CHICAGO, May 22, 2025 (GLOBE NEWSWIRE) — As consumers grapple with rising costs and high interest rates, recent studies have revealed an increased reliance on credit products to help make ends meet. Despite the seemingly rapid growth in balances, a new analysis by TransUnion (NYSE: TRU) uncovers a more complex reality.
According to TransUnion’s newly released Q1 2025 Credit Industry Insights Report (CIIR) total consumer balances have steadily increased over recent years. Total balances in nominal dollar terms (before adjusting for inflation) across all consumer credit products rose from $14.1 trillion in Q1 2020 to $18.0 trillion in Q1 2025, approximately 28%. The cumulative Consumer Price Index increase over that same time period, as measured by the U.S. Bureau of Labor Statistics, was nearly 24%. When adjusted for inflation, total balance growth in real dollar terms is more modest, amounting to $0.5 trillion over the five-year period, an increase of closer to 3%.
The analysis also revealed that inflation-adjusted balances for consumers actually declined in real dollar terms across the majority of credit risk tiers from 2020 to 2025. This decrease was most pronounced in the prime risk tier, which saw a 14% drop in balances after adjusting for inflation. In contrast, super prime consumers experienced an 18% growth in balances over the same period. Much of the increase for super prime borrowers was attributed to higher mortgage balances. The only other risk tier to see an inflation-adjusted increase over the period was subprime at 1.9%.
“Our latest analysis reveals a picture of credit usage that goes beyond simply an increase in total balances,” said Jason Laky, executive vice president and head of financial services at TransUnion. “When we account for the recent period of higher inflation, the rise in balances suggests that consumers in most risk tiers are not over-extended. In fact, many consumers experienced significant income gains since 2019, which have enabled most borrowers to effectively manage their debt levels.”
Total Inflation-Adjusted Balances Across All Accounts Have Declined Across The Majority of Risk Tiers Since 2019
% nominal dollar change 2020 to 2025
% real dollar change for 2020 to 2025 – inflation adjusted
Super prime
46.5%
18.2%
Prime plus
9.4%
-11.7%
Prime
7.2%
-13.5%
Near prime
11.6%
-9.9%
Subprime
26.2%
1.9%
Source: TransUnion U.S. Consumer Credit Database
“These findings challenge the idea that consumers are simply accumulating credit card debt. Instead, they highlight how balances reflect the current economic reality,” said Michele Raneri, vice president and head of U.S. research and consulting at TransUnion. “It’s understandable that only subprime consumers have experienced an inflation-adjusted increase in real credit card average balances, as this demographic has likely felt the impact of higher costs most acutely. But for other risk tiers of borrowers, their card balance growth has been less than the rate of inflation, indicating that many consumers may have further borrowing capacity.”
Serious consumer-level credit card delinquencies decline YoY for second consecutive quarter
Q1 2025 CIIR Credit Card Summary
The first quarter of 2025 reflected credit card trends indicating a return to equilibrium, similar to those observed towards the end of 2024. Notably, consumer-level delinquencies of 90+ days past due decreased for the second consecutive quarter, dropping by 12 basis points year-over-year (YoY) to 2.43%. This marks the first consecutive quarters of YoY delinquency decline since 2020, during the height of the pandemic. In Q4 2024, total originations volume experienced a slight YoY increase of 0.1%. Although modest, this represents the first YoY growth in six quarters. Subprime originations saw a YoY growth of 2.9% in Q4 2024, the first in eight quarters, while super prime originations grew by 5.3% for the second consecutive quarter. Despite the uptick in originations, credit line amounts on new cards continue to trend downward. The average credit line on new accounts decreased slightly by 0.3% YoY in Q4 2024, with growth in super prime lines offsetting smaller lines in prime and below.
Instant Analysis
“We continue to observe signs that serious delinquencies may have peaked, with consumers managing their credit card usage more effectively. The year-over-year decline in 90+ days past due delinquencies, along with slower balance growth and stable utilization rates, indicates emerging market stability. We anticipate further declines in serious delinquencies in the coming quarters, primarily due to lenders’ intentional management of credit lines and cardholder risk profiles.”
– Paul Siegfried, senior vice president and credit card business leader at TransUnion
Q1 2025 Credit Card Trends
Credit Card Lending Metric (Bankcard)
Q1 2025
Q1 2024
Q1 2023
Q1 2022
Number of Credit Cards (Bankcards)
563.0 million
543.1 million
523.2 million
490.0 million
Borrower-Level Delinquency Rate (90+ DPD)
2.43%
2.55%
2.26%
1.62%
Total Credit Card Balances
$1.07 Trillion
$1.02 Trillion
$917 billion
$769 billion
Average Debt Per Borrower
$6,371
$6,218
$5,733
$5,026
Number of Consumers Carrying a Balance
172.0 million
169.0 million
165.3 million
158.9 million
Prior Quarter Originations*
19.4 million
19.3 million
20.6 million
21.2 million
Average New Account Credit Lines*
$5,612
$5,628
$5,421
$4,634
*Note: Originations are viewed one quarter in arrears to account for reporting lag. Click here for a Q1 2025 credit card industry infographic. For more credit card industry information, click here for episodes of Extra Credit: A Card and Banking Podcast by TransUnion.
Shift to less risky borrowers drives decline in unsecured personal loan delinquency in Q1 2025
Q1 2025 CIIR Unsecured Personal Loan Summary
In Q4 2024, unsecured personal loan originations hit a new high of 6.3 million, a 26% increase over Q4 2023, driven by all risk tiers, especially super prime, with 29% growth YoY. This led to a 17% YoY growth in total new account balances to $34 billion. Total balances for Q1 2025 only grew for above prime tiers, reaching $253 billion, a 3% increase over the prior year. A record 24.6 million consumers had balances, a 5% increase YoY, but average balances per consumer only grew for above prime tiers. Lenders expanded their borrower base but maintained cautious exposure, leading to a 7% decrease in average new account balances for Q4 2024, the fifth consecutive quarter of decline. Subprime delinquencies fell to 14.0% in Q1 2025 from 15.6% last year, while other risk tiers saw increases. The overall borrower-level delinquency rate declined to 3.49% in Q1 2025 from 3.75% last year, thanks to a balanced lending mix.
Instant Analysis
“The unsecured personal loan market has not only rebounded but also expanded, setting new records in loan volumes and balances. Growth is evident across all credit risk tiers, with super prime borrowers leading in year-over-year growth in the most recent quarter. Lenders appear to be limiting loan amounts for individual consumers, even as the aggregate borrower-level delinquency rate continues to decline. Increased competition and demand in the lowest risk credit tiers, along with advances in risk management practices, are now resulting in lower delinquency rates. These factors should support sustained growth, even in a challenging macroeconomic environment.“
– Josh Turnbull, senior vice president and consumer lending business leader at TransUnion
Q1 2025 Unsecured Personal Loan Trends
Personal Loan Metric
Q1 2025
Q1 2024
Q1 2023
Q1 2022
Total Balances
$253 billion
$245 billion
$225 billion
$178 billion
Number of Unsecured Personal Loans
29.8 million
28.1 million
26.9 million
23.9 million
Number of Consumers with Unsecured Personal Loans
24.6 million
23.5 million
22.4 million
20.4 million
Borrower-Level Delinquency Rate (60+ DPD)
3.49%
3.75%
3.91%
3.25%
Average Debt Per Borrower
$11,631
$11,829
$11,281
$9,896
Average Account Balance
$8,496
$8,737
$8,356
$7,448
Prior Quarter Originations*
6.3 million
5.0 million
5.2 million
5.7 million
*Note: Originations are viewed one quarter in arrears to account for reporting lag. Click here for additional unsecured personal loan industry metrics. Click here for a Q1 2025 unsecured personal loan industry infographic.
Mortgage originations see YoY growth as delinquencies tick up
Q1 2025 CIIR Mortgage Loan Summary
Another sign that the previously sluggish mortgage originations market is beginning to rebound is that mortgage originations saw a YoY increase of 30.2% in Q4 2024, reaching 1.2 million, with 78% of those being purchase originations. The 15.4% YoY growth in purchase originations marks its first annual increase since Q2 2021. Origination volumes remain low compared to historical norms. Home equity originations rose 11% YoY, marking the third consecutive quarter of YoY increases. Meanwhile, 60+ days past due (DPD) account-level delinquencies ticked up YoY in Q1 2025 for the 12th consecutive quarter, reaching 1.44%. This represents a growth of 21 basis points YoY in Q1 2025, though the rate remains relatively low compared to historical levels. As home prices continue to climb, the average amount of new mortgage loans has followed suit, increasing by nearly $40,000 YoY to $366,443 in Q4 2024.
Instant Analysis
“Due to the anticipated impacts of announced tariffs on near-term inflation, mortgage rates are expected to remain elevated above 6% in the next quarter. Without a significant decrease in mortgage rates, origination activity for both purchases and refinances is likely to remain subdued. Although the upward trend in mortgage delinquencies continues, the levels remain below long-term averages, and far below historical highs during the Great Financial Crisis, but still warrant close monitoring.”
– Satyan Merchant, senior vice president, automotive and mortgage business leader at TransUnion
Q1 2025 Mortgage Trends
Mortgage Lending Metric
Q1 2025
Q1 2024
Q1 2023
Q1 2022
Number of Mortgage Loans
53.6 million
53.2 million
52.9 million
51.5 million
Consumer-Level Delinquency Rate (60+ DPD)
1.36%
1.14%
0.90%
0.80%
Prior Quarter Originations*
1.2 million
0.9 million
1.0 million
2.9 million
Average Loan Amounts of New Mortgage Loans*
$366,443
$327,102
$327,050
$315,661
Average Balance per Consumer
$266,843
$260,745
$253,514
$241,203
Total Balances of All Mortgage Loans
$12.5 trillion
$12.1 trillion
$11.8 trillion
$10.9 trillion
* Originations are viewed one quarter in arrears to account for reporting lag. Click here for additional mortgage industry metrics. Click here for a Q1 2025 mortgage industry infographic.
Auto originations trend up ahead of tariffs
Q1 2025 CIIR Auto Loan Summary
Auto loan originations in Q4 2024 reached 6.2 million, representing an 8% YoY growth. This growth was observed across all risk tiers, with super prime leading at 15.7% YoY growth. The increase was largely driven by Federal Reserve interest rate cuts in late 2024, rising inventories, and the return of incentives. New vehicles made up 47% of those financed in Q4 2024, as compared to 53% used, the highest Q4 share for new vehicles since pre-pandemic times. Leasing share continued to approach pre-pandemic levels, rising to 26% in Q1 2025. The 60+ DPD delinquency rate increased by 5 basis points YoY in Q1 2025 to 1.38%. This rate exceeds the peak delinquency rate of 1.33% observed in Q1 2009, although the rate of growth has recently slowed. Overall, new vehicle loan vintages continue to show consistent performance compared to pre-pandemic periods (2018/2019). However, when broken down by risk tiers, recent new vehicle vintages have elevated delinquency levels, particularly for prime and below tiers.
Instant Analysis
“There have been positive signs of recovery and momentum across all tiers, not just super prime. The return of incentives has provided a tailwind to vehicle sales and financing. Nevertheless, some of this progress may reverse if the recently announced trade policies are implemented long-term, as they could further impact affordability. Despite this, we expect Q1 2025 originations to increase, as many consumers likely tried to secure a new vehicle before the tariffs were implemented.”
– Satyan Merchant, senior vice president, automotive and mortgage business leader at TransUnion
Q1 2025 Auto Loan Trends
Auto Lending Metric
Q1 2025
Q1 2024
Q1 2023
Q1 2022
Total Auto Loan Accounts
80.0 million
80.1 million
80.1 million
80.5 million
Prior Quarter Originations1
6.2 million
5.8 million
5.8 million
6.5 million
Average Monthly Payment NEW2
$759
$746
$741
$657
Average Monthly Payment USED2
$526
$521
$521
$509
Average Balance per Consumer
$24,413
$24,035
$23,214
$21,606
Average Amount Financed on New Auto Loans2
$42,877
$41,222
$41,539
$40,184
Average Amount Financed on Used Auto Loans2
$26,494
$25,655
$26,260
$27,995
Consumer-Level Delinquency Rate (60+ DPD)
1.56%
1.50%
1.34%
1.09%
1Note: Originations are viewed one quarter in arrears to account for reporting lag. 2Data from S&P Global MobilityAutoCreditInsight, Q12025data only forJanuaryand February. Click here for additional auto industry metrics. Click here for a Q1 2025 auto industry infographic.
TransUnion is a global information and insights company with over 13,000 associates operating in more than 30 countries. We make trust possible by ensuring each person is reliably represented in the marketplace. We do this with a Tru™ picture of each person: an actionable view of consumers, stewarded with care. Through our acquisitions and technology investments we have developed innovative solutions that extend beyond our strong foundation in core credit into areas such as marketing, fraud, risk and advanced analytics. As a result, consumers and businesses can transact with confidence and achieve great things. We call this Information for Good® — and it leads to economic opportunity, great experiences and personal empowerment for millions of people around the world.
FORECAST: A slight contraction in new business volumes suggests a 0.4% decline in new durable goods orders in April.
Total new business volume (NBV) rose by $10 billion seasonally adjusted among surveyed ELFA member companies, a decrease of 3.2% from the prior month.
NBV year-to-date contracted by 1.0% relative to the same period in 2024.
Year-over-year, NBV dropped by 4.4% on a non-seasonally adjusted basis.
Charge-offs (losses) declined to 0.40%, the largest single-month decrease since October of 2020.
“The April CFI showed a sector that weathered the recent surge in economic and financial market volatility. Demand for new equipment eased a little, but remained healthy, especially given all the April ups-and-downs,” said Leigh Lytle, President and CEO at ELFA. “Financial conditions strengthened remarkably, with losses and delinquencies plummeting. The across-the-board improvement in charge-offs highlights the industry’s resiliency, while the reduction in delinquencies suggests more improvements in financial conditions are on the horizon. Even if some of the impact from changing trade policy is delayed, the strength in financial conditions shows that it will take a lot more than uncertainty to knock the industry off course. While I don’t expect calm waters over the remainder of the year, I am optimistic that uncertainty will ease, which suggests a strong second half of the year for our industry.”
New business volumes edged lower. New business volume growth cooled in April, declining 3.2% from the prior month. The $10 billion in overall new business volume is the second highest reading in 2025 and remained close to its two-year trend. Activity at banks and captives declined by 6.1% and 10.4%, respectively, while new volumes grew by 0.1% at independents. Over the last five months, the equipment finance industry has experienced an uptick in demand volatility, much of it in new business volumes at banks, which make up roughly half of the CapEx Finance Index. Even with the slowdown in new activity at banks, the average monthly rate of new business volumes was $5.1 billion over the first four months of the year, which is in line with the average over the last six months of 2024. New volume growth for small ticket deals dropped by 18.3% to $2.8 billion. Year-to-date, the small ticket index is down 20.6%, and the average monthly volume of new business remains well below its 2024 average.
The pace of job losses slowed. Employment in the equipment finance industry was down 2.0% over the previous 12 months. That’s a slower rate of contraction than the 2.7% yearly decline in March. Employment at banks and captives both declined, while headcount at independents increased.
Credit approvals shot up to the highest rate in over two years. The overall credit approval rate jumped to 77.4%, a rise of almost 1.4 percentage points. That is double the 0.7 percentage point increase in the prior month. The overall credit approval rate has so far risen by 3.1 percentage points in 2025.
Financial conditions strengthened markedly. Aging receivables over 30 days fell by over 40 basis points to 1.8% in April. That is the lowest delinquency rate since June of 2023, and the biggest decline since November of that same year. Delinquencies on small ticket deals dropped by 34 basis points, and rates at banks and independents declined. Aging receivables at captives erased a March decrease, rising to 2.5%. After climbing for two months, the overall charge-off rate dropped to its lowest point since October last year. The loss rate on small ticket acquisitions also declined, as did the charge-off rate for banks, captives and independents.
“We are cautiously optimistic about the months ahead and the stability of the economy and our industry as we head into summer,” said Daryn Lecy, CLFP, SVP/Chief Operating Officer, Oakmont Capital Services. “There are macroeconomic reasons to wait and see, as negotiations on tariffs begin and will likely take time. Additionally, several significant economic reports are set to be released in the coming weeks, which may impact business and consumer confidence. Specific to our industry, recent positive data—such as strong credit approvals—aligns well with substantially improved month-over-month delinquency and loss figures, giving us further reasons for optimism. Our industry is comprised of talented individuals and creative problem solvers who will adapt and position themselves to secure opportunities in any economic conditions.”
Industry Confidence The Monthly Confidence Index from ELFA’s affiliate, the Equipment Leasing & Finance Foundation, increased to 44.5 in May, up from 41.9 in April, as equipment finance companies await further clarity around tariff policies.
About ELFA’s CFI The CapEx Finance Index (CFI) is the only real-time dataset that tracks nationwide conditions in the equipment financing industry. The information is compiled from a diversified set of businesses that respond to questions about demand for equipment financing, employment, and changes in financial conditions. The resulting data is organized by institution type, such as banks, captives, and independents, and is classified into overall activity and financing for small ticket equipment and software. The CFI is released monthly from Washington, D.C., generally one day before the U.S. Department of Commerce’s durable goods report. More detail on the data and methodology can be found at www.elfaonline.org/CFI.
About ELFA The Equipment Leasing and Finance Association (ELFA) represents financial services companies and manufacturers in the $1 trillion U.S. equipment finance sector. ELFA’s over 600 member companies provide essential financing that helps businesses acquire the equipment they need to operate and grow. Learn how equipment finance contributes to businesses’ success, U.S. economic growth, manufacturing and jobs at www.elfaonline.org.
Source: Federal Bureau of Investigation (FBI) State Crime Alerts (b)
LOS ANGELES – A Santa Barbara County investment advisor was sentenced today to 121 months in federal prison for stealing approximately $2.25 million from elderly clients of her investment advisory business, including clients that were receiving end-of-life care.
Julie Anne Darrah, 52, of Santa Maria, was sentenced by United States District Judge Otis D. Wright II, who will schedule a restitution hearing at a later date.
Darrah pleaded guilty on March 4 to one count of wire fraud.
During the scheme,Darrah stole approximately $2.25 million from her firm’s clients. She did so by obtaining control of her victims’ assets, and then – without the victims’ knowledge or consent – she liquidated their security holdings and transferred the proceeds to accounts she controlled. As part of this, she convinced victims to sign documents making her the trustee of their trusts or a signatory on their bank accounts or giving her power of attorney over their brokerage accounts and allowing her – as their investment advisor – to transfer funds from their accounts to other bank accounts, including to her own accounts.
Darrah took advantage of trust victims placed in her – often convincing them she would take care of them in their older years like a daughter, and she used this trust to convince them to sign the documents that she then used to steal money from them. In this way, Darrah stole money from victims from approximately November 2016 to July 2023. Sheused stolen funds to buy properties for herself, pay other personal expenses, buy luxury vehicles, and operate other business ventures. Some victims were left in desperate circumstances, without the money to pay for end-of-life care, when the fraud was discovered.
Darrah also convinced a company identified in the plea agreement as “Business Victim 1,” a Minnesota-based investment advisor firm, to acquire VFM based on false and misleading statements and the concealment of material facts, including not telling that firm about her theft of individual client funds. After the fraud was discovered, Business Victim 1 incurred approximately $5.4 million in losses.
In October 2023, the SEC filed a civil complaint against Darrah in connection with this scheme. In December 2024, United States District Judge Dale S. Fischer found Darrah liable to pay $2,416,511, including interest.
The FBI and the Federal Deposit Insurance Corporation Office of Inspector General investigated this matter.
Assistant United States Attorney Kerry L. Quinn of the Major Frauds Section prosecuted this case.
If you or someone you know is age 60 or older and has been a victim of financial fraud, help is available at the National Elder Fraud Hotline: 1-833-FRAUD-11 (1-833-372-8311). This Department of Justice hotline, managed by the Office for Victims of Crime, is staffed by experienced professionals who provide personalized support to callers by assessing the needs of the victim and identifying relevant next steps. Reporting can help authorities identify those who commit fraud and reporting certain financial losses due to fraud as soon as possible can increase the likelihood of recovering losses. English, Spanish and other languages are available.
Source: Federal Bureau of Investigation (FBI) State Crime News
A federal grand jury returned a one-count indictment today against Michael Keith Rubino, 39, of Vacaville, charging him with producing child sexual abuse material, Acting U.S. Attorney Michele Beckwith announced.
According to court documents, in October and November of 2024, Rubino engaged in multiple sex acts with a 17-year-old female victim. Rubino exploited his minor victim at a residence in Vacaville where Rubino lived. Rubino recorded numerous instances of his sexual abuse of his minor victim using his iPhone.
This case is the product of an investigation by the Federal Bureau of Investigation, with assistance from the Vacaville Police Department. Assistant U.S. Attorney Sam Stefanki is prosecuting the case.
If convicted, Rubino faces a minimum mandatory sentence of 15 years in prison and a maximum statutory penalty of 30 years in prison and a $250,000 fine. Any sentence, however, would be determined at the discretion of the court after consideration of any applicable statutory factors and the Federal Sentencing Guidelines, which take into account a number of variables. The charges are only allegations; the defendant is presumed innocent until and unless proven guilty beyond a reasonable doubt.
This case was brought as part of Project Safe Childhood, a nationwide initiative launched in May 2006 by the Department of Justice to combat the growing epidemic of child sexual exploitation and abuse. Led by the United States Attorneys’ Offices and the Criminal Division’s Child Exploitation and Obscenity Section, Project Safe Childhood marshals federal, state, and local resources to locate, apprehend, and prosecute those who sexually exploit children, and to identify and rescue victims. For more information about Project Safe Childhood, please visit www.usdoj.gov/psc.
Source: Federal Bureau of Investigation (FBI) State Crime News
SAN JOSE – Sayee Chaitanya Reddy Devagiri pleaded guilty in federal court today to conspiring to steal more than $2.5 million from DoorDash, Inc., a San Francisco-based delivery company.
Devagiri, 30, of Newport Beach, Calif., and three other defendants were indicted by a federal grand jury in August 2024. Devagiri was charged with a single count of conspiracy to commit wire fraud in violation of 18 U.S.C. § 1349. He pleaded guilty to that count today.
In pleading guilty, Devagiri admitted to working with others in 2020 and 2021 to cause DoorDash to pay for deliveries that never occurred. At the time, Devagiri was a delivery driver for DoorDash orders. Under the scheme, Devagiri used customer accounts to place high value orders and then, using an employee’s credentials to gain access to DoorDash software, manually reassigned DoorDash orders to driver accounts that he and others controlled. Devagiri then caused the fraudulent driver accounts to report that the orders had been delivered, when they had not, and manipulated DoorDash’s computer systems to prompt DoorDash to pay the fraudulent driver accounts for the non-existent deliveries. Devagiri would then use DoorDash software to change the orders from “delivered” status to “in process” status and manually reassign the orders to driver accounts he and others controlled, beginning the process again. This procedure usually took less than five minutes, and was repeated hundreds of times for many of the orders.
The scheme resulted in fraudulent payments exceeding $2.5 million.
Acting United States Attorney Patrick D. Robbins and Federal Bureau of Investigation (FBI) Special Agent in Charge Sanjay Virmani made the announcement.
Devagiri is the third defendant to be convicted for his role in this conspiracy. Co-defendant Manaswi Mandadapu pleaded guilty to conspiracy to commit wire fraud on May 6, 2025. Tyler Thomas Bottenhorn, who was separately charged, pleaded guilty on Nov. 7, 2023.
Devagiri is next scheduled to appear before U.S. District Judge Beth Labson Freeman for a status hearing on Sept. 16, 2025. He faces a maximum statutory penalty of 20 years in prison and a fine of $250,000. Any sentence will be imposed by the court only after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.
Assistant U.S. Attorney Michael G. Pitman is prosecuting the case with the assistance of Sahib Kaur. The prosecution is the result of an investigation by the FBI.
Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)
KANSAS CITY, Mo. – A Columbia, Mo., man was indicted by a federal grand jury today for illegally possessing a privately made firearm and 9mm ammunition.
Victor S. Kee, 26, was charged in a one-count indictment returned by a federal grand jury in Kansas City, Mo.
Today’s indictment alleges that Kee was in possession of a privately made firearm, identified as a Polymer80, Model PF940SC, 9mm pistol, with no serial number, and 9mm ammunition. Kee is charged with one count of being a felon in possession of a firearm and ammunition.
Under federal law, it is illegal for anyone who has been convicted of a felony to be in possession of any firearm or ammunition. Kee has prior felony convictions for tampering with a motor vehicle, resisting arrest, burglary, assault, and being a felon in possession of a firearm.
The charges contained in this indictment are simply accusations, and not evidence of guilt. Evidence supporting the charges must be presented to a federal trial jury, whose duty is to determine guilt or innocence.
This case is being prosecuted by Special Assistant U.S. Attorney Jessica L. Jennings. It was investigated by the Bureau of Alcohol, Tobacco, Firearms and Explosives, the Missouri State Highway Patrol, and the Lafayette County, Missouri Sheriff’s Office.
Project Safe Neighborhoods
This case is part of Project Safe Neighborhoods (PSN), a program bringing together all levels of law enforcement and the communities they serve to reduce violent crime and gun violence, and to make our neighborhoods safer for everyone. On May 26, 2021, the Department launched a violent crime reduction strategy strengthening PSN based on these core principles: fostering trust and legitimacy in our communities, supporting community-based organizations that help prevent violence from occurring in the first place, setting focused and strategic enforcement priorities, and measuring the results.
SAN SALVADOR, El Salvador, May 22, 2025 (GLOBE NEWSWIRE) — Bitget Wallet, the leading non-custodial crypto wallet, has unveiled its product roadmap following a recent brand overhaul, outlining a series of updates designed to simplify crypto and expand real-world use. The roadmap is built around four core functions—Trade, Earn, Pay, and Discover—and is backed by a $1 million community incentive campaign and the launch of a global Champion Program aimed at accelerating adoption. These initiatives are part of Bitget Wallet’s broader Crypto for Everyone movement, which focuses on making self-custody tools more accessible, intuitive, and useful in everyday life.
“Bitget Wallet is no longer just a place to store tokens — it’s becoming the starting point for how people trade, earn, pay, and explore onchain,” said Alvin Kan, COO of Bitget Wallet. “This roadmap is about delivering smarter, simpler crypto experiences that solve real user pain points and bring crypto closer to everyday life.”
With over 80 million users globally, Bitget Wallet has evolved from a basic wallet app into a full-featured gateway for onchain activity. Its trading experience now covers the entire flow — discover, analyze, and execute — with tools like Hot Picks, real-time alerts, and curated token insights designed to surface early-stage opportunities. Through Bitget Wallet Alpha, users can monitor smart money movements, onchain behaviors such as sniper bots and dev wallet activity, and access tools including market charts, AI-generated summaries, and sentiment feeds. Trades are executed through a one-click, gas-free Super DEX that aggregates liquidity across 100+ DEXs and supports tokens across 130+ blockchains, with MEV protection and dynamic slippage built in.
To help users grow their assets, Bitget Wallet currently offers one-click staking and automated yield generation, and will soon launch its Simple Yield Vault, enabling balances to earn interest automatically while remaining instantly spendable. Future updates include support for tokenized real-world assets, such as stocks, bonds, and gold, allowing users to manage diversified portfolios directly within the app. An upgraded Earn Dashboard will offer performance tracking with gain charts and detailed earning breakdowns.
On the payments front, Bitget Wallet is one of the first wallets to integrate a built-in shop page, where users can purchase goods and services from over 300 brands using crypto — without needing to convert to fiat. From mobile top-ups and gaming to travel and e-commerce, the shop covers major global merchants like Amazon, Google Play, Shopee, and more. Through Payfi integrations, the wallet is the only self-custodial wallet supporting maximum payment flexibility via crypto cards, QR code scans, and in-app purchases. Integrations with national QR code systems in Asia and Latin America are also underway to support local merchant payments. The Bitget Wallet Card is already live in Asia, with further expansion in Europe and Latin America to support everyday crypto spending globally.
To make onboarding easier, Bitget Wallet will soon launch Simple Mode in selected regions, offering a streamlined interface where the concept of gas and chains are completely abstracted away and tailored to Web3 newcomers. A new AI-powered support chatbot is in development to assist users in real time. In parallel, the platform’s Discover page is being upgraded into a central hub for onchain activity, featuring a smart DApp browser, testnet tools, multi-chain playbooks, and push notifications for airdrops and project updates, making it easier for users to navigate the broader Web3 ecosystem.
Security continues to be a core focus. Bitget Wallet uses advanced encryption and MPC-based recovery to simplify account access without relying on traditional seed phrases. Real-time risk detection, phishing alerts, and smart transaction protections work together to help users stay safe. As wallets expand from basic storage into multi-functional financial apps, Bitget Wallet continues to prioritize both security and simplicity across user experience.
Bitget Wallet’s roadmap highlights its broader vision of building a crypto wallet for everyone — from first-time users to advanced traders. With nearly 100 Web3 projects joining its Crypto for Everyone Movement, Bitget Wallet is launching new user onboarding programs, educational initiatives, and ecosystem partnerships — backed by a $1 million incentive campaign to drive adoption. Complementing these efforts, the Bitget Wallet Champion Program empowers community leaders and content creators worldwide to drive Web3 adoption through education, engagement, and exclusive rewards. The wallet aims to close the gap between crypto and real-world usage, enabling anyone to benefit from Web3 — wherever they are on their journey.
For more details on the product roadmap, please visit the Bitget Wallet blog.
About Bitget Wallet Bitget Wallet is a non-custodial crypto wallet designed to make crypto simple and secure for everyone. With over 80 million users, it brings together a full suite of crypto services, including swaps, market insights, staking, rewards, DApp exploration, and payment solutions. Supporting 130+ blockchains and millions of tokens, Bitget Wallet enables seamless multi-chain trading across hundreds of DEXs and cross-chain bridges. Backed by a $300+ million user protection fund, it ensures the highest level of security for users’ assets.
CALGARY, Alberta, May 22, 2025 (GLOBE NEWSWIRE) — Computer Modelling Group Ltd. (“CMG Group” or the “Company”) announces its financial results for the three months and year ended March 31, 2025, and the approval by its Board of Directors (the “Board”) of the payment of a cash dividend of $0.05 per Common Share for the fourth quarter ended March 31, 2025.
FOURTH QUARTER 2025 CONSOLIDATED HIGHLIGHTS
Select financial highlights
Total revenue increased by 4% (13% Organic decline(1) and 17% growth from acquisitions) to $33.7 million;
Recurring revenue(2) increased by 16% (7% Organic decline and 23% growth from acquisitions) to $24.2 million;
Adjusted EBITDA(1) increased by 2% to $10.5 million;
Adjusted EBITDA Margin(1) was 31%, compared to 32% in the comparative period;
Earnings per share was $0.06, a 33% decrease;
Free Cash Flow(1) decreased by 26% to $7.0 million; Free Cash flow per share decreased to $0.08 from $0.12.
