A French court has sentenced three former executives to suspended prison terms.

June 5, 20254 min readThe Trump-Musk Fight Could Have Huge Consequences for U.S. Space ProgramsA vitriolic war of words between President Donald Trump and SpaceX CEO Elon Musk could have profound repercussions for the nation’s civil and military space programsBy Lee Billings edited by Dean VisserElon Musk (left) and President Donald Trump (right) seemed to be on good terms during a press briefing in the Oval Office at the White House on May 30, 2025, but the event proved to be the calm before a social media storm. Kevin Dietsch/Getty ImagesFor several hours yesterday, an explosively escalating social media confrontation between arguably the world’s richest man, Elon Musk, and the world’s most powerful, President Donald Trump, shook U.S. spaceflight to its core.The pair had been bosom-buddy allies ever since Musk’s fateful endorsement of Trump last July—an event that helped propel Trump to an electoral victory and his second presidential term. But on May 28 Musk announced his departure from his official role overseeing the U.S. DOGE Service. And on May 31 the White House announced that it was withdrawing Trump’s nomination of Musk’s close associate Jared Isaacman to lead NASA. Musk abruptly went on the attack against the Trump administration, criticizing the budget-busting One Big Beautiful Bill Act, now navigating through Congress, as “a disgusting abomination.”Things got worse from there as the blowup descended deeper into threats and insults. On June 5 Trump suggested on his own social-media platform, Truth Social, that he could terminate U.S. government contracts with Musk’s companies, such as SpaceX and Tesla. Less than an hour later, the conflict suddenly grew more personal, with Musk taking to X, the social media platform he owns, to accuse Trump—without evidence—of being incriminated by as-yet-unreleased government documents related to the illegal activities of convicted sex offender Jeffrey Epstein.On supporting science journalismIf you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.Musk upped the ante further in follow-up posts in which he endorsed a suggestion for impeaching Trump and, separately, declared in a now deleted post that because of the president’s threat, SpaceX “will begin decommissioning its Dragon spacecraft immediately.” (Some five hours after his decommissioning comment, tempers had apparently cooled enough for Musk to walk back the remark in another X post: “Ok, we won’t decommission Dragon.”)Dragon is a crucial workhorse of U.S. human spaceflight. It’s the main way NASA’s astronauts get to and from the International Space Station (ISS) and also a key component of a contract between NASA and SpaceX to safely deorbit the ISS in 2031. If Dragon were to be no longer be available, NASA would, in the near term, have to rely on either Russian Soyuz vehicles or on Boeing’s glitch-plagued Starliner spacecraft for its crew transport—and the space agency’s plans for deorbiting the ISS would essentially go back to the drawing board. More broadly, NASA uses SpaceX rockets to launch many of its science missions, and the company is contracted to ferry astronauts to and from the surface of the moon as part of the space agency’s Artemis III mission.Trump’s and Musk’s retaliatory tit for tat also raises the disconcerting possibility of disrupting other SpaceX-centric parts of U.S. space plans, many of which are seen as critical for national security. Thanks to its wildly successful reusable Falcon 9 and Falcon Heavy rockets, the company presently provides the vast majority of space launches for the Department of Defense. And SpaceX’s constellation of more than 7,000 Starlink communications satellites has become vitally important to war fighters in the ongoing conflict between Russia and U.S.-allied Ukraine. SpaceX is also contracted to build a massive constellation of spy satellites for the DOD and is considered a leading candidate for launching space-based interceptors envisioned as part of Trump’s “Golden Dome” missile-defense plan.Among the avalanche of reactions to the incendiary spectacle unfolding in real time, one of the most extreme was from Trump’s influential former adviser Steve Bannon, who called on the president to seize and nationalize SpaceX. And in an interview with the New York Times, Bannon, without evidence, accused Musk, a naturalized U.S. citizen, of being an “illegal alien” who “should be deported from the country immediately.”NASA, for its part, attempted to stay above the fray via a carefully worded late-afternoon statement from the space agency’s press secretary Bethany Stevens: “NASA will continue to execute upon the President’s vision for the future of space,” Stevens wrote. “We will continue to work with our industry partners to ensure the President’s objectives in space are met.”The response from the stock market was, in its own way, much less muted. SpaceX is not a publicly traded company. But Musk’s electric car company Tesla is. And it experienced a massive sell-off at the end of June 5’s trading day: Tesla’s share price fell down by 14 percent, losing the company a whopping $152 billion of its market value.Today a rumored détente phone conversation between the two men has apparently been called off, and Trump has reportedly said he now intends to sell the Tesla he purchased in March in what was then a gesture of support for Musk. But there are some signs the rift may yet heal: Musk has yet to be deported; SpaceX has not been shut down; Tesla’s stock price is surging back from its momentary heavy losses; and it seems NASA astronauts won’t be stranded on Earth or on the ISS for the time being.Even so, the entire sordid episode—and the possibility of further messy clashes between Trump and Musk unfolding in public—highlights a fundamental vulnerability at the heart of the nation’s deep reliance on SpaceX for access to space. Outsourcing huge swaths of civil and military space programs to a disruptively innovative private company effectively controlled by a single individual certainly has its rewards—but no shortage of risks, too.

The murder of John Forde was the culmination to years of political, social, and criminal intrigue.   Get the Popular Science daily newsletter💡 Breakthroughs, discoveries, and DIY tips sent every weekday. Researchers have uncovered handwritten letters, court documents, and a coroner’s report related to the nearly 700-year-old cold case murder of a medieval priest. Published on June 5 in the journal Criminal Law Forum, the investigation draws on direct archival evidence from Cambridge University that is helping fill in the gaps to a high-profile true crime scandal that would make headlines even today. But despite a mountain of firsthand accounts, the murder’s masterminds never saw justice. The ‘planned and cold-blooded’ crime On Friday, May 3, 1337, Anglican priest John Forde began a walk along downtown London’s Cheapside street after vespers (evening prayers) shortly before sunset. At one point, a clergyman familiar to Forde by the name of Hasculph Neville approached him to begin a “pleasant conversation.” As the pair neared St. Paul’s Cathedral, four men ambushed the priest. One of the attackers then proceeded to slit Forde’s throat using a 12-inch dagger as two other assailants stabbed him in the stomach in front of onlookers. The vicious crime wasn’t a brazen robbery or politically motivated attack. It was likely a premeditated murder orchestrated by Ela Fitzpayne, a noblewoman, London crime syndicate leader—and potentially Forde’s lover. “We are looking at a murder commissioned by a leading figure of the English aristocracy. It is planned and cold-blooded, with a family member and close associates carrying it out, all of which suggests a revenge motive,” Cambridge University criminology professor Manuel Eisner explained in a statement. The location of the murder of John Forde on May 3, 1337. Credit: Medieval Murder Maps / University of Cambridge’s Institute of Criminology / Historic Towns Trust. A longstanding feud To understand how such a brutal killing could take place in daylight on a busy London street, it’s necessary to backtrack at least five years. In January 1332, the Archbishop of Canterbury sent a letter to the Bishop of Winchester that included a number of reputation-ruining claims surrounding Fitzpayne. In particular, Archbishop Simon Mepham described sexual relationships involving “knights and others, single and married, and even with clerics in holy orders.” The wide-ranging punishments for such sinful behavior could include a prohibition on wearing gold and other precious jewelry, as well as large tithes to monastic orders and the poor. But the most humiliating atonement often came in the form of a public walk of shame. The act of contrition involved walking barefoot across Salisbury Cathedral—England’s longest nave—in order to deliver a handcarried, four-pound wax candle to the church altar. What’s more, Archbishop Mepham commanded that Fitzpayne must repeat this penance every autumn for seven years. Fitzpayne was having none of it. According to Mepham’s message, the noblewoman chose to continue listening to a “spirit of pride” (and the devil), and refused to abide by the judgment. A second letter sent by the Archbishop that April also alleged that she had since absconded from her husband, Sir Robert Fitzpayne, and was hiding in London’s Rotherhithe district along the Thames River. Due to this, Archbishop Mepham reported that Ela Fitzpayne had been excommunicated from the church. Image of the Archbishop of Canterbury’s letters to the Bishop of Winchester on the subject of Ela Fitzpayne, from the register of John de Stratford. Credit: Hampshire Archives and Hampshire County Council. Raids and rats But who tipped the clergy off to her indiscretions? According to Eisner’s review of original documents as part of the Cambridge University Institute of Criminology’s Medieval Murder Maps project, it was almost certainly her ex-lover, the soon-to-be-murdered John Forde. He was the only alleged lover named in Archbishop Mepham’s letters, and served as a church rector in a village located on the Fitzpayne family’s estate at the time of the suspected affair.  “The archbishop imposed heavy, shameful public penance on Ela, which she seems not to have complied with, but may have sparked a thirst for vengeance,” Eisner said. “Not least as John Forde appears to have escaped punishment by the church.” But Forde’s relationship with the Fitzpaynes seems to have extended even more illicit activities. In another record reviewed by Eisner, both Ela Fitzpayne and John Forde had been indicted by a Royal Commission in 1322. The crime–assisting in the raid of a Benedictine priory alongside Sir Fitzpayne. They and others reportedly assaulted the priory a year earlier, making off with around 18 oxen, 30 pigs, and 200 sheep. The monastery coincidentally served as a French abbey’s outpost amid increasing tensions between France and England in the years leading up to the Hundred Years’ War. Archbishop Mepham was almost certainly displeased after hearing about the indictment of one of his own clergy. A strict administrator himself, Mepham “was keen to enforce moral discipline among the gentry and nobility,” added Eisner. He theorizes that Forde copped to the affair after getting leaned on by superiors, which subsequently led to the campaign to shame Ela Fitzpayne as a means to reassert the Church’s authority over English nobility. Forde, unfortunately, was caught between the two sides. “John Forde may have had split loyalties,” argued Eisner. “One to the Fitzpayne family, who were likely patrons of his church and granted him the position. And the other to the bishops who had authority over him as a clergy member.” Archbishop Mepham ultimately wouldn’t live to see the scandal’s full consequences. Fitzpayne never accepted her walk of shame, and the church elder died a year after sending the incriminating letters. Eisner believes the Fitzpaynes greenlit their hit job on Forde only after the dust had seemingly settled. It doesn’t help their case three bystanders said the man who slit the rector’s throat was none other than Ela Fitzpayne’s own brother, Hugh Lovell. They also named two family servants as Forde’s other assailants. Archbishop Mepham died four years before Forde’s murder. Credit: ampshire Archives and Hampshire County Council Turning a blind eye Anyone waiting for justice in this medieval saga will likely be disappointed. “Despite naming the killers and clear knowledge of the instigator, when it comes to pursuing the perpetrators, the jury turn[ed] a blind eye,” Eisner said. Eisner explained the circumstances surrounding an initial lack of convictions were simply “implausible.” No one supposedly could locate the accused to bring to trial, despite the men belonging to one of England’s highest nobility houses. Meanwhile, the court claimed Hugh Lovell had no belongings available to confiscate. “This was typical of the class-based justice of the day,” said Eisner. In the end, the only charge that ever stuck in the murder case was an indictment against one of the family’s former servants. Five years after the first trial in 1342, Hugh Colne was convicted of being one of the men to stab Forde in the stomach and sentenced to the notorious Newgate Prison. As dark and sordid as the multiyear medieval drama was, it apparently didn’t change much between Ela Fitzpayne and her husband, Sir Robert. She and the baron remained married until his death in 1354—when she subsequently inherited all his property. “Where rule of law is weak, we see killings committed by the highest ranks in society, who will take power into their own hands, whether it’s today or seven centuries ago,” said Eisner. That said, the criminology professor couldn’t help but concede that Ela Fitzpayne was an “extraordinary” individual, regardless of the era. “A woman in 14th century England who raided priories, openly defied the Archbishop of Canterbury, and planned the assassination of a priest,” he said. “Ela Fitzpayne appears to have been many things.”

