This past weekend, hackers pilfered over $290 million in cryptocurrency from Kelp DAO, a platform that enables users to earn yields on dormant crypto investments. 

By Monday, LayerZero, one of the impacted projects, accused North Korea of orchestrating the theft. This incident marks the largest cryptocurrency heist of the year to date, following an earlier breach at the crypto exchange Drift in April that yielded approximately $285 million for the thieves.

In a post on X, LayerZero indicated that the hackers took advantage of Kelp DAO through its LayerZero bridge, which facilitates communication between different blockchains. The attackers exploited Kelp’s security setup, which did not mandate multiple verifications prior to transaction approvals. This deficiency enabled them to extract funds through deceptive transactions.

The firm mentioned “preliminary indicators” suggesting that North Korea is behind the attack, particularly referencing its crypto-targeting hacking group known as TraderTraitor. 

Kelp DAO, in turn, countered LayerZero’s accusations by shifting blame for the theft onto them instead. 

In recent years, hackers linked to Kim Jong Un’s regime have become exceedingly adept at stealing cryptocurrency. Last year alone, North Korean hackers were responsible for the theft of over $2 billion in crypto. Cumulatively, since 2017, the total cryptocurrency pilfered by North Korea is estimated to be around $6 billion.

On Monday, Mastodon’s primary server experienced a distributed denial-of-service attack, according to the social networking software developer, which rendered the instance intermittently unusable.

A significant portion of the website was unreachable, displaying error messages or showing a full-screen outage notification.

The creators of the decentralized social networking platform, which operates the official mastodon.social instance, noted in a status update around 7 a.m. ET on Monday that they were looking into the cyberattack.

By 9:05 a.m. ET, Mastodon announced that it had put in place a “countermeasure against the DDoS attack, and the site is now accessible.” However, the company cautioned that some instability might still be present as the attack remains active.

The cyberattack targeting Mastodon occurred just days after Bluesky, another decentralized social media platform, rectified much of its prolonged service disruptions following a lengthy DDoS assault. According to Bluesky’s update on April 17, the DDoS attack persists, but its service has remained stable since April 16 at 9 PM PDT. Today’s update confirmed this continued stability.

When reached by TechCrunch, representatives for Mastodon did not immediately explain the reason behind the cyberattack.

Distributed denial-of-service (DDoS) attacks operate by directing vast quantities of unwanted web traffic toward the servers of an application or website, aiming to take them offline. While these cyberattacks do not involve data theft, they can significantly disrupt users’ access.

DDoS attacks have escalated considerably in power over recent years. Last year, the network security firm Cloudflare reported it had mitigated what it claims to be the largest DDoS attack to date, peaking at 29.7 terabits per second, equivalent to filling thousands of hard drives with data every minute.

When directed at decentralized social networking platforms, such attacks can lead to instability and outages, though not every user is affected. In Bluesky’s situation, for example, those who had migrated their accounts to other providers, like Blacksky, which operate on the same protocol and can interoperate with Bluesky, were unaffected.

Likewise, the assault on Mastodon has primarily focused on the larger server (mastodon.social) and has not impacted the numerous smaller instances that collectively comprise the whole Mastodon social network.

The Federal Aviation Administration has directed Blue Origin to launch an investigation into the apparent malfunction of the upper stage of its New Glenn rocket that occurred on Sunday, as reported by the Orlando Sentinel. Consequently, the company will not be permitted to fly New Glenn again until it finalizes the examination.

This could hinder Blue Origin’s plans to carry out as many as 12 additional New Glenn missions this year, contingent on the duration of the inquiry. The company has yet to release a statement regarding the upper stage malfunction and has not replied to emailed inquiries for comment.

The issue surfaced during the third launch of Blue Origin’s New Glenn mega-rocket over the weekend. The launch commenced well, with the company reusing a New Glenn booster for the first time ever and successfully landing that booster once more on a drone ship in the ocean.

Advancements in developing and proving rocket reusability represent a significant progress for Blue Origin and may enable it to compete with Elon Musk’s SpaceX, the only other spaceflight entity capable of achieving this task, and the leading player in the launch market.

