Techin' Geek

Apple has rolled out a security update for older iPhones and iPads aimed at safeguarding against a leaked collection of advanced hacking tools capable of extracting data from a user’s device.

On Wednesday, the tech giant announced the release of iOS 18.7.7 and iPadOS 18.7.7 to enable a wider range of devices to “obtain crucial security defenses against web threats dubbed DarkSword.”

DarkSword is a hacking framework that can infiltrate Apple devices operating on iOS 18.4 to 18.7 simply by a user accessing a website that contains the malicious code, including trusted sites that have themselves suffered breaches. The exploits capture a user’s device data, encompassing their messages, web browsing histories, location information, and cryptocurrency, and transmit the data to a server managed by the attackers.

These tools have already been observed in specific attacks targeting individuals in China, Malaysia, Turkey, Saudi Arabia, and Ukraine. However, with the tools now available online, security experts caution that anyone can utilize these hacking tools to target users with older versions of Apple’s mobile operating system.

Apple states that users on its latest software, iOS 26, were safeguarded weeks prior. Furthermore, the company has issued a new update for iOS 18 users with iPhones and iPads that cannot operate on the iOS 26 software.

With Wednesday’s update, Apple has now delivered DarkSword countermeasures for the millions of users with unpatched devices that can update to iOS 26 but have opted not to. Some users have chosen to refrain from updating to evade the software’s new “liquid glass” interface that has received user criticism.

Wired reported earlier on Wednesday that Apple was preparing to announce the update.

Apple users who have enabled automatic software updates should obtain the new software. Apple mentioned that its optional security feature, Lockdown Mode, also protects against DarkSword attacks. The company informed TechCrunch last week that it is unaware of any successful government spyware attempts against an Apple device utilizing Lockdown Mode.

Data centers have expanded to such an extent that their energy requirements now match those of entire U.S. states. Consider the Hyperion AI data center by Meta. Once finished, this data center will consume as much power as South Dakota.

Recently, Meta revealed plans to finance seven natural gas power facilities — in addition to the three previously pledged — to sustain the $27 billion data center. Together, these 10 power plants in Louisiana are expected to produce approximately 7.5 gigawatts of electricity, a bit more than what the entire Mount Rushmore State can generate. 

Like several tech firms, Meta has promoted its climate and environmental credentials over time. The company regularly issues sustainability reports and often boasts about its renewable energy acquisitions. It effectively secured a nuclear power facility for two decades.

The Hyperion data center location in Louisiana will evaluate the firm’s commitments.

Natural gas has been praised as a “bridge fuel” — construct a few natural gas power plants now while renewables, batteries, and nuclear energy develop further. This is likely how Meta rationalizes the decision internally. 

However, the bridge fuel argument has been around for decades, and it’s becoming less convincing. Prices for renewables and batteries have drastically decreased, while costs for gas turbines have surged. Meta has emerged as a significant buyer of solar, batteries, and nuclear energy in recent years, making its choice to heavily invest in natural gas all the more puzzling.

TechCrunch reached out to Meta. The company did not respond to several requests for comments.

The enormous turbines in Louisiana are projected to release 12.4 million metric tons of CO₂ into the atmosphere annually, based on TechCrunch’s calculations, which utilize data from the Department of Energy. This amount is 50% higher than Meta’s total carbon footprint in 2024, the latest year for which such statistics are available. 

That estimate likely underrepresents the climate effects, as it does not account for leaks from the natural gas supply chain. 

Methane, the primary constituent of natural gas, has a global warming potential 84 times greater than that of carbon dioxide. Leakage rates of just 0.2% along the supply chain can render the climate impact of natural gas worse than that of coal. In the U.S., natural gas extraction and transportation lose methane at a rate closer to 3%. This is hardly considered clean energy.

The company’s most recent sustainability report makes no reference to methane leaks. It does not mention methane or natural gas at all. Yet, this fuel is set to become one of the largest factors contributing to Meta’s carbon footprint in the upcoming years.

The company may indeed adhere to its climate commitments and devise methods to negate those emissions through carbon removal credits. However, it will now require significantly more of those credits, alongside a transparent assessment of the actual methane leakage entering the atmosphere to support its new power facilities.

In an attempt to reclaim its former fame, the celebrity greeting application Cameo has introduced a new integration with TikTok, enabling U.S. creators to provide customized Cameo videos directly to their supporters through the short-video platform.

This fresh collaboration intends to assist creators in boosting their income while making it easier for fans to request Cameo videos. Creators now have the option to register and deliver personalized messages within TikTok, streamlining the process for their followers to enjoy this service right alongside the content they already consume. For those who are already present on Cameo, this integration allows them to connect with a more extensive audience.

