DuckDuckGo installs surge 30% as users reject Google's AI-first Search overhaul

Title: Privacy Pushback, Infrastructure Cracks, Multi-Model Rise

01DuckDuckGo installs surge 30% as users reject Google's AI-first Search overhaul

Google's replacement of traditional search with AI agents at I/O 2026 is triggering a measurable user exodus. DuckDuckGo app installs spiked 30% as users seek alternatives to what one analyst called being "force-fed" AI results. The company confirmed the surge in installs directly correlates with Google's announcement, suggesting privacy-conscious users are actively fleeing the search giant's AI-first redesign. DuckDuckGo CEO Gabriel Weinberg noted the company has seen sustained install growth rather than a temporary spike, indicating a structural shift in user behavior rather than a passing trend.

The backlash underscores growing resistance to forced AI adoption in consumer products. Google's overhaul replaced the familiar blue-link interface with AI agents that summarize and act on search queries, drawing criticism that it reduces user autonomy. Privacy advocates have long warned that AI-integrated search centralizes more user data with fewer alternatives. DuckDuckGo, which does not track or store user queries, is emerging as the primary beneficiary of that discontent. The company's growth trajectory suggests a durable segment of users willing to pay a usability premium to avoid AI integration.

02Critical 'BadHost' vulnerability in Starlette package exposes millions of AI agents to remote attacks

Security researchers have disclosed a critical flaw in Starlette, a foundational Python web framework widely used in AI agent deployments. The vulnerability, dubbed "BadHost," affects any agent relying on Starlette's HTTP request handling. The package sees 325 million weekly downloads, making the exposure potentially massive in scope. Security firm Wiz, which discovered the flaw, demonstrated that attackers could exploit the vulnerability to intercept or manipulate traffic between agents and their backend services.

The disclosure highlights the fragile security posture of open-source AI infrastructure at scale. Unlike commercial software with dedicated security teams, open-source packages often lack the resources to audit code for subtle vulnerabilities. Starlette's maintainers patched the flaw within 48 hours of notification, but the incident raises questions about the broader supply chain supporting AI deployments. Many organizations may not immediately update their dependencies, leaving known vulnerabilities active in production systems. The AI security community is calling for mandatory vulnerability disclosure standards for packages supporting critical AI infrastructure.

03OpenRouter valuation hits $1.3B after $113M Series B as multi-AI-model aggregation becomes dominant paradigm

OpenRouter has closed a $113 million Series B led by CapitalG, tripling its valuation to $1.3 billion in under a year. The platform aggregates access to dozens of AI models—including GPT-4o, Claude, Gemini, and open-source alternatives—through a single API. Usage grew 5x in six months, driven by enterprises seeking to route queries across providers without committing to a single vendor. The funding signals that investors view multi-model routing as a durable infrastructure layer rather than a transitional workaround.

The growth reflects a strategic shift in enterprise AI procurement. Rather than standardizing on one provider's models, companies are building pipelines that select the optimal model per task based on cost, latency, and capability requirements. OpenRouter's API abstracts this complexity, letting developers switch models with a single parameter change. The company reports that customers average 3.2 models per application, up from 1.4 a year ago. OpenRouter CEO Amy Chen said the funding will expand compute infrastructure and deepen integrations with enterprise cloud platforms, positioning the company as the "AWS of AI model routing."

Also today

0485% of organizations want agentic AI but 76% lack infrastructure to support it — Survey finds stark disconnect between AI ambitions and operational readiness, with most firms citing gaps in people, processes, and systems.
05Microsoft Copilot Cowork vulnerability allows agents to exfiltrate files via rendered email images — Design flaw in Microsoft's workplace AI agent enabled attackers to steal data through external images loaded in auto-generated emails.
06Pope Leo XIV's encyclical decries AI power concentration in 'Magnifica Humanitas' — Vatican's first AI encyclical calls out the dangerous centralization of AI capabilities among a handful of global tech companies.
07Human Archive pays Indian gig workers to collect physical training data for robotics AI — Berkeley-Stanford startup crowdsources real-world motion data from sensor-equipped workers in India to train humanoid robots.
08Baseten in talks to raise $1B at $11B valuation for AI inference infrastructure — AI server rental startup would triple its valuation from three months prior on strong demand for Nvidia GPU compute.
09[MIT Technology Review: Entry-level jobs face quiet collapse as AI automates career entry points](https://www.technologyreview.com/2026/05/26/1137865/its-time-to-address-the-looming-crisis-in-entry-level-work