NewsletterBlogLearnCompareTopicsGlossary
INSIGHTLAUNCHTOOLTECHNIQUERESEARCHBUILD

21 items covered

Anthropic Confidentially Files S-1 — the IPO Clock Starts

💡 INSIGHT

Anthropic Confidentially Files S-1 — the IPO Clock Starts.

Anthropic has confidentially submitted a draft S-1 registration statement to the SEC — the first step toward what would be the most significant AI IPO since the current wave began. This isn't a rumor or a "considering options" leak; it's a formal filing that starts a regulatory clock. With revenue reportedly scaling fast and a $60B+ valuation in the last private round, Anthropic is signaling it doesn't need to stay private to compete. Watch for the public S-1 to drop within weeks — the details on revenue concentration, compute costs, and enterprise adoption will be the most transparent look inside a frontier lab we've ever gotten. (17,361 likes | 1,941 RTs) Read more →

Hackers Social-Engineered Meta's AI Into Handing Over Instagram Accounts.

No zero-days. No credential stuffing. Attackers simply asked Meta AI's support agent — in plain language — to transfer ownership of high-profile Instagram accounts. And it worked. This is the nightmare scenario that security researchers have been warning about since companies started replacing human support with AI agents: the model can't distinguish a legitimate account holder from someone who's really good at asking. Every company that routed customer-facing operations through an AI agent just got a live preview of what unmitigated prompt injection looks like in production. (Simon Willison) Read more →

Open and Closed Models Are Scaling on Different Exponentials: Interconnects makes a sharp argument that open and closed models aren't on the same curve — they're on fundamentally different exponentials serving different value functions. Where marginally higher intelligence drives outsized value (agentic coding, legal reasoning), closed models pull away. Where it doesn't (classification, summarization, structured extraction), open models are already good enough. If you're still framing this as "open vs. closed," you're asking the wrong question — it's about which curve your use case sits on. Read more →

Florida Sues OpenAI Over AI Safety Risks: Florida has filed a state-level lawsuit against OpenAI and Sam Altman over AI safety risks — the first major state attorney general action targeting a frontier lab directly. This isn't California-style regulation-by-legislation; it's litigation, which means discovery, depositions, and potentially precedent that other states can cite. Watch this one — it could define how US states approach AI governance outside the federal framework. (168 likes | 156 RTs) Read more →

🧠 LAUNCH

OpenAI Models and Codex Go GA on Amazon Bedrock.

OpenAI frontier models including Codex are now generally available on Amazon Bedrock — meaning enterprises can access OpenAI's full model lineup through AWS's security, compliance, and governance infrastructure. This is a distribution play, not a technical one: companies that were blocked from using OpenAI because they couldn't route traffic outside AWS just lost that excuse. The cloud provider wars for model hosting are fully on, and OpenAI just handed AWS a loaded weapon to sell against Azure's exclusivity narrative. (2,257 likes | 228 RTs) Read more →

NVIDIA Drops Cosmos 3 — Fully Open Omnimodel for Physical AI.

NVIDIA releases Cosmos 3, billed as the first fully open omnimodel with native understanding and generation across video, images, and robot actions. The "fully open" part matters — weights, training code, and data recipes are all available on HuggingFace. A day after OpenAI's robotics push, NVIDIA just gave the open-source physical AI community a foundation model to build on. If you're working on embodied agents or video understanding, this is your new baseline. (2,298 likes | 347 RTs) Read more →

JetBrains Releases Mellum2: A 12B MoE Model Built for IDEs: The IDE maker is building its own brain. Mellum2 is a 12B Mixture-of-Experts model purpose-built for code understanding and IDE integration — think deeper Kotlin and Java tooling than any general-purpose model can offer. JetBrains has the data (billions of lines of code from IntelliJ telemetry) and the integration surface (every IDE feature is a potential tool call). This is the "vertical AI" thesis applied to developer tools. Read more →

OpenAI Demos a Voice-First Agentic Mobile OS: OpenAI showed a mobile operating system concept where you talk, agents listen, and actions happen across the phone — messages sent, apps navigated, tasks completed. This isn't Siri with better answers; it's an OS-level agent layer that treats the entire phone as a tool surface. The clearest signal yet that OpenAI is building toward a platform, not just an API. (624 likes | 47 RTs) Read more →

🔧 TOOL

Anthropic Resets All Pro and Max Rate Limits: If you've been throttled on Claude or Claude Code, your limits are fresh. Anthropic reset 5-hour and weekly rate limits for all Pro and Max users and fixed an issue causing some Claude Code sessions to hit limits prematurely. No action needed — just resume your heavy sessions. (14,250 likes | 696 RTs) Read more →

Codex Python SDK Turns Codex Into a Programmable Building Block: OpenAI releases the Codex Python SDK — you can now embed Codex directly into Python apps with full control: start threads, run turns, stream progress, resume sessions, pass images, and manage sandbox access programmatically. This turns Codex from a standalone product into infrastructure you can wrap with your own orchestration logic. pip install openai-codex and go. (255 likes | 23 RTs) Read more →

OpenAI Python SDK v2.40.0 Adds Native Bedrock Responses Support: Both the Python and Node SDKs now natively support Amazon Bedrock Responses — the SDK-level plumbing that makes today's OpenAI-on-AWS announcement immediately usable. If you're on Bedrock and using the OpenAI SDK, update and point your client at your Bedrock endpoint. Read more →