This integration represents a strategic initiative for Cameo as it leverages the millions of creators on TikTok and their vast fan bases. TikTok creators form one of the rapidly expanding segments on the platform, with famous figures like Ash Trevino, Alex Dougherty, and Smooth Papi currently leading Cameo’s rankings.

Cameo’s CEO Steven Galanis emphasized in the announcement that “Cameo videos frequently go viral on TikTok” and remarked, “TikTok talent had its most successful year yet on Cameo in 2025.”

At its peak during the COVID-19 pandemic, Cameo was valued at $1 billion, offering fans the chance to connect with their beloved celebrities through personalized video messages. Nonetheless, the company faced a dramatic decline in 2024, seeing its valuation diminish by more than 90%. It has also struggled to fulfill its financial responsibilities, including a significant $600,000 penalty from the Federal Trade Commission. To regain visibility last year, Cameo introduced a birthday planning app called Candl.

The alliance also mirrors wider trends in the media environment, where businesses increasingly acknowledge the importance of influencers to enrich their services. Streaming platforms such as Tubi and Peacock have recently collaborated with well-known creators to develop original content.

TikTok currently features various tools that foster engagement between fans and creators, including the ability to send tips and virtual gifts, subscribe, and a newly launched “bulletin board” for creators to communicate public messages to their followers. 

The new Cameo integration also coincides with recent announcements regarding new advertising formats and a concealed emoji game accessible in direct messages.

WhatsApp has informed approximately 200 users who were deceived into downloading a rogue version of the chat application that included spyware. 

WhatsApp has accused the Italian spyware company SIO of developing a counterfeit version of its messaging application for iPhones, as per an announcement the company released to TechCrunch.  

“Our security team proactively identified about 200 users mainly in Italy whom we suspect may have installed this malicious unofficial client,” WhatsApp stated in its announcement. “We have logged them out, warned [them] of the privacy and security risks associated with downloading fake unofficial clients, and urged them to uninstall it and acquire the official WhatsApp app.”

WhatsApp representative Margarita Franklin informed TechCrunch that the company currently cannot disclose further details about the users it informed, such as whether they were journalists or civil society members. 

“Our focus has been on safeguarding the users who may have been misled into downloading this counterfeit iOS application,” Franklin stated. 

In its announcement, WhatsApp also mentioned plans to “issue a formal legal demand to cease any such malicious actions against this spyware entity.”

The news was first reported by the Italian newspaper La Repubblica and the news agency ANSA.

Last year, TechCrunch uncovered that SIO was responsible for a range of malicious Android applications containing its spyware, including counterfeit versions of WhatsApp, as well as bogus customer support tools for mobile networks. SIO’s spyware was recognized by the name Spyrtacus, a term found in the spyware’s coding.

Utilizing counterfeit applications against surveillance targets is a well-established strategy employed by authorities in Italy, who frequently receive cooperation from mobile network providers, sending phishing links to their clientele on behalf of law enforcement.

SIO develops government spyware through its subsidiary ASIGINT. 

Apple and SIO did not respond to a request for comments. 

WhatsApp’s recent announcement follows a year after the company warned approximately 90 users that they had been targeted with spyware developed by the U.S.-Israeli surveillance technology firm Paragon Solutions. WhatsApp sent those alerts to journalists and pro-immigration advocates, among others, igniting a significant scandal throughout Italy. 

In response, Paragon severed its connections with Italy’s intelligence agencies, which had been its customers.

The most cutting-edge silicon chips have propelled the evolution of artificial intelligence. Can AI now reciprocate?

Cognichip is creating a deep learning model designed to aid engineers in the creation of new computer chips. The challenge it aims to address is one that the industry has grappled with for decades: Chip design is incredibly intricate, prohibitively costly, and time-consuming. High-end chips require three to five years to transition from idea to mass production; the design stage itself can take up to two years before physical layout commences. Consider that Nvidia’s latest GPU line, Blackwell, comprises 104 billion transistors — that’s a significant number to organize.

According to Cognichip CEO and founder Faraj Aalaei, the market can shift during the time taken to develop a new chip, rendering substantial investments futile. Aalaei aims to introduce the types of AI tools that software engineers have utilized to expedite their tasks into the semiconductor design realm. 

“These systems have reached a level of intelligence where, by merely directing them and specifying the desired outcome, they can generate excellent code,” Aalaei shared with TechCrunch.

He asserts that the company’s technology has the potential to lower chip development costs by over 75% and drastically shorten timelines by more than half. 

