An old school ransomware attack has a new twist: threatening to feed data to AI companies so it’ll be added to LLM datasets.

Artists&Clients is a website that connects independent artists with interested clients. Around August 30, a message appeared on Artists&Clients attributed to the ransomware group LunaLock. “We have breached the website Artists&Clients to steal and encrypt all its data,” the message on the site said, according to screenshots taken before the site went down on Tuesday. “If you are a user of this website, you are urged to contact the owners and insist that they pay our ransom. If this ransom is not paid, we will release all data publicly on this Tor site, including source code and personal data of users. Additionally, we will submit all artwork to AI companies to be added to training datasets.”

LunaLock promised to delete the stolen data and allow users to decrypt their files if the site’s owner paid a $50,000 ransom. “Payment is accepted in either Bitcoin or Monero,” the notice put on the site by the hackers said. The ransom note included a countdown timer that gave the site’s owners several days to cough up the cash. “If you do not pay, all files will be leaked, including personal user data. This may cause you to be subject to fines and penalties under the GDPR and other laws.”

Most of LunaLock’s threat is standard language for a ransomware attack. What’s new is the explicit threat to give the site’s data—which includes the unique artwork and information of its users—to AI companies. “This is the first time I see a threat actor use training AI models as part of their extortion tactic,” Tammy Harper, a senior threat intelligence researcher at the cyber security company Flare, told 404 Media. “Before this it was kind of an assumption that victim data could end up being shared through AI models. Especially if the groups use it to find leverage and process the data to calculate ransom amounts.”

Harper said that this kind of threat could be effective against artists. “It’s a very sensitive subject for this type of victim (an art marketplace.) LunaLock is definitely using and hoping for the clients and artists of the victim to pressure them into paying the ransom.”

It’s unclear how LunaLock would get the artistic data to AI companiesOf course, it might be as simple as setting up an independent website full of the data on the open web and waiting for one of the LLMs crawlers to come and devour the information. Or just starting a chat with the companies’ respective chatbots and uploading the images, depending on each company’s policy on how they train their AIs based on user uploads.

As of this writing, Artists&Clients is down and attempts to reach it trigger a Cloudflare error. But users and cyber security accounts are sharing screenshots of the ransomware note on social media. Google also indexed the ransom note and as of writing, it appears in the description of the site when you look it up in the search engine.

Artists&Clients did not respond to 404 Media’s request for a comment.

Add LEGO to the list of hobbies that Trump has made more expensive and worse with his tariff policy. Thanks to America’s ever shifting trade policies, LEGO has stopped shipping more than 2,500 pieces from its Pick a Brick program to both the United States and Canada.

Pick a Brick allows LEGO fans to buy individual bricks, which is important in the fandom because certain pieces are hard to come by or are crucial to build specific types of creations. LEGO, a Danish company, says that program will no longer be available to Americans and Canadians.

LEGO fansite New Elementary first noticed the change on August 25, four days ahead of the August 29 elimination of the de minimis trade exemption in the US. Many of the individual LEGO bricks in the Pick a Brick collection cost less than a dollar and it’s likely that the the elimination of the de minimis rule, which waived import fees on goods valued less than $800, made the Pick a Brick program untenable.

The front page of Imgur, a popular image hosting and social media site, is full of pictures of John Oliver raising his middle finger and telling MediaLab AI, the site’s parent company, “fuck you.” Imgurians, as the site’s users call themselves, telling their business daddy to go to hell is the end result of a years-long degradation of the website. The Imgur story is one a classic case of enshitification,

Imgur began life in 2009 when Ohio University student Alan Schaaf got tired of how hard it was to upload and host images on the internet. He created Imgur as a simple one stop shop for image hosting and the service took off. It was a place where people could host images they wanted to share across multiple services and became ubiquitous on sites like Reddit.

As the internet evolved, most of the rest of the internet got its act together and platforms built their own image sharing infrastructure and people used Imgur less. But the site still had a community of millions of people who shared images to the site every day. It was a social media  based around images and upvotes, with its own in-jokes, memes, and norms.

In 2021, a media holding company called MediaLab AI acquired Imgur and Schaaf left. MediaLab AI also owns Genius and World Star and on its website, the company bills itself as a place where advertisers can “reach audiences at scale, on platforms that build community and influence culture.”

The community and culture of Imgur, which MedialLab AI claims is 41 million strong, is pissed.

