Hey there Bizarro readers!

Welcome to the May 2025 issue of your favorite quirky tech newsletter. We’ve got all sorts of interesting stories for you, ranging from AI-powered police robots in Thailand to the latest innovations in zipper technology. Bet you didn’t think that zippers could somehow be made next-level, did you? Well…keep reading. But first, let’s begin with our top stories this month:

• 🖥️🚨 Employee Monitoring App Leaks 21M Screenshots

• 🏃‍♂️💬 AI Support Bot Causes Subscription Exodus

• 🚀👨‍💻 Developer Renaissance Coming Despite AI Hype

Thanks for being here. We appreciate you.

📰 From the Newsroom

🖥️🚨 Employee Monitoring App Leaks 21M Screenshots

WorkComposer, a surveillance tool used by over 200,000 companies worldwide to monitor employee productivity, suffered a massive security breach when researchers discovered more than 21 million employee screenshots exposed in an unsecured Amazon S3 bucket. The leak has raised serious questions about workplace surveillance practices and the security risks they pose.

• The leaked screenshots were captured every 3-5 minutes from employees' computers as part of WorkComposer's monitoring services. These images potentially contained highly sensitive information including internal communications, login credentials, API keys, personal emails, and financial documents. In other words, a goldmine for cybercriminals.

• Beyond the immediate security concerns, the breach highlights the controversial nature of workplace surveillance itself. According to the American Psychological Association, 56% of digitally surveilled workers report feeling tense or stressed compared to 40% of non-monitored employees.

• This isn't the first such incident in the employee monitoring space. Earlier this year, Cybernews uncovered a similar leak by WebWork that exposed over 13 million screenshots. Both cases illustrate how surveillance tools meant to ensure productivity are creating significant legal and ethical problems.

WorkComposer has since secured the exposed data, but the damage may have already been done. José Martinez from the Electronic Frontier Foundation summed up the incident as follows: "If a worker committed the kind of incompetence that WorkComposer did, this data might be used to fire them. WorkComposer, too, should be out of a job." I can’t say I disagree.

🏃‍♂️💬 AI Support Bot Causes Subscription Exodus

AI coding assistant startup Cursor, which has recently been valued at nearly $10 billion, faced major backlash last month after its customer support bot went rogue. The company suddenly found itself at the center of a PR disaster in the latest example of AI replacing humans only for it to backfire.

• The trouble began when users reported being mysteriously logged out when switching between devices. When they contacted customer support, an AI bot named "Sam" confidently informed them this was "expected behavior" under a new login policy - except no such policy existed. The explanation was completely hallucinated by the AI.

• As the news spread across developer communities on Hacker News and Reddit, the subscription cancellations started rolling in. Cofounder Michael Truell eventually acknowledged the "incorrect response from a front-line AI support bot" on Reddit and mentioned they were investigating a bug causing the logouts.

• For many customers, the damage was already done. One user, Melanie Warrick of Fight Health Insurance, shared how she stopped using Cursor after receiving "the same canned, likely AI-generated response multiple times" for an unresolved issue.

Other companies like Air Canada, Chevrolet, and DPD have faced similar issues with their own AI chatbots. So the question now is - are any companies going to change course? Or will they just double down and hope that the problems will iterate themselves away as the technology continues to improve? My guess is that their quarterly earnings calls will push them towards the latter.

🚀👨‍💻 Developer Renaissance Coming Despite AI Hype

A little over two years ago, developer Josh Comeau published a blog post titled "The End of Front-End Development." In that post, he addressed the anxiety that existed at that time (and hasn’t fully gone away) about AI taking over developer jobs. Last month he published a new post that serves as an update to that original piece and that examines how things have changed.

• In his follow up, he argues that reports of AI writing "25% of Google's code" are misleading. In reality, human developers are still creating 100% of the code, just using AI as one of many tools. As he explains: "It's not like product teams at Google have fired 25% of their developers and replaced them with pseudo-sentient AI robots." Even "autonomous" coding AI like Devin has disappointed in real-world tests, with one team finding it could only complete 3 out of 20 assigned tasks.

• Comeau's personal experience with AI coding tools like Cursor reveals both strengths and limitations. He compares using AI to highway driving with cruise control - it works great but requires constant human supervision to avoid "drifting off-road." But without coding knowledge, users can't identify when AI output needs correction.