FISCAL 2025 CONSOLIDATED HIGHLIGHTS
Select financial highlights
Total revenue increased by 19% (1% Organic decline and 20% growth from acquisitions) to $129.4 million;
Recurring revenue increased by 13% (1% Organic growth and 12% was growth from acquisitions) to $86.8 million;
Adjusted EBITDA increased by 2% to $44.0 million;
Adjusted EBITDA Margin was 34%, compared to 40% in the comparative period;
Earnings per share was $0.27, a 16% decrease;
Free Cash Flow decreased by 22% to $27.6 million; Free Cash flow per share decreased to $0.33 from $0.44.
(1) Organic growth/decline, Adjusted EBITDA, Adjusted EBITDA Margin and Free Cash Flow are not standardized financial measures and might not be comparable to measures disclosed by other issuers. For more description see under “Non-IFRS Financial and Supplementary Financial Measures” heading. (2) Recurring revenue includes Annuity/maintenance licenses and Annuity license fee, and excludes Perpetual licenses and Professional Services.
OVERVIEW
Macroeconomic factors and political instability, combined with a low oil price environment, resulted in challenged organic growth this year, particularly in reservoir and production solutions, where lengthened deal cycles and cautious customer spending prevailed. Despite these challenges, we continued to execute on our strategic M&A roadmap, and revenue growth during the quarter and year-to-date, was supported by meaningful contributions from acquisitions. Adjusted EBITDA increases during the quarter and year-to-date were also supported by growth from acquisitions. Free Cash Flow decreased during the quarter and year-to-date due to pressures on top-line-growth, however, during the prior year period, Free Cash Flow also benefited from the tax deduction of approximately $4.6 million as a result of the acquisition of intellectual property. We generated $27.6 million of Free Cash Flow during fiscal 2025, maintaining our strong liquidity position and enabling us to invest in strategic acquisitions.
As we look forward to fiscal 2026, excluding any impact from future acquisitions, we anticipate a reduction of between $6 – $7 million in professional services revenue compared to fiscal 2025 which may make it challenging to demonstrate total revenue growth. It is a goal of the company to shift the revenue mix towards a higher percentage of software revenue and the reduction in professional services is a natural part of the shift. Adjusted EBITDA and Adjusted EBITDA Margin may also show limited growth due to anticipated delays in cost-saving measures in taking effect, but this impact is expected to be limited to fiscal 2026.
To ensure long-term resilience, we remain committed to evolving our business model through carefully targeted strategic acquisitions. Our acquisitions to date position us well by expanding our capabilities and helping to support long-term growth by complementing our core offering.
SUMMARY OF FINANCIAL PERFORMANCE
Three months ended March 31,
Year ended March 31,
($ thousands, except per share data)
2025
2024
% change
2025
2024
% change
Annuity/maintenance licenses
19,436
19,661
(1
%)
77,525
71,530
8
%
Annuity license fee
4,728
1,142
314
%
9,280
5,146
80
%
Recurring revenue(1) (2)
24,164
20,803
16
%
86,805
76,676
13
%
Perpetual licenses
554
2,130
(74
%)
5,617
5,739
(2
%)
Total software license revenue
24,718
22,933
8
%
92,422
82,415
12
%
Professional services
8,965
9,358
(4
%)
37,024
26,264
41
%
Total revenue
33,683
32,291
4
%
129,446
108,679
19
%
Cost of revenue
6,749
6,470
4
%
24,940
17,224
45
%
Operating expenses
Sales & marketing
5,094
4,361
17
%
18,617
14,957
24
%
Research and development
8,129
7,607
7
%
30,142
23,679
27
%
General & administrative
4,876
5,576
(13
%)
21,599
18,835
15
%
Operating expenses
18,099
17,544
3
%
70,358
57,471
22
%
Operating profit
8,835
8,277
7
%
34,148
33,984
–
%
Net income
5,104
7,229
(29
%)
22,437
26,259
(15
%)
Adjusted EBITDA (1)
10,500
10,295
2
%
44,009
43,345
2
%
Adjusted EBITDA Margin(1)
31%
32%
34%
40%
Earnings per share – basic & diluted
0.06
0.09
(33
%)
0.27
0.32
(16
%)
Funds flow from operations per share – basic
0.10
0.13
(23
%)
0.38
0.47
(19
%)
Free Cash Flow per share – basic (1)
0.08
0.12
(33
%)
0.33
0.44
(25
%)
(1) Non-IFRS financial measures are defined in the “Non-IFRS Financial Measures” section. (2) Included in the number is a reduction of $0.5 million and $0.8 million for the three months and year ended March 31, 2025, respectively ($0.1 million and $0.2 million for the three months and year ended March 31, 2024, respectively), attributed to the amortization of a deferred revenue fair value reduction recognized on acquisition.
Q4 2025 Dividend
Computer Modelling Group’s Board approved a cash dividend of $0.05 per Common Share. The dividend will be paid on June 13, 2025, to shareholders of record at the close of business on June 5, 2025.
All dividends paid by Computer Modelling Group Ltd. to holders of Common Shares in the capital of the Company will be treated as eligible dividends within the meaning of such term in section 89(1) of the Income Tax Act (Canada), unless otherwise indicated.
NON-IFRS FINANCIAL MEASURES AND RECONCILIATION OF NON-IFRS MEASURES
Free Cash Flow Reconciliation to Funds Flow from Operations
Free cash flow is a non-IFRS financial measure that is calculated as funds flow from operations less capital expenditures and repayment of lease liabilities. Free Cash Flow per share is calculated by dividing free cash flow by the number of weighted average outstanding shares during the period. Management believes that this measure provides useful supplemental information about operating performance and liquidity, as it represents cash generated during the period, regardless of the timing of collection of receivables and payment of payables, which may reduce comparability between periods. Management uses free cash flow and free cash flow per share to help measure the capacity of the Company to pay dividends and invest in business growth opportunities.
Fiscal 2024
Fiscal 2025
($ thousands, unless otherwise stated)
Q1
Q2
Q3
Q4
Q1
Q2
Q3
Q4
Funds flow from operations
7,920
11,491
8,477
10,367
6,515
7,101
9,937
8,227
Capital expenditures
(45
)
(51
)
(459
)
(95
)
(93
)
(236
)
(432
)
(661
)
Repayment of lease liabilities
(412
)
(412
)
(728
)
(803
)
(743
)
(769
)
(689
)
(549
)
Free Cash Flow
7,463
11,028
7,290
9,469
5,679
6,096
8,816
7,017
Weighted average shares – basic (thousands)
80,685
80,834
81,067
81,314
81,476
81,887
82,753
83,064
Free Cash Flow per share – basic
0.09
0.14
0.09
0.12
0.07
0.07
0.11
0.08
Funds flow from operations per share- basic
0.10
0.14
0.10
0.13
0.08
0.09
0.12
0.10
Free Cash Flow decreased by 26% and 22%, respectively, for the three months and year ended March 31, 2025 from the same periods of the previous fiscal year. These decreases are primarily due to lower funds flow from operations, higher capital expenditures, and increased repayment of lease liabilities as a result of office leases in acquired entities. During year ended March 31, 2024, Free Cash Flow benefited from the tax deduction of approximately $4.6 million as a result of the acquisition of the BHV intellectual property.
Adjusted EBITDA and Adjusted EBITDA Margin
Three months ended March 31,
Year ended March 31,
($ thousands)
2025
2024
2025
2024
Net income (loss)
5,104
7,229
22,437
26,259
Add (deduct):
Depreciation and amortization
2,368
2,151
8,465
5,688
Acquisition costs
216
186
2,567
1,456
Stock-based compensation
(435
)
922
2,625
6,292
Loss on contingent consideration
88
–
2,151
–
Deferred revenue amortization on acquisition fair value reduction
535
76
845
188
Income and other tax expense
2,154
1,935
10,448
8,963
Interest income
(313
)
(658
)
(2,605
)
(3,096
)
Interest expense
189
–
189
–
Foreign exchange loss (gain)
1,143
(743
)
(363
)
(50
)
Repayment of lease liabilities
(549
)
(803
)
(2,750
)
(2,355
)
Adjusted EBITDA (1)
10,500
10,295
44,009
43,345
Adjusted EBITDA Margin(1)
31
%
32
%
34
%
40
%
(1) This is a non-IFRS financial measure. Refer to definition of the measures above.
Adjusted EBITDA increased by 2% during the three months ended March 31, 2025, compared to the same period of the previous year, of which 20% was growth from acquisitions, partially offset by an Organic decline of 18%, primarily attributable to lower revenue in the quarter partially offset by lower expenses.
Adjusted EBITDA increased by 2% for the year ended March 31, 2025, compared to the same period of the previous year, of which 3% of the increase was due to growth from acquisitions, partially offset by a 1% Organic decline due to higher expenses.
Organic Growth
Organic growth is not a standardized financial measure and might not be comparable to measures disclosed by other issuers. The Company measures Organic growth on a quarterly and year-to-date basis at the revenue and Adjusted EBITDA levels and includes revenue and Adjusted EBITDA under CMG Group’s ownership for a year or longer, beginning from the first full quarter of CMG Group’s ownership in the current and comparative period(s). For example, BHV was acquired on September 25, 2023 (Q2 2024). September 25, 2024, marked one full year of ownership under CMG Group and on October 1, 2024 (Q3 2025), which is the first full quarter under CMG Group’s ownership in the current and comparative period, started being tracked under Organic growth. Any revenue and Adjusted EBITDA generated by BHV prior to October 1, 2024, would not be included in Organic growth. Sharp was acquired on November 12, 2025 (Q3 2025) and will start contributing to Organic growth on January 1, 2026 (Q4 2026).
For further clarity, current statements include Organic growth from the following:
CMG revenue and Adjusted EBITDA; and
BHV revenue and Adjusted EBITDA generated beginning on October 1, 2024.
Recurring Revenue Recurring revenue represents the revenue recognized during the period from contracts that are recurring in nature and includes revenue recognized as “Annuity/maintenance licenses” and “Annuity license fee”. We believe that Recurring revenue is an indicator of business expansion and provides management with visibility into our ability to generate predictable cash flows.
The table below reconciles Recurring revenue to total revenue for the periods indicated.
Three months ended March 31,
Year ended March 31,
2025
2024
% change
2025
2024
% change
($ thousands)
Annuity/maintenance licenses
19,436
19,661
(1%
)
77,525
71,530
8
%
Annuity license fee
4,728
1,142
314
%
9,280
5,146
80
%
Recurring revenue(1) (2)
24,164
20,803
16
%
86,805
76,676
13
%
Perpetual licenses
554
2,130
(74
%)
5,617
5,739
(2
%)
Total software license revenue
24,718
22,933
8
%
92,422
82,415
12
%
Professional services
8,965
9,358
(4
%)
37,024
26,264
41
%
Total revenue
33,683
32,291
4
%
129,446
108,679
19
%
(1) This is a non-IFRS financial measure. (2) Included in the number is a reduction of $0.5 million and $0.8 million for the three months and year ended March 31, 2025, respectively ($0.1 million and $0.2 million for the three months and year ended March 31, 2024, respectively), attributed to the amortization of a deferred revenue fair value reduction recognized on acquisition.
Consolidated Statements of Financial Position
March 31, 2025
March 31, 2024
April 1, 2023
(thousands of Canadian $)
Assets
Current assets:
Cash
43,884
63,083
66,850
Restricted cash
362
142
–
Trade and other receivables
41,457
36,550
23,910
Prepaid expenses
2,572
2,321
1,060
Prepaid income taxes
1,641
3,841
444
89,916
105,937
92,264
Intangible assets
59,955
23,683
1,321
Right-of-use assets
28,443
29,072
30,733
Property and equipment
10,157
9,877
10,366
Goodwill
15,814
4,399
–
Deferred tax asset
471
–
2,444
Total assets
204,756
172,968
137,128
Liabilities and shareholders’ equity
Current liabilities:
Trade payables and accrued liabilities
18,452
18,551
11,126
Income taxes payable
2,667
2,136
33
Acquisition holdback payable
188
2,292
–
Acquisition earnout
3,864
–
–
Deferred revenue
40,276
41,120
34,797
Lease liabilities
2,278
2,566
1,829
Government loan
310
–
–
68,035
66,665
47,785
Lease liabilities
34,668
34,395
36,151
Stock-based compensation liabilities
256
624
742
Government loan
1,319
–
–
Acquisition earnout
–
1,503
–
Acquisition holdback payable
1,257
–
–
Other long-term liabilities
212
305
–
Deferred tax liabilities
13,102
1,661
–
Total liabilities
118,849
105,153
84,678
Shareholders’ equity:
Share capital
94,849
87,304
81,820
Contributed surplus
15,460
15,667
15,471
Cumulative translation adjustment
4,326
(367
)
–
Deficit
(28,728
)
(34,789
)
(44,841
)
Total shareholders’ equity
85,907
67,815
52,450
Total liabilities and shareholders’ equity
204,756
172,968
137,128
Consolidated Statements of Operations and Comprehensive Income
Years ended March 31, (thousands of Canadian $ except per share amounts)
2025
2024
Revenue
129,446
108,679
Cost of revenue
24,940
17,224
Gross profit
104,506
91,455
Operating expenses
Sales and marketing
18,617
14,957
Research and development
30,142
23,679
General and administrative
21,599
18,835
70,358
57,471
Operating profit
34,148
33,984
Finance income
2,968
3,146
Finance costs
(2,080
)
(1,908
)
Change in fair value of contingent consideration
(2,151
)
–
Profit before income and other taxes
32,885
35,222
Income and other taxes
10,448
8,963
Net income
22,437
26,259
Other comprehensive income:
Foreign currency translation adjustment
4,693
(367
)
Other comprehensive income
4,693
(367
)
Total comprehensive income
27,130
25,892
Net income per share – basic
0.27
0.32
Net income per share – diluted
0.27
0.32
Dividend per share
0.20
0.20
Consolidated Statements of Cash Flows
Years ended March 31, (thousands of Canadian $)
2025
2024
Operating activities
Net income
22,437
26,259
Adjustments for:
Depreciation and amortization of property, equipment, right-of use assets
4,756
4,187
Amortization of intangible assets
3,709
1,501
Deferred income tax expense (recovery)
(776
)
3,518
Stock-based compensation
(1,297
)
2,795
Foreign exchange and other non-cash items
800
(5
)
Change in fair value of contingent consideration
2,151
–
Funds flow from operations
31,780
38,255
Movement in non-cash working capital:
Trade and other receivables
(527
)
(6,697
)
Trade payables and accrued liabilities
(818
)
2,618
Prepaid expenses and other assets
(169
)
(1,183
)
Income taxes receivable (payable)
2,421
(1,826
)
Deferred revenue
(2,770
)
4,910
Change in non-cash working capital
(1,863
)
(2,178
)
Net cash provided by operating activities
29,917
36,077
Financing activities
Repayment of acquired line of credit
–
(2,012
)
Repayment of government loan
(141
)
–
Proceeds from issuance of common shares
5,597
4,193
Repayment of lease liabilities
(2,750
)
(2,355
)
Dividends paid
(16,376
)
(16,207
)
Net cash used in financing activities
(13,670
)
(16,381
)
Investing activities
Corporate acquisition, net of cash acquired
(27,292
)
(22,814
)
Repayment of acquisition holdback payable
(9,247
)
–
Property and equipment additions, net of disposals
(1,422
)
(650
)
Net cash used in investing activities
(37,961
)
(23,464
)
Decrease in cash
(21,714
)
(3,768
)
Effect of foreign exchange on cash
2,515
1
Cash, beginning of year
63,083
66,850
Cash, end of year
43,884
63,083
Supplementary cash flow information
Interest received
2,605
3,096
Interest paid
1,891
1,908
Income taxes paid
11,370
7,201
CORPORATE PROFILE
CMG Group (TSX:CMG) is a global software and consulting company that combines science and technology with deep industry expertise to solve complex subsurface and surface challenges for the new energy industry around the world. The Company is headquartered in Calgary, AB, with offices in Houston, Oslo, Stavanger, Kaiserslautern, Oxford, Dubai, Bogota, Rio de Janeiro, Bengaluru, and Kuala Lumpur. For more information, please visit www.cmgl.ca.
ANNUAL FILINGS AND RELATED ANNUAL FINANCIAL INFORMATION
Management’s Discussion and Analysis (“MD&A”) and consolidated financial statements and the notes thereto for the year ended March 31, 2025, can be obtained from our website www.cmgl.ca. The documents will also be available under CMG Group’s SEDAR profile www.sedarplus.ca.
This press release contains “forward-looking statements”. Forward-looking statements can be identified by words such as: “anticipate”, “intend”, “plan”, “goal”, “seek”, “believe”, “project”, “estimate”, “expect”, “strategy”, “future”, “likely”, “may”, “should”, “will”, and similar references to future periods. Examples of forward-looking statements include, among others, statements we make regarding the benefits of the acquired technology, the ongoing development thereof; and the ability of data analytics to improve efficiency, cut costs and reduce risks.
Forward-looking statements are neither historical facts nor assurances of future performance. Instead, they are based only on our current beliefs, expectations, and assumptions regarding the future of our business, future plans and strategies, projections, anticipated events and trends, the economy and other future conditions. Because forward-looking statements relate to the future, they are subject to inherent uncertainties, risks and changes in circumstances that are difficult to predict and many of which are outside of our control. Our actual results and financial condition may differ materially from those indicated in the forward-looking statements. Therefore, you should not rely on any of these forward-looking statements. Important factors that could cause our actual results and financial condition to differ materially from those indicated in the forward-looking statements are detailed in the companies’ public filings.
Any forward-looking statement made by us in this press release is based only on information currently available to us and speaks only as of the date on which it is made. Except as required by applicable securities laws, we undertake no obligation to publicly update any forward-looking statement, whether written or oral, that may be made from time to time, whether as a result of new information, future developments or otherwise.
Prime Minister Narendra Modi has commended the security forces for their decisive action in eliminating 27 Maoists, including top CPI (Maoist) leader Nambala Keshav Rao, alias Basavaraju, during a major anti-Naxal operation in Chhattisgarh on Wednesday.
In response to a post by Union Home Minister Amit Shah on X, PM Modi said, “Proud of our forces for this remarkable success. Our Government is committed to eliminating the menace of Maoism and ensuring a life of peace and progress for our people.”
Earlier, Home Minister Shah had hailed the operation as a “landmark achievement” in India’s long-standing fight against Naxalism. “Today, in an operation in Narayanpur, Chhattisgarh, our security forces neutralised 27 dreaded Maoists, including Nambala Keshav Rao, alias Basavaraju — the General Secretary of CPI-Maoist, topmost leader, and the backbone of the Naxal movement,” he wrote.
“This is the first time in three decades of India’s battle against Naxalism that a General Secretary-ranked Maoist leader has been neutralised. I applaud our brave security forces and agencies for this major breakthrough,” Shah added. He also stated that with the completion of Operation Black Forest, 54 Maoists have been arrested and 84 have surrendered across Chhattisgarh, Telangana, and Maharashtra. The Modi government, he affirmed, is determined to eliminate Naxalism by March 31, 2026.
The encounter, which took place in the dense forests of Abujhmad in Narayanpur district, is being seen as a major milestone in the country’s efforts to curb left-wing extremism. Acting on specific intelligence inputs, joint teams of the District Reserve Guard (DRG) from Narayanpur, Dantewada, Bijapur, and Kondagaon launched a coordinated offensive targeting senior Maoist leaders.
As the forces moved through the rugged terrain, Maoists opened indiscriminate fire, leading to a fierce exchange. Security personnel responded swiftly, resulting in the death of 27 Maoists, including Basavaraju.
A large cache of weapons was recovered from the site, including AK-47s, SLRs, INSAS rifles, carbines, and other arms and ammunition.
Police officials confirmed that Basavaraju, around 70 years old and a native of Andhra Pradesh’s Srikakulam district, held several influential positions within the CPI (Maoist), including General Secretary, Chief of the Central Military Commission, Polit Bureau Member, and Central Committee Member. He was a key strategist and played a pivotal role in directing Maoist operations across multiple regions.
One DRG jawan was martyred in the line of duty, and his body has been sent to the District Headquarters in Narayanpur. Several other personnel were injured during the encounter but are reported to be in stable condition after receiving prompt medical care.
Despite the difficult terrain and operational challenges, security forces continue to comb the surrounding forest areas to locate any injured or absconding insurgents. Authorities have reiterated their unwavering commitment to eradicating Naxalism and restoring peace in the affected regions.
$12 million seed will be the largest funding round for climate tech in India
Funding round led by Lachy Groom with participation from existing investors
To accelerate investments in CDR, Earth Sciences R&D and advanced hardware
San Francisco and Bangalore, May 21, 2025 (GLOBE NEWSWIRE) — : Alt Carbon, a deep-tech science & data company, announced a $12 million seed funding round to build the agricultural infrastructure for climate action. The investment will help accelerate Carbon Dioxide Removal (CDR) in the Global South and expand Earth Sciences R&D, advance hardware innovations, and scale-up operations for durable climate action in India. The round was led by Lachy Groom, with participation from existing investors.
This marks the largest seed round for climate tech in India, underscoring the novelty of the technology, growing demand for removal-based carbon credits, and the burgeoning opportunity for India to become the world’s frontier for climate action.
“Alt Carbon is tackling a once-in-a-generation challenge. The personal journey of the founders, their technical approach, and ambitious vision will help us remove CO₂ from the atmosphere at gigaton scale — all while adapting agricultural land for climate impact. In just 18 months, the team has built a world-class lab, created proprietary models, and laid the foundation for a new class of carbon removal and agricultural infrastructure. This is a category-defining deep-tech company that will reshape how the world thinks about climate action,” said Lachy Groom, Investor and Co-founder ofPhysical Intelligence.
Alt Carbon uses a novel carbon removal method called Enhanced Rock Weathering (ERW), which involves sourcing waste basalt rock dust from mines and spreading it across agricultural fields. This volcanic rock not only improves soil health and crop yields but also reacts naturally with rainwater to remove carbon dioxide. When CO₂ in rainwater interacts with the basalt dust, a chemical reaction converts it into stable bicarbonate ions that are stored in the soil. Over time, these ions travel through river networks to the ocean, where they eventually reside as calcium carbonate (CaCO₃) for over 10,000 years.
Alt Carbon’s flagship initiative, The Darjeeling Revival Project(DRP), is a first-of-its-kind effort to unite climate action with cultural and ecological restoration. With an ambitious goal to remove carbon dioxide at scale, the DRP aims to not just remove CO₂ but also restore livelihoods, revive degraded soils and ecosystems, and preserve India’s most valued export: Darjeeling’s tea. The project represents a new model for climate action — one that’s rooted in science, powered by community, and driven by the belief that revivals require ambition and audacious bets.
“The climate crisis demands bold bets on science innovation, rethinking infrastructure, and deploying capital. Enhanced Rock Weathering is one of the most promising, permanent carbon removal pathways we have, and yet it’s vastly underbuilt. What sets us apart is our obsession with scientific depth: we’re building advanced labs and engineering the scientific backbone of a new era of climate action grounded in the Global South. Extraordinary crises require outsized ambition, and we now have the capital to kickstart a climate revolution and have a shot at gigaton-scale carbon removal,” said Co-founder & CEOShrey Agarwal,Alt Carbon.
In just the last two months, Alt Carbon signed two landmark agreements that signal a new chapter in climate collaboration between Japan and India. A strategic partnership with Mitsubishi Corporation marked a first of its kind framework for scaling Enhanced Rock Weathering (ERW) — a strong vote of confidence in both the science and Alt Carbon’s execution. This was followed by a historic offtake agreement with MOL Group to purchase 10,000 tonnes of carbon removal credits — the world’s first direct CDR offtake by a shipping company for ERW, and the first such deal between a Japanese and Indian company. Together, these partnerships not only validate ERW as a credible, scalable climate solution, but also mark the emergence of a robust Japan–India business corridor rooted in science-led, cross-border climate action.
Alt Carbon has also received early catalytic support from ACT, a leading non-profit philanthropy platform, and participation from existing investors and leading angels, including Shastra VC, Jason Zhao (Co Founder, PIP Labs), Awais Ahmed (Co Founder, Pixxel Space), Amarendra Singh (Co Founder, DeHaat), among others.
Nine months ago, Alt Carbon made history as the first India-headquartered company to be selected by Frontier, a $1 billion Advance Market Commitment backed by Stripe, Alphabet, Meta, Shopify, and McKinsey — to scale permanent carbon removal. Alt Carbon also became the first ERW company globally to receive an offtake agreement from the South Pole & Mitsubishi-led NextGen buyer’s coalition.
Alt Carbon also announced the appointment of Yashovardhan Bhagat (former co-founder of ed-tech platform Seekho) as Chief Operating Officer to scale its carbon removal operations across India, Adithya Venkatesan (former brand head at Gojek, Meesho and Last9) to lead the in-house Climate Studio, and Dr. Sourav Ganguly (PhD, Indian Institute of Science, Bangalore) to lead the science & modelling team.
“India needs $1 trillion of climate finance by 2030 alone to adapt our soil, rivers, and cities to climate impact. Globally, we need to remove 10 billion tons of CO₂ every year by 2050. We’re nowhere close to either of these targets. Our goal is to make India a hub for carbon removal. We plan to remove CO₂ at scale from the Global South, for the planet,” said Co-founder & President,Sparsh Agarwal. He added, “We thank the partners who have joined us in this ambitious, whirlwind journey, to revive Darjeeling, remove CO₂ and undo the clock for this planet.”
–
Notes to the editor For further information please contact the Alt Carbon press office: Adithya Venkatesan on adithya@alt-carbon.com Media images
About Alt Carbon Alt Carbon is a deeptech science and data company, building agri infrastructure for climate action. We aim to make South Asia a hub for Carbon Dioxide Removal (CDR) through technology pathways like Enhanced Rock Weathering. We work with farmers and scientists in the Global South, to turn underutilized land into carbon sinks. Our flagship initiative, the Darjeeling Revival Project (DRP), is a first-of-its-kind effort to unite climate action with cultural and ecological restoration — by reviving degraded soils, restoring livelihoods, and rebuilding ecosystems. We’re rooted in science, powered by community, and driven by the belief that revivals require ambitious people and audacious bets. Our mission is to remove 5 million metric tons of CO₂ by 2030.
About Lachy Groom Lachy Groom has invested in over 200 companies including Anduril, OpenAI, Ramp, Notion, Figma, and Zepto. Lachy was previously an early employee at Stripe where he helped scale the company to over 2,500 employees. During his time there he led several teams, including Core Payments, Financial Partnerships, Stripe’s expansion into the Asia Pacific, and Stripe Issuing. Lachy is also one of the six co-founders of Physical Intelligence.
About ACT ACT Capital Foundation is an Indian venture philanthropy platform that believes that an entrepreneurial mindset, technology and innovation and collective action have the power to create meaningful impact at scale. Driven by a bias for action, ACT funds and supports tech-first innovations that can address India’s most critical social need gaps at scale through capital, connections and collectives.
“ACT’s belief in backing tech-first innovations has helped lay the groundwork for Alt Carbon’s first field deployments and validate the efficacy of ERW to remove carbon at scale. Philanthropic capital reflects a shared commitment to help the country meet its decarbonisation goals by accelerating climate solutions that are rooted in local realities and scalable across the Global South,” said Alankrita Khera, Director,ACT.
SAN FRANCISCO – Tony Archuleta-Perkins, 49, of Palm Springs, was sentenced today to 37 months in federal prison. U.S. District Judge Jacqueline Scott Corley handed down the sentence.
Archuleta-Perkins, who was indicted in June 2024, pleaded guilty in December 2024 to one count of bank fraud in violation of 18 U.S.C. § 1344(2) and one count of engaging in monetary transactions in property derived from specified unlawful activity (money laundering) in violation of 18 U.S.C. § 1957.
Archuleta-Perkins was hired in 2017 by a San Francisco law firm and eventually became the Chief Financial Officer (CFO) of that firm as well as a related law firm. As the CFO, Archuleta-Perkins was in a position of trust and had access to the law firms’ payroll systems and end-to-end payments automation platforms. He used his position to embezzle more than $1 million while he worked at the firms. From 2017 through 2023, Archuleta-Perkins stole more than $1.3 million and used that money for, among other things, improvements to and mortgages on three houses he owned.
Acting United States Attorney Patrick D. Robbins and Federal Bureau of Investigation (FBI) Special Agent in Charge Sanjay Virmani made the announcement.
In addition to the prison term, Judge Corley also sentenced Archuleta-Perkins to a three-year period of supervised release and ordered him to pay restitution in the amount of $1,321,752.72.
Assistant U.S. Attorney Nikhil Bhagat is prosecuting the case. The prosecution is the result of an investigation by the FBI.
ANCHORAGE, Alaska – A suspended member of the Alaska Bar was arrested today after a federal grand jury in Alaska returned an indictment charging him with maintaining a drug-involved premise for the purpose of distributing and using controlled substances, and with possessing firearms as a prohibited person and in furtherance of drug trafficking.
According to court documents, in June 2023, law enforcement became aware of Justin Facey, 44, and his alleged facilitation of a drug trafficking organization run by a California prisoner, Heraclio Sanchez-Rodriguez.
Sanchez-Rodriguez was indicted on federal drug trafficking and murder charges in October 2023, and to date, over 60 other defendants have been charged in connection with the Sanchez-Rodriquez drug trafficking organization.
Facey allegedly continued his own drug trafficking operations after the indictment of Sanchez-Rodriguez and other co-conspirators. The indictment against Facey alleges that between April 2024 and 2025, he utilized his residence in Anchorage to distribute and use controlled substances, namely fentanyl and methamphetamine. It also alleges that on April 30, 2025, Facey possessed four firearms in furtherance of drug trafficking crimes.
The indictment further alleges that Facey unlawfully possessed firearms knowing that he was addicted to methamphetamine, a Schedule II controlled substance.
Court documents explain that Facey was suspended from practicing law on Feb. 24, 2025, following numerous bar complaints.
Facey is charged with one count of maintaining a drug-involved premises, one count of possession of firearms in furtherance of a drug trafficking crime and one count of possession of firearms by a prohibited person. The defendant is scheduled to make his initial court appearance on May 22, 2025, before U.S. Magistrate Judge Kyle F. Reardon of the U.S. District Court for the District of Alaska. If convicted, he faces between five years to life in prison. A federal district judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
Acting U.S. Attorney William Narus of the District of Oregon, Special Agent in Charge David Reames of the Drug Enforcement Administration (DEA) Seattle Field Division and Special Agent in Charge Rebecca Day of the FBI Anchorage Field Office made the announcement.
