Waymo is currently offering 500,000 paid robotaxi rides weekly across 10 U.S. cities, as stated by the company in a post on X this week. This impressive figure highlights the accelerated commercial growth of the Alphabet-owned firm. However, it is Waymo’s expansion in ridership and markets that presents a more intriguing narrative. 

In under two years, the company’s average weekly paid robotaxi rides have surged tenfold, increasing from 50,000 in May 2024 to 500,000 today. During the same two-year period, Waymo has broadened its presence from its original markets of Phoenix, San Francisco, and Los Angeles to include Austin, Atlanta, Miami, Dallas, Houston, San Antonio, and Orlando. All seven of these Sun Belt cities were added in just the past year.

Waymo’s robotaxi fleet has also expanded, although the company has been reticent about the specifics and infrequently provides updates. Information shared in December 2025 with the National Highway Traffic Safety Administration (NHTSA) indicated the company operated 3,067 robotaxis equipped with its fifth-generation self-driving system. The company continues to use that “over 3,000” fleet count today. This may soon change with the rollout of its sixth-generation self-driving system, set to launch on the Zeekr minivan, dubbed Ojai, and the Hyundai Ioniq 5. 

The consistent fleet figure of around 3,000, coupled with the rising number of weekly paid rides, implies that Waymo is maximizing efficiencies with each robotaxi. This utilization metric is especially crucial, as empty Waymo vehicles wandering around San Francisco or other locations do not generate revenue and can exacerbate congestion. 

However, this growth comes with hurdles. Waymo has faced increased scrutiny recently from both the public and regulatory bodies. For example, the NHTSA and the National Transportation Safety Board are investigating the misconduct of Waymo robotaxis around school buses. Simultaneously, San Francisco city officials have expressed concerns regarding how the company manages robotaxis that become stuck, including instances where Waymo has employed police and firefighters to assist in clearing its vehicles.

Waymo’s ridership numbers still represent a small fraction of Uber’s human-driven ride-hailing operations. According to securities filings, Uber completed approximately 13.5 billion trips in 2025, encompassing both ride-hailing and delivery services. The closest comparable ride-hail statistic was disclosed during Uber’s August 2024 earnings call, where the company reported completing over 1 million mobility trips per hour.

In essence, Waymo has not yet begun to significantly challenge Uber.

Nonetheless, with each passing month, the company’s lead in robotaxi rides continues to widen. 

Several firms are competing for a piece of the robotaxi market, though many have not yet introduced a fully autonomous ride-hailing service that charges fees. While there are some Chinese robotaxi companies like Pony.ai and WeRide that do charge for rides, none operate within the United States.

Tesla initiated a paid robotaxi service in Austin in January, and although CEO Elon Musk has claimed the company is close to a fully autonomous ride-hailing service in California, it currently lacks the necessary permits. Other companies, including Avride, Hyundai-owned Motional, and Zoox, are all striving to launch paid robotaxi services in various regions by the year’s end.

All of them have considerable ground to cover.

The leading executive arm of the European Union has acknowledged a cyber intrusion after reports indicated that hackers have pilfered extensive data from its cloud storage.

European Commission representative Nika Blazevic informed TechCrunch on Friday that the Commission “identified a cyber-attack, which impacted a portion of our cloud infrastructure.”

“We have swiftly acted and contained the attack. Risk reduction measures have also been put into place. The investigation is ongoing, but we can already confirm that the internal systems of the Commission were not compromised during the cyber-attack,” the spokesperson stated.

In a more detailed announcement on its website, the Commission noted that the breach “impacted its cloud infrastructure that supports the Commission’s web presence on the Europa.eu platform,” which contains a significant amount of the Commission’s website data. 

Bleeping Computer was the first to report the breach on Friday, referencing sources familiar with the situation. The publication indicated that hackers had appropriated hundreds of gigabytes of data, including several databases, from the European Commission’s account on the cloud service provider Amazon Web Services. The hacker shared evidence of their access with the publication, including screenshots.

It remains unclear what specific types of data were compromised.

Aetherflux, the space solar energy company founded by Robinhood’s co-founder Baiju Bhatt, is negotiating to secure $250 million to $350 million for a Series B round that would assign a $2 billion valuation to the firm.

This fundraising effort was initially reported by The Wall Street Journal, indicating that Index Ventures is spearheading the initiative. Aetherflux has raised approximately $80 million since its inception in 2024. The company chose not to provide comments.

