Top Tech & Marketing Stories
Live headlines from TechCrunch, The Verge, Wired, HubSpot & more
Anthropic Gets in Bed With SpaceX as the AI Race Turns Weird
In an unexpected turn, the two companies signed a deal for Anthropic to use computing resources from Elon Musk’s xAI.
Read Full StoryLatest Articles
40 articles
TechnologyAnthropic Gets in Bed With SpaceX as the AI Race Turns Weird
In an unexpected turn, the two companies signed a deal for Anthropic to use computing resources from Elon Musk’s xAI.
How Elon Musk left OpenAI, according to Greg Brockman
Cutthroat negotiations between startup founders are rarely shared so publicly, especially when a company becomes as world-changing as OpenAI.
DOJ says ransomware gang tapped into Russian government databases
U.S. prosecutors said a ransomware gang fueled Russian government corruption, and allowed the gang's leaders to avoid paying taxes and dodge the country's military draft.
AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys
Braintrust, a startup that makes an “operating system for engineers building AI software,” notified customers that hackers broke into one of its Amazon cloud environments, and is asking customers to rotate their API keys.
What we’re hearing about the new homepage
We’ve been reading your feedback on the new homepage. All of it. The kind and encouraging comments, the brutal ones, the “actually this rules,” the “please undo this immediately,” the bug reports, the feature ideas, and yes, the eternal request for dark mode. We appreciate it. A lot of you took the time to share detailed, thoughtful reactions right after launch, and that kind of feedback is useful. It helps us understand where the experience is landing or missing the mark, spot issues and friction, and ultimately sort that feedback into a few buckets. We want to be open and transparent with you about how we’re looking at those buckets of feedback. Bucket 1: Yes, we should fix that. Some feedback points to things we should clearly fix or smooth out, like bugs and rough edges. Feedback that falls into this bucket: The scrollbar presence on the feed (✅ Fixed) Adding “Read More” from the groups of stories when there’s something to link to (✅ Fixed) Adding a way to read more from a category toward the bottom of the page (✅ Fixed) Bucket 2: This is worth investigating. Some feedback points to things worth exploring further. These are repeated requests that may reflect a broader need or pain point, even if the exact proposed solution is not the one we ultimately pursue. Feedback that falls into this bucket: How the Latest feed is presented and engaged with, especially for those of you who love the pure revchron feed (which Latest is). Dark mode. We are actively working on this. Dates on stories in curated story sets. Removing them was intentional so we could more easily bring older stories back to the forefront, especially when they can add color and context to a timely topic. But we hear the frustration here and are thinking about how to address the underlying pain point. Marking a story as read vs. unread. This is a recurring request and speaks to a broader need for more personalized homepage experiences. That’s something we’re actively planning for, even if this exact feature isn’t currently on the roadmap. Bucket 3: Not right now. Some feedback falls into the category of ideas we’re not planning to take on right now. Not because the feedback is bad, but because we have to be deliberate about what we can support. Feedback that falls into this bucket: Free-to-Read and Subscriber Perks sections. We’ve deprecated these sections for now. We’ll revisit if it makes sense down the road. The page structure. We’ve seen a lot of strong opinions on combining curated stories with the firehose feed. We believe in this approach and we need to give it time before considering big structural changes. Many of you love the mix; others, not so much. That’s okay. I want to be candid about what we can support. We’re a pretty small team and every decision has to be weighed against time, resourcing, complexity, editorial needs, business priorities, and the longer-term vision for where The Verge is going (and we have big ambitions for where we want it to go). We can’t commit to every suggestion, even if we genuinely agree that it’s a great idea. We’ll fix what needs fixing and dig into the themes that feel most meaningful. We’ll keep prioritizing and working through tradeoffs and constraints. Most importantly, we’ll stay open about what we’re seeing and learning as we go. Please keep the feedback coming. Here are are the best ways to reach us: Right here in the comments. We also have a feedback form here where you can submit bugs, feedback, requests, etc. Join our user research group for the chance to participate in user interviews, user testing, and surveys, and get access to prototypes and beta drops. We will reach out when a good opportunity aligns. Reach out to our team directly at [email protected]. Support with your account and subscription is handled by our wonderful support team at [email protected].
TechnologyUsing AI for Just 10 Minutes Might Make You Lazy and Dumb, Study Shows
New research suggests that reliance on AI assistants can have a negative impact on people’s ability to think and problem solve.
Mira Murati tells the court that she couldn’t trust Sam Altman’s words
Mira Murati, OpenAI's former CTO, has testified under oath that CEO Sam Altman lied to her about the safety standards for a new AI model. In a video deposition shown during the ongoing Musk v. Altman trial on Wednesday, Murati said Altman falsely stated that OpenAI's legal department determined a new AI model did not need to go through the company's deployment safety board. "As you understand it, was Mr. Altman telling the truth when he made that statement to you?" Murati was asked in the deposition. "No," Murati said. Murat said that during her tenure at OpenAI, Altman made her work more difficult. Her criticism "is completely management r … Read the full story at The Verge.
TechnologyMexico City Is Sinking. A Powerful NASA Satellite Just Revealed How Fast
A new NASA map shows how the sinking of Mexico City is uneven, with areas registering up to 2 centimeters per month.
The 44 best last-minute Mother’s Day gift ideas for 2026
Whether it's managing a busy home or looking out for everyone around them, moms spend a lot of time every day caring for others. This Sunday, Mother's Day, is an opportunity to return the favor, so we've rounded up practical gadgets and little luxuries that can lighten her load. This year's picks are designed to support moms in a variety of ways, regardless of their interests. Some of our recs, like Roborock's mop-equipped Q10 Plus, can help save precious time, while smart screens like the Skylight Calendar 2 can help take the stress out of managing a busy family schedule. Other gifts are all about relaxation and self-care, whether through … Read the full story at The Verge.
SpaceX may spend up to $119B on ‘Terafab’ chip factory in Texas
The project would be a "multi-phase, next-generation, vertically integrated semiconductor manufacturing and advanced computing fabrication facility," according to the proposal.
Here’s what Microsoft is offering long-serving employees to voluntarily retire
Microsoft revealed last month that it's planning to offer long-serving employees in the US the ability to voluntarily retire. While the terms of the buyout were supposed to be announced to employees tomorrow, sources at Microsoft tell me the company has posted them on its internal HR website a little earlier than expected. US employees whose combined years of service added to their age totals 70 or more will be eligible for voluntary retirement, and the package will include five years of access to Microsoft's healthcare coverage, a lump sum cash severance payment, and six months of vesting for unvested stock options. The five years of medi … Read the full story at The Verge.
DeepSeek could hit $45B valuation from its first investment round
The Chinese AI lab came to prominence in early 2025 after launching a large language model that trained on a fraction of the compute power and at a fraction of the cost of the big U.S. models like those from OpenAI and Anthropic.
TechnologyI Am Begging AI Companies to Stop Naming Features After Human Processes
Anthropic announced “dreaming” for AI agents to sort through “memories” at its developer conference. Can we not?
Native Instruments Komplete 26 adds weird new synths and experimental piano sounds
Komplete is a complete music production bundle even if you don’t spend $2,000. | Image: Native Instruments The latest version of Native Instruments' Komplete music production bundle is here with 62 new additions, including the wonderfully weird Absynth 6. Komplete 26 comes in several flavors, starting with three $99 Select bundles: Beats, Band, and Electronic. Prices jump pretty steeply from there, with Standard costing $549, Ultimate costing $1,249, and the Collector's Edition priced at an eye-watering $1,949. You save some money if you're upgrading from Komplete 15 (and yes, they switched from sequential numbers to years for 2026), but upgrading the Collector's Edition will still set you back $399. Komplete 26 Standard should satisfy all but … Read the full story at The Verge.
