404 Media

2025-10-22 17:20:41

Women Dating Safety App Tea Delisted from Apple App Store

Tea, the women’s safety app which went viral earlier this year before facing multiple data breaches, has been removed from the Apple App Store.

“This app is currently not available in your country or region,” a message on the Apple App Store currently says when trying to visit a link to the app.

It is unclear whether the app has only been removed temporarily or permanently, or whether Apple banned the app or Tea removed it itself. Neither company immediately responded to a request for comment. Randy Nelson, head of insights and media resources at app intelligence company Appfigures, first alerted 404 Media to the app’s removal.

After launching a number of years ago, Tea skyrocketed to the top of the App Store this summer. The idea was for women to come together to share information and red flags about their dates. Tea users can “find verified green flag men,” “run background checks,” and “identify potential catfish,” according to Tea’s website. Crucially, the app said it verified that every user was a woman by asking them to upload a selfie.

💡
Do you know anything else about this removal? Do you work at Tea or did you used to? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

In the wake of its new found attention, members of the notorious troll and harassment forum 4chan targeted the service, and found an exposed database containing Tea users’ driver licenses and selfies. Days later, 404 Media revealed a second data breach at Tea impacted users’ direct messages, including those discussing abortions and cheating.

Tea turned off its direct messaging functionality altogether after that breach, and a Tea user filed a class action lawsuit against the app. Despite those data breaches, Tea continued to grow its userbase, Tea previously told 404 Media in a statement.
playlist.megaphone.fm?p=TBIEA2…
404 Media subsequently published an in-depth investigation into Tea and its CEO and founder Sean Cook, revealing how the app tried to essentially hijack the Are We Dating the Same Guy community, an ecosystem of Facebook pages that are credited with keeping women safe. Tea paid influencers to undermine Are We Dating the Same Guy and created competing Facebook pages with nearly identical names. That investigation also discovered a third security breach which revealed the personal data of women who were paid to promote the app as part of an affiliate program.

The app is still available on the Google Play Store. A number of other copycat apps that include “tea” in their name and advertise similar features are still available on the Apple App Store as well.

As of Wednesday Tea is still posting to its social media accounts, including its Instagram. The most recent post from around 13 hours ago describes Tea as “The first ever girls-only space that truly amplifies women’s voices and gives them an anonymous space to share their experiences, find comfort, and get the info they need on the man they’re talking to, in the name of DATING SAFETY💜”

One of the replies to that video simply says “App is gone.”

Tea User Files Class Action After Women’s Safety App Exposes Data

The Plaintiff claims Tea harmed her and ‘thousands of other similarity situated persons in the massive and preventable cyberattack.’

^{Joseph Cox (404 Media)}

404 Media

2025-10-22 13:40:03

The AWS Outage Bricked People’s $2,700 Smartbeds

Sleepers snoozing in Eight Sleep smartbeds had a bad night on Monday when a major outage of Amazon Web Services (AWS) caused their beds to malfunction. Some were left with the bed’s heat blasting, others were left in a sitting position and unable to recline. One woman said her bed went haywire and she had to unplug it from the wall.

At around 3 a.m. ET on Monday morning the US-EAST-1 AWS cluster went down and screwed up internet connected services across the planet. Customers for the banks Lloyds and Halifax couldn’t access their accounts. United Airlines check-ins stopped functioning. And people who rest in Eight Sleep beds awoke to find their mattresses had turned against them.

An Eight Sleep bed is a smart bed that starts at $2,700. Users provide their own mattress and Eight Sleep sells them a mattress cover and a “Pod” that acts as the brain of the system. If customers want to spend a few thousand more, they can get a base that adjusts the position of the mattress, provides biometric sleeping data, and heats and cools the sleeper. Customers must also subscribe to a service for Eight Sleep, which ranges from $17 to $33 a month.

Eight Sleep runs on the cloud and when the servers go down or the customer’s internet goes out it bricks the bed. There’s no offline mode. Customers have complained about the lack of an offline mode for a while, but the AWS outage focused their rage.
playlist.megaphone.fm?p=TBIEA2…
“So apparently, when my internet goes down, my bed decides to go on strike too. A quick outage, and boom—no change in sleep position available, not even with manual taps,” one customer on r/eightsleep said. “Maybe consider giving people a grace period before their $5,000 bed locks them into the world’s most ergonomic sitting position. AWS attack or Internet down for a few hours should not brick my bed.”