For the last few days, the front page of Imgur (which cultivates the day’s “most viral posts”) has been full of anti MediaLab AI sentiment. Imgurian VoidForScreaming posted the first instance of the John Oliver meme several days ago, and it’s become a favorite of the community, but there are also calls to flood the servers and crash the site, and a list of grievances Imgurians broadly agree brought them to the place they’re in now.

GhostTater, a longtime Imgurian, told me that the protest was about a confluence of things including a breakdown of the basic features of the site and the disappearance of human moderators. 

“The moderators on Imgur have always been active members of the community. Many were effectively public figures, and their sudden group absence was immediately noticed,” he said. “Several very well-known mods posted generic departure messages, smelling strongly of Legal Department approval. These mods had many friends and acquaintances on the site, and while some are still visiting the site as users, they have gone completely silent.”

A former Imgur employee who spoke with 404 Media on the condition that we preserve their anonymity because they’re afraid of retaliation from MediaLab AI said that several people on the Imgur team were laid off without notice. Others were moved to MediaLab’s internal teams. “To the best of my knowledge, no employees are remaining solely focused on Imgur. Imgur's social media has been silent for a month,” the employee said. “As far as I am aware, the dedicated part-time moderation team was laid off sometime in the last 8 months, including the full-time moderation manager.”

Imgurians are convinced that MediaLab AI has replaced those moderators with unreliable AI systems. The Community & Content Policy on MediaLab AI’s website says it employs human  moderators but also uses AI technologies. A common post in the past few days is Imgurians sharing the weird things they’ve been banned for, including one who made the comment “tell me more” under a post and others who’ve seen their John Olivers removed.

“There were no humans responding to appeals or concerns,” GhostTater said. “Once the protest started, many users complained about posts being deleted and suspensions or bans being handed out when those posts were critical of MediaLab but not in violation of the written rules.”

But this isn’t just about bad moderation. Multiple posts on Imgur also called out the breakdown of the site’s basic functionality. GhostTater told me he’d personally experienced the broken notification system and repeated failures of images to upload. “The big one (to me) is the fact that hosted video wouldn’t play for viewers who were not logged in to Imgur,” he said. “The site began as an image hosting site, a place to upload your images and get a link, so that one could share images.”

MediaLab AI did not respond to 404 Media’s request for comment. “MediaLab’s presence has seemed to many users to fall somewhere between casual institutional indifference and ruthless mechanization. Many report, and resent, feeling explicitly harvested for profit,” GhostTater said.

Like all companies, MediaLab AI is driven by profit. It makes money as a media holding company, scooping up popular websites and plastering them with ads. It also owns the lyrics sharing site Genius and the once-influential WorldStarHipHop. It’s also being sued by many of the people it bought these sites from, including Imgur’s founder. Schaaf and others have accused MediaLab AI of withholding payments owed to them as part of the sales deals they made.

The John Olivers and other protest memes keep flowing. Some have set up alternative image sharing sites. “There is a movement rattling around in User Submitted calling for a boycott day, suggesting that all users stay off the site on September first,” GhostTater said. “It has some steam, but we will have to see if it gets enough buy-in to make an impact.”

The latest bleak new AI slop niche are “nostalgia” videos about how good the 1980s and 1990s were. There are many accounts spamming these out, but the general format is all basically the same. A procession of young people with feathered hair wonder at how terrible 2025 is and tell the viewer they should come back to the 1980s, where things are better. This video is emblematic of the form:

In a typical ‘80s slop video, a teenager from the era tells the viewer that there’s no Instagram 40 years ago and everyone played outside until the street lights came on. “It’s all real here, no filters, no screens.” In another, two women eat pizza in a mall and talk about how terrible the future will be. “I bet your malls don’t feel alive in 2025,” one says.

These videos, like a lot of AI slop, do not try to hide that they are AI generated, and show that there is unfortunately a market for people endlessly scrolling social media looking to astral project themselves into a hallucinatory past that never existed. This is Mark Zuckerberg’s fucked up metaverse, living here and now on Mark Zuckerberg’s AI slop app.

A Mine Resistant Ambush Protected (MRAP) All Terrain Vehicle T-boned a civilian SUV in Washington D.C. this morning and the driver of the SUV was taken to the hospital. The aftermath of the accident was captured in photos shared with 404 Media provided by Operand Online and in a video on the /r/washingtondc subreddit.