/May 30, 2025/4:28 p.m. ETTrump Attacks Harvard With Social Media Screening for All VisasThis pilot program will soon be expanded across the country.Spencer Platt/Getty ImagesThe Trump administration has begun carrying out its expanded vetting for student visa applicants, surveilling their social media accounts to make sure they aren’t posting anything in support of Palestine, which the administration considers antisemitic. This vetting will start with Harvard visa applicants but is expected to be adopted nationwide.Secretary of Stato Marco Rubio sent a cable to all U.S. embassies and consulates on Thursday ordering them to “conduct a complete screening of the online presence of any nonimmigrant visa applicant seeking to travel to Harvard University for any purpose.” That would apply not just to students but also to faculty, staff, and researchers visiting the university.The Trump administration is taking particular interest in people who have their social media accounts on “private,” an obvious, ominous crossing of boundaries.The State Department has ordered officers to examine “whether the lack of any online presence, or having social media accounts restricted to ‘private’ or with limited visibility, may be reflective of evasiveness and call into question the applicant’s credibility.”This is yet another instance of Harvard serving as a test subject for the administration’s larger crackdown on free speech and international students at American universities. Trump has already revoked billions of dollars in research funding from the Massachusetts school, and even banned it from admitting any international students at all, although the latter policy was temporarily revoked by a judge. Most Recent Post/May 30, 2025/3:53 p.m. ETStephen Miller Grilled on Musk’s Drug Use as Wife Lands New GigTrump’s chief adviser seems desperate to avoid questions on Elon Musk. Does that have anything to do with his wife’s new job? Francis Chung/Politico/Bloomberg/Getty ImagesStephen Miller had a dismissive response Friday to new reports of Elon Musk’s drug use during Trump’s campaign last year. CNN’s Pamela Brown asked the far-right Trump adviser if there was “any drug testing or requests for him to drug test when he was in the White House given the fact that he was also a contractor with the government.”  A chuckling Miller ignored the question and said, “Fortunately for you and all of the friends at CNN, you’ll have the opportunity to ask Elon all the questions you want today yourself,” before he then segued into the Trump administration’s anti-immigrant agenda. “The drugs I’m concerned about are the drugs that are coming across the border from the criminal cartels that are killing hundreds of thousands of Americans,” Miller said. Perhaps Miller laughed instead of answering because his wife, Katie Miller, has left her job as adviser and spokesperson for the Department of Government Efficiency to work full-time for Musk and his companies. Miller has probably had enough of Musk, as he has also been subtweeting the tech oligarch, trying to refute Musk’s criticisms that the Republican budget bill would raise the deficit. “The Big Beautiful Bill is NOT an annual budget bill and does not fund the departments of government. It does not finance our agencies or federal programs,” Miller said, in a long X post earlier this week. Is there bad blood between Miller and Musk that has now spiraled because Miller’s wife is working for the tech oligarch and fellow fascism enthusiast? Most Recent Post/May 30, 2025/3:19 p.m. ETOld Man Trump Repeatedly Fumbles in Weird Speech Praising Elon MuskDonald Trump couldn’t keep some of his words straight as he marked the supposed end of Elon Musk’s tenure at the White House.Kevin Dietsch/Getty ImagesHours after reports emerged Friday that Elon Musk had been under the influence of heavy drugs during his time advising the president, Musk and Donald Trump stumbled and fumbled their way through a White House press conference recognizing the end of the tech billionaire’s special government employee status.The wildly unusual joint conference featured Musk’s black eye, a giant gold key that Trump said he only gives to “very special people,” cringe-worthy regurgitations by Musk of Trump’s take on his Pulitzer Board defamation suit, and claims that Musk’s unpopular and controversial time in the White House was not quite over.But as Trump continued to praise Musk and his time atop the Department of Government Efficiency, the president’s verbal gaffes became more apparent. He claimed that DOGE had uncovered $42 million in wasteful spending, referring to expenditures related to Uganda, which Trump pronounced as “oo-ganda.” The 78-year-old also mentioned he would have Musk’s DOGE cuts “cauterized by Congress,” though he quickly corrected himself by saying they would be “affirmed by Congress,” instead. Trump’s on-camera slippage has gotten worse in recent weeks: Earlier this month, Trump dozed off while in a meeting with Crown Prince Mohammed bin Salman in Riyadh, Saudi Arabia. That is despite the fact that the president received a clean bill of health in a medical report released in April that described Trump as being in “excellent health,” including neurological functioning.Musk, meanwhile, refused to acknowledge emerging reports of his alleged drug use. But the news of White House drug use under Trump’s helm is nothing new: In fact, if the reports prove true, it would be little more than a return to form. Last year, a report by the Department of Defense inspector general indicated that the West Wing operated more like a pill mill than the nation’s highest office. Common pills included modafinil, Adderall, fentanyl, morphine, and ketamine, according to the Pentagon report. But other, unlisted drugs—like Xanax—were equally easy to come by from the White House Medical Unit, according to anonymous sources that spoke to Rolling Stone.While other presidents were known to take a mix of drug cocktails to fight off back pain (like JFK) or bad moods (like Nixon), no previous administrations matched the level of debauchery of Trump’s, whose in-office pharmacists unquestioningly handed out highly addictive substances to staffers who needed pick-me-ups or energy boosts—no doctor’s exam, referral, or prescription required.“It was kind of like the Wild West. Things were pretty loose. Whatever someone needs, we were going to fill this,” another source told Rolling Stone in March 2024.Meanwhile, pharmacists described an atmosphere of fear within the West Wing, claiming they would be “fired” if they spoke out or would receive negative work assignments if they didn’t hand pills over to staffers.Read more about the press conference:Trump and Elon Musk Have Ominous Warning About Future of DOGEMost Recent Post/May 30, 2025/3:00 p.m. ETElon Musk Gives Strange Excuse for Massive Black EyeMusk showed up a press conference with Donald Trump sporting a noticeable shiner.Kevin Dietsch/Getty ImagesElon Musk sported what looked like a black eye during his DOGE goodbye press conference with President Trump on Friday. When asked about it, he blamed the bruise on his 5-year-old son punching him in the face. “Mr. Musk … is your eye OK? What happened to your eye; I noticed there’s a bruise there?” one reporter finally asked near the end of the press conference.“Well, I wasn’t anywhere near France,” Musk said, in a weak attempt at a joke regarding footage of French President Emmanuel Macron’s wife slapping him in the face.“I was just horsing around with [my son] little X and said, ‘Go ’head and punch me in the face,’ and he did. Turns out even a 5-year-old punching you in the face actually does—”“That was X that did it? X could do it!” Trump chimed in. “If you knew X …”“I didn’t really feel much at the time; I guess it bruises up. But I was just messing around with the kids.”Musk chose an impeccable time to show up to a press conference with a black eye. Earlier in the day, The New York Times reported on Musk’s rampant drug use on and off the campaign trail, as the world’s richest man frequently mixed ketamine and psychedelics and kept a small box of pills, mostly containing Adderall. The shiner only adds to speculation around his personal habits.More on that Times report:Elon Musk Was on Crazy Combo of Drugs During Trump CampaignMost Recent Post/May 30, 2025/2:51 p.m. ETTrump and Elon Musk Have Ominous Warning About Future of DOGEElon Musk’s time as a government employee has come to an end, but his time with Donald Trump has not.Kevin Dietsch/Getty ImagesDespite the fanfare over Elon Musk’s supposed departure from the Department of Government Efficiency, Donald Trump says that the billionaire bureaucrat isn’t really going anywhere.