“Cloud only is unacceptable,” said another. “It’s 2025 there is no reason an internet or AWS server outage should impact your entire customer base's sleep—especially given the price tag of your product. Need EightSleep’s product team to opine here, your customer base demands it!”

“My pod is at +5 and I am sweating cuz I can’t turn it down or off,” said one comment.

Eight Sleep CEO Matteo Franceschetti apologized for the restless night in a statement posted to X. “The AWS outage has impacted some of our users since last night, disrupting their sleep. That is not the experience we want to provide and I want to apologize for it,” he said. He added that the company was restoring the bed’s features as AWS came back online and promised to outage-proof the Pods.

“Mine is still not working—it went super haywire and still seems to be turning on and off randomly with the inability to stop or control it. I had to unplug it,” ESPN host Victoria Arlen said on X, replying to Franceschetti. “I tried to get it going again and it’s still uncontrollable with the system turning on and off.”

Would be great if my bed wasn’t stuck in an inclined position due to an AWS outage. Cmon now
— Brandon (@Brandon25774008) October 21, 2025

“Would be great if my bed wasn’t stuck in an inclined position due to an AWS outage. Cmon now,” @Brandon25774008 said on X.

The truth is that so long as Eight Sleep beds have to communicate with a server to function, they’re always in danger of dying. That point of failure means the beds could go out at any time leaving the people who paid $5,000 for a fancy bed with little recourse. And, of course, no company lasts forever.

“When ES eventually goes bust, our pods will be bricked,” one Redditor said. “The fact that the pods cannot be controlled when you don’t have the internet is diabolical. I wish I knew this before purchasing. This basically means in the possibly near future, all of our pods will be bricked […] ES need to get their heads out of their ass and for once do a pro customer change and introduce an ‘offline’ mode where we can connect to the pod directly and at the very least change the temperature. It has wifi, it can make its own SSID, just make it work ES.”

Pro-active ES users have already found one solution: jailbreak the Pod. The ES sub is—at a minimum—$200 a year, the Pod uploads multiple GBs of telemetry data to ES servers every month, and when the internet goes down the bed dies. If you must own a $5,000 bed that heats and cools you dynamically, shouldn’t you take full control of it?

There’s an active Discord and a Github for a group of Eight Sleep snoozers who’ve decided to do just that. According to the GitHub, the jailbreak “allows complete control of device WITHOUT requiring internet access. If you lose internet, your pod WILL NOT turn off, it will continue working!”

Data centers are vulnerable. Server clusters go down. As long as there is a single point of failure and your device is commuting back to a network out of your control, it’s a risk. We have allowed tech companies to mediate the most basic functions of our lives, from cooking to travel to sleep. The AWS and ES outage is a stark reminder that we should do what we can to limit the control these tech companies have over our lives.

“I’m continuously horrified that I inextricably linked my sleep and therefore health to a cloud provider’s reliability,” one person said in the comments on Reddit.

Food Delivery Robots Are Feeding Camera Footage to the LAPD, Internal Emails Show

Serve Robotics, which delivers food for Uber Eats, provided footage filmed by at least one of its robots to the LAPD as evidence in a criminal case. The emails show the robots, which are a constant sight in the city, can be used for surveillance.

^{Jason Koebler (404 Media)}

404 Media

2025-10-22 13:00:50

Podcast: Hackers Dox ICE

We start this week with Joseph’s articles about a hacking group that doxed DHS, ICE, FBI, and DOJ officials. The group then sent us the personal data of officials from the NSA and a bunch of other government agencies. After the break, Emanuel revisits Wikipedia’s AI problem. In the subscribers-only section, Sam explains OpenAI’s inevitable path to an AI sex bot.
playlist.megaphone.fm?e=TBIEA1…
Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.
youtube.com/embed/7P2a4Y7P5UE?…

• How Artists Are Keeping 'the Lost Art' of Neon Signs Alive⁠
• ⁠Hackers Dox Hundreds of DHS, ICE, FBI, and DOJ Officials⁠
• Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials⁠
• Wikipedia Says AI Is Causing a Dangerous Decline in Human Visitors⁠
• OpenAI Catches Up to AI Market Reality: People Are Horny

The 404 Media Podcast

Tech News Podcast · Updated Weekly · Welcome to the podcast from 404 Media where Joseph, Sam, Emanuel, and Jason catch you up on the stories we published this week. 404 Media is a journalist-owned digital media company exploring the way …

^{Apple Podcasts}

404 Media

2025-10-21 16:49:29

Anthropic Promises Trump Admin Its AI Is Not Woke

Anthropic CEO Dario Amodei has published a lengthy statement on the company’s site in which he promises Anthropic’s AI models are not politically biased, that it remains committed to American leadership in the AI industry, and that it supports the AI startup space in particular.