The best beauty tech you can still grab in time for Mother’s Day
If you’re looking to indulge mom this Mother’s Day, a gift that makes her feel a little more taken care of is a good place to start. Fortunately, if you’re looking for something to make her feel pampered, we know a thing or two about beauty tech, which can deliver on that front. Some of the options below let your mom achieve professional-level results at home, including high-end tools that re-create salon blowouts and FDA-cleared devices that target signs of aging. Others are simpler and more practical, letting her freshen her hair without washing it or quickly touch up her roots with little to no hassle. There are also options to help her unwind, so she can ease tension after a long day or care for her hair as she sleeps. It’s called beauty rest, after all. Below, we’ve rounded up a mix of Verge-approved picks that achieve all of the above and then some, regardless of your budget. Shark FlexStyle Air Hair Styler and Dryer The Shark FlexStyle Air is like getting multiple hair tools in one. It works as both a powerful hair dryer and a styling tool, with add-ons for curling, smoothing, and introducing volume. It’s lighter and often more affordable than comparable tools, but still delivers salon-like results at home for all types of hair. Where to Buy: $349.99 $229 at Amazon $349.99 $229.99 at SharkNinja $349.99 $229.99 at Best Buy Buxom Plump Shot Lip Serum If mom wants fuller, smoother lips without injections, Buxom’s Plump Shot Lip Serum is the way to go. Made with hydrating ingredients like hyaluronic acid and jojoba oil, it smooths and visibly plumps lips in under a minute in a way that’s not over the top, while adding an attractive glossy sheen. Where to Buy: $29 at Ulta $29 at Buxom $29 at Amazon Medicube Booster Pro The Hailey Bieber-backed Medicube Booster Pro is a glow wand specifically designed to improve your skin. It features four modes that use gentle electrical stimulation, light therapy, and sonic vibrations to help improve absorption, firm skin, and refine pores. It’s lightweight, rechargeable, and pairs with the Age-R app, providing your mom with a host of guided routines. Where to Buy: $480 $150 at Amazon $480 $230 at Medicube The Clean Sweep Detox Duo Kit Drybar’s Clean Sweep Detox Duo Kit is a great gift for busy moms who may not always have time for a full hair wash. The bundle includes two oil-absorbing dry shampoos with gentle scents that can refresh roots and add a bit of volume without leaving a noticeable residue. Where to Buy: $60 $29 at Macy’s $60 $21.75 at Drybar $60 $19.99 at Bealls Florida Omnilux Contour Face The Contour Face is an FDA-cleared LED mask that uses red and near-infrared light to reduce fine lines and wrinkles, brighten skin, boost collagen production, and smooth uneven textures for a more youthful complexion. With 132 medical-grade LEDs, it delivers professional-level treatment in quick 10-minute sessions; the soft, flexible silicone is surprisingly comfortable, too. Where to Buy: $395 $345 at Omnilux $395 $345 at Nordstrom Sephora Favorites “Smells Like Love” perfume sampler set Not sure what her favorite perfume is? The Sephora Favorites Smells Like Love Sampler Set with a redeemable voucher is a great option, offering nine popular fragrances in travel sizes that your giftee can have fun testing. The real highlight is the included voucher, which they can use to get a slightly bigger version of their favorite perfume from the lineup. Where to Buy: $38 at Sephora L’Oreal Colorsonic Hair Color Device L’Oréal’s Colorsonic makes the messy process of at-home hair dying far less of a hassle — or it should, anyway. The device automatically mixes the color and distributes it evenly as it glides through your hair, speeding up the dye job, reducing mess, and simplifying the procedure overall. Where to Buy: $124.99 at Target (with $5 Target gift card) $124.99 at L’Oreal Paris $124.99 $106.86 at Amazon (with on-page coupon) Beauty of Joseon Relief Sun If sunscreen isn’t already a part of your mom’s daily skincare routine, it really should be. Beauty of Joseon’s Relief Sun offers excellent SPF 50 protection, thus shielding your mom from sunburns and cancer-causing agents. At the same time, the TikTok-famous sunscreen uses rice water, grain-fermented extracts, and other ingredients rich in minerals to brighten and moisturize all types of skin. Where to Buy: $18 $13.5 at Yesstyle Chi Original Digital Ceramic Hairstyling Iron A capable flat iron that heats up in seconds is a must for any mom who has trouble getting out the door in the morning. Not only is the Chi Original fast but the high-heat flat iron also features ceramic plates that allow it to safely straighten even the frizziest of hair. Plus, your mom can even use it to add beachy waves or create flips if she’s feeling something fresh. Where to Buy: $99.99 $84.99 at Amazon $99.99 at Ulta Laneige Lip Sleeping Mask You can help mom indulge in a bit of self-care with Laneige’s Lip Sleeping Masks. Filled with moisture-boosting ingredients like antioxidants, Vitamin C, and coconut butter, the overnight masks hydrate and protect the lips, leaving them soft and silky smooth. Plus, they comes in a variety of delicious scents, from vanilla to peach iced tea. Where to Buy: $24 at Amazon $24 at Sephora $24 at Laneige Theragun Mini (third-gen) A massage gun is the kind of gift that keeps on giving. When muscles and tendons are tight or sore, the three-speed Theragun Mini serves as a quick and easy remedy, allowing your giftee to get on with their day with less discomfort. The latest model is slightly smaller than prior iterations, making what was already an ultra-portable device even more compact. Where to Buy: $219.99 $169.99 at Amazon $219.99 $169.99 at Best Buy $219.99 $169.99 at Theragun Quince Mulberry Silk Pillowcase The Quince Mulberry Silk Pillowcase can take care of mom’s skin and hair while she catches up on sleep. The smooth silk helps minimize frizz, tangles, and split ends while also being gentler on the skin, helping reduce the appearance of fine lines and wrinkles. It’s also temperature-regulating, so it should keep her comfortable while she’s resting. Where to Buy: $44.9 at Quince Sharper Image Spahaven Soothe foot bath Sharper Image’s heated foot bath is an underrated gift that can show just how much you care about your mom’s health and well-being. You can throw in some Epsom salts, set your desired temperature using the built-in LED display, and move your feet across the massaging rollers to relax after a stressful day at work. Where to Buy: $95.39 $62.43 at Walmart $95.39 $74.2 at The Home Depot Queen of the Dead nail polish Mooncat’s Queen of the Dead nail polish is like a new-age mood ring. The dark lacquer changes color as your body warms up, transitioning from a shade of deep red wine into a festive raspberry that’s perfect for holiday parties. A percentage of the proceeds will also go toward helping adoptable cats find their forever homes, so you’ll feel as good as you look. Where to Buy: $18 at Mooncat Dyson Supersonic Travel The Supersonic Travel takes everything people loved about Dyson’s original hair dryer and makes it easier to actually travel with. It’s both smaller and lighter, but it still dries hair quickly and evenly. It also automatically adjusts to different voltages for use abroad, and since it works with regular Supersonic attachments, your mom doesn’t need to splurge on any new add-ons if she owns the OG model. Where to Buy: $299.99 at Amazon $299.99 at Best Buy $299.99 at Ulta Sungboon Editor Deep Collagen Power Boosting Mask (four-pack) Sungboon’s collagen mask is the rare TikTok sensation that actually lives up to the hype. Like magic, the face mask works overnight to improve elasticity, temporarily erasing fine lines and wrinkles. It also soothes, hydrates, and rejuvenates your skin, leaving you with a glowing complexion that should last far longer than the viral videos from which it sprang up. Where to Buy: $19 $14.99 at Amazon Dieux Forever Eye Mask The Forever Eye Mask is a reusable eye patch designed to help mom get more out of her skincare. It sits comfortably under the eyes, helping gels, serums, and creams absorb better. Over time, it helps boost hydration, soften the look of fine lines, and leave the under-eye area looking smoother. As a bonus, it can double as a handy makeup tool, catching fallout or helping you create a sharper wing. Where to Buy: $25 $21.25 at Dieux $25 at Sephora Nuface Trinity Plus Starter Kit The Nuface Trinity Plus Starter Kit is designed to help mom lift and tone her face and neck over time. It targets 69 facial muscles with low-level electrical currents that gently stimulate them, similar to a workout for your face. Just five minutes of use a day can help improve firmness and definition, and she can adjust the intensity and frequency to suit her needs. Where to Buy: $395 at NuFace $395 at Sephora $395 at Ulta Esarora Ice Roller If your mom wants to reduce puffiness and soothe redness, all she has to do is run Esarora’s Ice Roller over her face in the morning. The cooling sensation can also help ease headaches and facial tension, making it both practical and pampering. It’s especially useful under the eyes, where it can help soften the look of bags. Where to Buy: $29.99 $18.99 at Amazon $29.99 at Esarora Lifx SuperColor Smart Mirror Lifx’s upcoming SuperColor Smart Mirror features individually controllable front and back lighting with full-color effects. Modes like Makeup Check boost brightness and color accuracy, while a built-in anti-fog setting helps keep the mirror clear after hot showers. It also features Matter support and three programmable buttons, which let you control other smart devices directly from the mirror. Where to Buy: $199.99 at Lifx
TechnologyMarket research is too slow for the AI era, so Brox built 60,000 identical 'digital twins' of real people you can survey instantly, repeatedly
In a world where a viral TikTok video can cause a brand to trend globally in mere hours, the traditional market research cycle — often spanning 12 weeks — is becoming a liability. The lag between a survey question and the answers from a wide (or targeted) pool of respondents has become a primary bottleneck for Fortune 500 decision-makers who are forced to navigate volatile geopolitical and economic shifts with data that is frequently outdated by the time it reaches a slide deck, as industry experts have observed. Brox, a predictive human intelligence startup, recently announced a strategic funding round following a year where they reported 10X revenue growth. Their proposition is as ambitious as it is technical: the creation of a "parallel universe" populated by 60,000 digital twins of real, living human beings and their entire demographic profiles and consumer preferences, allowing enterprises to run unlimited experiments in hours rather than months. “These digital twins are one-to-one replicas of actual, real individuals," said Brox CEO Hamish Brocklebank in a recent video call interview with VentureBeat. "We recruit real people like a normal panel company does, pay them to interview them, and capture all the data around them — fully consent-driven.” The company, currently a lean 14-person operation, is positioning itself as the antithesis of the "insane" research industry. By replacing statistical models with behavioral replicas, Brox aims to transform how the world’s largest banks and pharmaceutical giants anticipate human reactions to high-stakes global and market-shifting events, or narrow, targeted product releases and personnel news, and everything in between. The kinds of surveys and specific questions that Brox asks its digital twins are completely open-ended and can be customized to fit any conceivable business customer's use cases and goals. According to Brocklebank, examples of survey questions include: “What happens if America invades Iran or Greenland? Will depositors at Bank of America put more money into their account or take more money out? Or, in pharmaceuticals, if RFK Jr. says something next week, will that make people more likely to take vaccines or less likely?” Not synthetic people — AI copies of real ones The core differentiator of Brox’s technology lies in the fidelity of its input data. While many competitors in the "digital audience" space rely on purely synthetic identities — generic personas generated by Large Language Models (LLMs ) — Brocklebank argues that these methods inevitably produce "AI slop". Purely synthetic audiences often cluster around a tight distribution of answers, over-indexing for "correct" or "healthy" behaviors (such as eating broccoli) because of inherent biases in the underlying models. Brox’s "Digital Twins" are instead one-to-one behavioral replicas of real individuals who have been recruited and interviewed with exhaustive depth. The process is intensive: Deep Interviews: The company conducts hours of real and AI-driven interviews with each participant. Psychological Depth: The data collection seeks to understand fundamental "decision drivers," including upbringing, relationships, and even marital stability. Data Density: For some twins, Brox maintains up to 300 pages of text data, representing what Brocklebank calls "the deepest per person data set that exists". To solve the "black box" problem common in AI, Brox utilizes a "reasoning chain" for its predictive outputs. When a digital twin predicts a reaction — such as how a $2 billion net-worth individual might respond to a specific interest rate hike — the model introspects and provides a step-by-step explanation for that decision. This allows clients to understand not just what will happen, but the underlying psychology of why it is happening. Scaling the "unscalable" interview The product offering is currently live in the US, UK, Japan, and Turkey. Brox has successfully digitized specific, high-value cohorts that are traditionally difficult for researchers to access. This includes a panel of "high-net-worth" individuals (those worth over $5 million) and specialized medical professionals like dermatologists — including a multibillionaire. However, the largest value for customers is likely in the aggregate mass of all individuals that can be polled en masse and/or segmented across demographics, especially those of medium and lower income levels, whose purchasing power and decision-making is more constrained and whose market- One of the more unique aspects of the Brox platform is its incentive structure. To ensure twins remain up-to-date, real-world counterparts are re-contacted frequently. For high-value individuals who are not motivated by small cash payments, Brox has issued Stock Appreciation Rights (SARs), essentially making these participants "investors" in the company’s success to ensure they continue to provide high-fidelity personal updates. The platform’s use cases currently focus on two primary sectors: Pharmaceuticals: Predicting vaccine hesitancy or how physicians might react to new biologics based on shifting political climates. Finance: Simulating how depositors at major banks might move funds in response to geopolitical events, such as conflicts in the Middle East. As for why go to the trouble of interviewing and digitally cloning real people instead of just creating wholly fictitious, synthetic audience characters and personas using LLMs and other AI models, Brocklebank offered his perspective. “You can create 10,000 truly synthetic digital twins, but the answers will still normalize into a very tight distribution, which is not realistic when you’re actually asking real people," Brocklebank said. By maintaining a pre-built audience of 60,000 twins, the company enables clients to bypass the recruitment phase of research. A large US bank or a global pharma giant can now "query" the digital population and receive a validated analysis in a matter of hours. Pricing and accessibility Unlike traditional research firms that charge on a per-project or per-respondent basis, Brox operates as a high-end Software-as-a-Service (SaaS) platform with enterprise-level commercial licensing. The company avoids the "seat" or "usage" limits that often hinder rapid experimentation within large organizations. Pricing Tiers: Subscriptions are sold as blanket flat fees, starting at a minimum of $100,000 per year. Top-Tier Contracts: For larger deployments involving multiple teams and global data access, contracts scale up to $1.5 million per year. Usage Rights: Clients are granted unlimited usage during the contract period. This allows them to run thousands of simulations without worrying about incremental costs, encouraging a culture of "testing everything" before deployment. From a legal and privacy standpoint, the digital twins are built on a "fully consent-driven" framework. While the twins can be traced back to real human data for internal validation, the platform is designed to provide aggregated behavioral insights that protect the anonymity of the participants while maintaining the predictive power of their digital replicas. Rejecting the rise of Kalshi, Polymarket and 'prediction markets' The tech industry has recently seen a surge in valuations and interest in "prediction markets" like PolyMarket and Kalshi, which allow users to bet on the outcomes of various global events. However, the leadership at Brox maintains a distinct distance from these platforms, citing a "personal disdain" for betting markets from both a moral and intellectual perspective. Brocklebank argues that while betting markets can predict outcomes (e.g., who wins an election), they offer zero utility for business decision-makers because they fail to provide the "why". Knowing there is a 60% chance of a certain candidate winning does not help a company adjust its consumer strategy; knowing why a specific cohort of depositors is feeling anxious does. Investors including Scribble Ventures, Wonder Ventures, and Vela Partners have backed this "human-first" approach to AI, betting that the moat created by deep human data will prove more resilient than the commoditized models of synthetic data providers. As Brox prepares for launches in the Middle East and APAC, the company is moving toward its ultimate goal: simulating the entire world as a "parallel universe" for risk-free decision-making.