• So while the job market remains tough for developers, Comeau points to macroeconomic factors, recent tech layoffs, and overblown AI myths as the causes - not actual developer replacement. He predicts a "developer renaissance" within a year or two as companies realize "a skilled human armed with a powerful LLM can do incredible things."

Despite continued improvements in AI models, Comeau remains convinced that coding is still an incredibly valuable skill with a bright future. I happen to agree and I’ve been saying for months now that the same applies to many other jobs (see previous story). I’m hoping that voices like Comeau get elevated high enough that decision makers begin to realize that the path forward is human + AI collaboration and not AI replacement of humans.

⛓️ Ten Must See Links of the Month

Sponsored by Optimole, the best image optimization tool on the internet.

• Thailand has deployed its first AI-powered police robot, dubbed "AI Police Cyborg 1.0." It features 360-degree smart cameras connected to a command center, real-time facial recognition, behavior analysis to detect fights or disturbances, and weapon recognition technology.

• Researchers at King's College London have achieved a breakthrough that could one day enable adults to grow replacement teeth instead of getting fillings or implants by developing a special material that allows tooth cells to communicate and slowly release signals over time, mimicking natural tooth development.

• Meta's content moderators in Ghana are suffering severe psychological harm from exposure to extreme violent content including beheadings and watching people get skinned alive. The outsourcing company, Teleperformance, is accused of inadequate support, underpaying workers, and dismissing anyone who speaks out about working conditions.

• LLMs are dramatically shrinking the timeline between vulnerability disclosure and functional exploit code. Recently, security expert Matthew Keely demonstrated how ChatGPT and Claude created working attack code for a critical Erlang SSH vulnerability in only hours rather than days or weeks.

• Apple's WebKit team is proposing "Item Flow," a unified layout system that would merge concepts from CSS Flexbox and Grid into a coherent set of properties. It could potentially solve layout challenges like masonry/waterfall patterns while adding new features like dense packing for Flexbox, and more.

• If you want to improve web performance, reduce load times, and avoid wasting users' bandwidth (especially on mobile), it's essential to minimize your HTML file size. Here are five techniques that can shrink your files by up to 90%.

• Browser vendors are removing default styling that makes <h1> elements appear smaller when nested within sectioning elements (<section>, <article>, <nav>, and <aside>). Moving forward, developers need to explicitly define font sizes for these headings or face Lighthouse warnings.

• 🎥🎞️ YKK is a Japanese company that makes zippers. They are, in fact, the world’s largest zipper maker (in case you ever get asked in a trivia game). About two weeks ago they released a 30-second video that shows how they are pushing the boundaries of zipper innovation with automated zippers.

• Roo Code significantly enhances development workflows when used strategically, according to software developer Gage Vander Clay. The key to success is maintaining project context through tools like Memory Bank, which creates structured files that help Roo remember important details between sessions.

• A2 Hosting, a mainstay in the web hosting space for over two decades, has officially rebranded into Hosting.com. As part of the rebranding, they’ve completely redesigned their website with a significantly brighter color palette and a much more modern feel.

🎤 It’s How They Said It

“Cybertruck will be waterproof enough to serve briefly as a boat, so it can cross rivers, lakes and even seas that aren’t too choppy.”

– Elon Musk’s tweet about Cybertruck’s capabilities has resurfaced after a Cybertruck owner from California took him at his word and decided to test his own Cybertruck.

🧮 The Numbers Game

• 16.5 months of development time was saved when Airbnb used LLMs to migrate 3,500 React component test files from Enzyme to React Testing Library in just 6 weeks instead of the originally estimated 1.5 years. Their systematic approach combined frontier AI models with a step-based validation pipeline that successfully automated 97% of the migration.

• 23,500+ tech employees have been laid off this year across 93 companies (as of last month). This includes Automattic, which recently laid off 281 of their staff, and Google, which also recently fired hundreds of employees working on their Android and Pixel teams.

• £9,750 is the cost of a luxury microplastic "detox" treatment at London's Clarify Clinics, which claims to filter plastics and forever chemicals from patients' blood through a two-hour procedure that draws blood, processes plasma through a proprietary system, and returns it to the body.

