairs, garden edging, and more.

“The full cycle from mailing a block to it entering recycling processing typically takes a few weeks,” Arbouzov said, “depending on shipping time and batching schedules.” Right now, the Frankfort location is the only facility processing the blocks, but Arbouzov said he hopes this is only temporary.

“Our goal is to shift more of this processing closer to where the material is generated, so blocks can move in bulk through regional recycling infrastructure rather than through mail-based logistics,” he said. “The mail-back system is essentially a bridge that allows the material to be captured today while that larger infrastructure develops.”

Recycling, Rewired

I found that my household of three was able to produce a block every couple of weeks, which quickly outpaced the provided supply of mailers. As the blocks started piling up on the floor of my office, I found myself wishing the SPC made something useful for consumers. Spoons, straws, 3D-printing filament … anything that could be used at home.

However, a 2023 Greenpeace report found that recycling plastic can actually make it even more toxic than it already is—heating it can not only cause existing chemicals to escape into the air and water supply, but even create new ones, like benzene. Would I want this in my house? Does recycled plastic actually belong in a circular economy? I asked Arbouzov what he thought.

Plenty of old handhelds spend their retirement gathering dust in a box somewhere, and this Game Boy Advance was no exception. Abandoned, completely dead, and sporting a screen that had burned out from years of neglect, it was not an obvious candidate for a comeback. Odd Tinkering took it apart piece by piece anyway, worked through every problem methodically, and brought it back to life with a handful of modern upgrades that breathe new life into the hardware without losing any of what made it special in the first place.

From the start it was completely dead, just a dark screen and no response when you tried to power it on. Some thorough cleaning got the electricity flowing again, and original Game Boy and Game Boy Color titles loaded up without complaint. GBA games were a different story though, refusing to run no matter what. The small mode detection switch inside the cartridge slot got a good wipe, which seemed like it should have done the trick, but the games still wouldn’t cooperate. The real culprit turned out to be oxidation sitting on the pins of the main chip. One more cleaning session and the problem disappeared entirely, with the system reading every cartridge thrown at it without a single issue.

The screen was in rough shape, covered in dark blotches from years of burn in. New polarizing film cleared that up, though the display was still noticeably dim by modern standards, so an IPS panel went in next and solved the brightness issue immediately. Colors are vivid and the viewing angles are excellent, exactly what you want from a handheld you are actually going to use. The upgraded screen meant the original shell no longer fit, so the team scanned it with a 3D scanner and printed a new one in resin, a deep blue that nods to the classic aesthetic while hiding the modern hardware inside. The fit is perfect, with no gaps or wobble anywhere.

The toolkit was refreshingly basic, a set of screwdrivers for disassembly, a soldering iron and desoldering tool for any stubborn connections, and hydrogen peroxide with UV light to lift the yellowing from the plastic. No specialty equipment, no secret techniques, just a clean and methodical process from the first screw to the last.

The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels.

Microsoft led the technical disruption, which involved seizing 330 domains part of Tycoon2FA’s backbone infrastructure that included control panels and phishing pages used in attacks.

However, the disruption caused by the law enforcement was short-lived, as CrowdStrike noticed the cybercrime service return to normal operational volumes within days.

“Falcon Complete observed a short-term decrease in the volume of Tycoon2FA campaign activity following the takedown, with daily volumes on March 4 and March 5, 2026, reducing to 25% of pre-disruption levels,” reads CrowdStrike’s report.

“However, this volume subsequently returned to pre-disruption levels, with daily levels of cloud compromise active remediations returning to early 2026 levels.”

First documented by Sekoia roughly two years ago, Tycoon2FA appeared online as a PhaaS platform dedicated to targeting Microsoft 365 and Gmail accounts, featuring adversary-in-the-middle mechanisms that enable bypassing two-factor authentication (2FA) protections.

A month later, Trustwave reported that Tycoon2FA’s operators were actively improving the platform, adding new, advanced features, and enticing more cybercriminals to purchase access.

Tycoon2FA is a significant actor on the phishing scene, with Microsoft reporting that it generated 30 million phishing emails per month, accounting for 62% of all emails blocked by the tech giant.

According to CrowdStrike, Tycoon2FA is back in business using largely unchanged techniques, tactics, and procedures (TTPs), and supported a diverse set of illegal activities, like business email compromise (BEC), email thread hijacking, cloud account takeovers, and malicious SharePoint links.

After the disruption action, Tycoon2FA has been used in malicious email campaigns that relied on malicious URLs and shortener services, legitimate platforms such as presentation tools, where redirection mechanisms are abused, and also compromised domains.

Interestingly, some of the old infrastructure remained active, indicating that the disruption was incomplete, while new phishing domains and IP addresses were registered quickly following the law enforcement operation.

Regarding the observed post-compromise activity, this includes the creation of inbox rules, hidden folders for fraud emails, and preparation for BEC operations.

Ultimately, CrowdStrike comments that, without arrests or physical seizures, it’s easy for cybercriminals to recover and replace the impacted infrastructure. As long as the demand from the phishing ecosystem is high, the motive for PhaaS platform operators remains unchanged.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report