Connect with us

Latest News

Why it’s not surprising to see nine-figure AI rounds 

Published

on

Welcome back to The TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s broadly based on the daily column that appears on Extra Crunch, but free, and made for your weekend reading. If you want it in your inbox every Saturday morning, sign up here

Ready? Let’s talk money, startups and spicy IPO rumors.

This week, Scale AI raised a $325 million Series E. The company, as TechCrunch has written, works in the data labeling space. And it has been on a fundraising tear over the last few years. In 2019 TechCrunch wrote about how the company’s then-22-year-old CEO had put together a $100 million round. Then in December of 2020, it raised $155 million at a roughly $3.5 billion valuation. Now it’s worth more than $7 billion.

Impressive, yeah? Well, as I learned earlier this week, AI startups in general are having one hell of a year. From the start of 2021 to April 12th, there were 442 AI-startup deals in the U.S. worth $11.65 billion, according to PitchBook data. And the recent Microsoft-Nuance AI deal may accelerate things even more.

Sapphire Ventures’ Jai Das weighed in on the AI venture market for The Exchange. He answered our question regarding how competitive the space was in the first quarter by saying that “investment activity in AI/ML startups has been absolutely insane” during the first quarter.

Per Das: “AI/ML startups are routinely getting 5-6 term sheets from top-tier VC firms and they are able to raise their financings at 150-250X of current ARR.”

Chew on that for a moment. We’ve seen public software multiples reach new heights in the last year, but even for aggressive startup rounds, those are some bonkers numbers. Imagine an AI-focused startup with $1 million in recurring revenue being valued at a quarter of a billion dollars. Damn.

But what about pace among AI investing? We’ve heard that the time from a round opening to its closing among many startups has been compressed and compressed again. Das helped explain the situation, saying in an email that “most firms are completing their due diligence way before the financing actually happens,” which means that there is “no need to do any due diligence during the financing.”

That actually makes some sense? If rounds are largely preemptive — something that Das underscored later on in his comments — you have to do pre-diligence. Otherwise you’ll always be investing blind or missing out on deals due to other firms moving more quickly.

This week The Exchange also dug into the broader domestic venture capital market, with a special focus on seed deals, and the super late-stage investments that dominate headlines. A comment on the earlier-stages of venture investing that just missed our piece on the matter came from Jeff Grabow, EY’s U.S. Venture Capital lead.

In his comments on pre-seed, seed and post-seed deals, something stood out to us — a prediction of sorts. Here’s Grabow:

[Q1 2021] was a strong quarter for pre-seed funding when you compare it to prior years, and we expect the overall environment to remain strong given the abundance of capital available and plethora of investable themes that tap into new markets via technological solutions. It paints a rosy picture for the post-COVID environment.

That tracks with our internal estimates. Q1 2021 was so hot for at least American venture capital activity (expect more international coverage soon) that it seems likely that the year itself will be a record in many respects. Provided that things don’t slow too much, records will be broken. And here Grabow flat-out anticipates a pretty attractive climate for venture after COVID-19 is behind us.

So, records will be broken. The question is by how much.

More notes on Coinbase’s direct listing

Not to whomp the equestrian deceased too much, but I have a few more notes for you on the Coinbase direct listing.

Public.com, the Robinhood consumer trading rival, helped The Exchange better understand just how much retail interest there was in the stock. Per its ever-present spokesperson Mo, on April 14th, Coinbase “was the most popular stock on public,” measured by number of transactions. And perhaps more notably, on the same day “social activity (measured by the number of posts) increased by 70% compared to the day prior.”

I do not know how long the consumer trading boom can last, but that’s a pretty impressive set of metrics.

Similarweb also had a few data points to share, including that visits to coinbase.com reached 86.4 million in January. Hot damn. And during that month new visitors bested returning visitors. That data helps explain how Coinbase wound up with the epic first quarter that it did. Now the question is if it can keep up its bull run or, frankly, if consumer interest in trading in crypto specifically will outlast the equities trading boom or not.

Coinbase Series D lead investor Tom Loverro, who we’ve mentioned a few times this week, including on the podcast, said that we’re still merely in the second inning of crypto. So expect these topics to keep coming up again and again. And again.

Various and sundry

Trying to actually stick to our word count target for once, here are some final notes on the IPO market from the week.

First, the AppLovin IPO did not go according to plan. After modestly pricing at $80 per share, the middle of its range, the mobile-app focused tech company saw its value fall during its first two days’ trading. It’s now worth $61 per share as of the end of Friday.

The Exchange spoke with AppLovin CFO Herald Chen on its IPO day. Chatting with the finance executive, our read from the conversation is that the company could accelerate its acquisition game more now that it is public. Having a liquid stock means that it can be even more acquisitive than before. And AppLovin claims that it can buy companies, run them through its business process, and juice their revenues per its S-1 filing.