The U.S. Attorney’s Office for the District of Alaska has been recused from this case with the exception of certain personnel. Assistant U.S. Attorney Steven D. Clymer from the U.S. Attorney’s Office for the Northern District of New York has been appointed as Special Attorney to the United States Attorney General to assist with this and other recused cases. He reports to and acts under the direction of the Deputy Attorney General, or his delegee, or Acting U.S. Attorney Narus in these cases. Special Attorney Clymer supervises personnel from the District of Alaska who have been exempted from the recusal.
The DEA Anchorage District Office and FBI Anchorage Field Office, with assistance from the Anchorage Police Department, are investigating the case. If anyone has information concerning Facey’s alleged actions, please contact the FBI Anchorage Field Office at (907) 276-4441 or anonymously at tips.fbi.gov
Assistant U.S. Attorneys Adam Alexander and Jennifer Ivers are prosecuting the case.
An indictment is merely an allegation, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
Source: People’s Republic of China – State Council News
BEIJING, May 21 — China is seeking payload proposals for its Mars sample return mission and inviting overseas researchers to participate.
The China National Space Administration (CNSA) has called on overseas research institutions, including those in Hong Kong and Macao, to submit proposals for developing payloads for the Tianwen-3 mission.
The mission, a significant part of China’s planetary exploration program, is scheduled for launch around 2028.
The Tianwen-3 spacecraft comprises a lander, an ascent vehicle, a service module, an orbiter and a return module, and it is equipped with six scientific payloads.
The six payloads, namely, the Raman fluorescence spectrometer, ultra-wideband exploration radar, mid-infrared superfine imaging spectrometer, Mars global multicolor camera, descent ENA aurora detector and high-precision vector magnetometer, are all open to overseas researchers, according to a notice released by the CNSA.
The CNSA requires that all payload projects be led by a domestic institution, with no more than five entities involved in the joint development of a single payload.
Last month, the administration announced that it would offer payload resources for international cooperation, with up to 15 kilograms available on the orbiter and 5 kilograms on the service module.
The primary scientific objective of the mission is to search for signs of life on Mars. Other areas of exploration include the Martian climate and its evolution, the planet’s geology and its internal processes.
Source: United States Senator for Minnesota Amy Klobuchar
WATCH KLOBUCHAR’S FULL REMARKS AND QUESTION HERE
WASHINGTON – U.S. Senator Amy Klobuchar (D-MN), Ranking Member of the Senate Judiciary Subcommittee on Privacy, Technology, and the Law, held a hearing titled “The Good, the Bad, and the Ugly: AI-Generated Deepfakes in 2025.”
Testifying at the hearing was Country Music Singer-Songwriter, Martina McBride; CEO of the Recording Industry Association of America, Mitch Glazier; Senior Legal Counsel at the National Center on Sexual Exploitation (NCOSE), Christen Price; Director of Technology Policy at Consumer Reports, Justin Brookman; and Head of Music Policy at Youtube, Suzana Carlos.
“AI-enabled scams have become far too common. We know that it takes only a few seconds of audio to clone a voice. Criminals can pull the audio sample and personal back story from public sources, said Klobuchar at the hearing. “We also need rules of the road to ensure that AI technologies empower artists and creators and not undermine them. Art just doesn’t entertain us. It’s something that uplifts us and brings us together.”
“That’s why this NO FAKES Act is so important. It protects people from having their voice and likeness replicated using AI without their permission, all within the framework of the Constitution, and it protects everybody, because everyone should have a right to privacy.”
A rough transcript of Klobuchar’s opening remarks and questions is available below. Video is available HERE.
Senator Klobuchar: Thank you very much, Senator Blackburn, I’m very excited about this subcommittee and the work we’ve already done together for years on this issue and similar issues when it comes to tech.
I share your hopes for AI and see that we’re on this cusp of amazing advancements if this is harnessed in the right way, but I’m also concerned if things go the wrong way. I think it was David Brooks, a columnist, that said he has trouble writing about it because he doesn’t know if it will take us to Heaven or Hell. So it’s our job to head to heaven, and it’s our job to put some rules in place, and this is certainly one of them.
We want this to work for children, for consumers, for artists, and not against them. And you brought up the example Chair, of Randy Travis who was at the event that we recently had with you, and Senator Coons and myself about the bill and how he used AI in such a positive way. But then we know there are these risks.
And one of the things that I think is really exciting about this week is that, in fact, on Monday, the President signed my bill with Senator Cruz, the TAKE IT DOWN Act, into law. This was a bill I discussed with him and the First Lady at the inaugural lunch.
It’s an example of “use-every-moment-you-have” to advance a cause. And then she supported the bill and helped to get it passed in the House. Senator Cruz and I had already passed it in the Senate, and we were having some trouble getting it done over in the House. So we’re really pleased, because it actually does set some track moving forward, even though this bill, that bill, is about nonconsensual porn, both AI created and non AI created, it’s had huge harmful effects, about 20 some suicides a year of young kids who think they’re sending a picture innocently to a girlfriend or a potential boyfriend, and then it gets sent out on their school internet. It gets sent out to people they know, and basically, they believe their life is in ruins, and don’t have any other context, and take their own lives. And that’s just the most obvious and frightful part of this, but there’s others as well. So I’m hoping this is going to be a first step to some of the work that we can do, including with the bill that we’re going to be discussing today.
AI-enabled scams have become far too common. We know that it takes only a few seconds of audio to clone a voice. Criminals can pull the audio sample and personal back story from public sources.
Just last week, the FBI was forced to put out an alert about scams using AI-cloned voices of FBI agents and officials asking people for sensitive payment information.
Jamie Lee Curtis was forced to make a public appeal to Mark Zuckerberg to take down an unauthorized, deepfake ad that included her digital replica endorsing a dental product. While Meta removed the ad after her direct outreach, most people don’t have that kind of influence.
We also need rules of the road to ensure that AI technologies empower artists and creators and not undermine them. Art just doesn’t entertain us. It’s something that uplifts us and brings us together.
When I recently met with Cory Wong, a Grammy-nominated artist from Minnesota, he talked about how unauthorized digital replicas threaten artists’ livelihoods and undermine their ability to create art.
So this is not just a personal issue. It’s also an economic issue. One of the reasons our country, one of our best exports to the world, is music and movies. When you look at the numbers and how we’ve been able to captivate people around the world, that’s going to go away if people can just copy everything that we do.
And one of the keys to our success as a nation in innovation has been the fact, and Senator Coons does a lot of work in this area, [that] we’ve been able to respect copyrights and patents and people’s own right to their own products.
So that’s why this NO FAKES Act is so important. It protects people from having their voice and likeness replicated using AI without their permission, all within the framework of the Constitution, and it protects everybody, because everyone should have a right to privacy.
I also am working in the space on AI to put some base rules in place in my role on the Commerce Committee. Senator Thune and I have a bill that we’re reintroducing on this to set some rules for NIST to be able to put out there for companies that are using AI. And then I’m always concerned about its effect on democracy, but that is for a different day and in a different committee.
But I do want to thank Senator Blackburn for her willingness to come out on doing something about tech, including the work she does with Senator Blumenthal, the work that we’ve done together on commerce. And if Monday is any sign with the first bill getting through and there in that Rose Garden signing ceremony, there’s more to come, and so thank you and look forward to hearing from the witnesses.
…
Klobuchar: All right. Thank you very much. I guess I’ll start with Mr. Brookman, the non-Grammy winner. I want to talk to you just a little bit about this consumer angle here, which I think is interesting to people. And I think at its core, all of us involved in this legislation have made it really clear that’s not just people who are well known that will be hurt by this eventually, and that getting this bill passed as soon as possible is just as important for everyone, but I do so appreciate Ms. McBride being willing to come forward, because those stories and the stories that we’ve heard from, like I mentioned, Jamie Lee Curtis, or the stories that we’ve heard from many celebrities, are very important to getting this done. So you just did a report on AI-generated voice cloning scams, including that, AI voice cloning applications, in the words of the report, presents a clear opportunity for scammers, and we need to make sure our consumer protection enforcers are prepared to respond to the growing threat of these scams. I had this happen to my state director’s husband, who their kid is in the Marines, and they got a call. They figured out that it wasn’t really him asking for stuff and money. They knew he couldn’t call from where he was deployed to. This is just going to be happening all over the place, and the next call will be to a grandma who thinks it’s real, and she sends her life savings in. So I have called on the FTC and the FCC to step up their efforts to prevent these voice cloning scams. And what are some of the tools that agencies need to crack down on these scams, even outside of this bill?
Justin Brookman: Yeah, absolutely, so I think the first thing the Federal Trade Commission probably needed is more resources. They only have like 1200 people right now for the entire economy. That’s down from like seven, that’s down from like 100 just in the past couple of months.
Klobuchar: Down from way down from even during like, the Nixon Era.
Brookman: Yeah, like 1700 it used to be and the economy has grown like three or four times. Chairman Ferguson has, Chairman Ferguson has said more cuts are coming, which I think is the wrong direction. I worked for the Federal Trade Commission for a couple of years. We could not do, like, a fraction of all the things that we wanted to do to protect consumers, so more people, more capacity, more technologists. Like, there’s just not enough technology capacity in government. I was in the office of technology research and investigation there, that was like five people. That’s just not enough, obviously, with all these very sophisticated, I mean, just deep fakes alone, let alone the rest of the tech economy, the ability to get penalties and even injunctive relief, right if someone, if someone gets caught stealing something, the FTC often doesn’t have the ability to make them give the money back. I know this, under this committee has tried to restore that authority, but that would be important. And also, like again, maybe the FTC could have rule-making authority. But also this, I would like to see Congress consider legislative authority to address tools like again, if you are offering a tool that can be used only for harm, voice impersonation, deepfake pornographic images, maybe there should, there should be responsibilities to make sure it’s not being used for harm.
Klobuchar: Okay, thank you. Ms. Carlos, can you talk about what YouTube is doing to ensure it’s not facilitating these scams?
Suzana Carlos: Sure, and thank you for the question, Senator.
Klobuchar: And thanks for your support for the bill
Carlos: Of course. So, just to primarily consider, we obviously see great and tremendous opportunity coming from AI, but we also acknowledge that there are risks, and it is our utmost responsibility to ensure that it is deployed responsibly. So we’ve taken a number of efforts to protect against unharmful contact on our platform. Primarily, we have uploaded, we have updated our privacy policies last year to ensure that all individuals can now submit a notice to YouTube when their unauthorized voice or likeness has been used on our platform, and once reviewed, if it is applicable, and we’ve confirmed that that content should be removed, we will take it down. We’ve additionally implemented watermarks on our AI products. We originally began with both image and watermarks using our SynthID technology, and we’ve recently expanded it to also be applied to text generated from our Gemini app and web experience. And most recently, as part of our VO video tool. We’ve also taken the additional step to become a member of C2PA, the Coalition for Content Provenance and Authenticity, and there, we’re serving as a steering member to work with the organization to create indicators and markings that will allow the content provenance that was created off platforms to additionally be recognized, and we’re deploying those technologies across our platform.
Klobuchar: Okay, thank you. We mentioned the TAKE IT DOWN Act, and thank you for the support for that. Mr. Glazer, you talked about how this is the first federal law related to generative AI, and that it’s a good first step. And could you talk about how, if we don’t move on from there and we just stop and don’t do anything for years, which seems to be what’s been going on, what’s going to happen here, and why it’s so important to do this.
Mitch Glazier: I think there’s a very small window, and an unusual window, for Congress to get ahead of what is happening before it becomes irreparable. The TAKE IT DOWN Act was an incredible model. It was done for criminal activity, you know, …
Klobuchar: Yeah, I know.
Glazier: Yeah, right. You know, you wrote it, but it was a great model, but it only goes so far. But we need to use that model now, and we need to expand it carefully in a balanced way to lots of other situations, which is exactly what the NO FAKES Act does. And I think, you know, we have a very limited amount of time in order to allow people and platforms to act before this gets to a point where it’s so far out of the barn that instead of encouraging responsible AI development, instead, we allow investment and capital to go into AI development that hurts…
Klobuchar: Stealing things…
Glazier: So let’s encourage investment the right way to boost great AI development and be first. Let’s not be the folks that encourage investment in AI technologies that really harm us.
Klobuchar: And Ms. Price, you’ve expressed concerns about this 10-year moratorium on state rules. I’m very concerned, having spent years trying to pass some of these things, and I think that one of the ways we pass things quickly, like Mr. Glazier was talking about, is if people actually see a reason that they don’t want to patch work, they want to get it done. But if you just put a moratorium, and you look at, like, the Elvis law coming out of Tennessee, Ms. McBride, and some of the other things that would stop all of that. Could you, my last question here before we go to another round, could you talk about why you’re concerned about what is right in front of us now, which is this 10-year moratorium?
Christen Price: Yes, thank you for the question, Senator. We’re concerned about the moratorium because it’s basically signaling to the AI companies that they can kind of do whatever they want in the meantime, and it inhibits States’ ability to adapt their laws to this form of technology that’s changing very quickly and then has this potential to cause great harm.
Klobuchar: Thank you.
MIAMI – Yesterday, Tramaine Liptrot, 43, a police officer with the City of Miami Police Department (MPD) who has been relieved of duty, pleaded guilty to wire fraud in connection with fraudulent applications for two Paycheck Protection Program (PPP) loans totaling over $200,000. Liptrot entered his guilty plea in Miami before U.S. District Judge Beth Bloom.
According to the facts admitted at the change of plea hearing, Liptrot, along with being an MPD Police Officer, was the owner and President of Liptrots Tax Services L.L.C (Liptrots Tax). With the assistance of an associate, Liptrot fraudulently obtained two PPP loans in the name of Liptrots Tax.
On June 22, 2020, working with the associate, Liptrot caused the submission of a false and fraudulent PPP loan application on behalf of Liptrots Tax, falsely claiming that Liptrots Tax had an average monthly payroll of $36,700 for four employees, and a fraudulent IRS Form 944 in support thereof, falsely claiming that Liptrots Tax paid its employees $440,397 during 2019. As a result of this fraudulent PPP application, Liptrots Tax obtained approximately $91,750 in PPP loan proceeds from an SBA approved PPP lender.
On March 3, 2021, again working with the associate, Liptrot caused the submission of a false and fraudulent second-draw PPP loan application on behalf of Liptrots Tax, falsely claiming that Liptrots Tax had an average monthly payroll of $43,369, and including as part of the application process, a fraudulent IRS Form 944, falsely claiming that Liptrots Tax paid $496,428 in wages and other compensation in 2020. As a result of this fraudulent second-draw PPP application, Liptrots Tax obtained approximately $108,422 in PPP loan proceeds from a different SBA approved PPP lender.
Liptrot is scheduled for sentencing on August 6, 2025, at 10:30 a.m., where he faces a possible maximum sentence of up to 20 years in prison.
U.S. Attorney Hayden P. O’Byrne for the Southern District of Florida, acting Special Agent in Charge Brett D. Skiles of FBI Miami and Special Agent in Charge Amaleka McCall-Brathwaite, U.S. Small Business Administration Office of Inspector General (SBA-OIG), Eastern Region, announced the guilty plea.
FBI Miami’s Area Corruption Task Force, which includes task force officers from the City of Miami Police Department’s Internal Affairs Section, and SBA-OIG investigated the case. Assistant U.S. Attorney Edward N. Stamm is prosecuting the case and Assistant U.S. Attorney Gabrielle Raemy Charest-Turken is handling asset forfeiture.
In March 2020, the Coronavirus Aid, Relief, and Economic Security (CARES) Act was enacted. It was designed to provide emergency financial assistance to the millions of Americans suffering the economic effects caused by the COVID-19 pandemic. Among other sources of relief, the CARES Act authorized and provided funding to the SBA to provide Economic Injury Disaster Loans (EIDLs) to eligible small businesses, including sole proprietorships and independent contractors, experiencing substantial financial disruptions due to the COVID-19 pandemic to allow them to meet financial obligations and operating expenses that could otherwise have been met had the disaster not occurred. EIDL applications were submitted directly to the SBA via the SBA’s on-line application website, and the applications were processed and the loans funded for qualifying applicants directly by the SBA.
On May 17, 2021, the Attorney General established the COVID-19 Fraud Enforcement Task Force to marshal the resources of the Department of Justice in partnership with agencies across government to enhance efforts to combat and prevent pandemic-related fraud. The Task Force bolsters efforts to investigate and prosecute the most culpable domestic and international criminal actors and assists agencies tasked with administering relief programs to prevent fraud by, among other methods, augmenting and incorporating existing coordination mechanisms, identifying resources and techniques to uncover fraudulent actors and their schemes, and sharing and harnessing information and insights gained from prior enforcement efforts. For more information on the Department’s response to the pandemic, please visit https://www.justice.gov/coronavirus.
On September 15, 2022, the Attorney General selected the Southern District of Florida’s U.S. Attorney’s Office to head one of three national COVID-19 Fraud Strike Force Teams. The Department of Justice established the Strike Force to enhance existing efforts to combat and prevent COVID-19 related financial fraud. For more information on the department’s response to the pandemic, please click here.
Anyone with information about allegations of attempted fraud involving COVID-19 can report it by calling the Department of Justice’s National Center for Disaster Fraud (NCDF) Hotline at 866-720-5721 or via the NCDF Web Complaint Form at: https://www.justice.gov/disaster-fraud/ncdf-disaster-complaint-form.
Related court documents and information may be found on the website of the District Court for the Southern District of Florida at www.flsd.uscourts.gov or at http://pacer.flsd.uscourts.gov, under case number 23-cr-20155.
A Texas rheumatologist was sentenced to 10 years in prison and three years of supervised release for perpetrating a health care fraud scheme involving over $118 million in false claims and the payment of over $28 million by insurers as a result of him falsely diagnosing patients with chronic illnesses to bill for tests and treatments that the patients did not need. Jorge Zamora-Quezada M.D., 68, of Mission, also falsified patient records to support the false diagnoses after receiving a federal grand jury subpoena. Following a 25-day trial, Zamora-Quezada was convicted of one count of conspiracy to commit health care fraud, seven counts of health care fraud, and one count of conspiracy to obstruct justice. In addition to his prison term, Zamora-Quezada was ordered to forfeit $28,245,454, including 13 real estate properties, a jet, and a Maserati GranTurismo.
According to the evidence presented at trial, Zamora-Quezada falsely diagnosed his patients with rheumatoid arthritis and administered toxic medications in order to defraud Medicare, Medicaid, TRICARE, and Blue Cross Blue Shield. The fraudulent diagnoses made the defendant’s patients believe that they had a life-long, incurable condition that required regular treatment at his offices. After falsely diagnosing his patients, Zamora-Quezada administered unnecessary treatments and ordered unnecessary testing on them, including a variety of injections, infusions, x-rays, MRIs, and other procedures—all with potentially harmful and even deadly side effects. To receive payment for these expensive services, Zamora-Quezada fabricated medical records and lied about the patients’ condition to insurers.
“Dr. Zamora-Quezada funded his luxurious lifestyle for two decades by traumatizing his patients, abusing his employees, lying to insurers, and stealing taxpayer money,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. “His depraved conduct represents a profound betrayal of trust toward vulnerable patients who depend on care and integrity from their doctors. Today’s sentence is not just a punishment—it’s a warning. Medical professionals who harm Americans for personal enrichment will be aggressively pursued and held accountable to protect our citizens and the public fisc.”
“Through the false diagnoses and excessive false billing, Dr. Zamora-Quezada abused both patient trust and public resources,” said Special Agent in Charge Jason E. Meadows of the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG). “It is imperative to investigate and address this form of fraud — not only to protect vulnerable individuals from harm but to uphold the integrity of the federal health care system and safeguard the use of public funds.”
“The FBI is dedicated to working with all of our partners to address health care fraud,” said Special Agent in Charge Aaron Tapp of the FBI’s San Antonio Field Office. “This case was not only a concern to us because of the financial loss — the physical and emotional harm suffered by the patients and their families was alarming and profound. We hope this significant sentence will help bring closure to the many victims in this case.”
Evidence at trial established that Dr. Zamora-Quezada falsely diagnosed patients in order to defraud insurers and enrich himself. Other rheumatologists in the Rio Grande Valley testified at trial that they saw hundreds of patients previously diagnosed with rheumatoid arthritis by Zamora-Quezada who did not have the condition, prompting one physician to explain that for “most” it was “obvious that the patient did not have rheumatoid arthritis.” Zamora-Quezada’s false diagnoses and powerful medications caused debilitating side effects on his patients, including strokes, necrosis of the jawbone, hair loss, liver damage, and pain so severe that basic tasks of everyday life, such as bathing, cooking, and driving, became difficult. As one patient testified, “Constantly being in bed and being unable to get up from bed alone, and being pumped with medication, I didn’t feel like my life had any meaning.” One mother described how she felt that her child served as a “lab rat,” and others described abandoning plans for college or feeling like they were “living a life in the body of an elderly person.”
Former employees detailed how Zamora-Quezada imposed strict quotas for procedures, leading to a climate of fear. Zamora-Quezada referred to himself as the “eminencia” — or eminence, threw a paperweight at an employee who failed to generate enough unnecessary procedures, hired employees he could manipulate because they were on J-1 visas and their immigration status could be jeopardized if they lost their jobs, and fired those who challenged him. Testimony also revealed Zamora-Quezada’s obstruction of insurer audits by fabricating missing patient files, including by taking ultrasounds of employees and using those images as documentation in the patient records. Testimony at trial established that Zamora-Quezada told employees to “aparecer” the missing records — “to make them appear.” Former employees also recounted being sent to a dilapidated barn to attempt to retrieve records. There, files were saturated with feces and urine, rodents, and termites that infested not only the records but also the structure.
Zamora-Quezada’s patient file storage facility
Zamora-Quezada used proceeds from his crimes to fund a lavish lifestyle, replete with real estate properties across the country and in Mexico, a jet, and a Maserati.
One of Zamora-Quezada’s luxury properties
Zamora-Quezada’s jet
FBI, HHS-OIG, Texas HHS-OIG, and the Texas Medicaid Fraud Control Unit investigated the case, with assistance from the Defense Criminal Investigative Service.
Principal Assistant Chief Jacob Foster and Assistant Chiefs Rebecca Yuan and Emily Gurskis of the Criminal Division’s Fraud Section and Assistant U.S. Attorney Laura Garcia for the Southern District of Texas prosecuted the case. Assistant U.S. Attorney Kristine Rollinson handled asset forfeiture. Fraud Section Assistant Chief Kevin Lowell initially handled the prosecution. The prosecution team thanks the Fraud Section’s Data Analytics Team, whose work initiated the investigation, Victim Witness Specialist Olga De La Rosa of the U.S. Attorney’s Office for the Southern District of Texas, and the Texas Department of Insurance.
The Fraud Section leads the Criminal Division’s efforts to combat health care fraud through the Health Care Fraud Strike Force Program. Since March 2007, this program, currently comprised of nine strike forces operating in 27 federal districts, has charged more than 5,800 defendants who collectively have billed federal health care programs and private insurers more than $30 billion. In addition, the Centers for Medicare & Medicaid Services, working in conjunction with HHS-OIG, are taking steps to hold providers accountable for their involvement in health care fraud schemes. More information can be found at www.justice.gov/criminal-fraud/health-care-fraud-unit.
HOUSTON – A 64-year-old man has been convicted of all counts as charged for leading a Medicare fraud scheme involving the submission of falsified medical records, announced U.S. Attorney Nicholas J. Ganjei.
The jury deliberated for less than two hours before convicting Paul Njoku following a three-day trial.
Njoku owned and operated a home health care agency called Opnet Health Care Services Inc. doing business as P & P Health Care Services. Njoku was the owner and CEO.
The jury heard testimony from witnesses that Njoku, or others working at his direction, forged signatures of doctors and nurses. Specifically, Njoku and others cut out old signatures and taped them onto newly created doctors’ orders, nursing notes and nursing assessments. Medicare required home health agencies to maintain these documents to obtain payment for providing home health services. Njoku then submitted the falsified records in response to a request for records from Medicare.
The jury also heard about a registered nurse who had departed Opnet in 2017. Njoku continued using her signature on nursing notes and assessments in 2018 and 2019 without her knowledge or consent.
A witness also testified that Njoku bribed a doctor in exchange for approving home health services.
From 2015 to 2019, Opnet billed Medicare over $400,000 in claims for home health services and received over $360,000. Opnet did not maintain the required documentation for many of them and later falsified records to support the claims.
During the trial, a representative testified that Medicare would not have paid these claims had Medicare known there was no documentation or that they were based on falsified records.
“It is absolutely paramount that Americans—both as patients and as taxpayers—have confidence in the integrity of medical providers that receive Medicare funds. Here, the defendant unrepentantly abused that trust by engaging in bribery and stealing from Medicare,” said Ganjei. “With today’s guilty verdict, the Southern District of Texas aims to restore some of that lost trust. I thank the jury for their time and attention to this important case.”
The defense attempted to blame another person for the fraud. The jury did not believe those claims and found him guilty as charged.
U.S. District Judge Alfred H. Bennett presided over the trial and will set sentencing at a later date. At that time, Njoku will face a maximum of 10 years for conspiracy to commit health care fraud, five years for two counts of false statements relating to health care matters as well as another two years for the identity theft which must be served consecutively to any other prison term imposed. The convictions also carry a possible $250,000 fine for each count.
He was permitted to remain on bond pending sentencing.
The FBI, Department of Health and Human Services-Office of the Inspector General and Texas Attorney General’s Medicaid Fraud Control Unit conducted the investigation. Assistant U.S. Attorneys Christian Latham and Kathryn Olson are prosecuting the case.
Defendant Misappropriated Millions of Dollars of Investors’ Funds for His Own Use Including to Purchase Real Estate and Luxury Vehicles
Earlier today, at the federal courthouse in Brooklyn, a federal jury convicted Braden John Karony on all counts of a three-count indictment charging him with conspiracy to commit securities fraud, wire fraud, and money laundering. The charges arose from the defendant’s and his co-conspirators’ roles in defrauding investors in a decentralized finance digital asset called “SafeMoon,” issued by their company SafeMoon LLC. As alleged, the defendant agreed with his co-conspirators to lie to SafeMoon investors about whether SafeMoon executives could access the liquidity pool and whether they were using the assets from the liquidity pool for their personal benefit. As SafeMoon’s market capitalization grew to more than $8 billion, the defendant fraudulently diverted and misappropriated millions of dollars’ worth of liquidity from the SafeMoon liquidity pool for their personal benefit. The verdict followed a 12-day trial before United States District Judge Eric R. Komitee. When sentenced, Karony faces up to 45 years in prison. The jury also issued a verdict to forfeit one residential property and the proceeds from the sale of another residential property, amounting to approximately $2 million.
Joseph Nocella, Jr., United States Attorney for the Eastern District of New York; Christopher G. Raia, Assistant Director in Charge, Federal Bureau of Investigation, New York Field Office (FBI); Harry T. Chavis, Jr., Special Agent in Charge, Internal Revenue Service Criminal Investigation, New York (IRS-CI); and Darren B. McCormack, Acting Special Agent in Charge, Homeland Security Investigations, New York (HSI New York) announced the verdict.
“As proven at trial, the SafeMoon digital asset was anything but safe and turned out to be pie in the sky for investors who were deliberately misled by Karony, a man who sought to get rich quick by stealing and diverting millions of dollars,” stated United States Attorney Nocella. “Karony used his scheme to purchase multiple homes, sports cars, custom trucks, and other luxury goods. Today’s guilty verdict should serve as a warning to all would-be fraudsters that my Office will vigorously prosecute individuals like the defendant who victimize digital asset investors and undermine investor confidence in digital assets markets, thereby threatening the stability and growth of these emerging technologies.”
Mr. Nocella expressed his appreciation to the U.S. Securities and Exchange Commission for its work on the case.
“Braden Karony, the CEO of SafeMoon, exploited his company’s digital portfolio with fictional success stories and stole millions of dollars in crypto-assets to finance luxury purchases,” stated FBI Assistant Director in Charge Raia. “Along with his co-conspirators, Karony violated his clients’ trust and wallets while attempting to conceal his misconduct through discreet transactions. May today’s conviction emphasize the FBI’s commitment to securing all markets and protecting the American people from individuals who abuse their position to satisfy personal greed.”
“Braden Karony misled investors; intentionally diverted and misappropriated millions in cryptocurrency for his personal benefit; and lined the driveways of his million dollar homes with luxury cars. While the name of his company is SafeMoon, there was nothing safe about this investment that was just a front for theft. By following the money with complex cryptocurrency tracing, IRS-CI New York’s Cyber and J5 groups worked with our investigative partners to see that this conman is held accountable for his greedy acts,” stated IRS-CI New York Special Agent in Charge Chavis. “The Joint Chiefs of Global Tax Enforcement (J5) is a global partnership that works together to gather information, share intelligence, and conduct coordinated operations against transnational financial crimes. The J5 includes the Australian Taxation Office, the Canada Revenue Agency, the Dutch Fiscal Intelligence and Investigation Service, His Majesty’s Revenue and Customs from the U.K. and IRS-CI from the U.S.”
“Steered by his selfish desires and insatiable greed, Braden John Karony treated millions of dollars in investors’ funds as his own personal bank account,” stated HSI New York Acting Special Agent in Charge McCormack. “The defendant will soon be trading his sprawling real estate and luxury vehicles for a jail cell within the four walls of a federal penitentiary. As reflected by today’s conviction, whether it involves fiat or crypto, HSI New York’s El Dorado Task Force will relentlessly pursue individuals intent on exploiting investors and the American financial system for their own gain.”
Background on SafeMoon
As proven at trial, SafeMoon tokens were digital assets first issued in March 2021 by SafeMoon LLC on a public blockchain. Through the operation of SafeMoon’s smart contract, every transaction in SafeMoon was automatically subject to a 10% tax, meaning, for example, that if a holder of SafeMoon transferred 10 SafeMoon to another user, 1 SafeMoon would automatically be retained from the transfer as a tax and the remaining 9 SafeMoon would be received by the other party. As marketed to SafeMoon investors, the proceeds of SafeMoon’s 10% tax were split into two 5% tranches, the proceeds of which were supposed to benefit holders of SafeMoon in specific ways. The first 5% tranche of the tax proceeds would be “reflected” back to, and distributed among, all SafeMoon holders in proportion to their current SafeMoon holdings and thereby increase the total quantity of SafeMoon held by every SafeMoon investor automatically. The remaining 5% tranche of SafeMoon tax proceeds would be deposited into designated SafeMoon liquidity pools. The larger the SafeMoon liquidity pool, the greater the liquidity in the market for SafeMoon. In the months after its launch in March 2021, SafeMoon grew to have millions of holders and a market capitalization of more than $8 billion.
The Defendants’ Fraudulent Scheme
Karony and his co-conspirators misrepresented various material aspects of the SafeMoon offering to investors. Such misrepresentations included that SafeMoon relied on “locked” liquidity pools that would automatically increase in size due to a 10% tax imposed on every SafeMoon transaction; that the “locked” SafeMoon liquidity pool prevented the defendants and other insiders at SafeMoon from being able to “rug pull”—a type of crypto fraud— SafeMoon investors by removing liquidity from the SafeMoon liquidity pool; that tokens in the liquidity pool would only be used for limited pre-defined business purposes, not personal enrichment; that the defendants would manually add token pairs to the SafeMoon liquidity pool when transactions of SafeMoon occurred on specific centralized exchanges; and that the developers were not and had not been holding and trading SafeMoon for their benefit.