However, the primary objective was to send a communications satellite into orbit for a paying client: AST SpaceMobile. Although the New Glenn rocket’s second stage successfully detached from the booster, something seemingly went awry shortly afterward. AST SpaceMobile stated on Sunday that the rocket positioned the satellite in a “lower than planned” orbit — so much so that the company deems the satellite a lost cause and will allow it to disintegrate in the Earth’s atmosphere.

AST SpaceMobile mentioned it possesses insurance that will cover the loss of the satellite. The company also indicated that it has several new satellites almost finished that it anticipates will be ready for launch imminently. Additionally, the company has agreements with other launch providers. AST SpaceMobile’s stock price dropped by over 10% on Monday morning before experiencing a slight rebound.

Regarding Blue Origin, the upper stage incident poses risks not only to potential commercial missions. The company is also developing a lunar lander and has considerable aspirations to contribute to the Trump administration and NASA’s focus on returning humans to the lunar surface.

Blue Origin is currently in the process of obtaining certification for New Glenn from the U.S. Space Force to conduct national security missions on behalf of the government. The Space Force did not provide an immediate response to a request for comment.

Reports indicate that the National Security Agency is utilizing Mythos Preview, a model from Anthropic recently disclosed but not made publicly accessible, as per Axios. This development follows weeks after the NSA’s parent organization, the Department of Defense, identified Anthropic as a “supply chain risk” due to the company’s refusal to grant Pentagon officials full access to its model’s capabilities.

Earlier this month, Anthropic introduced Mythos as a cutting-edge model tailored for cybersecurity functions, claiming it was too powerful for public deployment due to its potential for conducting offensive cyberattacks. Consequently, the AI company restricted access to Mythos to around 40 entities, of which only a limited number have been publicly disclosed.

It appears the NSA is among those not publicly revealed, reportedly using Mythos mainly to identify exploitable vulnerabilities in environments. Additionally, the UK’s AI Security Institute has verified its access to Mythos.

The increasing utilization of Anthropic’s technologies by the U.S. military coincides with the argument made in court that these tools pose risks to national security. The disagreement with the Pentagon arose when Anthropic declined to enable Claude for widespread domestic surveillance and the development of autonomous weapons.

The NSA’s access to Mythos comes as Anthropic’s rapport with the Trump administration seems to be improving. Recently, Anthropic’s CEO Dario Amodei had a meeting with White House chief of staff Susie Wiles and Treasury Secretary Scott Bessent.

Reports indicate that the White House deemed the meeting successful.

TechCrunch has sought comments from the NSA. Anthropic has chosen not to respond.

WhatsApp is evaluating a new subscription option, akin to Instagram Plus and Snapchat+, allowing users to purchase personalized icons, themes, ringtones, and additional perks. The premium plan focuses mainly on aesthetics; users won’t gain numerous extra functional capabilities.

WhatsApp Plus has been detected by numerous users, including social media advisor Matt Navarra. The company verified the trial to TechCrunch in an official statement.

“WhatsApp is testing a new, optional subscription named WhatsApp Plus, aimed at users seeking more methods to organize and customize their experience,” a Meta representative mentioned. “Premium features consist of expanded pinned chats, custom lists, new chat themes, and more. We’re initiating a small trial to collect feedback and ensure we are creating something that people genuinely value.”

Although the company did not disclose the pricing, WABetaInfo indicated that the plan could be available at €2.49 per month in Europe and 229 PKR ($0.82) in Pakistan. The blog noted that the firm is also providing users with a one-month free trial.

Besides features like custom themes and ringtones, the company will enable users to pin up to 20 chats instead of the existing free-tier limit of three. Subscribers will also be able to apply specific themes, ringtones, and notification sounds to chat lists. It’s worth mentioning that there is no reference to the removal of ads from the Status feature, which started showing ads last year.

Over ten years ago, WhatsApp imposed a $1 subscription fee in certain regions, but after being acquired by Facebook, the company eliminated the fee in 2016. Since then, it has centered its business model on enabling companies to connect with users on WhatsApp and facilitating click-to-WhatsApp advertisements.

This has evolved into a substantial venture for Meta. The company indicated during its Q4 2025 earnings report that its family of apps’ revenue surged 54% year-over-year to $801 million, a rise prominently fueled by paid messaging on WhatsApp. The company also stated that WhatsApp revenue exceeded a $2 billion annualized run-rate in Q4.

