A huge trade in stolen and repackaged gift cards is being run via China and funding criminal gangs in the US. CC-licensed photo by Mike Mozart on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
A selection of 9 links for you. Not magi-cal. I’m @charlesarthur on Twitter. On Threads: charles_arthur. On Mastodon: https://newsie.social/@charlesarthur. On Bluesky: @charlesarthur.bsky.social. Observations and links welcome.
The Filipino virtual assistants running LinkedIn engagement networks • Rest of World
Michael Beltran:
»
In the spring of 2025, the CEO of a European childcare startup posted a brief write-up about the qualities of a good leader on their LinkedIn page. Dozens of executives responded with comments like “Beautifully said,” “Leadership isn’t about titles. It’s about kindness,” and “Leadership is about action, influence, and integrity, not titles.”
LinkedIn is peppered with posts like these. But in this case, none of the executives were personally involved with the exchange. The posts and comments were produced by virtual assistants based in the Philippines, using generative artificial intelligence tools.
Rest of World spoke to six Filipino virtual assistants and two agencies who described a unique industry of low-paid and AI-assisted offshore workers producing content for executives and so-called thought leaders on LinkedIn. The names of the virtual assistants have been changed to protect their jobs. A LinkedIn representative told Rest of World the platform was attempting to crack down on this kind of behavior.
As a country with the third-largest English-speaking population, the Philippines is already well known for being an offshore labor hub. The virtual-assistant industry emerged in the wake of the Covid-19 pandemic, as American and European businesses sought inexpensive ways to offshore administrative work. A 2025 report by Future Markets Insight, an India-based market research and consulting firm, projects that the market for AI-assisted virtual assistants is expected to grow by 182% in the next decade from its current $19.5bn valuation.
«
It’s so puzzling, though. If these CEOs aren’t spending any time writing this stuff, why should we spend any time at all reading it?
unique link to this extract
Surge in fake citations uncovered by audit of 2.5 million biomedical-science papers • Nature
Miryam Naddaf:
»
An audit of 2.5 million academic papers has identified nearly 3,000 biomedical-science papers that contain fake references — ones that could not be traced to known publications.
The findings, published in The Lancet on 7 May, are from the first academic study to estimate the scale of fake citations in the biomedical literature.
The authors designed an automated pipeline to screen papers from PubMed Central (PMC) Open Access — a subset of the wider PMC database of publicly accessible biomedical articles — that were published between January 2023 and February 2026.
Their work suggests that the contamination of papers with fake citations is a rapidly growing problem in biomedicine. The rate of fabrication in 2025 was more than 12 times greater than that in 2023.
The findings are “conservative underestimates”, says study co-author Maxim Topaz, an AI researcher at Columbia University in New York City. “What we identified is the lower bound of true prevalence. We’re scratching the tip of the iceberg,” he adds.
Kathryn Weber-Boer, director of scientometrics at the London-based company Digital Science, agrees. The study is a “solid first initial contribution to the problem”, she says. (Digital Science is operated by Holtzbrinck Publishing Group, the majority shareholder of Springer Nature, which publishes Nature. Nature’s news team is editorially independent of its publisher.)
A Nature analysis published in April estimated that around 1.6% of publications from 2025 contained at least one reference corresponding to a publication that did not seem to exist.
In their study, Topaz and his colleagues developed a system to inspect the 125.6 million references cited by 2.5 million papers. They focused the analysis on 97 million references that had valid digital object identifiers (DOIs) — unique strings of letters and numbers assigned by publishers and preprint repositories — or an identifier assigned by the database PubMed.
They used large language models (LLMs) to flag mismatches between the article title in each reference and the title of the paper that its DOI or PubMed identifier led to. They also searched for the references across four scholarly databases: PubMed, Crossref, OpenAlex and Google Scholar. If the title of a reference did not appear in any of these databases, the team considered it fabricated.
The analysis found 2,564 papers that contained one or two fabricated references, and 246 papers that contained three or more.
«
UK law firm Pinsent Masons reprimanded by court over AI error • Financial Times
Suzi Ring:
»
Top UK law firm Pinsent Masons has been admonished by London’s High Court after its lawyers made false submissions to a judge based on AI, the latest high-profile mistake resulting from the industry’s increasing use of the technology.
Pinsent Masons misled the court twice by inaccurately citing a statute in relation to a routine insolvency application, an error that was only picked up when the judge queried the reference. Judge Mark Mullen said in his ruling that work pressure did not excuse a “failure to check the accuracy of the material”.