In reality, Karony and his co-conspirators retained access to the SafeMoon liquidity pools and used that access to intentionally divert and misappropriate millions of dollars’ worth of tokens for their personal benefit. In addition, although they publicly denied that they personally held or traded SafeMoon, they repeatedly bought and sold SafeMoon, sometimes at the height of SafeMoon market price, which generated millions of dollars in profits. Karony and his co-conspirators masked their movement of the fraudulent proceeds via numerous private un-hosted crypto wallet addresses, complex transaction routing, and pseudonymous centralized exchange accounts. Karony acquired over $9 million in crypto assets from the scheme and used some of the proceeds to purchase luxury vehicles and real estate, including a $2.2 million home in Utah, additional homes in Utah and Kansas, a $277,000 Audi R8 sports car, another Audi R8, a Tesla, and custom Ford F-550 and Jeep Gladiator pickup trucks.
Co-conspirator Thomas Smith previously pleaded guilty and is awaiting sentencing. Co-conspirator Kyle Nagy remains at large.
The government’s case is being handled by the Office’s Business and Securities Fraud Section. Assistant United States Attorneys Dana Rehnquist, Sara K. Winik, and Jessica K. Weigel are in charge of the prosecution, with assistance from Paralegal Specialists Asher Martin-Rosenthal and Madison Bates. Assistant United States Attorney Laura Mantell is handling forfeiture matters.
CALGARY, Alberta, May 21, 2025 (GLOBE NEWSWIRE) — Reconnaissance Energy Africa Ltd. (the “Company” or “ReconAfrica”) (TSXV: RECO) (OTCQX: RECAF) (Frankfurt: 0XD) (NSX: REC) announces an update to its investor relations contact, an update on the transaction with Namcor Exploration and Production (Pty) (“NAMCOR”) announced in the Company’s news release dated September 22, 2022 and that it intends to extend the expiry date of certain common share purchase warrants of the Company.
UPDATE TO INVESTOR RELATIONS CONTACT
Mr. Grayson Andersen has left ReconAfrica to pursue new career opportunities. The Company, its Board of Directors and Management thank Grayson for his contributions and wish him the best in his future endeavours.
Effective immediately, Mark Friesen has joined ReconAfrica as Managing Director, Investor Relations and Capital Markets and is based in Calgary. Mark has extensive energy finance and investor relations experience in the Canadian and U.S. markets. Mark’s prior corporate experience includes being the Director of Investor Relations with Kiwetinohk Energy Corp. and doing business development and corporate planning with Kiwetinohk, Murphy Oil Corporation and through his own consulting company. Mark began his career in equity research covering the energy sector at Bank of Montreal (BMO), FirstEnergy Capital Corp., TD Bank and Royal Bank of Canada (RBC). Mark holds a CFA (Chartered Financial Analyst) designation and received a Bachelor of Commerce (Hons) degree in Finance from the University of Manitoba.
Investors can continue to contact the Company by email at investors@reconafrica.com or by phone at +1-877-631-1160.
UPDATE ON NAMCOR TRANSACTION
The Company and NAMCOR have not yet completed the transaction pursuant to the definitive purchase and sale agreement announced September 22, 2022, but report that discussions are ongoing.
PROPOSED WARRANT EXTENSION
The Company intends to extend the expiry date of an aggregate 6,795,454 outstanding common share purchase warrants of the Company (the “July Warrants”) by 18 months to January 18, 2027 and an aggregate 1,071,500 outstanding common share purchase warrants of the Company (the “September Warrants” and collectively with the July Warrants, the “Warrants”) by 18 months to February 1, 2027 (collectively with the extension of July Warrants, the “Extension”).
The July Warrants were issued pursuant to a public offering which closed on July 18, 2023 and are set to expire on July 18, 2025. The July Warrants were issued pursuant to a warrant indenture dated July 18, 2023 between the Company and Odyssey Trust Company. Each July Warrant entitles the holder thereof to acquire one common share of the Company at a price of CAD $1.35 and all other terms of the July Warrants, including exercise price, will remain the same.
A total of 295,227 outstanding compensation warrants issued as compensation to the underwriters for part of the financing in July 2023 cannot be extended and will expire on July 18, 2025.
The September Warrants were issued pursuant to a non-brokered private placement which closed on September 1, 2023 and are set to expire on September 1, 2025. Each September Warrant entitles the holder thereof to acquire one common share of the Company at a price of CAD $1.40 and all other terms of the September Warrants, including exercise price, will remain the same.
220,000 of the July Warrants are held by parties who are considered to be “related parties” of the Company. The September Warrants are all held by parties who are considered to be “related parties” of the Company. Therefore, the amendment of Warrants constitutes a “related party transaction” as contemplated by Multilateral Instrument 61-101 Protection of Minority Shareholders in Special Transactions, and TSXV Policy 5.9 Protection of Minority Shareholders in Special Transactions. However, the exemptions from formal valuation and minority approval requirements provided for by these guidelines have been relied upon as the fair market value of the Warrants held by insiders does not exceed 25% of the market capitalization of the Company.
The Extension remains subject to receipt of approval of the TSX Venture Exchange.
About ReconAfrica
ReconAfrica is a Canadian oil and gas company engaged in the exploration of the Damara Fold Belt and Kavango Rift Basin in the Kalahari Desert of northeastern Namibia, southeastern Angola, and northwestern Botswana, where the Company holds rights to petroleum licences comprising over 13 million acres. The Company will be drilling its next well, Prospect I which is located onshore Namibia in Petroleum Exploration Licence 073 (“PEL 73”). This will be the Company’s largest exploration prospect drilled to date. In all aspects of its operations, ReconAfrica is committed to minimal disturbance of habitat in line with international standards and implementing environmental and social best practices in all of its project areas.
Neither the TSXV nor its Regulation Services Provider (as that term is defined in policies of the TSXV) accepts responsibility for the adequacy or accuracy of this release.
For further information contact:
Brian Reinsborough, President and Chief Executive Officer | Tel: +1-877-631-1160
Mark Friesen, Investor Relations | Tel: +1-877-631-1160
Certain statements contained in this press release constitute forward-looking information under applicable Canadian, United States and other applicable securities laws, rules and regulations, including, without limitation, the Company’s commitment to minimal disturbance of habitat, in line withbest international standards and its implementation of environmentalandsocialbestpracticesinallofitsprojectareas.Thesestatementsrelatetofutureeventsorfutureperformance. The use of any of the words “could”, “intend”, “expect”, “believe”, “will”, “projected”, “estimated” and similar expressions and statements relating to matters that are not historical facts are intended to identify forward-looking information and are based on ReconAfrica’scurrentbelieforassumptionsastotheoutcomeandtimingofsuchfutureevents.Therecanbenoassurancethat such statements will prove to be accurate, as the Company’s actual results and future events could differ materially from those anticipatedintheseforward-lookingstatementsasaresultofthefactorsdiscussedinthe“RiskFactors”sectionintheCompany’s annual information form for the period ended December 31, 2024, available under the Company’s profile atwww.sedarplus.ca. Actual future results may differ materially. Various assumptions or factors are typically applied in drawing conclusions or making the forecasts or projections set out in forward-looking information. Those assumptions and factors are based on information currently available to ReconAfrica. The forward-looking information contained in this release is made as of the date hereof and ReconAfrica undertakes no obligation to update or revise any forward-looking information, whether as a result of new information, future events or otherwise, except as required by applicable securities laws. Because of the risks, uncertainties and assumptions contained herein, investors should not place undue reliance on forward-looking information. The foregoing statements expressly qualify any forward-looking information contained herein.
SAN FRANCISCO, May 21, 2025 (GLOBE NEWSWIRE) — In a release issued earlier today under the same headline by LiveRamp (NYSE: RAMP), please note the GAAP operating income and Non-GAAP operating income for the first quarter of fiscal 2026 and fiscal 2026 were stated incorrectly. The corrected release follows:
LiveRamp® (NYSE: RAMP), a leading data collaboration platform, today announced its financial results for the quarter and fiscal year ended March 31, 2025.
Q4 Financial Highlights1
Total revenue was $189 million, up 10%.
Subscription revenue was $145 million, up 9%.
Marketplace & Other revenue was $44 million, up 14%.
GAAP gross profit was $131 million, up 5%. GAAP gross margin of 69% compressed by 3 percentage points. Non-GAAP gross profit was $136 million, up 5%. Non-GAAP gross margin of 72% compressed by 3 percentage points.
GAAP operating loss was $12 million compared to $14 million. GAAP operating margin of negative 6% expanded by 2 percentage points. Non-GAAP operating income was $23 million compared to $16 million. Non-GAAP operating margin of 12% expanded by 3 percentage points.
GAAP diluted loss per share was $0.10 and non-GAAP diluted earnings per share was $0.30.
Net cash provided by operating activities was $63 million compared to $28 million.
Share repurchases in the fourth quarter totaled approximately 950 thousand shares for $25 million.
Fiscal Year Financial Highlights1
Total revenue was $746 million, up 13%.
Subscription revenue was $569 million, up 11%, and represented 76% of total revenue.
Marketplace & Other revenue was $177 million, up 21%.
GAAP gross profit was $530 million, up 10%, and GAAP gross margin of 71% compressed by 2 percentage points. Non-GAAP gross profit was $550 million, up 12%, and non-GAAP gross margin of 74% compressed by 1 percentage point.
GAAP operating income was $5 million compared to $11 million. GAAP operating margin of 1% compressed by 1 percentage point. Non-GAAP operating income was $136 million compared to $105 million. Non-GAAP operating margin of 18% expanded by 2 percentage points.
GAAP diluted loss per share was $0.01, and non-GAAP diluted EPS was $1.70.
Net cash provided by operating activities was $154 million compared to $106 million.
Share repurchases in fiscal 2025 totaled approximately 3.8 million shares for $101 million. As of March 31, 2025, there was $256 million in remaining capacity under the share repurchase authorization that expires on December 31, 2026.
A reconciliation between GAAP and non-GAAP results is provided in the schedules to this press release.
Commenting on the results, CEO Scott Howe said: “We had a strong finish to fiscal 2025, with fourth quarter revenue and operating income exceeding our expectations, revenue growing at a double-digit rate and operating cash flow reaching a record high. As we enter fiscal 2026, more so than ever, we are focused on controlling what we can control: Making our platform faster and easier to use; rolling out new functionality, such as our new Cross Media Intelligence measurement solution; helping customers optimize ad spend by harnessing the power of our Data Collaboration Network; and, finally, prudently managing our own costs and growth investments. The near-term macro environment may be uncertain, but we remain confident that in the long-run we can drive sustained growth and shareholder value creation.”
GAAP and Non-GAAP Results The following table summarizes the Company’s financial results for the fiscal 2025 fourth quarter and full year ended March 31, 2025 ($ in millions, except per share amounts):
GAAP
Non-GAAP
Q4 FY25
FY25
Q4 FY25
FY25
Subscription revenue
$145
$569
—
—
YoY change
9%
11%
—
—
Marketplace & Other revenue
$44
$177
—
—
YoY change
14%
21%
—
—
Total revenue
$189
$746
—
—
YoY change
10%
13%
—
—
Gross profit
$131
$530
$136
$550
% Gross margin
69%
71%
72%
74%
YoY change
(3pts)
(2pts)
(3pts)
(1pt)
Operating income (loss)
($12)
$5
$23
$136
% Operating margin
(6%)
1%
12%
18%
YoY change
2pts
(1 pt)
3 pts
2 pts
Net earnings (loss)
($6)
($1)
$20
$115
Diluted earnings (loss) per share
($0.10)
($0.01)
$0.30
$1.70
Shares to calculate diluted EPS
66.0
66.1
67.5
67.5
YoY change
(1%)
(3%)
(1%)
(1%)
Net operating cash flow
$63
$154
—
—
Free cash flow
—
—
$62
$153
Totals may not sum due to rounding.
A detailed discussion of our non-GAAP financial measures and a reconciliation between GAAP and non-GAAP results is provided in the schedules attached to this press release.
Additional Business Highlights & Metrics
On February 25 we hosted an investor day presentation in San Francisco. The video replay, slide presentation and transcript are available on our investor relations website. Additionally, please see our investor day recap that highlights 10 interesting slides from the presentation, available here.
On February 25-27 we hosted our annual customer and partner conference, RampUp, in San Francisco, bringing together more than 2,500 leaders at the intersection of marketing, technology and data science. The event featured product demonstrations and 40+ panels and presentations featuring 110 leaders from some of the largest brands in the world, including Disney, Home Depot, P&G and Uber – to name a few. Video replays of these sessions are available here and an event recap for investors is available here.
On February 25 we announced Cross-Media Intelligence, a new capability that enables marketers to better measure and optimize campaigns anywhere their customers are. LiveRamp’s Cross-Media Intelligence is a premier solution for next-generation cross-media measurement, unifying insights across partners and datasets, and delivering actionable, repeatable insights with unmatched speed and precision. With Cross-Media Intelligence, marketers for the first time can access unified, deduplicated reporting across screens and platforms (additional information).
On April 22 Google announced that it will no longer roll out a new standalone prompt for consumers to opt-in to third-party cookie tracking on Chrome. LiveRamp’s mission remains the same: Enable best-in-class addressable reach and connectivity across every consumer experience by continuing to develop the largest and most useful data collaboration network. We will use cookies to extend reach on Chrome, while continuing to invest and expand our authenticated ecosystem across cookieless browsers (Safari, Firefox, and Edge), direct publisher integrations, CTV, mobile/gaming, and new AI integrations. Please see our blog post for additional information.
On March 6 we announced a workforce restructuring involving approximately 5% of our full-time employees. The restructuring is part of a broader strategic reprioritization to build a stronger, more profitable company by tightening our focus and simplifying and driving efficiency into our business processes. In the fourth quarter we incurred $7.2 million of restructuring and related charges primarily related to employee severance and benefits.
LiveRamp ended the year with 128 customers whose annualized subscription revenue exceeds $1 million, compared to 115 in the prior year.
LiveRamp ended the year with 840 direct subscription customers, compared to 900 in the prior year.
Fourth quarter subscription net retention was 104% and platform net retention was 106%.
Fourth quarter annualized recurring revenue (ARR), which is the last month of the quarter fixed subscription revenue annualized, was $504 million, up 8% compared to the prior year period.
Current remaining performance obligations (CRPO), which is contracted and committed revenue expected to be recognized over the next 12 months, was $471 million, up 14% compared to the prior year period.
Financial Outlook
LiveRamp’s non-GAAP operating income guidance excludes the impact of non-cash stock compensation, purchased intangible asset amortization, and restructuring and related charges.
For the first quarter of fiscal 2026, LiveRamp expects to report:
Revenue of $191 million, an increase of 9%
GAAP operating income of $6 million
Non-GAAP operating income of $33 million
For fiscal 2026, LiveRamp expects to report:
Revenue of between $787 million and $817 million, an increase of between 6% and 10%
GAAP operating income of between $85 million and $89 million
Non-GAAP operating income of between $178 million and $182 million
Conference Call
LiveRamp will hold a conference call today at 1:30 p.m. PT (4:30 p.m. ET) to further discuss this information. Interested parties are invited to listen to a webcast of the conference, which can be accessed on LiveRamp’s investor site. A slide presentation will be referenced during the call and is available here.
About LiveRamp
LiveRamp is a leading data collaboration technology company, empowering marketers and media owners to deliver and measure marketing performance everywhere it matters. LiveRamp’s data collaboration network seamlessly unites data across advertisers, platforms, publishers, data providers, and commerce media networks—unlocking deep insights, delivering transformational consumer experiences, and driving measurable growth.
Built on a foundation of strict neutrality, interoperability, and global scale, LiveRamp enables organizations to maximize the value of their data while accelerating innovation. Trusted by many of the world’s leading brands, retailers, financial services providers, and healthcare innovators, LiveRamp is helping shape the future of responsible data collaboration in an AI-driven, outcomes-focused world where advertisers reach intended audiences and consumers receive more relevant advertising messages.
LiveRamp is headquartered in San Francisco, California, with offices worldwide. Learn more at LiveRamp.com.
Forward-Looking Statements
This press release contains “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995, as amended (the “PSLRA”). Forward-looking statements are often identified by words or phrases such as “anticipate,” “estimate,” “plan,” “expect,” “believe,” “intend,” “foresee,” or the negative of these terms or other similar variations thereof, but the absence of these words does not mean that a statement is not forward-looking. These statements, which are not statements of historical fact, include, but are not limited to, the Company’s guidance regarding revenue, GAAP operating loss and Non-GAAP operating income for the first quarter and full year of fiscal 2026 and other similar estimates, assumptions, forecasts, projections and expectations regarding market position, product development, growth opportunities, economic conditions and other future events and trends.
These forward-looking statements are not guarantees of future performance and are subject to a number of factors and uncertainties that could cause the Company’s actual results and experiences to differ materially from the anticipated results and expectations expressed in the forward-looking statements.
Among the factors that may cause actual results and expectations to differ from anticipated results and expectations expressed in forward-looking statements are economic uncertainties that could impact us or our suppliers, customers and partners, including, geo-political circumstances, including risk related to tariffs and other trade restrictions, the possibility of a recession, general inflationary pressure and high interest rates; the ability and willingness of our customers to renew their agreements with us upon their expiration; our ability to add new customers and upsell within our subscription business; our reliance upon partners, including data suppliers, who may withdraw or withhold data from us; increased competition and rapidly changing technology that could impact our products and services; the risk that we fail to realize the potential benefits of or have difficulty integrating acquired businesses; and our inability to attract, motivate and retain talent. Additional risks include maintaining our culture and our ability to innovate and evolve while operating in a hybrid work environment, with some employees working remotely at least some of the time within a rapidly changing industry, while also avoiding disruption from reductions in our current workforce as well as disruptions resulting from acquisition, divestiture and other activities affecting our workforce. Our global workforce strategy could possibly encounter difficulty and not be as beneficial as planned. Our international operations are also subject to risks, including the performance of third parties as well as impacts from war and civil unrest, that may harm the Company’s business. The risk of a significant breach of the confidentiality of the information or the security of our or our customers’, suppliers’, or other partners’ data and/or computer systems, or the risk that our current insurance coverage may not be adequate for such a breach, that an insurer might deny coverage for a claim or that such insurance will continue to be available to us on commercially reasonable terms, or at all, could be detrimental to our business, reputation and results of operations. Other business risks include unfavorable publicity and negative public perception about our industry; interruptions or delays in service from data center or cloud hosting vendors we rely upon; and our dependence on the continued availability of third-party data hosting and transmission services. Our clients’ ability to use data on our platform could be restricted if the industry’s use of third-party cookies and tracking technology declines due to technology platform changes, regulation or increased user controls. Continued changes in the judicial, legislative, regulatory, accounting, cultural and consumer environments affecting our business, including but not limited to litigation, investigations, legislation, regulations and customs at the state, federal and international levels relating to information collection and use represents a risk, as well as changes in tax laws and regulations that are applied to our customers which could cause enterprise software budget tightening. In addition, third parties may claim that we are infringing their intellectual property or may infringe our intellectual property which could result in competitive injury and / or the incurrence of significant costs and draining of our resources.
For a discussion of these and other risks and uncertainties that could affect LiveRamp’s business, reputation, results of operation, financial condition and stock price, please refer to LiveRamp’s filings with the U.S. Securities and Exchange Commission, including in the “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” sections of LiveRamp’s most recently filed Annual Report on Form 10-K, Quarterly Reports on Form 10-Q and subsequent filings.
The financial information set forth in this press release reflects estimates based on information available at this time.
LiveRamp assumes no obligation and does not currently intend to update these forward-looking statements.
To automatically receive LiveRamp financial news by email, please visit www.LiveRamp.com and subscribe to email alerts.
LiveRamp® and RampID™ and all other LiveRamp marks contained herein are trademarks or service marks of LiveRamp, Inc. All other marks are the property of their respective owners.
________________________ 1 Unless otherwise indicated, all comparisons are to the prior year period.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(Unaudited)
(Dollars in thousands, except per share amounts)
For the three months ended March 31,
$
%
2025
2024
Variance
Variance
Revenues
188,724
171,852
16,872
9.8
%
Cost of revenue
57,929
47,722
10,207
21.4
%
Gross profit
130,795
124,130
6,665
5.4
%
% Gross margin
69.3
%
72.2
%
Operating expenses
Research and development
45,926
45,161
765
1.7
%
Sales and marketing
56,961
60,476
(3,515
)
(5.8
)%
General and administrative
32,175
30,252
1,923
6.4
%
Gains, losses and other items, net
7,241
2,516
4,725
187.8
%
Total operating expenses
142,303
138,405
3,898
2.8
%
Loss from operations
(11,508
)
(14,275
)
2,767
19.4
%
% Margin
(6.1
)%
(8.3
)%
Total other income, net
4,762
5,070
(308
)
(6.1
)%
Loss from continuing operations before income taxes
(6,746
)
(9,205
)
2,459
26.7
%
Income tax benefit
(479
)
(3,027
)
2,548
84.2
%
Net earnings from continuing operations
(6,267
)
(6,178
)
(89
)
(1.4
)%
Earnings from discontinued operations, net of tax
–
805
(805
)
(100.0
)%
Net loss
(6,267
)
(5,373
)
(894
)
(16.6
)%
Basic loss per share:
Continuing operations
(0.10
)
(0.09
)
(0.00
)
(2.0
)%
Discontinued operations
0.00
0.01
(0.01
)
(100.0
)%
Basic loss per share
(0.10
)
(0.08
)
(0.01
)
(17.3
)%
Diluted loss per share:
Continuing operations
(0.10
)
(0.09
)
(0.00
)
(2.0
)%
Discontinued operations
0.00
0.01
(0.01
)
(100.0
)%
Diluted loss per share
(0.10
)
(0.08
)
(0.01
)
(17.3
)%
Basic weighted average shares
65,957
66,323
Diluted weighted average shares
65,957
66,323
Some totals may not sum due to rounding.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(Unaudited)
(Dollars in thousands, except per share amounts)
For the twelve months ended March 31,
$
%
2025
2024
Variance
Variance
Revenues
745,580
659,661
85,919
13.0
%
Cost of revenue
215,910
179,489
36,421
20.3
%
Gross profit
529,670
480,172
49,498
10.3
%
% Gross margin
71.0
%
72.8
%
Operating expenses
Research and development
176,668
151,201
25,467
16.8
%
Sales and marketing
213,106
195,693
17,413
8.9
%
General and administrative
126,499
110,166
16,333
14.8
%
Gains, losses and other items, net
7,993
11,708
(3,715
)
(31.7
)%
Total operating expenses
524,266
468,768
55,498
11.8
%
Income from operations
5,404
11,404
(6,000
)
(52.6
)%
% Margin
0.7
%
1.7
%
Total other income, net
17,436
22,957
(5,521
)
(24.0
)%
Income from continuing operations before income taxes
22,840
34,361
(11,521
)
(33.5
)%
Income tax expense
25,342
24,270
1,072
4.4
%
Net earnings (loss) from continuing operations
(2,502
)
10,091
(12,593
)
(124.8
)%
Earnings from discontinued operations, net of tax
1,688
1,790
(102
)
(5.7
)%
Net earnings (loss)
(814
)
11,881
(12,695
)
(106.9
)%
Basic earnings (loss) per share:
Continuing operations
(0.04
)
0.15
(0.19
)
(124.8
)%
Discontinued operations
0.03
0.03
(0.00
)
(5.5
)%
Basic earnings (loss) per share
(0.01
)
0.18
(0.19
)
(106.9
)%
Diluted earnings (loss) per share:
Continuing operations
(0.04
)
0.15
(0.19
)
(125.5
)%
Discontinued operations
0.03
0.03
(0.00
)
(3.1
)%
Diluted earnings (loss) per share
(0.01
)
0.17
(0.19
)
(107.0
)%
Basic weighted average shares
66,126
66,266
Diluted weighted average shares
66,126
67,918
Some totals may not sum due to rounding.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP EPS (1)
(Unaudited)
(Dollars in thousands, except per share amounts)
For the three months ended March 31,
For the twelve months ended March 31,
2025
2024
2025
2024
Income (loss) from continuing operations before income taxes
(6,746
)
(9,205
)
22,840
34,361
Income tax expense (benefit)
(479
)
(3,027
)
25,342
24,270
Net earnings from continuing operations
(6,267
)
(6,178
)
(2,502
)
10,091
Earnings from discontinued operations, net of tax
–
805
1,688
1,790
Net earnings (loss)
(6,267
)
(5,373
)
(814
)
11,881
Basic earnings (loss) per share
(0.10
)
(0.08
)
(0.01
)
0.18
Diluted earnings (loss) per share
(0.10
)
(0.08
)
(0.01
)
0.17
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,135
3,097
14,415
8,785
Non-cash stock compensation (cost of revenue and operating expenses)
24,166
24,780
107,979
71,304
Restructuring and merger charges (gains, losses, and other)
7,241
2,516
7,993
11,708
Transformation costs (general and administrative)
—
—
—
1,875
Total excluded items from continuing operations
34,542
30,393
130,387
93,672
Income from continuing operations before income taxes and excluding items
27,796
21,188
153,227
128,033
Income tax expense (2)
7,759
3,947
38,296
29,882
Non-GAAP net earnings (loss) from continuing operations
20,037
17,241
114,931
98,151
Non-GAAP earnings per share from continuing operations
Basic
0.30
0.26
1.74
1.48
Diluted
0.30
0.25
1.70
1.45
Basic weighted average shares
65,957
66,323
66,126
66,266
Diluted weighted average shares
67,479
68,471
67,499
67,918
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
(2) Non-GAAP income taxes were calculated by applying the estimated annual effective tax rate to year-to-date pretax income or loss and adjusting for discrete tax items in the period. The differences between our GAAP and non-GAAP effective tax rates were primarily due to the net tax effects of the excluded items, coupled with the valuation allowance and smaller pre-tax income for GAAP purposes.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP INCOME FROM OPERATIONS (1)
(Unaudited)
(Dollars in thousands)
For the three months ended March 31,
For the twelve months ended March 31,
2025
2024
2025
2024
Income (loss) from operations
(11,508
)
(14,275
)
5,404
11,404
Operating income (loss) margin
(6.1
)%
(8.3
)%
0.7
%
1.7
%
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,135
3,097
14,415
8,785
Non-cash stock compensation (cost of revenue and operating expenses)
24,166
24,780
107,979
71,304
Restructuring and merger charges (gains, losses, and other)
7,241
2,516
7,993
11,708
Transformation costs (general and administrative)
–
–
–
1,875
Total excluded items
34,542
30,393
130,387
93,672
Income from operations before excluded items
23,034
16,118
135,791
105,076
Non-GAAP operating income margin
12.2
%
9.4
%
18.2
%
15.9
%
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF ADJUSTED EBITDA (1)
(Unaudited)
(Dollars in thousands)
For the three months ended March 31,
For the twelve months ended March 31,
2024
2023
2024
2023
Net earnings (loss) from continuing operations
(6,267
)
(6,178
)
(2,502
)
10,091
Income tax expense (benefit)
(479
)
(3,027
)
25,342
24,270
Total other expense, net
(4,762
)
(5,070
)
(17,436
)
(22,957
)
Income (loss) from operations
(11,508
)
(14,275
)
5,404
11,404
Depreciation and amortization
3,803
3,823
17,207
11,508
EBITDA
(7,705
)
(10,452
)
22,611
22,912
Other adjustments:
Non-cash stock compensation (cost of revenue and operating expenses)
24,166
24,780
107,979
71,304
Restructuring and merger charges (gains, losses, and other)
7,241
2,516
7,993
11,708
Transformation costs (general and administrative)
–
–
–
1,875
Other adjustments
31,407
27,296
115,972
84,887
Adjusted EBITDA
23,702
16,844
138,583
107,799
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures, the usefulness of these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(Dollars in thousands)
March 31
March 31
$
%
2025
2024
Variance
Variance
Assets
Current assets:
Cash and cash equivalents
413,331
336,867
76,464
22.7
%
Restricted cash
595
2,604
(2,009
)
(77.2
)%
Short-term investments
7,500
32,045
(24,545
)
(76.6
)%
Trade accounts receivable, net
186,169
190,313
(4,144
)
(2.2
)%
Refundable income taxes, net
9,708
8,521
1,187
13.9
%
Other current assets
38,886
31,682
7,204
22.7
%
Total current assets
656,189
602,032
54,157
9.0
%
Property and equipment
23,813
25,394
(1,581
)
(6.2
)%
Less – accumulated depreciation and amortization
17,629
17,213
416
2.4
%
Property and equipment, net
6,184
8,181
(1,997
)
(24.4
)%
Intangible assets, net
20,167
34,583
(14,416
)
(41.7
)%
Goodwill
501,756
501,756
–
–
%
Deferred commissions, net
44,452
48,143
(3,691
)
(7.7
)%
Other assets, net
30,623
36,748
(6,125
)
(16.7
)%
1,259,371
1,231,443
27,928
2.3
%
Liabilities and Stockholders’ Equity
Current liabilities:
Trade accounts payable
112,271
81,202
31,069
38.3
%
Accrued payroll and related expenses
50,776
61,575
(10,799
)
(17.5
)%
Other accrued expenses
38,586
42,857
(4,271
)
(10.0
)%
Deferred revenue
45,885
30,942
14,943
48.3
%
Total current liabilities
247,518
216,576
30,942
14.3
%
Other liabilities
62,994
65,732
(2,738
)
(4.2
)%
Stockholders’ equity:
Preferred stock
–
–
–
n/a
Common stock
15,918
15,594
324
2.1
%
Additional paid-in capital
2,045,316
1,933,776
111,540
5.8
%
Retained earnings
1,313,358
1,314,172
(814
)
(0.1
)%
Accumulated other comprehensive income
4,295
3,964
331
8.4
%
Treasury stock, at cost
(2,430,028
)
(2,318,371
)
(111,657
)
4.8
%
Total stockholders’ equity
948,859
949,135
(276
)
(0.0
)%
1,259,371
1,231,443
27,928
2.3
%
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(Unaudited)
(Dollars in thousands)
For the three months ended March 31,
2025
2024
Cash flows from operating activities:
Net loss
(6,267
)
(5,373
)
Earnings from discontinued operations, net of tax
—
(805
)
Non-cash operating activities:
Depreciation and amortization
3,803
3,823
Loss on disposal or impairment of assets
44
6
Lease-related impairment and restructuring charges
