A well-received quarterly earnings report was the news propelling SentinelOne‘s (S 7.44%) shares higher on Friday. In late-session trading the cybersecurity stock was up nearly 7% in value, a rate that looked particularly good given the S&P 500 index’s 0.7% dip.

A $1 billion quarter

SentinelOne’s second quarter of fiscal 2026 saw the company book just over $242 million in revenue for a rather impressive 22% improvement year over year. Zooming out some, annualized recurring revenue (ARR) rose by 24% to $1 billion, the first time it has reached the 10-figure level.

The company also pointed out that the number of clients with ARR of $100,000 or more increased by 24%, to a total of 1,513.

On the bottom line, non-GAAP (adjusted) net income more than tripled, to $13.2 million ($0.04 per share), from the year-ago result of $3.5 million.

SentinelOne essentially met the consensus analyst estimate for revenue. It did edge past the average pundit forecast for adjusted net profit, which was $0.03 per share.

In its earnings release, SentinelOne attributed the improvements to its integration of technologies that resonate with clients, including artificial intelligence (AI).

It quoted CEO Tomer Weingarten as saying that its “results highlight the momentum of our AI-powered platform, strengthening competitive position, and growing product differentiation.”

In-line revenue guidance

SentinelOne also proffered guidance for both its current (third) quarter and the entirety of fiscal 2026. For the latter period, it’s forecasting revenue of $998 million to slightly over $1 billion, with adjusted operating margin landing at 3%. The consensus analyst estimate for revenue is slightly under $999 million.

The company did not provide any bottom-line guidance.

Eric Volkman has no position in any of the stocks mentioned. The Motley Fool has positions in and recommends SentinelOne. The Motley Fool has a disclosure policy.

IT giant Cisco, which makes networking hardware, software, and telecommunications equipment, recently faced a major data breach, the company disclosed on Friday.

A Cisco representative fell victim to a voice phishing or “vishing” attack, when a caller pretends to be a legitimate individual or organization, and tricked the employee over the phone to obtain the personal information of Cisco.com users.

Related: ‘Largest Data Breach in History’: Apple, Google, and Meta Passwords Reportedly Among 16 Billion Stolen in Massive Hack

The bad actor was able to access and export a subsection of profile information from Cisco’s cloud customer management system. They stole data from individuals who had registered for a Cisco.com account, including customer names, organization names, addresses, email addresses, and phone numbers.

Cisco discovered the breach on July 24. The company stated that the data breach did not affect passwords or impact any of its products or services. It added that it notified affected customers where required by law and talked to data protection authorities.

“We are implementing further security measures to mitigate the risk of similar incidents occurring in the future, including re-educating personnel on how to identify and protect against potential vishing attacks,” Cisco stated in the disclosure.

Cisco declined to provide details of the breach to TechCrunch, including how many users were impacted by it. The company has more than 300,000 global customers. Cisco had a market value of $268 billion at the time of writing, with its stock up over 14% year-to-date.

Related: AT&T Customers Are Eligible for Up to $5,000 in a New Settlement. Here’s What to Know.

Cisco uses Salesforce to manage customer relationship data, and this incident was one in a series of recent attacks that impacted Salesforce customers. For example, U.S. insurance company Allianz Life uncovered a data breach last month that exposed the personally identifiable information of the majority of its 1.4 million customers, including addresses, dates of birth, and Social Security numbers.

Two of the company’s customers, Cheryl Marotta and David Werner, filed a class action lawsuit on Tuesday related to the breach, alleging that Allianz failed to safeguard their personal information because the data was unencrypted and stored in one database.

Another company, Australian airline giant Qantas, also underwent a data breach on June 30, which impacted the personal information of more than six million customers. The bad actor called one of the company’s call centers and used the call to steal information like names, phone numbers, and dates of birth.

^{Join top CEOs, founders and operators at the Level Up conference to unlock strategies for scaling your business, boosting revenue and building sustainable success.}

Despite all the advancements in technology, billionaire investor Mark Cuban, 66, spends most of his day reading and responding to emails.

In a Wednesday interview with Business Insider, Cuban said that he receives “700 to 1,000 emails” a day through his Gmail account, and he uses three phones, two Android and one iPhone, “to manage everything.”