This slim ice cream maker could fit in my already crowded kitchen
The Nutribullet Chill won’t demand as much counter or storage space as other ice cream makers. | Image: Nutribullet For the past few months, I've defiantly walked past the Ninja Creami at Costco as I think about our air fryer, toaster oven, breadmaker, rice cooker, and stand mixer already vying for limited counter space. Nutribullet's new Chill ice cream maker could finally break my resolve with its smaller footprint. While the Creami's base measures 17.44 by 8.58 inches, the Chill's is just 9.6 by 5.74 inches, making it easier to squeeze onto a kitchen counter and later store once my family tires of DIY frozen treats. The Chill is now available from Nutribullet's online store and Amazon for $199.99 and comes with a pair of 16-ounce pint cups. You'll als … Read the full story at The Verge.
Chrome on Android now supports approximate instead of precise location sharing
The new feature is a small win for Android users, as it gives them more control over how much location data they share with websites.
Google updates AI search to include quotes from Reddit and other sources
While citing web forums and discussion boards can help users find answers to more niche queries, this design choice could also prove chaotic.
TechnologyHackers Hate AI Slop Even More Than You Do
It's not just you. Scammers, hackers, and other cybercriminals are complaining about “AI shit” flooding platforms where they discuss cyberattacks and other illegal activity.
Khosla-backed robotics startup Genesis AI has gone full stack, demo shows
Genesis AI, a startup that raised a $105 million seed round to build foundational AI for robotics, has unveiled its first model, GENE-26.5, but also a demo showcasing a set of robotic hands performing complex tasks.
Live updates from Elon Musk and Sam Altman’s court battle over the future of OpenAI
Sam Altman and Elon Musk are facing off in a high-stakes trial that could alter the future of OpenAI and its most well-known product, ChatGPT. In 2024, Musk filed a lawsuit accusing OpenAI of abandoning its founding mission of developing AI to benefit humanity and shifting focus to boosting profits instead. Elon Musk, his financial manager and Neuralink CEO, Jared Birchall, and OpenAI cofounder Greg Brockman have already testified before the jury. Now, on Wednesday, May 6th, Shivon Zilis, a former OpenAI board member who shares four children with Musk, is taking the stand, and the courtroom is seeing testimony from former OpenAI exec Mira Murati via video. Microsoft CEO Satya Nadella is scheduled to appear on Monday, with OpenAI cofounder and former chief scientist Ilya Sutskever lined up to testify after that. Musk was a cofounder of OpenAI and claims that Altman and Brockman tricked him into giving the company money, only to turn their backs on their original goal. However, OpenAI says that “This lawsuit has always been a baseless and jealous bid to derail a competitor” in a bid to boost Musk’s own SpaceX / xAI / X companies that have launched Grok as a competitor to ChatGPT. In his lawsuit, Musk is asking for the removal of Altman and Brockman, and for OpenAI to stop operating as a public benefit corporation. Musk has also demanded that OpenAI’s nonprofit receive up to $150 billion in damages he’s asking for if he wins the case. People to Know Plaintiff Elon Musk — plaintiff, OpenAI cofounder and now CEO of rival xAI Steven Molo — lead counsel for plaintiff Jared Birchall — manager of Musk’s family office Shivon Zilis — former OpenAI board member who shares multiple children with Musk Defendant Sam Altman — defendant, CEO of OpenAI William Savitt — lead counsel for defendant Greg Brockman — president of OpenAI as well as a cofounder Ilya Sutskever — former chief scientist at OpenAI and a cofounder Judge Yvonne Gonzalez Rogers — aka YGR, trial judge Here’s all the latest on the trial between Musk and Altman: Sarah Eddy, an attorney representing OpenAI, got sarcastic with Zilis. Shivon Zilis brainstormed possible scenarios for AI. Musk offered Sam Altman a board seat at Tesla… Shivon’s emails aren’t great for Musk. The big sticking point for Brockman and Sutskever was control. Sam Altman loves exclamation marks. Mira Murati tells the court that she couldn’t trust Sam Altman’s words Zilis’ past emails mentioned in court proceedings include her referencing a potential “conversion to for-profit” for OpenAI. This is getting interesting. Zilis sent Altman a text message of support after his 2023 ouster. Zilis said another concern she had about Altman related to OpenAI’s potential deal with Helion. Also in the spirit of clarifications this morning… Zilis said she had major concerns about OpenAI’s board not being notified in advance of ChatGPT’s release. Zilis said that the fallout from Altman’s 2023 ouster changed her view of OpenAI’s Microsoft deal. When asked how much Musk works per week, Zilis laughed. Musk’s team has called Shivon Zilis. Murati says problems with Altman persisted after he returned to the company. “OpenAI was at catastrophic risk of falling apart” when Altman was fired, Murati says. We are seeing video testimony from Mira Murati’s deposition. We are clearing up “a few inaccuracies from yesterday.” We are taking care of some matters before the jury comes in. Microsoft and OpenAI’s definition of AGI was just revealed. The jurors look as bored as I feel. Brockman steps down. We are looking at the video deposition of Robert Wu. Brockman is telling the truth about considering removing Musk from the board. Every time Molo makes a summary of Brockman’s testimony, Brockman objects to it. We are now fighting about “Either go do something on your own or continue with OpenAI as a non-profit.” One other thing I don’t understand… Molo is trying to reiterate what he did more effectively yesterday. “You had no problems answering your lawyers’ questions,” Molo is practically yelling. Molo asks Brockman if Musk was “being mean” to him. We are back to quibbling. We are now discussing the OpenAI Foundation layoffs. Microsoft is done, bless them. Microsoft is now getting to talk to Brockman. The blip. We are now discussing Shivon Zilis. We are now going through the assorted releases of GPT models. When Musk resigned, he gave a speech to OpenAI’s employees that might have been demoralizing… One observation from Brockman and Sutskever’s emails. We are now recontextualizing more entries from Brockman. There were discussions between Brockman, Altman, and Sutskever about removing Musk from the board. We are back from a break. “I thought he was going to hit me,” Brockman says of Musk. Elon Musk doesn’t love anything he can’t control. Sam Altman discussed an equal equity split… We are now discussing Brockman’s journal. Brockman talks Dota 2. Elon Musk tried to get Bill Gates to donate to OpenAI. First sidebar of the trial. OpenAI had layoffs at Musk’s insistence. Greg Brockman tells the court that while at OpenAI, he and three others worked at Tesla. YGR is on the bench. Google’s AI architect lived rent-free in Elon Musk’s head OpenAI’s president does ‘all the things,’ except answer a question Jury is sent out for the day. We are hearing about the early days of OpenAI. Early worries about Musk came from Ilya Sutskever. Brockman is describing his bromance with Altman. “I do all the things.” Brockman says we are 80 percent of the way to AGI. Open AI’s direct examination of Brockman is pretty sedate so far… aside from Tesla. OpenAI’s lawyers are now getting their shot at Brockman. For real, I think nerds should not testify in court. We are now looking at Brockman’s other financial dealings. We finished with the Microsoft investment pretty quickly. Altman didn’t return after we took our break. We are presently having a fight about purple boxes. We have been doing the same question for perhaps the last five minutes. “Financially what will take me to $1B?” “His story will correctly be that we weren’t honest with him in the end about still wanting to do the for profit just without him.” Greg Brockman’s journal: “it’d be wrong to steal the non-profit from him.” Brockman is not doing himself any favors. Brockman’s cross-examination isn’t as testy as Musk’s, but he’s also pushing back on a lot of questions. Is sending stuff to Sam Teller and Shivon Zilis the same as sending it to Musk? Brockman and Altman’s alliance? “Is Demis Hassabis evil?” Greg Brockman is talking about the earliest days of OpenAI. Greg Brockman and Sam Altman have just entered the courtroom. We’re done with Russell. “The age of abundance for Elon.” Oh now we have some meat. Elon Musk’s expert doesn’t follow him on X. I am befuddled by this expert testimony. We are dealing with the cross now. Sure is lucky that mentions of Grok’s safety issues got limited. Individual vs. systemic risk. We now have a very boring expert witness testifying to AI risks. Stuart Russell is here to tell us about AI. “I need that today. That’s good. I like that.” Greg Brockman won’t be asked about Musk’s threat. Elon Musk tried to settle before the trial — and got threatening. Musk v. Altman is getting a live audio stream next week. OpenAI Tesla receipts and other Musk v. Altman documents. All the evidence revealed so far in Musk v. Altman Here’s how Gabe Newell and Hideo Kojima ended up in the Musk v. Altman evidence. The craziest part of Musk v. Altman happened while the jury was out of the room Jury is being dismissed early so YGR can deal with an objection to Birchall’s testimony. Birchall is actually very funny outside of court? Good for him. We are now hearing about the pause in quarterly donations. We’re back. Second break of the day. Birchall cross. Elon Musk confirms xAI used OpenAI’s models to train Grok Birchall has just been asked about the four Teslas. Birchall testifies about Musk’s contributions to OpenAI. A woman in the gallery has lowered a sleep mask over her eyes and is attempting to sleep. Musk steps down. He may be recalled. We are on re-cross. Musk is getting testy again. The Microsoft investment comes back up. And we’re back. We’re in break — and I just checked out something interesting. Elon Musk’s robot army definitely will not kill you. Musk insists he wasn’t kneecapping OpenAI. Musk seems notably more subdued today. “At least change the name,” Musk says he told Altman. Elon Musk v. Capitalism. An “ongoing conversation” around open source. We’re still talking about whether Musk read the term sheet. The jurors have been seated. Musk has just entered the courtroom. “Issues of extinction are excluded.” Good morning! Elon Musk’s worst enemy in court is Elon Musk Freedom! Unfortunately we will not be talking about safety details of any specific product. The jury is leaving for the day. “I suspect it’s a nice day out there,” YGR says. MechaHitler might be a bad look for the AI safety defender. Musk’s broader AI safety commitment (or lack thereof) comes up. This is so testy. Did Musk even read the OpenAI term sheet? Musk asked Shivon Zilis to stay “close and friendly” with OpenAI to keep info flowing. Musk says xAI probably won’t be the first to get to AGI. We’re back from a break, talking about SpaceX and xAI. Don’t worry about Tesla’s robot army! “You mostly do unfair questions.” “It’s a free country.” “Will you answer my question?” Musk’s desire for control comes up again. “This is a hypothetical.” Did Musk initially envision OpenAI as a corporation? Musk is being combative on cross already. “I did say that I would commit up to a billion dollars, yes.” Is Tesla really not working on AGI? Musk is returning to the stand. At times, being a judge is much like being a kindergarten teacher. We’re on a break. “I mean, all due respect to Microsoft, do you really want Microsoft controlling digital superintelligence?” “What’s going on here this is a bait and switch.” A Musk-Altman spat about Microsoft. Musk really cannot help himself. “Capped profit” wasn’t an issue, even when Microsoft got involved. “Tesla is not pursuing AGI.” Musk is more on his game today. “After I received these reassurances that OpenAI would continue to be a nonprofit I continued to donate over $10 million.” “I actually was a fool who provided free funding for them to create a startup.” More discussion of