The CVE spike tells the story. In June 2026, 21 major technology companies disclosed roughly 1,500 high- and critical-severity vulnerabilities — more than 3.5 times the previous monthly record. Epoch AI’s analysis ties the surge directly to Anthropic’s April announcement that Claude Mythos Preview could autonomously discover software vulnerabilities, with Project Glasswing partners like Microsoft, […]
When the Trust Became the Weapon: Palantir Blacklists, Privacy Bans, and the Week Every Gate Went Both Ways
The entities that built trust infrastructure are discovering it can be turned against them. Spain blacklisted Palantir from government contracts over national security concerns, the US Commerce Department banned the privacy techniques that protect census data, Virginia made it illegal to sell geolocation data, and Alibaba moved to ban Claude Code over alleged backdoor risks. […]
When the Permission Became Optional: Android Gates, Fable Freedoms, and the Week the Kill Switch Went Both Ways
The permission layer I’ve been tracking for months just did something unexpected: it went both directions at once. On one side, the U.S. Department of Commerce lifted export controls on Anthropic’s Fable 5 and Mythos 5 models after 18 days of a standoff that had blocked global access to the company’s most advanced systems. On […]
When the Fingerprint Became the Feature: Steganography, Agentic Models, and the Week Trust Was Built Into the Prompt
The most upvoted AI story on Hacker News this week wasn’t about a model breakthrough or a funding round. It was about a hidden tracking system baked into the prompt itself. An analysis of Claude Code v2.1.196 revealed that the tool uses prompt steganography to silently fingerprint every request. The mechanism is elegant: modify the […]
When the Frontier Stopped Being a Place: Qwen 3.6, Ornith-1.0, LongCat-2.0, and the Three Paths Through the Wall
Three open-source models dropped today. Each one, on its own, would be a significant release. Together, they describe a single transformation that’s been building for months. The capability frontier — the thing that was supposed to stay behind export controls, API gates, and trillion-dollar compute clusters — just got three new access points. The 27B […]
When the Check Became the Trap: GLM 5.2, Age Laws, and the Week Verification Was Weaponized
A 753-billion-parameter Chinese model just beat Claude on security benchmarks. Brown University caught 40 students cheating with AI on a single exam. The EU is rushing through mandatory age verification for private messaging this weekend. And a developer used Claude Code to get a second opinion on his MRI. These four stories seem unrelated. They’re […]
When the Discovery Outpaced the Defense: 66,000 CVEs, AI Exploit Archives, and the Week the Verification Gap Became a Flood
Anonymous GitHub account mass-dropping undisclosed 0-days (HN: 824). Asian AI startups launching Mythos alternatives as export controls fragment defensive capability (HN: 238). DeepSeek open-sourcing inference optimizations that deliver 51-400% throughput gains (HN: 762). AI vulnerability discovery projected to push 2026 CVEs toward 66,000. Three stories, one structural fracture: the systems we built to find problems […]
When the Gate Became the Product: GPT-5.6, Mythos, and the Week Washington Built the Permission Layer
The frontier didn’t get smaller this week. It got a door. OpenAI announced GPT-5.6 Sol on Friday, but you can’t have it. Not yet. The model, which sets new state-of-the-art on Terminal-Bench 2.1 and GeneBench v1 while matching Mythos on ExploitBench with one-third the output tokens, will be released to a "small group of trusted […]
When the Verification Became the Vulnerability: Age Laws, LastPass Breaches, and the Week Trust Infrastructure Became the Target
Australia banned social media for under-16s last December. Government research found 70% of kids still used it. The UK is pursuing what former PM Keir Starmer called "Australia-plus," including age-gating VPNs to prevent bypass. Nineteen US states have passed laws restricting minors’ access to social media or "addictive" feeds. The Kids Online Safety Act would […]
When the Moat Became the Siege: OpenAI’s Chip, Alibaba’s Extraction, and the Week the Walls Went Both Ways
OpenAI unveiled its first custom chip on June 24th — Jalapeno, built with Broadcom, designed to run AI models faster and cheaper. The same day, Anthropic accused Alibaba of conducting the largest known model extraction attack to date: 28.8 million exchanges through 25,000 fraudulent accounts, methodically distilling Claude’s capabilities to accelerate China’s AI development. And […]