Related: Mark Cuban Says 60 Is the New 40. He Follows 3 Habits to Stay Youthful.

“I spend most of my day trying to get my unreads under 20,” Cuban told BI.

He praised email for being “asynchronous,” meaning that he can respond at any time from wherever he is in the world, and ubiquitous because “everyone” has an email address. Responding to a message is also “fast,” especially with Google’s auto-reply suggestions, Cuban said.

Cuban says he keeps his inbox organized with folders and has “never” considered hiring someone to help manage his emails. He is only away from his inbox for a full day or longer for “extraordinary situations, like a special event for a family member,” he told BI.

Cuban says he uses his unread emails as reminders of what he needs to get done that day. He only uses AI to write the autoreply messages, preferring instead to personalize longer emails and noted that he would rather process emails than sit through “long, boring meetings,” or send a Slack message or text because he can quickly search through emails years later.

“I have emails going back to the 90s,” Cuban told BI.

^{Mark Cuban. Photo by Julia Beverly/WireImage}

Still, using Gmail could pose a cybersecurity risk. Cuban’s Google account was hacked in June 2024 after he received a call from a fake Google employee. The bad actor said that Cuban’s Gmail had an intruder and faked Google’s recovery methods to receive the credentials for the account. The hacker got access to Cuban’s email and locked him out.

The hacking hasn’t stopped Cuban’s love of email, however.

Cuban rose to fame as an investor on ABC’s “Shark Tank” for the last 15 seasons, appearing in his final episode in May. He told CNBC that same month that he invested about $33 million in businesses during his time on the show and received $35 million in cash returns. He holds equity in those businesses that are now worth at least $250 million, he disclosed.

Related: Mark Cuban Compares AI Taking Jobs to When There Were ‘Millions of Secretaries’

Cuban’s first entrepreneurial venture was MicroSolutions, a software reseller that sold PCs, software, and training to businesses. He grew the company to nearly $36 million in annual sales and 80 employees before selling it to CompuServe, a subsidiary of H&R Block, for $6 million in 1990.

Cuban then founded AudioNet, the first video streaming company in the world. The startup, which became Broadcast.com, was sold to Yahoo for $5.7 billion in 1999, making Cuban a billionaire.

In 2022, Cuban co-founded Cost Plus Drug Company, an online discount pharmacy that delivers more than 2,300 prescription medications.

Cuban is now worth $8.6 billion, according to the Bloomberg Billionaires Index.

^{Join top CEOs, founders, and operators at the Level Up conference to unlock strategies for scaling your business, boosting revenue, and building sustainable success.}

But the bots are still with us. Officially defined as software applications that run automated, repetitive tasks, bots are still swimming in the digital ether, and they’re a key aspect of the artificial intelligence (AI) revolution that is threatening to undo the internet as it’s been known since the mid-1990s.

The catch is that the surge in bot activity is not just disrupting web traffic—it may also be inflating the internet economy by distorting the very metrics that drive tech company valuations. Automated bots now make up more than half of global internet traffic. Bots surpassed human-generated activity for the first time in 2024, according to Imperva, a subsidiary of cybersecurity giant Thales. Imperva, which issues a “Bad Bot report,” found that almost 50% of internet traffic comes from non-human sources, with 20% of that being so-called “bad bots,” prone to a host of malicious activities.

For example, bots generate fake pageviews, clicks, impressions, and user sessions, all of which inflate top-line web analytics data. This distortion directly impacts metrics including conversion rates, average session duration, and the like. Cybersecurity firms, which admittedly may be talking their book to some extent, claim that ad fraud bots also click on pay-per-click ads or simulate user activity, causing companies to pay for traffic and conversions that never represent real humans. They put the damage at hundreds of billions of dollars per year around the global internet.

Also, consider the startups that showcase “vanity metrics” such as raw user sign-ups or app downloads, many of which can be (and often are) pumped up by bot traffic. These statistics are sometimes self-reported and rarely audited independently. Investors rely on all of these metrics—and more—to assess company value, so fake or inflated data can misrepresent underlying business strength.