The company emerged from stealth mode last year and announced Wednesday that it secured $60 million in new funding led by Seligman Ventures, with significant contributions from Intel CEO Lip-Bu Tan, who invested through his venture firm Walden Catalyst Ventures and will join Cognichip’s board. Umesh Padval, a managing partner at Seligman, will also become a board member. In total, Cognichip has raised $93 million since its inception in 2024.

However, Cognichip has not yet revealed a new chip that has been designed using its system and did not disclose any customer collaborations it claims to have engaged in since September. 

The company claims its advantage lies in employing its own model trained on chip design data, rather than utilizing a general-purpose LLM. This required the acquisition of domain-specific training data, which is a significant challenge. Distinct from software developers, who openly share large volumes of code, chip designers closely protect their intellectual property, making the type of open-source dataset that usually trains AI coding assistants largely inaccessible.

Cognichip has had to create its own datasets, including synthetic data, and obtain licenses for data from partners. The company has also devised processes that enable chip manufacturers to securely train Cognichip’s models on their proprietary data without revealing it.

In instances where proprietary data is unavailable, Cognichip has relied on open-source alternatives. In one demonstration last year, Cognichip invited electrical engineering students from San Jose State University to experiment with the model during a hackathon. The teams managed to utilize the model to create CPUs based on the RISC-V open-source chip architecture — a design that is freely accessible for anyone to build upon.

Cognichip is up against established competitors like Synopsys and Cadence Design Systems, as well as well-funded newcomers like ChipAgents, which completed a $74 million extended Series A in February, and Ricursive, which secured a $300 million Series A round in January.

Padval noted that the current influx of capital into AI infrastructure is the largest he has observed in his 40 years of investing.

“If it’s a super cycle for semiconductors and hardware, it’s a super cycle for companies like [Cognichip],” he stated.

SpaceX, the tech enterprise established by Elon Musk, has reportedly submitted confidential disclosures to the U.S. Securities and Exchange Commission in anticipation of an initial public offering. Bloomberg, citing unnamed sources, suggests that SpaceX may target a valuation of $1.75 trillion.

As outlined by SEC regulations, a private firm is permitted to submit its IPO registration statement confidentially 15 days prior to initiating share marketing to public investors, enabling it to gather feedback from the regulator privately. Furthermore, the company has assembled an unusually large roster of 21 banks to oversee the massive IPO, internally referred to as “Project Apex,” as reported by Reuters on Tuesday.

The firm aims to secure $75 billion, which would establish it as the largest IPO in history, eclipsing the record set by Saudi Aramco’s $29 billion listing in 2019. SpaceX has raised around $10 billion while operating as a private entity.

Established in 2002, SpaceX stands as the premier space company globally, operating a fleet of reusable rockets and spacecraft, alongside managing a 10,000-satellite communications network, Starlink. Musk introduced Silicon Valley’s ethos to the conventional realm of space contracting, transforming the industry and instigating a surge in private technology ventures and space startups.

In February, SpaceX acquired Musk’s xAI for a deal that valued the entity at $1.25 trillion. The conglomerate now encompasses xAI, Musk’s advanced generative AI lab, and X, the social media platform formerly recognized as Twitter.

Musk has stated for years that SpaceX would remain private until its spacecraft reached Mars, but a heightened demand for funding has altered that perspective, even as the company has readjusted its goals to target the moon. Recently, Musk indicated that the firm plans to deploy a network consisting of up to a million data center satellites in space, constructed and launched from Earth’s closest celestial body.

SpaceX requires substantial funds to develop Starship, the fully reusable heavy-lift rocket critical to its future business strategy and NASA’s quest to outpace China to the moon; to acquire spectrum and replenish its Starlink satellites as they age; and to finance the computing necessary for building and running xAI’s deep learning models.

The American toy manufacturing powerhouse Hasbro has acknowledged a cyber incident, stating that it could take “several weeks” to remedy the situation.

The holder of franchises such as Transformers, Peppa Pig, and Dungeons & Dragons revealed in a legally mandated update to the U.S. Securities and Exchange Commission on Wednesday that it identified a breach on March 28, leading the company to shut down some of its systems.

Hasbro mentioned that it has activated and is continually deploying business continuity strategies to enable it to “process orders, dispatch products, and perform other essential functions while addressing this issue.”

Parts of Hasbro’s website were reportedly inaccessible as of Wednesday, according to TechCrunch’s inspection. An error notice indicated that the site was “currently under maintenance.”

The firm stated it has engaged cybersecurity experts for assistance but emphasized that it is still “implementing strategies to safeguard its business operations,” implying that the intruders might still have access to the company’s systems. 