(28
)
(546
)
Gain on sale of strategic investments
(515
)
—
Loss on marketable equity securities
206
—
Provision for doubtful accounts
(453
)
1,947
Deferred income taxes
(496
)
(498
)
Non-cash stock compensation expense
24,166
24,780
Changes in operating assets and liabilities:
Accounts receivable, net
25,187
8,700
Deferred commissions
46
(3,971
)
Other assets
4,703
8,514
Accounts payable and other liabilities
11,738
(246
)
Income taxes
(523
)
(7,285
)
Deferred revenue
969
(1,403
)
Net cash provided by operating activities
62,580
27,643
Cash flows from investing activities:
Capital expenditures
(293
)
(1,791
)
Cash paid in acquisitions, net of cash received
—
(170,281
)
Purchases of investments
—
(24,509
)
Proceeds from sales of investments
—
25,000
Proceeds from sale of strategic investment
763
—
Net cash provided by (used in) investing activities
470
(171,581
)
Cash flows from financing activities:
Proceeds related to the issuance of common stock under stock and employee benefit plans
202
1
Shares repurchased for tax withholdings upon vesting of stock-based awards
(1,026
)
(719
)
Acquisition of treasury stock
(25,447
)
(15,177
)
Net cash used in financing activities
(26,271
)
(15,895
)
Net cash provided by (used in) continuing operations
36,779
(159,833
)
Cash flows from discontinued operations:
From operating activities
(798
)
805
Net cash provided by (used in) discontinued operations
(798
)
805
Net cash provided by (used in) continuing and discontinued operations
35,981
(159,028
)
Effect of exchange rate changes on cash
580
(447
)
Net change in cash, cash equivalents and restricted cash
36,561
(159,475
)
Cash, cash equivalents and restricted cash at beginning of period
377,365
498,946
Cash, cash equivalents and restricted cash at end of period
413,926
339,471
Supplemental cash flow information:
Cash paid for income taxes, net from continuing operations
558
4,905
Cash received for income taxes, net from discontinued operations
—
(1,258
)
Cash paid for operating lease liabilities
2,426
2,594
Operating lease assets obtained in exchange for operating lease liabilities
—
148
Operating lease assets, and related lease liabilities, relinquished in lease terminations
(40
)
—
Purchases of property, plant and equipment remaining unpaid at period end
20
104
Marketable equity securities obtained in disposition of strategic investment
652
—
Excise tax payable on net stock repurchases
64
—
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(Unaudited)
(Dollars in thousands)
For the twelve months ended March 31,
2025
2024
Cash flows from operating activities:
Net earnings (loss)
(814
)
11,881
Earnings from discontinued operations, net of tax
(1,688
)
(1,790
)
Non-cash operating activities:
Depreciation and amortization
17,207
11,508
Loss on disposal or impairment of assets
85
1,219
Lease-related impairment and restructuring charges
14
1,769
Gain on sale of strategic investments
(515
)
—
Loss on marketable equity securities
206
—
Provision for doubtful accounts
695
2,254
Impairment of goodwill
—
2,875
Deferred income taxes
(447
)
(458
)
Non-cash stock compensation expense
107,979
71,304
Changes in operating assets and liabilities:
Accounts receivable, net
3,547
(32,336
)
Deferred commissions
3,691
(11,113
)
Other assets
2,105
9,426
Accounts payable and other liabilities
3,573
8,508
Income taxes
3,430
22,275
Deferred revenue
14,897
8,334
Net cash provided by operating activities
153,965
105,656
Cash flows from investing activities:
Capital expenditures
(1,042
)
(4,255
)
Cash paid in acquisitions, net of cash received
(1,951
)
(170,281
)
Purchases of investments
(1,967
)
(48,894
)
Proceeds from sales of investments
26,989
50,750
Proceeds from sale of strategic investment
763
—
Purchases of strategic investments
(1,400
)
(1,000
)
Net cash provided by (used in) investing activities
21,392
(173,680
)
Cash flows from financing activities:
Proceeds related to the issuance of common stock under stock and employee benefit plans
8,833
7,222
Shares repurchased for tax withholdings upon vesting of stock-based awards
(10,331
)
(5,835
)
Acquisition of treasury stock
(101,198
)
(60,502
)
Net cash used in financing activities
(102,696
)
(59,115
)
Net cash provided by (used in) continuing operations
72,661
(127,139
)
Cash flows from discontinued operations:
From operating activities
1,688
1,790
Net cash provided by discontinued operations
1,688
1,790
Net cash provided by (used in) continuing and discontinued operations
74,349
(125,349
)
Effect of exchange rate changes on cash
106
372
Net change in cash, cash equivalents and restricted cash
74,455
(124,977
)
Cash, cash equivalents and restricted cash at beginning of period
339,471
464,448
Cash, cash equivalents and restricted cash at end of period
413,926
339,471
Supplemental cash flow information:
Cash paid for income taxes, net from continuing operations
22,548
2,465
Cash received for income taxes, net from discontinued operations
(2,486
)
(2,765
)
Cash received for tenant improvement allowances
(2,628
)
—
Cash paid for operating lease liabilities
9,798
10,293
Operating lease assets obtained in exchange for operating lease liabilities
2,327
11,825
Operating lease assets, and related lease liabilities, relinquished in lease terminations
(595
)
(4,486
)
Purchases of property, plant and equipment remaining unpaid at period end
20
104
Marketable equity securities obtained in disposition of strategic investment
652
—
Excise tax payable on net stock repurchases
128
—
LIVERAMP HOLDINGS, INC AND SUBSIDIARIES
CALCULATION OF FREE CASH FLOW (1)
(Unaudited)
(Dollars in thousands)
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
Net cash provided by (used in) operating activities
$
25,693
$
35,764
$
16,556
$
27,643
$
105,656
$
(9,328
)
$
55,596
$
45,117
$
62,580
$
153,965
Less:
Capital expenditures
(53
)
(200
)
(2,211
)
(1,791
)
(4,255
)
(226
)
(241
)
(282
)
(293
)
(1,042
)
Free Cash Flow
$
25,640
$
35,564
$
14,345
$
25,852
$
101,401
$
(9,554
)
$
55,355
$
44,835
$
62,287
$
152,923
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(Unaudited)
(Dollars in thousands, except per share amounts)
Yr-to-Yr
FY2024
FY2025
FY2025 to FY2024
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
%
$
Revenues
154,069
159,871
173,869
171,852
659,661
175,961
185,483
195,412
188,724
745,580
13.0
%
85,919
Cost of revenue
45,621
41,212
44,934
47,722
179,489
51,749
51,234
54,998
57,929
215,910
20.3
%
36,421
Gross profit
108,448
118,659
128,935
124,130
480,172
124,212
134,249
140,414
130,795
529,670
10.3
%
49,498
% Gross margin
70.4
%
74.2
%
74.2
%
72.2
%
72.8
%
70.6
%
72.4
%
71.9
%
69.3
%
71.0
%
Operating expenses
Research and development
34,519
33,733
37,788
45,161
151,201
44,118
43,889
42,735
45,926
176,668
16.8
%
25,467
Sales and marketing
44,879
44,135
46,203
60,476
195,693
54,175
51,107
50,863
56,961
213,106
8.9
%
17,413
General and administrative
26,664
26,009
27,241
30,252
110,166
30,961
31,369
31,994
32,175
126,499
14.8
%
16,333
Gains, losses and other items, net
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
(31.7
)%
(3,715
)
Total operating expenses
106,178
110,451
113,734
138,405
468,768
129,460
126,762
125,741
142,303
524,266
11.8
%
55,498
Income (loss) from operations
2,270
8,208
15,201
(14,275
)
11,404
(5,248
)
7,487
14,673
(11,508
)
5,404
(52.6
)%
(6,000
)
% Margin
5.0
%
24.3
%
40.2
%
(31.6
)%
1.7
%
(3.0
)%
4.0
%
7.5
%
(6.1
)%
0.7
%
Total other income, net
4,849
6,431
6,607
5,070
22,957
4,444
4,197
4,033
4,762
17,436
(24.0
)%
(5,521
)
Income (loss) from continuing operations before income taxes
7,119
14,639
21,808
(9,205
)
34,361
(804
)
11,684
18,706
(6,746
)
22,840
(33.5
)%
(11,521
)
Income tax expense (benefit)
8,705
10,163
8,429
(3,027
)
24,270
6,685
9,952
9,184
(479
)
25,342
4.4
%
1,072
Net earnings (loss) from continuing operations
(1,586
)
4,476
13,379
(6,178
)
10,091
(7,489
)
1,732
9,522
(6,267
)
(2,502
)
(124.8
)%
(12,593
)
Earnings from discontinued operations, net of tax
–
387
598
805
1,790
–
–
1,688
–
1,688
(5.7
)%
(102
)
Net earnings (loss)
$
(1,586
)
$
4,863
$
13,977
$
(5,373
)
$
11,881
$
(7,489
)
$
1,732
$
11,210
$
(6,267
)
$
(814
)
(106.9
)%
(12,695
)
Basic earnings (loss) per share:
Continuing Operations
(0.02
)
0.07
0.20
(0.09
)
0.15
(0.11
)
0.03
0.15
(0.10
)
(0.04
)
(124.8
)%
(0.19
)
Discontinued Operations
0.00
0.01
0.01
0.01
0.03
0.00
0.00
0.03
0.00
0.03
(5.5
)%
(0.00
)
Basic earnings (loss) per share
(0.02
)
0.07
0.21
(0.08
)
0.18
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
(106.9
)%
(0.19
)
Diluted earnings (loss) per share:
Continuing Operations
(0.02
)
0.07
0.20
(0.09
)
0.15
(0.11
)
0.03
0.14
(0.10
)
(0.04
)
(125.5
)%
(0.19
)
Discontinued Operations
0.00
0.01
0.01
0.01
0.03
0.00
0.00
0.03
0.00
0.03
(3.1
)%
(0.00
)
Diluted earnings (loss) per share
(0.02
)
0.07
0.21
(0.08
)
0.17
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
(107.0
)%
(0.19
)
Basic weighted average shares
66,497
66,284
65,961
66,323
66,266
66,621
66,294
65,631
65,957
66,126
Diluted weighted average shares
66,497
67,868
67,943
66,323
67,918
66,621
67,309
66,743
65,957
66,126
Some earnings (loss) per share amounts may not add due to rounding.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP EXPENSES (1)
(Unaudited)
(Dollars in thousands)
FY2024
FY2025
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
Expenses:
Cost of revenue
45,621
41,212
44,934
47,722
179,489
51,749
51,234
54,998
57,929
215,910
Research and development
34,519
33,733
37,788
45,161
151,201
44,118
43,889
42,735
45,926
176,668
Sales and marketing
44,879
44,135
46,203
60,476
195,693
54,175
51,107
50,863
56,961
213,106
General and administrative
26,664
26,009
27,241
30,252
110,166
30,961
31,369
31,994
32,175
126,499
Gains, losses and other items, net
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
Gross profit, continuing operations:
108,448
118,659
128,935
124,130
480,172
124,212
134,249
140,414
130,795
529,670
% Gross margin
70.4
%
74.2
%
74.2
%
72.2
%
72.8
%
70.6
%
72.4
%
71.9
%
69.3
%
71.0
%
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,290
1,217
1,181
3,097
8,785
3,846
3,748
3,686
3,135
14,415
Non-cash stock compensation (cost of revenue)
629
629
817
1,478
3,553
1,596
1,499
1,455
1,615
6,165
Non-cash stock compensation (research and development)
5,077
5,293
6,960
9,859
27,189
10,205
10,920
10,085
10,494
41,704
Non-cash stock compensation (sales and marketing)
3,736
4,786
4,089
6,337
18,948
7,093
7,383
7,278
5,716
27,470
Non-cash stock compensation (general and administrative)
3,850
5,027
5,631
7,106
21,614
9,091
9,266
7,942
6,341
32,640
Restructuring charges (gains, losses, and other)
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
Transformation costs (general and administrative)
1,875
—
—
—
1,875
—
—
—
—
Total excluded items
18,573
23,526
21,180
30,393
93,672
32,037
33,213
30,595
34,542
130,387
Expenses, excluding items:
Cost of revenue
41,702
39,366
42,936
43,147
167,151
46,307
45,987
49,857
53,179
195,330
Research and development
29,442
28,440
30,828
35,302
124,012
33,913
32,969
32,650
35,432
134,964
Sales and marketing
41,143
39,349
42,114
54,139
176,745
47,082
43,724
43,585
51,245
185,636
General and administrative
20,939
20,982
21,610
23,146
86,677
21,870
22,103
24,052
25,834
93,859
Gross profit, excluding items:
112,367
120,505
130,933
128,705
492,510
129,654
139,496
145,555
135,545
550,250
% Gross margin
72.9
%
75.4
%
75.3
%
74.9
%
74.7
%
73.7
%
75.2
%
74.5
%
71.8
%
73.8
%
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures, the usefulness of these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP EPS (1)
(Unaudited)
(Dollars in thousands, except per share amounts)
FY2024
FY2025
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
Income (loss) from continuing operations before income taxes
7,119
14,639
21,808
(9,205
)
34,361
(804
)
11,684
18,706
(6,746
)
22,840
Income tax expense (benefit)
8,705
10,163
8,429
(3,027
)
24,270
6,685
9,952
9,184
(479
)
25,342
Net earnings (loss) from continuing operations
(1,586
)
4,476
13,379
(6,178
)
10,091
(7,489
)
1,732
9,522
(6,267
)
(2,502
)
Earnings from discontinued operations, net of tax
–
387
598
805
1,790
–
–
1,688
–
1,688
Net earnings (loss)
(1,586
)
4,863
13,977
(5,373
)
11,881
(7,489
)
1,732
11,210
(6,267
)
(814
)
Earnings (loss) per share:
Basic
(0.02
)
0.07
0.21
(0.08
)
0.18
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
Diluted
(0.02
)
0.07
0.21
(0.08
)
0.17
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,290
1,217
1,181
3,097
8,785
3,846
3,748
3,686
3,135
14,415
Non-cash stock compensation (cost of revenue and operating expenses)
13,292
15,735
17,497
24,780
71,304
27,985
29,068
26,760
24,166
107,979
Restructuring and merger charges (gains, losses, and other)
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
Transformation costs (general and administrative)
1,875
–
–
–
1,875
–
–
–
–
–
Total excluded items from continuing operations
18,573
23,526
21,180
30,393
93,672
32,037
33,213
30,595
34,542
130,387
Income from continuing operations before income taxes and excluding items
25,692
38,165
42,988
21,188
128,033
31,233
44,897
49,301
27,796
153,227
Income tax expense (2)
6,167
9,036
10,732
3,947
29,882
7,371
10,745
12,421
7,759
38,296
Non-GAAP net earnings from continuing operations
19,525
29,129
32,256
17,241
98,151
23,862
34,152
36,880
20,037
114,931
Non-GAAP earnings per share from continuing operations
Basic
0.29
0.44
0.49
0.26
1.48
0.36
0.52
0.56
0.30
1.74
Diluted
0.29
0.43
0.47
0.25
1.45
0.35
0.51
0.55
0.30
1.70
Basic weighted average shares
66,497
66,284
65,961
66,323
66,266
66,621
66,294
65,631
65,957
66,126
Diluted weighted average shares
67,388
67,868
67,943
68,471
67,918
68,463
67,309
66,743
67,479
67,499
Some totals may not add due to rounding
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP OPERATING INCOME GUIDANCE (1)
(Unaudited)
(Dollars in thousands)
For the
For the
quarter ending
year ending
June 30, 2025
March 31, 2026
Low
High
GAAP income from operations
$
6,000
$
85,000
$
89,000
Excluded items:
Purchased intangible asset amortization
3,000
11,000
11,000
Non-cash stock compensation
24,000
82,000
82,000
Total excluded items
27,000
93,000
93,000
Non-GAAP income from operations
$
33,000
$
178,000
$
182,000
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our condensed consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures, the usefulness of these measures and the material limitations on the usefulness of these measures, please see Appendix A.
APPENDIX A
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
Q4 FISCAL 2025 FINANCIAL RESULTS
EXPLANATION OF NON-GAAP MEASURES AND OTHER KEY METRICS
To supplement our financial results, we use non-GAAP measures which exclude certain acquisition related expenses, non-cash stock compensation and restructuring charges. We believe these measures are helpful in understanding our past performance and our future results. Our non-GAAP financial measures and schedules are not meant to be considered in isolation or as a substitute for comparable GAAP measures and should be read only in conjunction with our consolidated GAAP financial statements. Our management regularly uses these non-GAAP financial measures internally to understand, manage and evaluate our business and to make operating decisions. These measures are among the primary factors management uses in planning for and forecasting future periods. Compensation of our executives is also based in part on the performance of our business based on these non-GAAP measures.
Our non-GAAP financial measures, including non-GAAP earnings (loss) per share, non-GAAP income (loss) from operations, non-GAAP operating income (loss) margin, non-GAAP expenses and adjusted EBITDA reflect adjustments based on the following items, as well as the related income tax effects when applicable:
Purchased intangible asset amortization: We incur amortization of purchased intangibles in connection with our acquisitions. Purchased intangibles include (i) developed technology, (ii) customer and publisher relationships, and (iii) trade names. We expect to amortize for accounting purposes the fair value of the purchased intangibles based on the pattern in which the economic benefits of the intangible assets will be consumed as revenue is generated. Although the intangible assets generate revenue for us, we exclude this item because this expense is non-cash in nature and because we believe the non-GAAP financial measures excluding this item provide meaningful supplemental information regarding our operational performance.
Non-cash stock compensation: Non-cash stock compensation consists of charges for employee restricted stock units, performance shares and stock options in accordance with current GAAP related to stock-based compensation including expense associated with stock-based compensation related to unvested options assumed in connection with our acquisitions. As we apply stock-based compensation standards, we believe that it is useful to investors to understand the impact of the application of these standards to our operational performance. Although stock-based compensation expense is calculated in accordance with current GAAP and constitutes an ongoing and recurring expense, such expense is excluded from non-GAAP results because it is not an expense that typically requires or will require cash settlement by us and because such expense is not used by us to assess the core profitability of our business operations.
Restructuring charges: During the past several years, we have initiated certain restructuring activities in order to align our costs in connection with both our operating plans and our business strategies based on then-current economic conditions. As a result, we recognized costs related to termination benefits for employees whose positions were eliminated, lease and other contract termination charges, and asset impairments. These items, as well as third party expenses associated with business acquisitions in the prior years, reported as gains, losses, and other items, net, are excluded from non-GAAP results because such amounts are not used by us to assess the core profitability of our business operations.
Transformation costs: In previous years, we incurred significant expenses to separate the financial statements of our operating segments, with particular focus on segment-level balance sheets, and to evaluate portfolio priorities. Our criteria for excluding transformation expenses from our non-GAAP measures is as follows: 1) projects are discrete in nature; 2) excluded expenses consist only of third-party consulting fees that we would not incur otherwise; and 3) we do not exclude employee related expenses or other costs associated with the ongoing operations of our business. We substantially completed those projects during the third quarter of fiscal year 2018. Beginning in the fourth quarter of fiscal 2018, and through most of fiscal 2019, we incurred transaction support expenses and system separation costs related to the Company’s announced evaluation of strategic options for its Marketing Solutions (AMS) business. In the first and second quarters of fiscal 2021 in response to the potential COVID-19 pandemic impact on our business and again during fiscal 2023 in response to macroeconomic conditions, we incurred significant costs associated with the assessment of strategic and operating plans, including our long-term location strategy, and assistance in implementing the restructuring activities as a result of this assessment. Our criteria for excluding these costs are the same. We believe excluding these items from our non-GAAP financial measures is useful for investors and provides meaningful supplemental information.
Our non-GAAP financial schedules are:
Non-GAAP EPS, Non-GAAP Income from Operations, and Non-GAAP expenses: Our Non-GAAP earnings per share, Non-GAAP income from operations, Non-GAAP operating income margin, and Non-GAAP expenses reflect adjustments as described above, as well as the related tax effects where applicable.
Adjusted EBITDA: Adjusted EBITDA is defined as net income from continuing operations before income taxes, other income and expenses, depreciation and amortization, and including adjustments as described above. We use Adjusted EBITDA to measure our performance from period to period both at the consolidated level as well as within our operating segments and to compare our results to those of our competitors. We believe that the inclusion of Adjusted EBITDA provides useful supplementary information to and facilitates analysis by investors in evaluating the Company’s performance and trends. The presentation of Adjusted EBITDA is not meant to be considered in isolation or as an alternative to net earnings as an indicator of our performance.
Free Cash Flow: To supplement our statement of cash flows, we use a non-GAAP measure of cash flow to analyze cash flows generated from operations. Free cash flow is defined as operating cash flow less capital expenditures. Management believes that this measure of cash flow is meaningful since it represents the amount of money available from continuing operations for the Company’s discretionary spending. The presentation of non-GAAP free cash flow is not meant to be considered in isolation or as an alternative to cash flows from operating activities as a measure of liquidity.
NEW YORK, May 21, 2025 (GLOBE NEWSWIRE) — Monteverde & Associates PC (the “M&A Class Action Firm”), has recovered millions of dollars for shareholders and is recognized as a Top 50 Firm in the 2024 ISS Securities Class Action Services Report. We are headquartered at the Empire State Building in New York City and are investigating:
Radius Recycling, Inc. (NASDAQ:RDUS), relating to the proposed merger with Toyota Tsusho America, Inc. Under the terms of the agreement, Toyota Tsusho will acquire all shares of Radius, with Radius shareholders receiving $30.00 per share in cash.
ACT NOW. The Shareholder Vote is scheduled for June 5, 2025.
Southern States Bancshares, Inc. (NASDAQ:SSBK), relating to the proposed merger with FB Financial Corporation. Under the terms of the agreement, Southern States’ shareholders will receive 0.800 shares of FB Financial common stock for each share of Southern States stock.
ACT NOW. The Shareholder Vote is scheduled for June 26, 2025.
LENSAR, Inc. (NASDAQ:LNSR), relating to the proposed merger with Alcon. Under the terms of the agreement, LENSAR shareholders will receive $14.00 per share, with an additional non-tradeable contingent value right offering up to $2.75 per share in cash conditioned on the achievement of certain milestones.
ACT NOW. The Shareholder Vote is scheduled for July 2, 2025.
iCAD, Inc. (NASDAQ:ICAD), relating to the proposed merger with RadNet, Inc. Under the terms of the agreement, iCAD stockholders will receive 0.0677 shares of RadNet common stock for each share of iCAD common stock held at the closing of the merger.
ACT NOW. The Shareholder Vote is scheduled for July 14, 2025.
NOT ALL LAW FIRMS ARE THE SAME. Before you hire a law firm, you should talk to a lawyer and ask:
Do you file class actions and go to Court?
When was the last time you recovered money for shareholders?
What cases did you recover money in and how much?
About Monteverde & Associates PC
Our firm litigates and has recovered money for shareholders…and we do it from our offices in the Empire State Building. We are a national class action securities firm with a successful track record in trial and appellate courts, including the U.S. Supreme Court.
No company, director or officer is above the law. If you own common stock in any of the above listed companies and have concerns or wish to obtain additional information free of charge, please visit our website or contact Juan Monteverde, Esq. either via e-mail at jmonteverde@monteverdelaw.com or by telephone at (212) 971-1341.
Contact: Juan Monteverde, Esq. MONTEVERDE & ASSOCIATES PC The Empire State Building 350 Fifth Ave. Suite 4740 New York, NY 10118 United States of America jmonteverde@monteverdelaw.com Tel: (212) 971-1341
Attorney Advertising. (C) 2025 Monteverde & Associates PC. The law firm responsible for this advertisement is Monteverde & Associates PC (www.monteverdelaw.com). Prior results do not guarantee a similar outcome with respect to any future matter.
CALGARY, Alberta, May 21, 2025 (GLOBE NEWSWIRE) — Helium Evolution Incorporated (TSXV:HEVI) (“HEVI” or the “Company“), a Canadian-based helium exploration company focused on developing assets in southern Saskatchewan, is pleased to report that all matters presented for approval at its annual general and special meeting of shareholders held on May 21, 2025 (the “Meeting“) were approved. A total of 47,824,360 common shares representing 42.59% of the Company’s issued and outstanding common shares were voted in person or represented by proxy at the Meeting.
The shareholders voted in favour of all matters set out in the Company’s Management Information Circular dated April 7, 2025 (the “Circular”), including creating a new control person in ENEOS Xplora USA Limited, with greater than 98% of votes in favour. Additionally, the shareholders voted in favour of the election of all seven director nominees of HEVI for the ensuing year or until his or her successor is elected or appointed. Each nominee received greater than 99% of votes in favour.
At the Meeting, shareholders also approved: (1) fixing the number of directors of the Company for the ensuing year at seven; (2) appointing KPMG LLP as the auditors of the Company for the ensuing year and authorizing the directors to fix the remuneration to be paid to the auditors; and (3) approving and confirming the rolling 10% stock option plan of the Company, as more particularly described in the Company’s Circular.
Stay Connected to Helium Evolution
Shareholders and other parties interested in learning more about the Helium Evolution opportunity are encouraged to visit the Company’s website, which includes an updated corporatepresentation, and are invited to follow the Company on LinkedIn and X for ongoing corporate updates and helium industry information. Helium Evolution also provides an extensive, commissioned ‘deep-dive’ research report prepared by a third party whose background includes serving as a research analyst for several bank-owned and independent investment dealers.
About Helium Evolution Incorporated
Helium Evolution is a Canadian-based helium exploration company holding the largest helium land rights position in North America among publicly-traded companies, focused on developing assets in southern Saskatchewan. The Company has over five million acres of land under permit near proven discoveries of economic helium concentrations which will support scaling the exploration and development efforts across its land base. HEVI’s management and board are executing a differentiated strategy to become a leading supplier of sustainably-produced helium for the growing global helium market.
For further information, please contact:
NeithertheTSXVentureExchangenoritsRegulationServicesProvider(asthatterm isdefinedinthepoliciesoftheTSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.
News In Brief – Source: US Computer Emergency Readiness Team
Executive Summary
This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 26165—tracked in the cybersecurity community under several names (see “Cybersecurity Industry Tracking”). The actors’ cyber espionage-oriented campaign, targeting technology companies and logistics entities, uses a mix of previously disclosed tactics, techniques, and procedures (TTPs). The authoring agencies expect similar targeting and TTP use to continue.
Executives and network defenders at logistics entities and technology companies should recognize the elevated threat of unit 26165 targeting, increase monitoring and threat hunting for known TTPs and indicators of compromise (IOCs), and posture network defenses with a presumption of targeting.
This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors’ wide scale targeting of IP cameras in Ukraine and bordering NATO nations.
The following authors and co-sealers are releasing this CSA:
United States National Security Agency (NSA)
United States Federal Bureau of Investigation (FBI)
United Kingdom National Cyber Security Centre (NCSC-UK)
Germany Federal Intelligence Service (BND) Bundesnachrichtendienst
Germany Federal Office for Information Security (BSI) Bundesamt für Sicherheit in der Informationstechnik
Germany Federal Office for the Protection of the Constitution (BfV) Bundesamt für Verfassungsschutz
Czech Republic Military Intelligence (VZ) Vojenské zpravodajství
Czech Republic National Cyber and Information Security Agency (NÚKIB) Národní úřad pro kybernetickou a informační bezpečnost
Czech Republic Security Information Service (BIS) Bezpečnostní informační služba
Poland Internal Security Agency (ABW) Agencja Bezpieczeństwa Wewnętrznego
Poland Military Counterintelligence Service (SKW) Służba Kontrwywiadu Wojskowego
United States Cybersecurity and Infrastructure Security Agency (CISA)
United States Department of Defense Cyber Crime Center (DC3)
United States Cyber Command (USCYBERCOM)
Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)
Canadian Centre for Cyber Security (CCCS)
Danish Defence Intelligence Service (DDIS) Forsvarets Efterretningstjeneste
Estonian Foreign Intelligence Service (EFIS) Välisluureamet
Estonian National Cyber Security Centre (NCSC-EE) Küberturvalisuse keskus
French Cybersecurity Agency (ANSSI) Agence nationale de la sécurité des systèmes d’information
Netherlands Defence Intelligence and Security Service (MIVD) Militaire Inlichtingen- en Veiligheidsdienst
Download the PDF version of this report:
Russian GRU Targeting Western Logistics Entities and Technology Companies (PDF, 1,081KB)
For a downloadable list of IOCs, visit:
Introduction
For over two years, the Russian GRU 85th GTsSS, military unit 26165—commonly known in the cybersecurity community as APT28, Fancy Bear, Forest Blizzard, BlueDelta, and a variety of other identifiers—has conducted this campaign using a mix of known tactics, techniques, and procedures (TTPs), including reconstituted password spraying capabilities, spearphishing, and modification of Microsoft Exchange mailbox permissions. In late February 2022, multiple Russian state-sponsored cyber actors increased the variety of cyber operations for purposes of espionage, destruction, and influence—with unit 26165 predominately involved in espionage. [1] As Russian military forces failed to meet their military objectives and Western countries provided aid to support Ukraine’s territorial defense, unit 26165 expanded its targeting of logistics entities and technology companies involved in the delivery of aid. These actors have also targeted Internet-connected cameras at Ukrainian border crossings to monitor and track aid shipments. Note: This advisory uses the MITRE ATT&CK® for Enterprise framework, version 17. See Appendix A: MITRE ATT&CK tactics and techniques for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques. This advisory uses the MITRE D3FEND® framework, version 1.0.
Description of Targets
The GRU unit 26165 cyber campaign against Western logistics providers and technology companies has targeted dozens of entities, including government organizations and private/commercial entities across virtually all transportation modes: air, sea, and rail. These actors have targeted entities associated with the following verticals within NATO member states, Ukraine, and at international organizations:
Defense Industry
Transportation and Transportation Hubs (ports, airports, etc.)
Maritime
Air Traffic Management
IT Services
In the course of the targeting lifecycle, unit 26165 actors identified and conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access [T1199].
The actors also conducted reconnaissance on at least one entity involved in the production of industrial control system (ICS) components for railway management, though a successful compromise was not confirmed [TA0043].
The countries with targeted entities include the following, as illustrated in Figure 1:
Bulgaria
Czech Republic
France
Germany
Greece
Italy
Moldova
Netherlands
Poland
Romania
Slovakia
Ukraine
United States
Figure 1: Countries with Targeted Entities
Initial Access TTPs
To gain initial access to targeted entities, unit 26165 actors used several techniques to gain initial access to targeted entities, including (but not limited to):
The actors abused vulnerabilities associated with a range of brands and models of small office/home office (SOHO) devices to facilitate covert cyber operations, as well as proxy malicious activity via devices with geolocation in proximity to the target [T1665]. [2]
Credential Guessing/Brute Force
Unit 26165 actors’ credential guessing [T1110.001] operations in this campaign exhibit some similar characteristics to those disclosed in the previous CSA “Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments.” [3] Based on victim network investigations, the current iteration of this TTP employs a similar blend of anonymization infrastructure, including the use of Tor and commercial VPNs [T1090.003]. The actors frequently rotated the IP addresses used to further hamper detection. All observed connections were made via encrypted TLS [T1573].
