🔍 Google’s AI Search, VMware Zero-Days, Microsoft’s Review Shake-Up
Good morning. It’s Thursday, March 06. Today we are covering:
Google Search's new 'AI Mode' lets users ask complex, multi-part questions
Broadcom fixes three VMware zero-days exploited in attacks
Microsoft's potential pivot on performance reviews shows how tech companies are leaning into efficiency as the AI wars heat up
The Volkswagen ID. EVERY1 is an affordable EV for the masses
Massive botnet that appeared overnight is delivering record-size DDoSes
Let’s dive in
We're thrilled to bring you ad-free news. To keep it that way, we need your support. Your pledge helps us stay independent and deliver high-quality insights while exploring new ideas. What would you love to see next? Share your thoughts and help shape the future of Newslit Daily. Thank you for being part of this journey!
Google Search's new 'AI Mode' lets users ask complex, multi-part questions
By Aisha Malik via TechCrunch
Google is rolling out an experimental "AI Mode" in Search, allowing users to ask complex, multi-part questions and receive AI-powered responses with sourced links; the feature is currently available to Google One AI Premium subscribers via Search Labs.
AI Mode uses a custom Gemini 2.0 model with advanced reasoning and multimodal capabilities, enabling users to compare products, explore intricate topics, and engage in back-and-forth queries with real-time data from the web, Knowledge Graph, and shopping sources.
Google plans to enhance AI Mode by making responses more visual, incorporating user-generated content, and refining when to prioritize hyperlinks, images, or videos; the company acknowledges potential errors but emphasizes factual accuracy and verification in its responses.
𝕏: The thing we're forcing on every single customer is our most popular thing ever - Ed Zitron (@edzitron)
Broadcom fixes three VMware zero-days exploited in attacks
By Sergiu Gatlan via BleepingComputer
Broadcom has patched three VMware zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) that were actively exploited in attacks, allowing attackers with administrator or root access to escape the virtual machine sandbox.
These flaws impact VMware ESX products, including ESXi, vSphere, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform, with CVE-2025-22224 enabling code execution, CVE-2025-22225 allowing arbitrary kernel writes, and CVE-2025-22226 leaking memory from the VMX process.
VMware vulnerabilities are frequent targets for ransomware gangs and state-sponsored hackers, with previous exploits involving Chinese state actors deploying VirtualPita and VirtualPie backdoors on vulnerable ESXi hosts since 2021.
𝕏: VMware reports active exploitation of new ESXi zero-days - but only gives us a patch matrix - How is it so hard to understand that if a zero-day is actively exploited, we need indicators and forensic guidance to hunt? - Otherwise, we’re just blindly patching already compromised systems - Florian Roth (@cyb3rops)
The best way to reach new readers is through word of mouth. If you click THIS LINK in your inbox, it’ll create an easy-to-send pre-written email you can just fire off to some friends.
By Dan DeFrancesco via Business Insider
Microsoft is reconsidering its performance review process, potentially taking a harsher stance on low performers, following performance-based job cuts in early 2025.
The shift signals a broader efficiency push in tech, with Meta, Amazon, and Google also tightening performance management as AI investments reshape corporate priorities.
While AI hasn't fully automated most jobs, its impact is forcing tech giants to streamline operations, leading to restructuring and job reductions across the industry.
The Volkswagen ID. EVERY1 is an affordable EV for the masses
By Andrew J. Hawkins via The Verge
Volkswagen has unveiled the ID. EVERY1, a compact, affordable EV set to launch in Europe in 2027 for €20,000 (~$20,800 USD), positioning it as a key player against Chinese EV competitors and potential future North American expansion.
Built on VW’s second-generation MEB platform, the hatchback features a 94-horsepower motor, an estimated 155-mile range, modular interior elements, and over-the-air software updates, aiming for a minimalist yet functional design.
The ID. EVERY1 joins VW’s “Electric Urban Car Family”, alongside the ID. 2all, as part of the automaker’s plan to launch nine new models by 2027, while facing increasing competition from Tesla, Hyundai, Kia, and Ford in the affordable EV segment.
Massive botnet that appeared overnight is delivering record-size DDoSes
By Dan Goodin via Ars Technica
Eleven11bot, a newly discovered botnet of up to 30,000 hijacked webcams and video recorders, has been delivering record-breaking DDoS attacks since late February, with the largest attack reaching 6.5 Tbps, surpassing previous records.
Security experts suspect Eleven11bot is a Mirai variant, leveraging a new exploit targeting TVT-NVMS 9000 digital video recorders with HiSilicon chips, with most infected devices located in the U.S. (24.4%), followed by Taiwan (17.7%) and the UK (6.5%).
Discrepancies remain over the botnet's true size, with estimates ranging from fewer than 5,000 to over 86,000 devices, though Nokia researchers consistently observe 20,000–30,000 IPs in ongoing attacks.
Trending in AI
Microsoft unveils AI agents for sales, striking back at Salesforce
DuckDuckGo is amping up its AI search tool — but will still let you leave it behind
iOS 18.4 beta introduces AI-powered review summaries in the App Store
New Data Shows Just How Badly OpenAI And Perplexity Are Screwing Over Publishers
Prime Video is beginning an AI dubbing pilot program for select movies and series
Thanks for reading to the bottom and soaking in our Newslit Daily fueled with highlights for your morning.
I hope you found it interesting and, needless to say, if you have any questions or feedback let me know by hitting reply.
Take care and see you tomorrow!
How was today’s email?