Amodei doesn’t explicitly say why he feels the need to state all of these obvious positions for the CEO of an American AI company to have, but the reason is that the Trump administration’s so-called “AI Czar” has publicly accused Anthropic of producing “woke AI” that it’s trying to force on the population via regulatory capture.

The current round of beef began earlier this month when Anthropic’s co-founder and head of policy Jack Clark published a written version of a talk he gave at The Curve AI conference in Berkeley. The piece, published on Clark’s personal blog, is full of tortured analogies and self-serving sci-fi speculation about the future of AI, but essentially boils down to Clark saying he thinks artificial general intelligence is possible, extremely powerful, potentially dangerous, and scary to the general population. In order to prevent disaster, put the appropriate policies in place, and make people embrace AI positively, he said, AI companies should be transparent about what they are building and listen to people’s concerns.

“What we are dealing with is a real and mysterious creature, not a simple and predictable machine,” he wrote. “And like all the best fairytales, the creature is of our own creation. Only by acknowledging it as being real and by mastering our own fears do we even have a chance to understand it, make peace with it, and figure out a way to tame it and live together.”

Venture capitalist, podcaster, and the White House’s “AI and Crypto Czar” David Sacks was not a fan of Clark’s blog.

“Anthropic is running a sophisticated regulatory capture strategy based on fear-mongering,” Sacks said on X in response to Clark’s blog. “It is principally responsible for the state regulatory frenzy that is damaging the startup ecosystem.”

Things escalated yesterday when Reid Hoffman, LinkedIn’s co-founder and a megadonor to the Democratic party, supported Anthropic in a thread on X, saying “Anthropic was one of the good guys” because it's one of the companies “trying to deploy AI the right way, thoughtfully, safely, and enormously beneficial for society.” Hoffman also appeared to take a jab at Elon Musk’s xAI, saying “Some other labs are making decisions that clearly disregard safety and societal impact (e.g. bots that sometimes go full-fascist) and that’s a choice. So is choosing not to support them.”

Sacks responded to Hoffman on X, saying “The leading funder of lawfare and dirty tricks against President Trump wants you to know that ‘Anthropic is one of the good guys.’ Thanks for clarifying that. All we needed to know.” Musk hopped into the replies saying: “Indeed.”

“The real issue is not research but rather Anthropic’s agenda to backdoor Woke AI and other AI regulations through Blue states like California,” Sacks said. Here, Sacks is referring to Anthropic’s opposition to Trump’s One Big Beautiful Bill, which wanted to stop states from regulating AI in any way for 10 years, and its backing of California’s SB 53, which requires AI companies that generate more than $500 million in annual revenue to make their safety protocols public.

All this sniping leads us to Amodei’s statement today, which doesn’t mention the beef above but is clearly designed to calm investors who are watching Trump’s AI guy publicly saying one of the biggest AI companies in the world sucks.

“I fully believe that Anthropic, the administration, and leaders across the political spectrum want the same thing: to ensure that powerful AI technology benefits the American people and that America advances and secures its lead in AI development,” Amodei said. “Despite our track record of communicating frequently and transparently about our positions, there has been a recent uptick in inaccurate claims about Anthropic's policy stances. Some are significant enough that they warrant setting the record straight.”

Amodei then goes to count the ways in which Anthropic already works with the federal government and directly grovels to Trump.

“Anthropic publicly praised President Trump’s AI Action Plan. We have been supportive of the President’s efforts to expand energy provision in the US in order to win the AI race, and I personally attended an AI and energy summit in Pennsylvania with President Trump, where he and I had a good conversation about US leadership in AI,” he said. “Anthropic’s Chief Product Officer attended a White House event where we joined a pledge to accelerate healthcare applications of AI, and our Head of External Affairs attended the White House’s AI Education Taskforce event to support their efforts to advance AI fluency for teachers.”