Spearphishing
GRU unit 26165 actors’ spearphishing emails included links [T1566.002] leading to fake login pages impersonating a variety of government entities and Western cloud email providers’ webpages. These webpages were typically hosted on free third-party services or compromised SOHO devices and often used legitimate documents associated with thematically similar entities as lures. The subjects of spearphishing emails were diverse and ranged from professional topics to adult themes. Phishing emails were frequently sent via compromised accounts or free webmail accounts [T1586.002, T1586.003]. The emails were typically written in the target’s native language and sent to a single targeted recipient.
Some campaigns employed multi-stage redirectors [T1104] verifying IP-geolocation [T1627.001] and browser fingerprints [T1627] to protect credential harvesting infrastructure or provide multifactor authentication (MFA) [T1111] and CAPTCHA relaying capabilities [T1056]. Connecting endpoints failing the location checks were redirected to a benign URL [T1627], such as msn.com. Redirector services used include:
Webhook[.]site
FrgeIO
InfinityFree
Dynu
Mocky
Pipedream
Mockbin[.]org
The actors also used spearphishing to deliver malware (including HEADLACE and MASEPIE) executables [T1204.002] delivered via third-party services and redirectors [T1566.002], scripts in a mix of languages [T1059] (including BAT [T1059.003] and VBScript [T1059.005]) and links to hosted shortcuts [T1204.001].
CVE Usage
Throughout this campaign, GRU unit 26165 weaponized an Outlook NTLM vulnerability (CVE-2023-23397) to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations [T1187]. [4],[5] These actors also used a series of Roundcube CVEs (CVE-2020-12641, CVE-2020-35730, and CVE-2021-44026) to execute arbitrary shell commands [T1059], gain access to victim email accounts, and retrieve sensitive data from email servers [T1114].
Since at least fall 2023, the actors leveraged a WinRAR vulnerability (CVE-2023-38831) allowing for the execution of arbitrary code embedded in an archive as a means of initial access [T1659]. The actors sent emails with malicious attachments [T1566.001] or embedded hyperlinks [T1566.002] that downloaded a malicious archive prepared using this CVE.
Post-Compromise TTPs
After an initial compromise using one of the above techniques, unit 26165 actors conducted contact information reconnaissance to identify additional targets in key positions [T1589.002]. The actors also conducted reconnaissance of the cybersecurity department [T1591], individuals responsible for coordinating transport [T1591.004], and other companies cooperating with the victim entity [T1591.002].
The actors used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment [TA0008]. Multiple Impacket scripts were used as .exe files, in addition to the python versions, depending on the victim environment. The actors also moved laterally within the network using Remote Desktop Protocol (RDP) [T1021.001] to access additional hosts and attempt to dump Active Directory NTDS.dit domain databases [T1003.003] using native Active Directory Domain Services commands, such as in Figure 2: Example Active Directory Domain Services command:
C:Windowssystem32ntdsutil.exe "activate instance ntds" ifm "create full C:temp[a-z]{3}" quit quit
Figure 2: Example Active Directory Domain Services command
Additionally, GRU unit 26165 actors used the tools Certipy and ADExplorer.exe to exfiltrate information from the Active Directory. The actors installed python [T1059.006] on infected machines to enable the execution of Certipy. Accessed files were archived in .zip files prior to exfiltration [T1560]. The actors attempted to exfiltrate archived data via a previously dropped OpenSSH binary [T1048].
Incident response investigations revealed that the actors would take steps to locate and exfiltrate lists of Office 365 users and set up sustained email collection. The actors used manipulation of mailbox permissions [T1098.002] to establish sustained email collection at compromised logistics entities, as detailed in a Polish Cybercommand blog. [6]
After initial authentication, unit 26165 actors would change accounts’ folder permissions and enroll compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access [T1556.006]. The actors leveraged python scripts to retrieve plaintext passwords via Group Policy Preferences [T1552.006] using Get-GPPPassword.py and a modified ldap-dump.py to enumerate the Windows environment [T1087.002] and conduct a brute force password spray [T1110.003] via Lightweight Directory Access Protocol (LDAP). The actors would additionally delete event logs through the wevtutil utility [T1070.001].
After gaining initial access to the network, the actors pursued further access to accounts with access to sensitive information on shipments, such as train schedules and shipping manifests. These accounts contained information on aid shipments to Ukraine, including:
sender,
recipient,
train/plane/ship numbers,
point of departure,
destination,
container registration numbers,
travel route, and
cargo contents.
In at least one instance, the actors attempted to use voice phishing [T1566.004] to gain access to privileged accounts by impersonating IT staff.
Malware
Unit 26165’s use of malware in this campaign ranged from gaining initial access to establishing persistence and exfiltrating data. In some cases, the attack chain resulted in multiple pieces of malware being deployed in succession. The actors used dynamic link library (DLL) search order hijacking [T1574.001] to facilitate malware execution. There were a number of known malware variants tied to this campaign against logistics sector victims, including:
HEADLACE [7]
MASEPIE [8]
While other malware variants, such as OCEANMAP and STEELHOOK, [8] were not directly observed targeting logistics or IT entities, their deployment against victims in other sectors in Ukraine and other Western countries suggest that they could be deployed against logistics and IT entities should the need arise.
Persistence
In addition to the abovementioned mailbox permissions abuse, unit 26165 actors also used scheduled tasks [T1053.005], run keys [T1547.001], and placed malicious shortcuts [T1547.009] in the startup folder to establish persistence.
Exfiltration
GRU unit 26165 actors used a variety of methods for data exfiltration that varied based on the victim environment, including both malware and living off the land binaries. PowerShell commands [T1059.001] were often used to prepare data for exfiltration; for example, the actors prepared zip archives [T1560.001] for upload to their own infrastructure.
The actors also used server data exchange protocols and Application Programming Interfaces (APIs) such as Exchange Web Services (EWS) and Internet Message Access Protocol (IMAP) [T1114.002] to exfiltrate data from email servers. In multiple instances, the actors used periodic EWS queries [T1119] to collect new emails sent and received since the last data exfiltration [T1029]. The actors typically used infrastructure in close geographic proximity to the victim. Long gaps between exfiltration, the use of trusted and legitimate protocols, and the use of local infrastructure allowed for long-term collection of sensitive data to go undetected.
Connections to Targeting of IP Cameras
In addition to targeting logistics entities, unit 26165 actors likely used access to private cameras at key locations, such as near border crossings, military installations, and rail stations, to track the movement of materials into Ukraine. The actors also used legitimate municipal services, such as traffic cams.
The actors targeted Real Time Streaming Protocol (RTSP) servers hosting IP cameras primarily located in Ukraine as early as March 2022 in a large-scale campaign, which included attempts to enumerate devices [T1592] and gain access to the cameras’ feeds [T1125]. Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers, primarily hosting IP cameras [T1090.002]. The DESCRIBE requests were crafted to obtain access to IP cameras located on logically distinct networks from that of the routers that received the request. The requests included Base64-encoded credentials for the RTSP server, which included publicly documented default credentials and likely generic attempts to brute force access to the devices [T1110]. An example of an RTSP request is shown in Figure 3.
Successful RTSP 200 OK responses contained a snapshot of the IP camera’s image and IP camera metadata such as video codec, resolution, and other properties depending on the IP camera’s configuration.
From a sample available to the authoring agencies of over 10,000 cameras targeted via this effort, the geographic distribution of victims showed a strong focus on cameras in Ukraine and border countries, as shown in Table 1:
Table 1: Geographic distribution of targeted IP cameras
Country
Percentage of Total Attempts
Ukraine
81.0%
Romania
9.9%
Poland
4.0%
Hungary
2.8%
Slovakia
1.7%
Others
0.6%
Mitigation Actions
General Security Mitigations
Architecture and Configuration
Employ appropriate network segmentation [D3-NI] and restrictions to limit access and utilize additional attributes (such as device information, environment, and access path) when making access decisions [D3-AMED].
Consider Zero Trust principles when designing systems. Base product choices on how those products can solve specific risks identified as part of the end-to-end design. [9]
Ensure that host firewalls and network security appliances (e.g., firewalls) are configured to only allow legitimately needed data flows between devices and servers to prevent lateral movement [D3-ITF]. Alert on attempts to connect laterally between host devices or other unusual data flows.
Use automated tools to audit access logs for security concerns and identify anomalous access requests [D3-RAPA].
For organizations using on-premises authentication and email services, block and alert on NTLM/SMB requests to external infrastructure [D3-OTF].
Utilize endpoint, detection, and response (EDR) and other cybersecurity solutions on all systems, prioritizing high value systems with large amounts of sensitive data such as mail servers and domain controllers [D3-PM] first.
Perform threat and attack modeling to understand how sensitive systems may be compromised within an organization’s specific architecture and security controls. Use this to develop a monitoring strategy to detect compromise attempts and select appropriate products to enact this strategy.
Collect and monitor Windows logs for certain events, especially for events that indicate that a log was cleared unexpectedly [D3-SFA].
Enable optional security features in Windows to harden endpoints and mitigate initial access techniques [D3-AH]:
Enable attack surface reduction rules to prevent executable content from email [D3-ABPI].
Enable attack surface reduction rules to prevent execution of files from globally writeable directories, such as Downloads or %APPDATA% [D3-EAL].
Unless users are involved in the development of scripts, limit the local execution of scripts (such as batch scripts, VBScript, JScript/JavaScript, and PowerShell [10]) to known scripts [D3-EI], and audit execution attempts.
Disable Windows Host Scripting functionality and configure PowerShell to run in Constrained mode [D3-ACH].
Where feasible, implement allowlisting for applications and scripts to limit execution to only those needed for authorized activities, blocking all others by default [D3-EAL].
Consider using open source SIGMA rules as a baseline for detecting and alerting on suspicious file execution or command parameters [D3-PSA].
Use services that provide enhanced browsing services and safe link checking [D3-URA]. Significant reductions in successful spearphishing attempts were noted when email providers began offering link checking and automatic file detonation to block malicious content.
Where possible, block logins from public VPNs, including exit nodes in the same country as target systems, or, if they need to be allowed, alert on them for further investigation. Most organizations should not need to allow incoming traffic, especially logins to systems, from VPN services [D3-NAM].
Educate users to only use approved corporate systems for relevant government and military business and avoid the use of personal accounts on cloud email providers to conduct official business. Network administrators should also audit both email and web request logs to detect such activity.
Many organizations may not need to allow outgoing traffic to hosting and API mocking services, which are frequently used by GRU unit 26165. Organizations should consider alerting on or blocking the following services, with exceptions allowlisted for legitimate activity [D3-DNSDL].
*.000[.]pe
*.1cooldns[.]com
*.42web[.]io
*.4cloud[.]click
*.accesscan[.]org
*.bumbleshrimp[.]com
*.camdvr[.]org
*.casacam[.]net
*.ddnsfree[.]com
*.ddnsgeek[.]com
*.ddnsguru[.]com
*.dynuddns[.]com
*.dynuddns[.]net
*.free[.]nf
*.freeddns[.]org
*.frge[.]io
*.glize[.]com
*.great-site[.]net
*.infinityfreeapp[.]com
*.kesug[.]com
*.loseyourip[.]com
*.lovestoblog[.]com
*.mockbin[.]io
*.mockbin[.]org
*.mocky[.]io
*.mybiolink[.]io
*.mysynology[.]net
*.mywire[.]org
*.ngrok[.]io
*.ooguy[.]com
*.pipedream[.]net
*.rf[.]gd
*.urlbae[.]com
*.webhook[.]site
*.webhookapp[.]com
*.webredirect[.]org
*.wuaze[.]com
Heuristic detections for web requests to new subdomains, including of the above providers, may uncover malicious phishing activity [D3-DNRA]. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims.
Identity and Access Management
Organizations should take measures to ensure strong access controls and mitigate against common credential theft techniques:
Use MFA with strong factors, such as passkeys or PKI smartcards, and require regular re-authentication [D3-MFA]. [11], [12] Strong authentication factors are not guessable using dictionary techniques, so they resist brute force attempts.
Implement other mitigations for privileged accounts: including limiting the number of admin accounts, considering using hardware MFA tokens, and regularly reviewing all privileged user accounts [D3-JFAPA].
Separate privileged accounts by role and alert on misuse of privileged accounts [D3-UAP]. For example, email administrator accounts should be different from domain administrator accounts.
Reduce reliance on passwords; instead, consider using services like single sign-on [D3-TBA].
For organizations using on-premises authentication and email services, plan to disable NTLM entirely and migrate to more robust authentication processes such as PKI certificate authentication.
Do not store passwords in Group Policy Preferences (GPP). Remove all passwords previously included in GPP and change all passwords on the corresponding accounts [D3-CH]. [13]
Use account throttling or account lockout [D3-ANET]:
Throttling is preferred to lockout. Throttling progressively increases time delay between successive login attempts.
Account lockout can leave legitimate users unable to access their accounts and requires access to an account recovery process.
Account lockout can provide a malicious actor with an easy way to launch a Denial of Service (DoS).
If using lockout, then allowing 5 to 10 attempts before lockout is recommended.
Use a service to check for compromised passwords before using them [D3-SPP]. For example, “Have I Been Pwned” can be used to check whether a password has been previously compromised without disclosing the potential password.
Change all default credentials [D3-CRO] and disable protocols that use weak authentication (e.g., clear-text passwords or outdated and vulnerable authentication or encryption protocols) or do not support multi-factor authentication [D3-ACH] [D3-ET]. Always configure access controls carefully to ensure that only well-maintained and well-authenticated accounts have access. [13]
IP Camera Mitigations
The following mitigation techniques for IP cameras can be used to defend against this type of malicious activity:
Ensure IP cameras are currently supported. Replace devices that are out of support.
Apply security patches and firmware updates to all IP cameras [D3-SU].
Disable remote access to the IP camera, if unnecessary [D3-ITF].
Ensure cameras are protected by a security appliance, if possible, such as by using a firewall to prevent communication with the camera from IP addresses not on an allowlist [D3-NAM].
If remote access to IP camera feeds is required, ensure authentication is enabled [D3-AA] and use a VPN to connect remotely [D3-ET]. Use MFA for management accounts if supported [D3-MFA].
Disable Universal Plug and Play (UPnP), Peer-to-Peer (P2P), and Anonymous Visit features on IP cameras and routers [D3-NI].
Turn off other ports/services not in use (e.g., FTP, web interface, etc.) [D3-ACH].
If supported, enable authenticated RTSP access only [D3-AA].
Review all authentication activity for remote access to make sure it is valid and expected [D3-UBA]. Investigate any unexpected or unusual activity.
Audit IP camera user accounts to ensure they are an accurate reflection of your organization and that they are being used as expected [D3-UAP].
Configure, tune, and monitor logging—if available—on the IP camera.
Indicators of Compromise (IOCs)
Note: Specific IoCs may no longer be actor controlled, may themselves be compromised infrastructure or email accounts, or may be shared infrastructure such as public VPN or Tor exit nodes. Care should be taken when basing triaging logs or developing detection rules on these indicators. GRU unit 26165 almost certainly uses extensive further infrastructure and TTPs not specifically listed in this report.
Utilities and scripts
Legitimate utilities
Unauthorized or unusual use of the following legitimate utilities can be an indication of a potential compromise:
ntdsutil – A legitimate Windows executable used by threat actors to export contents of Active Directory
wevtutil – A legitimate Windows executable used by threat actors to delete event logs
vssadmin – A legitimate Windows executable possibly used by threat actors to make a copy of the server’s C: drive
ADexplorer – A legitimate window executable to view, edit, and backup Active Directory Certificate Services
OpenSSH – The Windows version of a legitimate open source SSH client
schtasks – A legitimate Windows executable used to create persistence using scheduled tasks
whoami – A legitimate Windows executable used to retrieve the name of the current user
tasklist – A legitimate Windows executable used to retrieve the list of running processes
hostname – A legitimate Windows executable used to retrieve the device name
arp – A legitimate Windows executable used to retrieve the ARP table for mapping the network environment
systeminfo – A legitimate Windows executable used to retrieve a comprehensive summary of device and operating system information
net – A legitimate Windows executable used to retrieve detailed user information
wmic – A legitimate Windows executable used to interact with Windows Management Instrumentation (WMI), such as to retrieve letters assigned to logical partitions on storage drives
cacls – A legitimate Windows executable used to modify permissions on files
icacls – A legitimate Windows executable used to modify permissions to files and handle integrity levels and ownership
ssh – A legitimate Windows executable used to establish network shell connections
reg – A legitimate Windows executable used to add to or modify the system registry
Note: Additional heuristics are needed for effective hunting for these and other living off the land (LOTL) binaries to avoid being overwhelmed by false positives if these legitimate management tools are used regularly. See the joint guide, Identifying and Mitigating Living Off the Land Techniques, for guidance on developing a multifaceted cybersecurity strategy that enables behavior analytics, anomaly detection, and proactive hunting, which are part of a comprehensive approach to mitigating cyber threats that employ LOTL techniques.
Malicious scripts
Certipy – An open source python tool for enumerating and abusing Active Directory Certificate Services
Get-GPPPassword.py – An open source python script for finding insecure passwords stored in Group Policy Preferences
ldap-dump.py – A script for enumerating user accounts and other information in Active Directory
Hikvision backdoor string: “YWRtaW46MTEK”
Suspicious command lines
While the following utilities are legitimate, and using them with the command lines shown may also be legitimate, these command lines are often used during malicious activities and could be an indication of a compromise:
edge.exe “-headless-new -disable-gpu”
ntdsutil.exe “activate instance ntds” ifm “create full C:temp[a-z]{3}” quit quit
Disclaimer: These IP addresses date June 2024 through August 2024. The authoring agencies recommend organizations investigate or vet these IP addresses prior to taking action, such as blocking.
June 2024
July 2024
August 2024
192[.]162[.]174[.]94
207[.]244[.]71[.]84
31[.]135[.]199[.]145
79[.]184[.]25[.]198
91[.]149[.]253[.]204
103[.]97[.]203[.]29
162[.]210[.]194[.]2
31[.]42[.]4[.]138
79[.]185[.]5[.]142
91[.]149[.]254[.]75
209[.]14[.]71[.]127
46[.]112[.]70[.]252
83[.]10[.]46[.]174
91[.]149[.]255[.]122
109[.]95[.]151[.]207
46[.]248[.]185[.]236
83[.]168[.]66[.]145
91[.]149[.]255[.]19
64[.]176[.]67[.]117
83[.]168[.]78[.]27
91[.]149[.]255[.]195
64[.]176[.]69[.]196
83[.]168[.]78[.]31
91[.]221[.]88[.]76
64[.]176[.]70[.]18
83[.]168[.]78[.]55
93[.]105[.]185[.]139
64[.]176[.]70[.]238
83[.]23[.]130[.]49
95[.]215[.]76[.]209
64[.]176[.]71[.]201
83[.]29[.]138[.]115
138[.]199[.]59[.]43
70[.]34[.]242[.]220
89[.]64[.]70[.]69
147[.]135[.]209[.]245
70[.]34[.]243[.]226
90[.]156[.]4[.]204
178[.]235[.]191[.]182
70[.]34[.]244[.]100
91[.]149[.]202[.]215
178[.]37[.]97[.]243
70[.]34[.]245[.]215
91[.]149[.]203[.]73
185[.]234[.]235[.]69
70[.]34[.]252[.]168
91[.]149[.]219[.]158
192[.]162[.]174[.]67
70[.]34[.]252[.]186
91[.]149[.]219[.]23
194[.]187[.]180[.]20
70[.]34[.]252[.]222
91[.]149[.]223[.]130
212[.]127[.]78[.]170
70[.]34[.]253[.]13
91[.]149[.]253[.]118
213[.]134[.]184[.]167
70[.]34[.]253[.]247
91[.]149[.]253[.]198
70[.]34[.]254[.]245
91[.]149[.]253[.]20
Detections
Customized NTLM listener
rule APT28_NTLM_LISTENER {
meta:
description = "Detects NTLM listeners including APT28's custom one"
( any of ($sysinternals_*) and any of ($psexec_*) )
or
( 2 of ($network_*) and 2 of ($psexec_*))
)
}
The cybersecurity industry provides overlapping cyber threat intelligence, IOCs, and mitigation recommendations related to GRU unit 26165 cyber actors. While not all encompassing, the following are the most notable threat group names related under MITRE ATT&CK G0007 and commonly used within the cybersecurity community:
APT28 [14]
Fancy Bear [14]
Forest Blizzard [14]
Blue Delta [15]
Note: Cybersecurity companies have different methods of tracking and attributing cyber actors, and this may not be a 1:1 correlation to the U.S. government’s understanding for all activity related to these groupings.
Further Reference
To search for the presence of malicious email messages targeting CVE-2023-23397, network defenders may consider using the script published by Microsoft: https://aka.ms/CVE-2023-23397ScriptDoc.
For the Impacket TTP, network defenders may consider using the following publicly available Impacket YARA detection rule: https://github.com/Neo23x0/signature-base/blob/master/yara/gen_impacket_tools.yar
Works Cited
[1] Microsoft. Defending Ukraine: Early Lessons from the Cyber War. 2022. https://blogs.microsoft.com/on-the-issues/2022/06/22/defending-ukraine-early-lessons-from-the-cyber-war/ [2] FBI et al. Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations. 2024. https://media.defense.gov/2024/Feb/27/2003400753/-1/-1/0/CSA-Russian-Actors-Use-Routers-Facilitate-Cyber_Operations.PDF [3] NSA et al. Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments. 2021. https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/0/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF [4] ANSSI. Campagnes d'attaques du mode opératoire APT28 depuis 2021. 2023. https://cert.ssi.gouv.fr/cti/CERTFR-2023-CTI-009/ [5] ANSSI. Targeting and compromise of french entities using the APT28 intrusion set. 2025. https://cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-007/ [6] Polish Cyber Command. Detecting Malicious Activity Against Microsoft Exchange Servers. 2023. https://www.wojsko-polskie.pl/woc/articles/aktualnosci-w/detecting-malicious-activity-against-microsoft-exchange-servers/ [7] IBM. Israel-Hamas Conflict Lures to Deliver Headlace Malware. 2023. https://securityintelligence.com/x-force/itg05-ops-leverage-israel-hamas-conflict-lures-to-deliver-headlace-malware/ [8] CERT-UA. APT28: From Initial Attack to Creating Domain Controller Threats in an Hour. 2023. https://cert.gov.ua/article/6276894 [9] NSA. Embracing a Zero Trust Security Model. 2021. https://media.defense.gov/2021/Feb/25/2002588479/-1/-1/0/CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF [10] NSA et al. Keeping PowerShell: Security Measures to Use and Embrace. 2022. https://media.defense.gov/2022/Jun/22/2003021689/-1/-1/0/CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE_20220622.PDF [11] National Institute of Standards and Technology (NIST). Special Publication 800-63B: Digital Identity Guidelines – Authentication and Lifecycle Management. 2020. https://pages.nist.gov/800-63-3/sp800-63b.html [12] NSA. Selecting Secure Multi-factor Authentication Solutions. October 16, 2020. https://media.defense.gov/2024/Jul/31/2003515137/-1/-1/0/MULTIFACTOR_AUTHENTICATION_SOLUTIONS_UOO17091520.PDF [13] NSA and CSA. NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations. 2023. https://media.defense.gov/2023/Oct/05/2003314578/-1/-1/0/JOINT_CSA_TOP_TEN_MISCONFIGURATIONS_TLP-CLEAR.PDF
[14] Department of Justice. Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU). 2024. https://www.justice.gov/archives/opa/pr/justice-department-conducts-court-authorized-disruption-botnet-controlled-russian [15] Recorded Future. GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns. 2024. https://go.recordedfuture.com/hubfs/reports/CTA-RU-2024-0530.pdf
Disclaimer of endorsement
The information and opinions contained in this document are provided "as is" and without any warranties or guarantees. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by the United States Government, and this guidance shall not be used for advertising or product endorsement purposes.
Purpose
This document was developed in furtherance of the authoring agencies’ cybersecurity missions, including their responsibilities to identify and disseminate threats and to develop and issue cybersecurity specifications and mitigations. This information may be shared broadly to reach all appropriate stakeholders.
Contact
United States organizations
National Security Agency (NSA)
Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI)
U.S. organizations are encouraged to reporting suspicious or criminal activity related to information in this advisory to CISA via the agency’s Incident Reporting System, its 24/7 Operations Center (report@cisa.gov or 888-282-0870), or your local FBI field office. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment user for the activity; the name of the submitting company or organization; and a designated point of contact.
Department of Defense Cyber Crime Center (DC3)
United Kingdom organizations
Germany organizations
Czech Republic organizations
Poland organizations
Australian organizations
Visit cyber.gov.au or call 1300 292 371 (1300 CYBER 1) to report cybersecurity incidents and access alerts and advisories.
Canadian organizations
Estonia organizations
French organizations
French organizations are encouraged to report suspicious activity or incident related to information found in this advisory by contacting ANSSI/CERT-FR by email at cert-fr@ssi.gouv.fr or by phone at: 3218 or +33 9 70 83 32 18.
See Table 2 through Table 14 for all the threat actor tactics and techniques referenced in this advisory.
Table 2: Reconnaissance
Tactic/Technique Title
ID
Use
Reconnaissance
TA0043
Conducted reconnaissance on at least one entity involved in the production of ICS components for railway management.
Conducted contact information reconnaissance to identify additional targets in key positions.
Gather Victim Org Information
T1591
Conducted reconnaissance of the cybersecurity department.
Gather Victim Org Information: Identify Roles
T1591.004
Conducted reconnaissance of individuals responsible for coordinating transport.
Gather Victim Org Information: Business Relationships
T1591.002
Conducted reconnaissance of other companies cooperating with the victim entity.
Gather Victim Host Information
T1592
Attempted to enumerate Real Time Streaming Protocol (RTSP) servers hosting IP cameras.
Table 3: Resource development
Tactic/Technique Title
ID
Use
Compromise Accounts: Email Accounts
T1586.002
Sent phishing emails using compromised accounts.
Compromise Accounts: Cloud Accounts
T1586.003
Sent phishing emails using compromised accounts.
Table 4: Initial Access
Tactic/Technique Title
ID
Use
Trusted Relationship
T1199
Conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access.
Phishing
T1566
Used spearphishing for credentials and delivering malware to gain initial access to targeted entities.
Phishing: Spearphishing Attachment
T1566.001
Sent emails with malicious attachments.
Phishing: Spearphishing Link
T1566.002
Used spearphishing with included links to fake login pages. Sent emails with embedded hyperlinks that downloaded a malicious archive.
Phishing: Spearphishing Voice
T1566.004
Attempted to use voice phishing to gain access to privileged accounts by impersonating IT staff.
External Remote Services
T1133
Exploited Internet-facing infrastructure, including corporate VPNs, to gain initial access to targeted entities.
Exploit Public-Facing Application
T1190
Exploited public vulnerabilities and SQL injection to gain initial access to targeted entities.
Content Injection
T1659
Leveraged a WinRAR vulnerability allowing for the execution of arbitrary code embedded in an archive.
Table 5: Execution
Tactic/Technique Title
ID
Use
User Execution: Malicious Link
T1204.001
Used malicious links to hosted shortcuts in spearphishing.
User Execution: Malicious File
T1204.002
Delivered malware executables via spearphishing.
Scheduled Task/Job: Scheduled Task
T1053.005
Used scheduled tasks to establish persistence.
Command and Scripting Interpreter
T1059
Delivered scripts in spearphishing. Executed arbitrary shell commands.
Command and Scripting Interpreter: PowerShell
T1059.001
PowerShell commands were often used to prepare data for exfiltration.
Command and Scripting Interpreter: Windows Command Shell
T1059.003
Used BAT script in spearphishing.
Command and Scripting Interpreter: Visual Basic
T1059.005
Used VBScript in spearphishing.
Command and Scripting Interpreter: Python
T1059.006
Installed python on infected machines to enable the execution of Certipy.
Enrolled compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access.
Hijack Execution Flow: DLL Search Order Hijacking
T1574.001
Used DLL search order hijacking to facilitate malware execution.
Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder
T1547.001
Used run keys to establish persistence.
Boot or Logon Autostart Execution: Shortcut Modification
T1547.009
Placed malicious shortcuts in the startup folder to establish persistence.
Table 7: Defense Evasion
Tactic/Technique Title
ID
Use
Indicator Removal: Clear Windows Event Logs
T1070.001
Deleted event logs through the wevtutil utility.
Table 8: Credential access
Tactic/Technique Title
ID
Use
Brute Force
Sent requests with Base64-encoded credentials for the RTSP server, which included publicly documented default credentials, and likely were generic attempts to brute force access to the devices.
Brute Force: Password Guessing
T1110.001
Used credential guessing to gain initial access to targeted entities.
Brute Force: Password Spraying
T1110.003
Used brute force to gain initial access to targeted entities. Conducted a brute force password spray via LDAP.
Multi-Factor Authentication Interception
Used multi-stage redirectors to provide MFA relaying capabilities in some campaigns.
Input Capture
Used multi-stage redirectors to provide CAPTCHA relaying capabilities in some campaigns.
Forced Authentication
Used an Outlook NTLM vulnerability to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations.
OS Credential Dumping: NTDS
T1003.003
Attempted to dump Active Directory NTDS.dit domain databases.
Unsecured Credentials: Group Policy Preferences
T1552.006
Retrieved plaintext passwords via Group Policy Preferences using Get-GPPPassword.py.
Table 9: Discovery
Tactic/Technique Title
ID
Use
Account Discovery: Domain Account
T1087.002
Used a modified ldap-dump.py to enumerate the Windows environment.
Table 10: Command and Control
Tactic/Technique Title
ID
Use
Hide Infrastructure
T1665
Abused SOHO devices to facilitate covert cyber operations, as well as proxy malicious activity, via devices with geolocation in proximity to the target.
Proxy: External Proxy
T1090.002
Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers.
Proxy: Multi-hop Proxy
T1090.003
Used Tor and commercial VPNs as part of their anonymization infrastructure
Encrypted Channel
T1573
Connected to victim infrastructure using encrypted TLS.
Multi-Stage Channels
T1104
Used multi-stage redirectors for campaigns.
Table 11: Defense evasion (mobile framework)
Tactic/Technique Title
ID
Use
Execution Guardrails
Used multi-stage redirectors to verify browser fingerprints in some campaigns.
Execution Guardrails: Geofencing
T1627.001
Used multi-stage redirectors to verify IP-geolocation in some campaigns.
Table 12: Lateral movement
Tactic/Technique Title
ID
Use
Lateral Movement
Used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment.
Remote Services: Remote Desktop Protocol
T1021.001
Moved laterally within the network using RDP.
Table 13: Collection
Tactic/Technique Title
ID
Use
Email Collection
Retrieved sensitive data from email servers.
Email Collection: Remote Email Collection
T1114.002
Used server data exchange protocols and APIs such as Exchange Web Services (EWS) and IMAP to exfiltrate data from email servers.