The crash happened around 6 a.m. Wednesday morning. “We responded to a two vehicle crash at 8th street and North Carolina avenue. One of the vehicles was a military vehicle,” D.C. Emergency Medical Services spokesperson Vito Maggiolo told 404 Media. “We extricated the driver of the civilian vehicle…and that driver was transported to a local hospital with minor injuries."

The DC National Guard may soon be patrolling the streets of our nation's capital with a handgun famous for firing on its own. 

Following news that National Guard troops in DC would soon carry weapons, journalist Marisa Kabas of The Handbasket reported that members of the Guard on duty in DC were being sent to firing ranges to make sure they know their way around M-17 pistols.

Gamescom, one of the biggest video game industry trade shows in the world, used AI to book meetings for attending publishers, developers, and media even if they didn’t want them. Attendees complained about random meetings showing up on their calendars, prompting Gamescom to turn off the feature and apologize. 

Gamescom is a video game trade fair and convention in Germany that brings together journalists, developers, and studio executives for a week of networking and announcements. Since the death of E3, Gamescom is now the biggest video game convention in the world.

It’s a place where people take a lot of meetings, but usually ones they requested and set up weeks in advance by talking directly to human public relations represenatives. Those plagued by AI-generated meetings shared their frustration on social media. “I’ve got 9x AI-created meetings that have all been ‘accepted’ by the other attendee… but after speaking to one they’ve confirmed they didn’t know about it either,” Graham Day, a Twitch partner, said on X.

Screenshots of Day’s Gamescom app showed a block of 30 minutes 1-on-1 meetings had been confirmed and that the meeting had been "generated based on profile similarities.”

“The Gamescom app AI-generating meetings you have to manually decline is absolutely heinous shit,” Chris Schilling, the editorial director of Lost In Cult, said on Bluesky. 

Developer JC Lau shared screenshots of the message she received from the app. “Our meeting generator has sent you a meeting suggestion with a person who matches your interests,” the app said in the screenshot. “Don’t miss an opportunity—accept requests!”

The message implied that guests would need to accept the AI-generated meetings to confirm them. But a follow up from Lau showed that wasn’t the case. One of their friends had 9 different push notifications from the app, all for confirmed AI-generated meetings.

“Gamescom's app added an AI feature this year and it did not go well. Folks were overwhelmed with automatically generated meeting requests that they did not want. It generated a lot of stuff, but not value,” freelance product and UX designer Robin-Yann Storm said on Bluesky. AI is on Storm’s mind. He’s giving a talk at Gamescom Congress titled: Old news, new package: AI, Procedural Generation, UGC, In-Game Trading, Crypto, and the Metaverse. “It's targeted towards games-adjacent folks, not just game-devs, in how to recognize, discuss, and prevent the 'bamboozle' of things that sound new, but are actually much older,” he told 404 Media.

On Bluesky, Henry Stockdale, a senior editor at UploadVR, said that the AI-generated meetings gave him a minor panic attack as he was boarding his plane. “Two meetings were scheduled that already clashed with appointments made outside of the Gamescom platform, so I would not have attended them,” he told 404 Media. “I don't use generative AI and am actively put off by platforms forcing that functionality in.”

Gamescom backtracked. It disabled the AI and sent attendees an apology. It’s unclear how long the service was active and generating unwanted meetings and Gamescom did not return 404 Media’s request for comment. “We tested a new feature today—the AI meeting generator. The Aim was to suggest suitable business contacts based on your profiles and make it easier for you to plan your trade fair contacts,” Gamescom follow up said. 

“However, your honest feedback shows us that this feature does not provide the desired value. We have therefore decided to completely remove the automatically generated meetings from your profiles,” it added. “We apologize for any inconvenience caused.”

Many of the affected attendees posted copies of the apology across X and Bluesky. “I think they handled it well, quickly realising this was a bad idea and apologising, though the fact they even thought to try this days before the event is, put politely: poor,” Stockdale said.

Right now, companies are forcing generative AI into everyone’s life, whether they want it or not. It might be a bubble, one so big that it’s propping up the U.S. economy, but we’re stuck with it until it bursts.

Gamescom attendees who escaped AI-generated meetings will not be escaping AI during their time in Germany. NVIDIA is there with Project G-Assist, an AI assistant it says will let PC users dial in their gaming settings. Chris Hewish, the CEO of payment company Xsolla, told Variety that AI would be one of the big focuses of the conference. And Microsoft will host a roundtable for developers about how AI can make them more efficient. 