“Many of the DOGE people are staying behind, so they’re not leaving. And Elon’s not really leaving. He’s gonna be back and forth, I think. I have a feeling. It’s his baby, and he’s gonna be doing a lot of things,” Trump said during a press conference in the Oval Office Friday.The press conference was held to mark the end of Musk’s time as a so-called “special government employee,” a title that allowed him to bypass certain ethics requirements during his 134-day stint in Trump’s administration. The president made sure to give Musk a gaudy golden key—what it actually unlocks went totally unaddressed—to make sure he could get back into the White House. “This is not the end of DOGE, but really the beginning,” Musk said, promising that DOGE’s “influence” would “only grow stronger” over time.Earlier Friday, the billionaire bureaucrat shared a post on X asserting that the legacy of DOGE was more psychological than anything else. Surely, it will take longer than four months to forget the image of Musk running around with a chainsaw. Read more about Musk:Elon Musk Was on Crazy Combo of Drugs During Trump CampaignMost Recent Post/May 30, 2025/1:21 p.m. ETDem Governor Vetoes Ban on Surprise Ambulance Bills in Shocking MoveThe bill had unanimous support in both chambers of the state legislature.Michael Ciaglo/Getty ImagesColorado’s Democratic Governor Jared Polis has vetoed a bill that would ban surprise billing by ambulance companies, over the unanimous objections of both chambers of the state legislature. Why would Polis veto a bill that’s popular with everyone, even Colorado Republicans? The governor wrote in his veto statement that drafting errors in the bill made it “unimplementable” and estimated that it would make insurance premiums go up by as much as $0.73 to $2.15 per person. “I am committed to working with proponents and sponsors to protect Coloradans from surprise bills, but I encourage all parties to work towards a more reasonable reimbursement rate that mitigates premium impacts and nets a better deal for Colorado families,” Polis wrote. In Colorado, if legislators in both chambers repass the bill with a two-thirds majority, they can override the governor’s veto, especially considering that the bill passed with the support of every single legislator. But the legislature adjourned on May 7, meaning that the bill has to be passed again when the legislature reconvenes in January.  For some reason, ending surprise ambulance billing nationally is not the slam-dunk issue it should be. Congress ended most surprise medical bills in 2020 but exempted ground ambulances from the bill. Was Polis’s veto due to badly drafted language and a (seemingly modest) price hike in insurance premiums, as he said, or was it for a different, more nefarious reason? We might not know unless and until the bill is reintroduced next year. More on surprise ambulance bills:Congress Doesn’t Care About Your Surprise Ambulance Bill Most Recent Post/May 30, 2025/12:21 p.m. ETTrump’s Pardons Since Jan 6 Spree Show an Infuriatingly Corrupt TrendSince his January 6 pardon spree, Donald Trump has tended to grant clemency a little closer to home.Saul Loeb/AFP/Getty ImagesA good chunk of the white-collar criminals pardoned by Donald Trump after his massive “Day One” pardoning spree either have a political or financial tie to him.The president has issued 60 pardons since he offered political forgiveness to some 1,600 individuals charged in the January 6, 2021, attack on the U.S. Capitol. But out of those subsequent 60 unrelated to the attack, 12 people—or roughly one in five—were already in Trump’s orbit, according to ABC News.They included several politicos, including former Illinois Governor Rod Blagojevich, who was convicted on several counts of corruption, including for an attempt to sell Barack Obama’s Senate seat after he left the position for the White House; former Republican Representative Michael Grimm, who pleaded guilty to tax fraud; former Nevada gubernatorial candidate Michele Fiore, who allegedly stole public funds intended to commemorate a slain police officer; and former Tennessee state Senator Brian Kelsey, who pleaded guilty to campaign finance fraud in 2022.Trump also pardoned major financiers of his presidential campaigns. Trevor Milton, the founder of the Nikola electric vehicle company, donated nearly $2 million toward Trump’s 2024 campaign. Imaad Zuberi, who has donated to both parties, issued “at least $800,000 to committees associated with Trump and the Republican Party,” ABC reported.Others helped Trump advance his retribution campaign against his political enemies, or helped advance his own image in the broader Republican Party. Devon Archer and Jason Galanis, both former business partners of Hunter Biden, accused the younger Biden of leveraging his father’s name and influence in order to conduct business overseas. Archer had defrauded a Native American tribal entity, while Galanis was serving time for multiple offenses. Trump also forgave Todd and Julie Chrisley—reality TV stars known for their show Chrisley Knows Best who were sentenced to a combined 19 years on fraud and tax evasion charges—after their daughter Savannah Chrisley spoke at the 2024 Republican National Convention.Speaking to press Friday after her parents’ release, Savannah Chrisley said that the “biggest misconception right now is I either paid for a pardon or slept for a pardon—,” but she couldn’t finish her sentence before Todd interjected: “That’s something I would have done,” he said.Read who else Trump is thinking of pardoning:Trump Considering Pardons for Men Who Tried to Kill Gretchen WhitmerMost Recent Post/May 30, 2025/12:04 p.m. ETTrump Knew He Was Deporting Innocent People to El Salvador All AlongMany of the people deported to El Salvador have no criminal record, and Donald Trump knew it.Michael M. Santiago/Getty ImagesDonald Trump’s administration was well aware that many of the 238 Venezuelan immigrants it shipped off to a notorious megaprison in El Salvador had no criminal records at all, according to a Friday report from ProPublica.  While Trump officials claimed that the deportees were brutal gang members and “the worst of the worst,” only 32 of the deportees had actually been convicted of crimes, and most of them were minor offenses such as traffic violations, according to data from the Department of Homeland Security reviewed by ProPublica, The Texas Tribune, and a team of journalists from Venezuelan media outlets. One of the men, 23-year-old Maikol Gabriel López Lizano, faced a misdemeanor charge after he was arrested in 2023 for riding his bike and drinking a can of beer.Little more than half of the deportees, 130 of the 238, were charged only with violating U.S. immigration laws. Twenty of them had criminal records from other countries. The U.S. government data showed that 67 individuals had pending charges, with only six being for violent crimes. In several cases, the government data about the pending charges differed from what ProPublica was able to find. In some cases, the men had actually been convicted, and in one, the charges had been dropped. But in many cases, these individuals were remanded to a foreign prison before their criminal cases were ever resolved. The Trump administration has touted allegations of gang affiliation as a justification for denying the deportees their due process rights. But none of the men’s names appeared on a list of roughly 1,400 alleged Tren de Aragua members kept by the Venezuelan government, ProPublica reported. Trump’s border czar Tom Homan tried desperately in March to downplay reporting that many of these individuals did not have criminal records. “A lot of gang members don’t have criminal histories, just like a lot of terrorists in this world, they’re not in any terrorist databases, right?” Homan said on ABC News. But the methods the government relies on to classify individuals as gang members—such as identification of gang-affiliated tattoos—have been disproven by experts. Not only were many of the men who were deported not proven gang members, they weren’t even criminals, and by denying them the right to due process, they were remanded to a foreign prison notorious for human rights abuses without ever getting to prove it. Trump has continued to pressure the Supreme Court to allow him to sidestep due process as part of his massive deportation campaign, claiming that the judiciary has no right to intrude on matters of “foreign policy.” But immigrants residing on U.S. soil—who are clearly not the bloodthirsty criminals the administration insists they are—are still subject to protections under U.S. law. Read more about the deportations:Trump Asks Supreme Court to Help Him Deport People Wherever He WantsMost Recent Post/May 30, 2025/11:41 a.m. ETJoni Ernst Stoops to Shocking Low When Told Medicaid Cuts Will KillSenator Joni Ernst had a disgusting answer when confronted by a constituent at her town hall about Trump’s budget bill.Drew Angerer/Getty ImagesRepublican Senator Joni Ernst had a particularly unhinged response to questions from her constituents at a town hall in Parkersburg, Iowa, on Friday.Ernst was asked about the GOP’s budget bill kicking people off of Medicaid, and her condescending answer quickly became callous and flippant as the Iowa politician smirked at the audience.“When you are arguing about illegals that are receiving Medicaid, 1.4 million, they’re not eligible, so they will be coming off, so—” Ernst began, before an audience member shouted, “People are going to die!”“People are not—well, we all are going to die,” Ernst responded, as the audience drowned her in loud protests.What was Ernst thinking with that answer? Almost every Republican town hall this year has gone badly for the politician holding it, thanks to President Trump upending the federal government, and Ernst surely knew that choosing death over Medicaid wouldn’t go over well with the crowd. Earlier this week in Nebraska, Representative Mike Flood was heckled after he admitted that he didn’t read the budget bill.Ersnt’s town hall wasn’t even the first one in Iowa to go badly for a Republican. On Wednesday, Representative Ashley Hinson was met with jeers and boos, with audience members in Decorah, Iowa calling her a fraud and a liar. But at least Hinson had the good sense not to seemingly embrace death over a vital, lifesaving government program. More on Trump’s bill:Here Are the Worst Things in Trump’s Big, Beautiful Bill Most Recent Post/May 30, 2025/11:35 a.m. ETKetanji Brown Jackson Blasts “Botched” Supreme Court Ruling on TPSSupreme Court Justice Ketanji Brown Jackson, in a scathing disssent, called out the rest of the court for allowing Trump’s harmful executive order to stand.Anna Moneymaker/Getty ImagesSupreme Court Justice Ketanji Brown Jackson thinks the Supreme Court “botched” a decision to allow the Trump administration to revoke the Temporary Protected Status protections of about 500,000 Haitian, Cuban, Nicaraguan, and Venezuelan immigrants.Jackson and fellow liberal Justice Sonia Sotomayor were the only two dissenters.“The Court has plainly botched this assessment today. It requires next to nothing from the Government with respect to irreparable harm,” Jackson wrote in the dissent. “And it undervalues the devastating consequences of allowing the Government to precipitously upend the lives of and livelihoods of nearly half a million noncitizens while their legal claims are pending.”TPS is a long-standing program that allowed those 500,000 immigrants to stay in the U.S. after they fled violence and risk in their home countries. After the Supreme Court’s ruling, all of them are at high risk of sudden deportation. “It is apparent that the government seeks a stay to enable it to inflict maximum predecision damage,” Jackson wrote.Read the full dissent here.View More Posts