Automated Collection
Used periodic EWS queries to collect new emails.
Video Capture
Attempted to gain access to the cameras’ feeds.
Archive Collected Data
Accessed files were archived in .zip files prior to exfiltration.
Archive Collected Data: Archive via Utility
T1560.001
Prepared zip archives for upload to the actors’ infrastructure.
Table 14: Exfiltration
Tactic/Technique Title
ID
Use
Exfiltration Over Alternative Protocol
Attempted to exfiltrate archived data via a previously dropped OpenSSH binary.
Scheduled Transfer
Used periodic EWS queries to collect new emails sent and received since the last data exfiltration.
Appendix B: CVEs exploited
Table 15: Exploited CVE information
CVE
Vendor/Product
Details
CVE-2023-38831
RARLAB WinRAR
Allows execution of arbitrary code when a user attempts to view a benign file within a ZIP archive.
CVE-2023-23397
Microsoft Outlook
External actors could send specially crafted emails that cause a connection from the victim to an untrusted location of the actor’s control, leaking the Net-NTLMv2 hash of the victim that the actor could then relay to another service to authenticate as the victim.
CVE-2021-44026
Roundcube Webmail
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search params.
CVE-2020-35730
Roundcube Webmail
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16 and 1.4.x before 1.4.10, where a plaintext email message with JavaScript in a link reference element is mishandled by linkref_addindex in rcube_string_replacer.php.
CVE-2020-12641
Roundcube Webmail
Roundcube Webmail before 1.4.4 allows arbitrary code execution via shell metacharacters in a configuration setting for im_convert_path or im_identify_path in rcube_image.php.
Appendix C: MITRE D3FEND Countermeasures
Table 16: MITRE D3FEND countermeasures
Countermeasure Title
ID
Details
Network Isolation
Employ appropriate network segmentation. Disable Universal Plug and Play (UPnP), Peer-to-Peer (P2P), and Anonymous Visit features on IP cameras and routers.
Access Mediation
Limit access and utilize additional attributes (such as device information, environment, and access path) when making access decisions. Configure access controls carefully to ensure that only well-maintained and well-authenticated accounts have access.
Inbound Traffic Filtering
Implement host firewall rules to block connections from other devices on the network, other than from authorized management devices and servers, to prevent lateral movement.
Resource Access Pattern Analysis
Use automated tools to audit access logs for security concerns and identify anomalous access requests.
Outbound Traffic Filtering
Block NTLM/SMB requests to external infrastructure.
Platform Monitoring
Install EDR/logging/cybersecurity solutions onto high value systems with large amounts of sensitive data such as mail servers and domain controllers.
System File Analysis
Collect and monitor Windows logs for certain events, especially for events that indicate that a log was cleared unexpectedly.
Application Hardening
Enable optional security features in Windows to harden endpoints and mitigate initial access techniques.
Application-based Process Isolation
Enable attack surface reduction rules to prevent executable content from email.
Executable Allowlisting
Enable attack surface reduction rules to prevent execution of files from globally writeable directories, such as Downloads or %APPDATA%.
Execution Isolation
Unless users are involved in the development of scripts, limit the execution of scripts (such as batch, JavaScript, and PowerShell) to known scripts.
Application Configuration Hardening
Disable Windows Host Scripting functionality and configure PowerShell to run in Constrained mode. Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols) or do not support multi-factor authentication. Turn off other ports/services not in use (e.g., FTP, web interface, etc.).
Process Spawn Analysis
Use open source SIGMA rules as a baseline for detecting and alerting on suspicious file execution or command parameters.
URL Reputation Analysis
Use services that provide enhanced browsing services and safe link checking.
Network Access Mediation
Do not allow incoming traffic, especially logins to systems, from public VPN services. Where possible, logins from public VPNs, including exit nodes in the same country as target systems, should be blocked or, if allowed, alerted on for further investigation. Ensure cameras and other Internet of Things devices are protected by a security appliance, if possible.
DNS Denylisting
D3-DNSDL
Do not allow outgoing traffic to hosting and API mocking services frequently used by malicious actors.
Domain Name Reputation Analysis
Heuristic detections for web requests to new subdomains may uncover malicious phishing activity. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims.
Multi-factor Authentication
Use MFA with strong factors and require regular re-authentication, especially for management accounts.
Job Function Access Pattern Analysis
D3-JFAPA
Implement other mitigations for privileged accounts: including limiting the number of admin accounts, considering using hardware MFA tokens, and regularly reviewing all privileged user accounts.
User Account Permissions
Separate privileged accounts by role and alert on misuse of privileged accounts. Audit user accounts on all devices to ensure they are an accurate reflection of your organization and that they are being used as expected.
Token-based Authentication
Reduce reliance on passwords; instead, consider using services like single sign-on.
Credential Hardening
Do not store passwords in Group Policy Preferences (GPP). Remove all passwords previously included in GPP and change all passwords on the corresponding accounts.
Authentication Event Threshholding
Use account throttling or account lockout. Throttling progressively increases time delay between successive login attempts. If using account lockout, allow between 5 to 10 attempts before lockout.
Strong Password Policy
Use a service to check for compromised passwords before using them.
Credential Rotation
Change all default credentials.
Encrypted Tunnels
Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols). Use a VPN for remote connections to devices.
Software Update
Apply security patches and firmware updates to all devices. Ensure devices are currently supported. Replace devices that are end-of-life.
Agent Authentication
Ensure authentication is enabled for remote access to devices. If supported on IP cameras, enable authenticated RTSP access only.
User Behavior Analysis
Review all authentication activity for remote access to make sure it is valid and expected. Investigate any unexpected or unusual activity.
News In Brief – Source: US Computer Emergency Readiness Team
Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and other U.S. and international partners released a joint Cybersecurity Advisory, Russian GRU Targeting Western Logistics Entities and Technology Companies.
This advisory details a Russian state-sponsored cyber espionage-oriented campaign targeting technology companies and logistics entities, including those involved in the coordination, transport, and delivery of foreign assistance to Ukraine.
Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, military unit 26165 cyber actors are using a mix of previously disclosed tactics, techniques, and procedures (TTPs) and are likely connected to these actors’ widescale targeting of IP cameras in Ukraine and bordering NATO nations.
Executives and network defenders at logistics entities and technology companies should recognize the elevated threat of until 26165 targeting, increase monitoring and threat hunting for known TTPs and indicators of compromise, and posture network defenses with a presumption of targeting. For more information on Russian state-sponsored threat actor activity, see CISA’s Russia Cyber Threat Overview and Advisories page.
SAN FRANCISCO, May 21, 2025 (GLOBE NEWSWIRE) — LiveRamp® (NYSE: RAMP), a leading data collaboration platform, today announced its financial results for the quarter and fiscal year ended March 31, 2025.
Q4 Financial Highlights1
Total revenue was $189 million, up 10%.
Subscription revenue was $145 million, up 9%.
Marketplace & Other revenue was $44 million, up 14%.
GAAP gross profit was $131 million, up 5%. GAAP gross margin of 69% compressed by 3 percentage points. Non-GAAP gross profit was $136 million, up 5%. Non-GAAP gross margin of 72% compressed by 3 percentage points.
GAAP operating loss was $12 million compared to $14 million. GAAP operating margin of negative 6% expanded by 2 percentage points. Non-GAAP operating income was $23 million compared to $16 million. Non-GAAP operating margin of 12% expanded by 3 percentage points.
GAAP diluted loss per share was $0.10 and non-GAAP diluted earnings per share was $0.30.
Net cash provided by operating activities was $63 million compared to $28 million.
Share repurchases in the fourth quarter totaled approximately 950 thousand shares for $25 million.
Fiscal Year Financial Highlights1
Total revenue was $746 million, up 13%.
Subscription revenue was $569 million, up 11%, and represented 76% of total revenue.
Marketplace & Other revenue was $177 million, up 21%.
GAAP gross profit was $530 million, up 10%, and GAAP gross margin of 71% compressed by 2 percentage points. Non-GAAP gross profit was $550 million, up 12%, and non-GAAP gross margin of 74% compressed by 1 percentage point.
GAAP operating income was $5 million compared to $11 million. GAAP operating margin of 1% compressed by 1 percentage point. Non-GAAP operating income was $136 million compared to $105 million. Non-GAAP operating margin of 18% expanded by 2 percentage points.
GAAP diluted loss per share was $0.01, and non-GAAP diluted EPS was $1.70.
Net cash provided by operating activities was $154 million compared to $106 million.
Share repurchases in fiscal 2025 totaled approximately 3.8 million shares for $101 million. As of March 31, 2025, there was $256 million in remaining capacity under the share repurchase authorization that expires on December 31, 2026.
A reconciliation between GAAP and non-GAAP results is provided in the schedules to this press release.
Commenting on the results, CEO Scott Howe said: “We had a strong finish to fiscal 2025, with fourth quarter revenue and operating income exceeding our expectations, revenue growing at a double-digit rate and operating cash flow reaching a record high. As we enter fiscal 2026, more so than ever, we are focused on controlling what we can control: Making our platform faster and easier to use; rolling out new functionality, such as our new Cross Media Intelligence measurement solution; helping customers optimize ad spend by harnessing the power of our Data Collaboration Network; and, finally, prudently managing our own costs and growth investments. The near-term macro environment may be uncertain, but we remain confident that in the long-run we can drive sustained growth and shareholder value creation.”
GAAP and Non-GAAP Results The following table summarizes the Company’s financial results for the fiscal 2025 fourth quarter and full year ended March 31, 2025 ($ in millions, except per share amounts):
GAAP
Non-GAAP
Q4 FY25
FY25
Q4 FY25
FY25
Subscription revenue
$145
$569
—
—
YoY change
9%
11%
—
—
Marketplace & Other revenue
$44
$177
—
—
YoY change
14%
21%
—
—
Total revenue
$189
$746
—
—
YoY change
10%
13%
—
—
Gross profit
$131
$530
$136
$550
% Gross margin
69%
71%
72%
74%
YoY change
(3pts)
(2pts)
(3pts)
(1pt)
Operating income (loss)
($12)
$5
$23
$136
% Operating margin
(6%)
1%
12%
18%
YoY change
2pts
(1 pt)
3 pts
2 pts
Net earnings (loss)
($6)
($1)
$20
$115
Diluted earnings (loss) per share
($0.10)
($0.01)
$0.30
$1.70
Shares to calculate diluted EPS
66.0
66.1
67.5
67.5
YoY change
(1%)
(3%)
(1%)
(1%)
Net operating cash flow
$63
$154
—
—
Free cash flow
—
—
$62
$153
Totals may not sum due to rounding.
A detailed discussion of our non-GAAP financial measures and a reconciliation between GAAP and non-GAAP results is provided in the schedules attached to this press release.
Additional Business Highlights & Metrics
On February 25 we hosted an investor day presentation in San Francisco. The video replay, slide presentation and transcript are available on our investor relations website. Additionally, please see our investor day recap that highlights 10 interesting slides from the presentation, available here.
On February 25-27 we hosted our annual customer and partner conference, RampUp, in San Francisco, bringing together more than 2,500 leaders at the intersection of marketing, technology and data science. The event featured product demonstrations and 40+ panels and presentations featuring 110 leaders from some of the largest brands in the world, including Disney, Home Depot, P&G and Uber – to name a few. Video replays of these sessions are available here and an event recap for investors is available here.
On February 25 we announced Cross-Media Intelligence, a new capability that enables marketers to better measure and optimize campaigns anywhere their customers are. LiveRamp’s Cross-Media Intelligence is a premier solution for next-generation cross-media measurement, unifying insights across partners and datasets, and delivering actionable, repeatable insights with unmatched speed and precision. With Cross-Media Intelligence, marketers for the first time can access unified, deduplicated reporting across screens and platforms (additional information).
On April 22 Google announced that it will no longer roll out a new standalone prompt for consumers to opt-in to third-party cookie tracking on Chrome. LiveRamp’s mission remains the same: Enable best-in-class addressable reach and connectivity across every consumer experience by continuing to develop the largest and most useful data collaboration network. We will use cookies to extend reach on Chrome, while continuing to invest and expand our authenticated ecosystem across cookieless browsers (Safari, Firefox, and Edge), direct publisher integrations, CTV, mobile/gaming, and new AI integrations. Please see our blog post for additional information.
On March 6 we announced a workforce restructuring involving approximately 5% of our full-time employees. The restructuring is part of a broader strategic reprioritization to build a stronger, more profitable company by tightening our focus and simplifying and driving efficiency into our business processes. In the fourth quarter we incurred $7.2 million of restructuring and related charges primarily related to employee severance and benefits.
LiveRamp ended the year with 128 customers whose annualized subscription revenue exceeds $1 million, compared to 115 in the prior year.
LiveRamp ended the year with 840 direct subscription customers, compared to 900 in the prior year.
Fourth quarter subscription net retention was 104% and platform net retention was 106%.
Fourth quarter annualized recurring revenue (ARR), which is the last month of the quarter fixed subscription revenue annualized, was $504 million, up 8% compared to the prior year period.
Current remaining performance obligations (CRPO), which is contracted and committed revenue expected to be recognized over the next 12 months, was $471 million, up 14% compared to the prior year period.
Financial Outlook
LiveRamp’s non-GAAP operating income guidance excludes the impact of non-cash stock compensation, purchased intangible asset amortization, and restructuring and related charges.
For the first quarter of fiscal 2026, LiveRamp expects to report:
Revenue of $191 million, an increase of 9%
GAAP operating loss of $33 million
Non-GAAP operating income of $6 million
For fiscal 2026, LiveRamp expects to report:
Revenue of between $787 million and $817 million, an increase of between 6% and 10%
GAAP operating loss of between $178 million and $182 million
Non-GAAP operating income of between $85 million and $89 million
Conference Call
LiveRamp will hold a conference call today at 1:30 p.m. PT (4:30 p.m. ET) to further discuss this information. Interested parties are invited to listen to a webcast of the conference, which can be accessed on LiveRamp’s investor site. A slide presentation will be referenced during the call and is available here.
About LiveRamp
LiveRamp is a leading data collaboration technology company, empowering marketers and media owners to deliver and measure marketing performance everywhere it matters. LiveRamp’s data collaboration network seamlessly unites data across advertisers, platforms, publishers, data providers, and commerce media networks—unlocking deep insights, delivering transformational consumer experiences, and driving measurable growth.
Built on a foundation of strict neutrality, interoperability, and global scale, LiveRamp enables organizations to maximize the value of their data while accelerating innovation. Trusted by many of the world’s leading brands, retailers, financial services providers, and healthcare innovators, LiveRamp is helping shape the future of responsible data collaboration in an AI-driven, outcomes-focused world where advertisers reach intended audiences and consumers receive more relevant advertising messages.
LiveRamp is headquartered in San Francisco, California, with offices worldwide. Learn more at LiveRamp.com.
Forward-Looking Statements
This press release contains “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995, as amended (the “PSLRA”). Forward-looking statements are often identified by words or phrases such as “anticipate,” “estimate,” “plan,” “expect,” “believe,” “intend,” “foresee,” or the negative of these terms or other similar variations thereof, but the absence of these words does not mean that a statement is not forward-looking. These statements, which are not statements of historical fact, include, but are not limited to, the Company’s guidance regarding revenue, GAAP operating loss and Non-GAAP operating income for the first quarter and full year of fiscal 2026 and other similar estimates, assumptions, forecasts, projections and expectations regarding market position, product development, growth opportunities, economic conditions and other future events and trends.
These forward-looking statements are not guarantees of future performance and are subject to a number of factors and uncertainties that could cause the Company’s actual results and experiences to differ materially from the anticipated results and expectations expressed in the forward-looking statements.
Among the factors that may cause actual results and expectations to differ from anticipated results and expectations expressed in forward-looking statements are economic uncertainties that could impact us or our suppliers, customers and partners, including, geo-political circumstances, including risk related to tariffs and other trade restrictions, the possibility of a recession, general inflationary pressure and high interest rates; the ability and willingness of our customers to renew their agreements with us upon their expiration; our ability to add new customers and upsell within our subscription business; our reliance upon partners, including data suppliers, who may withdraw or withhold data from us; increased competition and rapidly changing technology that could impact our products and services; the risk that we fail to realize the potential benefits of or have difficulty integrating acquired businesses; and our inability to attract, motivate and retain talent. Additional risks include maintaining our culture and our ability to innovate and evolve while operating in a hybrid work environment, with some employees working remotely at least some of the time within a rapidly changing industry, while also avoiding disruption from reductions in our current workforce as well as disruptions resulting from acquisition, divestiture and other activities affecting our workforce. Our global workforce strategy could possibly encounter difficulty and not be as beneficial as planned. Our international operations are also subject to risks, including the performance of third parties as well as impacts from war and civil unrest, that may harm the Company’s business. The risk of a significant breach of the confidentiality of the information or the security of our or our customers’, suppliers’, or other partners’ data and/or computer systems, or the risk that our current insurance coverage may not be adequate for such a breach, that an insurer might deny coverage for a claim or that such insurance will continue to be available to us on commercially reasonable terms, or at all, could be detrimental to our business, reputation and results of operations. Other business risks include unfavorable publicity and negative public perception about our industry; interruptions or delays in service from data center or cloud hosting vendors we rely upon; and our dependence on the continued availability of third-party data hosting and transmission services. Our clients’ ability to use data on our platform could be restricted if the industry’s use of third-party cookies and tracking technology declines due to technology platform changes, regulation or increased user controls. Continued changes in the judicial, legislative, regulatory, accounting, cultural and consumer environments affecting our business, including but not limited to litigation, investigations, legislation, regulations and customs at the state, federal and international levels relating to information collection and use represents a risk, as well as changes in tax laws and regulations that are applied to our customers which could cause enterprise software budget tightening. In addition, third parties may claim that we are infringing their intellectual property or may infringe our intellectual property which could result in competitive injury and / or the incurrence of significant costs and draining of our resources.
For a discussion of these and other risks and uncertainties that could affect LiveRamp’s business, reputation, results of operation, financial condition and stock price, please refer to LiveRamp’s filings with the U.S. Securities and Exchange Commission, including in the “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” sections of LiveRamp’s most recently filed Annual Report on Form 10-K, Quarterly Reports on Form 10-Q and subsequent filings.
The financial information set forth in this press release reflects estimates based on information available at this time.
LiveRamp assumes no obligation and does not currently intend to update these forward-looking statements.
To automatically receive LiveRamp financial news by email, please visit www.LiveRamp.com and subscribe to email alerts.
LiveRamp® and RampID™ and all other LiveRamp marks contained herein are trademarks or service marks of LiveRamp, Inc. All other marks are the property of their respective owners.
________________________ 1 Unless otherwise indicated, all comparisons are to the prior year period.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(Unaudited)
(Dollars in thousands, except per share amounts)
For the three months ended March 31,
$
%
2025
2024
Variance
Variance
Revenues
188,724
171,852
16,872
9.8
%
Cost of revenue
57,929
47,722
10,207
21.4
%
Gross profit
130,795
124,130
6,665
5.4
%
% Gross margin
69.3
%
72.2
%
Operating expenses
Research and development
45,926
45,161
765
1.7
%
Sales and marketing
56,961
60,476
(3,515
)
(5.8
)%
General and administrative
32,175
30,252
1,923
6.4
%
Gains, losses and other items, net
7,241
2,516
4,725
187.8
%
Total operating expenses
142,303
138,405
3,898
2.8
%
Loss from operations
(11,508
)
(14,275
)
2,767
19.4
%
% Margin
(6.1
)%
(8.3
)%
Total other income, net
4,762
5,070
(308
)
(6.1
)%
Loss from continuing operations before income taxes
(6,746
)
(9,205
)
2,459
26.7
%
Income tax benefit
(479
)
(3,027
)
2,548
84.2
%
Net earnings from continuing operations
(6,267
)
(6,178
)
(89
)
(1.4
)%
Earnings from discontinued operations, net of tax
–
805
(805
)
(100.0
)%
Net loss
(6,267
)
(5,373
)
(894
)
(16.6
)%
Basic loss per share:
Continuing operations
(0.10
)
(0.09
)
(0.00
)
(2.0
)%
Discontinued operations
0.00
0.01
(0.01
)
(100.0
)%
Basic loss per share
(0.10
)
(0.08
)
(0.01
)
(17.3
)%
Diluted loss per share:
Continuing operations
(0.10
)
(0.09
)
(0.00
)
(2.0
)%
Discontinued operations
0.00
0.01
(0.01
)
(100.0
)%
Diluted loss per share
(0.10
)
(0.08
)
(0.01
)
(17.3
)%
Basic weighted average shares
65,957
66,323
Diluted weighted average shares
65,957
66,323
Some totals may not sum due to rounding.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(Unaudited)
(Dollars in thousands, except per share amounts)
For the twelve months ended March 31,
$
%
2025
2024
Variance
Variance
Revenues
745,580
659,661
85,919
13.0
%
Cost of revenue
215,910
179,489
36,421
20.3
%
Gross profit
529,670
480,172
49,498
10.3
%
% Gross margin
71.0
%
72.8
%
Operating expenses
Research and development
176,668
151,201
25,467
16.8
%
Sales and marketing
213,106
195,693
17,413
8.9
%
General and administrative
126,499
110,166
16,333
14.8
%
Gains, losses and other items, net
7,993
11,708
(3,715
)
(31.7
)%
Total operating expenses
524,266
468,768
55,498
11.8
%
Income from operations
5,404
11,404
(6,000
)
(52.6
)%
% Margin
0.7
%
1.7
%
Total other income, net
17,436
22,957
(5,521
)
(24.0
)%
Income from continuing operations before income taxes
22,840
34,361
(11,521
)
(33.5
)%
Income tax expense
25,342
24,270
1,072
4.4
%
Net earnings (loss) from continuing operations
(2,502
)
10,091
(12,593
)
(124.8
)%
Earnings from discontinued operations, net of tax
1,688
1,790
(102
)
(5.7
)%
Net earnings (loss)
(814
)
11,881
(12,695
)
(106.9
)%
Basic earnings (loss) per share:
Continuing operations
(0.04
)
0.15
(0.19
)
(124.8
)%
Discontinued operations
0.03
0.03
(0.00
)
(5.5
)%
Basic earnings (loss) per share
(0.01
)
0.18
(0.19
)
(106.9
)%
Diluted earnings (loss) per share:
Continuing operations
(0.04
)
0.15
(0.19
)
(125.5
)%
Discontinued operations
0.03
0.03
(0.00
)
(3.1
)%
Diluted earnings (loss) per share
(0.01
)
0.17
(0.19
)
(107.0
)%
Basic weighted average shares
66,126
66,266
Diluted weighted average shares
66,126
67,918
Some totals may not sum due to rounding.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP EPS (1)
(Unaudited)
(Dollars in thousands, except per share amounts)
For the three months ended March 31,
For the twelve months ended March 31,
2025
2024
2025
2024
Income (loss) from continuing operations before income taxes
(6,746
)
(9,205
)
22,840
34,361
Income tax expense (benefit)
(479
)
(3,027
)
25,342
24,270
Net earnings from continuing operations
(6,267
)
(6,178
)
(2,502
)
10,091
Earnings from discontinued operations, net of tax
–
805
1,688
1,790
Net earnings (loss)
(6,267
)
(5,373
)
(814
)
11,881
Basic earnings (loss) per share
(0.10
)
(0.08
)
(0.01
)
0.18
Diluted earnings (loss) per share
(0.10
)
(0.08
)
(0.01
)
0.17
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,135
3,097
14,415
8,785
Non-cash stock compensation (cost of revenue and operating expenses)
24,166
24,780
107,979
71,304
Restructuring and merger charges (gains, losses, and other)
7,241
2,516
7,993
11,708
Transformation costs (general and administrative)
—
—
—
1,875
Total excluded items from continuing operations
34,542
30,393
130,387
93,672
Income from continuing operations before income taxes and excluding items
27,796
21,188
153,227
128,033
Income tax expense (2)
7,759
3,947
38,296
29,882
Non-GAAP net earnings (loss) from continuing operations
20,037
17,241
114,931
98,151
Non-GAAP earnings per share from continuing operations
Basic
0.30
0.26
1.74
1.48
Diluted
0.30
0.25
1.70
1.45
Basic weighted average shares
65,957
66,323
66,126
66,266
Diluted weighted average shares
67,479
68,471
67,499
67,918
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
(2) Non-GAAP income taxes were calculated by applying the estimated annual effective tax rate to year-to-date pretax income or loss and adjusting for discrete tax items in the period. The differences between our GAAP and non-GAAP effective tax rates were primarily due to the net tax effects of the excluded items, coupled with the valuation allowance and smaller pre-tax income for GAAP purposes.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP INCOME FROM OPERATIONS (1)
(Unaudited)
(Dollars in thousands)
For the three months ended March 31,
For the twelve months ended March 31,
2025
2024
2025
2024
Income (loss) from operations
(11,508
)
(14,275
)
5,404
11,404
Operating income (loss) margin
(6.1
)%
(8.3
)%
0.7
%
1.7
%
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,135
3,097
14,415
8,785
Non-cash stock compensation (cost of revenue and operating expenses)
24,166
24,780
107,979
71,304
Restructuring and merger charges (gains, losses, and other)
7,241
2,516
7,993
11,708
Transformation costs (general and administrative)
–
–
–
1,875
Total excluded items
34,542
30,393
130,387
93,672
Income from operations before excluded items
23,034
16,118
135,791
105,076
Non-GAAP operating income margin
12.2
%
9.4
%
18.2
%
15.9
%
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF ADJUSTED EBITDA (1)
(Unaudited)
(Dollars in thousands)
For the three months ended March 31,
For the twelve months ended March 31,
2024
2023
2024
2023
Net earnings (loss) from continuing operations
(6,267
)
(6,178
)
(2,502
)
10,091
Income tax expense (benefit)
(479
)
(3,027
)
25,342
24,270
Total other expense, net
(4,762
)
(5,070
)
(17,436
)
(22,957
)
Income (loss) from operations
(11,508
)
(14,275
)
5,404
11,404
Depreciation and amortization
3,803
3,823
17,207
11,508
EBITDA
(7,705
)
(10,452
)
22,611
22,912
Other adjustments:
Non-cash stock compensation (cost of revenue and operating expenses)
24,166
24,780
107,979
71,304
Restructuring and merger charges (gains, losses, and other)
7,241
2,516
7,993
11,708
Transformation costs (general and administrative)
–
–
–
1,875
Other adjustments
31,407
27,296
115,972
84,887
Adjusted EBITDA
23,702
16,844
138,583
107,799
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures, the usefulness of these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(Dollars in thousands)
March 31
March 31
$
%
2025
2024
Variance
Variance
Assets
Current assets:
Cash and cash equivalents
413,331
336,867
76,464
22.7
%
Restricted cash
595
2,604
(2,009
)
(77.2
)%
Short-term investments
7,500
32,045
(24,545
)
(76.6
)%
Trade accounts receivable, net
186,169
190,313
(4,144
)
(2.2
)%
Refundable income taxes, net
9,708
8,521
1,187
13.9
%
Other current assets
38,886
31,682
7,204
22.7
%
Total current assets
656,189
602,032
54,157
9.0
%
Property and equipment
23,813
25,394
(1,581
)
(6.2
)%
Less – accumulated depreciation and amortization
17,629
17,213
416
2.4
%
Property and equipment, net
6,184
8,181
(1,997
)
(24.4
)%
Intangible assets, net
20,167
34,583
(14,416
)
(41.7
)%
Goodwill
501,756
501,756
–
–
%
Deferred commissions, net
44,452
48,143
(3,691
)
(7.7
)%
Other assets, net
30,623
36,748
(6,125
)
(16.7
)%
1,259,371
1,231,443
27,928
2.3
%
Liabilities and Stockholders’ Equity
Current liabilities:
Trade accounts payable
112,271
81,202
31,069
38.3
%
Accrued payroll and related expenses
50,776
61,575
(10,799
)
(17.5
)%
Other accrued expenses
38,586
42,857
(4,271
)
(10.0
)%
Deferred revenue
45,885
30,942
14,943
48.3
%
Total current liabilities
247,518
216,576
30,942
14.3
%
Other liabilities
62,994
65,732
(2,738
)
(4.2
)%
Stockholders’ equity:
Preferred stock
–
–
–
n/a
Common stock
15,918
15,594
324
2.1
%
Additional paid-in capital
2,045,316
1,933,776
111,540
5.8
%
Retained earnings
1,313,358
1,314,172
(814
)
(0.1
)%
Accumulated other comprehensive income
4,295
3,964
331
8.4
%
Treasury stock, at cost
(2,430,028
)
(2,318,371
)
(111,657
)
4.8
%
Total stockholders’ equity
948,859
949,135
(276
)
(0.0
)%
1,259,371
1,231,443
27,928
2.3
%
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(Unaudited)
(Dollars in thousands)
For the three months ended March 31,
2025
2024
Cash flows from operating activities:
Net loss
(6,267
)
(5,373
)
Earnings from discontinued operations, net of tax
—
(805
)
Non-cash operating activities:
Depreciation and amortization
3,803
3,823
Loss on disposal or impairment of assets
44
6
Lease-related impairment and restructuring charges
(28
)
(546
)
Gain on sale of strategic investments
(515
)
—
Loss on marketable equity securities
206
—
Provision for doubtful accounts
(453
)
1,947
Deferred income taxes
(496
)
(498
)
Non-cash stock compensation expense
24,166
24,780
Changes in operating assets and liabilities:
Accounts receivable, net
25,187
8,700
Deferred commissions
46
(3,971
)
Other assets
4,703
8,514
Accounts payable and other liabilities
11,738
(246
)
Income taxes
(523
)
(7,285
)
Deferred revenue
969
(1,403
)
Net cash provided by operating activities
62,580
27,643
Cash flows from investing activities:
Capital expenditures
(293
)
(1,791
)
Cash paid in acquisitions, net of cash received
—
(170,281
)
Purchases of investments
—
(24,509
)
Proceeds from sales of investments
—
25,000
Proceeds from sale of strategic investment
763
—
Net cash provided by (used in) investing activities
470
(171,581
)
Cash flows from financing activities:
Proceeds related to the issuance of common stock under stock and employee benefit plans
202
1
Shares repurchased for tax withholdings upon vesting of stock-based awards
(1,026
)
(719
)
Acquisition of treasury stock
(25,447
)
(15,177
)
Net cash used in financing activities
(26,271
)
(15,895
)
Net cash provided by (used in) continuing operations
36,779
(159,833
)
Cash flows from discontinued operations:
From operating activities
(798
)
805
Net cash provided by (used in) discontinued operations
(798
)
805
Net cash provided by (used in) continuing and discontinued operations
35,981
(159,028
)
Effect of exchange rate changes on cash
580
(447
)