The more substantive part of his argument is that Anthropic didn’t support SB 53 until it made an exemption for all but the biggest AI labs, and that several studies found that Anthropic’s AI models are not “uniquely politically biased,” (read: not woke).

“Again, we believe we share those goals with the Trump administration, both sides of Congress, and the public,” Amodei wrote. “We are going to keep being honest and straightforward, and will stand up for the policies we believe are right. The stakes of this technology are too great for us to do otherwise.”

Many of the AI industry’s most vocal critics would agree with Sacks that Clark’s blog and “fear-mongering” about AI is self-serving because it makes their companies seem more valuable and powerful. Some critics will also agree that AI companies take advantage of that perspective to then influence AI regulation in a way that benefits them as incumbents.

It would be a far more compelling argument if it didn’t come from Sacks and Musk, who found a much better way to influence AI regulation to benefit their companies and investments: working for the president directly and publicly bullying their competitors.

Americans Prioritize AI Safety and Data Security

Most Americans favor maintaining rules for AI safety and security, as well as independent testing and collaboration with allies in developing the technology.

^{Benedict Vigers (Gallup)}

404 Media

2025-10-21 15:11:50

OpenAI Catches Up to AI Market Reality: People Are Horny

OpenAI CEO Sam Altman appeared on Cleo Abram's podcast in August where he said the company was “tempted” to add sexual content in the past, but resisted, saying that a “sex bot avatar” in ChatGPT would be a move to “juice growth.” In light of his announcement last week that ChatGPT would soon offer erotica, revisiting that conversation is revealing.

It’s not clear yet what the specific offerings will be, or whether it’ll be an avatar like Grok’s horny waifu. But OpenAI is following a trend we’ve known about for years: There are endless theorized applications of AI, but in the real world many people want to use LLMs for sexual gratification, and it’s up for the market to keep up. In 2023, a16z published an analysis of the generative AI market, which amounted to one glaringly obvious finding: people use AI as part of their sex lives. As Emanuel wrote at the time in his analysis of the analysis: “Even if we put ethical questions aside, it is absurd that a tech industry kingmaker like a16z can look at this data, write a blog titled ‘How Are Consumers Using Generative AI?’ and not come to the obvious conclusion that people are using it to jerk off. If you are actually interested in the generative AI boom and you are not identifying porn as a core use for the technology, you are either not paying attention or intentionally pretending it’s not happening.”

Altman even hinting at introducing erotic roleplay as a feature is huge, because it’s a signal that he’s no longer pretending. People have been fucking the chatbot for a long time in an unofficial capacity, and have recently started hitting guardrails that stop them from doing so. People use Anthropic’s Claude, Google’s Gemini, Elon Musk’s Grok, and self-rolled large language models to roleplay erotic scenarios whether the terms of use for those platforms permit it or not, DIYing AI boyfriends out of platforms that otherwise forbid it. And there are specialized erotic chatbot platforms and AI dating simulators, but what OpenAI does—as the owner of the biggest share of the chatbot market—the rest follow.

404 Media Generative AI Market Analysis: People Love to Cum
A list of the top 50 generative AI websites shows non-consensual porn is a driving force for the buzziest technology in years.
404 MediaEmanuel Maiberg

Already we see other AI companies stroking their chins about it. Following Altman’s announcement, Amanda Askell, who works on the philosophical issues that arise with Anthropic’s alignment, posted: “It's unfortunate that people often conflate AI erotica and AI romantic relationships, given that one of them is clearly more concerning than the other. Of the two, I'm more worried about romantic relationships. Mostly because it seems like it would make users pretty vulnerable to the AI company in many ways. It seems like a hard area to navigate responsibly.” And the highly influential anti-porn crowd is paying attention, too: the National Center on Sexual Exploitation put out a statement following Altman’s post declaring that actually, no one should be allowed to do erotic roleplay with chatbots, not even adults. (Ron DeHaas, co-founder of Christian porn surveillance company Covenant Eyes, resigned from the NCOSE board earlier this month after his 38-year-old adult stepson was charged with felony child sexual abuse.)