• $500,000 is the membership fee for the brand new, invite-only social club launched in Washington DC by Donald Trump Jr. and wealthy investors. Reportedly, some people on the waiting list have offered to pay double the fee to be moved up the queue.

⚒️ Tools and Resources

WordPress Development Course: This modern, opinionated, and project-driven course is designed to take you from “WordPress user” to “WordPress developer” who can confidently design plugins, create custom block themes, automate workflows, and ship production-ready code. All in only 10 weeks.

https://wpshout.com/wordpress-development-course/

Embla Carousel: This is a dependency free, lightweight carousel library that helps solve the hardest technical challenges with building carousels. It leaves the rest up to you, with features like a highly extensible API and various plugins. It works in all modern browsers.

https://www.embla-carousel.com/

Simple Parallax: This is an easy-to-use JS and React library that adds parallax animations to any image. Its notable for its simplicity and impressive visual effects. The parallax effect is applied directly to image tags, eliminating the need for background images. Any image can be used, including next/image component.

https://simpleparallax.com/

LivePortrait: This fun tool lets you upload a still image of a person or animal and then create a talking video out of it. It does have a lot of limitations, but nonetheless, it’s enjoyable to play around with. Here’s my review / mini-tutorial of it. Or you can head straight to a Hugging Face implementation of it below.

https://huggingface.co/spaces/KwaiVGI/LivePortrait

JS Font Picker: A versatile, flexible, and lightweight Javascript Font Picker Component for System fonts, Google fonts and custom (woff/ttf) fonts. It features dynamic font loading, favorites, keyboard navigation, fuzzy search, advanced metrics filters, property sorting and more. It’s also open source, free, and available in multiple languages.

https://www.jsfontpicker.com/

🖼️ What Am I Looking At?

This humorous AI-generated comic strip has been making the rounds on X. It was created in response to the trending debate about whether you should thank LLMs in your interactions with them.

Some people - whether genuinely or tongue-in-cheek - claim they do it for the reason highlighted in the comic strip. Others do it simply because they feel it’s the "right thing to do."

If you count yourself among the AI thankers, there’s one thing you probably haven’t considered: the cost of your politeness.

One X user pondered this question publicly when he posted:

I wonder how much money OpenAI has lost in electricity costs from people saying “please” and “thank you” to their models.

To which OpenAI’s CEO responded with:

Tens of millions of dollars well spent--you never know.

I suppose it’s a small price to pay for future protection from our AI overlords. 😉

💬 What’s the Word?

無為 (Wu-wei) is a Chinese Taoist concept that translates into "non-doing" or "non-action," but actually describes acting in perfect harmony with the natural flow of things without forced effort or interference.

For developers, 無為 is achieved when your code emerges organically from deep understanding of the problem space. It's those moments when you resist overengineering a simple feature, elegantly refactor complex code into something surprisingly minimal, or choose the perfect existing library instead of building from scratch. When's the last time your code felt like it wrote itself?

📊 Results of Last Month’s Polls

Although there weren’t that many voters on this poll, I was still surprised to see that the never trieds beat out the of coursers. Personally, I think vibe coding is fun but I also recognize its limits and don’t think it can fully replace programmers for any serious larger projects.

🧑🏻‍💻👨🏽‍💻👩🏼‍💻 Pledge Your Support

We recently turned on the pledges ask in Substack. Here’s why:

Bizarro Devs has been a free publication for 167 issues, but none of those issues have been free to produce. As a company, we have absorbed the cost because we wanted to give back to the developer community that we are also a part of.

Unfortunately, Google’s algorithm changes in the past year have put a significant dent in our revenue, which has made it more challenging to continue operating “as is.”

There is a very real possibility that we will no longer be able to sustain the publication of Bizarro Devs on our own past the summer. We turned on the pledges to see if our community here would be willing to help us keep the newsletter alive.

Regardless of the response, we don’t plan on immediately converting the newsletter into a paid publication, but the next two or three months will determine how we chart our course and the pledges will play a role in that.

Thanks for considering, and as always, thank you reading!

If this is the first time you're here at Bizarro Devs and you enjoyed the content, then sign up here to join us on the first Tuesday of every month.

Until we see each other again,
– Martin D.