who would own OpenAI. “I don’t lose my temper,” says Elon Musk. “2017 was a hard year, and we’ve made mistakes.” “I formed many for-profit tech companies, and could have done so with OAI,” “Crystal clear focus.” Sam Altman has just entered the room, right ahead of the jury. A member of the public just got dressed down by YGR about taking photos. Musk v. Altman et al. is back in session. In naming OpenAI, Elon Musk worried anything related to the Turing Test could mean bad PR. Elon Musk appeared more petty than prepared That’s a wrap! YGR scolds OpenAI for taking inconsistent positions on the origin of its name. Elon Musk tells the jury that all he wants to do is save humanity Arguments over ownership. Apparently OpenAI could have had an ICO. “I was not averse to a small for-profit,” Musk says. We’re reading emails between Musk and Jensen Huang. Musk says nonprofit was non-negotiable for OpenAI. We’re at the founding of OpenAI. Musk says he would have created something like OpenAI on his own. Musk recalls meeting Sam Altman. Sam Altman left during a break, but Elon Musk’s lawyer didn’t notice. “Here we are in 2026 and AI is scary smart.” “I have extreme concerns about AI,” says Musk. AI will be as smart as “any human as soon as next year.” Musk claims he has time for SpaceX, Tesla, Neuralink, and the Boring Company because he works a lot. Musk is telling the jury he (co)founded Tesla. Neuralink’s long-term goal is… AI? “There need to be things that people are excited about that make life worth living … Being out there among the stars can excite everyone.” A little Musk biography. Elon Musk, looking funereal in a black suit with a black tie, says “it’s not okay to steal a charity.” Elon Musk takes the stand in high-profile trial against OpenAI We are back from a break. Elon Musk will be the first witness in Musk v. Altman. “Microsoft unlocked with OpenAI a virtuous cycle.” Microsoft enters the chat. “We are here because Mr. Musk didn’t get his way at OpenAI.” “[Musk] demanded control, he demanded the ability to make all the decisions without regard to the other founders.” OpenAI lawyers argue that Elon was right in the middle of discussions about a for-profit pivot. “Musk was furious that OpenAI succeeded.” OpenAI: Musk’s lawsuit is a “pageant of hypocrisy.” Sam Altman’s “related party conflicted transactions” are how he made money on OpenAI, Molo says. Technical difficulties. OpenAI is like a museum store that has looted the Picassos and pocketed the profits. AGI might be out of fashion in the AI world, but it will be at the center of this trial. “The defendants in this case stole a charity.” Musk and Altman go to court Good morning from the Musk v. Altman line outside the courtroom. Jury selection in Musk v. Altman: ‘People don’t like him’ We have a jury. Elon Musk’s lawyer tried to get some jurors thrown out for disliking Musk. Apparently things are exciting outside. We have gone through the first 20 potential jurors. Voir dire has begun. The Elon Musk vs. OpenAI trial starts today. Elon Musk drops fraud claims against OpenAI and Sam Altman before trial. Musk vs. Altman is here, and it’s going to get messy Elon Musk is about to be a very busy boy! ‘Sideshow’ concerns and billionaire dreams: What I learned from Elon Musk’s lawsuit against OpenAI Elon Musk’s xAI is suing OpenAI and Apple Inside Elon Musk’s messy breakup with OpenAI Elon Musk is suing OpenAI and Sam Altman again
TechnologyThe app store for robots has arrived: Hugging Face launches open-source Reachy Mini App Store with 200+ apps
There's an app for nearly every imaginable user and use case these days, but one thing they all have in common is that they're centered around one device: the smartphone. That changes today as Hugging Face, the 10-year-old New York City startup best known for being the go-to place online to host and use cutting-edge, open-source AI models, agents and applications, launches a new App Store for Reachy Mini, its low-cost ($299) open-source physical robot that debuted back in July 2025 (itself the fruit of Hugging Face's acquisition of another startup, Pollen Robotics). The new Hugging Face Reachy Mini App Store already hosts a library of over 200 community-built applications, and Reachy Mini owners will be able to download any of these free of charge to start (unlike smartphone apps, there's no monetization option for app creators on this store — yet). The Reachy Mini App Store will also offer Reachy Mini owners — around 10,000 units have been sold so far since last year — an easy means of building their own custom apps for the tiny, stationary desktop robot with built-in camera eyes, speaker, and microphone, via Hugging Face's existing, AI-powered agent called "ML Intern." The significance lies not just in the hardware, but in the removal of the "roboticist" barrier; for the first time, individuals without a background in engineering or coding are shipping functional robotics software in under an hour. "Anyone can build the apps," said Clément Delangue, CEO and co-founder of Hugging Face, in a video interview with VentureBeat. "My intuition is that more and more [AI] model builders will release on Reachy Mini as a way to test the robotics ability of new models." Make robots as accessible to laypeople as PCs and smartphones The technical bottleneck in robotics has historically been the scarcity of high-quality training data. While Large Language Models (LLMs) have mastered general-purpose coding by training on massive repositories like Microsoft's GitHub, the volume of code specific to robotics remains "tiny" by comparison (though Github does contain likely the largest existent, publicly accessible library of robotics code to date, with more than 17,000 different repositories or "repos" dedicated to the field). This lack of data has meant that, until now, AI agents were relatively poor at understanding the physical abstractions and firmware requirements of hardware. Hugging Face’s solution is an agentic toolkit that acts as an intermediary. Rather than forcing a user to learn a specific robotics SDK or master the nuances of a robot's firmware, the toolkit allows a user to describe a desired behavior in plain English—for instance, "wave when someone says good morning". An AI agent then handles the heavy lifting: it writes the code, tests it against the robot's specific constraints, and ships the final package "Historically, it’s been extremely hard," Delangue told VentureBeat of building robotics applications. "But we’ve worked really hard on the topic with a mix of open sourcing everything we do, working on the right abstractions for robotics, and making it easier for agents to understand and use it." The platform is model-agnostic, supporting a wide range of leading intelligence engines. Users can build apps using Hugging Face’s own ML Intern agent or leverage external models including GPT-5.5, Claude Opus 4.6, Kimmy 2.6, Mini Max GM5, and Deep Sig V4 Pro. For real-time interaction, the official conversation apps utilize OpenAI Realtime and Gemini Live. By providing these high-level abstractions, Hugging Face has collapsed the traditional "integration weeks" of robotics work into a process that takes minutes. Low-cost Reachy Mini is a hit In order to take advantage of the new Hugging Face Reachy Mini App Store, users are encouraged to purchase Reachy Mini, a cute desktop robot Hugging Face launched back in July 2025 as an affordable, open-source alternative to the existing, commercially available robots from the likes of Boston Dynamics, whose infamous Spot robot dog retails for around $70,000. Even Chinese competitors start at $1,900+. In contrast, the Reachy Mini is accessibly priced for hobbyists and developers. It comes in two variants: Reachy Mini Lite ($299 plus shipping): A tethered version that connects via USB and uses an external computer for processing. Reachy Mini Wireless ($449 plus shipping): A standalone version featuring an on-board Raspberry Pi CM 4 and Wi-Fi connectivity. Delangue said that of the 10,000 Reachy Mini units sold so far, 3,000 were sold in just the past two weeks. Hugging Face expects to ship another 1,000 units within the next 30 days. Even those who don't own a Reachy Mini can still develop apps for it, however, using the Reachy Mini App Store and the Reachy App, which contains a 3D simulation of the robot and its responses. The App Store itself is hosted on the Hugging Face Hub. It functions much like a standard software repository but for hardware behaviors: Search and Install: Users can find apps, click a button, and install them directly to their robot. Forkability: Every app is "forkable," meaning a user can duplicate an existing app and ask an AI agent to modify it (e.g., "make it answer in French"). Simulation Mode: Crucially, the store includes a browser-based simulator. This allows users who do not own a physical Reachy Mini to build, test, and play with the catalog in a virtual environment. Both are part of Hugging Face's ongoing "Le Robot" effort — a project that began in 2024 with Hugging Face researchers specializing in robotics and AI developing and publishing on the web their own open-source code, tutorials, and hardware to make robotics development more accessible to a wider audience. And unlike Github, which is designed for a developer audience, the Hugging Face Reachy Mini App Store is designed for robot owners and users who may have no technical experience or training whatsoever. Continuing with the open-source ethos and practice Hugging Face’s strategy is rooted in the belief that closed-source hardware and software are "almost impossible" to build for at scale. Delangue notes that closed systems prevent the training of agents and limit the ability of the community to innovate. Consequently, the entire Reachy Mini platform is open-source. This open licensing model has two primary implications for the ecosystem: Accelerated Development: Because the code is public and integrated with the Hugging Face ecosystem via "Spaces," Hugging Face's feature for hosting AI-powered web apps launched in 2021, agents can more easily learn how to interact with the hardware. Community Sovereignty: Apps are not locked behind a proprietary wall. Currently, all 200+ apps on the store are free, though the platform's foundation on "Spaces" provides the flexibility for creators to potentially monetize their work in the future. "For the moment, all the apps are free," Delangue noted. "It’s flexible, it’s built on [Hugging Face] Spaces, so at some point maybe people are going to make them paid." Robotics enters its accessible hobbyist era Hugging Face's Reachy Mini App Store is launching with 200 apps already available. So who built them, and how did they do it without this platform existing prior? Delangue told VentureBeat that more than 150 different creators have contributed to the store, most of whom had never written a line of robotics code before. Yet, they have been able to do so thanks to Hugging Face's ML Intern and Github. The new Hugging Face Reachy Mini App Store now puts the tools and existing apps into one place for easier accessibility. Delangue was keen to highlight one of the early Reachy robotics app developers in particular to VentureBeat: Joel Cohen, a 78-year-old retired marketing executive. Cohen, who is colorblind and has no technical background, spent two weeks assembling his Reachy Mini Lite (a task that usually takes three hours). Despite these physical challenges, he used an AI agent to build a "VP of Future Thinking" facilitator for his Zoom-based CEO peer groups. The app enables the robot to: Greet 29 members by name. Fact-check discussions in real-time. Summarize key themes and push back on surface-level answers. "I built this by describing what I needed in plain English," Cohen stated in a press release provided to VentureBeat ahead of the launch. "No SDK. No robotics background. No developer experience". Other community-driven applications include: Emotional Damage Chess: A robot that plays chess and mocks the user’s blunders. Reachy Phone Home: An anti-procrastination tool that detects when a user picks up their phone and tells them to get back to work. Language Tutor: A physical companion that listens to speech and corrects accents. F1 Race Commentator: A desk companion that calls Formula 1 races live as they happen. Delangue himself related to VentureBeat that in only a few hours, he built an app for his own Reachy Mini robot at the Hugging Face Miami office to have the robot act as a receptionist. “It basically does face recognition to detect when you arrive in the office, and then it looks at you and onboards you," Delangue related. "It says, ‘Hey, welcome to the office. Who are you here to see?’ Then it sends me a message: ‘Carl just arrived at the office. He’s here to meet you, and for these reasons.’ It works a little bit as my welcoming booth at the office, and it took me less than two hours to build that.” Even for an experienced founder and developer as Delangue, building apps for a robot was out of the question until the combination of Reachy Mini and ML Intern. “For me, it would have been impossible," the Hugging Face CEO said. "If you weren’t a robotics developer, it probably would have been impossible, or it would have taken a few months." Democratizing robotics The launch of the agentic App Store signals a fundamental shift in how we interact with machines. For sixty years, the field was gated by the requirement for deep technical expertise. By combining low-cost open hardware with the reasoning capabilities of modern AI agents, Hugging Face is moving toward a future where the hardware is a commodity and the behavior is limited only by what a user can describe. As Delangue noted during the launch, the goal was to provide a platform for people who "want to get into robotics but don’t have the hardware or the skills". With nearly 10,000 robots now "in the wild" and a burgeoning store of agent-written apps, the Reachy Mini has become the most widely deployed open-source desktop robot in history. The question is no longer how to build a robot, but what—now that the gate is open—we will ask them to do.
TechnologyBest Carry-On Suitcases (2026): Away, Rimowa, Tumi
I feel about luggage carousels the same way I feel about head lice: avoid at all costs. These are the best carry-on suitcases for those who never want to check a bag again.
TechnologyA Library Dedicated Solely to the Epstein Files Is Opening in New York
The Institute for Primary Facts has compiled more than 3.5 million pages of the Epstein files for public display at the newly opened Donald J. Trump and Jeffrey Epstein Memorial Reading Room.
TechnologyZest Maps Is the AI-Powered ‘Spiritual Successor to Foursquare’
This new app tracks every time you swipe your card at a cool restaurant—and tells all your friends.
5 science-backed pricing tips from the U.K.’s top marketing podcast
In 2007, Coulter and Coulter showed two advertisements to two random groups of customers. Each advertised £10 discounts on flights to Turkey. One listed the tickets at £188. The other showed a higher price: £233.
Brand Visibility: How to Increase It in the Era of AI
Brand visibility determines whether your business gets found or gets passed over — in search results, on social feeds, and increasingly, in AI-generated answers. It’s one of the highest-leverage investments a marketing team can make, and also one of the most commonly mismanaged.
TechnologyScaling AI into production is forcing a rethink of enterprise infrastructure
Presented by Nutanix Across industries, organizations are focused on how to move from AI pilots, proofs of concept, and cloud-based experimentation to deploying it at scale — across real workloads, for real users, in real business environments. VentureBeat spoke with Tarkan Maner, president and chief commercial officer at Nutanix, and Thomas Cornely, EVP of product management, about what that transition demands, and what it will take to get it right. “AI in general is shifting everything we do, not only in technology, but across all vertical industries, from regulated industries like banking, health care, government, education to non-regulated industries like manufacturing and retail,” Maner said. “As a complete platform company, we welcome this change. It’s creating more opportunities for us as a company to serve our customers in better ways as we move forward.” But there’s still a practical gap between experimentation and production, Cornely said. “It’s one thing to do an experiment, to do a prototype. It’s a different thing to take that prototype and deploy it for 10,000 employees,” he explained. “We went from people focusing on training models to chatbots to now doing agents, where the demand and pressures on AI infrastructure are growing exponentially.” Agentic AI introduces a new layer of enterprise complexity The rise of agentic AI is what makes this transition especially consequential. These systems introduce multi-step workflows across applications and data sources, along with a degree of autonomy that creates new operational demands. Enterprises now have to contend with multiple agents running simultaneously, unpredictable and real-time workloads, and the need to coordinate access to infrastructure across teams. “OpenClaw is making it very easy now for anybody to build agents and run with agents,” Cornely said. “You want those agents to be running on premises with your data. You need to have the right constructs around it to protect the enterprise from what an agent could do.” As these systems become more autonomous, the challenge extends beyond how they operate to how they interact with enterprise data, systems, and teams. AI is augmenting human work, not replacing it Agentic AI is fundamentally an amplifier of human capability rather than a substitute for it, Maner said. The goal for enterprises is not to eliminate human work but to find the right balance between human decision-making, AI-driven automation, and agent-based workflows. “We believe that there’s going to be love, peace, and harmony between AI, agentic tools, and robotics systems, and human capital,” Maner said. “That harmony can be optimized for better outcomes for businesses, enterprises, governments, and public sector organizations, if the right vendors provide the right tooling and the right services.” How enterprises are getting started with AI at scale In practice, the move from experimentation into real-world deployment is where the challenges become most visible. Despite the momentum, many are still working through how to scale AI beyond initial use cases. As they do, organizations quickly run into practical constraints. Many start in the cloud because of easy access to resources and services, but practical considerations like data, governance and control, and cost quickly come to the forefront. The cloud can be used to experiment, with the ultimate goal of bringing applications back on premises as they move toward production, using platforms that solve for security and cost. The use cases gaining the most traction include document search and knowledge retrieval, security and predictive threat detection, software development and coding workflows, and customer support and service operations. In the security realm, banking customers and others in Europe and the U.S. are deploying AI-driven tools including facial recognition and predictive threat detection. Meanwhile, there’s a growing focus on end-to-end, 360-degree customer engagement, from pre-sales through post-sales advocacy, in the customer support industry. Industry-specific AI transformation is already underway Across industries, the shift from experimentation to real deployment is already taking shape in distinct ways. In retail, AI is transforming store operations with cameras and robotics used for targeted in-aisle marketing at the moment of purchase decision, while cashier-less checkout is replacing traditional POS systems, and the human capital freed up is being redeployed to back-office and merchandising functions. In healthcare, Nutanix works with customers on applications spanning diagnosis, treatment, remote health, and hospital operations, with cloud partners including AWS and Azure. In manufacturing and logistics, the transformation is equally significant. The operational challenges of scaling enterprise AI As AI use cases scale, enterprises are running into a new class of operational challenges. Managing multiple AI workloads and agents, coordinating infrastructure access across teams, ensuring security and governance, and integrating AI systems with existing business processes are now top-of-mind concerns for IT and business leaders alike. The gap between AI developers pushing for speed and access, and infrastructure teams responsible for security, uptime, and governance, is one of the defining challenges of this moment. “Now I’m running agents, and they’re all going to fight to get access to resources to solve my problems,” Cornely said. “What you want now is infrastructure that allows you to set constraints, govern resources.” The AI factory: a shared platform for production AI These challenges are driving demand for what Maner and Cornely describe as the AI factory: a shared infrastructure environment that supports multiple users and workloads simultaneously, enabling both experimentation and production while balancing developer agility with enterprise governance. At GTC 2026, Nutanix announced the Nutanix Agentic AI Solution, a complete platform spanning core infrastructure, Kubernetes-based container services running on a topology-aware hypervisor, and advanced services for building and governing agents. “We’re launching a complete platform, from core infrastructure through PaaS and advanced PaaS services to the whole management framework for your AI factories,” Cornely said. “Really enabling self-service for the teams that will build these applications in the enterprise.” Hybrid environments are essential to enterprise AI strategy Operating this kind of environment requires flexibility across infrastructure. Hybrid infrastructure is not a compromise, but a requirement. Some workloads will always run in the public cloud, while others must remain on premises due to security requirements, regulatory compliance, data sovereignty, or competitive IP considerations. “Especially in the regulated industries, as sovereignty becomes a bigger issue, data gravity becomes a bigger issue, security, and also a lot of competitive differentiation in the industry, it’s going to depend on what the company wants for their own IP,” Maner said. This is the foundation of Nutanix’s platform position, he added. “We are the perfect harmony, bringing those applications, that data, and all the optimization for these use cases end to end, from on-prem to off-prem and in a hybrid mode,” he said. “Doing it not only in one cloud, but for multiple clouds.” That flexibility also extends to the broader ecosystem. Nutanix works across hyperscalers including AWS, Azure, and Google Cloud, as well as regional service providers and emerging neoclouds. Nutanix offers neoclouds a full software stack to run their own clouds and deliver advanced AI services, giving enterprise customers already running Nutanix a simple extension of compute, networking, and AI capabilities. Maner described the arrangement as a win for both sides. For enterprises, it means simplified access to hybrid AI services. For neoclouds, it means a proven platform to build on. It’s all automated and secure by default, Cornely added. “All of those governance problems that now come up with agentic AI are the same problems we’ve been solving for the last 16 years for every other application running in your cloud,” he said. From pilot to production: operationalizing AI across the enterprise Ultimately, the goal is not to run a successful AI pilot, but to operationalize AI across real-world use cases, manage infrastructure as a shared resource, support collaboration between infrastructure teams and AI developers, and scale from initial projects to enterprise-wide deployment. “There’s a massive gap right now between people building AI applications, those AI engineers, those agentic AI developers, and your classical infra teams,” Cornely said. “They need tooling to enable the infra teams, so they can support your AI engineers. That’s what we deliver with our agentic AI solution.” Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact [email protected].