Consider the investors that are pumping money into bot-boosted business models, and then consider the wisdom of Torsten Slok, the widely read chief economist for Apollo Global Management, who is known for shaking the financial community with his brief charticles in his “Daily Spark.” He recently posted an eye-popping chart, based off his calculations that “the difference between the IT bubble in the 1990s and the AI bubble today is that the top 10 companies in the S&P 500 today are more overvalued than they were in the 1990s.” In other words, if the AI trade is a bubble, it’s a bigger bubble than the one that popped in the days of the “dotcom crash,” leading to a nasty recession. Slok didn’t address the bot question, but it lends further seriousness to the debate: what if the current AI boom is built on the backs of bots?

https://www.goldmansachs.com/insights/articles/ai-stocks-arent-in-a-bubble

Bots and bubbles

This bot-driven inflation may be feeding into a broader tech and AI investment bubble. As companies report rapid user growth and engagement, investors chase the next big thing, and result is a market environment reminiscent of the dot-com era, where hype and inflated metrics risk overshadowing real business fundamentals.

Consider the story of the unicorns: Silicon Valley’s term for private firms with $1 billion-plus valuations. From just a few dozen in 2013, when venture capitalist Aileen Lee coined the term to stress their rarity, unicorns have become anything but. The numbered over 1,200 by 2025, according to Founders Forum, an organization committed to connecting entrepreneurs. Surges in unicorn formation accompanied the “easy money” era of 2018 and 2021, when the Federal Reserve lowered interest rates to nearly unprecedented levels and venture capital money chased risky investments, seeking yield. The money in VC has since largely gravitated to AI, a deeply ironic turn of events.

History suggests that markets eventually correct when reality catches up to inflated expectations. Several factors point to a similar reckoning for AI and the bot problem. Recognition of fake metrics is one. As awareness grows about the scale of bot-driven inflation, investors and analysts could grow more skeptical of headline user numbers and engagement stats. New regulations are beginning to address the economic incentives behind bot-driven manipulation.

Regulating bots on the internet has become a critical focus for governments in response to their growing presence in commerce, social media, and consumer interactions. Bots can be used for both legitimate and malicious purposes: assisting with customer service, but also spreading misinformation, generating fake reviews, scalping tickets, or manipulating public opinion. The U.S. government mainly does this through the Federal Trade Commission (FTC).

What the government is trying to do about it

The FTC is the leading federal agency addressing deception and unfair practices involving bots, especially those affecting consumers and commerce. In 2024, the FTC issued a final rule prohibiting fake and AI-generated consumer reviews and testimonials, which applies to both traditional and AI-powered bots that generate misleading content or endorsements online.

Businesses can also face civil penalties for buying, selling, or disseminating fake reviews or endorsements, whether authored by bots or humans. The rule aims to ensure transparency in online marketplaces and curb deceptive practices.

From Congress, there’s the BOTS Act (Better Online Ticket Sales Act), enacted in 2016 and strengthened by executive order in 2025, that specifically targets the use of automated bots to circumvent controls on ticket purchases for concerts and events, often used by scalpers. The FTC enforces this law, which makes it illegal to use bots to bypass security or purchasing limits when acquiring event tickets. This could be thought of as the “Taylor Swift” law, as fans found, to their displeasure, during her record-setting Eras Tour when new tickets disappeared in seconds, gobbled up by bots.

The FTC also regularly issues business guidance calling for transparency and accuracy about AI chatbots and avatar services, warning against misleading consumers through these technologies. The agency advises companies to clearly disclose when users are interacting with bots, ensure bots do not misrepresent capabilities, and avoid using bots to manipulate or deceive consumers.

Some states, such as California, have passed laws requiring bots to identify themselves when attempting to influence a voter or consumer. Other states have introduced similar bills modeled after California’s “Bolstering Online Transparency Act,” though federal preemption and cross-border challenges remain.

What to watch for

As bot-driven metrics are exposed, companies with inflated user numbers may see their valuations fall, especially if they can’t demonstrate real, sustainable growth. The market may consolidate around companies with proven, human-driven engagement and revenue, while those reliant on artificial metrics struggle or fail. Expect increased demand for third-party verification of user and engagement data, as well as more robust bot-detection and filtering in analytics.

Then again, bots have been a feature of computing for over half-a-century and they’ve just grown more and more plentiful over time. Bot-driven inflation of internet statistics may just become an inevitable part of digital life.

For this story, Fortune used generative AI to help with an initial draft. An editor verified the accuracy of the information before publishing. 