In the August interview, Abram sets up a question for Altman by noting that there’s a difference between “winning the race” and “building the AI future that would be best for the most people,” noting that it must be easier to focus on winning. She asks Altman for an example of a decision he’s had to make that would be best for the world but not best for winning.

Altman responded that he’s proud of the impression users have that ChatGPT is “trying to help you,” and says a bunch of other stuff that’s not really answering the question, about alignment with users and so on. But then he started to say something actually interesting: “There's a lot of things we could do that would like, grow faster, that would get more time in ChatGPT, that we don't do because we know that like, our long-term incentive is to stay as aligned with our users as possible. But there's a lot of short-term stuff we could do that would really juice growth or revenue or whatever, and be very misaligned with that long-term goal,” Altman said. “And I'm proud of the company and how little we get distracted by that. But sometimes we do get tempted.”

“Are there specific examples that come to mind?” Abram asked. “Any decisions that you've made?”

After a full five-second pause to think, Altman said, “Well, we haven't put a sex bot avatar in ChatGPT yet.”

“That does seem like it would get time spent,” Abram replied. “Apparently, it does.” Altman said. They have a giggle about it and move on.

Two months later, Altman was surprised that the erotica announcement blew up. “Without being paternalistic we will attempt to help users achieve their long-term goals,” he wrote. “But we are not the elected moral police of the world. In the same way that society differentiates other appropriate boundaries (R-rated movies, for example) we want to do a similar thing here.”

This announcement, aside from being a blatant hail mary cash grab for a company that’s bleeding funds because it’s already too popular, has inspired even more “bubble’s popping” speculation, something boosters and doomers alike have been saying (or rooting for) for months now. Once lauded as a productivity godsend, AI has mostly proven to be a hindrance to workers. It’s interesting that OpenAI’s embrace of erotica would cause that reaction, and not, say, the fact that AI is flooding and burdening libraries, eating Wikipedia, and incinerating the planet. It’s also interesting that OpenAI, which takes user conversations as training data—along with all of the writing and information available on the internet—feels it’s finally gobbled enough training data from humans to be able to stoop so low, as Altman’s attitude insinuates, to let users be horny. That training data includes authors of romance novels and NSFW fanfic but also sex workers who’ve spent the last 10 years posting endlessly to social media platforms like Twitter (pre-X, when Elon Musk cut off OpenAI’s access) and Reddit, only to have their posts scraped into the training maw.

Altman believes “sex bots” are not in service of the theoretical future that would “benefit the most people,” and that it’s a fast-track to juicing revenue, something the company badly needs. People have always used technology for horny ends, and OpenAI might be among the last to realize that—or the first of the AI giants to actually admit it.
playlist.megaphone.fm?p=TBIEA2…

AI-Generated Slop Is Already In Your Public Library

Librarians say that taxpayers are already paying for low quality AI-generated ebooks in public libraries.

^{Emanuel Maiberg (404 Media)}

404 Media

2025-10-20 16:45:01

News Outlets Won't Describe Trump's AI Video For What It Is: The President Pooping on America

On Saturday, millions of people across the U.S. attended “No Kings” protests—a slogan born in response to President Donald Trump’s self-aggrandizing social media posts where he’s called himself a king, including with AI-generated images of himself in a crown, and his continuous stretching of executive power. While Americans were out in the street, the president was posting.

In an AI-generated video originally posted on X by a genAI shitposter, Trump, wearing a crown, takes off in a fighter jet to the song “Danger Zone” like he’s in Top Gun. Flying over protestors in American cities, Pilot King Trump bombs people with gallons of chunky brown liquid. It’s poop, ok? It’s shit. It’s diarrhea, and in reposting it, it’s clear enough to me that Trump is fantasizing about doing a carpet-bomb dookie on the people he put his hand on a bible and swore to serve nine months ago. The first protestor seen in the video is a real person, Harry Sisson, a liberal social media influencer.

0:00
/0:19
1×

The video Trump reposted to Truth Social

But this was not clear, it seems, to many other journalists. Most national news outlets seem scared to call it how they see, and how everyone sees it: as Trump dropping turd bombs on America, instead opting for euphemisms. Some of the best have included:

• The Hill called it “brown liquid” and “what looked like feces”
• The Guardian deemed it “brown sludge” and “bursts of brown matter”
• More “brown liquid” from the New York Times
• NBC News got close with “what appeared to be feces”
• A CNN contributor’s “analysis” said Trump was “appearing to dump raw sewage”
• Axios’ helpful context: “suspect brown substances falling from the sky”
• ABC News opted to cut the video before the AI poop even started falling

TheNew York Post, never one to waste a prime alliteration opportunity, didn’t disappoint: “Trump’s fighter jet was shown dropping masses of manure.”