It remains unclear what exact type of cyberattack, such as ransomware, was identified.

In a conversation with TechCrunch, Hasbro representative Andrea Snyder echoed much of the information from the SEC document and clarified that the company had “taken rapid action to secure our systems and data,” but refrained from addressing inquiries about the specifics of the cyberattack or if there had been contact from the hackers, such as a ransom demand.

Cybercriminals increasingly focus on large corporations to pilfer data and extort financial gains, often disrupting operations which can lead to significant financial repercussions. A cyberattack on Jaguar Land Rover in 2025 halted vehicle production lines for months, resulting in the U.K. government intervening with a $1.5 billion bailout guarantee to avert the company and its supply chain from collapsing.

In its notice to investors, Hasbro cautioned about potential delays, noting the necessity of maintaining these temporary measures for “several weeks until the issue is entirely resolved.”

The company indicated that it was not immediately clear if any data had been compromised, and that its inquiry is ongoing to assess the complete extent of the breach. 

Hasbro is one of the most established toy and entertainment product manufacturers in America, employing over 5,000 individuals. The firm also possesses the intellectual property rights for prominent toy, game, and consumer brands, including Monopoly, My Little Pony, and Magic: The Gathering.

Updated to incorporate comments from Hasbro’s spokesperson.

Are you employed at Hasbro and have insights regarding its data breach? Reach out to this reporter through an encrypted message at zackwhittaker.1337 on Signal.

Patience brings great rewards. The first StrictlyVC of the year is coming to San Francisco in just under a month, on April 30, at the Sentro Filipino Cultural Center. You definitely won’t want to miss another roster of exceptional speakers enhancing the evening’s networking and socializing. AI entrepreneurs and innovators seeking funding will find the event’s discussions especially beneficial.

Who will be on stage

Tickets are available now, but for those unfamiliar with a previous StrictlyVC event who have already clicked that link, let’s explore what makes this particular event so compelling …

TDK Ventures president Nicolas Sauvage will open the evening after you’ve enjoyed your necessary drinks and networking opportunities, as he discusses the role of corporate VCs in a dialogue with TechCrunch editor-in-chief Connie Loizos. Sauvage, who leads TDK Ventures’ $500 million initiative to invest in early-stage companies, will detail how corporate VCs differ in their operations and what entrepreneurs should understand about what attracts his attention in potential investments.

Entrepreneurs unsure about attending should take note: under Sauvage’s guidance, TDK has supported 45 startups and three unicorns — Groq, Ascend Elements, and Silicon Box — since he took the helm. TDK will also host and sponsor this StrictlyVC event, providing attendees with many chances to learn from and potentially meet their team.

Next, we’ll engage in a conversation with Campbell Brown, the former CNN host and head of news at Meta, who has transitioned into the startup world to enhance the credibility of AI platforms as they become increasingly relied upon for advice and information. She is currently the co-founder and CEO of Forum AI, deeply involved in discussions on how to vet, validate, and ensure the reliability of information provided by LLMs.

Participants involved in the AI transformation will be eager to know that Amjad Masad, co-founder and CEO of Replit, will also be on stage to discuss his firsthand experiences leading a transformation in software development. The emergence of vibe coding has altered many workflows, particularly in the Bay Area, drawing in strong competitors like Anthropic and OpenAI. Anyone interested in the future of programming shouldn’t miss Masad’s talk.

As if that isn’t thrilling enough, we still have one last speaker to unveil, which means you’ll gain even more valuable insights and expertise before wrapping up with the extensive networking and relationship-building that truly represents the essence of StrictlyVC. Some of the brightest minds and most well-connected figures in the startup community join us for these events, and you can be part of it by signing up, so secure your ticket today!

Lucid Motors appears to have significantly addressed its early quality issues with the Gravity SUV’s hardware and software, but the company is still facing challenges: It has just announced a recall affecting over 4,000 Gravity SUVs due to a seat belt issue.

The automaker informed the National Highway Traffic Safety Administration that during unrelated safety evaluations in January, it found that some anchors for the second-row seat belts in the SUV were not correctly welded. This situation heightens the risk that the seat belts might fail to secure passengers in the event of an accident.

Lucid Motors indicated that the issue stemmed from its seat supplier altering its manufacturing approach “without notice to or approval by Lucid.” The supplier has reverted to Lucid Motors’ original design specifications, and only Gravity SUVs manufactured before February 14, 2026 are impacted.

The automaker plans to inspect all Gravity SUVs involved in the recall and either install a bracket or replace the entire seat, based on the quality of the welding.