Two school teachers in Ohio saved their entire lives for one dream — buying a farm.

When they inherited $1.3 million and found the perfect property for $1.2 million, everything seemed perfect.

Five days before closing, they received what looked like a legitimate email from their closing company with wire transfer instructions. They sent the money and showed up at closing, only to discover they’d been scammed.

The email was fake, sent by hackers who had infiltrated the closing company’s servers for months, waiting for exactly this type of high-value cash deal.

That story comes from cybersecurity expert Dr. Eric Cole, who joins us to explain why ordinary people have become prime targets for cybercriminals.

Cole, a former CIA hacker who served as cybersecurity commissioner under President Barack Obama and advises high-profile clients including Bill Gates’ personal estate, has a message: if you think you’re too small to be targeted, you’re wrong.

While billion-dollar companies deploy teams of 60 cybersecurity professionals, you have virtually no protection.

Criminals know this. They’re not trying to steal $100 million from one person anymore — they’re stealing $50 from thousands of people every month.

You probably won’t notice the small amounts vanishing from your accounts. Cole calls it “death by a thousand cuts,” and it’s happening right now.

We talk through the most common attacks targeting your money. Bank hacking is simpler than most people realize. All criminals need is your account number — printed on every check you write — and your password. With that information, they can often perform electronic fund transfers of up to 50 percent of your account balance without triggering alerts.

We also cover the China-TikTok connection, secure messaging options, and why Cole helped configure President Obama’s smartphone to connect to fake cell towers that masked his actual location.

Cole’s bottom line: cybersecurity isn’t just for tech companies anymore. Criminals are targeting ordinary people because we’re easier prey than heavily protected corporations. Your money is under threat. Here’s how to protect it.

Timestamps:

Note: Timestamps will vary on individual listening devices based on dynamic advertising run times. The provided timestamps are approximate and may be several minutes off due to changing ad lengths.

(0:00) Introduction

(1:17) Why ordinary people are cybercrime targets

(2:29) The “death by a thousand cuts”

(4:05) How criminals destroy your credit with fake accounts

(5:19) Cryptocurrency wallet attacks and empty life savings

(6:08) Elder scams and the devastating impact on families

(8:24) Different types of cyber attacks explained

(8:44) Bank hacking

(14:25) Phishing scams using fake toll messages

(18:53) Ransomware as a legitimate Russian business

(23:44) How scams and cybersecurity overlap

(35:31) Paula’s phone security audit

(49:54) Smartphone security for high-profile individuals

(54:55) TikTok’s data collection and Chinese government access

(59:44) Real estate scams targeting cash buyers

(1:12:18) Essential security rules

(1:27:05) What to keep in a fireproof safe

 

---

Thanks to our sponsors!

Indeed
If you’re looking for amazing talent to bolster your team, you need Indeed. Go to indeed.com/paula and start hiring with a seventy-five dollar sponsored job credit.

---

NetSuite
NetSuite is the number one cloud financial system, bringing accounting, financial management, inventory, HR, into ONE platform, and ONE source of truth. If your revenues are at least in the seven figures, download the free e-book “NavigatingGlobal Trade: 3 Insights for Leaders” at  NetSuite.com/PAULA.

---

Constant Contact
Constant Contact makes it easy to promote your business with powerful tools like email and SMS marketing, social media posting, and even event management. Tackle any challenge with Constant Contact’s 30-day free trial.

---

Policygenius
Go to policygenius.com for free quotes and comparisons across more than 30 insurers. With Policygenius, you can find life insurance policies that start at just $276 per year for $1,000,000 of coverage.

---

Shopify
Diversify your business by selling physical and digital products through Shopify’s all-in-one platform. Every 28 seconds an entrepreneur makes their first sale on Shopify! Go to shopify.com/paula for one-dollar-per-month trial period for one month.

---

ShipStation
Calm the chaos of order fulfillment with the shipping software that delivers. Switch to ShipStation today. Go to ShipStation.com and use code PAULA to sign up for your FREE trial.

Indian grocery delivery startup KiranaPro’s recent data loss story has more holes than Swiss cheese, as the startup remains unclear whether the incident was an internal breach or an external hack.