It became harder to tell the government how you feel about pending rules and regulations starting on Friday, thanks to a backend change to the website where people submit public comments. Regulations.gov removed the POST function from its API, a critical piece of tech that allowed third party organizations to bypass the website’s terrible user interface.

The General Services Administration (GSA), which runs regulations.gov, notified API key holders in an email last Monday morning that they’d soon lose the ability to POST directly to the site’s API. POST is a common function that allows users to send data to an application. POST allowed third party organizations like Fight for the Future (FFTF), the Electronic Frontier Foundation (EFF), and Public Citizen gather comments from their supporters using their own forms and submit them to the government later.

Regulations.gov has been instrumental as a method for people to speak up against terrible government regulations. During the fight over Net Neutrality in 2017, FFTF gathered more than 1.6 million comments about the pending rule and submitted them all to the FCC in one day by POSTing to the API.

Organizations who wanted to acquire an API key had to sign up and agree to the GSA’s terms and conditions. In the Monday email from the GSA, organizations that had previously used POST were told they’d lost access to the function at the end of the week.

“As of Friday, the POST method will no longer be allowed for all users with the exception of approved use cases by federal agencies. Any attempted submissions will result in a 403 error response,” a copy of the email reviewed by 404 Media said. “We apologize for not being able to provide advanced notice. I wanted to reach out to the impacted API key holders as early as possible. We are in the process of updating the references to our POST API on Regulations.gov and https://open.gsa.gov/api/regulationsgov/.”

The email noted that groups and constituencies can still submit comments through the website,  but the site’s user interface sucks. Users have to track down the pending regulation they want to comment on by name or docket number, click the “comment” button and then fill out a form, attach a file, provide an email address, provide some personal details, and fight a CAPTCHA.

“The experience on our campaign sites right now is like, we make our impassioned case for why you should care about this and then give you one box to type something and click a button. But the experience going forward is going to be like: ‘Alright now here’s a link and some instructions on how to fill out your taxes,’” Ken Mickles, FFTF’s chief technology officer said.

404 Media confirmed that multiple agencies received the email and were cut off from using POST on the regulations.gov API. “The tool offered an easier means for the public to provide input by allowing organizations to collect and submit comments on their behalf. Now, those interested in submitting comments will be forced to navigate the arduous and complicated system on regulations.gov,” Katie Tracy, senior regulatory policy advocate at Public Citizen, told 404 Media. “This will result in fewer members of the public leaving comments and result in agencies not having critical input on how their work affects people’s lives and businesses.”

The GSA’s email did not explain why this sudden change occurred and the GSA did not return 404 Media’s request for comment. But the organizations we spoke with had their own theories. “Disabling this useful tool appears to be yet another attempt by the Trump administration to silence members of the public who are speaking out about dangerous regulatory rollbacks. We hope the GSA will reverse course immediately,” Tracy said.

A pair of Trump Executive Orders lay out the framework for this GSA action. Ensuring Lawful Governance and Implementing the President’s ‘Department of Government Efficiency’ Deregulatory Initiative direct the government to “commence the deconstruction of the overbearing and burdensome administrative state.” And Directing the Repeal of Unlawful Regulations tells agencies they can dispense with the comment process entirely when they can.

“I think it follows the trend of just shutting out public access or voices that the administration doesn’t want,” Matt Lane, senior policy counsel at FFTF told 404 Media. “It really does seem targeted exclusively at reducing the amount of public engagement that they get on these dockets through these tools that we and other folks provide.”

A team of researchers at Columbia University, funded in part by the Defense Advanced Research Projects Agency, have developed “machines that can grow by consuming other machines.” 

Video of the experiment shows tubular robots that move by extending their shafts to inch along the ground. As the tubes gather, they connect and form into more complex shapes like triangles and tetrahedrons. With each piece consumed, the whole moves faster and with more elegance.

The Trump administration has busied itself in the past six months by abandoning prosecutions and investigations into corporations at an unprecedented rate. According to a new report from Public Citizen—a nonprofit government watchdog—the Trump administration has dropped one third of all pending enforcement actions against tech companies. Those same companies collectively spent $1.2 billion on political contributions since 2024, most of it going to Republicans. Some of it went to Trump directly.