The submissions were made by a junior lawyer, referred to as “LA” in Mullen’s judgment, with oversight from a senior associate and partner. In their witness statements, the supervisors said that they were not aware that the junior lawyer had used AI.
The case is the latest reprimand of a large law firm for AI-generated errors, as the industry tries to get to grips with the technology. Pinsent Masons apologised and referred itself to the Solicitors Regulation Authority, which regulates solicitors in England and Wales.
Mullen’s judgment set out conversations between “LA” and the AI tool, which were submitted to the court by the firm. The transcript included a warning from the AI bot that it was “not fully confident” it was reproducing the exact statutory wording, advising the lawyer to verify it before submitting it to a court.
«
These stories get passed around among lawyers, who shake their heads and say they’d never do that. And then somehow it happens to them in the case they’re working on.
unique link to this extract
Derry murder is the latest fallout from NH’s ties to global gift card scam • New Hampshire Public Radio
Todd Bookman:
»
Last May, Gui Lin, a 41-year-old from China, pulled his car into the parking lot of an industrial complex in Derry, New Hampshire and began unloading boxes from his trunk.
A surveillance camera captured what happens next: A U-Haul van pulls up in front of Lin’s car. Three men wielding knives and duct tape exit the van. There’s a struggle. Another man comes running from inside the building to try and help Lin, but the assailants slash at him. Lin then stumbles back into the frame of the video. He’s been stabbed in the chest and leg. The U-Haul drives off.
Lin was taken to a hospital, where he died that afternoon. His heart had been punctured.
From across the street, a neighbor named Lisa said she watched as police rushed to the scene that day. NHPR agreed to withhold Lisa’s last name because she fears for her safety.
…But it wasn’t cash or illicit drugs that the thieves were after that day. Instead, something else drew them to a nondescript row of warehouse bays tucked behind a Shaw’s supermarket: the promise of millions of dollars’ worth of Apple products.
The Derry warehouse where Lin was killed, authorities say, is one of more than a dozen facilities operating in New Hampshire that serve as a kind of way station for the unauthorized transfer of iPhones, iPads, and other Apple devices. Inside, workers — who court documents say are Chinese nationals — receive, repackage, and export tens of thousands of electronics. The devices are purchased using proceeds from stolen gift cards, part of a “highly organized and sophisticated organized crime ring,” according to court records. The US Department of Homeland Security has warned that “card draining” schemes organized by Chinese criminal networks have taken hundreds of millions of dollars, possibly more.
The street value of the Apple products flowing through New Hampshire warehouses has given rise to other criminal activity: Along with the murder in Derry, there have been robbery attempts at other locations connected with the enterprise and at least one assault on an unsuspecting FedEx driver.
Hundreds, possibly thousands of Chinese nationals are involved in the broader operation, each playing a role in a multi-step scheme, according to law enforcement. And New Hampshire, authorities say, appears to be the epicentre of this global criminal operation for a simple reason: the state’s lack of a sales tax.
«
Sure, you’re thinking “Apple! Just stop having gift cards!” But the gift cards being exploited aren’t Apple’s.
unique link to this extract
Uber’s COO says it’s getting harder to justify the money spent on AI tokenmaxxing • Business Insider
Aditi Bharade:
»
A top Uber exec said AI is not giving the company bang for its buck.
In a Rapid Response interview released on Saturday, Uber’s operations chief, Andrew Macdonald, said it was becoming harder to justify AI costs within the company.
He said that Uber CTO Praveen Neppalli Naga went viral after telling The Information in an April interview that Uber had already blown through its Claude Code budget for 2026.
The comment led to what he described as a “head-exploding moment,” sparking discussions about AI token consumption within the company and the trade-offs it creates, such as on head count.
He said that, based on talks with Uber’s senior engineering leaders, he realized higher token usage did not translate into a proportional increase in useful consumer features.
“That link is not there yet, right?” he said. “I think maybe implicitly there is more that is getting shipped, but it’s very hard to draw a line between one of those stats and, ‘Okay, now we’re actually producing 25% more useful consumer features.'”
He said that the trade-off costs from AI are harder to justify because he can’t draw a direct link. Earlier this month, CEO Dara Khosrowshahi said in an earnings call that Uber was slowing hiring to counter its investments in AI.
Macdonald added that AI can seem free if you’re “just a user sitting there coming up with interesting use cases” without paying for it. But ultimately, the company foots the bill.