Jesse Armstrong loves to pull fictional stories out of reality. His universally acclaimed TV show Succession, for instance, was inspired by real-life media dynasties like the Murdochs and the Hearsts. Similarly, his newest film Mountainhead centers upon characters that share key traits with the tech world’s most powerful leaders: Elon Musk, Mark Zuckerberg, Sam Altman, and others.Mountainhead, which releases on HBO on May 31 at 8 p.m. ET, portrays four top tech executives who retreat to a Utah hideaway as the AI deepfake tools newly released by one of their companies wreak havoc across the world. As the believable deepfakes inflame hatred on social media and real-world violence, the comfortably-appointed quartet mulls a global governmental takeover, intergalactic conquest and immortality, before interpersonal conflict derails their plans.Armstrong tells TIME in a Zoom interview that he first became interested in writing a story about tech titans after reading books like Michael Lewis’ Going Infinite (about Sam Bankman-Fried) and Ashlee Vance’s Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future, as well as journalistic profiles of Peter Thiel, Marc Andreessen, and others. He then built the story around the interplay between four character archetypes—the father, the dynamo, the usurper, and the hanger-on—and conducted extensive research so that his fictional executives reflected real ones. His characters, he says, aren’t one-to-one matches, but “Frankenstein monsters with limbs sewn together.” These characters are deeply flawed and destructive, to say the least. Armstrong says he did not intend for the film to be a wholly negative depiction of tech leaders and AI development. “I do try to take myself out of it, but obviously my sense of what this tech does and could do infuses the piece. Maybe I do have some anxieties,” he says. Armstrong contends that the film is more so channeling fears that AI leaders themselves have warned about. “If somebody who knows the technology better than anyone in the world thinks there's a 1/5th chance that it's going to wipe out humanity—and they're some of the optimists—I think that's legitimately quite unnerving,” he says. Here’s how each of the characters in Mountainhead resembles real-world tech leaders. This article contains spoilers. Venis (Cory Michael Smith) is the dynamo.Cory Michael Smith in Mountainhead Macall Polay—HBOVenis is Armstrong’s “dynamo”: the richest man in the world, who has gained his wealth from his social media platform Traam and its 4 billion users. Venis is ambitious, juvenile, and self-centered, even questioning whether other people are as real as him and his friends. Venis’ first obvious comp is Elon Musk, the richest man in the real world. Like Musk, Venis is obsessed with going to outer space and with using his enormous war chest to build hyperscale data centers to create powerful anti-woke AI systems. Venis also has a strange relationship with his child, essentially using it as a prop to help him through his own emotional turmoil. Throughout the movie, others caution Venis to shut down his deepfake AI tools which have led to military conflict and the desecration of holy sites across the world. Venis rebuffs them and says that people just need to adapt to technological changes and focus on the cool art being made. This argument is similar to those made by Sam Altman, who has argued that OpenAI needs to unveil ChatGPT and other cutting-edge tools as fast as possible in order to show the public the power of the technology. Like Mark Zuckerberg, Venis presides over a massively popular social media platform that some have accused of ignoring harms in favor of growth. Just as Amnesty International accused Meta of having “substantially contributed” to human rights violations perpetrated against Myanmar’s Rohingya ethnic group, Venis complains of the UN being “up his ass for starting a race war.”Randall (Steve Carell) is the father.Steve Carell in Mountainhead Macall Polay—HBOThe group’s eldest member is Randall, an investor and technologist who resembles Marc Andreessen and Peter Thiel in his lofty philosophizing and quest for immortality. Like Andreessen, Randall is a staunch accelerationist who believes that U.S. companies need to develop AI as fast as possible in order to both prevent the Chinese from controlling the technology, and to ostensibly ignite a new American utopia in which productivity, happiness, and health flourish. Randall’s power comes from the fact that he was Venis’ first investor, just as Thiel was an early investor in Facebook. While Andreessen pens manifestos about technological advancement, Randall paints his mission in grandiose, historical terms, using anti-democratic, sci-fi-inflected language that resembles that of the philosopher Curtis Yarvin, who has been funded and promoted by Thiel over his career. Randall’s justification of murder through utilitarian and Kantian lenses calls to mind Sam Bankman-Fried’s extensive philosophizing, which included a declaration that he would roll the dice on killing everyone on earth if there was a 51% chance he would create a second earth. Bankman-Fried’s approach—in embracing risk and harm in order to reap massive rewards—led him to be convicted of massive financial fraud. Randall is also obsessed with longevity just like Thiel, who has railed for years against the “inevitability of death” and yearns for “super-duper medical treatments” that would render him immortal. Jeff (Ramy Youssef) is the usurper.Ramy Youssef in Mountainhead Macall Polay—HBOJeff is a technologist who often serves as the movie’s conscience, slinging criticisms about the other characters. But he’s also deeply embedded within their world, and he needs their resources, particularly Venis’ access to computing power, to thrive. In the end, Jeff sells out his values for his own survival and well-being. AI skeptics have lobbed similar criticisms at the leaders of the main AI labs, including Altman—who started OpenAI as a nonprofit before attempting to restructure the company—as well as Demis Hassabis and Dario Amodei. Hassabis is the CEO of Google Deepmind and a winner of the 2024 Nobel Prize in Chemistry; a rare scientist surrounded by businessmen and technologists. In order to try to achieve his AI dreams of curing disease and halting global warning, Hassabis enlisted with Google, inking a contract in 2014 in which he prohibited Google from using his technology for military applications. But that clause has since disappeared, and the AI systems developed under Hassabis are being sold, via Google, to militaries like Israel’s. Another parallel can be drawn between Jeff and Amodei, an AI researcher who defected from OpenAI after becoming worried that the company was cutting back its safety measures, and then formed his own company, Anthropic. Amodei has urged governments to create AI guardrails and has warned about the potentially catastrophic effects of the AI industry’s race dynamics. But some have criticized Anthropic for operating similarly to OpenAI, prioritizing scale in a way that exacerbates competitive pressures. Souper (Jason Schwartzman) is the hanger-on. Jason Schwartzman in Mountainhead Macall Polay—HBOEvery quartet needs its Turtle or its Ringo; a clear fourth wheel to serve as a punching bag for the rest of the group’s alpha males. Mountainhead’s hanger-on is Souper, thus named because he has soup kitchen money compared to the rest (hundreds of millions as opposed to billions of dollars). In order to prove his worth, he’s fixated on getting funding for a meditation startup that he hopes will eventually become an “everything app.” No tech exec would want to be compared to Souper, who has a clear inferiority complex. But plenty of tech leaders have emphasized the importance of meditation and mindfulness—including Twitter co-founder and Square CEO Jack Dorsey, who often goes on meditation retreats. Armstrong, in his interview, declined to answer specific questions about his characters’ inspirations, but conceded that some of the speculations were in the right ballpark. “For people who know the area well, it's a little bit of a fun house mirror in that you see something and are convinced that it's them,” he says. “I think all of those people featured in my research. There's bits of Andreessen and David Sacks and some of those philosopher types. It’s a good parlor game to choose your Frankenstein limbs.”