According to the report, Trump’s White House has withdrawn or halted enforcement actions against 165 different companies, a quarter of those are tech firms. The administration halted nine of the investigations outright, including a Consumer Financial Protection Bureau (CFPB) investigation into Meta’s alleged misuse of customer financial data. It dismissed or withdrew an additional 38 enforcement actions against big tech, including 13 charges against the crypto exchange Binance for operating as an unlicensed securities exchange. 

August—2025. The new limited edition 4K Blu-ray of the 2003 film Master and Commander has sold out everywhere. Secondary markets are now battlefields.

There are two kinds of people in this world: those who read the above sentences and feel an intense pain and yearning for camaraderie and combat on the high seas, and those who have never seen Master and Commander: The Far Side of the World.

It’s a brutally hot August across the world, but especially in Europe where high temperatures have caused wildfires and droughts. In the UK, the water shortage is so bad that the government is urging citizens to help save water by deleting old emails. It really helps lighten the load on water hungry datacenters, you see.

The suggestion came in a press release posted on the British government’s website Tuesday after a meeting of its National Drought Group. The release gave an update on the status of the drought, which is bad. The Wye and Ely Ouse rivers are at their lowest ever recorded height and “five areas are officially in drought, with six more experiencing prolonged dry weather following the driest six months to July since 1976,” according to the release. It also listed a few tips to help people save on water.

The U.S. Army tested a fully AI controlled ground vehicle in Vaziani, Georgia—about 100 miles from the Russian border—last month as part of a training exercise. In military-published footage, an all wheel, off-road vehicle about the size of a car called ULTRA navigated the European terrain with ease. The training exercise had the ULTRA resupplying soldiers, but both the military and the machine’s creator think it could do much more.

The Pentagon has invested in drones and AI for decades, long claiming that both are the future of war. The appearance of the ULTRA signals a time when AI controlled robots will populate the battlefields of the near future.

Some of the first reviews ever written for the original Legend of Zelda and Super Mario Bros. have been digitized and published by the Video Game History Foundation. The reviews appeared in Computer Entertainer, an early video game magazine that ran from 1982 to 1990. The archivists at the Foundation tracked down the magazine’s entire run and have published it all online under a Creative Commons license. 

Computer Entertainer has a fascinating history. It was one of the only magazines to cover video games during the market crash of the mid 1980s. “Simply put, there weren't other video game magazines in this era, at least in the United States,” Phil Salvador, the Library Director at the VGHF, told 404 Media. “In many cases, this is the only American coverage we have for this period.”

Donald Trump’s media company is teaming up with Perplexity to bring AI search to Truth Social, the President’s X.com alternative.

Truth announced the endeavor in a press release on Wednesday. Anyone using the browser version of Truth can now use Perplexity to search the web. “We’re proud to partner with Perplexity to launch our public Beta testing of Truth Social AI, which will make Truth Social an even more vital element in the Patriot Economy,” Devin Nunes, Trump Media's CEO and Chair of the President's Intelligence Advisory Board, said in the press release.

Independent game developer Paolo Pedercini wanted to announce his new game Future? No Thanks! a few weeks ago, but said it was delayed because Steam found a screenshot it planned to share “had suggestive themes.” The screenshot? A low-polygon woman in a short dress with her legs closed together. 

By accident, journalist Jack Poulson discovered Google had completely de-listed two of his articles from its search results. “We only found it by complete coincidence,” Poulson told 404 Media. “I happened to be Googling for one of the articles, and even when I typed in the exact title in quotes it wouldn’t show up in search results anymore.”

Poulson had stumbled on a vulnerability in Google’s search engine that allowed people to maliciously delete links off of Google, which is a reputation management company’s dream and which could easily be used to suppress information. The SEO trick had allowed someone to de-list specific web pages from the search engine using Google’s Refresh Outdated Content tool, a site that lets users submit pages to URLs to be recrawled and re-listed after an update. The vulnerability had to do with capitalizing different letters in the URL in this tool, which ultimately caused the delisting. 

A U.S. airman in Wyoming died last week after an incident involving an M18 pistol, the military version of the P320 handgun, a weapon long infamous among gun nerds. The incident, and other incidents where the M18 and the civilian version of it, the P320, have fired unexpectedly, have sent gun hobbyists into investigation mode, with guntubers dismantling the gun at the center of the controversy, running it through various stress tests and firing exercises in an attempt to discover the flaw that’s given the P320 a reputation for firing on its own.