Marketing15 Things About Running A Small Business in 2026 That Are The Same as 2006
A lot has changed in business over the past 20 years — but the real value often lies in understanding what hasn’t, and why those constants still shape performance today.
TechnologyMiami startup Subquadratic claims 1,000x AI efficiency gain with SubQ model; researchers demand independent proof.
A little-known Miami-based startup called Subquadratic emerged from stealth on Tuesday with a sweeping claim: that it has built the first large language model to fully escape the mathematical constraint that has defined — and limited — every major AI system since 2017. The company claims its first model, SubQ 1M-Preview, is the first LLM built on a fully subquadratic architecture — one where compute grows linearly with context length. If that claim holds, it would be a genuine inflection point in how AI systems scale. At 12 million tokens, the company says, its architecture reduces attention compute by almost 1,000 times compared to other frontier models — a figure that, if validated independently, would dwarf the efficiency gains of any existing approach. The company is also launching three products into private beta: an API exposing the full context window, a command-line coding agent called SubQ Code, and a search tool called SubQ Search. It has raised $29 million in seed funding from investors including Tinder co-founder Justin Mateen, former SoftBank Vision Fund partner Javier Villamizar, and early investors in Anthropic, OpenAI, Stripe, and Brex. The New Stack reported that the raise values the company at $500 million. The numbers Subquadratic is publishing are extraordinary. The reaction from the AI research community has been, to put it mildly, mixed — ranging from genuine curiosity to open accusations of vaporware. Understanding why requires understanding what the company claims to have solved, and why so many prior attempts to solve the same problem have fallen short. The quadratic scaling problem has shaped the economics of the entire AI industry Every transformer-based AI model — which includes virtually every frontier system from OpenAI, Anthropic, Google, and others — relies on an operation called "attention." Every token is compared against every other token, so as inputs grow, the number of interactions — and the compute required to process them — scales quadratically. In plain terms: double the input size, and the cost doesn't double. It quadruples. This relationship has shaped what gets built and what doesn't. The industry standard is 128,000 tokens for many AI models and up to 1 million tokens for frontier cloud models such as Claude Sonnet 4.7 and Gemini 3.1 Pro. Even at those sizes, the cost of processing long inputs becomes punishing. The industry built an elaborate stack of workarounds to cope. RAG systems use a search engine to pull a small number of relevant results before sending them to the model, because sending the full corpus isn't feasible. Developers layer retrieval pipelines, chunking strategies, prompt engineering techniques, and multi-agent orchestration systems on top of models — all to route around the fundamental constraint that the model itself can't efficiently process everything at once. Subquadratic's argument is that these workarounds are expensive, brittle, and ultimately limiting. As CTO Alexander Whedon told SiliconANGLE in an interview, "I used to manually curate prompts and retrieval systems and evals and conditional logic to chain together the workflows. And I think that that is kind of a waste of human intelligence and also limiting to the product quality." Subquadratic's fix is deceptively simple: stop doing the math that doesn't matter The company's approach, called Subquadratic Sparse Attention or SSA, is built on a straightforward premise: most of the token-to-token comparisons in standard attention are wasted compute. Instead of comparing every token to every other token, SSA learns to identify which comparisons actually matter and computes attention only over those positions. Crucially, the selection is content-dependent — the model decides where to look based on meaning, not on fixed positional patterns. This allows it to retrieve specific information from arbitrary positions across a very long context without paying the quadratic tax. The practical payoff scales with context length — exactly the inverse of the problem it's trying to solve. According to the company's technical blog, SSA achieves a 7.2x prefill speedup over dense attention at 128,000 tokens, rising to 52.2x at 1 million tokens. As Whedon put it: "If you double the input size with quadratic scaling laws, you need four times the compute; with linear scaling laws, you need just twice." The company says it trained the model in three stages — pretraining, supervised fine-tuning, and a reinforcement learning stage specifically targeting long-context retrieval failures — teaching the model to aggressively use distant context rather than defaulting to nearby information, a subtle failure mode that quietly degrades performance in existing systems. Three benchmarks paint a strong picture, but what they leave out may matter more On the surface, SubQ's benchmark numbers are competitive with or superior to models built by organizations spending billions of dollars. On SWE-Bench Verified, it scored 81.8% compared to Opus 4.6's 80.8% and DeepSeek 4.0 Pro's 80.0%. On RULER at 128,000 tokens, a standard benchmark for reasoning over extended inputs, SubQ scored 95% — edging out Claude Opus 4.6 at 94.8%. On MRCR v2, a demanding test of multi-hop retrieval across long contexts, SubQ posted a third-party verified score of 65.9%, compared with Claude Opus 4.7 at 32.2%, GPT-5.5 at 74%, and Gemini 3.1 Pro at 26.3%. But several details warrant scrutiny. The benchmark selection is narrow — exactly three tests, all emphasizing long-context retrieval and coding, the precise tasks SubQ is designed for. Broader evaluations across general reasoning, math, multilingual performance, and safety have not been published. The company says a comprehensive model card is "coming soon." According to The New Stack, each benchmark model was run only once due to high inference cost, and the SWE-Bench margin is, as the company's own paper acknowledges, "harness as much as model." In benchmark methodology, single runs without confidence intervals leave room for variance. There is also a significant gap between SubQ's research results and its production model. On MRCR v2, the company reported a research score of 83 — but the third-party verified production model scored 65.9. That 17-point gap between the lab result and the shipping product is notable and largely unexplained. Subquadratic also told SiliconANGLE that on the RULER 128K benchmark, SubQ scored 95% accuracy at a cost of $8, compared with 94% accuracy and about $2,600 for Claude Opus — a remarkable cost claim. But the company has not publicly disclosed specific API pricing, making it impossible to independently verify the cost-per-task comparisons. The AI research community's verdict ranges from 'genuine breakthrough' to 'AI Theranos' Within hours of the announcement, the AI research community erupted into a debate that crystallized around a single question: Is this real? AI commentator Dan McAteer captured the binary mood in a widely shared post: "SubQ is either the biggest breakthrough since the Transformer... or it's AI Theranos." The comparison to the infamous blood-testing fraud company may be unfair, but it reflects the scale of the claims being made. Skeptics zeroed in on several pressure points. Prominent AI engineer Will Depue initially noted that SubQ is "almost surely a sparse attention finetune of Kimi or DeepSeek," referring to existing open-source models. Whedon confirmed this on X, writing that the company is "using weights from open-source models as a starting point, as a function of our funding and maturity as a company." Depue later escalated his criticism, writing that the company's O(n) scaling claims and the speedup numbers "don't seem to line up" and called the communication "either incredibly poorly communicated or just not real." Others raised structural questions. One developer noted that if SubQ truly reduces compute by 1,000x and costs less than 5% of Opus, the company should have no trouble serving it at scale — so why gate access through an early-access program? Developer Stepan Goncharov called the benchmarks "very interesting cherry-picked benchmarks," while another commenter described them as "suspiciously perfect." But not everyone was dismissive. AI researcher John Rysana pushed back on the Theranos framing, writing that the work is "just subquadratic attention done well which is very meaningful for long context workloads," and that "odds of it being BS are extremely low." Linus Ekenstam, a tech commentator, said he was "extremely intrigued to see the real-world implications" particularly for complex AI-powered software. Magic.dev made strikingly similar claims two years ago — and then went quiet Perhaps the most pointed critique of SubQ's launch comes not from its specific claims but from recent history. Magic.dev announced a 100-million-token context-window model in August 2024, with a claimed 1,000x efficiency advantage, and raised roughly $500 million on the strength of those claims. As of early 2026, there is no public evidence of LTM-2-mini being used outside Magic. The parallels are uncomfortable. Both companies claimed massive context windows. Both touted roughly 1,000x efficiency gains. Both targeted software engineering as their primary use case. And both launched with limited external access. The broader research landscape reinforces the caution. Kimi Linear, DeepSeek Sparse Attention, Mamba, and RWKV all promised subquadratic scaling, and all faced the same problem: architectures that achieve linear complexity in theory often underperform quadratic attention on downstream benchmarks at frontier scale, or they end up hybrid — mixing subquadratic layers with standard attention and losing the pure scaling