I can understand some of these venerated news establishments might be skittish about using a word like “poop” in their headlines, and I can also concede that I haven’t had an editor tell me I can’t use a bad word in a headline in a long, long time. I can imagine the logic: we can’t “prove” it’s meant to be shit, so we can’t call it shit. But there’s nothing in these outlets’ style guides that has kept them from saying “poop” in the headline in the past: “Women Poop,” the New York Times once proclaimed. Axios writes extensively and frequently about dog poop. CNN’s analysis extends to poop often.

Along with the above concessions, I can also promise I don’t feel that passionately about getting poop on anyone else’s homepages. But we are in an era where the highest office in the country is disseminating imagery that isn’t just fake and stupid, but actively hostile to the people living in this country. When I first saw someone talking about the Trump Poop Bomber video—on Reels, of all places—I thought it must be someone doing satire about what they imagined Trump would post about the protests. I had to search for it to find out if he really did, and what I found was the above: trusted sources of truth and information too scared to call fake poop fake poop. It’s not about poop, it’s about being able to accurately describe what we see, an essential skill when everything online is increasingly built to enrage, trick, or mislead us. AI continues to be the aesthetic of fascism: fast, easy, ugly. When we lose the ability to say what it is, we’re losing a lot more than the chance to pun on poop.

Add to this the fact that no one in Trump’s circle will say what we can all plainly see, either: that the president hates the people. “The president uses social media to make the point. You can argue he’s probably the most effective person who’s ever used social media for that,” Speaker of the House Mike Johnson said at a news conference this morning. “He is using satire to make a point. He is not calling for the murder of his political opponents.” Johnson did not say what that point was, however.

Trump posts wild AI video showing him flying fighter jet, dropping sewage on No Kings protesters

President Trump posted a wild AI-generated video of himself late Saturday as a fighter pilot wearing a crown on his head, unloading sewage on “No Kings” protesters.

^{Ryan King (New York Post)}

404 Media

2025-10-20 15:47:58

How Artists Are Keeping 'The Lost Art' of Neon Signs Alive

Next to technicolor neon signs featuring Road Runner, an inspirational phrase that says “everything will be fucking amazing,” and a weed leaf, Geovany Alvarado points to a neon sign he’s particularly proud of: “The Lost and Found Art,” it says.

“I had a customer who called me, it was an old guy. He wanted to meet with someone who actually fabricates the neon and he couldn’t find anyone who physically does it,” Alvarado said. “He told me ‘You’re still doing the lost art.’ It came to my head that neon has been dying, there’s less and less people who have been learning. So I made this piece.”

For 37 years, Alvarado has been practicing “the lost and found art” of neon sign bending, weathering the general ups and downs of business as well as, most threateningly, the rise of cheap LED signs that mimic neon and have become popular over the last few years.

“When neon crashed and LED and the big letters like McDonald’s, all these big signs—they took neon before. Now it’s LED,” he said. In the last few years, though, he said there has been a resurgent interest in neon from artists and people who are rejecting the cheap feel of LED. “It came back more like, artistic, for art. So I’ve been doing 100 percent neon since then.”
youtube.com/embed/SSNfDodj674?…
At his shop, Quality Neon Signs in Mid-City Los Angeles, there are signs in all sorts of states of completion and functionality strewn about Alvarado’s shop: old, mass-produced beer advertisements whose transformers have blown and are waiting for him to repair them, signs in the shapes of soccer and baseball jerseys, signs with inspirational phrases (“Everything is going to be fucking amazing,” “NEED MONEY FOR FAKE ART”), signs for restaurants, demonstration tubes that show the different colors he offers, weed shop signs, projects he made when he was bored. There are projects that are particularly meaningful to him: a silhouette he made of his wife holding their infant daughter, and a sign of the Los Angeles skyline with a wildfire burning in the background, “just to represent Los Angeles,” he said. There are old little bits of tube that have broken off of other pieces. “We save everything,” Alvarado said, “in case we want to fix it or need it for a repair.” His workshop, a few minutes away, features a “Home Sweet Home” sign,” a sign he made years ago for Twitter/Chanel collaboration featuring the old Twitter bird logo, and a sign for the defunct Channing Tatum buddy cop show Comrade Detective.