May 30: Statehood Day in Croatia (1990) Johann Sebastian Bach 1431 – Hundred Years' War: After being convicted of heresy, Joan of Arc was burned at the stake in Rouen, France. 1723 – Johann Sebastian Bach (pictured) assumed the office of Thomaskantor in Leipzig, presenting the cantata Die Elenden sollen essen in St. Nicholas Church. 1922 – The Lincoln Memorial in Washington, D.C., featuring a sculpture of the sixteenth U.S. president Abraham Lincoln by Daniel Chester French, opened. 1963 – Buddhist crisis: A protest against pro-Catholic discrimination was held outside the National Assembly of South Vietnam in Saigon, the first open demonstration against President Ngô Đình Diệm. 2008 – The Convention on Cluster Munitions, prohibiting the use, transfer, and stockpiling of cluster bombs, was adopted. Ma Xifan (d. 947)Colin Blythe (b. 1879)Norris Bradbury (b. 1909)Wynonna Judd (b. 1964) More anniversaries: May 29 May 30 May 31 Archive By email List of days of the year About

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization. The malware, the DoJ said, infected more than 300,000 victim computers around the world, facilitated fraud and ransomware, and caused at least $50 million in damages. Two of the defendants, Aleksandr Stepanov (aka JimmBee), 39, and Artem Aleksandrovich Kalinkin (aka Onix), 34, both from Novosibirsk, Russia, are currently at large. Stepanov has been charged with conspiracy, conspiracy to commit wire fraud and bank fraud, aggravated identity theft, unauthorized access to a protected computer to obtain information, unauthorized impairment of a protected computer, wiretapping, and use of an intercepted communication. Kalinkin has been charged with conspiracy to gain unauthorized access to a computer to obtain information, to gain unauthorized access to a computer to defraud, and to commit unauthorized impairment of a protected computer. The unsealed criminal complaint and indictment show that many of the defendants, counting Kalinkin, exposed their real-life identities after accidentally infecting their own systems with the malware. "In some cases, such self-infections appeared to be deliberately done in order to test, analyze, or improve the malware," the complaint [PDF] read. "In other cases, the infections seemed to be inadvertent – one of the hazards of committing cybercrime is that criminals will sometimes infect themselves with their own malware by mistake." "The inadvertent infections often resulted in sensitive and compromising data being stolen from the actor's computer by the malware and stored on the DanaBot servers, including data that helped identify members of the DanaBot organization." If convicted, Kalinkin is expected to face a statutory maximum sentence of 72 years in federal prison. Stepanov would face a jail term of five years. Concurrent with the action, the law enforcement effort, carried out as part of Operation Endgame, saw DanaBot's command-and-control (C2) servers seized, including dozens of virtual servers hosted in the United States. "DanaBot malware used a variety of methods to infect victim computers, including spam email messages containing malicious attachments or hyperlinks," the DoJ said. "Victim computers infected with DanaBot malware became part of a botnet (a network of compromised computers), enabling the operators and users of the botnet to remotely control the infected computers in a coordinated manner." DanaBot, like the recently dismantled Lumma Stealer malware, operates under a malware-as-a-service (MaaS) scheme, with the administrators leasing out access starting from $500 to "several thousand dollars" a month. Tracked under the monikers Scully Spider and Storm-1044, is a multi-functional tool along the lines of Emotet, TrickBot, QakBot, and IcedID that's capable of acting as a stealer and a delivery vector for next-stage payloads, such as ransomware. The Delphi-based modular malware is equipped to siphon data from victim computers, hijack banking sessions, and steal device information, user browsing histories, stored account credentials, and virtual currency wallet information. It can also provide full remote access, log keystrokes, and capture videos. It's been active in the wild since its debut in May 2018, when it started off as a banking trojan. Example of typical Danabot infrastructure "DanaBot initially targeted victims in Ukraine, Poland, Italy, Germany, Austria, and Australia prior to expanding its targeting posture to include U.S.- and Canada-based financial institutions in October 2018," CrowdStrike said. "The malware's popularity grew due to its early modular development supporting Zeus-based web injects, information stealer capabilities, keystroke logging, screen recording, and hidden virtual network computing (HVNC) functionality." According to Black Lotus Labs and Team Cymru, DanaBot employs a layered communications infrastructure between a victim and the botnet controllers, wherein the C2 traffic is proxied through two or three server tiers before it reaches the final level. At least five to six tier-2 servers were active at any given time. A majority of DanaBot victims are concentrated around Brazil, Mexico, and the United States. "The operators have shown their commitment to their craft, adapted to detection and changes in enterprise defense, and with later iterations, insulating the C2s in tiers to obfuscate tracking," the companies said. "Throughout this time, they have made the bot more user-friendly with structured pricing and customer support." High-level diagram of multi-tiered C2 architecture The DoJ said DanaBot administrators operated a second version of the botnet that was specially designed to target victim computers in military, diplomatic, government, and related entities in North America and Europe. This variant, emerging in January 2021, came fitted with capabilities to record all interactions happening on a victim device and send the data to a different server. "Pervasive malware like DanaBot harms hundreds of thousands of victims around the world, including sensitive military, diplomatic, and government entities, and causes many millions of dollars in losses," said United States Attorney Bill Essayli for the Central District of California. The DoJ further credited several private sector firms, Amazon, CrowdStrike, ESET, Flashpoint, Google, Intel 471, Lumen, PayPal, Proofpoint, Spycloud, Team Cymru, and Zscaler, for providing "valuable assistance." Some of the noteworthy aspects of DanaBot, compiled from various reports, are below - DanaBot's sub-botnet 5 received commands to download a Delphi-based executable leveraged to conduct HTTP-based distributed denial-of-service (DDoS) attacks against the Ukrainian Ministry of Defence (MOD) webmail server and the National Security and Defense Council (NSDC) of Ukraine in March 2022, shortly after Russia's invasion of the country Two DanaBot sub-botnets, 24 and 25, were specifically used for espionage purposes likely with an aim to further intelligence-gathering activities on behalf of Russian government interests DanaBot operators have periodically restructured their offering since 2022 to focus on defense evasion, with at least 85 distinct build numbers identified to date (The most recent version is 4006, which was compiled in March 2025) The malware's infrastructure consists of multiple components: A "bot" that infects target systems and performs data collection, an "OnlineServer" that manages the RAT functionalities, a "client" for processing collected logs and bot management, and a "server" that handles bot generation, packing, and C2 communication DanaBot has been used in targeted espionage attacks against government officials in the Middle East and Eastern Europe The authors of DanaBot operate as a single group, offering the malware for rent to potential affiliates, who subsequently use it for their own malicious purposes by establishing and managing their own botnets using private servers DanaBot's developers have partnered with the authors of several malware cryptors and loaders, such as Matanbuchus, and offered special pricing for distribution bundles DanaBot maintained an average of 150 active tier-1 C2 servers per day, with approximately 1,000 daily victims across more than 40 countries, making it one of the largest MaaS platforms active in 2025 Proofpoint, which first identified and named DanaBot in May 2018, said the disruption of the MaaS operation is a win for defenders and that it will have an impact on the cybercriminal threat landscape. "Cybercriminal disruptions and law enforcement actions not only impair malware functionality and use but also impose a cost to threat actors by forcing them to change their tactics, cause mistrust in the criminal ecosystem, and potentially make criminals think about finding a different career," Selena Larson, a staff threat researcher at Proofpoint, said. "These successes against cyber criminals only come about when business IT teams and security service providers share much-needed insight into the biggest threats to society, affecting the greatest number of people around the world, which law enforcement can use to track down the servers, infrastructure, and criminal organizations behind the attacks. Private and public sector collaboration is crucial to knowing how actors operate and taking action against them." DanaBot's features as promoted on its support site DoJ Unseals Charges Against QakBot Leader The development comes as the DoJ unsealed charges against a 48-year-old Moscow resident, Rustam Rafailevich Gallyamo, for leading efforts to develop and maintain the QakBot malware, which was disrupted in a multinational operation in August 2023. The agency also filed a civil forfeiture complaint against over $24 million in cryptocurrency seized from Gallyamov over the course of the investigation. "Gallyamov developed, deployed, and controlled the Qakbot malware beginning in 2008," the DoJ said. "From 2019 onward, Gallyamov allegedly used the Qakbot malware to infect thousands of victim computers around the world in order to establish a network, or 'botnet,' of infected computers." The DoJ revealed that, following the takedown, Gallyamov and his co-conspirators continued their criminal activities by switching to other tactics like "spam bomb" attacks in order to gain unauthorized access to victim networks and deploy ransomware families like Black Basta and CACTUS. Court documents accuse the e-crime group of engaging in these methods as recently as January 2025. "Mr. Gallyamov's bot network was crippled by the talented men and women of the FBI and our international partners in 2023, but he brazenly continued to deploy alternative methods to make his malware available to criminal cyber gangs conducting ransomware attacks against innocent victims globally," said Assistant Director in Charge Akil Davis of the FBI's Los Angeles Field Office. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