Last week, the Bengaluru-based startup discovered that it could not access its back-end servers and that all its data, including its app code, had been deleted from GitHub. The startup on Friday blamed a former employee for the breach. However, in an interview, KiranaPro co-founder and CEO Deepak Ravindran conceded that the company had not deactivated the employee’s account after they departed the company and cannot rule out the possibility of subsequent malicious misuse of their account.

“If we go deeper, we have to do a real forensic investigation. We are going to talk [about] this with our board, the investors, and we are going to get a formal opinion on that also with our legal advisers,” Ravindran told TechCrunch.

Earlier on Friday, Ravindran claimed in a post on X that the incident that affected its data was an internal breach.

“After careful investigation, we conclude that this was not a hack. No external party penetrated our ordering or payment systems, exploited vulnerabilities, or bypassed security protocols,” he wrote.

The co-founder also explicitly shared a screenshot of a LinkedIn profile of one of KiranaPro’s former employees on X on Thursday, alleging that they had deleted the startup’s code. (TechCrunch is not sharing the post’s link, as the startup has yet to offer concrete proof supporting its position.)

“[T]his was an internal data breach. Specifically, it was the result of actions taken by a trusted internal employee who had legitimate access to our systems,” the co-founder wrote in his post on Friday. “This individual intentionally deleted critical server logs while they were being tested and/or edited, an action that goes directly against our policies, our principles, and the trust we place in our team.”

When TechCrunch asked if KiranaPro could rule out whether any third party had maliciously gained access to the former employee’s account, Ravindran could not.

“We have to do a complete forensic check on the company. We have to do the entire IP scan. We have to look at where the tracks happened. We have to check the computers, MacBooks, and whatever is used. Everything has to be done. Then we have to spend money … so, that’s why we decided not to,” he told TechCrunch.

Then what was the basis of Ravindran’s allegation? It was a GitHub response, a copy of which he shared with TechCrunch.

The response included a username, which Ravindran said was associated with the former employee.

“All we have is the emails that we got from GitHub, stating that [the former employee’s username] as an individual is the one who deleted the account. We haven’t done the investigation further,” Ravindran told TechCrunch.

Former employee’s account was never offboarded

Launched in late 2024, KiranaPro operates as a buyer app on the Indian government’s Open Network for Digital Commerce. The startup allows more than 55,000 customers in 50 cities to purchase groceries from their local shops and nearby supermarkets using its voice-based interface. The company also supports local language inputs, including English, Hindi, Malayalam, and Tamil.

Ravindran stated that they decided to call out the former employee based on the company’s “belief system,” as they claim the former employee deleted the data after their sudden termination.

However, the startup said it is not aware if there were enough protections on the former employee’s devices, such as multi-factor authentication, to restrict malicious third-party access, like malware.

The company confirmed it did not remove the employee’s access to its data and GitHub account following his departure.

“Employee offboarding was not being handled properly because there was no full-time HR,” KiranaPro’s chief technology officer, Saurav Kumar, confirmed to TechCrunch.

Company restores AWS account and GitHub data

Alongside its code saved in GitHub, KiranaPro also lost access to its Amazon Web Services (AWS) account, which included its customer data and their transaction details.

Ravindran told TechCrunch that the GitHub data was restored after getting its backup from one of their employees. The startup also regained access to its AWS account along with its customer data.

Both the co-founder and CTO said the AWS account was protected by multi-factor authentication, but neither could say how the account was accessed, as nobody else had physical access to Ravindran’s phone, which generates the multi-factor code.

Nonetheless, Ravindran claimed that the customer data stored in the AWS cloud remained intact and was not accessed by any third parties, nor was it downloaded by the former employee in question.

“Because if that is the case, I will get its notification on email or anything [sic],” he said.

That said, Ravindran stated that the startup has enough evidence to file a formal complaint with the police, but said that its investigation is ongoing.

The startup has also not fully paid its current employees, the company’s co-founder confirmed, soon after the company raised a seed round of ₹100 million Indian rupees (about $1.2 million), which Ravindran said has yet to be fully wired.

The startup counts Blume Ventures, Unpopular Ventures, and Turbostart among its institutional venture backers, as well as Olympic medalist PV Sindhu and Boston Consulting Group managing director Vikas Taneja among its angel investors. It has 15 employees located in Bengaluru and Kerala.