The overwhelming majority of signs Alvarado sells are traditional neon glass. The real thing. But he does offer newer LED faux-neon signs to clients who want it, though he doesn’t make those in-house. Alvarado says he sells LED to keep up with the times and because they can be more practical for one-off events because they are less likely to break in transit, but it’s clear that he and the overwhelming majority of neon sign makers think the LED stuff is simply not the same. Most LED signs look cheaper and do not emit the same warmth of light, but are more energy efficient.

I asked two neon sign creators about the difference while I was shopping for signs. They said they think the environmental debate isn’t quite as straightforward as it seems because a lot of the LED signs they make seem to be for one-off events, meaning many LED signs are manufactured essentially for a single use and then turned into e-waste. Many real neon signs are bought as either artwork or are bought by businesses who are interested in the real aesthetic. And because they are generally more expensive and are handmade, they are used for years and can be repaired indefinitely.

I asked Alvarado to show me the process and make a neon sign for 404 Media, which I’ve wanted for years. It’s a visceral, loud, scientific process, with gas-powered burners that sound like jet engines heating up the glass tubes to roughly 1,000 degrees so they can be bent into the desired shapes. When he first started bending neon, Alvarado says he used to use an overheard projector and a transparency to project a schematic onto the wall. These days, he mocks up designs on a computer aided design program and prints them out on a huge printer that uses a sharpie to draw the schematic. He then painstakingly marks out his planned glass bends on the paper, lining up the tubes with the mockup as he works.

“You burn yourself a lot, your hands get burnt. You’re dealing with fire all the time,” Alvarado said. He burned himself several times while working on my piece. “For me it’s normal. Even if you’re a pro, you still burn yourself.” Every now and then, even for someone who has been doing this for decades, the glass tubes shatter: “You just gotta get another stick and do it again,” he said.

After bending the glass and connecting the electrodes to one end of the piece, he connects the tubes to a high-powered vacuum that sucks the air out of them. The color of the light in Alvarado’s work is determined by a powdered coating within the tubes or a different colored coating of the tubes themselves; the type of gas and electrical current also changes the type and intensity of the colors. He uses neon for bright oranges and reds, and argon for cooler hues.

Alvarado, of course, isn’t the only one still practicing the “lost art” of neon bending, but he’s one of just a few commercial businesses in Los Angeles still manufacturing and repairing neon signs for largely commercial customers. Another, called Signmakers, has made several large neon signs that have become iconic for people who live in Los Angeles. The artist Lili Lakich has maintained a well-known studio in Los Angeles’ Arts District for years and has taught “The Neon Workshop” to new students since 1982, and the Museum of Neon Art is in Glendale, just a few miles away.

A few days after he made my neon sign, I was wandering around Los Angeles and came across an art gallery displaying Tory DiPietro’s neon work, which is largely fine art and pieces where neon is incorporated to other artworks; a neon “FRAGILE” superimposed on a globe, for example. Both DiPietro and Alvarado told me that there are still a handful of people practicing the lost art, and that in recent years there’s been a bit of a resurgent interest in neon, though it’s not that easy to learn.

On the day I picked up my sign, there were two bright green “Meme House” signs for a memecoin investor house in Los Angeles that Alvarado said he had bent and made immediately after working on the 404 Media sign. “I was there working til about 11 p.m.” he said.

YouTube

^{www.youtube.com}

404 Media

2025-10-20 15:16:50

Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials

A hacking group that recently doxed hundreds of government officials, including from the Department of Homeland Security (DHS) and Immigration and Customs Enforcement (ICE), has now built dossiers on tens of thousands of U.S. government officials, including NSA employees, a member of the group told 404 Media. The member said the group did this by digging through its caches of stolen Salesforce customer data. The person provided 404 Media with samples of this information, which 404 Media was able to corroborate.

As well as NSA officials, the person sent 404 Media personal data on officials from the Defense Intelligence Agency (DIA), the Federal Trade Commission (FTC), Federal Aviation Administration (FAA), Centers for Disease Control and Prevention (CDC), the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), members of the Air Force, and several other agencies.