Since WhatsApp Plus is an initial test in select markets, only a fraction of WhatsApp’s user base exceeding 3 billion will have the opportunity to purchase the paid plan. This suggests it may not significantly impact the company’s financials in the short term.

Fermi’s co-founder and CEO Toby Neugebauer, along with CFO Miles Everson, have unexpectedly left the AI nuclear energy company, causing a 22% drop in share prices on Monday.

The firm announced that Neugebauer has resigned from his position as chairman but will continue to serve on the board. Marius Haas, the Lead Independent Board Director, has taken over as chairman, as stated by the company on Monday. Everson has been appointed as a board member due to the exercise of director designation rights by the Melissa A. Neugebauer 2020 Trust.

Founded by former U.S. Energy Secretary Rick Perry, Fermi is working on an AI campus in Amarillo, Texas, intended to utilize nuclear reactors for powering data centers. This initiative, referred to as Project Matador, has faced challenges in recent months, including issues with a primary customer, according to Bloomberg.

The company framed these leadership changes, along with other developments such as a corporate headquarters in Dallas, as part of Fermi 2.0 to reassure investors about ongoing advancements in its project.

On Monday, Deezer revealed that tracks produced by AI now account for 44% of all newly uploaded music on its platform. The company stated it receives nearly 75,000 AI-generated tracks daily and over two million each month.

However, the consumption of AI-created music on the platform remains quite low, ranging from 1-3% of total streams, with 85% of these streams identified as fraudulent and subsequently demonetized by the company.

Deezer’s latest statistics underscore a steady increase in the uploads of AI-generated music to their platform. In January, Deezer reported an intake of about 60,000 AI tracks each day, an increase from 50,000 in November, 30,000 in September, and just 10,000 in January 2025, when their AI-music detection tool was first introduced.

Songs labeled as AI-generated on Deezer are automatically excluded from algorithmic suggestions and not featured in editorial playlists. The company announced today that it will cease storing high-resolution versions of AI tracks.

This updated statistic emerges as an AI-generated track recently claimed the top spot on the iTunes charts in the United States, United Kingdom, France, Canada, and New Zealand.

“AI-generated music has moved beyond being a marginal aspect, and with daily submissions on the rise, we expect the entire music ecosystem to collaborate with us in safeguarding artists’ rights and fostering transparency for fans,” said Deezer CEO Alexis Lanternier in a press release. “With our technology and the proactive strategies implemented over a year ago, we have demonstrated that it’s feasible to minimize AI-related fraud and payment dilution in streaming.”

This announcement follows a survey Deezer conducted last November, which revealed that 97% of respondents were unable to differentiate between completely AI-generated music and music created by humans.

The survey also indicated that 52% of participants believed that fully AI-generated songs should not be alongside human-made songs in the main charts. Meanwhile, 80% stated that 100% AI-generated music ought to be clearly labeled for listeners.

Deezer began tagging AI tracks at the platform level in June 2025, being the first streaming service to implement this. Throughout 2025, Deezer tagged over 13.4 million AI tracks on its platform.

In February, the French streaming service Qobuz announced intentions to label AI-generated content on its platform. Other leading streaming services, like Spotify and Apple Music, adopt varying strategies for AI-generated music, often combining filters to detect low-quality AI music with transparency efforts left to the distributors.

This past weekend, the cloud application hosting leader Vercel announced that hackers infiltrated its internal systems and gained access to customer information. The attackers have alleged that they have pilfered sensitive customer credentials from Vercel’s systems and are marketing the data online.

In a statement released on Sunday, Vercel indicated that the breach stemmed from another software company, Context AI. An employee at Vercel downloaded an application developed by Context AI and linked it to their corporate account hosted on Google. The hackers exploited that connection (referred to as OAuth) to assume control of the Vercel staff member’s Google account and accessed some internal systems of Vercel, including unencrypted credentials.

Vercel asserts that its Next.js and Turbopack initiatives were not compromised by the breach. These open-source projects are extensively utilized by web and application developers.

Vercel has informed customers whose application data and keys were impacted.

In a message on X, Vercel CEO Guillermo Rauch urged clients to refresh any keys and credentials in their application deployments that are categorized as “non-sensitive.”