All throughout 2025, I've been bursting with podcast recommendations (which might not be surprising, given writing a podcast recommendation newsletter is part of my job). I've shared my lists of the best podcasts about liars and scammers, podcasts that expose the nonsense in politics and pop culture, and podcasts you'll like if you miss Heavyweight. But then I awoke and realized that we are almost halfway through the year, and I haven't spent nearly enough time talking about my favorite new shows that debuted this year. June is a great time to take stock of all the new podcasts from the first half of the year. These are the shows that made my jaw drop, made me laugh, and inspired me to subscribe—and pester all of my friends to do the same. I think you'll like them, too. Alternate Realities (Embedded) Credit: Podcast logo Embedded recently produced a 3-part series, Alternate Realities, focused on a bet between reporter Zach Mack and his father, who intended to determine once and for all who was right about the other having been lost to conspiracy theories. Zach’s father had started to believe in chemtrails, that the government controls the weather, that ANTIFA staged the Jan. 6 riots, that a cabal called the globalists is controlling the world. Zach…did not believe those things. In early 2024 the two agreed: Zach’s dad would make a list of 10 prophesies that he was 100% sure would happen, (i.e. a bunch of democrats would be convicted of treason and/or murder, the U.S. would come under martial law), and on Jan. 1, 2025, Zach would have to give his father $1,000 for every one that came to pass. For every one that didn’t, Zach would get the same. It’s a zingy idea for a series, but also a dark family story—the bet is the make-or-break thing for not just Zach and his dad, but for the entire family. Beyond the money, the stakes are high.Debt Heads Credit: Podcast logo Friends Jamie Alyson Feldman (@realgirlproject) and Rachel Gayle Webster (@webbythefox) are using storytelling, research, springiness, humor, and fun audio elements in their podcast Debt Heads, which examines Jamie’s deeply ingrained issues with debt and uses them as an entry point into the question of why so many young people are in the same boat. It's a fascinating dive into the issue of millennials and their money—harrowing and fascinating and occasionally funny, and a rich listening experience even if you (like me) want to crawl under a table when the conversation turns to money.Our Ancestors Were Messy Credit: Podcast logo If you love the way Normal Gossip pulls you into the juicy drama of strangers, and especially if you also love history, you’ll get sucked right in to Our Ancestors Were Messy, Nichole Hill’s show about the gossip, scandals, and pop culture that made headlines in historical Black newspapers across America. Nichole tells true stories from the past (a Victorian-era love triangle that hit DC elites, a mystery concerning a tabloid sensation in Harlem) with help from a guest, placing you inside of a vintage scandal, providing the context you need to understand why it was a scandal at all, and fleshing out the characters involved with the skill of a novelist. Nichole’s storytelling is descriptive, funny, conversational, and crisp, and she uses amazing sound production that pumps it all into life. Why Is Amy in the Bath? Credit: Podcast logo Have you ever noticed that Amy Adams seems to do a lot of bathtub and shower scenes in her films? After listening to this show, you won’t be able to un-notice it. Certainly that fact stuck out to Brandon R. Reynolds and Gabby Lombardo, who spun the observation into the podcast Why Is Amy in the Bath? In six episodes they ask: Is Amy, who has never won an Oscar, doing all these bathtub scenes because they offer the opportunity for the kind of dramatic acting that earns the biggest, golden-est prizes? Brandon and Gabby went through 1,500 movies, including all the Best Actress Oscar nominees, to see if there was a correlation to tub scenes, and their conclusions are the stuff of the best conspiracy theories.What We Spend Credit: Podcast logo If you love Refinery 29's Money Diaries, or if you’re just a nosy person, you’re going to salivate over What We Spend, in which regular people take us, day by day and purchase by purchase, through what they spend in a week. It's like looking inside their wallets, flipping through their credit card statements, and hearing the personal stories behind the financial decisions they make. One person is scared about having to pay for a cat funeral. A 35-year-old asks her dad to pay her bills for a month. In each episode, the subject realizes, along with us, that there are usually deeply rooted personal issues underneath their money issues and the anxieties they bring up. Listeners can contact the hosts for a spot on the show, but that's a huge no thanks from me! But I’ll be listening. Text Me Back Credit: Podcast logo If you’re looking for a chat show that will have you laughing out loud without making you feel like you just lost a bunch of brain cells, try Text Me Back. Bestselling writer Lindy West and democracy policy expert Meagan Hatcher-Maysget are childhood friends who get on the mic for convos that range from off the rails goofy stories to insightful pop-culture and political commentary, with an irresistible friendship vibe flowing throughout. Their chemistry is nothing that could be rehearsed or planned, and they are both such good storytellers, they can spin gold out of the most mundane things that happened to them in a given week. Text Me Back will be a balm for listeners who still miss the iconic podcast Call Your Girlfriend (RIP.) The Final Days of Sgt. Tibbs Credit: Podcast logo Delivered in four short episodes, The Final Days of Sgt. Tibbs explores the fate of the titular geriatric cat, who went missing in Manchester, New Hampshire, then turned up dead, causing a huge blowup in the community he left behind. Rose, Sgt. Tibbs’ owner, was devastated when Tibbs went missing, and infuriated to learn that he might not have actually been missing at all, but in the hands of neighbors, the mother/daughter duo of Debbie and Sabrina, who claim to have saved the cat's life. We going in knowing that Tibbs has died. The question is, what happened? Todd Bookman puts a microscope to the kitty's last days, and finds a story of adults behaving badly and a community torn apart. At one point, Todd wonders if there are better things he could be doing with his time (and microphone). “But imagine something more important than something you love disappearing and dying," he says. "It seems worth every second trying to figure out what happened.” Pet lovers get it. RIP, Sgt. Tibbs.We Came to the Forest Credit: Podcast logo We Came to the Forest introduces you to Vienna Forrest, an environmental crusader remembering her life living in the forest with a bunch of other activists as they protested the construction of Atlanta’s Cop City, one of the biggest police training facilities in the country. She speaks intimately about her partner Tortuguita (Manuel Esteban Paez Terán,) another protester or “forest defender” who was allegedly shot and killed by Atlanta law enforcement. We Came to the Forest revolves around Tortuguita’s murder and everything that led up to it. What seems obvious (Tortuguita was shot by the police) is tough to prove. A cop was also shot, but who shot him? There is no body cam footage to prove what happened. Through storytelling and interviews, the show will make you think about how fast things can turn sideways when law enforcement gets involved in a situation, and how thin the line can be between safety and danger.CRAMPED Credit: Podcast logo Kate Downey has been having debilitating period pain every month since she was14 years old. Debilitating period pain is common, yet something nobody seems to want to talk about or research—and certainly nobody is trying to have fun with it. But Kate is doing all of the above with CRAMPED, which is somehow boisterous and dead serious at the same time. It's full of fascinating interviews, illuminating info, and helpful tips for anyone with a uterus. She gets smart, funny people on the mic to talk about their that-time-of-the-month experiences, what is really going on in their bodies and why nobody cares, and why Kate hasn’t been able to get an answers from a doctor after 20 years of asking questions. Suave (Season 2) Credit: Podcast logo In its first season, Suave won a Pulitzer Prize-winning for telling the story of Luis "Suave" Gonzalez, a convicted man who turned his life around in prison, and his relationship with journalist Maria Hinojosa. The show is assembled from years of recordings of their conversations, an audio document of the highs and lows of Suave's life both in and out of jail, and the mother/son bond that develops between the two. At the end, Suave is released, and we are left to wonder what freedom really means. That’s where season two picks up: Suave is now “Mr. Pulitzer,” but life on the outside is very hard. Proxy Credit: Podcast logo With her beautiful show Proxy, "emotional journalist" Yowei Shaw investigates and solves deeply intimate conundrums by proxy—she finds people with unresolved relationship issues and links them up with a stranger who can help them better understand what's going on. (Recently she connected a man whose wife left him for a woman with a woman who'd left her husband for a woman.) Yowei also appears on the massively popular NPR podcast Invisibilia, so you know you can trust her to deliver a good story that will be professionally structured. It's a space for unique conversations the likes of which I have never heard before. Sea of Lies (Uncover) Credit: Podcast logo On Sea of Lies (available on the Uncover podcast feed) Sam Mullins (Wild Boys) tells the tale of one of the most wanted men in the world, Albert Walker, who is arrested for fraud after a dead body wearing a recognizable watch washes ashore. The globe-spanning saga gets wilder from there, always zagging left when you think it will go right. Via meticulous reporting, Sea of Lies skirts around Walker’s manipulative tactics to get to the psychological questions at the root of his crimes. 

When a formerly incarcerated “troubleshooter for the mafia” looked for a second career he chose the thing he knew best. He became a prison consultant for white-collar criminals.