📝 TECHNIQUE

How Google Used Gemini to Build I/O 2026: Google details exactly how its teams used Gemini internally to produce I/O 2026 — content creation, demo scripting, technical prep, and live show production. This is rare: a frontier lab showing the messy, practical reality of eating its own dogfood at conference scale. Read it less for the Gemini specifics and more for the internal AI adoption patterns that transfer to any org. Read more →

Stanford CS336 Ships Official CLAUDE.md Guidelines for AI Agent Use: Stanford's CS336 course now includes an official CLAUDE.md file defining what AI coding agents can and can't do on assignments — citation requirements, prohibited capabilities, and academic integrity guardrails. This is the template other universities will fork. If you're setting AI-use policies for a team or institution, start here. (298 likes | 108 RTs) Read more →

🔬 RESEARCH

Qwen3.5 Trained With Agentic RL Matches GPT-5.5 in Tool Use: Post-training Qwen3.5-122B on long-horizon, MCP-server-based agentic RL environments produces tool-use capabilities that match GPT-5.5 — and the skills transfer to unseen benchmarks. The implication: agentic RL on real tool environments teaches general capabilities, not just benchmark tricks. If this holds up, it means any sufficiently capable base model can be bootstrapped into a strong agent through the right training environment. (10 likes | 2 RTs) Read more →

Why Video Agent Models Are Next — Inside xAI's Grok Imagine: A deep Latent Space conversation with the engineer who led xAI's Grok Imagine — built in 3 months. The core thesis: video generation and world models are converging, and video agents (models that understand and act on video in real-time) are the next frontier after text agents. First-person technical insight from inside xAI on architecture choices, speed tradeoffs, and why Grok Imagine is underrated. Read more →

IBM Research: Enterprise AI Is Bottlenecked by Agent Logic, Not Model Capability: IBM Research argues that what's actually blocking enterprise AI at scale isn't model intelligence — it's agent logic: the orchestration, memory management, and decision-making layers that make AI reliable in production. Better models with bad agent architecture just fail faster. A useful framework for teams stuck in the "we upgraded to the latest model and it's still unreliable" loop. Read more →

🏗️ BUILD

LangGraph 1.2.3 Adds Named Subagents and v3 Streaming: LangGraph ships v3 streaming support for RemoteGraph and named tool-dispatched subagents — making multi-agent orchestration more observable and debuggable. The subagent naming alone is worth the update: you can finally trace which agent did what in a complex graph without parsing UUIDs. Read more →

ai-rules-sync: One Config File to Rule All Your AI Coding Agents: Tired of maintaining separate CLAUDE.md, .cursorrules, Copilot instructions, and Windsurf configs? ai-rules-sync converts and syncs AI agent configuration files across Claude Code, Cursor, Copilot, Windsurf, Cline, Aider, and Gemini from a single source of truth. Zero dependencies. If you use more than one AI coding tool, this saves real time. (53 likes) Read more →

🎓 MODEL LITERACY

Prompt Injection vs. Social Engineering: Today's Meta AI hack and the Claude Code supply chain attack stories both exploit the same root cause: AI systems that can't reliably distinguish trusted instructions from adversarial input. The taxonomy matters. Direct prompt injection is when an attacker types malicious instructions directly into a model ("ignore your instructions and do X"). Indirect prompt injection is when the malicious instructions are embedded in content the model reads — a webpage, an email, a document. Social engineering of AI agents is the new third category: treating the AI like a gullible human, using persuasion, urgency, and authority cues to get it to take actions it shouldn't. The Meta AI hack was this third kind — no injected code, just a convincing story. As agents gain real-world permissions (account transfers, code execution, financial transactions), understanding which attack class you're defending against determines whether your guardrails actually work.

⚡ QUICK LINKS

  • Supply Chain Attacks Target Claude Code Hooks and VS Code Tasks: Security researcher evilcos details specific attack vectors — malicious SessionStart hooks in settings.json and VS Code task injection. Audit your .claude/ and .vscode/ configs. (87 likes | 12 RTs) Link
  • From Soumith's Local AI Dream to PewDiePie Shipping a Vibecoded AI Suite: swyx on how the gap between "AI research vision" and "anyone can ship it" collapsed in 16 months. (257 likes | 13 RTs) Link
  • Mollick: The AI Usefulness Debate Is Over, Now It's About Organizational Scaling: Enterprise leaders universally confirm real value — the question shifted from "does it work" to "how do we scale it." (339 likes | 31 RTs) Link

🎯 PICK OF THE DAY

When your AI support agent IS the security vulnerability. The Meta AI Instagram hack is the story of the day not because it's technically sophisticated — it's the opposite. Attackers used plain language to convince Meta's AI support agent to hand over high-profile accounts. No exploits, no credential theft, no social engineering of humans. They social-engineered the AI. This breaks every traditional threat model: the attack surface isn't a port, an endpoint, or a misconfigured permission — it's a conversation. And unlike a human support agent who might get suspicious after the third weird request, an AI agent applies the same credulity to every interaction. Every company that rushed to deploy customer-facing AI agents — for support, for account management, for anything with real-world consequences — just got a live preview of what happens when the attack surface speaks natural language. The fix isn't "better guardrails on the prompt." It's recognizing that AI agents with real permissions need the same security architecture as any other privileged system: multi-factor verification, action-level authorization, and the assumption that every input is adversarial. We've had decades of lessons about not trusting user input. Apparently we need to learn them all over again. Read more →

Until next time ✌️