Net change in cash, cash equivalents and restricted cash
36,561
(159,475
)
Cash, cash equivalents and restricted cash at beginning of period
377,365
498,946
Cash, cash equivalents and restricted cash at end of period
413,926
339,471
Supplemental cash flow information:
Cash paid for income taxes, net from continuing operations
558
4,905
Cash received for income taxes, net from discontinued operations
—
(1,258
)
Cash paid for operating lease liabilities
2,426
2,594
Operating lease assets obtained in exchange for operating lease liabilities
—
148
Operating lease assets, and related lease liabilities, relinquished in lease terminations
(40
)
—
Purchases of property, plant and equipment remaining unpaid at period end
20
104
Marketable equity securities obtained in disposition of strategic investment
652
—
Excise tax payable on net stock repurchases
64
—
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(Unaudited)
(Dollars in thousands)
For the twelve months ended March 31,
2025
2024
Cash flows from operating activities:
Net earnings (loss)
(814
)
11,881
Earnings from discontinued operations, net of tax
(1,688
)
(1,790
)
Non-cash operating activities:
Depreciation and amortization
17,207
11,508
Loss on disposal or impairment of assets
85
1,219
Lease-related impairment and restructuring charges
14
1,769
Gain on sale of strategic investments
(515
)
—
Loss on marketable equity securities
206
—
Provision for doubtful accounts
695
2,254
Impairment of goodwill
—
2,875
Deferred income taxes
(447
)
(458
)
Non-cash stock compensation expense
107,979
71,304
Changes in operating assets and liabilities:
Accounts receivable, net
3,547
(32,336
)
Deferred commissions
3,691
(11,113
)
Other assets
2,105
9,426
Accounts payable and other liabilities
3,573
8,508
Income taxes
3,430
22,275
Deferred revenue
14,897
8,334
Net cash provided by operating activities
153,965
105,656
Cash flows from investing activities:
Capital expenditures
(1,042
)
(4,255
)
Cash paid in acquisitions, net of cash received
(1,951
)
(170,281
)
Purchases of investments
(1,967
)
(48,894
)
Proceeds from sales of investments
26,989
50,750
Proceeds from sale of strategic investment
763
—
Purchases of strategic investments
(1,400
)
(1,000
)
Net cash provided by (used in) investing activities
21,392
(173,680
)
Cash flows from financing activities:
Proceeds related to the issuance of common stock under stock and employee benefit plans
8,833
7,222
Shares repurchased for tax withholdings upon vesting of stock-based awards
(10,331
)
(5,835
)
Acquisition of treasury stock
(101,198
)
(60,502
)
Net cash used in financing activities
(102,696
)
(59,115
)
Net cash provided by (used in) continuing operations
72,661
(127,139
)
Cash flows from discontinued operations:
From operating activities
1,688
1,790
Net cash provided by discontinued operations
1,688
1,790
Net cash provided by (used in) continuing and discontinued operations
74,349
(125,349
)
Effect of exchange rate changes on cash
106
372
Net change in cash, cash equivalents and restricted cash
74,455
(124,977
)
Cash, cash equivalents and restricted cash at beginning of period
339,471
464,448
Cash, cash equivalents and restricted cash at end of period
413,926
339,471
Supplemental cash flow information:
Cash paid for income taxes, net from continuing operations
22,548
2,465
Cash received for income taxes, net from discontinued operations
(2,486
)
(2,765
)
Cash received for tenant improvement allowances
(2,628
)
—
Cash paid for operating lease liabilities
9,798
10,293
Operating lease assets obtained in exchange for operating lease liabilities
2,327
11,825
Operating lease assets, and related lease liabilities, relinquished in lease terminations
(595
)
(4,486
)
Purchases of property, plant and equipment remaining unpaid at period end
20
104
Marketable equity securities obtained in disposition of strategic investment
652
—
Excise tax payable on net stock repurchases
128
—
LIVERAMP HOLDINGS, INC AND SUBSIDIARIES
CALCULATION OF FREE CASH FLOW (1)
(Unaudited)
(Dollars in thousands)
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
Net cash provided by (used in) operating activities
$
25,693
$
35,764
$
16,556
$
27,643
$
105,656
$
(9,328
)
$
55,596
$
45,117
$
62,580
$
153,965
Less:
Capital expenditures
(53
)
(200
)
(2,211
)
(1,791
)
(4,255
)
(226
)
(241
)
(282
)
(293
)
(1,042
)
Free Cash Flow
$
25,640
$
35,564
$
14,345
$
25,852
$
101,401
$
(9,554
)
$
55,355
$
44,835
$
62,287
$
152,923
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(Unaudited)
(Dollars in thousands, except per share amounts)
Yr-to-Yr
FY2024
FY2025
FY2025 to FY2024
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
%
$
Revenues
154,069
159,871
173,869
171,852
659,661
175,961
185,483
195,412
188,724
745,580
13.0
%
85,919
Cost of revenue
45,621
41,212
44,934
47,722
179,489
51,749
51,234
54,998
57,929
215,910
20.3
%
36,421
Gross profit
108,448
118,659
128,935
124,130
480,172
124,212
134,249
140,414
130,795
529,670
10.3
%
49,498
% Gross margin
70.4
%
74.2
%
74.2
%
72.2
%
72.8
%
70.6
%
72.4
%
71.9
%
69.3
%
71.0
%
Operating expenses
Research and development
34,519
33,733
37,788
45,161
151,201
44,118
43,889
42,735
45,926
176,668
16.8
%
25,467
Sales and marketing
44,879
44,135
46,203
60,476
195,693
54,175
51,107
50,863
56,961
213,106
8.9
%
17,413
General and administrative
26,664
26,009
27,241
30,252
110,166
30,961
31,369
31,994
32,175
126,499
14.8
%
16,333
Gains, losses and other items, net
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
(31.7
)%
(3,715
)
Total operating expenses
106,178
110,451
113,734
138,405
468,768
129,460
126,762
125,741
142,303
524,266
11.8
%
55,498
Income (loss) from operations
2,270
8,208
15,201
(14,275
)
11,404
(5,248
)
7,487
14,673
(11,508
)
5,404
(52.6
)%
(6,000
)
% Margin
5.0
%
24.3
%
40.2
%
(31.6
)%
1.7
%
(3.0
)%
4.0
%
7.5
%
(6.1
)%
0.7
%
Total other income, net
4,849
6,431
6,607
5,070
22,957
4,444
4,197
4,033
4,762
17,436
(24.0
)%
(5,521
)
Income (loss) from continuing operations before income taxes
7,119
14,639
21,808
(9,205
)
34,361
(804
)
11,684
18,706
(6,746
)
22,840
(33.5
)%
(11,521
)
Income tax expense (benefit)
8,705
10,163
8,429
(3,027
)
24,270
6,685
9,952
9,184
(479
)
25,342
4.4
%
1,072
Net earnings (loss) from continuing operations
(1,586
)
4,476
13,379
(6,178
)
10,091
(7,489
)
1,732
9,522
(6,267
)
(2,502
)
(124.8
)%
(12,593
)
Earnings from discontinued operations, net of tax
–
387
598
805
1,790
–
–
1,688
–
1,688
(5.7
)%
(102
)
Net earnings (loss)
$
(1,586
)
$
4,863
$
13,977
$
(5,373
)
$
11,881
$
(7,489
)
$
1,732
$
11,210
$
(6,267
)
$
(814
)
(106.9
)%
(12,695
)
Basic earnings (loss) per share:
Continuing Operations
(0.02
)
0.07
0.20
(0.09
)
0.15
(0.11
)
0.03
0.15
(0.10
)
(0.04
)
(124.8
)%
(0.19
)
Discontinued Operations
0.00
0.01
0.01
0.01
0.03
0.00
0.00
0.03
0.00
0.03
(5.5
)%
(0.00
)
Basic earnings (loss) per share
(0.02
)
0.07
0.21
(0.08
)
0.18
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
(106.9
)%
(0.19
)
Diluted earnings (loss) per share:
Continuing Operations
(0.02
)
0.07
0.20
(0.09
)
0.15
(0.11
)
0.03
0.14
(0.10
)
(0.04
)
(125.5
)%
(0.19
)
Discontinued Operations
0.00
0.01
0.01
0.01
0.03
0.00
0.00
0.03
0.00
0.03
(3.1
)%
(0.00
)
Diluted earnings (loss) per share
(0.02
)
0.07
0.21
(0.08
)
0.17
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
(107.0
)%
(0.19
)
Basic weighted average shares
66,497
66,284
65,961
66,323
66,266
66,621
66,294
65,631
65,957
66,126
Diluted weighted average shares
66,497
67,868
67,943
66,323
67,918
66,621
67,309
66,743
65,957
66,126
Some earnings (loss) per share amounts may not add due to rounding.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP EXPENSES (1)
(Unaudited)
(Dollars in thousands)
FY2024
FY2025
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
Expenses:
Cost of revenue
45,621
41,212
44,934
47,722
179,489
51,749
51,234
54,998
57,929
215,910
Research and development
34,519
33,733
37,788
45,161
151,201
44,118
43,889
42,735
45,926
176,668
Sales and marketing
44,879
44,135
46,203
60,476
195,693
54,175
51,107
50,863
56,961
213,106
General and administrative
26,664
26,009
27,241
30,252
110,166
30,961
31,369
31,994
32,175
126,499
Gains, losses and other items, net
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
Gross profit, continuing operations:
108,448
118,659
128,935
124,130
480,172
124,212
134,249
140,414
130,795
529,670
% Gross margin
70.4
%
74.2
%
74.2
%
72.2
%
72.8
%
70.6
%
72.4
%
71.9
%
69.3
%
71.0
%
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,290
1,217
1,181
3,097
8,785
3,846
3,748
3,686
3,135
14,415
Non-cash stock compensation (cost of revenue)
629
629
817
1,478
3,553
1,596
1,499
1,455
1,615
6,165
Non-cash stock compensation (research and development)
5,077
5,293
6,960
9,859
27,189
10,205
10,920
10,085
10,494
41,704
Non-cash stock compensation (sales and marketing)
3,736
4,786
4,089
6,337
18,948
7,093
7,383
7,278
5,716
27,470
Non-cash stock compensation (general and administrative)
3,850
5,027
5,631
7,106
21,614
9,091
9,266
7,942
6,341
32,640
Restructuring charges (gains, losses, and other)
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
Transformation costs (general and administrative)
1,875
—
—
—
1,875
—
—
—
—
Total excluded items
18,573
23,526
21,180
30,393
93,672
32,037
33,213
30,595
34,542
130,387
Expenses, excluding items:
Cost of revenue
41,702
39,366
42,936
43,147
167,151
46,307
45,987
49,857
53,179
195,330
Research and development
29,442
28,440
30,828
35,302
124,012
33,913
32,969
32,650
35,432
134,964
Sales and marketing
41,143
39,349
42,114
54,139
176,745
47,082
43,724
43,585
51,245
185,636
General and administrative
20,939
20,982
21,610
23,146
86,677
21,870
22,103
24,052
25,834
93,859
Gross profit, excluding items:
112,367
120,505
130,933
128,705
492,510
129,654
139,496
145,555
135,545
550,250
% Gross margin
72.9
%
75.4
%
75.3
%
74.9
%
74.7
%
73.7
%
75.2
%
74.5
%
71.8
%
73.8
%
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures, the usefulness of these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP EPS (1)
(Unaudited)
(Dollars in thousands, except per share amounts)
FY2024
FY2025
6/30/2023
9/30/2023
12/31/2023
3/31/2024
FY2024
6/30/2024
9/30/2024
12/31/2024
3/31/2025
FY2025
Income (loss) from continuing operations before income taxes
7,119
14,639
21,808
(9,205
)
34,361
(804
)
11,684
18,706
(6,746
)
22,840
Income tax expense (benefit)
8,705
10,163
8,429
(3,027
)
24,270
6,685
9,952
9,184
(479
)
25,342
Net earnings (loss) from continuing operations
(1,586
)
4,476
13,379
(6,178
)
10,091
(7,489
)
1,732
9,522
(6,267
)
(2,502
)
Earnings from discontinued operations, net of tax
–
387
598
805
1,790
–
–
1,688
–
1,688
Net earnings (loss)
(1,586
)
4,863
13,977
(5,373
)
11,881
(7,489
)
1,732
11,210
(6,267
)
(814
)
Earnings (loss) per share:
Basic
(0.02
)
0.07
0.21
(0.08
)
0.18
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
Diluted
(0.02
)
0.07
0.21
(0.08
)
0.17
(0.11
)
0.03
0.17
(0.10
)
(0.01
)
Excluded items:
Purchased intangible asset amortization (cost of revenue)
3,290
1,217
1,181
3,097
8,785
3,846
3,748
3,686
3,135
14,415
Non-cash stock compensation (cost of revenue and operating expenses)
13,292
15,735
17,497
24,780
71,304
27,985
29,068
26,760
24,166
107,979
Restructuring and merger charges (gains, losses, and other)
116
6,574
2,502
2,516
11,708
206
397
149
7,241
7,993
Transformation costs (general and administrative)
1,875
–
–
–
1,875
–
–
–
–
–
Total excluded items from continuing operations
18,573
23,526
21,180
30,393
93,672
32,037
33,213
30,595
34,542
130,387
Income from continuing operations before income taxes and excluding items
25,692
38,165
42,988
21,188
128,033
31,233
44,897
49,301
27,796
153,227
Income tax expense (2)
6,167
9,036
10,732
3,947
29,882
7,371
10,745
12,421
7,759
38,296
Non-GAAP net earnings from continuing operations
19,525
29,129
32,256
17,241
98,151
23,862
34,152
36,880
20,037
114,931
Non-GAAP earnings per share from continuing operations
Basic
0.29
0.44
0.49
0.26
1.48
0.36
0.52
0.56
0.30
1.74
Diluted
0.29
0.43
0.47
0.25
1.45
0.35
0.51
0.55
0.30
1.70
Basic weighted average shares
66,497
66,284
65,961
66,323
66,266
66,621
66,294
65,631
65,957
66,126
Diluted weighted average shares
67,388
67,868
67,943
68,471
67,918
68,463
67,309
66,743
67,479
67,499
Some totals may not add due to rounding
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures and the material limitations on the usefulness of these measures, please see Appendix A.
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
RECONCILIATION OF GAAP TO NON-GAAP OPERATING INCOME GUIDANCE (1)
(Unaudited)
(Dollars in thousands)
For the
For the
quarter ending
year ending
June 30, 2025
March 31, 2026
Low
High
GAAP income from operations
$
6,000
$
85,000
$
89,000
Excluded items:
Purchased intangible asset amortization
3,000
11,000
11,000
Non-cash stock compensation
24,000
82,000
82,000
Total excluded items
27,000
93,000
93,000
Non-GAAP income from operations
$
33,000
$
178,000
$
182,000
(1) This presentation includes non-GAAP measures. Our non-GAAP measures are not meant to be considered in isolation or as a substitute for comparable GAAP measures, and should be read only in conjunction with our condensed consolidated financial statements prepared in accordance with GAAP. For a detailed explanation of the adjustments made to comparable GAAP measures, the reasons why management uses these measures, the usefulness of these measures and the material limitations on the usefulness of these measures, please see Appendix A.
APPENDIX A
LIVERAMP HOLDINGS, INC. AND SUBSIDIARIES
Q4 FISCAL 2025 FINANCIAL RESULTS
EXPLANATION OF NON-GAAP MEASURES AND OTHER KEY METRICS
To supplement our financial results, we use non-GAAP measures which exclude certain acquisition related expenses, non-cash stock compensation and restructuring charges. We believe these measures are helpful in understanding our past performance and our future results. Our non-GAAP financial measures and schedules are not meant to be considered in isolation or as a substitute for comparable GAAP measures and should be read only in conjunction with our consolidated GAAP financial statements. Our management regularly uses these non-GAAP financial measures internally to understand, manage and evaluate our business and to make operating decisions. These measures are among the primary factors management uses in planning for and forecasting future periods. Compensation of our executives is also based in part on the performance of our business based on these non-GAAP measures.
Our non-GAAP financial measures, including non-GAAP earnings (loss) per share, non-GAAP income (loss) from operations, non-GAAP operating income (loss) margin, non-GAAP expenses and adjusted EBITDA reflect adjustments based on the following items, as well as the related income tax effects when applicable:
Purchased intangible asset amortization: We incur amortization of purchased intangibles in connection with our acquisitions. Purchased intangibles include (i) developed technology, (ii) customer and publisher relationships, and (iii) trade names. We expect to amortize for accounting purposes the fair value of the purchased intangibles based on the pattern in which the economic benefits of the intangible assets will be consumed as revenue is generated. Although the intangible assets generate revenue for us, we exclude this item because this expense is non-cash in nature and because we believe the non-GAAP financial measures excluding this item provide meaningful supplemental information regarding our operational performance.
Non-cash stock compensation: Non-cash stock compensation consists of charges for employee restricted stock units, performance shares and stock options in accordance with current GAAP related to stock-based compensation including expense associated with stock-based compensation related to unvested options assumed in connection with our acquisitions. As we apply stock-based compensation standards, we believe that it is useful to investors to understand the impact of the application of these standards to our operational performance. Although stock-based compensation expense is calculated in accordance with current GAAP and constitutes an ongoing and recurring expense, such expense is excluded from non-GAAP results because it is not an expense that typically requires or will require cash settlement by us and because such expense is not used by us to assess the core profitability of our business operations.
Restructuring charges: During the past several years, we have initiated certain restructuring activities in order to align our costs in connection with both our operating plans and our business strategies based on then-current economic conditions. As a result, we recognized costs related to termination benefits for employees whose positions were eliminated, lease and other contract termination charges, and asset impairments. These items, as well as third party expenses associated with business acquisitions in the prior years, reported as gains, losses, and other items, net, are excluded from non-GAAP results because such amounts are not used by us to assess the core profitability of our business operations.
Transformation costs: In previous years, we incurred significant expenses to separate the financial statements of our operating segments, with particular focus on segment-level balance sheets, and to evaluate portfolio priorities. Our criteria for excluding transformation expenses from our non-GAAP measures is as follows: 1) projects are discrete in nature; 2) excluded expenses consist only of third-party consulting fees that we would not incur otherwise; and 3) we do not exclude employee related expenses or other costs associated with the ongoing operations of our business. We substantially completed those projects during the third quarter of fiscal year 2018. Beginning in the fourth quarter of fiscal 2018, and through most of fiscal 2019, we incurred transaction support expenses and system separation costs related to the Company’s announced evaluation of strategic options for its Marketing Solutions (AMS) business. In the first and second quarters of fiscal 2021 in response to the potential COVID-19 pandemic impact on our business and again during fiscal 2023 in response to macroeconomic conditions, we incurred significant costs associated with the assessment of strategic and operating plans, including our long-term location strategy, and assistance in implementing the restructuring activities as a result of this assessment. Our criteria for excluding these costs are the same. We believe excluding these items from our non-GAAP financial measures is useful for investors and provides meaningful supplemental information.
Our non-GAAP financial schedules are:
Non-GAAP EPS, Non-GAAP Income from Operations, and Non-GAAP expenses: Our Non-GAAP earnings per share, Non-GAAP income from operations, Non-GAAP operating income margin, and Non-GAAP expenses reflect adjustments as described above, as well as the related tax effects where applicable.
Adjusted EBITDA: Adjusted EBITDA is defined as net income from continuing operations before income taxes, other income and expenses, depreciation and amortization, and including adjustments as described above. We use Adjusted EBITDA to measure our performance from period to period both at the consolidated level as well as within our operating segments and to compare our results to those of our competitors. We believe that the inclusion of Adjusted EBITDA provides useful supplementary information to and facilitates analysis by investors in evaluating the Company’s performance and trends. The presentation of Adjusted EBITDA is not meant to be considered in isolation or as an alternative to net earnings as an indicator of our performance.
Free Cash Flow: To supplement our statement of cash flows, we use a non-GAAP measure of cash flow to analyze cash flows generated from operations. Free cash flow is defined as operating cash flow less capital expenditures. Management believes that this measure of cash flow is meaningful since it represents the amount of money available from continuing operations for the Company’s discretionary spending. The presentation of non-GAAP free cash flow is not meant to be considered in isolation or as an alternative to cash flows from operating activities as a measure of liquidity.
SAN DIEGO, May 21, 2025 (GLOBE NEWSWIRE) — LPL Financial LLC today announced that Rich Steinmeier, Chief Executive Officer, will present at the Bernstein Strategic Decisions Conference on May 28.
The presentation takes place at 8 a.m. ET. A live audio webcast of the presentation will be accessible at investor.lpl.com, with a replay available on the website after the presentation.
LPL Financial Holdings Inc. (Nasdaq: LPLA) is among the fastest growing wealth management firms in the U.S. As a leader in the financial advisor-mediated marketplace, LPL supports over 29,000 financial advisors and the wealth management practices of approximately 1,200 financial institutions, servicing and custodying approximately $1.8 trillion in brokerage and advisory assets on behalf of approximately 7 million Americans. The firm provides a wide range of advisor affiliation models, investment solutions, fintech tools and practice management services, ensuring that advisors and institutions have the flexibility to choose the business model, services, and technology resources they need to run thriving businesses. For further information about LPL, please visit www.lpl.com.
Securities and Advisory services offered through LPL Financial LLC (“LPL Financial”), a registered investment advisor and broker-dealer. Member FINRA/SIPC.
Throughout this communication, the terms “financial advisors” and “advisors” are used to refer to registered representatives and/or investment advisor representatives affiliated with LPL Financial.
We routinely disclose information that may be important to shareholders in the “Investor Relations” or “Press Releases” section of our website.
HACKENSACK, N.J., May 21, 2025 (GLOBE NEWSWIRE) — Heather Lowrie, a highly-experienced CISO, keynote speaker, and cybersecurity advocate, joins Paperclip as an advisor for its SAFE encryption solution. Lowrie will help guide Paperclip SAFE into the international cybersecurity market and bring data-centric security and encryption to the forefront of enterprise security.
With more than 25 years’ experience across cybersecurity, technology, risk, and resilience, Lowrie has led major digital and security transformations for high-impact public and private sector organizations. She is known for delivering business-aligned security that drives growth, builds trust, and creates societal value—underpinned by deep, hands-on experience in managing major cyber incidents.
“We’re thrilled to have Heather join us in an advisory capacity and to benefit from her deep expertise as we continue to advance Paperclip SAFE®,” said Chad Walter, CRO at Paperclip. “We’re excited to collaborate on cybersecurity thought leadership, participate in key industry events, and refine our go-to-market strategy to elevate encryption-in-use and the SAFE technology across the data security landscape.”
Lowrie was recognized by her peers as CISO of the Year at the 2024 SC Awards Europe and is a Fellow of the Chartered Institute of Information Security. She is an accomplished strategist with extensive experience leading through crises—including major cyber incidents—and driving strategic change across digital transformation, data and AI, cybersecurity, and organizational culture initiatives.
Lowrie is also the Co-Founder of Resilionix, a deep-tech startup dedicated to helping organizations build resilience in an increasingly complex and uncertain world.
“I’m delighted to join Paperclip in an advisory capacity and help bring data-centric security and encryption to the forefront of enterprise security,” Lowrie said. “I look forward to working with the excellent team at Paperclip to advance the adoption of encryption-in-use and to support organizations in building resilience”.
Lowrie is a graduate of the University of Edinburgh, where she earned a Master of Science by Research in Science, Technology and Innovation Studies with distinction. She also holds a postgraduate diploma in Information Technology, awarded with distinction, from the University of the West of Scotland, alongside other academic qualifications. Lowrie holds numerous cybersecurity certifications from both U.S. and European organizations, including CISSP, CCSP, CISM, CDPSE, CIPP/E, and more.
About Paperclip, Inc.
Paperclip is a proven technology partner that continues to revolutionize data security, content and document management for Fortune 1,000 companies worldwide. Every second of every day, our innovative solutions are securely processing, transcribing, storing, and communicating highly sensitive content across the internet. Maximizing efficiency to save millions annually, while maintaining absolute security and compliance. For more information, visit paperclip.com.
About SAFE
Paperclip SAFE builds on the foundation of trust and collaboration that Paperclip has established with its security and content management solutions over three decades. Paperclip SAFE utilizes in-depth knowledge of the database and data pipeline to secure all points within the data lifecycle. Nine of the 10 top life insurance carriers in the U.S. are currently protected by Paperclip SAFE. With Paperclip SAFE, outpace threats with data that is always encrypted and always ahead of evolving risk. For more information, visit paperclip.com/safe.
MEDIA CONTACT: Megan Brandow Paperclip, Inc. MBrandow@paperclip.com 585.727.0983
Source: Federal Bureau of Investigation (FBI) (video statements)
The show is on the road! Filming on location at the annual RSAC Conference in San Francisco, hosts Bryan Vorndran and Jamil Farshchi welcome Dr. Hugh Thompson, the executive chairman of RSAC and the program coordinator of the RSAC Conference. The annual conference gathers thousands of cybersecurity officials from the private and public sector to discuss ways to thwart attacks and institute best practices. In this episode, Dr. Thompson highlights the importance of government participation, how to keep the relationships and knowledge-sharing going throughout the year, and the importance of being community-oriented to ensure effective cybersecurity postures against criminal adversaries.
More at: https://www.fbi.gov/video-repository/e10a_video.mp4/view
—————————————————
Subscribe to Inside the FBI wherever you get your podcasts:
Spotify: https://open.spotify.com/show/4H2d3cg…
Apple Podcasts: https://podcasts.apple.com/us/podcast…
Google Podcasts: https://podcasts.google.com/feed/aHR0…
More ways to follow us: https://inside-the-fbi.transistor.fm/…
Follow us on social media:
X: https://twitter.com/fbi
Facebook: https://facebook.com/FBI
Instagram: https://instagram.com/fbi
YouTube: youtube.com/user/fbi
A Missouri man was sentenced yesterday to 111 months in prison by U.S. District Judge Matthew T. Schelp for the Eastern District of Missouri for burning down a Cape Girardeau, Missouri house of worship in 2021. He was also ordered to pay $6,968,223.36 in restitution for damages incurred by the church.
Christopher Scott Pritchard, 49, pleaded guilty in U.S. District Court for the Eastern District of Missouri in Cape Girardeau, on Dec. 19, 2024, to one count of arson and one count of violating the Church Arson Prevention Act. Pritchard admitted setting fire to the house of worship owned and used by the Church of Jesus Christ of Latter-Day Saints (LDS) in Cape Girardeau, Missouri, during the evening of April 28, 2021. Pritchard was spotted watching the fire and was arrested about 1.5 miles away by the Cape Girardeau County Sheriff’s Office. Pritchard smelled like smoke and had a backpack containing a laptop computer, a projector, speakers and 21 apples that he’d stolen from the church. Pritchard told deputies that he’d gotten into a verbal altercation with the Bishop of the church a few days before the fire and had threatened to assault the Bishop and burn the church down.
The fire destroyed the building and prevented the congregants in the free exercise of their religious beliefs. No one was injured.
“There is no place in America for criminal acts against houses of worship,” said Assistant Attorney General Harmeet K. Dhillon of the Justice Department’s Civil Rights Division. “The Civil Rights Division thanks its law enforcement partners for prosecuting this matter.”
Assistant Attorney General Harmeet K. Dhillon and U.S. Attorney Sayler A. Fleming for the Eastern District of Missouri made the announcement.
The FBI St. Louis Field Office, the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), the Cape Girardeau County Sheriff’s Office and the Missouri State Fire Marshal’s Office investigated the case. Assistant U.S. Attorney Paul Hahn for the Eastern District of Missouri prosecuted the case, with assistance from the Civil Rights Division’s Criminal Section.
Coordinated Microsoft Actions and Court-Authorized Domain Seizures Disrupt LummaC2 Malware Infrastructure Used to Target Millions
The Justice Department announced today the unsealing of two warrants authorizing the seizure of five internet domains used by malicious cyber actors to operate the LummaC2 information-stealing malware service.
“The Department will continue to use its unique tools, authorities, and partnerships to disrupt malicious cyber operations and criminal networks,” said Sue J. Bai, head of the Justice Department’s National Security Division. “Today’s disruption is another instance where our prosecutors, agents, and private sector partners came together to protect us from the persistent cybersecurity threats targeting our country. We are grateful for their work and dedication.”
“Malware like LummaC2 is deployed to steal sensitive information such as user login credentials from millions of victims in order to facilitate a host of crimes, including fraudulent bank transfers and cryptocurrency theft,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. “Today’s announcement demonstrates that the Justice Department is resolved to use court-ordered disruptions like this one to protect the public from the theft of their personal information and their assets. The Department is also committed to working with and appreciates the efforts of the private sector to safeguard the public from cybercrime.”
“The FBI is committed to disrupting the key services that cyber criminals rely on,” said Assistant Director Bryan Vorndran of FBI’s Cyber Division. “That’s why, with our partners, we took action against the most popular infostealer service available in online criminal markets, which is responsible for millions of attacks against victims. Thanks to partnerships with the private sector, we were able to disrupt the LummaC2 infrastructure and seize user panels. Together, we are making it harder, and more painful, for cyber criminals to operate.”
As alleged in the affidavits filed in support of the government’s seizure warrants, the administrators of LummaC2 used the seized websites to distributeLummaC2, an information-stealing malware, to their affiliates and other cyber criminals. According to court documents, common targets for cybercriminals using malware like LummaC2 include browser data, autofill information, login credentials for accessing email and banking services, as well as cryptocurrency seed phrases, which permit access to virtual currency wallets. As alleged in the affidavits, the FBI has identified at least 1.7 million instances where LummaC2 was used to steal this type of information.
The government’s affidavit further alleges that the seized domains, also referred to as user panels, served as login pages for the LummaC2 malware, allowing credentialed users and administrators to access and deploy LummaC2. On May 19, 2025, the government seized two domains. On May 20, 2025, as detailed in court documents, the LummaC2 administrators informed their users of three new domains that they had set up to host the user panel. The next day, the government then seized those three domains.
The seizure of these domains by the government will prevent the owners and cybercriminals from using the websites to access LummaC2 to compromise computers and steal victim information. Individuals who now visit the websites will see a message indicating that the site has been seized by the Justice Department, including the FBI.
Concurrent with today’s actions and consistent with the Department’s approach to public-private operational coordination, Microsoft announced an independent civil action to take down 2,300 internet domains also claimed to be used by the LummaC2 actors or their proxies.
FBI’s Dallas Field Office is investigating the case.
The U.S. Attorney’s Office for the Northern District of Texas, the National Security Division’s National Security Cyber Section, and the Criminal Division’s Computer Crime and Intellectual Property Section are handling the case.
The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, offers a reward of up to $10 million for information on foreign government-linked individuals participating in certain malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.
Anyone with information on any other foreign government-linked malicious cyber actors or activity targeting U.S. critical infrastructure should contact Rewards for Justice via the RFJ Tor-based tip line at: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion (Tor browser required). Learn more about Rewards for Justice and their reward offers at RewardsforJustice.net.
If you believe you have a compromised computer or device, please visit the FBI’s Internet Crime Complaint Center (IC3). You may also contact your local FBI field office directly.