Cybersecurity leaders aren't just dealing with attacks—they're also protecting trust, keeping systems running, and maintaining their organization's reputation. This week's developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow. Just fixing problems isn't enough anymore—resilience needs to be built into everything from the ground up. That means better systems, stronger teams, and clearer visibility across the entire organization. What's showing up now isn't just risk—it's a clear signal that acting fast and making smart decisions matters more than being perfect. Here's what surfaced—and what security teams can't afford to overlook. ⚡ Threat of the Week Microsoft Fixes 5 Actively Exploited 0-Days — Microsoft addressed a total of 78 security flaws in its Patch Tuesday update for May 2025 last week, out of which five of them have come under active exploitation in the wild. The vulnerabilities include CVE-2025-30397, CVE-2025-30400, CVE-2025-32701, CVE-2025-32706, and CVE-2025-32709. It's currently not known in what context these defects have been exploited, who is behind them, and who was targeted in these attacks. Download the Report ➝ 🔔 Top News Marbled Dust Exploits Output Messenger 0-Day — Microsoft revealed that a Türkiye-affiliated threat actor codenamed Marbled Dust exploited as zero-day a security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. The attacks, the company said, are associated with the Kurdish military operating in Iraq. The attacks exploited CVE-2025-27920, a directory traversal vulnerability affecting version 2.0.62 that allows remote attackers to access or execute arbitrary files. It was addressed in December 2024. Konni APT Focuses on Ukraine in New Phishing Campaign — The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia amidst the ongoing Russo-Ukrainian war. Proofpoint, which disclosed details of the activity, said the objective of the attacks is to collect intelligence on the "trajectory of the Russian invasion." The attack chains entail the use of phishing emails that impersonate a fictitious senior fellow at a non-existent think tank, tricking recipients into visiting credential harvesting pages or downloading malware that can conduct extensive reconnaissance of the compromised machines. Coinbase Discloses Data Breach — Cryptocurrency giant Coinbase disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. The activity bribed its customer support agents based in India to obtain a list of customers, who were then approached as part of a social engineering attack to transfer their digital assets to a wallet under the threat actor's control. The attackers also unsuccessfully attempted to extort the company for $20 million on May 11, 2025, by claiming to have information about certain customer accounts as well as internal documents. The compromised agents have since been terminated. While no passwords, private keys, or funds were exposed, the attackers made away with some amount of personal information, including names, addresses, phone numbers, email addresses, government ID images, and account balances. Coinbase did not disclose how many of its customers fell for the scam. Besides voluntarily reimbursing retail customers who were duped into sending cryptocurrency to scammers, Coinbase is offering a $20 million reward to anyone who can help identify and bring down the perpetrators of the cyber attack. APT28 Behind Attacks Targeting Webmail Services — APT28, a hacking group linked to Russia's Main Intelligence Directorate (GRU), has been targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities. The attacks, ongoing since at least 2023, targeted governmental entities and defense companies in Eastern Europe, although governments in Africa, Europe, and South America were also singled out. The victims in 2024 alone included officials from regional national governments in Ukraine, Greece, Cameroon and Serbia, military officials in Ukraine and Ecuador, and employees of defense contracting firms in Ukraine, Romania and Bulgaria. The group's spear-phishing campaign used fake headlines mimicking prominent Ukrainian news outlets like the Kyiv Post about the Russia-Ukraine war, seemingly in an attempt to entice targets into opening the messages using the affected webmail clients. Those who opened the email messages using the affected webmail clients were served, via the XSS flaws, a custom JavaScript payload capable of exfiltrating contacts and email data from their mailboxes. One of the payloads could steal passwords and two-factor authentication codes, allowing the attackers to bypass account protections. The malware is also designed to harvest the email credentials, either by tricking the browser or password manager into pasting those credentials into a hidden form or getting the user to log out, whereupon they were served a bogus login page. Earth Ammit Breaches Drone Supply Chains to Target Taiwan and South Korea — The threat actor known as Earth Ammit targeted a broader range of organizations than just Taiwanese drone manufacturers, as initially supposed. While the set of attacks was believed to be confined to drone manufacturers in Taiwan, a subsequent analysis has uncovered that the campaign is more broader and sustained in scope than previously thought, hitting the heavy industry, media, technology, software services, healthcare, satellite, and military-adjacent supply chains, and payment service providers in both South Korea and Taiwan. The attacks targeted software vendors and service providers as a way to reach their desired victims, who were the vendors' downstream customers. "Earth Ammit's strategy centered around infiltrating the upstream segment of the drone supply chain. By compromising trusted vendors, the group positioned itself to target downstream customers – demonstrating how supply chain attacks can ripple out and cause broad, global consequences," Trend Micro noted. "Earth Ammit's long-term goal is to compromise trusted networks via supply chain attacks, allowing them to target high-value entities downstream and amplify their reach." ‎️‍🔥 Trending CVEs Attackers love software vulnerabilities—they're easy doors into your systems. Every week brings fresh flaws, and waiting too long to patch can turn a minor oversight into a major breach. Below are this week's critical vulnerabilities you need to know about. Take a look, update your software promptly, and keep attackers locked out. This week's list includes — CVE-2025-30397, CVE-2025-30400, CVE-2025-32701, CVE-2025-32706, CVE-2025-32709 (Microsoft Windows), CVE-2025-42999 (SAP NetWeaver), CVE-2024-11182 (MDaemon), CVE-2025-4664 (Google Chrome), CVE-2025-4632 (Samsung MagicINFO 9 Server), CVE-2025-32756 (Fortinet FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera), CVE-2025-4427, CVE-2025-4428 (Ivanti Endpoint Manager Mobile), CVE-2025-3462, CVE-2025-3463 (ASUS DriverHub), CVE-2025-47729 (TeleMessage TM SGNL), CVE-2025-31644 (F5 BIG-IP), CVE-2025-22249 (VMware Aria Automation), CVE-2025-27696 (Apache Superset), CVE-2025-4317 (TheGem WordPress theme), CVE-2025-23166 (Node.js), CVE-2025-47884 (Jenkins OpenID Connect Provider Plugin), CVE-2025-47889 (Jenkins WSO2 Oauth Plugin), CVE-2025-4802 (Linux glibc), and CVE-2025-47539 (Eventin plugin). 📰 Around the Cyber World Attackers Leverage PyInstaller to Drop Infostealers on Macs — Attackers are using PyInstaller to deploy information stealers on macOS systems. These ad-hoc signed samples bundle Python code into Mach-O executables using PyInstaller, allowing them to be run without requiring Python to be installed or meet version compatibility requirements. "As infostealers continue to become more prevalent in the macOS threat landscape, threat actors will continue the search for new ways to distribute them," Jamf said. "While the use of PyInstaller to package malware is not uncommon, this marks the first time we've observed it being used to deploy an infostealer on macOS." Kosovo National Extradited to the U.S. for Running BlackDB.cc — A 33-year-old Kosovo national named Liridon Masurica has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. He has been charged with five counts of fraudulent use of unauthorized access devices and one count of conspiracy to commit access device fraud. If convicted on all counts, Masurica faces a maximum penalty of 55 years in federal prison. He was taken into custody by authorities in Kosovo on December 12, 2024. Masurica is alleged to be the lead administrator of BlackDB.cc from 2018 to the present. "BlackDB.cc illegally offered for sale compromised account and server credentials, credit card information, and other personally identifiable information of individuals primarily located in the United States," the Justice Department said. "Once purchased, cybercriminals used the items purchased on BlackDB.cc to facilitate a wide range of illegal activity, including tax fraud, credit card fraud, and identity theft." Former BreachForums Admin to Pay $700k in Healthcare Breach — Conor Brian Fitzpatrick, aka Pompompurin, a former administrator of the BreachForums cybercrime forum, will forfeit roughly $700,000 in a civil lawsuit settlement related to Nonstop Health, a health insurance company whose customer data was posted for sale on the forum in 2023. Fitzpatrick was sentenced to time served last year, but he went on to violate the terms of his release. He is set to be resentenced next month. Tor Announces Oniux for Kernel-Level Tor Isolation — The Tor project has announced a new command-line utility called oniux that provides Tor network isolation for third-party applications using Linux namespaces. This effectively creates a fully isolated network environment for each application, preventing data leaks even if the app is malicious or misconfigured. "Built on Arti, and onionmasq, oniux drop-ships any Linux program into its own network namespace to route it through Tor and strips away the potential for data leaks," the Tor project said. "If your work, activism, or research demands rock-solid traffic isolation, oniux delivers it." DoJ Charges 12 More in RICO Conspiracy — The U.S. Department of Justice announced charges against 12 more people for their alleged involvement in a cyber-enabled racketeering conspiracy throughout the United States and abroad that netted them more than $263 million. Several of these individuals are said to have been arrested in the U.S., with two others living in Dubai. They face charges related to RICO conspiracy, conspiracy to commit wire fraud, money laundering, and obstruction of justice. The defendants are also accused of stealing over $230 million in cryptocurrency from a victim in Washington D.C. "The enterprise began no later than October 2023 and continued through March 2025," the Justice Department said. "It grew from friendships developed on online gaming platforms. Members of the enterprise held different responsibilities. The various roles included database hackers, organizers, target identifiers, callers, money launderers, and residential burglars targeting hardware virtual currency wallets." The attacks involved database hackers breaking into websites and servers to obtain cryptocurrency-related databases or acquiring databases on the dark web. The miscreants then determined the most valuable targets and cold-called them, using social engineering to convince them their accounts were the subject of cyber attacks and that they were helping them take steps to secure their accounts. The end goal of these attacks was to siphon the cryptocurrency assets, which were then laundered and converted into fiat U.S. currency in the form of bulk cash or wire transfers. The money was then used to fund a lavish lifestyle for the defendants. "Following his arrest in September 2024 and continuing while in pretrial detention, Lam is alleged to have continued working with members of the enterprise to pass and receive directions, collect stolen cryptocurrency, and have enterprise members buy luxury Hermes Birkin bags and hand-deliver them to his girlfriend in Miami, Florida," the agency said. ENISA Launches EUVD Vulnerability Database — The European Union launched a new vulnerability database called the European Vulnerability Database (EUVD) to provide aggregated information regarding security issues affecting various products and services. "The database provides aggregated, reliable, and actionable information such as mitigation measures and exploitation status on cybersecurity vulnerabilities affecting Information and Communication Technology (ICT) products and services," the European Union Agency for Cybersecurity (ENISA) said. The development comes in the wake of uncertainty over MITRE's CVE program in the U.S., after which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) stepped in at the last minute to extend their contract with MITRE for another 11 months to keep the initiative running. 