benefits. A widely cited LessWrong analysis argued that these approaches "are all better thought of as 'incremental improvement number 93595 to the transformer architecture'" because practical implementations remain quadratic and "only improve attention by a constant factor." Subquadratic is directly aware of this history. Its own technical blog specifically addresses each prior approach — fixed-pattern sparse attention, state space models, hybrid architectures, and DeepSeek Sparse Attention — and argues that SSA avoids their tradeoffs. Whether it actually does remains an empirical question that only independent evaluation can settle. A five-time founder, a former Meta engineer, and $29 million to prove the doubters wrong The team behind the claims matters in evaluating them. CEO Justin Dangel is a five-time founder and CEO with a track record across health tech, insurancetech, and consumer goods, and his companies have scaled to hundreds of employees, attracted institutional backing, and reached liquidity. CTO Alexander Whedon previously worked as a software engineer at Meta and served as Head of Generative AI at TribeAI, where he led over 40 enterprise AI implementations. The team includes 11 PhD researchers with backgrounds from Meta, Google, Oxford, Cambridge, ByteDance, and Adobe. That is a credible collection of talent for an architecture-level research effort. But neither co-founder has published foundational AI research, and the company has not yet released a peer-reviewed paper. The technical report is listed as "coming soon." The funding profile is unusual for a company making frontier AI claims. Subquadratic raised $29 million at a reported $500 million valuation — a steep price for a seed-stage company with no publicly available model, no peer-reviewed research, and no disclosed revenue. The investor base, led by Tinder co-founder Mateen and former SoftBank partner Villamizar, skews toward consumer tech and growth investing rather than deep technical AI research. The company is not open-sourcing its weights but plans to offer training tools for enterprises to do their own post-training, and has set a 50-million-token context window target for Q4. The real test for SubQ isn't benchmarks — it's whether the math survives independent scrutiny Strip away the marketing language and the social media drama, and the underlying question Subquadratic is asking is genuinely important: Can AI systems break free of quadratic scaling without sacrificing the quality that makes them useful? The stakes are enormous. If attention can be made truly linear without degrading retrieval and reasoning, the economics of AI shift fundamentally. Enterprise applications that today require elaborate retrieval pipelines — processing entire codebases, contracts, regulatory filings, medical records — become single-pass operations. The billions of dollars currently spent on RAG infrastructure, context management, and agentic orchestration become partially redundant. Whedon's willingness to engage publicly with technical criticism — posting a technical blog within hours of pushback — suggests a team that understands it needs to show its work, not just describe it. And to its credit, the company acknowledged openly that it builds on open-source foundations and that its model is smaller than those at the major labs. Every frontier model in 2026 advertises a context window of at least a million tokens, but almost none of them are actually great at making use of all that information. The gap between a nominal context window and a functional one — between what a model accepts and what it reliably reasons over — remains one of the most important unsolved problems in AI. Subquadratic says it has closed that gap. If independent evaluation confirms that claim, the implications would ripple far beyond a single startup's valuation. If it doesn't, the company joins a growing list of long-context promises that sounded revolutionary on launch day and unremarkable six months later. In computing, every fundamental constraint eventually falls. When it does, the breakthrough never comes from the direction the industry expected. The question hanging over Subquadratic is whether a team of 11 PhDs and a $29 million seed round actually found the answer that has eluded organizations spending thousands of times more — or whether they just found a better way to describe the problem.
TechnologyGPT-5.5 Instant shows you what it remembered — just not all of it
OpenAI updated the default model for ChatGPT to its new GPT-5.5 Instant, along with a new memory capability that finally shows which context shaped responses — at least some of them. This limitation signals that models are starting to create a second, incomplete memory observability layer that could conflict with existing audit systems and agent logs. GPT-5.5 Instant replaces GPT-5.3 Instant as the default ChatGPT model and is a version of its new flagship GPT-5.5 LLM. It’s supposed to be more dependable, accurate and smarter than 5.3. But it’s the introduction of memory sources, which will be enabled across all models in the platform, that could help enterprises in their projects. “When a response is personalized, you can see what context was used, such as saved memories or past chats, and delete or correct it if something is outdated or no longer relevant,” OpenAI said in a blog post. When a user asks ChatGPT something, users can tap the sources button (at the bottom of the response) to see which files or past chats the model tapped to find the answer. Users also have full control over the sources models can cite, and these sources will not be shared if the conversation is sent to others. The company said memory sources should make it easier to personalize model responses. Still, OpenAI admitted that the models “may not show every factor that shaped an answer” and promised to make the capability more comprehensive over time. What this means is that memory sources offer a semblance of observability in ChatGPT answers, but not full auditability yet. Competing memory systems Enterprises have a system in place to solve part of the memory and context problem with models and agents. Models are exposed to context through retrieval-augmented generation (RAG) pipelines; whatever the agent fetches from the vector databases is logged, and the agent's state is stored in a memory layer. All of this is tracked in application logs, usually in an orchestration or management layer with built-in observability. Ideally, this allows teams to trace failure back through the stack. The current system is imperfect; sometimes, it's not easy to trace failure points, but it’s at least internally consistent. For enterprises using ChatGPT, whether the default GPT-5.5 Instant or their model of choice, that’s no longer the case. The model surfaces its own version with memory sources that are wholly separate from existing retrieval logs — in short, a model-reported context. A problem arises if these cannot be reconciled reliably. And because memory sources only give users part of the picture — it’s unclear what ChatGPT’s limit on citing memory sources is — it becomes even harder to match what GPT-5.5 Instant said it tapped to what it actually did in the production environment. This situation creates a new failure mode: A competing context log. If something seems wrong, it can create inconsistencies that enterprises have to deal with. Malcolm Harkins, chief trust and security officer at HiddenLayer, told VentureBeat that memory sources "look like a pragmatic middle ground " in offering some transparency, but it's still not easy to see its value. "For enterprises, it's directionally useful but insufficient on its own," Harkins said. "Real value will depend on how it integrates with security, governance, access controls and audit systems." A more capable default model However, GPT-5.5 Instant handles memory, and OpenAI calls it an improvement over GPT-5.3 Instant. Internal evaluations showed GPT-5.5 Instant returned 52.5% fewer hallucinated claims than the previous default model, especially for high-stakes domains such as medicine, law, and finance. Inaccurate claims fell by 37.3% on challenging conversations. The company said the model improved on photo analysis and image uploads, answering STEM questions and knowing when to tap its own knowledge base or use web search. Peter Gostev, AI capability at independent model evaluator Arena, explained to VentureBeat in an email that the key result to watch about GPT-5.5 Instant is how it performs on the overall text rankings, especially because its predecessor did not have a strong showing. “Since GPT-4o, the strongest-performing OpenAI chat model on the Arena has been GPT-5.2-Chat, which still ranks 12th on the Overall Text Arena months after release," Gostev said. Notably, users preferred it even over the higher-reasoning GPT-5.2-High variant, which is currently ranked 52nd on the Arena. “By comparison, GPT-5.3-Chat, the previous default model in ChatGPT, was significantly less competitive, ranking 44th overall, 32 places below GPT-5.2-Chat.” What enterprises need to do about memory sources Organizations that rely on ChatGPT for some tasks will need to formalize how memory works for their stack. Memory sources are not limited to GPT-5.5 Instant; it is enabled for all models on the ChatGPT platform. To address the problem of competing memory sources, enterprises have to audit their memory management. Model-reported context could overlap or contradict these logs, so it’s best to define a clear source of truth. In the event of a failure, administrators know which log to believe. It would also be a good idea to decide whether or not to expose memory sources to users. ChatGPT only shows a select number of chats or files it used to complete a request. Some users may find more transparency trustworthy. Ultimately, the number one thing for enterprises to remember about memory sources is that what the model reports as its context is not the full picture for auditing. It’s a form of observability, but it cannot withstand a full examination.