It remains uncertain who is responsible for the breach at Vercel or Context AI, or whether they are the same hacker. The perpetrator selling the data claimed to represent the ShinyHunters hacking group in their post on a cybercriminal marketplace. The listing, reviewed by TechCrunch, asserted that the hackers were offering access to customer API keys, source code, and database information acquired from Vercel.

The ShinyHunters hacker collective, recognized for infiltrating cloud-based and database firms, informed the cybersecurity news platform Bleeping Computer that they were not implicated in this event.

A representative for Vercel refrained from specifying the number of affected customers but mentioned that the company has not received any communication from the threat actor, such as ransom demands.

As more information about the hack surfaces, this security incident marks yet another in a series of “supply chain” breaches in recent months that have targeted software developers whose code is widely utilized online. By exploiting software that is extensively adopted by firms and bolsters web infrastructure, hackers can seize credentials from a wide range of victims simultaneously and attain further access to significant volumes of data stored by other cloud giants.

Vercel has disclosed little additional information regarding the attack, except that it is probing the incident and has sought clarification from Context AI. Vercel noted that the breach might impact “hundreds of users across various organizations,” not limited to its own systems, cautioning about potential downstream breaches throughout the tech sector.

Context AI, which develops evaluations and analytics for AI models, acknowledged on its website that it experienced a breach in March involving its Context AI Office Suite consumer application. This app allows users to automate tasks and workflows across numerous third-party applications through an unnamed external service.

Context AI stated that it informed one customer of the breach, but based on Vercel’s incident, it now believes that the issue might be wider than initially perceived. Context AI indicated that the hackers “likely compromised OAuth tokens for some of our consumer users.”

Context AI did not reply to a request for comment or inquiries concerning the breach. It remains unclear why Context AI did not disclose the breach at the time or if the company received any demands from the hacker, such as ransom requests.

Corrected to eliminate a reference to an unrelated Context AI whose employees were taken over by OpenAI. Updated with a statement from Vercel.

Rivian has confirmed to TechCrunch that its factory located in Normal, Illinois experienced direct damage from a tornado over the weekend. Fortunately, no injuries have been reported, and staff members are currently evaluating the damage’s extent.

The tornado reached an EF-1 intensity classification, impacting a section of the factory known by Rivian as “Building 2,” where the R2 SUV is manufactured. According to an email from CEO RJ Scaringe to staff, which TechCrunch has seen, operations in that building have been paused, with plans to resume later this week.

“I appreciate our team members on site who sought safe shelter and adhered to our emergency protocols when the tornado alarms were triggered,” he mentioned. “I am proud of how everyone united, not only in following safety protocols but also in supporting each other and leading the cleanup and repair efforts with care and commitment.”

Images posted online depict a significant portion of the roof collapsing within the facility. Rivian has not confirmed if this temporary operational halt will impact the R2’s rollout schedule, which is expected to occur in the upcoming weeks.

The tornado struck a newer segment of the factory, mainly utilized for R2 logistics, including the receipt of components, as per Rivian.

“Once we secure the affected area, we expect to resume operations in Building 2 (specifically for R2) this week,” spokesperson Marina Hoffmann stated in an email, noting that activities at other facilities are proceeding as scheduled.

Rivian is heavily invested in the launch. Over the past five years, the company has devoted time, resources, and capital to lower manufacturing costs for vehicles in its current R1 lineup. Nonetheless, Rivian continues to incur losses each quarter — largely because, according to Scaringe, the company is channeling resources into infrastructure that will yield returns once the R2 SUV scales up.

The R2 SUV is designed to help Rivian reverse its financial losses. The automaker anticipates selling hundreds of thousands annually, aiming for a robust initial launch for the SUV. The company projects year-end sales between 20,000 and 25,000 units, positioning it as one of the fastest EV launches in the U.S., closely trailing Tesla’s highly successful Model Y.

Production for the R2 is commencing at the Normal plant alongside the existing R1 vehicles (and Rivian’s electric delivery van), while preparations are underway for the construction of a new factory just outside Atlanta, Georgia. This facility will focus on producing the R2 and the upcoming R3 hatchback, which was unexpectedly unveiled in March 2024.

Rivian initiated groundwork for the Georgia factory late last year and is anticipated to begin vertical construction within this year. Production is projected to start in 2028.