3 Information Stealers Detected in the Wild — Cybersecurity researchers have exposed the workings of three different information stealer malware families, codenamed DarkCloud Stealer, Chihuahua Stealer, and Pentagon Stealer, that are capable of extracting sensitive data from compromised hosts. While DarkCloud has been advertised in hacking forums as early as January 2023, attacks distributing the malware have primarily focused on government organizations since late January 2025. DarkCloud is distributed as AutoIt payloads via phishing emails using PDF purchase order lures that display a message claiming their Adobe Flash Player is out of date. Chihuahua Stealer, on the other hand, is a .NET-based malware that employs an obfuscated PowerShell script shared through a malicious Google Drive document. First discovered in March 2025, Pentagon Stealer makes use of Golang to realize its goals. However, a Python variant of the same stealer was detected at least a year prior when it was propagated via fake Python packages uploaded to the PyPI repository. Kaspersky Outlines Malware Trends for Industrial Systems in Q1 2025 — Kaspersky revealed that the percentage of ICS computers on which malicious objects were blocked in Q1 2025 remained unchanged from Q4 2024 at 21.9%. "Regionally, the percentage of ICS computers on which malicious objects were blocked ranged from 10.7% in Northern Europe to 29.6% in Africa," the Russian security company said. "The biometrics sector led the ranking of the industries and OT infrastructures surveyed in this report in terms of the percentage of ICS computers on which malicious objects were blocked." The primary categories of detected malicious objects included malicious scripts and phishing pages, denylisted internet resources, and backdoors, and keyloggers. Linux Flaws Surge by 967% in 2024 — The number of newly discovered Linux and macOS vulnerabilities increased dramatically in 2024, rising by 967% and 95% in 2024. The year was also marked by a 96% jump in exploited vulnerabilities from 101 in 2023 to 198 in 2024, and an unprecedented 37% rise in critical flaws across key enterprise applications. "The total number of software vulnerabilities grew by 61% YoY in 2024, with critical vulnerabilities rising by 37.1% – a significant expansion of the global attack surface and exposure of critical weaknesses across diverse software categories," Action1 said. "Exploits spiked 657% in browsers and 433% in Microsoft Office, with Chrome leading all products in known attacks." But in a bit of good news, there was a decrease in remote code execution vulnerabilities for Linux (-85% YoY) and macOS (-44% YoY). Europol Announces Takedown of Fake Trading Platform — Law enforcement authorities have disrupted an organized crime group that's assessed to be responsible for defrauding more than 100 victims of over €3 million ($3.4 million) through a fake online investment platform. The effort, a joint exercise conducted by Germany, Albania, Cyprus, and Israel, has also led to the arrest of a suspect in Cyprus. "The criminal network lured victims with the promise of high returns on investments through a fraudulent online trading platform," Europol said. "After the victims made initial smaller deposits, they were pressured to invest larger amounts of money, manipulated by fake charts showing fabricated profits. Criminals posing as brokers used psychological tactics to convince the victims to transfer substantial funds, which were never invested but directly pocketed by the group." Two other suspects were previously arrested from Latvia in September 2022 as part of the multi-year probe into the criminal network. New "defendnot" Tool Can Disable Windows Defender — A security researcher who goes by the online alias es3n1n has released a tool called "defendnot" that can disable Windows Defender by means of a little-known API. "There's a WSC (Windows Security Center) service in Windows which is used by antiviruses to let Windows know that there's some other antivirus in the hood and it should disable Windows Defender," the researcher explained. "This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation." Rogue Communication Devices Found in Some Chinese Solar Power Inverters — Reuters reported that U.S. energy officials are reassessing the risk posed by Chinese-made solar power inverters after unexplained communication equipment was found inside some of them. The rogue components are designed to provide additional, undocumented communication channels that could allow firewalls to be circumvented remotely, according to two people familiar with the matter. This could then be used to switch off inverters remotely or change their settings, enabling bad actors to destabilize power grids, damage energy infrastructure, and trigger widespread blackouts. Undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, the report added. Israel Arrest Suspect Behind 2022 Nomad Bridge Crypto Hack — Israeli authorities have arrested and approved the extradition of a Russian-Israeli dual national Alexander Gurevich over his alleged involvement in the Nomad Bridge hack in August 2022 that allowed hackers to steal $190 million. Gurevich is said to have conspired with others to execute an exploit for the bridge's Replica smart contract and launder the resulting proceeds through a sophisticated, multi-layered operation involving privacy coins, mixers, and offshore financial entities. "Gurevich played a central role in laundering a portion of the stolen funds. Blockchain analysis shows that wallets linked to Gurevich received stolen assets within hours of the bridge breach and began fragmenting the funds across multiple blockchains," TRM Labs said. "He then employed a classic mixer stack: moving assets through Tornado Cash on Ethereum, then converting ETH to privacy coins such as Monero (XMR) and Dash." Using V8 Browser Exploits to Bypass WDAC — Researchers have uncovered a sophisticated technique that leverages vulnerable versions of the V8 JavaScript engine to bypass Windows Defender Application Control (WDAC). "The attack scenario is a familiar one: bring along a vulnerable but trusted binary, and abuse the fact that it is trusted to gain a foothold on the system," IBM X-Force said. "In this case, we use a trusted Electron application with a vulnerable version of V8, replacing main.js with a V8 exploit that executes stage 2 as the payload, and voila, we have native shellcode execution. If the exploited application is whitelisted/signed by a trusted entity (such as Microsoft) and would normally be allowed to run under the employed WDAC policy, it can be used as a vessel for the malicious payload." The technique builds upon previous findings that make it possible to sidestep WDAC policies by backdooring trusted Electron applications. Last month, CerberSec detailed another method that employs WinDbg Preview to get around WDAC policies. 🎥 Cybersecurity WebinarsDevSecOps Is Broken — This Fix Connects Code to Cloud to SOC Modern applications don't live in one place—they span code, cloud, and runtime. Yet security is still siloed. This webinar shows why securing just the code isn't enough. You'll learn how unifying AppSec, cloud, and SOC teams can close critical gaps, reduce response times, and stop attacks before they spread. If you're still treating dev, infra, and operations as separate problems, it's time to rethink. 🔧 Cybersecurity Tools Qtap → It is a lightweight eBPF tool for Linux that shows what data is being sent and received—before or after encryption—without changing your apps or adding proxies. It runs with minimal overhead and captures full context like process, user, and container info. Useful for auditing, debugging, or analyzing app behavior when source code isn't available. Checkov → It is a fast, open-source tool that scans infrastructure-as-code and container packages for misconfigurations, exposed secrets, and known vulnerabilities. It supports Terraform, Kubernetes, Docker, and more—using built-in security policies and Sigma-style rules to catch issues early in the development process. TrailAlerts → It is a lightweight, serverless AWS-native tool that gives you full control over CloudTrail detections using Sigma rules—without needing a SIEM. It's ideal for teams who want to write, version, and manage their own alert logic as code, but find CloudWatch rules too limited or complex. Built entirely on AWS services like Lambda, S3, and DynamoDB, TrailAlerts lets you detect suspicious activity, correlate events, and send alerts through SNS or SES—without managing infrastructure or paying for unused capacity. 🔒 Tip of the Week Catch Hidden Threats in Files Users Trust Too Much → Hackers are using a quiet but dangerous trick: hiding malicious code inside files that look safe — like desktop shortcuts, installer files, or web links. These aren't classic malware files. Instead, they run trusted apps like PowerShell or curl in the background, using basic user actions (like opening a file) to silently infect systems. These attacks often go undetected because the files seem harmless, and no exploits are used — just misuse of normal features. To detect this, focus on behavior. For example, .desktop files in Linux that run hidden shell commands, .lnk files in Windows launching PowerShell or remote scripts, or macOS .app files silently calling terminal tools. These aren't rare anymore — attackers know defenders often ignore these paths. They're especially dangerous because they don't need admin rights and are easy to hide in shared folders or phishing links. You can spot these threats using free tools and simple rules. On Windows, use Sysmon and Sigma rules to alert on .lnk files starting PowerShell or suspicious child processes from explorer.exe. On Linux or macOS, use grep or find to scan .desktop and .plist files for odd execution patterns. To test your defenses, simulate these attack paths using MITRE CALDERA — it's free and lets you safely model real-world attacker behavior. Focusing on these overlooked execution paths can close a major gap attackers rely on every day. Conclusion The headlines may be over, but the work isn't. Whether it's rechecking assumptions, prioritizing patches, or updating your response playbooks, the right next step is rarely dramatic—but always decisive. Choose one, and move with intent. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.