The news comes after the Telegram channel belonging to the group, called Scattered LAPSUS$ Hunters, went down following the mass doxing of DHS officials and the apparent doxing of a specific NSA official. It also provides more clarity on what sort of data may have been stolen from Salesforce’s customers in a series of breaches earlier this year, and which Scattered LAPSUS$ Hunters has attempted to extort Salesforce over.

💡
Do you know anything else about this breach? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

“That’s how we’re pulling thousands of gov [government] employee records,” the member told 404 Media. “There were 2000+ more records,” they said, referring to the personal data of NSA officials. In total, they said the group has private data on more than 22,000 government officials.

Scattered LAPSUS$ Hunters’ name is an amalgamation of other infamous hacking groups—Scattered Spider, LAPSUS$, and ShinyHunters. They all come from the overarching online phenomenon known as the Com. On Discord servers and Telegram channels, thousands of scammers, hackers, fraudsters, gamers, or just people hanging out congregate, hack targets big and small, and beef with one another. The Com has given birth to a number of loose-knit but prolific hacking groups, including those behind massive breaches like MGM Resorts, and normalized extreme physical violence between cybercriminals and their victims.

On Thursday, 404 Media reported Scattered LAPSUS$ Hunters had posted the names and personal information of hundreds of government officials from DHS, ICE, the FBI, and Department of Justice. 404 Media verified portions of that data and found the dox sometimes included peoples’ residential addresses. The group posted the dox along with messages such as “I want my MONEY MEXICO,” a reference to DHS’s unsubstantiated claim that Mexican cartels are offering thousands of dollars for dox on agents.

Hackers Dox Hundreds of DHS, ICE, FBI, and DOJ Officials
Scattered LAPSUS$ Hunters—one of the latest amalgamations of typically young, reckless, and English-speaking hackers—posted the apparent phone numbers and addresses of hundreds of government officials, including nearly 700 from DHS.
404 MediaJoseph Cox

After publication of that article, a member of Scattered LAPSUS$ Hunters reached out to 404 Media. To prove their affiliation with the group, they sent a message signed with the ShinyHunters PGP key with the text “Verification for Joseph Cox” and the date. PGP keys can be used to encrypt or sign messages to prove they’re coming from a specific person, or at least someone who holds that key, which are typically kept private.

They sent 404 Media personal data related to DIA, FTC, FAA, CDC, ATF and Air Force members. They also sent personal information on officials from the Food and Drug Administration (FDA), Health and Human Services (HHS), and the State Department. 404 Media verified parts of the data by comparing them to previously breached data collected by cybersecurity company District 4 Labs. It showed that many parts of the private information did relate to government officials with the same name, agency, and phone number.

Except the earlier DHS and DOJ data, the hackers don’t appear to have posted this more wide ranging data publicly. Most of those agencies did not immediately respond to a request for comment. The FTC and Air Force declined to comment. DHS has not replied to multiple requests for comment sent since Thursday. Neither has Salesforce.

The member said the personal data of government officials “originates from Salesforce breaches.” This summer Scattered LAPSUS$ Hunters stole a wealth of data from companies that were using Salesforce tech, with the group claiming it obtained more than a billion records. Customers included Disney/Hulu, FedEx, Toyota, UPS, and many more. The hackers did this by social engineering victims and tricking them to connect to a fraudulent version of a Salesforce app. The hackers tried to extort Salesforce, threatening to release the data on a public website, and Salesforce told clients it won’t pay the ransom, Bloomberg reported.

On Friday the member said the group was done with extorting Salesforce. But they continued to build dossiers on government officials. Before the dump of DHS, ICE, and FBI dox, the group posted the alleged dox of an NSA official to their Telegram group.

Over the weekend that channel went down and the member claimed the group’s server was taken “offline, presumably seized.”

The doxing of the officials “must’ve really triggered it, I think it’s because of the NSA dox,” the member told 404 Media.

Matthew Gault contributed reporting.

How Google, Adidas, and more were breached in a Salesforce scam | Malwarebytes

Hackers tricked workers over the phone at Google, Adidas, and more to grant access to Salesforce data.

^{David Ruiz (Malwarebytes)}