TechnologyOne command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it
Just two months ago, researchers at the Data Intelligence Lab at the University of Hong Kong introduced CLI-Anything, a new state-of-the-art tool that analyzes any repo’s source code and generates a structured command line interface (CLI) that AI coding agents can operate with a single command. Claude Code, Codex, OpenClaw, Cursor, and GitHub Copilot CLI are all supported, and since its launch in March, CLI‑Anything has climbed to more than 30,000 GitHub stars. But the same mechanism that makes software agent-native opens the door to agent-level poisoning. The attack community is already discussing the implications on X and security forums, translating CLI-Anything's architecture into offensive playbooks. The security problem is not what CLI-Anything does. It is what CLI-Anything represents. CLI-Anything generates SKILL.md files, the same instruction-layer artifacts that Snyk’s ToxicSkills research found laced with 76 confirmed malicious payloads across ClawHub and skills.sh in February 2026. A poisoned skill definition does not trigger a CVE and never appears in a software bill of materials (SBOM). No mainstream security scanner has a detection category for malicious instructions embedded in agent skill definitions, because the category simply did not exist eighteen months ago. Cisco confirmed the gap in April. “Traditional application security tools were not designed for this,” Cisco’s engineering team wrote in a blog post announcing its AI Agent Security Scanner for IDEs. “SAST [static application security testing] scanners analyze source code syntax. SCA [software composition analysis] tools check dependency versions. Neither understands the semantic layer where MCP [Model Context Protocol] tool descriptions, agent prompts, and skill definitions operate.” Merritt Baer, CSO of Enkrypt AI and former Deputy CISO at Amazon Web Services (AWS), told VentureBeat in an exclusive interview: “SAST and SCA were built for code and dependencies. They don’t inspect instructions.” This is not a single-vendor vulnerability. It is a structural gap in how the entire security industry monitors software supply chains. This is the pre-exploitation window. CLI-Anything is live, the attack community is discussing it, and security directors who act now get ahead of the first incident report. The integration layer no stack can see Traditional supply-chain security operates on two layers. The code layer is where SAST works, scanning source files for insecure patterns, injection flaws, and hardcoded secrets. The dependency layer is where SCA works, checking package versions against known vulnerabilities, generating SBOMs, and flagging outdated libraries. Agent bridge tools like CLI-Anything, MCP connectors, Cursor rules files, and Claude Code skills operate on a third layer between the other two. Call it the agent integration layer: configuration files, skill definitions, and natural-language instruction sets tell an AI agent what software can do and how to operate it. None of it looks like code. All of it executes like code. Carter Rees, VP of AI at Reputation, told VentureBeat in an exclusive interview: “Modern LLMs [large language models] rely on third-party plugins, introducing supply chain vulnerabilities where compromised tools can inject malicious data into the conversation flow, bypassing internal safety training.” Researchers at Griffith University, Nanyang Technological University, the University of New South Wales, and the University of Tokyo documented the attack chain in an April paper, “Supply-Chain Poisoning Attacks Against LLM Coding Agent Skill Ecosystems.” The team introduced Document-Driven Implicit Payload Execution (DDIPE), a technique that embeds malicious logic inside code examples within skill documentation. Across four agent frameworks and five large language models, DDIPE achieved bypass rates between 11.6% and 33.5%. Static analysis caught most samples, but 2.5% evaded all four detection layers. Responsible disclosure led to four confirmed vulnerabilities and two vendor fixes. The kill chain security leaders need to audit Here's the anatomy of the kill chain: An attacker submits a SKILL.md file to an open-source project containing setup instructions, code examples, and configuration templates. It looks like standard documentation. A code reviewer would wave it through because none of it is executable. But the code examples contain embedded instructions that an agent will parse as operational directives. A developer uses an agent bridge tool to connect their coding agent to the repository. The agent ingests the skill definition and trusts it, because no verification layer exists to distinguish benign from malicious intent at the instruction level. The agent executes the embedded instruction using its own legitimate credentials. Endpoint detection and response (EDR) sees an approved API call from an authorized process and passes it. Data exfiltration, configuration changes, and credential harvesting are all moving through channels that the monitoring stack considers normal traffic. Rees identified the structural flaw that makes this chain lethal. “A significant vulnerability in enterprise AI is broken access control, where the flat authorization plane of an LLM fails to respect user permissions,” he told VentureBeat. A compromised skill definition riding that flat authorization plane does not need to escalate privileges. It already has them. Every link in that chain is invisible to the current security stack. Pillar Security demonstrated a variant of this chain against Cursor in January 2026 (CVE-2026-22708). Implicitly trusted shell built-in commands could be poisoned through indirect prompt injection, converting benign developer commands into arbitrary code execution vectors. Users saw only the final command. The poisoning happened through other commands the IDE never surfaced for approval. The evidence is already in production In a documented attack chain from April 2026, a crafted GitHub issue title triggered an AI triage bot wired into Cline. The bot exfiltrated a GITHUB_TOKEN, which the attacker used to publish a compromised npm dependency that installed a second agent on roughly 4,000 developer machines for eight hours. There was just one issue title. Attackers had eight hours of access. No human approved the action. Snyk’s ToxicSkills audit scanned 3,984 agent skills from ClawHub, the public marketplace for the OpenClaw agent framework, and skills.sh in February 2026. The results: 13.4% of all skills contained at least one critical security issue. Daily skill submissions jumped from less than 50 in mid-January to more than 500 by early February. The barrier to publishing was a SKILL.md markdown file and a GitHub account one week old. No code signing. No security review. No sandbox. OpenClaw is not an outlier. It is the pattern. “The bar to entry is extremely low,” Baer said. “Adding a skill can be as simple as uploading a Word doc or lightweight config file. That’s a radically different risk profile than compiled code.” She pointed to projects like ClawPatrol that have started cataloging and scanning for malicious skills, evidence the ecosystem is moving faster than enterprise defenses. The ClawHavoc campaign, first reported by Koi Security in late January 2026, initially identified 341 malicious skills on ClawHub. A follow-up analysis by Antiy CERT expanded the count to 1,184 compromised packages across the platform. The campaign delivered Atomic Stealer (AMOS) through skill definitions with professional documentation. Skills named solana-wallet-tracker and polymarket-trader matched what developers actively searched for. The MCP protocol layer carries similar exposure. OX Security reported in April that researchers poisoned nine out of 11 MCP marketplaces using proof-of-concept servers. Trend Micro initially found 492 MCP servers exposed to the internet with zero authentication; by April, that number had grown to 1,467. As The Register reported, the root issue lies in Anthropic’s MCP software development kit (SDK) transport mechanism. Any developer using the official SDK inherits the vulnerability class. VentureBeat Prescriptive Matrix: Three-layer agent supply-chain audit VentureBeat developed a Prescriptive Matrix by mapping the three attack layers documented in the research and incident reports above against the detection capabilities of current SAST, SCA, and agent-layer tools. Each row identifies what security teams should verify and where no scanner has coverage today. Layer Threat Current detection Why it misses Recommended action 1. Code Prompt injection in AI-generated code SAST scanners Most SAST tools have no detection category for prompt injection in AI-generated code Confirm that SAST scans AI-generated code for prompt injection. If not, have an open vendor conversation this quarter. 2. Dependencies Malicious MCP servers, agent skills, plugin registries SCA tools SCA generates no AI-specific bill of materials. Agent-layer dependencies are invisible. Confirm SCA includes MCP servers, agent skills, and plugin registries in the dependency inventory. 3. Agent integration Poisoned SKILL.md files, malicious instruction sets, adversarial rules files None until April 2026 No tool inspects the semantic meaning of agent instruction files. Baer: “We’re not inspecting intent.” Deploy Cisco Skill Scanner or Snyk mcp-scan. Assign a team to own this layer. Baer’s diagnosis of Layer 3 applies across the entire matrix: “Current scanners look for known bad artifacts, not adversarial instructions embedded in otherwise valid skills.” Cisco’s open-source Skill Scanner and Snyk’s mcp-scan represent the first tools purpose-built for this layer. Security director action plan Here's how security leaders can get ahead of the problem. Inventory every agent bridge tool in the environment. This includes CLI-Anything, MCP connectors, Cursor rules files, Claude Code skills, GitHub Copilot extensions. If the development team is using agent bridge tools that have not been inventoried, the risk cannot be assessed. Audit agent skill sources the same way package registries get audited. Baer’s framing is precise: “A skill is effectively untrusted executable intent, even if it’s just text.” Shut off ungoverned ingestion paths until controls are in place. Stand up a review and allowlisting process for skills. The OWASP Agentic Skills Top 10 (AST01: Malicious Skills) provides the procurement framework to align controls against. Deploy agent-layer scanning. Evaluate Cisco’s open-source Skill Scanner and Snyk’s mcp-scan for behavioral analysis of agent instruction files. If dedicated tooling is unavailable, require a second engineer to read every SKILL.md before installation. Restrict agent execution privileges and instrument runtime. AI coding agents should not run with the same credential scope as the developer who invoked them. Rees confirmed the structural flaw: The flat authorization plane means a compromised skill does not need to escalate privileges. Baer’s prescription: “Instrument runtime observability. What data is the agent accessing, what actions is it taking, and are those aligned with expected behavior?” Assign ownership for the gap between layers. The most dangerous attacks succeed because they fall between detection categories. Assign a team to own the agent integration layer. Review every SKILL.md, MCP config, and rules file before it enters the environment. The gap that already has a name Baer underscored the dangers of this new attack vector. “This feels very similar to early container security, but we’re still in the ‘we’ll get to it’ phase across most orgs," she said. She added that, at AWS, it took a few high-profile wake-up calls before container security became table stakes. The difference this time is speed. “There’s no build pipeline, no compilation barrier. Just content," she said. CLI-Anything is not the threat. It is the proof case that the agent integration layer exists, that it is growing fast, and that the attacker community has already found it. The 33,000 developers who starred the repository are telling security teams where software development is heading. Eighteen months ago, the detection category for agent-integration-layer poisoning did not exist. Cisco and Snyk shipped the first tools for it in April. The window between those two facts is closing. Security directors who have not begun inventory are already behind.
MarketingThe 3 Questions I Use to Audit My Leadership — and Keep My Team Moving Forward
Most leaders don't realize where their impact is breaking down — until it's too late. Here's a simple way to see it in real time.
MarketingPublic Relations Has Become Machine Relations — Most Founders Have No Idea What This Means
AI now decides whether your earned media gets surfaced, cited or ignored. Here is why founders need to rethink PR strategy right now.
MarketingThe New Security Risk Every Business Using AI Needs to Know About (and How to Protect Yourself)
Executives who underestimate the risks of autonomous systems are leaving their organizations exposed to the fastest-growing attack vector in the enterprise.
MarketingYour Employees Know What Phishing Looks Like. They’re Still Getting Fooled. Here’s Why.
AI phishing works because it exploits the way people communicate at work. Fixing it requires security teams and communications leaders working together.
Andrew Zimmern’s ‘Bizarre’ Strategy — Which Started With an Exorcism — Helped Him Break Into TV and Build a Food Empire
How a witch doctor in Ecuador and one very weird TV segment turned his show into a global brand.
MarketingWhy Your Brand Needs to Start Using Real Photos, Not Generic Imagery
Here's how to invest in custom visuals and turn that content into years of stronger engagement, trust and brand differentiation.
MarketingI Helped Grow a Startup to a $1.8 Billion Acquisition by Adobe — Here’s the Secret to Scaling Successfully
Here are five things I've learned about when and how to rebuild your business to get to the next stage.
Our Work
Websites, software, and apps built by TELMINS
MLS Ostomy Foundation
Nonprofit website for a Bahamian ostomy awareness & patient assistance foundation.
Argoscape Bahamas
Bahamian landscaping & outdoor construction company website — currently in development.
Island Ostomy
Caribbean ostomy supply & support service website — currently in development.