Recently, Aetherflux has redirected its focus, steering its power generation technology toward space data centers, moving away from its original goal of transmitting electricity to Earth via lasers. Various space firms like SpaceX, Blue Origin, Starcloud, among others, are also innovating new frameworks for distributed computing in outer space.

“Let it be noted that we never lifted our pivot foot — it wasn’t a travel,” Bhatt humorously remarked in a TechCrunch interview last week. “About a year ago, it became clear that to power AI using the tech we envisioned, it would be significantly better to place the chips in space instead of beaming power from space to a land-based data center.”

While the company intends to persist with its laser power transmission experiments on a satellite bus created by Apex Space, its debut data center satellite is anticipated to launch in 2027. “Our objective is to develop a solution that competes with terrestrial economics,” Bhatt stated.

It won’t be straightforward.

The winter testing phase has been finalized for the VW ID.EVERY1, marking the inaugural vehicle from a collaboration between Rivian and Volkswagen Group that incorporates the EV manufacturer’s software and electrical framework. This achievement not only signifies a step closer to delivering this vehicle to consumers; it also triggers an additional $1 billion investment from Volkswagen Group into Rivian.

Approximately $750 million will be in the form of an equity investment. The remaining $250 million may either be equity or convertible debt, contingent on the prototypes that Volkswagen Group supplied to Rivian for evaluation. (The specifics were not immediately clarified by the companies.)

The German automotive powerhouse has previously injected over $3 billion into Rivian as part of this joint endeavor. Furthermore, additional funds are on the horizon. Starting in October, Rivian will have the opportunity to borrow up to $1 billion from Volkswagen Group. After the initial vehicle utilizing the joint venture’s technology is made available for purchase, Rivian will receive an extra $460 million in equity investment from Volkswagen. Overall, this agreement could potentially amount to as much as $5.8 billion for Rivian.

The payment for reaching the winter testing milestone has been processed just a few months ahead of Rivian commencing sales of the R2 SUV, which founder and CEO RJ Scaringe has described as “perhaps the most significant product we’ve launched thus far.” Rivian is relying on a rapid increase in R2 production and sales.

A hacking collective associated with the Iranian government named “Handala” announced on Friday that it has infiltrated the personal email account of FBI Director Kash Patel. 

In a message on its website, Handala shared multiple images of a noticeably younger Patel, along with a link to a trove of files that seemingly originate from Patel’s personal Gmail account. 

“The FBI is aware of malicious entities targeting Director Patel’s personal email details, and we have implemented all necessary measures to address potential threats linked to this incident,” stated an FBI spokesperson to TechCrunch. “The information in question is historical and does not pertain to government data.”

The FBI also announced a reward of up to $10 million for any information regarding the Handala hackers.

TechCrunch confirmed that at least some of the emails released by Handala were indeed from Patel’s purported Gmail account by validating data contained within the message headers. These headers hold information from the sender that assists email delivery systems in verifying the authenticity of an email.

We utilized a tool to authenticate several emails in the leaked file stash that were sent by Patel from his Gmail account. These emails had cryptographic signatures that aligned with the messages, strongly indicating that the examined emails are legitimate. In some instances, Patel appears to have forwarded emails from his previous Justice Department address in 2014 to his Gmail account. TechCrunch determined that the emails dispatched from Patel’s DOJ account appeared authentic as well.

The files within the leaked cache seem to date back to around 2019.

The Justice Department did not promptly respond to a request for comment.

Reuters, which first disclosed the email leaks, reported that a Justice Department representative confirmed the breach. 

TechCrunch attempted to contact Patel’s Gmail address disclosed by the hackers, as well as via a text message to a mobile number listed in a resume reportedly belonging to Patel. We did not receive an immediate response.

Since the onset of the U.S.-Israeli conflict with Iran in February, the Iran-linked Handala has escalated its hacking activities, notably taking credit for a damaging attack against medical technology company Stryker that erased thousands of employee devices. The hackers have also leaked the private information of several individuals believed to be part of the Israeli Defense Forces and local defense contractors.

Following the Stryker incident, the FBI seized several Handala websites, which swiftly became active again on new domains. U.S. prosecutors have formally accused the Iranian Ministry of Intelligence and Security (MOIS) of running the Handala group. 

The hackers did not reply to TechCrunch’s request for commentary sent to a chat account that they promote on their website, as well as to an email address owned by the group that was publicized by the Justice Department.