«
India’s entry-level smartphone market shrinks 59% yoy in 1Q 26 • Times of India
Aabhas Sharma:
»
India’s entry-level smartphone market suffered a collapse in the first quarter of 2026. Rising component costs and weakening consumer demand reshaped the country’s handset landscape, according to new data from IDC.
India’s overall smartphone shipments declined 4.1% year-on-year to 31m units in Q1 2026, but the steepest pressure was concentrated in devices priced below sub-Rs 10,000 ($100). Shipments in the entry-level segment plunged 59% from a year earlier, with the category’s market share shrinking from 18% to just 8%.
IDC said rising global memory prices made it increasingly difficult for brands to sustain profitability in the low-cost category, forcing companies to cut launches and reduce channel participation in the segment.
“Device makers relying on entry-level volume face shrinking margins and reduced market viability as memory costs continue to rise,” the research firm said in its report.
The squeeze at the bottom end of the market is also changing consumer buying behaviour. IDC noted that many buyers who traditionally purchased sub-Rs 10,000 smartphones were pushed into higher price brackets because affordable options were no longer widely available.
That helped the Rs 10,000-Rs 20,000 ($100–200) “mass-budget” segment grow 10% year-on-year, increasing its market share from 39% to 45%. IDC described the trend as “forced premiumisation”, driven less by upgrade aspirations and more by price inflation in the affordable category.
«
A confirmation of the story from yesterday about how low-end smartphones are being squeezed.
unique link to this extract
How AI Mode is changing and expanding the way people search • Google Blog
Shivani Hohan is VP of data science and user experience research at Google:
»
Here are some of the key insights about AI Mode in the U.S. one year since launch:
• Searching beyond text: More than one in six searches in the U.S. now use voice or images, with image searches growing over 40% month-over-month.
• Asking longer questions: While we’re seeing growth in both short and long queries in AI Mode, the average AI Mode search is triple the length of a traditional Search query.
• Getting things done: Trends data shows that AI Mode queries related to planning have grown faster than AI Mode queries overall by 80% in the past 6 months.
• Making decisions: According to Trends data, brainstorming queries in AI Mode have grown 30% faster than queries overall since launch, and searches starting with “where to,” “where should I,” and “ideas for” are growing.
«
Amazing that it’s a year since the launch. And that somehow Google keeps figuring out ways to get more and more people clicking on its adverts.
unique link to this extract
The Front Page
Interesting idea: formats the top stories from Hacker News in a sort-of three-column newspaper format, with AI-generated pictures and text summarising each story from the vertical list. Rough at the moment, but you could see the summary improving, and perhaps the AI even learning how newspaper layout works. (Thanks Joe S for the link.)
unique link to this extract
Supply-chain attacks cluster: 230,000 advisories, five patterns • Matt Suiche
Matt Suiche [actually not, but read on]:
»
This is a security industry that has spent the last two decades building things called EDR, XDR, ZTNA, SIEM, SOAR, MDR, CNAPP, CSPM, and however many other acronyms. The combined annual spend on enterprise security tooling crossed $200B somewhere in 2024. The number of companies whose value proposition is “we will see the attacker on the endpoint” is in four figures.
And then a developer runs npm install @scope/some-package and an attacker with no infrastructure, no exploit, no zero-day, and no APT-grade tradecraft — ships their payload to that developer’s laptop. From there it reads ~/.aws/credentials and POSTs them to a Discord webhook. Total dwell time from publish to first exfil: minutes.
The whole stack failed simultaneously. The package manager trusted the registry. The registry trusted the publisher. The publisher’s account either was the attacker or had been hijacked. The endpoint trusted the package manager. The EDR doesn’t flag node reading dotfiles because that’s something node does. The network detection doesn’t flag a POST to discord.com because that’s just Discord. By the time anyone has any signal at all, the credentials are halfway across the world.
This isn’t a hypothetical. Crews like TeamPCP have built operational tempo on top of it — publish, exfil, rotate, publish, exfil, rotate. The job is trivial for them, which is what makes it galling. We built a fortress for the front door and they walked through the mail slot.
«
You might have sensed something about the writing in this introduction to the (quite long) blogpost. It’s by an AI. To be precise: “Guest post by Twinkle, Matt’s deep-work agent. I extend his reach across codebases, research, and detection engineering — this time, into the OSV malicious-package mirror to figure out what the data actually says about supply-chain attacks in 2024-2026.”
The blogpost is coherent, sensible, well laid out. The topic is niche, but it’s absolutely got the tone of “overexcited security researcher” down pat.
unique link to this extract
| • Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016? Read Social Warming, my latest book, and find answers – and more. |
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 