If that bears out, the public markets may be giving the company a bit too hard of a time. It was a bit odd to see a software company struggle post-IPO in today’s climate.

Chen also told The Exchange that his firm didn’t see any pushback regarding its multi-class share structure during its roadshow. The multi-class share miasm is something I’ve written about with our own Ron Miller. The CFO did note that no single person has complete control of the company, even with several different classes of equity with disparate voting rights. That matters, frankly.

We’ll keep tabs on AppLovin as it trades. (Our earlier coverage of its numbers is here.)

Finally, autonomous trucking company TuSimple went public this week, and Similarweb filed to go public. We’re also watching the broader IPO market as UiPath either raises its price range or note. We have a guess on that score.

And just as the week was closing, Squarespace dropped its S-1. Notes here with more to come.

Good vibes and nothing other than the best from here,

Alex

Lyron Foster is a Hawaii based African American Musician, Author, Actor, Blogger, Filmmaker, Philanthropist and Multinational Serial Tech Entrepreneur.

Latest News

Echelon exposed riders’ account data, thanks to a leaky API

Published

on

Image Credits: Echelon (stock image)

Peloton wasn’t the only at-home workout giant exposing private account data. Rival exercise giant Echelon also had a leaky API that let virtually anyone access riders’ account information.

Fitness technology company Echelon, like Peloton, offers a range of workout hardware — bikes, rowers, and a treadmill — as a cheaper alternative for members to exercise at home. Its app also lets members join virtual classes without the need for workout equipment.

But Jan Masters, a security researcher at Pen Test Partners, found that Echelon’s API allowed him to access the account data — including name, city, age, sex, phone number, weight, birthday, and workout statistics and history — of any other member in a live or pre-recorded class. The API also disclosed some information about members’ workout equipment, such as its serial number.

Masters, if you recall, found a similar bug with Peloton’s API, which let him make unauthenticated requests and pull private user account data directly from Peloton’s servers without the server ever checking to make sure he (or anyone else) was allowed to request it.

Echelon’s API allows its members’ devices and apps to talk with Echelon’s servers over the internet. The API was supposed to check if the member’s device was authorized to pull user data by checking for an authorization token. But Masters said the token wasn’t needed to request data.

Masters also found another bug that allowed members to pull data on any other member because of weak access controls on the API. Masters said this bug made it easy to enumerate user account IDs and scrape account data from Echelon’s servers. Facebook, LinkedIn, Peloton and Clubhouse have all fallen victim to scraping attacks that abuse access to APIs to pull in data about users on their platforms.

Ken Munro, founder of Pen Test Partners, disclosed the vulnerabilities to Echelon on January 20 in a Twitter direct message, since the company doesn’t have a public-facing vulnerability disclosure process (which it says is now “under review”). But the researchers did not hear back during the 90 days after the report was submitted, the standard amount of time security researchers give companies to fix flaws before their details are made public.

TechCrunch asked Echelon for comment, and was told that the security flaws identified by Masters — which he wrote up in a blog post — were fixed in January.

“We hired an outside service to perform a penetration test of systems and identify vulnerabilities. We have taken appropriate actions to correct these, most of which were implemented by January 21, 2021. However, Echelon’s position is that the User ID is not PII [personally identifiable information,” said Chris Martin, Echelon’s chief information security officer, in an email.

Echelon did not name the outside security company but said while the company said it keeps detailed logs, it did not say if it had found any evidence of malicious exploitation.

But Munro disputed the company’s claim of when it fixed the vulnerabilities, and provided TechCrunch with evidence that one of the vulnerabilities was not fixed until at least mid-April, and another vulnerability could still be exploited as recently as this week.

When asked for clarity, Echelon did not address the discrepancies. “[The security flaws] have been remediated,” Martin reiterated.

Echelon also confirmed it fixed a bug that allowed users under the age of 13 to sign up. Many companies block access to children under the age of 13 to avoid complying with the Children’s Online Privacy Protection Act, or COPPA, a U.S. law that puts strict rules on what data companies can collect on children. TechCrunch was able to create an Echelon account this week with an age less than 13, despite the page saying: “Minimum age of use is 13 years old.”

Continue Reading

Latest News

Casualties Mount As Violence Intensifies Between Hamas, Israel

Published

on

Israel has called up more troops and launched its heaviest assault yet along the Gaza border. Seven people in Israel have been killed. Losses are much higher on the Palestinian side.

Continue Reading

Latest News

Palestinian Perspective: What The Conflict With Israel Looks Like From Gaza

Published

on

NPR’s Steve Inskeep talks to Omar Shaban, founder of a Gaza-based think tank, and Palestinian lawyer Diana Buttu, about how this cycle of Palestinian-Israeli violence plays out in their neighborhoods.

Continue Reading

Trending

Copyright © 2020 Latin America Business News

en_USEnglish