Updated to include a statement from the FBI and corrected the fourth paragraph to clarify that the emails were sent from Patel’s DOJ account, not his FBI account. ZW.

Nearly four years following the introduction of a security feature known as Lockdown Mode, Apple claims it has not encountered a situation where an individual’s device was compromised with these enhanced security measures activated. 

“To our knowledge, there have been no successful mercenary spyware incursions on devices enabled with Lockdown Mode,” stated Apple spokesperson Sarah O’Rourke to TechCrunch on Friday.

This is the latest confirmation from the tech behemoth that Apple devices operating under Lockdown Mode can endure government spyware intrusions, having first made this assertion a year after the launch of the security feature.

In 2022, Apple introduced Lockdown Mode, an opt-in set of security measures that disables certain features on iPhones and other Apple products that are frequently exploited for hacking targets using spyware. Apple specifically developed this security mode to aid vulnerable customers in shielding themselves against the dangers presented by government spyware produced by firms like Intellexa, NSO Group, and Paragon Solutions.

In recent times, Apple has acknowledged that its clientele can fall prey to spyware and has adopted a more assertive approach to inform customers who have been targeted.

Apple has dispatched multiple notifications to users across more than 150 nations, notifying them that they could have been compromised by spyware, highlighting the level of insight the company now possesses regarding these types of attacks. Although Apple has never disclosed how many users have been informed, it’s reasonable to conclude that the numbers are in the dozens, if not more.

Donncha Ó Cearbhaill, the leader of the security lab at Amnesty International, where he has examined numerous spyware incidents, mentioned that he and his team “have not observed any proof of an iPhone being successfully infiltrated by mercenary spyware while Lockdown Mode was active during the attack.”

Digital rights groups such as Amnesty International and the University of Toronto’s Citizen Lab have cataloged various successful assaults on iPhone users, none of which reported a breach of Lockdown Mode. In a minimum of two instances, Citizen Lab researchers have publicly stated that they witnessed Lockdown Mode effectively thwart spyware attacks, one involving NSO’s Pegasus and another with Predator spyware, developed by a company that is now under Intellexa.

In at least one recorded incident of spyware targeting iPhones, security analysts at Google indicated that the spyware would abandon its attempt to infect the target if Lockdown Mode was detected, likely as a method to avoid being noticed.

Patrick Wardle, a cybersecurity expert focused on Apple and a critic, asserts that Lockdown Mode is a vital feature that complicates the task for spyware creators aiming to target Apple users.

“It can be confidently said that Lockdown Mode represents one of the most rigorous consumer-facing hardening features ever implemented,” he conveyed to TechCrunch. 

Wardle clarified that by “minimizing the attack surface,” Lockdown Mode eliminates various strategies typically employed to exploit the iPhone, compelling spyware developers to resort to more sophisticated and costly methodologies.

“It neutralizes entire delivery mechanisms/exploit classes,” he added, “as it restricts most message attachment formats and limits WebKit capabilities. This represents a substantial decrease in the remotely accessible attack surface, particularly concerning zero-click exploit chains,” referring to intrusions that can target individuals over the internet without requiring any action from the victim.

It’s plausible that Lockdown Mode has been circumvented, and neither Apple nor independent analysts have detected the breach. However, considering that Apple usually maintains a publicly reserved stance, its latest proclamation signifies a notable point for Lockdown Mode.

I have utilized Lockdown Mode for several years, and I seldom think about it — except when notifications appear that can sometimes be perplexing. Some features that have been disabled necessitate an additional step, such as copying and pasting links from text messages into your browser. That’s why I, along with several digital security professionals, advise anyone concerned about being targeted by spyware or cyber assaults to enable Lockdown Mode.

An 82-year-old woman in Kentucky turned down a $26 million proposal from an AI company planning to establish a data center on her land. Although the same company may seek to rezone 2,000 acres nearby, as AI infrastructure continues to integrate into everyday life, the world is beginning to push back.

This week’s tension is omnipresent, from OpenAI discontinuing its Sora application to courts finally taking action against social media platforms like Meta. In this episode of TechCrunch’s Equity podcast, Kirsten Korosec, Anthony Ha, and Sean O’Kane investigate how the AI hype phase collides with reality.

Subscribe to Equity via YouTube, Apple Podcasts, Overcast, Spotify and all other platforms. You can also follow Equity on X and Threads at @EquityPod.